| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| Endpoint Protection client is up and running in a healthy state.
Platform version: 4.12.17007.18011
Engine version: 1.1.19400.3
Signature version: 1.371.475.0
| 1150 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 81 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2404 | 3592 | n-h2-846187-11.cbci-846187-11.local | S-1-5-18 | 7/20/2022 11:34:36 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\5361e5b530bf2457aa7cc58e6e2a2ec25cf3f706
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 10:01:12 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 80 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3796 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 10:01:13 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\5361e5b530bf2457aa7cc58e6e2a2ec25cf3f706
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 10:01:12 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 79 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3796 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 10:01:13 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\03aa7675e085c9f2c15ccc0226627f0f17e28348
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 10:00:58 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 78 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3792 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 10:00:59 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\03aa7675e085c9f2c15ccc0226627f0f17e28348
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 10:00:58 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 77 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3792 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 10:00:59 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\80ab3da46e5598fe5dd4f909e260aa2023d384f9
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:59:17 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 76 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3876 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:59:17 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\80ab3da46e5598fe5dd4f909e260aa2023d384f9
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:59:17 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 75 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3876 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:59:17 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\64f2628fc56789b62fcfa308afeddbcbf9c31df4
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:59:17 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 74 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3792 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:59:17 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\64f2628fc56789b62fcfa308afeddbcbf9c31df4
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:59:17 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 73 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3792 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:59:17 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\12eef6a95837f5a217509bfc3d1399b9b5efebf7
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:58:59 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 72 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3792 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:58:59 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\12eef6a95837f5a217509bfc3d1399b9b5efebf7
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:58:59 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 71 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3792 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:58:59 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\8e2207119ea78db792b2c7bac4b26410c83bd0bf
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:58:46 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 70 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3668 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:58:46 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\8e2207119ea78db792b2c7bac4b26410c83bd0bf
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:58:46 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 69 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3668 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:58:46 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\f9d3d74972e6c2e358baad3d97c56a2f0a852a9a
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:58:27 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 68 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3068 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:58:27 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\f9d3d74972e6c2e358baad3d97c56a2f0a852a9a
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:58:27 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 67 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3068 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:58:27 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\91f21a7c9581f7c3ce8dbb3240f23b0d79a76030
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:58:25 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 66 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3068 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:58:25 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\91f21a7c9581f7c3ce8dbb3240f23b0d79a76030
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:58:25 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 65 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3068 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:58:25 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\891271874c85605ed5205ca852f0472743e2da38
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:56:08 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 64 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3668 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:56:08 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\891271874c85605ed5205ca852f0472743e2da38
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:56:08 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 63 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3668 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:56:08 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\075e036cdbf287a68cca80217fa9365bb27410b6
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:08 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 62 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3656 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:08 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\075e036cdbf287a68cca80217fa9365bb27410b6
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:08 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 61 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3656 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:08 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\9f762f5ab91550c1257215b6e11aa9c0d5bbd425
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:08 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 60 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3668 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:08 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\9f762f5ab91550c1257215b6e11aa9c0d5bbd425
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:08 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 59 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3668 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:08 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\2c0527f327b2a74ba9f5fd09f249e1bc02d0dc2d
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:07 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 58 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3668 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:07 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\2c0527f327b2a74ba9f5fd09f249e1bc02d0dc2d
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:07 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 57 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3668 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:07 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\04f821248ac188dc90514fc001b4cac21c0d074d
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:07 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 56 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3668 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:07 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\04f821248ac188dc90514fc001b4cac21c0d074d
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:07 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 55 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3668 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:07 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\3d205d102f8f5bbec3d880f872b41fc0606be66e
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:06 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 54 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3672 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:06 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\3d205d102f8f5bbec3d880f872b41fc0606be66e
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:06 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 53 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3672 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:06 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4b12f8e16a0579f8b7b1f34254b1c61507c4c78f
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:05 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 52 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3024 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:05 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4b12f8e16a0579f8b7b1f34254b1c61507c4c78f
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:05 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 51 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3024 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:05 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4063e7033006d5300079b81c5e50ed388d54a764
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:04 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 50 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3024 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:05 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4063e7033006d5300079b81c5e50ed388d54a764
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:04 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 49 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3024 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:05 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\c9a1e23b1bb9877370ce2ea039cf25583697ef41
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:04 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 48 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3796 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:04 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\c9a1e23b1bb9877370ce2ea039cf25583697ef41
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:51:04 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 47 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3796 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:51:04 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\dec2c3aa7f56cdb068f7ef638754457aaf11a38f
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:50:03 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 46 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3792 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:50:03 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.475.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\dec2c3aa7f56cdb068f7ef638754457aaf11a38f
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 9:50:03 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 45 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2596 | 3792 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:50:03 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007045b
Error description: A system shutdown is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. | 3002 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 44 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2224 | 2444 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:42:28 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x8007045b
Error description: A system shutdown is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. | 3002 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 43 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2224 | 2444 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:42:28 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007045b
Error description: A system shutdown is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. | 3002 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 42 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2224 | 2444 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:42:28 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Real-time Protection scanning for malware and other potentially unwanted software was disabled. | 5001 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 41 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2224 | 2444 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:42:28 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.371.475.0
Previous Signature Version: 1.261.25.0
Signature Type: AntiSpyware
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.19400.3
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 40 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2224 | 2584 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:42:27 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.371.475.0
Previous Signature Version: 1.261.25.0
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.19400.3
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 39 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2224 | 2584 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:42:27 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 1.1.19400.3
Previous Engine Version: 1.1.14500.5
User: NT AUTHORITY\NETWORK SERVICE | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 38 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2224 | 2584 | n-h2-846187-11 | S-1-5-18 | 7/20/2022 9:42:27 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\MpEngine\MpGradualEngineRelease = 0x1
New value: | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 37 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2224 | 2444 | WIN-5T344G8GM1H | S-1-5-18 | 7/20/2022 9:42:17 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has been stopped before completion.
Scan ID: {2876E356-24ED-4235-BF28-69439A17AF7D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
User: NT AUTHORITY\SYSTEM | 1002 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 36 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 3896 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:22:48 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has started.
Scan ID: {2876E356-24ED-4235-BF28-69439A17AF7D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Scan Resources:
User: NT AUTHORITY\SYSTEM | 1000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 35 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 3896 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:14:50 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.25.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 34 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2428 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:04:58 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.25.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 33 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2428 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:04:58 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.25.0
Previous Signature Version: 1.261.22.0
Signature Type: AntiSpyware
Update Type: Delta
User: NT AUTHORITY\SYSTEM
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 32 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2592 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:54:54 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.25.0
Previous Signature Version: 1.261.22.0
Signature Type: AntiVirus
Update Type: Delta
User: NT AUTHORITY\SYSTEM
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 31 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2592 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:54:54 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\Scan\AggressiveCatchupQuickScanReattemptElapsed = 0x17
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\AggressiveCatchupQuickScanReattemptElapsed = 0x17 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 30 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3724 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:38 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\Scan\DaysUntilAggressiveCatchupQuickScan = 0x19
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\DaysUntilAggressiveCatchupQuickScan = 0x1E | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 29 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3724 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:38 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\NewLocation = C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0
New value: Default\NewLocation = | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 28 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3012 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:34 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\InstallLocation = C:\Program Files\Windows Defender\
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\InstallLocation = C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\ | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 27 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3012 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:34 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has been stopped before completion.
Scan ID: {E7A34311-C021-4F04-8BB3-B3BC9293E402}
Scan Type: Antimalware
Scan Parameters: Quick Scan
User: NT AUTHORITY\SYSTEM | 1002 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 26 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 3872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:45:57 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 118.2.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version:
Previous Engine Version: 2.1.14202.0
Error code: 0x80072ee2
Error description: The operation timed out | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 25 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:54 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.22.0
Previous Signature Version: 1.259.1667.0
Signature Type: AntiSpyware
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14405.2 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 24 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2880 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.22.0
Previous Signature Version: 1.259.1667.0
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14405.2 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 23 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2880 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14405.2
User: NT AUTHORITY\NETWORK SERVICE | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 22 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2880 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value:
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\MpEngine\MpGradualEngineRelease = 0x1 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 21 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2244 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.1667.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 20 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:34:10 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.1667.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 19 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:34:10 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.1667.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 18 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:34:10 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has started.
Scan ID: {E7A34311-C021-4F04-8BB3-B3BC9293E402}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Scan Resources:
User: NT AUTHORITY\SYSTEM | 1000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 17 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 3872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:33:58 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 2.1.14202.0
Previous Engine Version: 2.1.12706.0
User: WIN-5T344G8GM1H\Administrator | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 16 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 2364 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:48 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 118.2.0.0
Previous Signature Version: 116.1.0.0
Signature Type: Network Inspection System
Update Type: Full
User: WIN-5T344G8GM1H\Administrator
Current Engine Version: 2.1.14202.0
Previous Engine Version: 2.1.12706.0 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 15 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 2364 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:48 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SpyNetReportingLocation =
SOAP:https://spynet2.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
SOAP:https://spynetalt.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
REST:https://spynet2.microsoft.com/spyNet.svc/submitReport
REST:https://spynetalt.microsoft.com/spyNet.svc/submitReport
BOND:https://spynet2.microsoft.com/spyNet.svc/bond/submitreport
BOND:https://spynetalt.microsoft.com/spyNet.svc/bond/submitreport
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SpyNetReportingLocation =
SOAP:https://wdcp.microsoft.com/WdCpSrvc.asmx
SOAP:https://wdcpalt.microsoft.com/WdCpSrvc.asmx
REST:https://wdcp.microsoft.com/wdcp.svc/submitReport
REST:https://wdcpalt.microsoft.com/wdcp.svc/submitReport
BOND:https://wdcp.microsoft.com/wdcp.svc/bond/submitreport
BOND:https://wdcpalt.microsoft.com/wdcp.svc/bond/submitreport
| 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 14 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5872 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SSLOptions = 0x1
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SSLOptions = 0x3 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 13 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5872 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.259.1667.0
Previous Signature Version: 1.221.14.0
Signature Type: AntiSpyware
Update Type: Full
User: WIN-5T344G8GM1H\Administrator
Current Engine Version: 1.1.14405.2
Previous Engine Version: 1.1.12805.0 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 12 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5004 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.259.1667.0
Previous Signature Version: 1.221.14.0
Signature Type: AntiVirus
Update Type: Full
User: WIN-5T344G8GM1H\Administrator
Current Engine Version: 1.1.14405.2
Previous Engine Version: 1.1.12805.0 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 11 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5004 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 1.1.14405.2
Previous Engine Version: 1.1.12805.0
User: WIN-5T344G8GM1H\Administrator | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 10 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5004 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\ManagedDefenderProductType = 0x0
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\ManagedDefenderProductType = 0x0 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 9 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:36 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\InstallLocation = C:\Program Files\Windows Defender
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\InstallLocation = C:\Program Files\Windows Defender\ | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 8 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 2772 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:26 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 2.1.12706.0
Previous Engine Version:
User: NT AUTHORITY\SYSTEM | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 7 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 2044 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:26 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 116.1.0.0
Previous Signature Version:
Signature Type: Network Inspection System
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version: 2.1.12706.0
Previous Engine Version: | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 6 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 2044 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:26 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\SpyNetReportingLocation =
REST:https://spynet2.microsoft.com/spyNet.svc/submitReport
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SpyNetReportingLocation =
SOAP:https://spynet2.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
SOAP:https://spynetalt.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
REST:https://spynet2.microsoft.com/spyNet.svc/submitReport
REST:https://spynetalt.microsoft.com/spyNet.svc/submitReport
BOND:https://spynet2.microsoft.com/spyNet.svc/bond/submitreport
BOND:https://spynetalt.microsoft.com/spyNet.svc/bond/submitreport
| 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 5 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\MAPSconcurrencyDss = 0xA
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\MAPSconcurrencyDss = 0xA | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 4 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\SSLOptions = 0x0
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SSLOptions = 0x1 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\MAPSconcurrency = 0x1
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\MAPSconcurrency = 0x1 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: N/A\ProductType =
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\ProductType = 0x2 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 1 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:16 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |