| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3434 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1064 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:48:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6B6AF4EB-73FA-4016-BB85-849292AED85E--D9CB31E5-7A75-436B-8D82-C4811C9C6391 (Friendly Name: 3602c13d-472a-4bac-8000-d8e5c7e210e9) successfully connected to port 723A70E0-420C-4EFB-8911-0E503FFCFDBB (Friendly Name: 3602c13d-472a-4bac-8000-d8e5c7e210e9) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3433 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1802171627-1075213306-2458158523-1591258770 | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6B6AF4EB-73FA-4016-BB85-849292AED85E--D9CB31E5-7A75-436B-8D82-C4811C9C6391 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3432 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6B6AF4EB-73FA-4016-BB85-849292AED85E--426E9639-1FEB-43C6-B529-D43E47D9C9E9 (Friendly Name: b3da46ce-a6b2-43fc-9f57-599059dddc8d) successfully connected to port 37660C04-F8F0-42DD-A6E2-F830F5E7D8F3 (Friendly Name: b3da46ce-a6b2-43fc-9f57-599059dddc8d) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3431 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1802171627-1075213306-2458158523-1591258770 | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6B6AF4EB-73FA-4016-BB85-849292AED85E--426E9639-1FEB-43C6-B529-D43E47D9C9E9 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3430 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6B6AF4EB-73FA-4016-BB85-849292AED85E--DBD2F897-1B4A-425B-A700-B5FE2B1FA172 (Friendly Name: 95d0ae9e-3bda-4d38-8c2f-108248c9c33c) successfully connected to port B6CB0032-207C-4E88-A682-0AEE042A0232 (Friendly Name: 95d0ae9e-3bda-4d38-8c2f-108248c9c33c) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3429 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1802171627-1075213306-2458158523-1591258770 | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6B6AF4EB-73FA-4016-BB85-849292AED85E--DBD2F897-1B4A-425B-A700-B5FE2B1FA172 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3428 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6B6AF4EB-73FA-4016-BB85-849292AED85E--42E3A508-A401-4D75-ACD8-ADE31921B00A (Friendly Name: 3aa54008-d24e-458b-9fc2-29247c536cf9) successfully connected to port 00CE1872-D8C0-4EC6-940E-B9368FE82E39 (Friendly Name: 3aa54008-d24e-458b-9fc2-29247c536cf9) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3427 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1802171627-1075213306-2458158523-1591258770 | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6B6AF4EB-73FA-4016-BB85-849292AED85E--42E3A508-A401-4D75-ACD8-ADE31921B00A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3426 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6B6AF4EB-73FA-4016-BB85-849292AED85E--E76C8EAA-7DA4-4C36-B924-E546333BA504 (Friendly Name: bfd6849f-907a-41ef-9ecc-4eeb1c5ef045) successfully connected to port B8896074-4435-45A5-A56C-CF359327202E (Friendly Name: bfd6849f-907a-41ef-9ecc-4eeb1c5ef045) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3425 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1802171627-1075213306-2458158523-1591258770 | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6B6AF4EB-73FA-4016-BB85-849292AED85E--E76C8EAA-7DA4-4C36-B924-E546333BA504 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3424 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6B6AF4EB-73FA-4016-BB85-849292AED85E--807428F0-A662-4D0B-AF71-652CB0CE9030 (Friendly Name: 8c7a310c-dca1-4f4e-ae81-a3ab64dad6d1) successfully connected to port CB81F770-DE48-4129-A740-C9B4EA6A437E (Friendly Name: 8c7a310c-dca1-4f4e-ae81-a3ab64dad6d1) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3423 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1802171627-1075213306-2458158523-1591258770 | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6B6AF4EB-73FA-4016-BB85-849292AED85E--807428F0-A662-4D0B-AF71-652CB0CE9030 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3422 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6B6AF4EB-73FA-4016-BB85-849292AED85E--24D5AF67-B4A8-45D3-A08B-996D523AF0F3 (Friendly Name: f09ff15d-e981-40a7-a6c2-7764cc204fa1) successfully connected to port 35961C62-61E1-4D5B-B7C4-1D1C36ED353D (Friendly Name: f09ff15d-e981-40a7-a6c2-7764cc204fa1) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3421 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1802171627-1075213306-2458158523-1591258770 | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6B6AF4EB-73FA-4016-BB85-849292AED85E--24D5AF67-B4A8-45D3-A08B-996D523AF0F3 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3420 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1260 | 2100 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:47:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3419 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:47:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3418 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:46:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3417 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:46:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3416 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 3976 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:46:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3415 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1232 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:46:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3414 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1232 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:46:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3413 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:46:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3412 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1064 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:46:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 43043641-E974-4C3E-89E8-CDC9EC3D2A7E--58A62010-16EE-4F12-8B1C-B9D45FDC8D68 (Friendly Name: 9ba1e961-8701-4469-80f8-4a4369693bec) successfully connected to port 0E440BFF-7A0A-4780-B110-6B498B0DABDA (Friendly Name: 9ba1e961-8701-4469-80f8-4a4369693bec) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3411 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1700 | 1832 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1124349505-1279191412-3385714825-2116697580 | 3/11/2022 10:44:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 43043641-E974-4C3E-89E8-CDC9EC3D2A7E--58A62010-16EE-4F12-8B1C-B9D45FDC8D68 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3410 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1700 | 1832 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:44:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 7073EE94-6B52-47D1-8D2D-A76032F49B26--2A9B31DD-F378-469B-A2EA-2467C69FD0E6 (Friendly Name: 057b5eb5-7e38-4ddc-a237-a2c37d45aa0f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3409 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3400 | 5076 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1886645908-1204906834-1621568909-647754802 | 3/11/2022 10:42:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7073EE94-6B52-47D1-8D2D-A76032F49B26--2A9B31DD-F378-469B-A2EA-2467C69FD0E6 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3408 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3400 | 5076 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1886645908-1204906834-1621568909-647754802 | 3/11/2022 10:42:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 7073EE94-6B52-47D1-8D2D-A76032F49B26--0FEA22D9-DB04-4145-AF10-8A18AB9C1B3F (Friendly Name: ca6aa75a-ec3a-4c12-99a2-248037398de5). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3407 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3400 | 5076 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1886645908-1204906834-1621568909-647754802 | 3/11/2022 10:42:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7073EE94-6B52-47D1-8D2D-A76032F49B26--0FEA22D9-DB04-4145-AF10-8A18AB9C1B3F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3406 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3400 | 5076 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1886645908-1204906834-1621568909-647754802 | 3/11/2022 10:42:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7073EE94-6B52-47D1-8D2D-A76032F49B26--0FEA22D9-DB04-4145-AF10-8A18AB9C1B3F (Friendly Name: ca6aa75a-ec3a-4c12-99a2-248037398de5) successfully connected to port B8BD5696-7B9F-4C96-827C-F3C47872BE00 (Friendly Name: ca6aa75a-ec3a-4c12-99a2-248037398de5) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3405 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3400 | 3812 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1886645908-1204906834-1621568909-647754802 | 3/11/2022 10:42:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7073EE94-6B52-47D1-8D2D-A76032F49B26--0FEA22D9-DB04-4145-AF10-8A18AB9C1B3F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3404 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3400 | 3812 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:42:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7073EE94-6B52-47D1-8D2D-A76032F49B26--2A9B31DD-F378-469B-A2EA-2467C69FD0E6 (Friendly Name: 057b5eb5-7e38-4ddc-a237-a2c37d45aa0f) successfully connected to port B6FDC1D6-3389-4428-989F-3A225F1C2EA8 (Friendly Name: 057b5eb5-7e38-4ddc-a237-a2c37d45aa0f) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3403 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3400 | 3812 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1886645908-1204906834-1621568909-647754802 | 3/11/2022 10:42:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7073EE94-6B52-47D1-8D2D-A76032F49B26--2A9B31DD-F378-469B-A2EA-2467C69FD0E6 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3402 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3400 | 3812 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:42:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3401 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:42:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B7F4E339-2B57-4A47-87EE-C31F8983D39B--E9DE6039-8837-48A6-9DC2-E28156FFD629 (Friendly Name: ac177492-7427-42d6-85c1-d497827b7f10). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3400 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3086279481-1246178135-532934279-2614330249 | 3/11/2022 10:41:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B7F4E339-2B57-4A47-87EE-C31F8983D39B--E9DE6039-8837-48A6-9DC2-E28156FFD629 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3399 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3086279481-1246178135-532934279-2614330249 | 3/11/2022 10:41:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B7F4E339-2B57-4A47-87EE-C31F8983D39B--1C2421D0-244C-4648-B8F9-E8CC2DA7B36B (Friendly Name: b4009136-4b10-46ad-8ae6-54854f454817). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3398 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3086279481-1246178135-532934279-2614330249 | 3/11/2022 10:41:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B7F4E339-2B57-4A47-87EE-C31F8983D39B--1C2421D0-244C-4648-B8F9-E8CC2DA7B36B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3397 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3086279481-1246178135-532934279-2614330249 | 3/11/2022 10:41:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B7F4E339-2B57-4A47-87EE-C31F8983D39B--59EC2620-FD1F-46DE-83CF-3EDDD5A7F891 (Friendly Name: cb422880-4e48-4b19-8ae8-0f30096464f5). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3396 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3086279481-1246178135-532934279-2614330249 | 3/11/2022 10:41:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B7F4E339-2B57-4A47-87EE-C31F8983D39B--59EC2620-FD1F-46DE-83CF-3EDDD5A7F891 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3395 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3086279481-1246178135-532934279-2614330249 | 3/11/2022 10:41:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B7F4E339-2B57-4A47-87EE-C31F8983D39B--59EC2620-FD1F-46DE-83CF-3EDDD5A7F891 (Friendly Name: cb422880-4e48-4b19-8ae8-0f30096464f5) successfully connected to port BB68AAC5-CC2E-4EE9-A107-98FFF6D7DB3F (Friendly Name: cb422880-4e48-4b19-8ae8-0f30096464f5) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3394 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3086279481-1246178135-532934279-2614330249 | 3/11/2022 10:41:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B7F4E339-2B57-4A47-87EE-C31F8983D39B--59EC2620-FD1F-46DE-83CF-3EDDD5A7F891 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3393 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:41:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B7F4E339-2B57-4A47-87EE-C31F8983D39B--1C2421D0-244C-4648-B8F9-E8CC2DA7B36B (Friendly Name: b4009136-4b10-46ad-8ae6-54854f454817) successfully connected to port 67495800-4442-48BC-8644-45825114470E (Friendly Name: b4009136-4b10-46ad-8ae6-54854f454817) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3392 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3086279481-1246178135-532934279-2614330249 | 3/11/2022 10:41:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B7F4E339-2B57-4A47-87EE-C31F8983D39B--1C2421D0-244C-4648-B8F9-E8CC2DA7B36B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3391 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:41:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B7F4E339-2B57-4A47-87EE-C31F8983D39B--E9DE6039-8837-48A6-9DC2-E28156FFD629 (Friendly Name: ac177492-7427-42d6-85c1-d497827b7f10) successfully connected to port A87D85A3-C8C1-40A6-8DFF-E8704B44BB0B (Friendly Name: ac177492-7427-42d6-85c1-d497827b7f10) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3390 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3086279481-1246178135-532934279-2614330249 | 3/11/2022 10:41:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B7F4E339-2B57-4A47-87EE-C31F8983D39B--E9DE6039-8837-48A6-9DC2-E28156FFD629 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3389 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 824 | 2452 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:41:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3388 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:41:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 11CE9B5F-BA29-4C8F-BC08-C61B8F39D51E--ABBF076F-AC9A-477E-940E-5AA0A528F2A0 (Friendly Name: d0a94d2b-6886-4a47-a90a-33471bd8aad8). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3387 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 3708 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-298752863-1284487721-465963196-517290383 | 3/11/2022 10:40:41 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 11CE9B5F-BA29-4C8F-BC08-C61B8F39D51E--ABBF076F-AC9A-477E-940E-5AA0A528F2A0 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3386 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 3708 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-298752863-1284487721-465963196-517290383 | 3/11/2022 10:40:41 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3385 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1244 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:39:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic FDDB6C83-6A16-4ADA-AEBD-D43CADF356BB--4318707D-7856-4DD4-B570-BCB3A7B26A60 (Friendly Name: 030f2305-2351-4980-a9ba-45d1eff2a5a7). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3384 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4512 | 3920 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4259015811-1255827990-1020575150-3143037869 | 3/11/2022 10:39:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC FDDB6C83-6A16-4ADA-AEBD-D43CADF356BB--4318707D-7856-4DD4-B570-BCB3A7B26A60 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3383 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4512 | 3920 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4259015811-1255827990-1020575150-3143037869 | 3/11/2022 10:39:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC FDDB6C83-6A16-4ADA-AEBD-D43CADF356BB--4318707D-7856-4DD4-B570-BCB3A7B26A60 (Friendly Name: 030f2305-2351-4980-a9ba-45d1eff2a5a7) successfully connected to port 9692C490-1F82-4619-876C-4EDCF51AFD74 (Friendly Name: 030f2305-2351-4980-a9ba-45d1eff2a5a7) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3382 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4512 | 1456 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4259015811-1255827990-1020575150-3143037869 | 3/11/2022 10:39:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic FDDB6C83-6A16-4ADA-AEBD-D43CADF356BB--4318707D-7856-4DD4-B570-BCB3A7B26A60 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3381 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4512 | 1456 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:39:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 838A4835-9E93-4255-BFDC-FA279ADF9258--FE0B3D63-DD4E-4076-97A9-7CD4A433757E (Friendly Name: 52fc8f01-b998-47a4-a0e4-31288686cd13). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3380 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3716 | 2512 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2206877749-1112907411-670751935-1486020506 | 3/11/2022 10:38:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 838A4835-9E93-4255-BFDC-FA279ADF9258--FE0B3D63-DD4E-4076-97A9-7CD4A433757E successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3379 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3716 | 2512 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2206877749-1112907411-670751935-1486020506 | 3/11/2022 10:38:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 838A4835-9E93-4255-BFDC-FA279ADF9258--FE0B3D63-DD4E-4076-97A9-7CD4A433757E (Friendly Name: 52fc8f01-b998-47a4-a0e4-31288686cd13) successfully connected to port BD413E51-7B6A-46E1-87C8-4EAFEB39A364 (Friendly Name: 52fc8f01-b998-47a4-a0e4-31288686cd13) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3378 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3716 | 3792 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2206877749-1112907411-670751935-1486020506 | 3/11/2022 10:37:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 838A4835-9E93-4255-BFDC-FA279ADF9258--FE0B3D63-DD4E-4076-97A9-7CD4A433757E (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3377 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3716 | 3792 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:37:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 11CE9B5F-BA29-4C8F-BC08-C61B8F39D51E--ABBF076F-AC9A-477E-940E-5AA0A528F2A0 (Friendly Name: d0a94d2b-6886-4a47-a90a-33471bd8aad8) successfully connected to port BD36008E-8374-433F-BB1D-D3364B363BD3 (Friendly Name: d0a94d2b-6886-4a47-a90a-33471bd8aad8) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3376 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 3404 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-298752863-1284487721-465963196-517290383 | 3/11/2022 10:37:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 11CE9B5F-BA29-4C8F-BC08-C61B8F39D51E--ABBF076F-AC9A-477E-940E-5AA0A528F2A0 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3375 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 3404 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:37:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 19509398-81EE-4FE7-9BF8-8D3BA3DFE502--448435FD-D5B2-440B-8197-BAB754E754C0 (Friendly Name: 224b247b-3d48-453d-aded-32eab0ed9588). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3374 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4324 | 4292 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-424711064-1340572142-999159963-48619427 | 3/11/2022 10:36:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 19509398-81EE-4FE7-9BF8-8D3BA3DFE502--448435FD-D5B2-440B-8197-BAB754E754C0 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3373 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4324 | 4292 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-424711064-1340572142-999159963-48619427 | 3/11/2022 10:36:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 06CF471F-A758-4C8A-8EB1-DA19C6F3F02A--C850DBCB-0FA4-4989-9D7A-A194475B16AA (Friendly Name: e2f8401a-162d-45a1-a783-c67a835590f8). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3372 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 696 | 1032 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-114247455-1284155224-433762702-720434118 | 3/11/2022 10:36:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 06CF471F-A758-4C8A-8EB1-DA19C6F3F02A--C850DBCB-0FA4-4989-9D7A-A194475B16AA successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3371 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 696 | 1032 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-114247455-1284155224-433762702-720434118 | 3/11/2022 10:36:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 06CF471F-A758-4C8A-8EB1-DA19C6F3F02A--C850DBCB-0FA4-4989-9D7A-A194475B16AA (Friendly Name: e2f8401a-162d-45a1-a783-c67a835590f8) successfully connected to port 9CCB673A-3211-40E9-8C91-D2B0112C2A51 (Friendly Name: e2f8401a-162d-45a1-a783-c67a835590f8) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3370 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 696 | 1032 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-114247455-1284155224-433762702-720434118 | 3/11/2022 10:36:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 06CF471F-A758-4C8A-8EB1-DA19C6F3F02A--C850DBCB-0FA4-4989-9D7A-A194475B16AA (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3369 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 696 | 1032 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:36:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 63E511BE-3A32-42A3-9FD1-4CA3BC59797D--B2B51F4B-5436-484C-AE27-C27B27D5CFFD (Friendly Name: 399cf5ea-5178-4778-a5e3-823476e86c8d). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3368 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1444 | 4460 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1675956670-1117993522-2739720607-2105104828 | 3/11/2022 10:36:29 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 63E511BE-3A32-42A3-9FD1-4CA3BC59797D--B2B51F4B-5436-484C-AE27-C27B27D5CFFD successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3367 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1444 | 4460 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1675956670-1117993522-2739720607-2105104828 | 3/11/2022 10:36:29 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-DD-68-CF has moved from port 4FDD2828-76CA-43B7-8A71-C0406A9C1D95 (Friendly Name: br-data_External) to port 2C675CD7-421D-454A-888C-6812F1D88D9D (Friendly Name: 224b247b-3d48-453d-aded-32eab0ed9588). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3366 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 0 | 0 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:36:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 055703EC-1B79-47CF-9F5F-D3C11444585A--64B076F8-8AE8-4BF2-B5B9-10496F6D5CB1 (Friendly Name: 7ccb094a-bc33-4322-893e-42777b43376b). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3365 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3384 | 996 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-89588716-1204755321-3251855263-1515734036 | 3/11/2022 10:36:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 055703EC-1B79-47CF-9F5F-D3C11444585A--64B076F8-8AE8-4BF2-B5B9-10496F6D5CB1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3364 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3384 | 996 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-89588716-1204755321-3251855263-1515734036 | 3/11/2022 10:36:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9B4596E2-BDCD-4D51-9F4F-E65BB55E5952--6E119E97-4E64-4BBD-8350-D6231B02D799 (Friendly Name: 9e2add75-abc0-4a3a-bbfa-1cbc6c6ed15b). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3363 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4212 | 4996 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2605029090-1297202637-1541820319-1381588661 | 3/11/2022 10:36:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9B4596E2-BDCD-4D51-9F4F-E65BB55E5952--6E119E97-4E64-4BBD-8350-D6231B02D799 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3362 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4212 | 4996 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2605029090-1297202637-1541820319-1381588661 | 3/11/2022 10:36:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4A92367F-6965-4147-9B22-1122C32A959A--18826C11-F419-4CE7-9B44-7041D72133F3 (Friendly Name: 42d911a6-6345-46ee-9f0c-3955c816bd99). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3361 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5076 | 4308 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1251096191-1095199077-571548315-2593467075 | 3/11/2022 10:36:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4A92367F-6965-4147-9B22-1122C32A959A--18826C11-F419-4CE7-9B44-7041D72133F3 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3360 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5076 | 4308 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1251096191-1095199077-571548315-2593467075 | 3/11/2022 10:36:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic F0C6F95E-A26E-4111-9AC3-D4CDCABABA4C--FAA03BD9-1342-463C-BD11-FEA619C93536 (Friendly Name: 7c9d9acc-a765-4528-a254-c81d4215cbb7). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3359 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4048 | 684 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4039571806-1091674734-3453272986-1287305930 | 3/11/2022 10:35:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F0C6F95E-A26E-4111-9AC3-D4CDCABABA4C--FAA03BD9-1342-463C-BD11-FEA619C93536 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3358 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4048 | 684 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4039571806-1091674734-3453272986-1287305930 | 3/11/2022 10:35:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F0C6F95E-A26E-4111-9AC3-D4CDCABABA4C--FAA03BD9-1342-463C-BD11-FEA619C93536 (Friendly Name: 7c9d9acc-a765-4528-a254-c81d4215cbb7) successfully connected to port A41C54CE-5C86-4B89-8624-A15238DC870B (Friendly Name: 7c9d9acc-a765-4528-a254-c81d4215cbb7) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3357 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4048 | 744 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4039571806-1091674734-3453272986-1287305930 | 3/11/2022 10:35:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic F0C6F95E-A26E-4111-9AC3-D4CDCABABA4C--FAA03BD9-1342-463C-BD11-FEA619C93536 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3356 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4048 | 744 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:35:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A903804E-C6AA-45BE-825E-B5F0314D8018--959BCD0C-5710-4C84-9185-7DEDBE940E2A (Friendly Name: dc8dd7e2-7b5d-4fc9-91d3-fadf846ebd53). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3355 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4244 | 4600 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2835578958-1170130602-4038418050-411061553 | 3/11/2022 10:35:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A903804E-C6AA-45BE-825E-B5F0314D8018--959BCD0C-5710-4C84-9185-7DEDBE940E2A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3354 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4244 | 4600 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2835578958-1170130602-4038418050-411061553 | 3/11/2022 10:35:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A903804E-C6AA-45BE-825E-B5F0314D8018--959BCD0C-5710-4C84-9185-7DEDBE940E2A (Friendly Name: dc8dd7e2-7b5d-4fc9-91d3-fadf846ebd53) successfully connected to port BE93BC78-01BC-455D-80D8-4B5782DA0E69 (Friendly Name: dc8dd7e2-7b5d-4fc9-91d3-fadf846ebd53) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3353 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4244 | 2132 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2835578958-1170130602-4038418050-411061553 | 3/11/2022 10:35:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A903804E-C6AA-45BE-825E-B5F0314D8018--959BCD0C-5710-4C84-9185-7DEDBE940E2A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3352 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4244 | 2132 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:35:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 19509398-81EE-4FE7-9BF8-8D3BA3DFE502--448435FD-D5B2-440B-8197-BAB754E754C0 (Friendly Name: 224b247b-3d48-453d-aded-32eab0ed9588) successfully connected to port 2C675CD7-421D-454A-888C-6812F1D88D9D (Friendly Name: 224b247b-3d48-453d-aded-32eab0ed9588) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3351 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4324 | 4292 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-424711064-1340572142-999159963-48619427 | 3/11/2022 10:35:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 19509398-81EE-4FE7-9BF8-8D3BA3DFE502--448435FD-D5B2-440B-8197-BAB754E754C0 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3350 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4324 | 4292 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:35:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic EADABA9C-36B8-409D-87F3-B18BA88E3600--F45B8EE2-B69C-44A0-BA86-A18BB6CA05FA (Friendly Name: 913867c2-a8ea-4d1f-b714-d17e144c8ede). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3349 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4668 | 556 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3940203164-1084044984-2343695239-3575464 | 3/11/2022 10:34:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EADABA9C-36B8-409D-87F3-B18BA88E3600--F45B8EE2-B69C-44A0-BA86-A18BB6CA05FA successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3348 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4668 | 556 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3940203164-1084044984-2343695239-3575464 | 3/11/2022 10:34:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3347 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:34:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4AAA11BB-C152-487B-8082-13411F5A2126--4D2C8229-C2F3-4008-A4F3-21DE1C952D1A (Friendly Name: 77630182-b977-4c21-8e88-cfbfe5be6376). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3346 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1048 | 2600 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1252659643-1216069970-1091797632-639719967 | 3/11/2022 10:34:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4AAA11BB-C152-487B-8082-13411F5A2126--4D2C8229-C2F3-4008-A4F3-21DE1C952D1A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3345 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1048 | 2600 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1252659643-1216069970-1091797632-639719967 | 3/11/2022 10:34:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4A92367F-6965-4147-9B22-1122C32A959A--18826C11-F419-4CE7-9B44-7041D72133F3 (Friendly Name: 42d911a6-6345-46ee-9f0c-3955c816bd99) successfully connected to port 91700650-D536-4D6B-BACE-328F1E127CF6 (Friendly Name: 42d911a6-6345-46ee-9f0c-3955c816bd99) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3344 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5076 | 4308 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1251096191-1095199077-571548315-2593467075 | 3/11/2022 10:34:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4A92367F-6965-4147-9B22-1122C32A959A--18826C11-F419-4CE7-9B44-7041D72133F3 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3343 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5076 | 4308 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:34:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EADABA9C-36B8-409D-87F3-B18BA88E3600--F45B8EE2-B69C-44A0-BA86-A18BB6CA05FA (Friendly Name: 913867c2-a8ea-4d1f-b714-d17e144c8ede) successfully connected to port 9C8EBE9E-9770-45DF-9F67-2EB090F959FD (Friendly Name: 913867c2-a8ea-4d1f-b714-d17e144c8ede) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3342 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4668 | 4852 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3940203164-1084044984-2343695239-3575464 | 3/11/2022 10:34:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic EADABA9C-36B8-409D-87F3-B18BA88E3600--F45B8EE2-B69C-44A0-BA86-A18BB6CA05FA (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3341 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4668 | 4852 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:34:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic EADABA9C-36B8-409D-87F3-B18BA88E3600--F45B8EE2-B69C-44A0-BA86-A18BB6CA05FA (Friendly Name: 913867c2-a8ea-4d1f-b714-d17e144c8ede). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3340 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3528 | 4800 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3940203164-1084044984-2343695239-3575464 | 3/11/2022 10:34:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EADABA9C-36B8-409D-87F3-B18BA88E3600--F45B8EE2-B69C-44A0-BA86-A18BB6CA05FA successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3339 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3528 | 4800 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3940203164-1084044984-2343695239-3575464 | 3/11/2022 10:34:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9B4596E2-BDCD-4D51-9F4F-E65BB55E5952--6E119E97-4E64-4BBD-8350-D6231B02D799 (Friendly Name: 9e2add75-abc0-4a3a-bbfa-1cbc6c6ed15b) successfully connected to port B53FCBF8-D0D5-4579-8E18-9819506A057F (Friendly Name: 9e2add75-abc0-4a3a-bbfa-1cbc6c6ed15b) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3338 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4212 | 612 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2605029090-1297202637-1541820319-1381588661 | 3/11/2022 10:34:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9B4596E2-BDCD-4D51-9F4F-E65BB55E5952--6E119E97-4E64-4BBD-8350-D6231B02D799 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3337 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4212 | 612 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:34:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4AAA11BB-C152-487B-8082-13411F5A2126--4D2C8229-C2F3-4008-A4F3-21DE1C952D1A (Friendly Name: 77630182-b977-4c21-8e88-cfbfe5be6376) successfully connected to port 5A882A20-23CA-4675-9AF4-A6AC1A0F4A4E (Friendly Name: 77630182-b977-4c21-8e88-cfbfe5be6376) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3336 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1048 | 3088 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1252659643-1216069970-1091797632-639719967 | 3/11/2022 10:34:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4AAA11BB-C152-487B-8082-13411F5A2126--4D2C8229-C2F3-4008-A4F3-21DE1C952D1A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3335 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1048 | 3088 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:34:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 055703EC-1B79-47CF-9F5F-D3C11444585A--64B076F8-8AE8-4BF2-B5B9-10496F6D5CB1 (Friendly Name: 7ccb094a-bc33-4322-893e-42777b43376b) successfully connected to port A1B3AEC9-971F-473F-A444-0A732AFDA278 (Friendly Name: 7ccb094a-bc33-4322-893e-42777b43376b) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3334 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3384 | 2592 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-89588716-1204755321-3251855263-1515734036 | 3/11/2022 10:34:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 055703EC-1B79-47CF-9F5F-D3C11444585A--64B076F8-8AE8-4BF2-B5B9-10496F6D5CB1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3333 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3384 | 2592 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:34:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic C0ADE603-13BF-4B97-9887-A4CB4F4E1730--63E4A18C-AE2D-4C13-8BCD-104C32C3CB9B (Friendly Name: 88e81a98-36c1-47f3-99d2-182c5a483a42). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3332 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4560 | 3512 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3232622083-1268192191-3416557464-806833743 | 3/11/2022 10:34:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C0ADE603-13BF-4B97-9887-A4CB4F4E1730--63E4A18C-AE2D-4C13-8BCD-104C32C3CB9B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3331 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4560 | 3512 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3232622083-1268192191-3416557464-806833743 | 3/11/2022 10:34:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EADABA9C-36B8-409D-87F3-B18BA88E3600--F45B8EE2-B69C-44A0-BA86-A18BB6CA05FA (Friendly Name: 913867c2-a8ea-4d1f-b714-d17e144c8ede) successfully connected to port 9C8EBE9E-9770-45DF-9F67-2EB090F959FD (Friendly Name: 913867c2-a8ea-4d1f-b714-d17e144c8ede) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3330 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3528 | 4016 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3940203164-1084044984-2343695239-3575464 | 3/11/2022 10:34:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic EADABA9C-36B8-409D-87F3-B18BA88E3600--F45B8EE2-B69C-44A0-BA86-A18BB6CA05FA (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3329 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3528 | 4016 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:34:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic F1BB6FEF-D448-4988-B83E-8D45670E87EE--915D403B-66D3-416E-935A-5BB6F9087DE0 (Friendly Name: bfc93fd0-bf9f-4228-b6c3-a98999f131aa). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3328 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4912 | 2776 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4055592943-1233704008-1166884536-4001828455 | 3/11/2022 10:34:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F1BB6FEF-D448-4988-B83E-8D45670E87EE--915D403B-66D3-416E-935A-5BB6F9087DE0 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3327 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4912 | 2776 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4055592943-1233704008-1166884536-4001828455 | 3/11/2022 10:34:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C0ADE603-13BF-4B97-9887-A4CB4F4E1730--63E4A18C-AE2D-4C13-8BCD-104C32C3CB9B (Friendly Name: 88e81a98-36c1-47f3-99d2-182c5a483a42) successfully connected to port CCA70AEB-81EC-402F-BABA-EBC3B010527C (Friendly Name: 88e81a98-36c1-47f3-99d2-182c5a483a42) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3326 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4560 | 3512 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3232622083-1268192191-3416557464-806833743 | 3/11/2022 10:34:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic C0ADE603-13BF-4B97-9887-A4CB4F4E1730--63E4A18C-AE2D-4C13-8BCD-104C32C3CB9B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3325 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4560 | 3512 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:34:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic C0ADE603-13BF-4B97-9887-A4CB4F4E1730--63E4A18C-AE2D-4C13-8BCD-104C32C3CB9B (Friendly Name: 88e81a98-36c1-47f3-99d2-182c5a483a42). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3324 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4560 | 3512 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3232622083-1268192191-3416557464-806833743 | 3/11/2022 10:34:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C0ADE603-13BF-4B97-9887-A4CB4F4E1730--63E4A18C-AE2D-4C13-8BCD-104C32C3CB9B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3323 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4560 | 3512 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3232622083-1268192191-3416557464-806833743 | 3/11/2022 10:34:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C0ADE603-13BF-4B97-9887-A4CB4F4E1730--63E4A18C-AE2D-4C13-8BCD-104C32C3CB9B (Friendly Name: 88e81a98-36c1-47f3-99d2-182c5a483a42) successfully connected to port CCA70AEB-81EC-402F-BABA-EBC3B010527C (Friendly Name: 88e81a98-36c1-47f3-99d2-182c5a483a42) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3322 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4560 | 4624 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3232622083-1268192191-3416557464-806833743 | 3/11/2022 10:33:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic C0ADE603-13BF-4B97-9887-A4CB4F4E1730--63E4A18C-AE2D-4C13-8BCD-104C32C3CB9B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3321 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4560 | 4624 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:33:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3320 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1244 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:33:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 63E511BE-3A32-42A3-9FD1-4CA3BC59797D--B2B51F4B-5436-484C-AE27-C27B27D5CFFD (Friendly Name: 399cf5ea-5178-4778-a5e3-823476e86c8d) successfully connected to port 994F2AF1-8818-41E3-94DB-A3412CC9DA40 (Friendly Name: 399cf5ea-5178-4778-a5e3-823476e86c8d) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3319 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1444 | 4524 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1675956670-1117993522-2739720607-2105104828 | 3/11/2022 10:33:38 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 63E511BE-3A32-42A3-9FD1-4CA3BC59797D--B2B51F4B-5436-484C-AE27-C27B27D5CFFD (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3318 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1444 | 4524 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:33:38 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic F541E22D-A75A-498B-A43F-22CB1DA75870--EA4CEC71-7487-4C19-AB9C-501D2F3E020D (Friendly Name: bd8fa5ce-83ed-4622-8a92-2e0077d17c81). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3317 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2624 | 672 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4114735661-1233889114-3408019364-1884858141 | 3/11/2022 10:33:30 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F541E22D-A75A-498B-A43F-22CB1DA75870--EA4CEC71-7487-4C19-AB9C-501D2F3E020D successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3316 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2624 | 672 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4114735661-1233889114-3408019364-1884858141 | 3/11/2022 10:33:30 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F541E22D-A75A-498B-A43F-22CB1DA75870--EA4CEC71-7487-4C19-AB9C-501D2F3E020D (Friendly Name: bd8fa5ce-83ed-4622-8a92-2e0077d17c81) successfully connected to port 87E8B7DC-DD80-48D8-A1A2-E59484FEC3AC (Friendly Name: bd8fa5ce-83ed-4622-8a92-2e0077d17c81) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3315 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2624 | 672 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4114735661-1233889114-3408019364-1884858141 | 3/11/2022 10:33:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic F541E22D-A75A-498B-A43F-22CB1DA75870--EA4CEC71-7487-4C19-AB9C-501D2F3E020D (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3314 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2624 | 672 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:33:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 76595C07-8512-449A-8CC8-433FA82FD91A--2E09FD54-4355-418A-9EFF-CE9C5B010BB1 (Friendly Name: 375051d7-9767-42f0-9ffc-75d7cd6d1df3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3313 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4696 | 4308 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1985567751-1150977298-1061406860-450441128 | 3/11/2022 10:33:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 76595C07-8512-449A-8CC8-433FA82FD91A--2E09FD54-4355-418A-9EFF-CE9C5B010BB1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3312 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4696 | 4308 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1985567751-1150977298-1061406860-450441128 | 3/11/2022 10:33:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 76595C07-8512-449A-8CC8-433FA82FD91A--2E09FD54-4355-418A-9EFF-CE9C5B010BB1 (Friendly Name: 375051d7-9767-42f0-9ffc-75d7cd6d1df3) successfully connected to port 412022AF-4CE4-41A8-8C0F-00DDBC39A7D3 (Friendly Name: 375051d7-9767-42f0-9ffc-75d7cd6d1df3) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3311 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4696 | 3352 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1985567751-1150977298-1061406860-450441128 | 3/11/2022 10:33:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 76595C07-8512-449A-8CC8-433FA82FD91A--2E09FD54-4355-418A-9EFF-CE9C5B010BB1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3310 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4696 | 3352 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:33:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 76595C07-8512-449A-8CC8-433FA82FD91A--2E09FD54-4355-418A-9EFF-CE9C5B010BB1 (Friendly Name: 375051d7-9767-42f0-9ffc-75d7cd6d1df3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3309 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4696 | 3352 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1985567751-1150977298-1061406860-450441128 | 3/11/2022 10:33:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 76595C07-8512-449A-8CC8-433FA82FD91A--2E09FD54-4355-418A-9EFF-CE9C5B010BB1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3308 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4696 | 3352 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1985567751-1150977298-1061406860-450441128 | 3/11/2022 10:33:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 76595C07-8512-449A-8CC8-433FA82FD91A--2E09FD54-4355-418A-9EFF-CE9C5B010BB1 (Friendly Name: 375051d7-9767-42f0-9ffc-75d7cd6d1df3) successfully connected to port 412022AF-4CE4-41A8-8C0F-00DDBC39A7D3 (Friendly Name: 375051d7-9767-42f0-9ffc-75d7cd6d1df3) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3307 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4696 | 2076 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1985567751-1150977298-1061406860-450441128 | 3/11/2022 10:33:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 76595C07-8512-449A-8CC8-433FA82FD91A--2E09FD54-4355-418A-9EFF-CE9C5B010BB1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3306 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4696 | 2076 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:33:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BC1816C7-1033-4F03-A4AA-876D7E8B83D4--C9C4FBA5-3DC0-4267-9B57-37C03195413A (Friendly Name: bccf174f-4a39-477c-b8a8-217c438a48d3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3305 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 812 | 2064 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3155695303-1325600819-1837607588-3565390718 | 3/11/2022 10:33:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BC1816C7-1033-4F03-A4AA-876D7E8B83D4--C9C4FBA5-3DC0-4267-9B57-37C03195413A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3304 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 812 | 2064 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3155695303-1325600819-1837607588-3565390718 | 3/11/2022 10:33:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 65B6B671-4422-4EDA-B8A8-E5AFB0853932--2BBC7697-1511-494F-8FD4-EDFD5FA50D34 (Friendly Name: c9a0ffbf-fc27-4de5-b5d3-9cec5d3271c8). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3303 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4544 | 4556 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1706473073-1322927138-2951063736-842630576 | 3/11/2022 10:32:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 65B6B671-4422-4EDA-B8A8-E5AFB0853932--2BBC7697-1511-494F-8FD4-EDFD5FA50D34 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3302 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4544 | 4556 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1706473073-1322927138-2951063736-842630576 | 3/11/2022 10:32:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3301 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:32:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3300 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:32:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 65B6B671-4422-4EDA-B8A8-E5AFB0853932--2BBC7697-1511-494F-8FD4-EDFD5FA50D34 (Friendly Name: c9a0ffbf-fc27-4de5-b5d3-9cec5d3271c8) successfully connected to port EEBCE3B2-F734-4F22-9AE0-AEDA32FADA63 (Friendly Name: c9a0ffbf-fc27-4de5-b5d3-9cec5d3271c8) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3299 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4544 | 2124 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1706473073-1322927138-2951063736-842630576 | 3/11/2022 10:32:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 65B6B671-4422-4EDA-B8A8-E5AFB0853932--2BBC7697-1511-494F-8FD4-EDFD5FA50D34 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3298 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4544 | 2124 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:32:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F1BB6FEF-D448-4988-B83E-8D45670E87EE--915D403B-66D3-416E-935A-5BB6F9087DE0 (Friendly Name: bfc93fd0-bf9f-4228-b6c3-a98999f131aa) successfully connected to port 87A00C9B-7C4E-4CAE-A25F-2EB74C35A85F (Friendly Name: bfc93fd0-bf9f-4228-b6c3-a98999f131aa) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3297 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4912 | 2032 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4055592943-1233704008-1166884536-4001828455 | 3/11/2022 10:32:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic F1BB6FEF-D448-4988-B83E-8D45670E87EE--915D403B-66D3-416E-935A-5BB6F9087DE0 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3296 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4912 | 2032 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:32:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3295 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2448 | 4640 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:32:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3294 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2448 | 4640 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:32:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3293 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:32:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 3A901E27-14C2-49CA-AB0C-C8C349C491ED--F0D1D1DA-F8B2-4996-9CB4-603E1A9C3F59 (Friendly Name: 874ef074-8120-4a1b-801a-205944d89694). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3292 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4920 | 5088 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-982523431-1237980354-3284667563-3985753161 | 3/11/2022 10:32:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3A901E27-14C2-49CA-AB0C-C8C349C491ED--F0D1D1DA-F8B2-4996-9CB4-603E1A9C3F59 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3291 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4920 | 5088 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-982523431-1237980354-3284667563-3985753161 | 3/11/2022 10:32:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic F1BB6FEF-D448-4988-B83E-8D45670E87EE--915D403B-66D3-416E-935A-5BB6F9087DE0 (Friendly Name: bfc93fd0-bf9f-4228-b6c3-a98999f131aa). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3290 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4240 | 4252 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4055592943-1233704008-1166884536-4001828455 | 3/11/2022 10:32:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F1BB6FEF-D448-4988-B83E-8D45670E87EE--915D403B-66D3-416E-935A-5BB6F9087DE0 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3289 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4240 | 4252 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4055592943-1233704008-1166884536-4001828455 | 3/11/2022 10:32:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 364D915B-02AE-4E1F-95BE-E09FA077A1F2--32E15BCF-A60F-4DEE-A088-5953F322906F (Friendly Name: f95d4cf8-a0ba-4b3d-aacf-79ffdc2bc01d). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3288 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1544 | 864 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-911053147-1310655150-2682306197-4070668192 | 3/11/2022 10:32:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 364D915B-02AE-4E1F-95BE-E09FA077A1F2--32E15BCF-A60F-4DEE-A088-5953F322906F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3287 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1544 | 864 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-911053147-1310655150-2682306197-4070668192 | 3/11/2022 10:32:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 364D915B-02AE-4E1F-95BE-E09FA077A1F2--32E15BCF-A60F-4DEE-A088-5953F322906F (Friendly Name: f95d4cf8-a0ba-4b3d-aacf-79ffdc2bc01d) successfully connected to port 0A9961BD-926E-475A-9255-6AF47475A3B5 (Friendly Name: f95d4cf8-a0ba-4b3d-aacf-79ffdc2bc01d) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3286 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1544 | 3904 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-911053147-1310655150-2682306197-4070668192 | 3/11/2022 10:31:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 364D915B-02AE-4E1F-95BE-E09FA077A1F2--32E15BCF-A60F-4DEE-A088-5953F322906F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3285 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1544 | 3904 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 3EFFD9B6-DB38-47DA-9C2C-2E6D37DE7807--BC930255-31CF-4060-84C1-A36F6C7C0788 (Friendly Name: beb477a3-4158-4077-b49c-bc544a28c3ab). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3284 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 672 | 4092 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1056954806-1205525304-1831742620-125361719 | 3/11/2022 10:31:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3EFFD9B6-DB38-47DA-9C2C-2E6D37DE7807--BC930255-31CF-4060-84C1-A36F6C7C0788 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3283 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 672 | 4092 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1056954806-1205525304-1831742620-125361719 | 3/11/2022 10:31:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3) successfully connected to port 8906F6E2-2CDF-4073-98C3-776B4A753DE1 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3282 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2448 | 2592 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:31:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3281 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2448 | 2592 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3280 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3680 | 3812 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:31:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3279 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3680 | 3812 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:31:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3) successfully connected to port 8906F6E2-2CDF-4073-98C3-776B4A753DE1 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3278 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3680 | 2076 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:31:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3277 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3680 | 2076 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 75BFBEC7-C9C5-4DDD-BF49-4A5D97180D59--312D76ED-09D5-4C56-B98C-1F07D818836A (Friendly Name: a95700f0-1464-404f-aedd-9fd71d6d3eb6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3276 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3496 | 2560 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1975500487-1306380741-1565149631-1494030487 | 3/11/2022 10:31:39 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 75BFBEC7-C9C5-4DDD-BF49-4A5D97180D59--312D76ED-09D5-4C56-B98C-1F07D818836A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3275 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3496 | 2560 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1975500487-1306380741-1565149631-1494030487 | 3/11/2022 10:31:39 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 75BFBEC7-C9C5-4DDD-BF49-4A5D97180D59--312D76ED-09D5-4C56-B98C-1F07D818836A (Friendly Name: a95700f0-1464-404f-aedd-9fd71d6d3eb6) successfully connected to port 983705C8-6F1A-472C-A473-838AF3502D03 (Friendly Name: a95700f0-1464-404f-aedd-9fd71d6d3eb6) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3274 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3496 | 4176 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1975500487-1306380741-1565149631-1494030487 | 3/11/2022 10:31:36 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 75BFBEC7-C9C5-4DDD-BF49-4A5D97180D59--312D76ED-09D5-4C56-B98C-1F07D818836A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3273 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3496 | 4176 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:36 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3272 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1852 | 3168 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:31:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3271 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1852 | 3168 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:31:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F1BB6FEF-D448-4988-B83E-8D45670E87EE--915D403B-66D3-416E-935A-5BB6F9087DE0 (Friendly Name: bfc93fd0-bf9f-4228-b6c3-a98999f131aa) successfully connected to port 87A00C9B-7C4E-4CAE-A25F-2EB74C35A85F (Friendly Name: bfc93fd0-bf9f-4228-b6c3-a98999f131aa) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3270 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4240 | 1052 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4055592943-1233704008-1166884536-4001828455 | 3/11/2022 10:31:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic F1BB6FEF-D448-4988-B83E-8D45670E87EE--915D403B-66D3-416E-935A-5BB6F9087DE0 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3269 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4240 | 1052 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3EFFD9B6-DB38-47DA-9C2C-2E6D37DE7807--BC930255-31CF-4060-84C1-A36F6C7C0788 (Friendly Name: beb477a3-4158-4077-b49c-bc544a28c3ab) successfully connected to port 5FF4457E-CF98-4547-8E4E-3373AC3DD05D (Friendly Name: beb477a3-4158-4077-b49c-bc544a28c3ab) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3268 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 672 | 4256 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1056954806-1205525304-1831742620-125361719 | 3/11/2022 10:31:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 3EFFD9B6-DB38-47DA-9C2C-2E6D37DE7807--BC930255-31CF-4060-84C1-A36F6C7C0788 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3267 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 672 | 4256 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 925BC97C-5E42-45C8-91C8-74334D6C6636--4113325E-6D8C-4E85-AB6D-7C080A00038C (Friendly Name: b9a95efe-9b65-4962-98fc-e82ee984c7b6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3266 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1392 | 2460 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2455488892-1170759234-863291537-912682061 | 3/11/2022 10:31:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 925BC97C-5E42-45C8-91C8-74334D6C6636--4113325E-6D8C-4E85-AB6D-7C080A00038C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3265 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1392 | 2460 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2455488892-1170759234-863291537-912682061 | 3/11/2022 10:31:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 925BC97C-5E42-45C8-91C8-74334D6C6636--4113325E-6D8C-4E85-AB6D-7C080A00038C (Friendly Name: b9a95efe-9b65-4962-98fc-e82ee984c7b6) successfully connected to port E10C8020-8A3B-49CC-B78C-0DFB57A266EE (Friendly Name: b9a95efe-9b65-4962-98fc-e82ee984c7b6) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3264 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1392 | 2460 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2455488892-1170759234-863291537-912682061 | 3/11/2022 10:31:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 925BC97C-5E42-45C8-91C8-74334D6C6636--4113325E-6D8C-4E85-AB6D-7C080A00038C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3263 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1392 | 2460 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BC1816C7-1033-4F03-A4AA-876D7E8B83D4--C9C4FBA5-3DC0-4267-9B57-37C03195413A (Friendly Name: bccf174f-4a39-477c-b8a8-217c438a48d3) successfully connected to port EF83BED6-89F3-442F-ACEA-DCCD2F907B2C (Friendly Name: bccf174f-4a39-477c-b8a8-217c438a48d3) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3262 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 812 | 5084 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3155695303-1325600819-1837607588-3565390718 | 3/11/2022 10:31:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BC1816C7-1033-4F03-A4AA-876D7E8B83D4--C9C4FBA5-3DC0-4267-9B57-37C03195413A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3261 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 812 | 5084 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3260 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1232 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:25 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3259 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1064 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3258 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1064 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:31:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 19A62930-D4AE-4507-A9EB-F401086361A9--58628963-F144-4302-BAA0-774210EA5425 (Friendly Name: b9a95efe-9b65-4962-98fc-e82ee984c7b6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3257 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1552 | 4704 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-430319920-1158141102-32828329-2841731848 | 3/11/2022 10:31:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 19A62930-D4AE-4507-A9EB-F401086361A9--58628963-F144-4302-BAA0-774210EA5425 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3256 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1552 | 4704 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-430319920-1158141102-32828329-2841731848 | 3/11/2022 10:31:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic CDEE8C59-DFA8-4722-B786-1507F25AAC26--D054D087-FED5-4223-9186-BD87DF7ABB33 (Friendly Name: 321c411d-b664-437c-a90b-57bc3580599f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3255 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5048 | 2052 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3454962777-1193467816-118851255-648829682 | 3/11/2022 10:31:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC CDEE8C59-DFA8-4722-B786-1507F25AAC26--D054D087-FED5-4223-9186-BD87DF7ABB33 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3254 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5048 | 2052 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3454962777-1193467816-118851255-648829682 | 3/11/2022 10:31:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 5AD50702-E120-4543-8756-412ECE0EBE28--593E7C2A-FE2B-4466-A01D-59FDC5D47227 (Friendly Name: 95618ac2-4728-4b08-a134-c6bb5397723e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3253 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4756 | 5076 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1523910402-1162076448-776033927-683544270 | 3/11/2022 10:31:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5AD50702-E120-4543-8756-412ECE0EBE28--593E7C2A-FE2B-4466-A01D-59FDC5D47227 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3252 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4756 | 5076 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1523910402-1162076448-776033927-683544270 | 3/11/2022 10:31:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC CDEE8C59-DFA8-4722-B786-1507F25AAC26--D054D087-FED5-4223-9186-BD87DF7ABB33 (Friendly Name: 321c411d-b664-437c-a90b-57bc3580599f) successfully connected to port 73940FA8-FA26-4286-8EDF-D9E3D881396D (Friendly Name: 321c411d-b664-437c-a90b-57bc3580599f) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3251 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5048 | 3872 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3454962777-1193467816-118851255-648829682 | 3/11/2022 10:30:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic CDEE8C59-DFA8-4722-B786-1507F25AAC26--D054D087-FED5-4223-9186-BD87DF7ABB33 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3250 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5048 | 3872 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:30:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3) successfully connected to port 8906F6E2-2CDF-4073-98C3-776B4A753DE1 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3249 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1852 | 3168 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:30:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3248 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1852 | 3168 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:30:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3247 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5060 | 4180 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:30:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3246 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5060 | 4180 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:30:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3) successfully connected to port 8906F6E2-2CDF-4073-98C3-776B4A753DE1 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3245 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5060 | 4180 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:30:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3244 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5060 | 4180 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:30:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 19A62930-D4AE-4507-A9EB-F401086361A9--58628963-F144-4302-BAA0-774210EA5425 (Friendly Name: b9a95efe-9b65-4962-98fc-e82ee984c7b6) successfully connected to port 089A20BA-8D26-410D-8861-2E9BF2B2D921 (Friendly Name: b9a95efe-9b65-4962-98fc-e82ee984c7b6) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3243 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1552 | 1396 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-430319920-1158141102-32828329-2841731848 | 3/11/2022 10:30:36 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 19A62930-D4AE-4507-A9EB-F401086361A9--58628963-F144-4302-BAA0-774210EA5425 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3242 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1552 | 1396 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:30:36 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3241 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3896 | 4252 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:30:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3240 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3896 | 4252 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:30:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5AD50702-E120-4543-8756-412ECE0EBE28--593E7C2A-FE2B-4466-A01D-59FDC5D47227 (Friendly Name: 95618ac2-4728-4b08-a134-c6bb5397723e) successfully connected to port 1E7E384D-AE5D-490E-B103-FA29EB0E5ECB (Friendly Name: 95618ac2-4728-4b08-a134-c6bb5397723e) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3239 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4756 | 5076 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1523910402-1162076448-776033927-683544270 | 3/11/2022 10:30:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 5AD50702-E120-4543-8756-412ECE0EBE28--593E7C2A-FE2B-4466-A01D-59FDC5D47227 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3238 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4756 | 5076 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:30:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3237 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:30:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 57BBDE8A-2454-491A-A82D-124EC5CF8F78--4D58B2C5-9850-46CE-88FB-2337B87E3577 (Friendly Name: db3535c3-d975-4f0c-a20e-66a652eebac0). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3236 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3148 | 2368 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1471929994-1226450004-1309814184-2022690757 | 3/11/2022 10:30:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 57BBDE8A-2454-491A-A82D-124EC5CF8F78--4D58B2C5-9850-46CE-88FB-2337B87E3577 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3235 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3148 | 2368 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1471929994-1226450004-1309814184-2022690757 | 3/11/2022 10:30:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3A901E27-14C2-49CA-AB0C-C8C349C491ED--F0D1D1DA-F8B2-4996-9CB4-603E1A9C3F59 (Friendly Name: 874ef074-8120-4a1b-801a-205944d89694) successfully connected to port DE8FC2BD-9622-4774-AD8A-017558F4D5B6 (Friendly Name: 874ef074-8120-4a1b-801a-205944d89694) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3234 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4920 | 4948 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-982523431-1237980354-3284667563-3985753161 | 3/11/2022 10:30:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 3A901E27-14C2-49CA-AB0C-C8C349C491ED--F0D1D1DA-F8B2-4996-9CB4-603E1A9C3F59 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3233 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4920 | 4948 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:30:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 57BBDE8A-2454-491A-A82D-124EC5CF8F78--4D58B2C5-9850-46CE-88FB-2337B87E3577 (Friendly Name: db3535c3-d975-4f0c-a20e-66a652eebac0) successfully connected to port 00228874-FC51-42B8-8CF2-14B0576B2BFF (Friendly Name: db3535c3-d975-4f0c-a20e-66a652eebac0) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3232 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3148 | 2368 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1471929994-1226450004-1309814184-2022690757 | 3/11/2022 10:30:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 57BBDE8A-2454-491A-A82D-124EC5CF8F78--4D58B2C5-9850-46CE-88FB-2337B87E3577 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3231 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3148 | 2368 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:30:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 3A901E27-14C2-49CA-AB0C-C8C349C491ED--F0D1D1DA-F8B2-4996-9CB4-603E1A9C3F59 (Friendly Name: 874ef074-8120-4a1b-801a-205944d89694). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3230 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4660 | 4944 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-982523431-1237980354-3284667563-3985753161 | 3/11/2022 10:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3A901E27-14C2-49CA-AB0C-C8C349C491ED--F0D1D1DA-F8B2-4996-9CB4-603E1A9C3F59 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3229 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4660 | 4944 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-982523431-1237980354-3284667563-3985753161 | 3/11/2022 10:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 78D3E59A-D2DA-43B2-BAC8-C3EFCDE2CB36--9FB54B3F-C3FE-43CF-8854-3C3C451CA448 (Friendly Name: bccf174f-4a39-477c-b8a8-217c438a48d3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3228 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3204 | 3064 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2027152794-1135792858-4022585530-919331533 | 3/11/2022 10:29:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 78D3E59A-D2DA-43B2-BAC8-C3EFCDE2CB36--9FB54B3F-C3FE-43CF-8854-3C3C451CA448 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3227 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3204 | 3064 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2027152794-1135792858-4022585530-919331533 | 3/11/2022 10:29:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3A901E27-14C2-49CA-AB0C-C8C349C491ED--F0D1D1DA-F8B2-4996-9CB4-603E1A9C3F59 (Friendly Name: 874ef074-8120-4a1b-801a-205944d89694) successfully connected to port DE8FC2BD-9622-4774-AD8A-017558F4D5B6 (Friendly Name: 874ef074-8120-4a1b-801a-205944d89694) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3226 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4660 | 4864 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-982523431-1237980354-3284667563-3985753161 | 3/11/2022 10:29:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 3A901E27-14C2-49CA-AB0C-C8C349C491ED--F0D1D1DA-F8B2-4996-9CB4-603E1A9C3F59 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3225 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4660 | 4864 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:29:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3) successfully connected to port 8906F6E2-2CDF-4073-98C3-776B4A753DE1 (Friendly Name: 00d89d9b-fb6b-4ae5-b998-809f031805e3) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3224 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3896 | 2440 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3128094632-1294478543-2656815764-3958184675 | 3/11/2022 10:29:30 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BA72EFA8-2CCF-4D28-94CA-5B9EE31AEDEB--19859F17-6F54-4D34-A63F-5C83BBFD4502 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3223 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3896 | 2440 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:29:30 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic C2D4B804-9D07-444F-AD74-BAE2EB980F28--C1A8411B-8088-4E79-96F6-E6B007ED2A42 (Friendly Name: 579e963d-f9c2-4d2c-b787-c1f5e20158a1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3222 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 592 | 996 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3268720644-1146068231-3803870381-672110827 | 3/11/2022 10:29:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C2D4B804-9D07-444F-AD74-BAE2EB980F28--C1A8411B-8088-4E79-96F6-E6B007ED2A42 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3221 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 592 | 996 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3268720644-1146068231-3803870381-672110827 | 3/11/2022 10:29:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 64F029C2-5E39-4F10-A688-DBF088E739F5--61DD8E2F-058B-4DA9-8B35-D1BADE2E631F (Friendly Name: 77ffe50a-5a6e-4377-96e9-3b46e5b7d8c8). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3220 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5004 | 3480 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1693460930-1326472761-4040919206-4114212744 | 3/11/2022 10:29:16 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 64F029C2-5E39-4F10-A688-DBF088E739F5--61DD8E2F-058B-4DA9-8B35-D1BADE2E631F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3219 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5004 | 3480 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1693460930-1326472761-4040919206-4114212744 | 3/11/2022 10:29:16 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 3B9373C7-20A5-462A-AAC0-9D190DBF1CEB--83D2E00A-D8C0-450C-AFDE-79E2EBFE1D00 (Friendly Name: dd07c23a-13b3-403d-9fdc-eb1d789e0bf4). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3218 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4616 | 1272 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-999519175-1177165989-429768874-3944529677 | 3/11/2022 10:28:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3B9373C7-20A5-462A-AAC0-9D190DBF1CEB--83D2E00A-D8C0-450C-AFDE-79E2EBFE1D00 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3217 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4616 | 1272 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-999519175-1177165989-429768874-3944529677 | 3/11/2022 10:28:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C2D4B804-9D07-444F-AD74-BAE2EB980F28--C1A8411B-8088-4E79-96F6-E6B007ED2A42 (Friendly Name: 579e963d-f9c2-4d2c-b787-c1f5e20158a1) successfully connected to port D828C2CE-394F-42F5-B6E6-1209C50843B7 (Friendly Name: 579e963d-f9c2-4d2c-b787-c1f5e20158a1) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3216 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 592 | 5104 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3268720644-1146068231-3803870381-672110827 | 3/11/2022 10:28:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic C2D4B804-9D07-444F-AD74-BAE2EB980F28--C1A8411B-8088-4E79-96F6-E6B007ED2A42 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3215 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 592 | 5104 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:28:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 64F029C2-5E39-4F10-A688-DBF088E739F5--61DD8E2F-058B-4DA9-8B35-D1BADE2E631F (Friendly Name: 77ffe50a-5a6e-4377-96e9-3b46e5b7d8c8) successfully connected to port 2FF1408F-28BA-451B-AC51-40CC1B6915CF (Friendly Name: 77ffe50a-5a6e-4377-96e9-3b46e5b7d8c8) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3214 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5004 | 3480 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1693460930-1326472761-4040919206-4114212744 | 3/11/2022 10:28:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 64F029C2-5E39-4F10-A688-DBF088E739F5--61DD8E2F-058B-4DA9-8B35-D1BADE2E631F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3213 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5004 | 3480 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:28:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 78D3E59A-D2DA-43B2-BAC8-C3EFCDE2CB36--9FB54B3F-C3FE-43CF-8854-3C3C451CA448 (Friendly Name: bccf174f-4a39-477c-b8a8-217c438a48d3) successfully connected to port 06C39FDF-188C-493A-9D37-E97494CC8932 (Friendly Name: bccf174f-4a39-477c-b8a8-217c438a48d3) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3212 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3204 | 3068 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2027152794-1135792858-4022585530-919331533 | 3/11/2022 10:27:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 78D3E59A-D2DA-43B2-BAC8-C3EFCDE2CB36--9FB54B3F-C3FE-43CF-8854-3C3C451CA448 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3211 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3204 | 3068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:27:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3B9373C7-20A5-462A-AAC0-9D190DBF1CEB--83D2E00A-D8C0-450C-AFDE-79E2EBFE1D00 (Friendly Name: dd07c23a-13b3-403d-9fdc-eb1d789e0bf4) successfully connected to port 120FECD2-2A3A-4294-841A-CC72E8F2AEBB (Friendly Name: dd07c23a-13b3-403d-9fdc-eb1d789e0bf4) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3210 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4616 | 1284 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-999519175-1177165989-429768874-3944529677 | 3/11/2022 10:27:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 3B9373C7-20A5-462A-AAC0-9D190DBF1CEB--83D2E00A-D8C0-450C-AFDE-79E2EBFE1D00 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3209 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4616 | 1284 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:27:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic EFCB2227-283E-4440-850B-AE1A8B664AD3--98111475-089F-4800-B41E-007B2BAEE38E (Friendly Name: 420f933e-14c9-4838-bdb1-38a88a34a0b6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3208 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4164 | 5012 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4023067175-1145055294-447613829-3544868491 | 3/11/2022 10:27:39 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EFCB2227-283E-4440-850B-AE1A8B664AD3--98111475-089F-4800-B41E-007B2BAEE38E successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3207 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4164 | 5012 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4023067175-1145055294-447613829-3544868491 | 3/11/2022 10:27:39 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 6C691523-4505-4A1F-9C7A-785554688B8E--A2FDEAF0-7E82-4847-A89A-9CFBBE61A175 (Friendly Name: 156c0e10-fe62-4478-a33d-27d643ffdce2). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3206 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3792 | 4144 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1818826019-1243563269-1433959068-2391500884 | 3/11/2022 10:27:37 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6C691523-4505-4A1F-9C7A-785554688B8E--A2FDEAF0-7E82-4847-A89A-9CFBBE61A175 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3205 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3792 | 4144 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1818826019-1243563269-1433959068-2391500884 | 3/11/2022 10:27:37 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 831DC251-11C2-4C8F-90BA-1219A84CE3BF--BEA77370-609F-460C-998F-3655CC4904D3 (Friendly Name: a68e2a14-05b6-4ad1-b957-d74fed6b2a98). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3204 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1852 | 612 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2199765585-1284444610-420657808-3219344552 | 3/11/2022 10:27:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 831DC251-11C2-4C8F-90BA-1219A84CE3BF--BEA77370-609F-460C-998F-3655CC4904D3 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3203 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1852 | 612 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2199765585-1284444610-420657808-3219344552 | 3/11/2022 10:27:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic FB48057A-1095-4460-BFC5-09E69387ACC7--3E19BF0C-B5D3-4D0D-AE2F-E004A4CE97F1 (Friendly Name: ffb62d5b-02a6-4a1e-bb1e-b226caa189c5). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3202 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2576 | 3400 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4215801210-1147146389-3859400127-3349972883 | 3/11/2022 10:27:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC FB48057A-1095-4460-BFC5-09E69387ACC7--3E19BF0C-B5D3-4D0D-AE2F-E004A4CE97F1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3201 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2576 | 3400 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4215801210-1147146389-3859400127-3349972883 | 3/11/2022 10:27:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic D2FB34CC-9D52-4F2C-8921-62450AC48562--5D6B8E82-F580-443F-B9B2-CAD37F14EAE4 (Friendly Name: f1f11e97-64a9-4e43-bb0e-f02f445e45af). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3200 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3552 | 4028 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3539678412-1328323922-1164059017-1652933642 | 3/11/2022 10:27:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D2FB34CC-9D52-4F2C-8921-62450AC48562--5D6B8E82-F580-443F-B9B2-CAD37F14EAE4 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3199 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3552 | 4028 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3539678412-1328323922-1164059017-1652933642 | 3/11/2022 10:27:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6C691523-4505-4A1F-9C7A-785554688B8E--A2FDEAF0-7E82-4847-A89A-9CFBBE61A175 (Friendly Name: 156c0e10-fe62-4478-a33d-27d643ffdce2) successfully connected to port D3E7A0E2-E7C6-4E5B-BBAD-F253F81D37AC (Friendly Name: 156c0e10-fe62-4478-a33d-27d643ffdce2) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3198 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3792 | 4864 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1818826019-1243563269-1433959068-2391500884 | 3/11/2022 10:27:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6C691523-4505-4A1F-9C7A-785554688B8E--A2FDEAF0-7E82-4847-A89A-9CFBBE61A175 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3197 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3792 | 4864 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:27:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 0185C4E9-E7DA-4DF5-98FE-A36FAFABBBCB--8D2ED8C3-92D3-4D09-A806-75B2EDFF4EB0 (Friendly Name: c870b998-a2d4-4bb6-896e-e360580159f4). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3196 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1128 | 4648 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-25543913-1307961306-1873018520-3418074031 | 3/11/2022 10:26:53 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 0185C4E9-E7DA-4DF5-98FE-A36FAFABBBCB--8D2ED8C3-92D3-4D09-A806-75B2EDFF4EB0 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3195 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1128 | 4648 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-25543913-1307961306-1873018520-3418074031 | 3/11/2022 10:26:53 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3194 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:26:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EFCB2227-283E-4440-850B-AE1A8B664AD3--98111475-089F-4800-B41E-007B2BAEE38E (Friendly Name: 420f933e-14c9-4838-bdb1-38a88a34a0b6) successfully connected to port 4B37B2D6-05CC-456B-A390-CB6DBB9699CD (Friendly Name: 420f933e-14c9-4838-bdb1-38a88a34a0b6) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3193 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4164 | 2512 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4023067175-1145055294-447613829-3544868491 | 3/11/2022 10:26:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic EFCB2227-283E-4440-850B-AE1A8B664AD3--98111475-089F-4800-B41E-007B2BAEE38E (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3192 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4164 | 2512 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:26:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 330734CA-36E7-4F01-8FDD-056F2D4D6AB5--C733A831-FB5D-4256-B013-0578459786E0 (Friendly Name: ea139852-1ea4-4967-a38a-8a0807e90abc). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3191 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3496 | 4760 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-856110282-1325479655-1862655375-3043642669 | 3/11/2022 10:26:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 330734CA-36E7-4F01-8FDD-056F2D4D6AB5--C733A831-FB5D-4256-B013-0578459786E0 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3190 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3496 | 4760 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-856110282-1325479655-1862655375-3043642669 | 3/11/2022 10:26:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 0185C4E9-E7DA-4DF5-98FE-A36FAFABBBCB--8D2ED8C3-92D3-4D09-A806-75B2EDFF4EB0 (Friendly Name: c870b998-a2d4-4bb6-896e-e360580159f4) successfully connected to port E229B5BD-5B5C-4BEF-B969-75D18C98B30A (Friendly Name: c870b998-a2d4-4bb6-896e-e360580159f4) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3189 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1128 | 4332 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-25543913-1307961306-1873018520-3418074031 | 3/11/2022 10:26:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 0185C4E9-E7DA-4DF5-98FE-A36FAFABBBCB--8D2ED8C3-92D3-4D09-A806-75B2EDFF4EB0 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3188 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1128 | 4332 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:26:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Registry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3187 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1064 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:26:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 66F48558-4B29-4C24-A1DA-96B5A2D09BCD--FA2D32FA-1A9A-4DB2-B093-25D43E245BE7 (Friendly Name: 66fde011-9955-4224-a8ff-003e109aa7cc). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3186 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2440 | 4700 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1727300952-1277446953-3046562465-3449540770 | 3/11/2022 10:25:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 66F48558-4B29-4C24-A1DA-96B5A2D09BCD--FA2D32FA-1A9A-4DB2-B093-25D43E245BE7 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3185 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2440 | 4700 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1727300952-1277446953-3046562465-3449540770 | 3/11/2022 10:25:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 330734CA-36E7-4F01-8FDD-056F2D4D6AB5--C733A831-FB5D-4256-B013-0578459786E0 (Friendly Name: ea139852-1ea4-4967-a38a-8a0807e90abc) successfully connected to port F96F9D54-7AE3-41DF-B76F-6A44B4519BE5 (Friendly Name: ea139852-1ea4-4967-a38a-8a0807e90abc) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3184 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3496 | 2468 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-856110282-1325479655-1862655375-3043642669 | 3/11/2022 10:25:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 330734CA-36E7-4F01-8FDD-056F2D4D6AB5--C733A831-FB5D-4256-B013-0578459786E0 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3183 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3496 | 2468 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:25:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BCBFCDB3-C979-48CE-BD12-C20806256C7A--760014E2-A338-411A-8C2B-46EAFF9057F4 (Friendly Name: 79d4836e-e96f-4d58-833d-e565e4e16772). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3182 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4296 | 5096 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3166686643-1221511545-146936509-2053907718 | 3/11/2022 10:25:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BCBFCDB3-C979-48CE-BD12-C20806256C7A--760014E2-A338-411A-8C2B-46EAFF9057F4 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3181 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4296 | 5096 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3166686643-1221511545-146936509-2053907718 | 3/11/2022 10:25:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 66F48558-4B29-4C24-A1DA-96B5A2D09BCD--FA2D32FA-1A9A-4DB2-B093-25D43E245BE7 (Friendly Name: 66fde011-9955-4224-a8ff-003e109aa7cc) successfully connected to port E15B03AC-BF9D-4044-96B7-17516E2684F5 (Friendly Name: 66fde011-9955-4224-a8ff-003e109aa7cc) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3180 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2440 | 2364 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1727300952-1277446953-3046562465-3449540770 | 3/11/2022 10:25:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 66F48558-4B29-4C24-A1DA-96B5A2D09BCD--FA2D32FA-1A9A-4DB2-B093-25D43E245BE7 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3179 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2440 | 2364 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:25:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3178 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1064 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:25:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3177 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1232 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:25:30 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3176 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1232 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:25:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 07F0757A-C5AD-49E1-830F-262A2FC2121F--E959FE39-5F2A-41DA-B755-0EA3CBFA512B (Friendly Name: e6a90499-3e7e-4590-8b0e-451949097cb6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3175 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5012 | 3908 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-133199226-1239532973-707137411-521323055 | 3/11/2022 10:25:16 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 07F0757A-C5AD-49E1-830F-262A2FC2121F--E959FE39-5F2A-41DA-B755-0EA3CBFA512B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3174 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5012 | 3908 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-133199226-1239532973-707137411-521323055 | 3/11/2022 10:25:16 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic EAB0C8D6-47CC-40B9-B132-C12D6E12D51B--3CC3DB40-7204-491B-A0FC-B9F81442F125 (Friendly Name: e6060d47-d06a-45d4-9f68-d1a31ef5d4e0). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3173 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4000 | 2504 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3937454294-1085884364-767636145-466948718 | 3/11/2022 10:25:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EAB0C8D6-47CC-40B9-B132-C12D6E12D51B--3CC3DB40-7204-491B-A0FC-B9F81442F125 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3172 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4000 | 2504 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3937454294-1085884364-767636145-466948718 | 3/11/2022 10:25:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-11-A4-20 has moved from port BE360116-EB2A-4EC2-8433-48AEC0239059 (Friendly Name: e6060d47-d06a-45d4-9f68-d1a31ef5d4e0) to port BE360116-EB2A-4EC2-8433-48AEC0239059 (Friendly Name: e6060d47-d06a-45d4-9f68-d1a31ef5d4e0). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3171 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2548 | 3436 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:25:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EAB0C8D6-47CC-40B9-B132-C12D6E12D51B--3CC3DB40-7204-491B-A0FC-B9F81442F125 (Friendly Name: e6060d47-d06a-45d4-9f68-d1a31ef5d4e0) successfully connected to port BE360116-EB2A-4EC2-8433-48AEC0239059 (Friendly Name: e6060d47-d06a-45d4-9f68-d1a31ef5d4e0) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3170 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4000 | 2592 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3937454294-1085884364-767636145-466948718 | 3/11/2022 10:25:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic EAB0C8D6-47CC-40B9-B132-C12D6E12D51B--3CC3DB40-7204-491B-A0FC-B9F81442F125 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3169 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4000 | 2592 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:25:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic C0A3097B-1791-4817-A266-3C21CA0EC81E--04CA54F2-5A76-493D-AC78-143B862D015C (Friendly Name: 6e369460-4d71-4834-a31a-dae3196dd207). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3168 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1036 | 1132 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3231910267-1209472913-557606562-516427466 | 3/11/2022 10:24:31 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C0A3097B-1791-4817-A266-3C21CA0EC81E--04CA54F2-5A76-493D-AC78-143B862D015C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3167 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1036 | 1132 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3231910267-1209472913-557606562-516427466 | 3/11/2022 10:24:31 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic D9964D24-EA96-4519-AE8A-E2E98F1D9C08--9F48C3D9-F286-4D9E-8485-BDC8AD1CC57D (Friendly Name: 992c5bee-9a4a-4a0f-8028-32ac432c7c6f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3166 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4372 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3650506020-1159326358-3923937966-144448911 | 3/11/2022 10:24:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D9964D24-EA96-4519-AE8A-E2E98F1D9C08--9F48C3D9-F286-4D9E-8485-BDC8AD1CC57D successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3165 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4372 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3650506020-1159326358-3923937966-144448911 | 3/11/2022 10:24:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D9964D24-EA96-4519-AE8A-E2E98F1D9C08--9F48C3D9-F286-4D9E-8485-BDC8AD1CC57D (Friendly Name: 992c5bee-9a4a-4a0f-8028-32ac432c7c6f) successfully connected to port F9E59EA2-0F9A-4BBA-9968-191417494D99 (Friendly Name: 992c5bee-9a4a-4a0f-8028-32ac432c7c6f) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3164 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4372 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3650506020-1159326358-3923937966-144448911 | 3/11/2022 10:24:00 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D9964D24-EA96-4519-AE8A-E2E98F1D9C08--9F48C3D9-F286-4D9E-8485-BDC8AD1CC57D (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3163 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4372 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:24:00 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B1051598-69E5-40FD-A6D7-D1BE06C77BBA--8FF58877-3018-4D4D-B5B5-1095992C494B (Friendly Name: 78c82285-85eb-4993-b2ad-0220b21d20ed). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3162 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3168 | 2604 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2969900440-1090349541-3201423270-3128674054 | 3/11/2022 10:23:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B1051598-69E5-40FD-A6D7-D1BE06C77BBA--8FF58877-3018-4D4D-B5B5-1095992C494B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3161 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3168 | 2604 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2969900440-1090349541-3201423270-3128674054 | 3/11/2022 10:23:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-CD-F6-B7 has moved from port AA356751-548C-474A-B941-29C19445FC6E (Friendly Name: 78c82285-85eb-4993-b2ad-0220b21d20ed) to port AA356751-548C-474A-B941-29C19445FC6E (Friendly Name: 78c82285-85eb-4993-b2ad-0220b21d20ed). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3160 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2548 | 3436 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:23:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B1051598-69E5-40FD-A6D7-D1BE06C77BBA--8FF58877-3018-4D4D-B5B5-1095992C494B (Friendly Name: 78c82285-85eb-4993-b2ad-0220b21d20ed) successfully connected to port AA356751-548C-474A-B941-29C19445FC6E (Friendly Name: 78c82285-85eb-4993-b2ad-0220b21d20ed) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3159 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3168 | 4992 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2969900440-1090349541-3201423270-3128674054 | 3/11/2022 10:23:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3158 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:23:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3157 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:23:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B1051598-69E5-40FD-A6D7-D1BE06C77BBA--8FF58877-3018-4D4D-B5B5-1095992C494B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3156 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3168 | 4992 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:23:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 07F0757A-C5AD-49E1-830F-262A2FC2121F--E959FE39-5F2A-41DA-B755-0EA3CBFA512B (Friendly Name: e6a90499-3e7e-4590-8b0e-451949097cb6) successfully connected to port A2E83DF4-3993-4405-AAF5-1077F67C2D92 (Friendly Name: e6a90499-3e7e-4590-8b0e-451949097cb6) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3155 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5012 | 2572 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-133199226-1239532973-707137411-521323055 | 3/11/2022 10:23:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 07F0757A-C5AD-49E1-830F-262A2FC2121F--E959FE39-5F2A-41DA-B755-0EA3CBFA512B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3154 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5012 | 2572 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:23:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-19-A8-91 has moved from port 4FDD2828-76CA-43B7-8A71-C0406A9C1D95 (Friendly Name: br-data_External) to port 75700E11-60D4-4BF5-8CF0-B7FB2AA9DC13 (Friendly Name: f1f11e97-64a9-4e43-bb0e-f02f445e45af). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3153 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 0 | 0 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:23:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D2FB34CC-9D52-4F2C-8921-62450AC48562--5D6B8E82-F580-443F-B9B2-CAD37F14EAE4 (Friendly Name: f1f11e97-64a9-4e43-bb0e-f02f445e45af) successfully connected to port 75700E11-60D4-4BF5-8CF0-B7FB2AA9DC13 (Friendly Name: f1f11e97-64a9-4e43-bb0e-f02f445e45af) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3152 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3552 | 3812 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3539678412-1328323922-1164059017-1652933642 | 3/11/2022 10:23:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D2FB34CC-9D52-4F2C-8921-62450AC48562--5D6B8E82-F580-443F-B9B2-CAD37F14EAE4 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3151 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3552 | 3812 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:23:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3150 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:23:29 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 49A9040D-D144-4D8D-80D1-0E64EB36099B--9636AEDD-7E93-48A6-BECB-2EF047BCBE66 (Friendly Name: 7e464ae6-2560-4bd2-b856-2fb3abfe4a6e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3149 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3924 | 4668 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1235813389-1301139780-1678692736-2601072363 | 3/11/2022 10:23:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 49A9040D-D144-4D8D-80D1-0E64EB36099B--9636AEDD-7E93-48A6-BECB-2EF047BCBE66 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3148 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3924 | 4668 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1235813389-1301139780-1678692736-2601072363 | 3/11/2022 10:23:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3147 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:23:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3146 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:23:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 6A84765A-0483-4AFE-9C32-C9638CD39681--549A3F51-8AFF-4E3D-AB09-3AE8F270B5BF (Friendly Name: 2692608b-0c31-4901-8e59-8a872589264b). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3145 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3064 | 4904 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1787065946-1258161283-1674130076-2174145420 | 3/11/2022 10:23:15 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6A84765A-0483-4AFE-9C32-C9638CD39681--549A3F51-8AFF-4E3D-AB09-3AE8F270B5BF successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3144 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3064 | 4904 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1787065946-1258161283-1674130076-2174145420 | 3/11/2022 10:23:15 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 49A9040D-D144-4D8D-80D1-0E64EB36099B--9636AEDD-7E93-48A6-BECB-2EF047BCBE66 (Friendly Name: 7e464ae6-2560-4bd2-b856-2fb3abfe4a6e) successfully connected to port 84810D1D-B09F-4E21-9CAF-6B97F09C2D8F (Friendly Name: 7e464ae6-2560-4bd2-b856-2fb3abfe4a6e) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3143 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3924 | 5084 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1235813389-1301139780-1678692736-2601072363 | 3/11/2022 10:23:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 49A9040D-D144-4D8D-80D1-0E64EB36099B--9636AEDD-7E93-48A6-BECB-2EF047BCBE66 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3142 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3924 | 5084 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:23:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C0A3097B-1791-4817-A266-3C21CA0EC81E--04CA54F2-5A76-493D-AC78-143B862D015C (Friendly Name: 6e369460-4d71-4834-a31a-dae3196dd207) successfully connected to port 9344D500-183B-4CFE-8310-1D2DBC4E3740 (Friendly Name: 6e369460-4d71-4834-a31a-dae3196dd207) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3141 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1036 | 1392 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3231910267-1209472913-557606562-516427466 | 3/11/2022 10:22:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic C0A3097B-1791-4817-A266-3C21CA0EC81E--04CA54F2-5A76-493D-AC78-143B862D015C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3140 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1036 | 1392 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:22:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A5C55534-2AA0-409A-97A2-9821CF3A43DE--5F863614-396C-4D71-BAD2-742963158F9A (Friendly Name: 7e464ae6-2560-4bd2-b856-2fb3abfe4a6e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3139 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 696 | 2600 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2781173044-1083845280-563651223-3728947919 | 3/11/2022 10:22:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A5C55534-2AA0-409A-97A2-9821CF3A43DE--5F863614-396C-4D71-BAD2-742963158F9A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3138 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 696 | 2600 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2781173044-1083845280-563651223-3728947919 | 3/11/2022 10:22:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4418A7EB-1FFF-4B03-A4A2-03A8787940A3--127D1FB3-4EBB-423B-A800-162A0FA1D16A (Friendly Name: 949e3293-1de4-4cee-bd76-714fb7a89fba). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3137 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4192 | 4400 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1142466539-1258495999-2818810532-2738911608 | 3/11/2022 10:22:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4418A7EB-1FFF-4B03-A4A2-03A8787940A3--127D1FB3-4EBB-423B-A800-162A0FA1D16A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3136 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4192 | 4400 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1142466539-1258495999-2818810532-2738911608 | 3/11/2022 10:22:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic E12773E3-14D5-42B3-B4F8-7A29886EE492--30A629DD-9FAF-46D0-A092-11B674ACA3EB (Friendly Name: 6e7e528c-7919-4f17-b7cf-1983301dc473). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3135 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4380 | 1200 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3777459171-1119032533-695924916-2464444040 | 3/11/2022 10:22:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E12773E3-14D5-42B3-B4F8-7A29886EE492--30A629DD-9FAF-46D0-A092-11B674ACA3EB successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3134 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4380 | 1200 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3777459171-1119032533-695924916-2464444040 | 3/11/2022 10:22:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3133 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:22:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4B0A4EC2-A552-4362-8594-7C51B846F7F9--F0AC9DA4-A13C-437D-90B3-24EF6B5FC6DB (Friendly Name: f79c81e2-f6ca-4111-bd05-2f3ee9722ff3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3132 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4084 | 4940 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1258966722-1130538322-1367118981-4193732280 | 3/11/2022 10:22:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4B0A4EC2-A552-4362-8594-7C51B846F7F9--F0AC9DA4-A13C-437D-90B3-24EF6B5FC6DB successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3131 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4084 | 4940 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1258966722-1130538322-1367118981-4193732280 | 3/11/2022 10:22:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3130 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:22:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A5C55534-2AA0-409A-97A2-9821CF3A43DE--5F863614-396C-4D71-BAD2-742963158F9A (Friendly Name: 7e464ae6-2560-4bd2-b856-2fb3abfe4a6e) successfully connected to port 6A1D6319-6B90-46F1-87B0-177680C91868 (Friendly Name: 7e464ae6-2560-4bd2-b856-2fb3abfe4a6e) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3129 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 696 | 5020 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2781173044-1083845280-563651223-3728947919 | 3/11/2022 10:22:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A5C55534-2AA0-409A-97A2-9821CF3A43DE--5F863614-396C-4D71-BAD2-742963158F9A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3128 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 696 | 5020 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:22:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4B0A4EC2-A552-4362-8594-7C51B846F7F9--F0AC9DA4-A13C-437D-90B3-24EF6B5FC6DB (Friendly Name: f79c81e2-f6ca-4111-bd05-2f3ee9722ff3) successfully connected to port A6C5653B-8791-432A-B294-6762E7578AE6 (Friendly Name: f79c81e2-f6ca-4111-bd05-2f3ee9722ff3) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3127 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4084 | 3896 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1258966722-1130538322-1367118981-4193732280 | 3/11/2022 10:22:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4B0A4EC2-A552-4362-8594-7C51B846F7F9--F0AC9DA4-A13C-437D-90B3-24EF6B5FC6DB (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3126 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4084 | 3896 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:22:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3125 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:22:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3124 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:22:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC FB48057A-1095-4460-BFC5-09E69387ACC7--3E19BF0C-B5D3-4D0D-AE2F-E004A4CE97F1 (Friendly Name: ffb62d5b-02a6-4a1e-bb1e-b226caa189c5) successfully connected to port EE494DA8-68B8-4CE4-88D1-D733EB0764ED (Friendly Name: ffb62d5b-02a6-4a1e-bb1e-b226caa189c5) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3123 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2576 | 4828 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4215801210-1147146389-3859400127-3349972883 | 3/11/2022 10:22:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic FB48057A-1095-4460-BFC5-09E69387ACC7--3E19BF0C-B5D3-4D0D-AE2F-E004A4CE97F1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3122 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2576 | 4828 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:22:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4418A7EB-1FFF-4B03-A4A2-03A8787940A3--127D1FB3-4EBB-423B-A800-162A0FA1D16A (Friendly Name: 949e3293-1de4-4cee-bd76-714fb7a89fba) successfully connected to port BEE3D45A-D476-40DA-8BA6-A520D2179D14 (Friendly Name: 949e3293-1de4-4cee-bd76-714fb7a89fba) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3121 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4192 | 4400 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1142466539-1258495999-2818810532-2738911608 | 3/11/2022 10:21:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4418A7EB-1FFF-4B03-A4A2-03A8787940A3--127D1FB3-4EBB-423B-A800-162A0FA1D16A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3120 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4192 | 4400 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic EE9AB198-A3CC-42BD-968C-1560D66AA422--54708095-C258-4E14-A4AE-BD77190FA772 (Friendly Name: 7e464ae6-2560-4bd2-b856-2fb3abfe4a6e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3119 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5108 | 4428 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4003115416-1119724492-1612024982-581200598 | 3/11/2022 10:21:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EE9AB198-A3CC-42BD-968C-1560D66AA422--54708095-C258-4E14-A4AE-BD77190FA772 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3118 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5108 | 4428 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4003115416-1119724492-1612024982-581200598 | 3/11/2022 10:21:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6A84765A-0483-4AFE-9C32-C9638CD39681--549A3F51-8AFF-4E3D-AB09-3AE8F270B5BF (Friendly Name: 2692608b-0c31-4901-8e59-8a872589264b) successfully connected to port 3154B4AA-E490-47B9-B2F7-D2FC75AA40AB (Friendly Name: 2692608b-0c31-4901-8e59-8a872589264b) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3117 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3064 | 4904 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1787065946-1258161283-1674130076-2174145420 | 3/11/2022 10:21:37 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6A84765A-0483-4AFE-9C32-C9638CD39681--549A3F51-8AFF-4E3D-AB09-3AE8F270B5BF (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3116 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3064 | 4904 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:37 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-79-9C-BD has moved from port 99385266-FAF9-42A4-858F-637D1107B5F4 (Friendly Name: 79d4836e-e96f-4d58-833d-e565e4e16772) to port 99385266-FAF9-42A4-858F-637D1107B5F4 (Friendly Name: 79d4836e-e96f-4d58-833d-e565e4e16772). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3115 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2548 | 3436 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BCBFCDB3-C979-48CE-BD12-C20806256C7A--760014E2-A338-411A-8C2B-46EAFF9057F4 (Friendly Name: 79d4836e-e96f-4d58-833d-e565e4e16772) successfully connected to port 99385266-FAF9-42A4-858F-637D1107B5F4 (Friendly Name: 79d4836e-e96f-4d58-833d-e565e4e16772) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3114 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4296 | 4044 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3166686643-1221511545-146936509-2053907718 | 3/11/2022 10:21:31 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BCBFCDB3-C979-48CE-BD12-C20806256C7A--760014E2-A338-411A-8C2B-46EAFF9057F4 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3113 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4296 | 4044 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:31 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 3FADAD3D-94DE-4D0C-81E5-CD545E73CDAD--EE7A72AC-666D-45C5-B7B3-FDBA638A4057 (Friendly Name: 588c5c74-5efd-443b-9ab2-426beff60291). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3112 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 732 | 4632 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1068346685-1292670174-1422779777-2915922782 | 3/11/2022 10:21:29 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3FADAD3D-94DE-4D0C-81E5-CD545E73CDAD--EE7A72AC-666D-45C5-B7B3-FDBA638A4057 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3111 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 732 | 4632 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1068346685-1292670174-1422779777-2915922782 | 3/11/2022 10:21:29 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3110 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 99B9DBF2-42FB-4F93-ABC2-BA534CA794D2--82728C61-DE06-4BCA-8B56-C273EFCDFD7A (Friendly Name: d40d83d4-e58e-489f-9a50-095554c62f01). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3109 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3924 | 2724 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2579094514-1335051003-1404748459-3532957516 | 3/11/2022 10:21:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 99B9DBF2-42FB-4F93-ABC2-BA534CA794D2--82728C61-DE06-4BCA-8B56-C273EFCDFD7A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3108 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3924 | 2724 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2579094514-1335051003-1404748459-3532957516 | 3/11/2022 10:21:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3107 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 99B9DBF2-42FB-4F93-ABC2-BA534CA794D2--82728C61-DE06-4BCA-8B56-C273EFCDFD7A (Friendly Name: d40d83d4-e58e-489f-9a50-095554c62f01) successfully connected to port 0D1AECDE-FBAB-43E3-A3D8-818ADAA4B32E (Friendly Name: d40d83d4-e58e-489f-9a50-095554c62f01) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3106 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3924 | 2724 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2579094514-1335051003-1404748459-3532957516 | 3/11/2022 10:21:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 99B9DBF2-42FB-4F93-ABC2-BA534CA794D2--82728C61-DE06-4BCA-8B56-C273EFCDFD7A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3105 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3924 | 2724 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3104 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
NTLM is a weaker authentication mechanism. Please check:
Which applications are using NTLM authentication?
Are there configuration issues preventing the use of stronger authentication such as Kerberos authentication?
If NTLM must be supported, is Extended Protection configured?
Details on how to complete these checks can be found at http://go.microsoft.com/fwlink/?LinkId=225699. | 6038 | 0 | 0 | 3 | 0 | 0 | 36028797018963968 | 3103 | LsaSrv | 199fe037-2b82-40a9-82ac-e1d46c792b99 | System | 0 | 0 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3102 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:21:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3101 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:21:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 831DC251-11C2-4C8F-90BA-1219A84CE3BF--BEA77370-609F-460C-998F-3655CC4904D3 (Friendly Name: a68e2a14-05b6-4ad1-b957-d74fed6b2a98) successfully connected to port 00A44C00-8DC4-4B8D-9B01-9650A6E59E95 (Friendly Name: a68e2a14-05b6-4ad1-b957-d74fed6b2a98) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3100 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1852 | 612 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2199765585-1284444610-420657808-3219344552 | 3/11/2022 10:21:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 831DC251-11C2-4C8F-90BA-1219A84CE3BF--BEA77370-609F-460C-998F-3655CC4904D3 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3099 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1852 | 612 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EE9AB198-A3CC-42BD-968C-1560D66AA422--54708095-C258-4E14-A4AE-BD77190FA772 (Friendly Name: 7e464ae6-2560-4bd2-b856-2fb3abfe4a6e) successfully connected to port 3ED11F65-15B4-4656-BFCF-9960BB060169 (Friendly Name: 7e464ae6-2560-4bd2-b856-2fb3abfe4a6e) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3098 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5108 | 4428 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-4003115416-1119724492-1612024982-581200598 | 3/11/2022 10:21:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic EE9AB198-A3CC-42BD-968C-1560D66AA422--54708095-C258-4E14-A4AE-BD77190FA772 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3097 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5108 | 4428 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3FADAD3D-94DE-4D0C-81E5-CD545E73CDAD--EE7A72AC-666D-45C5-B7B3-FDBA638A4057 (Friendly Name: 588c5c74-5efd-443b-9ab2-426beff60291) successfully connected to port A27F2DED-7573-483E-9F3A-0952787BDA1A (Friendly Name: 588c5c74-5efd-443b-9ab2-426beff60291) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3096 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 732 | 3080 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-1068346685-1292670174-1422779777-2915922782 | 3/11/2022 10:21:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 3FADAD3D-94DE-4D0C-81E5-CD545E73CDAD--EE7A72AC-666D-45C5-B7B3-FDBA638A4057 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3095 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 732 | 3080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:21:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Status 0x00001069 determining that device interface \\?\{8e7bd593-6e6c-4c52-86a6-77175494dd8e}#MsVhdHba#1&3030e83&0&01#{2accfe60-c130-11d2-b082-00a0c91efb8b} does not support iSCSI WMI interfaces. If this device is not an iSCSI HBA then this error can be ignored. | 108 | | 0 | 3 | 0 | | 36028797018963968 | 3094 | MSiSCSI | | System | | | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:20:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 7B867AC3-8924-4769-A9AF-6E36C34721E0--8D26E14D-BA10-42B6-8A3D-BCFE98BF102F (Friendly Name: c7cf7f29-dd5a-431f-9e5e-11809354f2fd). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3093 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4288 | 872 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2072410819-1198098724-913223593-3760277443 | 3/11/2022 10:20:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7B867AC3-8924-4769-A9AF-6E36C34721E0--8D26E14D-BA10-42B6-8A3D-BCFE98BF102F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3092 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4288 | 872 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2072410819-1198098724-913223593-3760277443 | 3/11/2022 10:20:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E12773E3-14D5-42B3-B4F8-7A29886EE492--30A629DD-9FAF-46D0-A092-11B674ACA3EB (Friendly Name: 6e7e528c-7919-4f17-b7cf-1983301dc473) successfully connected to port BA0E3F77-A9D4-4A5C-82E4-AE9273C4DEA7 (Friendly Name: 6e7e528c-7919-4f17-b7cf-1983301dc473) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3091 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4380 | 1200 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-3777459171-1119032533-695924916-2464444040 | 3/11/2022 10:20:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic E12773E3-14D5-42B3-B4F8-7A29886EE492--30A629DD-9FAF-46D0-A092-11B674ACA3EB (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3090 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4380 | 1200 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:20:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7B867AC3-8924-4769-A9AF-6E36C34721E0--8D26E14D-BA10-42B6-8A3D-BCFE98BF102F (Friendly Name: c7cf7f29-dd5a-431f-9e5e-11809354f2fd) successfully connected to port 9CBF0165-DF5B-463B-98B9-290AEA9886FA (Friendly Name: c7cf7f29-dd5a-431f-9e5e-11809354f2fd) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3089 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4288 | 872 | n-h2-833234-1.cbci-833234-1.local | S-1-5-83-1-2072410819-1198098724-913223593-3760277443 | 3/11/2022 10:20:43 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7B867AC3-8924-4769-A9AF-6E36C34721E0--8D26E14D-BA10-42B6-8A3D-BCFE98BF102F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3088 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4288 | 872 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:20:43 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3087 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:20:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3086 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:20:30 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3085 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:20:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Biometric Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3084 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:19:38 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3083 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:19:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3082 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:19:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3081 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:19:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3080 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:18:53 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3079 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:18:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3078 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:18:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3077 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:18:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3076 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:18:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3075 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:18:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3074 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:18:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3073 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:18:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3072 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:18:15 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The neutron-hyperv-agent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3071 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:17:15 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user CBCI-833234-1\administrator SID (S-1-5-21-197958813-3371425792-2405213916-500) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3070 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 980 | 1016 | n-h2-833234-1.cbci-833234-1.local | S-1-5-21-197958813-3371425792-2405213916-500 | 3/11/2022 10:17:15 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the neutron-hyperv-agent service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3069 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 10:17:15 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nova-compute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3068 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:17:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user CBCI-833234-1\administrator SID (S-1-5-21-197958813-3371425792-2405213916-500) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3067 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 980 | 1016 | n-h2-833234-1.cbci-833234-1.local | S-1-5-21-197958813-3371425792-2405213916-500 | 3/11/2022 10:17:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nova-compute service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3066 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 10:17:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3065 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:17:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3064 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1232 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:17:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3063 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1432 | 3448 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:17:01 AM | 8a3dfe78-cbf2-4e14-963a-f651021f9899 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3062 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3061 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1432 | 3448 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:50 AM | db2c9dfa-d9e3-4f33-8bf4-d0e331d4aee9 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source VM IC Time Synchronization Provider. | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3060 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1020 | 1864 | n-h2-833234-1.cbci-833234-1.local | S-1-5-19 | 3/11/2022 10:16:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3059 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:41 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3058 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:38 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 3057 | Virtual Disk Service | | System | | | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:38 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3056 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 3055 | Virtual Disk Service | | System | | | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3054 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 980 | 96 | n-h2-833234-1.cbci-833234-1.local | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 10:16:31 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from n-ad-833234-1.cbci-833234-1.local (ntp.d|0.0.0.0:123->10.222.0.50:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3053 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1020 | 1864 | n-h2-833234-1.cbci-833234-1.local | S-1-5-19 | 3/11/2022 10:16:30 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\cloudbase-init SID (S-1-5-21-252155598-1610117697-765364086-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3052 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 980 | 96 | n-h2-833234-1.cbci-833234-1.local | S-1-5-21-252155598-1610117697-765364086-1000 | 3/11/2022 10:16:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The W32Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3051 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system failed to register pointer (PTR) resource records (RRs) for network adapter
with settings:
Adapter Name : {9697FD74-6DAB-4D23-A617-39F3982A0807}
Host Name : n-h2-833234-1
Adapter-specific Domain Suffix : cbci-833234-1.local
DNS server list :
10.222.0.50, 8.8.8.8, 4.4.4.4
Sent update to server : <?>
IP Address :
10.222.0.26
The reason the system could not register these RRs during the update request was because of a system problem. You can manually retry DNS registration of the network adapter and its settings by typing 'ipconfig /registerdns' at the command prompt. If problems still persist, contact your DNS server or network systems administrator. See event details for specific error code information. | 8014 | 0 | | 4 | 1028 | 0 | 4611686018427387904 | 3050 | Microsoft-Windows-DNS-Client | 1c95126e-7eea-49a9-a3fe-a378b03ddb4d | System | 1116 | 2884 | n-h2-833234-1.cbci-833234-1.local | S-1-5-20 | 3/11/2022 10:16:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3049 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3048 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1432 | 3448 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:24 AM | 262c8ae9-7aec-4833-95f7-9cea7091746c | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wuauserv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3047 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3046 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3045 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3044 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1432 | 2816 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:24 AM | d983b016-5d67-44e7-b52d-62417721712b | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3043 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1244 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The swprv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3042 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1244 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmcompute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3041 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1292 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The firewall exception to allow Internet Storage Name Server (iSNS) client functionality is not enabled. iSNS client functionality is not available. | 121 | | 0 | 3 | 0 | | 36028797018963968 | 3040 | MSiSCSI | | System | | | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wlidsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3039 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 860 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3038 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MSiSCSI service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3037 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 3036 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 504 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3035 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1244 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 3034 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 804 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\cloudbase-init SID (S-1-5-21-252155598-1610117697-765364086-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3033 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 980 | 1504 | n-h2-833234-1.cbci-833234-1.local | S-1-5-21-252155598-1610117697-765364086-1000 | 3/11/2022 10:16:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 3032 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 500 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3031 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:10.222.0.26 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3030 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 1432 | 2260 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3029 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The KeyIso service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3028 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3027 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1292 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3026 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1292 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3025 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1244 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3024 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1068 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3023 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A new self signed certificate to be used for RD Session Host Server authentication on SSL connections was generated. The name on this certificate is n-h2-833234-1.cbci-833234-1.local. The SHA1 hash of the certificate is in the event data. | 1056 | 0 | 49152 | 4 | 0 | 0 | 36028797018963968 | 3022 | Microsoft-Windows-TerminalServices-RemoteConnectionManager | c76baa63-ae81-421c-b425-340b4b24157f | System | 0 | 0 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3021 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 544 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3020 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3019 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3018 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TimeBrokerSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3017 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3016 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3015 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1232 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3014 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1236 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3013 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1296 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3012 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1072 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3011 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 552 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3010 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SessionEnv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3009 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3008 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3007 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Netlogon service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3006 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3005 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3004 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3003 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3002 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3001 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3000 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CertPropSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2999 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1240 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2998 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IKEEXT service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2997 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2996 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2995 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) is now operational. | 23 | 0 | | 4 | 1016 | 0 | -9223372036854775808 | 2994 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 500 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2993 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 500 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2992 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 500 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UmRdpService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2991 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 2990 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2989 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2988 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2987 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2986 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcbService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2985 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PolicyAgent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2984 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2983 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2982 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1064 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2981 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2980 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2979 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1232 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2978 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2977 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2976 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2975 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2974 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2973 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2972 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1080 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2971 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1072 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2970 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 224 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2969 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 224 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2968 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 224 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?03?-?11T10:16:18.823000000Z from ?2022?-?03?-?11T10:16:18.905176800Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2967 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 372 | 1352 | n-h2-833234-1.cbci-833234-1.local | S-1-5-19 | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2966 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2965 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2964 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2963 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1288 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2962 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2961 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 372 | 1184 | n-h2-833234-1.cbci-833234-1.local | S-1-5-19 | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TermService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2960 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2959 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 372 | 1108 | n-h2-833234-1.cbci-833234-1.local | S-1-5-19 | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2958 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2957 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 552 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2956 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1072 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2955 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2954 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2953 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2952 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2951 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2950 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2949 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2948 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2947 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 816 | 820 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:17 AM | 071be110-3531-0005-12e1-1b073135d801 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2946 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 688 | 692 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:16 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2945 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 500 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) is now operational. | 23 | 0 | | 4 | 1016 | 0 | -9223372036854775808 | 2944 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 136 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2943 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) is no longer operational. | 24 | 0 | | 4 | 1017 | 0 | -9223372036854775808 | 2942 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 136 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Protocol NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) successfully bound to port 4FDD2828-76CA-43B7-8A71-C0406A9C1D95 (Friendly Name: br-data_External) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 17 | 0 | | 4 | 1012 | 0 | -9223372036854775808 | 2941 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 136 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) successfully connected to port 4FDD2828-76CA-43B7-8A71-C0406A9C1D95 (Friendly Name: br-data_External) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2940 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 136 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully updated NIC NDIS QoS with Miniport NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) | 191 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2939 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 136 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2938 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 136 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2937 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2936 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2935 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2934 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2933 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2932 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2931 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2930 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2929 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2928 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2927 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2926 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| If Digest support selected for iSCSI Session, Will use Processor support for Digest computation. | 67 | | 16384 | 4 | 0 | | 36028797018963968 | 2925 | iScsiPrt | | System | | | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Switch D9182D54-28AB-4BB4-9BE6-68622A6F314B (Friendly Name: br-data) successfully initialized. | 9 | 0 | | 4 | 1005 | 0 | -9223372036854775808 | 2924 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 184 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D9182D54-28AB-4BB4-9BE6-68622A6F314B (Friendly Name: br-data) successfully connected to port D9182D54-28AB-4BB4-9BE6-68622A6F314B (Friendly Name: br-data) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2923 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 184 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D9182D54-28AB-4BB4-9BE6-68622A6F314B (Friendly Name: br-data). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2922 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 184 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2921 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2920 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 224 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2919 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2918 | VfpExt | | System | | | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2917 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume C: (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2916 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 224 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2915 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2914 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2913 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2912 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2911 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2910 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2909 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2908 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2907 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2906 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2905 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2904 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2022?-?03?-?11T10:16:09.480674700Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2903 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | n-h2-833234-1.cbci-833234-1.local | S-1-5-18 | 3/11/2022 10:16:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2022?-?03?-?11T10:16:01.959223200Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2902 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 2896 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2901 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 684 | 688 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:15:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Initiator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2900 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2899 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system uptime is 9 seconds. | 6013 | | 32768 | 4 | 0 | | 36028797018963968 | 2898 | EventLog | | System | | | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2897 | EventLog | | System | | | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2896 | EventLog | | System | | | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:16:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2895 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2894 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2893 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2892 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2891 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2890 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2889 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1.cbci-833234-1.local | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2888 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2887 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2886 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2885 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IKE and AuthIP IPsec Keying Modules service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2884 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2883 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2882 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2492 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2881 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2492 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2880 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2492 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2879 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1424 | 1532 | n-h2-833234-1 | S-1-5-19 | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2878 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1424 | 1564 | n-h2-833234-1 | S-1-5-19 | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Target Server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2877 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2492 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Software Shadow Copy Provider service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2876 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2492 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2875 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2492 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IPsec Policy Agent service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2874 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2492 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2873 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2492 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2872 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2492 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Install Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2871 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 4812 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2870 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 5068 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services UserMode Port Redirector service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2869 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 4660 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2868 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 4660 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?03?-?11T10:15:57.454000000Z from ?2022?-?03?-?11T10:15:57.471012300Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2867 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1432 | 1508 | n-h2-833234-1 | S-1-5-19 | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HV Host Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2866 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 4604 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2865 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 5068 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2864 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 5068 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2863 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 5068 | n-h2-833234-1 | | 3/11/2022 10:15:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2862 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2452 | n-h2-833234-1 | | 3/11/2022 10:15:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2861 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2452 | n-h2-833234-1 | | 3/11/2022 10:15:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2860 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2452 | n-h2-833234-1 | | 3/11/2022 10:15:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2859 | EventLog | | System | | | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is not listening for WS-Management requests.
User Action
If you did not intentionally stop the service, use the following command to see the WinRM configuration:
winrm enumerate winrm/config/listener | 10149 | 0 | 7 | 3 | 0 | 0 | 36028797018963968 | 2858 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | n-h2-833234-1 | | 3/11/2022 10:15:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\system32\shutdown.exe (N-H2-833234-1) has initiated the restart of computer N-H2-833234-1 on behalf of user N-H2-833234-1\Admin for the following reason: No title for this reason could be found
Reason Code: 0x800000ff
Shutdown Type: restart
Comment: Reboot initiated by Ansible | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2857 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 588 | 2940 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 10:15:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2856 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 10:15:53 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Netlogon service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2855 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2452 | n-h2-833234-1 | | 3/11/2022 10:15:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The machine n-h2-833234-1 successfully joined the domain cbci-833234-1.local. | 4096 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2854 | NetJoin | 9741fd4e-3757-479f-a3c6-fc49f6d5edd0 | System | 1332 | 2068 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 10:15:52 AM | 00000000-0000-0000-0100-000000000000 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Connectivity Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2853 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 5068 | n-h2-833234-1 | | 3/11/2022 10:15:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| This computer has been successfully joined to domain 'cbci-833234-1.local'. | 3260 | | 0 | 4 | 0 | | 36028797018963968 | 2852 | Workstation | | System | | | n-h2-833234-1 | | 3/11/2022 10:15:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2851 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 4176 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 10:15:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2850 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 4176 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 10:15:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2849 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 4176 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 10:15:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2848 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 10:15:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2847 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2148 | n-h2-833234-1 | | 3/11/2022 10:15:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2846 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 10:08:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2845 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:58:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2844 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:57:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2843 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:56:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2842 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:50:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2841 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2148 | n-h2-833234-1 | | 3/11/2022 9:49:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2840 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2148 | n-h2-833234-1 | | 3/11/2022 9:49:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The firewall exception to allow Internet Storage Name Server (iSNS) client functionality is not enabled. iSNS client functionality is not available. | 121 | | 0 | 3 | 0 | | 36028797018963968 | 2839 | MSiSCSI | | System | | | n-h2-833234-1 | | 3/11/2022 9:48:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Initiator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2838 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2148 | n-h2-833234-1 | | 3/11/2022 9:48:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2837 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2148 | n-h2-833234-1 | | 3/11/2022 9:48:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2836 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2148 | n-h2-833234-1 | | 3/11/2022 9:48:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| If Digest support selected for iSCSI Session, Will use Processor support for Digest computation. | 67 | | 16384 | 4 | 0 | | 36028797018963968 | 2835 | iScsiPrt | | System | | | n-h2-833234-1 | | 3/11/2022 9:48:16 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2834 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2148 | n-h2-833234-1 | | 3/11/2022 9:48:16 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft iSCSI Initiator Service service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2833 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 2148 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:48:16 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2832 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:48:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2831 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2830 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:47:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2829 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2828 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2827 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:47:41 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2826 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:47:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2825 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:47:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2824 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:47:00 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2823 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:46:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2822 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1772 | n-h2-833234-1 | | 3/11/2022 9:46:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2821 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:46:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2820 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:45:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2819 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:45:15 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2818 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:45:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2817 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:45:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2816 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:45:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2815 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:42:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2814 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:41:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2813 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:41:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2812 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:41:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2811 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:41:39 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2810 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:41:31 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2809 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:41:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2808 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:41:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2807 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:40:41 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2806 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:40:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2805 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:40:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2804 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:40:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2803 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:40:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2802 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:38:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2801 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:38:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2800 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:38:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2799 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:38:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2798 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:37:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2797 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:37:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2796 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:36:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Registry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2795 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:36:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The App Readiness service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2794 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:36:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2793 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:35:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2792 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:35:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2791 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:35:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2790 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:35:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2789 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:35:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2788 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:34:37 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2787 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:33:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2786 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:37 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2785 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2784 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2783 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:33:30 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2782 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:30 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2781 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2780 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:25 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2779 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2778 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2777 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:15 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2776 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2775 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2774 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:33:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2773 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2772 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:33:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2771 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:33:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2770 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:32:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2769 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:32:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2768 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1772 | n-h2-833234-1 | | 3/11/2022 9:32:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2767 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:32:15 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2766 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:32:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2765 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:32:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2764 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1772 | n-h2-833234-1 | | 3/11/2022 9:31:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2763 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:31:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2762 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:31:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2761 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:31:41 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2760 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:31:39 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2759 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1432 | 1624 | n-h2-833234-1 | S-1-5-19 | 3/11/2022 9:31:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2758 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1432 | 744 | n-h2-833234-1 | S-1-5-19 | 3/11/2022 9:31:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2757 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:30:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2756 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:30:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2755 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:41 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2754 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:39 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2753 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1772 | n-h2-833234-1 | | 3/11/2022 9:30:38 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2752 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:37 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2751 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:36 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushsvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2750 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1772 | n-h2-833234-1 | | 3/11/2022 9:30:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2749 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2748 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:31 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2747 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:29 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2746 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1884 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2745 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1008 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2744 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1008 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2743 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1008 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Biometric Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2742 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1772 | n-h2-833234-1 | | 3/11/2022 9:30:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2741 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 992 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:30:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2740 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-20 | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) successfully connected to port 4FDD2828-76CA-43B7-8A71-C0406A9C1D95 (Friendly Name: br-data_External) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2739 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2412 | 2420 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) is now operational. | 23 | 0 | | 4 | 1016 | 0 | -9223372036854775808 | 2738 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 3732 | n-h2-833234-1 | | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2737 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3732 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) is no longer operational. | 24 | 0 | | 4 | 1017 | 0 | -9223372036854775808 | 2736 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 3732 | n-h2-833234-1 | | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Protocol NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) successfully bound to port (Friendly Name: ) on switch (Friendly Name: ). | 17 | 0 | | 4 | 1012 | 0 | -9223372036854775808 | 2735 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 3732 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully updated NIC NDIS QoS with Miniport NIC /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: Microsoft Hyper-V Network Adapter #2) | 191 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2734 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 3732 | n-h2-833234-1 | | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic /DEVICE/{877CFF05-BCF0-437E-8C2F-642125FC5AD4} (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2733 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 3732 | n-h2-833234-1 | | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Initialization failed because the driver device could not be created. Use the string "FA163EC2F284" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the Globally Unique Interface Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither the MAC address nor the GUID were available, the string represents a cluster device name. | 4311 | | 49152 | 2 | 0 | | 36028797018963968 | 2732 | NetBT | | System | | | n-h2-833234-1 | | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2731 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3732 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2730 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 560 | 2716 | n-h2-833234-1 | | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2729 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3732 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' is halting | 6 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2728 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3732 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal is no longer active. | 4201 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2727 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 612 | 2884 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2726 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3732 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver wvms_mp.inf_amd64_e1065995a017ab1b\wvms_mp.inf for Device Instance ID ROOT\VMS_VSMP\0000 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2725 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 3992 | 3088 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Switch D9182D54-28AB-4BB4-9BE6-68622A6F314B (Friendly Name: br-data) successfully initialized. | 9 | 0 | | 4 | 1005 | 0 | -9223372036854775808 | 2724 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2412 | 2132 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D9182D54-28AB-4BB4-9BE6-68622A6F314B (Friendly Name: br-data) successfully connected to port D9182D54-28AB-4BB4-9BE6-68622A6F314B (Friendly Name: br-data) on switch D9182D54-28AB-4BB4-9BE6-68622A6F314B(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2723 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2412 | 2132 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D9182D54-28AB-4BB4-9BE6-68622A6F314B (Friendly Name: br-data). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2722 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2412 | 2132 | n-h2-833234-1 | | 3/11/2022 9:30:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: VMSMP
Service File Name: \SystemRoot\System32\drivers\vmswitch.sys
Service Type: kernel mode driver
Service Start Type: demand start
Service Account: | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2721 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:30:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2720 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:30:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2719 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:29:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2718 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:29:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2717 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1632 | n-h2-833234-1 | S-1-5-20 | 3/11/2022 9:29:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the neutron-hyperv-agent service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2716 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1472 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:29:54 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: neutron-hyperv-agent
Service File Name: c:\openstack\bin\OpenStackService.exe neutron-hyperv-agent c:\python38\scripts\neutron-hyperv-agent.exe --config-file c:\openstack\etc\neutron-hyperv-agent.conf
Service Type: user mode service
Service Start Type: auto start
Service Account: LocalSystem | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2715 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:29:53 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nova-compute service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2714 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1472 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:29:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2713 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1472 | n-h2-833234-1 | | 3/11/2022 9:29:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2712 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1472 | n-h2-833234-1 | | 3/11/2022 9:29:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: nova-compute
Service File Name: c:\openstack\bin\OpenStackService.exe nova-compute c:\python38\scripts\nova-compute.exe --config-file c:\openstack\etc\nova.conf
Service Type: user mode service
Service Start Type: auto start
Service Account: LocalSystem | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2711 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:29:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2710 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1632 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:29:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IKE and AuthIP IPsec Keying Modules service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2709 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1472 | n-h2-833234-1 | | 3/11/2022 9:29:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the IKE and AuthIP IPsec Keying Modules service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2708 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1472 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:29:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2707 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:29:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2706 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:29:37 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2705 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:29:31 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2704 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:29:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2703 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:29:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2702 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:29:08 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2701 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:29:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2700 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:29:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2699 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:28:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2698 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:28:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2697 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:28:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2696 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:28:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2695 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:28:43 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2694 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:28:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2693 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:28:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2692 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:28:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2691 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1632 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:28:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2690 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:27:53 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PolicyAgent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2689 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:27:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| SSL Certificate Settings created by an admin process for endpoint : 0.0.0.0:5986 . | 15301 | 0 | 32768 | 3 | 0 | 0 | 36028797018963968 | 2688 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 1712 | n-h2-833234-1 | | 3/11/2022 9:27:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Reservation for namespace identified by URL prefix https://+:5986/wsman/ was successfully added. | 15007 | 0 | 16384 | 4 | 0 | 0 | 36028797018963968 | 2687 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 1712 | n-h2-833234-1 | | 3/11/2022 9:27:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Reservation for namespace identified by URL prefix https://+:5986/wsman/ was successfully deleted. | 15008 | 0 | 16384 | 4 | 0 | 0 | 36028797018963968 | 2686 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 1712 | n-h2-833234-1 | | 3/11/2022 9:27:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2685 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:27:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 2684 | Virtual Disk Service | | System | | | n-h2-833234-1 | | 3/11/2022 9:27:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2683 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:27:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 2682 | Virtual Disk Service | | System | | | n-h2-833234-1 | | 3/11/2022 9:27:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\Admin SID (S-1-5-21-252155598-1610117697-765364086-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2681 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 996 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1001 | 3/11/2022 9:27:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2680 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:27:21 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrustedInstaller service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2679 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:27:16 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TBS device identifier has been generated. | 1282 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2678 | Microsoft-Windows-TPM-WMI | 7d5387b0-cbe0-11da-a94d-0800200c9a66 | System | 2204 | 3380 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:27:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\cloudbase-init SID (S-1-5-21-252155598-1610117697-765364086-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2677 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1632 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1000 | 3/11/2022 9:27:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2676 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:27:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 1 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 2675 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 612 | 3608 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:27:07 AM | ae677b1c-025f-4ac5-a972-da7f118c1801 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2674 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:27:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-833234-1\cloudbase-init SID (S-1-5-21-252155598-1610117697-765364086-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2673 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1632 | n-h2-833234-1 | S-1-5-21-252155598-1610117697-765364086-1000 | 3/11/2022 9:27:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wuauserv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2672 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:27:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2671 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The swprv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2670 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:192.168.0.48 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2669 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 612 | 2568 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:10.222.0.26 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2668 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 612 | 2568 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SessionEnv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2667 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2666 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UmRdpService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2665 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A new self signed certificate to be used for RD Session Host Server authentication on SSL connections was generated. The name on this certificate is n-h2-833234-1. The SHA1 hash of the certificate is in the event data. | 1056 | 0 | 49152 | 4 | 0 | 0 | 36028797018963968 | 2664 | Microsoft-Windows-TerminalServices-RemoteConnectionManager | c76baa63-ae81-421c-b425-340b4b24157f | System | 0 | 0 | n-h2-833234-1 | | 3/11/2022 9:26:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| This event triggers the TBS device identifier generation. | 1281 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2663 | Microsoft-Windows-TPM-WMI | 7d5387b0-cbe0-11da-a94d-0800200c9a66 | System | 612 | 3056 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LicenseManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2662 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cloudbase-init service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2661 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 864 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TermService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2660 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 864 | n-h2-833234-1 | | 3/11/2022 9:26:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DmEnrollmentSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2659 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:26:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DmEnrollmentSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2658 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:26:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The KeyIso service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2657 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:26:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ClipSVC service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2656 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wlidsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2655 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmcompute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2654 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:52 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2653 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 136 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2652 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 512 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2651 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2650 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2649 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1784 | n-h2-833234-1 | | 3/11/2022 9:26:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 2648 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 800 | n-h2-833234-1 | | 3/11/2022 9:26:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2647 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:26:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2646 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:26:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2645 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2644 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2643 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2642 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1692 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2641 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1648 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2640 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1768 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2639 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2638 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2637 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 2636 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | n-h2-833234-1 | | 3/11/2022 9:26:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2635 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2634 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2633 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2632 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1692 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2631 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TimeBrokerSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2630 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2629 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 876 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2628 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2627 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1692 | n-h2-833234-1 | | 3/11/2022 9:26:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2626 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1692 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2625 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2624 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1432 | 1624 | n-h2-833234-1 | S-1-5-19 | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2623 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1432 | 1528 | n-h2-833234-1 | S-1-5-19 | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2622 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2621 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2620 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1644 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2619 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1692 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2618 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1692 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2617 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2616 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2615 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2614 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1692 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2613 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 1708 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2612 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1784 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2611 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 512 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcbService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2610 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2609 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?03?-?11T09:26:49.043000000Z from ?2022?-?03?-?11T09:26:48.964828000Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2608 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1424 | 1968 | n-h2-833234-1 | S-1-5-19 | 3/11/2022 9:26:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2607 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2606 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2605 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1704 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppReadiness service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2604 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1784 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2603 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 512 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DsmSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2602 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1764 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2601 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1784 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2600 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1784 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2599 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 876 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2598 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 876 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2597 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1784 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2596 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1668 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2595 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 876 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2594 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 1468 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2593 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1424 | 1564 | n-h2-833234-1 | S-1-5-19 | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2592 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1424 | 1532 | n-h2-833234-1 | S-1-5-19 | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2591 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The W32Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2590 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2589 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2588 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:44 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully logged OS information | 2004 | 0 | | 4 | 4000 | 0 | 2305983746702049280 | 2587 | Microsoft-Windows-Setup | 75ebc33e-997f-49cf-b49f-ecc50184b75d | System | 1172 | 1176 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | OS information | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2586 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppXSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2585 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2584 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushservice service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2583 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2582 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2581 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DeviceInstall service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2580 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2579 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2578 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2577 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2576 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2575 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2574 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2573 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2572 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 796 | 872 | n-h2-833234-1 | | 3/11/2022 9:26:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2571 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 812 | 816 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:33 AM | 151b4ede-352a-0002-df4e-1b152a35d801 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2570 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 684 | 688 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:32 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2569 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 508 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2568 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 364 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2567 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 364 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2566 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 212 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2565 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-833234-1 | | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2564 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2563 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2562 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2561 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-833234-1 | | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2560 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2559 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2558 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2557 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 212 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2556 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 364 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2555 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | n-h2-833234-1 | | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2554 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 364 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2553 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2552 | VfpExt | | System | | | n-h2-833234-1 | | 3/11/2022 9:26:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2551 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume C: (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2550 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 212 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2549 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2548 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2547 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2546 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2545 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2544 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2543 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2542 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2541 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2540 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2539 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2538 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2022?-?03?-?11T09:26:26.494078200Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2537 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | n-h2-833234-1 | S-1-5-18 | 3/11/2022 9:26:26 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2022?-?03?-?11T09:26:19.552073500Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2536 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 588 | n-h2-833234-1 | | 3/11/2022 9:26:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2535 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 704 | 708 | n-h2-833234-1 | | 3/11/2022 9:26:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2534 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | n-h2-833234-1 | | 3/11/2022 9:26:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2533 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | n-h2-833234-1 | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2532 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | n-h2-833234-1 | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2531 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | n-h2-833234-1 | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2530 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | n-h2-833234-1 | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2529 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | n-h2-833234-1 | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2528 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | n-h2-833234-1 | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system uptime is 21 seconds. | 6013 | | 32768 | 4 | 0 | | 36028797018963968 | 2527 | EventLog | | System | | | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2526 | EventLog | | System | | | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2525 | EventLog | | System | | | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetBIOS name and DNS host name of this machine have been changed from WIN-FLM98IOCIVV to N-H2-833234-1. | 6011 | | 32768 | 4 | 0 | | 36028797018963968 | 2524 | EventLog | | System | | | n-h2-833234-1 | | 3/11/2022 9:26:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2523 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2522 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2521 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2520 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2519 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2518 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2517 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1340 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2516 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1428 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2515 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1404 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2514 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1304 | 1580 | WIN-5T344G8GM1H | S-1-5-19 | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?03?-?11T09:26:13.655000000Z from ?2022?-?03?-?11T09:26:13.660183900Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2513 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1492 | 2252 | WIN-5T344G8GM1H | S-1-5-19 | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2512 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1304 | 1704 | WIN-5T344G8GM1H | S-1-5-19 | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2511 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1424 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Install Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2510 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1424 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2509 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1280 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2508 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HV Host Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2507 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1284 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2506 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1264 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2505 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1264 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2504 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1264 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2503 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 892 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2502 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1264 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\system32\winlogon.exe (WIN-5T344G8GM1H) has initiated the restart of computer WIN-FLM98IOCIVV on behalf of user NT AUTHORITY\SYSTEM for the following reason: Operating System: Upgrade (Planned)
Reason Code: 0x80020003
Shutdown Type: restart
Comment: | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2501 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 612 | 768 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2500 | EventLog | | System | | | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is not listening for WS-Management requests.
User Action
If you did not intentionally stop the service, use the following command to see the WinRM configuration:
winrm enumerate winrm/config/listener | 10149 | 0 | 7 | 3 | 0 | 0 | 36028797018963968 | 2499 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | WIN-5T344G8GM1H | | 3/11/2022 9:26:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2498 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1264 | WIN-5T344G8GM1H | | 3/11/2022 9:26:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtual Disk service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2497 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1264 | WIN-5T344G8GM1H | | 3/11/2022 9:26:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 2496 | Virtual Disk Service | | System | | | WIN-5T344G8GM1H | | 3/11/2022 9:26:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtual Disk service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2495 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1404 | WIN-5T344G8GM1H | | 3/11/2022 9:26:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 2494 | Virtual Disk Service | | System | | | WIN-5T344G8GM1H | | 3/11/2022 9:26:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \??\C:\windows\System32\SMI\Store\Machine\SCHEMA.DAT was reorganized with a starting size of 12853248 bytes and an ending size of 11681792 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2493 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1188 | 1192 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \??\C:\windows\System32\config\COMPONENTS was reorganized with a starting size of 71872512 bytes and an ending size of 56864768 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2492 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1188 | 1192 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2491 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 892 | WIN-5T344G8GM1H | | 3/11/2022 9:25:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2490 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:20 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2489 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2488 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:19 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2487 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:18 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1715_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2486 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2485 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:17 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2484 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:16 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2483 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:15 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2482 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1492 | 1528 | WIN-5T344G8GM1H | S-1-5-19 | 3/11/2022 9:25:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.AssignedAccessLockApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2481 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2480 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2479 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BioEnrollment_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2478 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\AppCompat\Programs\Amcache.hve was cleared updating 629 keys and creating 196 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2477 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 2060 | 2508 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1715_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2476 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2475 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1112 | 2932 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2474 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 892 | WIN-5T344G8GM1H | | 3/11/2022 9:25:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver wvmbusvideo.inf_amd64_1f06cc897822eef5\wvmbusvideo.inf for Device Instance ID VMBUS\{DA0A7802-E377-4AAC-8E77-0558EB1073F8}\{5620E0C7-8062-4DCE-AEB7-520C7EF76171} with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2473 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2560 | 2632 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service HyperVideo for Device Instance ID VMBUS\{DA0A7802-E377-4AAC-8E77-0558EB1073F8}\{5620E0C7-8062-4DCE-AEB7-520C7EF76171} with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2472 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2560 | 2632 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:06 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver msports.inf_amd64_280f71b0b084cc3b\msports.inf for Device Instance ID ACPI\PNP0501\1 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2471 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2568 | 2636 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serenum for Device Instance ID ACPI\PNP0501\1 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2470 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2568 | 2636 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serial for Device Instance ID ACPI\PNP0501\1 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2469 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2568 | 2636 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver msports.inf_amd64_280f71b0b084cc3b\msports.inf for Device Instance ID ACPI\PNP0501\2 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2468 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2576 | 2628 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Time Broker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2467 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1264 | WIN-5T344G8GM1H | | 3/11/2022 9:25:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serenum for Device Instance ID ACPI\PNP0501\2 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2466 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2576 | 2628 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serial for Device Instance ID ACPI\PNP0501\2 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2465 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2576 | 2628 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmcompute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2464 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1424 | WIN-5T344G8GM1H | | 3/11/2022 9:25:01 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2463 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 600 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:00 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2462 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1404 | WIN-5T344G8GM1H | | 3/11/2022 9:25:00 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2461 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:25:00 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2460 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1492 | 1524 | WIN-5T344G8GM1H | S-1-5-19 | 3/11/2022 9:25:00 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2459 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 900 | WIN-5T344G8GM1H | | 3/11/2022 9:24:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2458 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 900 | WIN-5T344G8GM1H | | 3/11/2022 9:24:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2457 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 900 | WIN-5T344G8GM1H | | 3/11/2022 9:24:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 2456 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 820 | WIN-5T344G8GM1H | | 3/11/2022 9:24:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2455 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2454 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2453 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2452 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2451 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The W32Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2450 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2449 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1424 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2448 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1264 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2447 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1292 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service terminated with the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. | 7023 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 2446 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1384 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2445 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1384 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2444 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 896 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2443 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 2052 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2442 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1264 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2441 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2440 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1384 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2439 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2438 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2437 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1384 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2436 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2435 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2434 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2433 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 2432 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | WIN-5T344G8GM1H | | 3/11/2022 9:24:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2431 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1412 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2430 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1264 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2429 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service terminated with the following error:
The device is not ready. | 7023 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 2428 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1384 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2427 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1384 | WIN-5T344G8GM1H | | 3/11/2022 9:24:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2426 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2425 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1284 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2424 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1284 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2423 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1304 | 1704 | WIN-5T344G8GM1H | S-1-5-19 | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2422 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1304 | 1580 | WIN-5T344G8GM1H | S-1-5-19 | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2421 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1384 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2420 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2419 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2418 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2417 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2416 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2415 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2414 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2413 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1400 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2412 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1284 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2411 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1284 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2410 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1280 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2409 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2408 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2407 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?03?-?11T09:24:57.002000000Z from ?2022?-?03?-?11T09:24:57.029245000Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2406 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1304 | 1436 | WIN-5T344G8GM1H | S-1-5-19 | 3/11/2022 9:24:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2405 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2404 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2403 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1424 | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2402 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1268 | WIN-5T344G8GM1H | | 3/11/2022 9:24:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2401 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1268 | WIN-5T344G8GM1H | | 3/11/2022 9:24:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DsmSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2400 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 1292 | WIN-5T344G8GM1H | | 3/11/2022 9:24:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\BBI was cleared updating 10 keys and creating 2 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2399 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 924 | 388 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2398 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:56 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2397 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppXSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2396 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2395 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2394 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 32 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2393 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2392 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | WIN-5T344G8GM1H | | 3/11/2022 9:24:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2391 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2390 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2389 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 600 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2388 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | WIN-5T344G8GM1H | | 3/11/2022 9:24:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2387 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 600 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushservice service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2386 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2385 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2384 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DeviceInstall service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2383 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2382 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2381 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2380 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2379 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 896 | WIN-5T344G8GM1H | | 3/11/2022 9:24:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2378 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2377 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2376 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2375 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 816 | 904 | WIN-5T344G8GM1H | | 3/11/2022 9:24:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2374 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 832 | 836 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:47 AM | cb5850b0-3529-0005-b450-58cb2935d801 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2373 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 704 | 708 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Default\NTUSER.DAT was cleared updating 126 keys and creating 18 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2372 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\UsrClass.dat was cleared updating 628 keys and creating 85 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2371 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:42 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Administrator\NTUSER.DAT was cleared updating 1935 keys and creating 116 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2370 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:41 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\ServiceProfiles\NetworkService\NTUSER.DAT was cleared updating 128 keys and creating 20 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2369 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:41 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\ServiceProfiles\LocalService\NTUSER.DAT was cleared updating 137 keys and creating 21 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2368 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:39 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\SAM was cleared updating 80 keys and creating 7 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2367 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 552 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:28 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\SECURITY was cleared updating 87 keys and creating 5 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2366 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 536 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\DEFAULT was cleared updating 229 keys and creating 27 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2365 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 548 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \SystemRoot\System32\Config\SOFTWARE was reorganized with a starting size of 78917632 bytes and an ending size of 74686464 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2364 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 540 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:27 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \Device\HarddiskVolume1\Boot\BCD was cleared updating 82 keys and creating 1 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2363 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 488 | 492 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:25 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \SystemRoot\System32\config\DRIVERS was reorganized with a starting size of 5177344 bytes and an ending size of 5169152 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2362 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 32 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:25 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2361 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2360 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2359 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2358 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2357 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2356 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2355 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | WIN-5T344G8GM1H | | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2354 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 380 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2353 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2352 | VfpExt | | System | | | WIN-5T344G8GM1H | | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2351 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:24 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume \\?\Volume{be07386b-0000-0000-0000-100000000000} (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2350 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2349 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2348 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:23 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2347 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2346 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2345 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2344 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2343 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2342 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2341 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2340 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2339 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2338 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2022?-?03?-?11T09:24:22.493999200Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2337 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 3/11/2022 9:24:22 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2018?-?01?-?19T09:48:14.082208700Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2336 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 2896 | WIN-5T344G8GM1H | | 1/19/2018 9:48:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2335 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 520 | 524 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2334 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2333 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2332 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2331 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2330 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2329 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2328 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2327 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2326 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2325 | EventLog | | System | | | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2324 | EventLog | | System | | | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetBIOS name and DNS host name of this machine have been changed from WIN-5T344G8GM1H to WIN-FLM98IOCIVV. | 6011 | | 32768 | 4 | 0 | | 36028797018963968 | 2323 | EventLog | | System | | | WIN-5T344G8GM1H | | 3/11/2022 9:24:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Target Server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2322 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2321 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2320 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2319 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2318 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Software Shadow Copy Provider service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2317 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2316 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2315 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2314 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services UserMode Port Redirector service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2313 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1100 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2312 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 416 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2311 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 416 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2018?-?01?-?19T09:48:13.152000000Z from ?2018?-?01?-?19T09:48:13.164762500Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2310 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1244 | 2300 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Credential Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2309 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1080 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2308 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 2116 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2307 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1048 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2306 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 436 | 1300 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2305 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 436 | 1360 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2304 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2303 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2302 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2301 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2300 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2299 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| User Logoff Notification for Customer Experience Improvement Program | 7002 | 0 | | 4 | 1102 | 0 | 2305878193585782784 | 2298 | Microsoft-Windows-Winlogon | dbe9b383-7cf3-4331-91cc-a3cb16a3b538 | System | 584 | 916 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2297 | EventLog | | System | | | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CDPUserSvc_24762 service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2296 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Sync Host_24762 service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2295 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2294 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 820 | 972 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2293 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Configuration service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2292 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\System32\Sysprep\Sysprep.exe (WIN-5T344G8GM1H) has initiated the shutdown of computer WIN-5T344G8GM1H on behalf of user WIN-5T344G8GM1H\Administrator for the following reason: No title for this reason could be found
Reason Code: 0x40002
Shutdown Type: shutdown
Comment: | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2291 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 448 | 464 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Process C:\Windows\System32\Sysprep\sysprep.exe (process ID:4012) reset policy scheme from {381B4222-F694-41F0-9685-FF5BB260DF2E} to {381B4222-F694-41F0-9685-FF5BB260DF2E} | 12 | 0 | | 4 | 10 | 0 | 4611686018427387904 | 2290 | Microsoft-Windows-UserModePowerService | ce8dee0b-d539-4000-b0f8-77bed049c590 | System | 764 | 316 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2289 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2288 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2287 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x8'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) | 134 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 2286 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1244 | 1320 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2285 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2284 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2283 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TCP/IP NetBIOS Helper service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2282 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TCP/IP NetBIOS Helper service was successfully sent a stop control.
The reason specified was: 0x40030011 [Operating System: Network Connectivity (Planned)]
Comment: None | 7042 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2281 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport Teredo Tunneling Pseudo-Interface, {8A97E6D0-A2AF-48AE-8BC2-FFC865CC4DF6}, had event Network Interface deleted while PNP Device still exists. Note that this event is provided for informational purpose and might not be an error always (Eg: In case of vSwitch which was recently un-installed or a LBFO team was removed) | 10317 | 0 | | 2 | 2 | 0 | 2305843009213710358 | 2280 | Microsoft-Windows-NDIS | cdead503-17f5-4a3e-b7ae-df8cc2902eb9 | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | 8a97e6d0-a2af-48ae-8bc2-ffc865cc4df6 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | PnP | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' is halting | 6 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2279 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 1984 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport Microsoft Hyper-V Network Adapter #2, {518CDFA4-5492-4D9E-BEAA-908825A4A289}, had event Network Interface deleted while PNP Device still exists. Note that this event is provided for informational purpose and might not be an error always (Eg: In case of vSwitch which was recently un-installed or a LBFO team was removed) | 10317 | 0 | | 2 | 2 | 0 | 2305843009213710358 | 2278 | Microsoft-Windows-NDIS | cdead503-17f5-4a3e-b7ae-df8cc2902eb9 | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | 518cdfa4-5492-4d9e-beaa-908825a4a289 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | PnP | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x8'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) | 134 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 2277 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1244 | 1800 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.{518CDFA4-5492-4D9E-BEAA-908825A4A289} is no longer active. | 4201 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2276 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 976 | 1376 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2275 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2274 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft-Windows-Kernel-PnP/Configuration log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2273 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the VIA StorX Storage RAID Controller Windows Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2272 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the vsmraid service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2271 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Universal Flash Storage (UFS) Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2270 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Standard NVM Express Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2269 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the stexstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2268 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SiSRaid4 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2267 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SiSRaid2 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2266 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Storage Class Memory Bus Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2265 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SBP-2 Transport/Protocol Bus Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2264 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic [FCoE] STOR Miniport Inbox Driver (wx64) service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2263 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic iSCSI Miniport Inbox Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2262 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Fibre Channel STOR Miniport Inbox Driver (wx64) service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2261 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the percsas3i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2260 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the percsas2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2259 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the pcmcia service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2258 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nvraid service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2257 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nvstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2256 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic 10 Gigabit Ethernet Adapter VBD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2255 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Network Adapter VBD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2254 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the mvumis service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2253 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Standard SATA AHCI Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2252 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the pciide service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2251 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasr service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2250 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasas2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2249 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasas service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2248 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the isapnp service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2247 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SSS service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2246 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS3i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2245 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2244 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2243 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Intel RAID Controller Windows 7 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2242 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Intel(R) SATA RAID Controller Windows service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2241 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the HpSAMD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2240 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the elxstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2239 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the elxfcoe service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2238 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2237 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cht4iscsi service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2236 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Offload iSCSI Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2235 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic FCoE Offload driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2234 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the bfadfcoei service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2233 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the bfadi service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2232 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Adaptec SAS/SATA-II RAID Storport's Miniport Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2231 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdsbs service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2230 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdxata service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2229 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdsata service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2228 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the ADP80XX service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2227 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the 3ware service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2226 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2225 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2224 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2223 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2222 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2221 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Setup log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2220 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Application log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2219 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The System log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2218 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |