| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3451 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4164 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:36:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3450 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4164 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:34:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 2F48F4F7-70E6-41D3-867A-B1C4816266CF--FD4C6296-71F3-4AF0-8761-D46F8CE16818 (Friendly Name: 2af85dfa-c7f1-473c-9bdf-c92b68967db4). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3449 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 552 | 1284 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-793310455-1104376038-3299965574-3479593601 | 10/19/2022 3:34:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2F48F4F7-70E6-41D3-867A-B1C4816266CF--FD4C6296-71F3-4AF0-8761-D46F8CE16818 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3448 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 552 | 1284 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-793310455-1104376038-3299965574-3479593601 | 10/19/2022 3:34:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3447 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4164 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:31:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2F48F4F7-70E6-41D3-867A-B1C4816266CF--FD4C6296-71F3-4AF0-8761-D46F8CE16818 (Friendly Name: 2af85dfa-c7f1-473c-9bdf-c92b68967db4) successfully connected to port 9B8A8AC9-C9BE-41EC-9FB1-12FB567C1296 (Friendly Name: 2af85dfa-c7f1-473c-9bdf-c92b68967db4) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3446 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 552 | 3644 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-793310455-1104376038-3299965574-3479593601 | 10/19/2022 3:28:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 2F48F4F7-70E6-41D3-867A-B1C4816266CF--FD4C6296-71F3-4AF0-8761-D46F8CE16818 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3445 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 552 | 3644 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:28:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3444 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:28:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3443 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:26:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 1969A182-97B5-44F9-93C2-BC057B1E2C0A--59FDD37C-9219-46CB-AC79-3953ABB29587 (Friendly Name: 7962fdf4-4965-4303-9c3b-c955ddd4453e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3442 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4148 | 4780 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-426353026-1157207989-96256659-170663547 | 10/19/2022 3:26:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 1969A182-97B5-44F9-93C2-BC057B1E2C0A--59FDD37C-9219-46CB-AC79-3953ABB29587 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3441 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4148 | 4780 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-426353026-1157207989-96256659-170663547 | 10/19/2022 3:26:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3440 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:26:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 1969A182-97B5-44F9-93C2-BC057B1E2C0A--59FDD37C-9219-46CB-AC79-3953ABB29587 (Friendly Name: 7962fdf4-4965-4303-9c3b-c955ddd4453e) successfully connected to port B535AEE5-01A1-46E5-BF80-6DB4E6BB8D08 (Friendly Name: 7962fdf4-4965-4303-9c3b-c955ddd4453e) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3439 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4148 | 4816 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-426353026-1157207989-96256659-170663547 | 10/19/2022 3:24:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 1969A182-97B5-44F9-93C2-BC057B1E2C0A--59FDD37C-9219-46CB-AC79-3953ABB29587 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3438 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4148 | 4816 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:24:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3437 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4164 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:24:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3436 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4164 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:24:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3435 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4164 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:24:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3434 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:23:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 48262391-54DB-44C5-9165-FE8BF1054275--4D8B28C4-EFEB-48C1-AE02-F4F1FD2B35A1 (Friendly Name: 0bc44326-0b0f-4c77-bfd3-7bbd7db3cf12). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3433 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 736 | 996 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1210459025-1153783003-2348705169-1967261169 | 10/19/2022 3:23:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 48262391-54DB-44C5-9165-FE8BF1054275--4D8B28C4-EFEB-48C1-AE02-F4F1FD2B35A1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3432 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 736 | 996 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1210459025-1153783003-2348705169-1967261169 | 10/19/2022 3:23:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 48262391-54DB-44C5-9165-FE8BF1054275--4D8B28C4-EFEB-48C1-AE02-F4F1FD2B35A1 (Friendly Name: 0bc44326-0b0f-4c77-bfd3-7bbd7db3cf12) successfully connected to port 500A3626-681F-4A67-B029-F3FF8559A6C4 (Friendly Name: 0bc44326-0b0f-4c77-bfd3-7bbd7db3cf12) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3431 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 736 | 4424 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1210459025-1153783003-2348705169-1967261169 | 10/19/2022 3:22:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 48262391-54DB-44C5-9165-FE8BF1054275--4D8B28C4-EFEB-48C1-AE02-F4F1FD2B35A1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3430 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 736 | 4424 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:22:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3429 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:21:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B2ABF14D-3AA4-4F08-B433-15ABA68EBA0B--EAC59F13-07E7-45DB-A604-87F8230F5A6A (Friendly Name: 0bc44326-0b0f-4c77-bfd3-7bbd7db3cf12). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3428 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2564 | 1768 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2997612877-1325939364-2870293428-196775590 | 10/19/2022 3:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B2ABF14D-3AA4-4F08-B433-15ABA68EBA0B--EAC59F13-07E7-45DB-A604-87F8230F5A6A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3427 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2564 | 1768 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2997612877-1325939364-2870293428-196775590 | 10/19/2022 3:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3426 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:20:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3425 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:19:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B2ABF14D-3AA4-4F08-B433-15ABA68EBA0B--EAC59F13-07E7-45DB-A604-87F8230F5A6A (Friendly Name: 0bc44326-0b0f-4c77-bfd3-7bbd7db3cf12) successfully connected to port 503DF6C8-9E24-4003-B10D-D5C15AD953CA (Friendly Name: 0bc44326-0b0f-4c77-bfd3-7bbd7db3cf12) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3424 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2564 | 1768 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2997612877-1325939364-2870293428-196775590 | 10/19/2022 3:18:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B2ABF14D-3AA4-4F08-B433-15ABA68EBA0B--EAC59F13-07E7-45DB-A604-87F8230F5A6A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3423 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2564 | 1768 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:18:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 48AE8E05-F208-41A6-94C4-8EE2F3D8FEAE--A083C913-5FC9-48B6-8129-C70351A60983 (Friendly Name: 0ac0c16b-6a71-4ac6-8440-8c63ae3a8e7f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3422 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 2896 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1219399173-1101459976-3801007252-2935937267 | 10/19/2022 3:18:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 48AE8E05-F208-41A6-94C4-8EE2F3D8FEAE--A083C913-5FC9-48B6-8129-C70351A60983 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3421 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 2896 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1219399173-1101459976-3801007252-2935937267 | 10/19/2022 3:18:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 48AE8E05-F208-41A6-94C4-8EE2F3D8FEAE--A083C913-5FC9-48B6-8129-C70351A60983 (Friendly Name: 0ac0c16b-6a71-4ac6-8440-8c63ae3a8e7f) successfully connected to port ACB19A18-00F2-4EE9-BD88-81A3C76C1D77 (Friendly Name: 0ac0c16b-6a71-4ac6-8440-8c63ae3a8e7f) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3420 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 2572 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1219399173-1101459976-3801007252-2935937267 | 10/19/2022 3:18:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 48AE8E05-F208-41A6-94C4-8EE2F3D8FEAE--A083C913-5FC9-48B6-8129-C70351A60983 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3419 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 2572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:18:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 48AE8E05-F208-41A6-94C4-8EE2F3D8FEAE--A083C913-5FC9-48B6-8129-C70351A60983 (Friendly Name: 0ac0c16b-6a71-4ac6-8440-8c63ae3a8e7f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3418 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4684 | 3716 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1219399173-1101459976-3801007252-2935937267 | 10/19/2022 3:17:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 48AE8E05-F208-41A6-94C4-8EE2F3D8FEAE--A083C913-5FC9-48B6-8129-C70351A60983 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3417 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4684 | 3716 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1219399173-1101459976-3801007252-2935937267 | 10/19/2022 3:17:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 48AE8E05-F208-41A6-94C4-8EE2F3D8FEAE--A083C913-5FC9-48B6-8129-C70351A60983 (Friendly Name: 0ac0c16b-6a71-4ac6-8440-8c63ae3a8e7f) successfully connected to port ACB19A18-00F2-4EE9-BD88-81A3C76C1D77 (Friendly Name: 0ac0c16b-6a71-4ac6-8440-8c63ae3a8e7f) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3416 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4684 | 3716 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1219399173-1101459976-3801007252-2935937267 | 10/19/2022 3:16:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 48AE8E05-F208-41A6-94C4-8EE2F3D8FEAE--A083C913-5FC9-48B6-8129-C70351A60983 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3415 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4684 | 3716 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:16:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3414 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:16:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 181DD4C4-3710-461E-BA6B-0C79AE346CE5--81685C44-431E-4461-B1C1-EC7856D5958F (Friendly Name: 3f4dd275-f88a-4ce2-9980-b549801c0ab7). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3413 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3980 | 3284 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-404608196-1176385296-2030857146-3849073838 | 10/19/2022 3:16:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 181DD4C4-3710-461E-BA6B-0C79AE346CE5--81685C44-431E-4461-B1C1-EC7856D5958F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3412 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3980 | 3284 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-404608196-1176385296-2030857146-3849073838 | 10/19/2022 3:16:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3411 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:16:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 181DD4C4-3710-461E-BA6B-0C79AE346CE5--81685C44-431E-4461-B1C1-EC7856D5958F (Friendly Name: 3f4dd275-f88a-4ce2-9980-b549801c0ab7) successfully connected to port AAF4ECA5-C4C6-42D1-8DF4-7A47CDB8FD67 (Friendly Name: 3f4dd275-f88a-4ce2-9980-b549801c0ab7) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3410 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3980 | 3048 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-404608196-1176385296-2030857146-3849073838 | 10/19/2022 3:15:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 181DD4C4-3710-461E-BA6B-0C79AE346CE5--81685C44-431E-4461-B1C1-EC7856D5958F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3409 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3980 | 3048 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:15:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3408 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:15:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 181DD4C4-3710-461E-BA6B-0C79AE346CE5--81685C44-431E-4461-B1C1-EC7856D5958F (Friendly Name: 3f4dd275-f88a-4ce2-9980-b549801c0ab7). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3407 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 216 | 1656 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-404608196-1176385296-2030857146-3849073838 | 10/19/2022 3:15:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 181DD4C4-3710-461E-BA6B-0C79AE346CE5--81685C44-431E-4461-B1C1-EC7856D5958F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3406 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 216 | 1656 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-404608196-1176385296-2030857146-3849073838 | 10/19/2022 3:15:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3405 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:15:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 181DD4C4-3710-461E-BA6B-0C79AE346CE5--81685C44-431E-4461-B1C1-EC7856D5958F (Friendly Name: 3f4dd275-f88a-4ce2-9980-b549801c0ab7) successfully connected to port AAF4ECA5-C4C6-42D1-8DF4-7A47CDB8FD67 (Friendly Name: 3f4dd275-f88a-4ce2-9980-b549801c0ab7) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3404 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 216 | 3836 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-404608196-1176385296-2030857146-3849073838 | 10/19/2022 3:14:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 181DD4C4-3710-461E-BA6B-0C79AE346CE5--81685C44-431E-4461-B1C1-EC7856D5958F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3403 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 216 | 3836 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:14:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 1183ABBF-2B91-4623-9938-ED7C244E7467--19E99EE1-7C3C-4580-BCF8-613D212E436E (Friendly Name: 5d071953-7940-4ba9-9557-675f792a242f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3402 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3808 | 4072 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-293841855-1176710033-2095921305-1735675428 | 10/19/2022 3:13:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 1183ABBF-2B91-4623-9938-ED7C244E7467--19E99EE1-7C3C-4580-BCF8-613D212E436E successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3401 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3808 | 4072 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-293841855-1176710033-2095921305-1735675428 | 10/19/2022 3:13:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 1183ABBF-2B91-4623-9938-ED7C244E7467--19E99EE1-7C3C-4580-BCF8-613D212E436E (Friendly Name: 5d071953-7940-4ba9-9557-675f792a242f) successfully connected to port 0BCACD62-3EBD-4FE3-9297-CF3FBC32BE14 (Friendly Name: 5d071953-7940-4ba9-9557-675f792a242f) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3400 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3808 | 4072 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-293841855-1176710033-2095921305-1735675428 | 10/19/2022 3:11:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 1183ABBF-2B91-4623-9938-ED7C244E7467--19E99EE1-7C3C-4580-BCF8-613D212E436E (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3399 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3808 | 4072 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:11:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic E6E977FE-1A76-4BD7-BBD3-7D002C5827B0--1851E134-B812-4142-AC09-F6FAB33BF7EF (Friendly Name: 14c397ac-daff-4748-ac9f-d07fb46d3da8). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3398 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1216 | 2368 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3874060286-1272388214-8246203-2955368492 | 10/19/2022 3:11:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E6E977FE-1A76-4BD7-BBD3-7D002C5827B0--1851E134-B812-4142-AC09-F6FAB33BF7EF successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3397 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1216 | 2368 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3874060286-1272388214-8246203-2955368492 | 10/19/2022 3:11:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E6E977FE-1A76-4BD7-BBD3-7D002C5827B0--1851E134-B812-4142-AC09-F6FAB33BF7EF (Friendly Name: 14c397ac-daff-4748-ac9f-d07fb46d3da8) successfully connected to port 4B190C44-178E-4D95-AC35-76A005390954 (Friendly Name: 14c397ac-daff-4748-ac9f-d07fb46d3da8) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3396 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1216 | 4660 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3874060286-1272388214-8246203-2955368492 | 10/19/2022 3:10:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic E6E977FE-1A76-4BD7-BBD3-7D002C5827B0--1851E134-B812-4142-AC09-F6FAB33BF7EF (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3395 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1216 | 4660 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:10:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic E6E977FE-1A76-4BD7-BBD3-7D002C5827B0--1851E134-B812-4142-AC09-F6FAB33BF7EF (Friendly Name: 14c397ac-daff-4748-ac9f-d07fb46d3da8). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3394 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2620 | 3064 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3874060286-1272388214-8246203-2955368492 | 10/19/2022 3:10:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E6E977FE-1A76-4BD7-BBD3-7D002C5827B0--1851E134-B812-4142-AC09-F6FAB33BF7EF successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3393 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2620 | 3064 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3874060286-1272388214-8246203-2955368492 | 10/19/2022 3:10:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E6E977FE-1A76-4BD7-BBD3-7D002C5827B0--1851E134-B812-4142-AC09-F6FAB33BF7EF (Friendly Name: 14c397ac-daff-4748-ac9f-d07fb46d3da8) successfully connected to port 4B190C44-178E-4D95-AC35-76A005390954 (Friendly Name: 14c397ac-daff-4748-ac9f-d07fb46d3da8) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3392 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2620 | 3064 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3874060286-1272388214-8246203-2955368492 | 10/19/2022 3:09:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic E6E977FE-1A76-4BD7-BBD3-7D002C5827B0--1851E134-B812-4142-AC09-F6FAB33BF7EF (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3391 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2620 | 3064 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:09:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 90FB24C7-AB64-4B15-A2C3-DD5257232706--83752CBF-E07F-4BB1-9CD7-3020D305BE3A (Friendly Name: bf69e59a-978c-48f5-a1c5-feb299bda3ac). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3390 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3164 | 4816 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2432378055-1259711332-1390265250-103228247 | 10/19/2022 3:08:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 90FB24C7-AB64-4B15-A2C3-DD5257232706--83752CBF-E07F-4BB1-9CD7-3020D305BE3A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3389 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3164 | 4816 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2432378055-1259711332-1390265250-103228247 | 10/19/2022 3:08:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 90FB24C7-AB64-4B15-A2C3-DD5257232706--83752CBF-E07F-4BB1-9CD7-3020D305BE3A (Friendly Name: bf69e59a-978c-48f5-a1c5-feb299bda3ac) successfully connected to port F0EF0608-91E2-4458-A2C3-272B4D8C91F8 (Friendly Name: bf69e59a-978c-48f5-a1c5-feb299bda3ac) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3388 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3164 | 2076 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2432378055-1259711332-1390265250-103228247 | 10/19/2022 3:07:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 90FB24C7-AB64-4B15-A2C3-DD5257232706--83752CBF-E07F-4BB1-9CD7-3020D305BE3A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3387 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3164 | 2076 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:07:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3386 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:07:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3385 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:07:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A20D6CD5-33F4-4585-B208-2268AC68FE18--075A2ED9-951C-4ACD-AD34-20E430C3A1D1 (Friendly Name: b64aa086-efed-40ec-aab5-88f649852555). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3384 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3936 | 4472 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2718788821-1166357492-1747060914-419326124 | 10/19/2022 3:07:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A20D6CD5-33F4-4585-B208-2268AC68FE18--075A2ED9-951C-4ACD-AD34-20E430C3A1D1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3383 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3936 | 4472 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2718788821-1166357492-1747060914-419326124 | 10/19/2022 3:07:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3382 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1084 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:06:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A20D6CD5-33F4-4585-B208-2268AC68FE18--075A2ED9-951C-4ACD-AD34-20E430C3A1D1 (Friendly Name: b64aa086-efed-40ec-aab5-88f649852555) successfully connected to port 0D2BBFAB-4EC4-4082-BF1B-5CC016373E93 (Friendly Name: b64aa086-efed-40ec-aab5-88f649852555) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3381 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3936 | 4472 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2718788821-1166357492-1747060914-419326124 | 10/19/2022 3:06:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A20D6CD5-33F4-4585-B208-2268AC68FE18--075A2ED9-951C-4ACD-AD34-20E430C3A1D1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3380 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3936 | 4472 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:06:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A20D6CD5-33F4-4585-B208-2268AC68FE18--075A2ED9-951C-4ACD-AD34-20E430C3A1D1 (Friendly Name: b64aa086-efed-40ec-aab5-88f649852555). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3379 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4344 | 1508 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2718788821-1166357492-1747060914-419326124 | 10/19/2022 3:05:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A20D6CD5-33F4-4585-B208-2268AC68FE18--075A2ED9-951C-4ACD-AD34-20E430C3A1D1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3378 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4344 | 1508 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2718788821-1166357492-1747060914-419326124 | 10/19/2022 3:05:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3377 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1084 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:04:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A20D6CD5-33F4-4585-B208-2268AC68FE18--075A2ED9-951C-4ACD-AD34-20E430C3A1D1 (Friendly Name: b64aa086-efed-40ec-aab5-88f649852555) successfully connected to port 0D2BBFAB-4EC4-4082-BF1B-5CC016373E93 (Friendly Name: b64aa086-efed-40ec-aab5-88f649852555) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3376 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4344 | 3932 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2718788821-1166357492-1747060914-419326124 | 10/19/2022 3:04:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A20D6CD5-33F4-4585-B208-2268AC68FE18--075A2ED9-951C-4ACD-AD34-20E430C3A1D1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3375 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4344 | 3932 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:04:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3374 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1084 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:04:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 94185268-83E3-4E1A-8C7E-D418F5199426--DEA754B5-C524-4CF2-9881-8D88AA83717C (Friendly Name: fbb75b95-d63b-4219-9c1f-95434b40bc0a). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3373 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2836 | 4232 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2484621928-1310360547-416579212-647240181 | 10/19/2022 3:04:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 94185268-83E3-4E1A-8C7E-D418F5199426--DEA754B5-C524-4CF2-9881-8D88AA83717C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3372 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2836 | 4232 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2484621928-1310360547-416579212-647240181 | 10/19/2022 3:04:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 94185268-83E3-4E1A-8C7E-D418F5199426--DEA754B5-C524-4CF2-9881-8D88AA83717C (Friendly Name: fbb75b95-d63b-4219-9c1f-95434b40bc0a) successfully connected to port 337E92A1-CC54-41FA-B104-D27F04B33074 (Friendly Name: fbb75b95-d63b-4219-9c1f-95434b40bc0a) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3371 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2836 | 4756 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2484621928-1310360547-416579212-647240181 | 10/19/2022 3:02:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 94185268-83E3-4E1A-8C7E-D418F5199426--DEA754B5-C524-4CF2-9881-8D88AA83717C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3370 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2836 | 4756 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:02:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 94185268-83E3-4E1A-8C7E-D418F5199426--DEA754B5-C524-4CF2-9881-8D88AA83717C (Friendly Name: fbb75b95-d63b-4219-9c1f-95434b40bc0a). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3369 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2836 | 4756 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2484621928-1310360547-416579212-647240181 | 10/19/2022 3:02:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 94185268-83E3-4E1A-8C7E-D418F5199426--DEA754B5-C524-4CF2-9881-8D88AA83717C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3368 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2836 | 4756 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2484621928-1310360547-416579212-647240181 | 10/19/2022 3:02:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3367 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:02:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3366 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 3:00:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 94185268-83E3-4E1A-8C7E-D418F5199426--DEA754B5-C524-4CF2-9881-8D88AA83717C (Friendly Name: fbb75b95-d63b-4219-9c1f-95434b40bc0a) successfully connected to port 337E92A1-CC54-41FA-B104-D27F04B33074 (Friendly Name: fbb75b95-d63b-4219-9c1f-95434b40bc0a) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3365 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2836 | 4232 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2484621928-1310360547-416579212-647240181 | 10/19/2022 2:59:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 94185268-83E3-4E1A-8C7E-D418F5199426--DEA754B5-C524-4CF2-9881-8D88AA83717C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3364 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2836 | 4232 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:59:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3363 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:59:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 2E0BCBB7-F60A-4171-BFC3-C90B56083F85--954D74CB-4E6F-41FC-B866-1EC3FAD9D28D (Friendly Name: a5b921f5-ce9c-4880-a153-d43ca2d2ad36). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3362 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1672 | 3968 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-772524983-1097987594-197772223-2235500630 | 10/19/2022 2:59:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2E0BCBB7-F60A-4171-BFC3-C90B56083F85--954D74CB-4E6F-41FC-B866-1EC3FAD9D28D successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3361 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1672 | 3968 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-772524983-1097987594-197772223-2235500630 | 10/19/2022 2:59:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3360 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:58:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2E0BCBB7-F60A-4171-BFC3-C90B56083F85--954D74CB-4E6F-41FC-B866-1EC3FAD9D28D (Friendly Name: a5b921f5-ce9c-4880-a153-d43ca2d2ad36) successfully connected to port C44FB5AF-CB36-4194-A052-519873325BA3 (Friendly Name: a5b921f5-ce9c-4880-a153-d43ca2d2ad36) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3359 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1672 | 1860 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-772524983-1097987594-197772223-2235500630 | 10/19/2022 2:58:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 2E0BCBB7-F60A-4171-BFC3-C90B56083F85--954D74CB-4E6F-41FC-B866-1EC3FAD9D28D (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3358 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1672 | 1860 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:58:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4483E5A5-E0A5-406E-8515-64248A73722F--D57B3D9B-841A-4778-BE51-62B6F1AE9C22 (Friendly Name: 211589ff-ceee-4968-be7c-793d72c43616). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3357 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1376 | 3852 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1149494693-1081008293-610538885-796029834 | 10/19/2022 2:58:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4483E5A5-E0A5-406E-8515-64248A73722F--D57B3D9B-841A-4778-BE51-62B6F1AE9C22 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3356 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1376 | 3852 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1149494693-1081008293-610538885-796029834 | 10/19/2022 2:58:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4483E5A5-E0A5-406E-8515-64248A73722F--D57B3D9B-841A-4778-BE51-62B6F1AE9C22 (Friendly Name: 211589ff-ceee-4968-be7c-793d72c43616) successfully connected to port 48738E0D-2C7E-452D-B747-3685593D8990 (Friendly Name: 211589ff-ceee-4968-be7c-793d72c43616) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3355 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1376 | 2168 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1149494693-1081008293-610538885-796029834 | 10/19/2022 2:58:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4483E5A5-E0A5-406E-8515-64248A73722F--D57B3D9B-841A-4778-BE51-62B6F1AE9C22 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3354 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1376 | 2168 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:58:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic CC82C77D-E49E-40D2-922E-CCA058066855--3258C82E-61D9-4E82-9E81-269E74D75958 (Friendly Name: e884f01a-fada-45a5-9957-3f2171517f92). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3353 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1888 | 2300 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3431122813-1087562910-2697735826-1432880728 | 10/19/2022 2:57:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC CC82C77D-E49E-40D2-922E-CCA058066855--3258C82E-61D9-4E82-9E81-269E74D75958 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3352 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1888 | 2300 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3431122813-1087562910-2697735826-1432880728 | 10/19/2022 2:57:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC CC82C77D-E49E-40D2-922E-CCA058066855--3258C82E-61D9-4E82-9E81-269E74D75958 (Friendly Name: e884f01a-fada-45a5-9957-3f2171517f92) successfully connected to port E13B5760-F069-48CD-9076-46C4EBBD9C74 (Friendly Name: e884f01a-fada-45a5-9957-3f2171517f92) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3351 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1888 | 2300 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3431122813-1087562910-2697735826-1432880728 | 10/19/2022 2:57:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic CC82C77D-E49E-40D2-922E-CCA058066855--3258C82E-61D9-4E82-9E81-269E74D75958 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3350 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1888 | 2300 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:57:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 2B29917C-A307-4B9E-9012-5966CD525533--990F4746-0A5B-4679-A92E-CAA1E46192F6 (Friendly Name: e3311696-6f1a-4332-be8c-ad6d2fa3139a). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3349 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3272 | 3152 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-724144508-1268687623-1717113488-861229773 | 10/19/2022 2:56:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2B29917C-A307-4B9E-9012-5966CD525533--990F4746-0A5B-4679-A92E-CAA1E46192F6 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3348 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3272 | 3152 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-724144508-1268687623-1717113488-861229773 | 10/19/2022 2:56:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2B29917C-A307-4B9E-9012-5966CD525533--990F4746-0A5B-4679-A92E-CAA1E46192F6 (Friendly Name: e3311696-6f1a-4332-be8c-ad6d2fa3139a) successfully connected to port 1E5DECEE-7ACF-4A6F-BC33-DDD680CF7788 (Friendly Name: e3311696-6f1a-4332-be8c-ad6d2fa3139a) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3347 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3272 | 3152 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-724144508-1268687623-1717113488-861229773 | 10/19/2022 2:56:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 2B29917C-A307-4B9E-9012-5966CD525533--990F4746-0A5B-4679-A92E-CAA1E46192F6 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3346 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3272 | 3152 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:56:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 620B5B43-55E7-4202-8FB2-74359DE94077--428B514F-F8F8-4DE5-9355-A41E8EA248B1 (Friendly Name: 356ae3d9-daa1-453e-81dd-4315878488ce). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3345 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5044 | 1372 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1644911427-1107449319-896840335-2000742813 | 10/19/2022 2:55:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 620B5B43-55E7-4202-8FB2-74359DE94077--428B514F-F8F8-4DE5-9355-A41E8EA248B1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3344 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5044 | 1372 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1644911427-1107449319-896840335-2000742813 | 10/19/2022 2:55:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-84-7C-30 has moved from port 45C6FAC3-9071-4986-886E-586A7362A753 (Friendly Name: 356ae3d9-daa1-453e-81dd-4315878488ce) to port 45C6FAC3-9071-4986-886E-586A7362A753 (Friendly Name: 356ae3d9-daa1-453e-81dd-4315878488ce). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3343 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 3420 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:55:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 620B5B43-55E7-4202-8FB2-74359DE94077--428B514F-F8F8-4DE5-9355-A41E8EA248B1 (Friendly Name: 356ae3d9-daa1-453e-81dd-4315878488ce) successfully connected to port 45C6FAC3-9071-4986-886E-586A7362A753 (Friendly Name: 356ae3d9-daa1-453e-81dd-4315878488ce) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3342 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5044 | 552 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1644911427-1107449319-896840335-2000742813 | 10/19/2022 2:55:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3341 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:55:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 620B5B43-55E7-4202-8FB2-74359DE94077--428B514F-F8F8-4DE5-9355-A41E8EA248B1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3340 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5044 | 1372 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:55:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3339 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:55:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9438BB83-F498-4BF1-8956-551001832C48--73A55995-C729-47FC-8757-55C5804FB8AF (Friendly Name: 356ae3d9-daa1-453e-81dd-4315878488ce). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3338 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 812 | 4352 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2486745987-1274147992-274028169-1210876673 | 10/19/2022 2:55:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9438BB83-F498-4BF1-8956-551001832C48--73A55995-C729-47FC-8757-55C5804FB8AF successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3337 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 812 | 4352 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2486745987-1274147992-274028169-1210876673 | 10/19/2022 2:55:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3336 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:54:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9438BB83-F498-4BF1-8956-551001832C48--73A55995-C729-47FC-8757-55C5804FB8AF (Friendly Name: 356ae3d9-daa1-453e-81dd-4315878488ce) successfully connected to port E7B2A807-FE1D-4132-BFCE-8A255E0BFC59 (Friendly Name: 356ae3d9-daa1-453e-81dd-4315878488ce) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3335 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 812 | 4592 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2486745987-1274147992-274028169-1210876673 | 10/19/2022 2:53:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9438BB83-F498-4BF1-8956-551001832C48--73A55995-C729-47FC-8757-55C5804FB8AF (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3334 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 812 | 4592 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:53:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 414DC204-6C42-41B3-A90A-32468B3F5219--3718F394-61C8-4303-A406-EF51439260DA (Friendly Name: b490245e-4ae7-4f59-a3e6-cb4c452f3cb4). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3333 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 3172 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1095614980-1102277698-1177684649-424820619 | 10/19/2022 2:53:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 414DC204-6C42-41B3-A90A-32468B3F5219--3718F394-61C8-4303-A406-EF51439260DA successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3332 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 3172 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1095614980-1102277698-1177684649-424820619 | 10/19/2022 2:53:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-2D-5B-55 has moved from port 39FCF360-6718-4575-9CF6-5C78655025B9 (Friendly Name: b490245e-4ae7-4f59-a3e6-cb4c452f3cb4) to port 39FCF360-6718-4575-9CF6-5C78655025B9 (Friendly Name: b490245e-4ae7-4f59-a3e6-cb4c452f3cb4). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3331 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 3420 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:53:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 414DC204-6C42-41B3-A90A-32468B3F5219--3718F394-61C8-4303-A406-EF51439260DA (Friendly Name: b490245e-4ae7-4f59-a3e6-cb4c452f3cb4) successfully connected to port 39FCF360-6718-4575-9CF6-5C78655025B9 (Friendly Name: b490245e-4ae7-4f59-a3e6-cb4c452f3cb4) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3330 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 3172 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1095614980-1102277698-1177684649-424820619 | 10/19/2022 2:53:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 414DC204-6C42-41B3-A90A-32468B3F5219--3718F394-61C8-4303-A406-EF51439260DA (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3329 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4416 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:53:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 7310E69E-DD5C-4139-8EE3-C2B720C42AAC--1461C642-7BD0-4DBC-B59C-772953C3F78F (Friendly Name: b490245e-4ae7-4f59-a3e6-cb4c452f3cb4). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3328 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 2228 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1930487454-1094311260-3083002766-2888483872 | 10/19/2022 2:53:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7310E69E-DD5C-4139-8EE3-C2B720C42AAC--1461C642-7BD0-4DBC-B59C-772953C3F78F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3327 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 2228 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1930487454-1094311260-3083002766-2888483872 | 10/19/2022 2:53:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7310E69E-DD5C-4139-8EE3-C2B720C42AAC--1461C642-7BD0-4DBC-B59C-772953C3F78F (Friendly Name: b490245e-4ae7-4f59-a3e6-cb4c452f3cb4) successfully connected to port B87131F0-A01E-4B79-9B93-50C780C62C6B (Friendly Name: b490245e-4ae7-4f59-a3e6-cb4c452f3cb4) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3326 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 4164 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1930487454-1094311260-3083002766-2888483872 | 10/19/2022 2:51:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7310E69E-DD5C-4139-8EE3-C2B720C42AAC--1461C642-7BD0-4DBC-B59C-772953C3F78F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3325 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 4164 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:51:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic F7010CD7-A5AE-4BAD-862B-0EB14E5F625D--1BD85ADC-3921-406D-9444-CD4B9421E1E3 (Friendly Name: 2094b067-4dcc-41d8-98dc-dcd23d276b6f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3324 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4784 | 4708 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4144041175-1269671342-2970495878-1566728014 | 10/19/2022 2:51:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F7010CD7-A5AE-4BAD-862B-0EB14E5F625D--1BD85ADC-3921-406D-9444-CD4B9421E1E3 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3323 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4784 | 4708 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4144041175-1269671342-2970495878-1566728014 | 10/19/2022 2:51:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F7010CD7-A5AE-4BAD-862B-0EB14E5F625D--1BD85ADC-3921-406D-9444-CD4B9421E1E3 (Friendly Name: 2094b067-4dcc-41d8-98dc-dcd23d276b6f) successfully connected to port 11A76469-A506-4CA8-BF52-946C1152E40A (Friendly Name: 2094b067-4dcc-41d8-98dc-dcd23d276b6f) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3322 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4784 | 4344 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4144041175-1269671342-2970495878-1566728014 | 10/19/2022 2:51:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic F7010CD7-A5AE-4BAD-862B-0EB14E5F625D--1BD85ADC-3921-406D-9444-CD4B9421E1E3 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3321 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4784 | 4344 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:51:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 43243AD5-7966-4760-9B11-8CE7251B32B5--4A4EF9C2-F66C-481C-B135-BEE1CA6D5969 (Friendly Name: b76fe759-38a7-4b0e-aa5b-114d5502682e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3320 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4176 | 4744 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1126447829-1197504870-3884716443-3039959845 | 10/19/2022 2:50:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 43243AD5-7966-4760-9B11-8CE7251B32B5--4A4EF9C2-F66C-481C-B135-BEE1CA6D5969 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3319 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4176 | 4744 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1126447829-1197504870-3884716443-3039959845 | 10/19/2022 2:50:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-BE-DE-4F has moved from port 72393159-5119-4782-990A-EBAD945935E1 (Friendly Name: b76fe759-38a7-4b0e-aa5b-114d5502682e) to port 72393159-5119-4782-990A-EBAD945935E1 (Friendly Name: b76fe759-38a7-4b0e-aa5b-114d5502682e). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3318 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 2576 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:50:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-BE-DE-4F has moved from port 92F3D89C-78C1-46A5-A28B-E82AC5E85975 (Friendly Name: br-data_External) to port 72393159-5119-4782-990A-EBAD945935E1 (Friendly Name: b76fe759-38a7-4b0e-aa5b-114d5502682e). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3317 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 3420 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:50:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 43243AD5-7966-4760-9B11-8CE7251B32B5--4A4EF9C2-F66C-481C-B135-BEE1CA6D5969 (Friendly Name: b76fe759-38a7-4b0e-aa5b-114d5502682e) successfully connected to port 72393159-5119-4782-990A-EBAD945935E1 (Friendly Name: b76fe759-38a7-4b0e-aa5b-114d5502682e) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3316 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4176 | 3200 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1126447829-1197504870-3884716443-3039959845 | 10/19/2022 2:50:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 43243AD5-7966-4760-9B11-8CE7251B32B5--4A4EF9C2-F66C-481C-B135-BEE1CA6D5969 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3315 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4176 | 3200 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:49:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 5A28AD80-6A97-4874-BD72-D7A1F6BB5D47--DF389311-B77E-4A8C-9E16-43F098A0A4D8 (Friendly Name: 3cb6f77d-7a85-45f4-a465-7f9177e1a6b9). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3314 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3828 | 3820 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1512615296-1215589015-2715251389-1197325302 | 10/19/2022 2:48:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5A28AD80-6A97-4874-BD72-D7A1F6BB5D47--DF389311-B77E-4A8C-9E16-43F098A0A4D8 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3313 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3828 | 3820 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1512615296-1215589015-2715251389-1197325302 | 10/19/2022 2:48:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5A28AD80-6A97-4874-BD72-D7A1F6BB5D47--DF389311-B77E-4A8C-9E16-43F098A0A4D8 (Friendly Name: 3cb6f77d-7a85-45f4-a465-7f9177e1a6b9) successfully connected to port C30F1AFC-9AE7-486D-9D1B-90570FFE9480 (Friendly Name: 3cb6f77d-7a85-45f4-a465-7f9177e1a6b9) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3312 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3828 | 828 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1512615296-1215589015-2715251389-1197325302 | 10/19/2022 2:47:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 5A28AD80-6A97-4874-BD72-D7A1F6BB5D47--DF389311-B77E-4A8C-9E16-43F098A0A4D8 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3311 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3828 | 828 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:47:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 24239F75-3351-4E2E-A127-CC92AFA80525--B5F0209D-8CD6-49AB-B55C-694D0732D803 (Friendly Name: 93e184d6-b2a7-41a7-8802-dcbc55d6e3e3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3310 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2760 | 4288 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-606314357-1311650641-2462853025-621127855 | 10/19/2022 2:47:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 24239F75-3351-4E2E-A127-CC92AFA80525--B5F0209D-8CD6-49AB-B55C-694D0732D803 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3309 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2760 | 4288 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-606314357-1311650641-2462853025-621127855 | 10/19/2022 2:47:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-3C-5E-83 has moved from port 384082CC-8A42-4DA5-923C-30877A41DC7A (Friendly Name: 93e184d6-b2a7-41a7-8802-dcbc55d6e3e3) to port 384082CC-8A42-4DA5-923C-30877A41DC7A (Friendly Name: 93e184d6-b2a7-41a7-8802-dcbc55d6e3e3). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3308 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 1844 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:47:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 24239F75-3351-4E2E-A127-CC92AFA80525--B5F0209D-8CD6-49AB-B55C-694D0732D803 (Friendly Name: 93e184d6-b2a7-41a7-8802-dcbc55d6e3e3) successfully connected to port 384082CC-8A42-4DA5-923C-30877A41DC7A (Friendly Name: 93e184d6-b2a7-41a7-8802-dcbc55d6e3e3) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3307 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2760 | 3852 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-606314357-1311650641-2462853025-621127855 | 10/19/2022 2:47:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3306 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1872 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:47:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 24239F75-3351-4E2E-A127-CC92AFA80525--B5F0209D-8CD6-49AB-B55C-694D0732D803 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3305 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2760 | 2168 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:47:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 486247CC-23DA-463C-9066-7BA2056E44B9--44D1AD39-5822-410E-A8D6-EC4366209288 (Friendly Name: 8f8ac717-0b2d-444f-bfc2-cee39dd57af5). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3304 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3148 | 1356 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1214400460-1178346458-2725996176-3108269573 | 10/19/2022 2:46:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 486247CC-23DA-463C-9066-7BA2056E44B9--44D1AD39-5822-410E-A8D6-EC4366209288 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3303 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3148 | 1356 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1214400460-1178346458-2725996176-3108269573 | 10/19/2022 2:46:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 486247CC-23DA-463C-9066-7BA2056E44B9--44D1AD39-5822-410E-A8D6-EC4366209288 (Friendly Name: 8f8ac717-0b2d-444f-bfc2-cee39dd57af5) successfully connected to port B6B01AA1-BEDA-489C-A824-60528FDCC728 (Friendly Name: 8f8ac717-0b2d-444f-bfc2-cee39dd57af5) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3302 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3148 | 1324 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1214400460-1178346458-2725996176-3108269573 | 10/19/2022 2:46:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 486247CC-23DA-463C-9066-7BA2056E44B9--44D1AD39-5822-410E-A8D6-EC4366209288 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3301 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3148 | 1324 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:46:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 41C521AD-E8E5-4FCF-8012-6789A88F1AD9--8DF1CB85-ED61-4348-A4A0-C3E7CC435CED (Friendly Name: 859fe3b7-2130-468b-9aa4-4fde477a1a07). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3300 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2536 | 4072 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1103438253-1339025637-2305233536-3642396584 | 10/19/2022 2:45:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 41C521AD-E8E5-4FCF-8012-6789A88F1AD9--8DF1CB85-ED61-4348-A4A0-C3E7CC435CED successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3299 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2536 | 4072 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1103438253-1339025637-2305233536-3642396584 | 10/19/2022 2:45:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 41C521AD-E8E5-4FCF-8012-6789A88F1AD9--8DF1CB85-ED61-4348-A4A0-C3E7CC435CED (Friendly Name: 859fe3b7-2130-468b-9aa4-4fde477a1a07) successfully connected to port 220A0C29-948A-41F5-B1B8-7EA07AB7AADA (Friendly Name: 859fe3b7-2130-468b-9aa4-4fde477a1a07) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3298 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2536 | 4072 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1103438253-1339025637-2305233536-3642396584 | 10/19/2022 2:45:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 41C521AD-E8E5-4FCF-8012-6789A88F1AD9--8DF1CB85-ED61-4348-A4A0-C3E7CC435CED (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3297 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2536 | 4072 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:45:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3296 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:45:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3295 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:45:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic F763043C-9380-43E0-9E02-CB3446918F03--C5DEAD6E-019F-4ABE-9ECC-90687E851B5C (Friendly Name: 9bc04e94-31d2-4c37-9698-08592d6a63fb). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3294 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3644 | 5044 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4150461500-1138791296-885719710-59740486 | 10/19/2022 2:45:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F763043C-9380-43E0-9E02-CB3446918F03--C5DEAD6E-019F-4ABE-9ECC-90687E851B5C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3293 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3644 | 5044 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4150461500-1138791296-885719710-59740486 | 10/19/2022 2:45:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3292 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:45:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3291 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:43:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3290 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:42:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F763043C-9380-43E0-9E02-CB3446918F03--C5DEAD6E-019F-4ABE-9ECC-90687E851B5C (Friendly Name: 9bc04e94-31d2-4c37-9698-08592d6a63fb) successfully connected to port B88AE45C-4E4A-4599-99E9-398628923429 (Friendly Name: 9bc04e94-31d2-4c37-9698-08592d6a63fb) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3289 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3644 | 5044 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4150461500-1138791296-885719710-59740486 | 10/19/2022 2:41:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic F763043C-9380-43E0-9E02-CB3446918F03--C5DEAD6E-019F-4ABE-9ECC-90687E851B5C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3288 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3644 | 5044 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:41:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3287 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:40:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3286 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:40:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3285 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:40:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 47BF112B-9CBF-4759-8CC5-0E742FD9F735--BE011FC9-DE0A-4113-B88E-BE5FF73A0E41 (Friendly Name: 5cd42b5c-88a8-4cf2-af0e-c135faa2e720). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3284 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2076 | 4780 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1203704107-1197055167-1947125132-905435439 | 10/19/2022 2:39:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 47BF112B-9CBF-4759-8CC5-0E742FD9F735--BE011FC9-DE0A-4113-B88E-BE5FF73A0E41 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3283 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2076 | 4780 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1203704107-1197055167-1947125132-905435439 | 10/19/2022 2:39:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3282 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:39:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 47BF112B-9CBF-4759-8CC5-0E742FD9F735--BE011FC9-DE0A-4113-B88E-BE5FF73A0E41 (Friendly Name: 5cd42b5c-88a8-4cf2-af0e-c135faa2e720) successfully connected to port 523DB3AF-A1B0-4616-987F-1BFA2AD74A96 (Friendly Name: 5cd42b5c-88a8-4cf2-af0e-c135faa2e720) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3281 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2076 | 2116 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1203704107-1197055167-1947125132-905435439 | 10/19/2022 2:38:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 47BF112B-9CBF-4759-8CC5-0E742FD9F735--BE011FC9-DE0A-4113-B88E-BE5FF73A0E41 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3280 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2076 | 2116 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:38:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 8BBD8605-00C2-4946-8419-E58917891114--77EE0FC3-9B34-4CC4-8E1A-D3535DE983DB (Friendly Name: 51ba93c7-8eed-417c-b9cd-9492e98a3b2d). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3279 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 3772 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2344453637-1229324482-2313492868-336693527 | 10/19/2022 2:37:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 8BBD8605-00C2-4946-8419-E58917891114--77EE0FC3-9B34-4CC4-8E1A-D3535DE983DB successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3278 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 3772 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2344453637-1229324482-2313492868-336693527 | 10/19/2022 2:37:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 5C2069C9-F6F6-4826-A85C-DD51BE9BD247--CD37644B-302F-4115-A78E-45CF63DDB657 (Friendly Name: 09ea9789-8cde-450d-86cd-ed6e8cb1ed50). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3277 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4532 | 3972 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1545628105-1210513142-1373461672-1204984766 | 10/19/2022 2:37:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5C2069C9-F6F6-4826-A85C-DD51BE9BD247--CD37644B-302F-4115-A78E-45CF63DDB657 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3276 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4532 | 3972 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1545628105-1210513142-1373461672-1204984766 | 10/19/2022 2:37:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5C2069C9-F6F6-4826-A85C-DD51BE9BD247--CD37644B-302F-4115-A78E-45CF63DDB657 (Friendly Name: 09ea9789-8cde-450d-86cd-ed6e8cb1ed50) successfully connected to port 2A4415C9-E29D-41E9-B45F-869C68BD6B04 (Friendly Name: 09ea9789-8cde-450d-86cd-ed6e8cb1ed50) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3275 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4532 | 3488 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1545628105-1210513142-1373461672-1204984766 | 10/19/2022 2:37:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 5C2069C9-F6F6-4826-A85C-DD51BE9BD247--CD37644B-302F-4115-A78E-45CF63DDB657 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3274 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4532 | 3488 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:37:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3273 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1084 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:37:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic E0A1C30B-12DE-4DE0-A404-19D2FE995D98--F5780791-865C-4FBD-BE53-17AB44FA5829 (Friendly Name: 312a14b9-7263-46f0-b5f3-5ba222ab866c). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3272 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4236 | 4256 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3768697611-1306530526-3524854948-2556271102 | 10/19/2022 2:36:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E0A1C30B-12DE-4DE0-A404-19D2FE995D98--F5780791-865C-4FBD-BE53-17AB44FA5829 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3271 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4236 | 4256 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3768697611-1306530526-3524854948-2556271102 | 10/19/2022 2:36:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NtpClient was unable to set a domain peer to use as a time source because of discovery error. NtpClient will try again in 30 minutes and double the reattempt interval thereafter. The error was: The entry is not found. (0x800706E1) | 129 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 3270 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1028 | 1212 | n-h2-861333-11.cbci-861333-11.local | S-1-5-19 | 10/19/2022 2:35:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 8BBD8605-00C2-4946-8419-E58917891114--77EE0FC3-9B34-4CC4-8E1A-D3535DE983DB (Friendly Name: 51ba93c7-8eed-417c-b9cd-9492e98a3b2d) successfully connected to port 5D183224-23D3-46AC-A5D8-360513A9FA7F (Friendly Name: 51ba93c7-8eed-417c-b9cd-9492e98a3b2d) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3269 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 4664 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2344453637-1229324482-2313492868-336693527 | 10/19/2022 2:35:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 8BBD8605-00C2-4946-8419-E58917891114--77EE0FC3-9B34-4CC4-8E1A-D3535DE983DB (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3268 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4692 | 4664 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:35:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic F43B5318-AAD5-4434-952B-AF15F880EB26--76AB14BA-CE2E-4117-A525-142CAAAAEF88 (Friendly Name: d6c1e72f-320c-47b7-8834-d601e69e33d7). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3267 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4476 | 3412 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4097528600-1144302293-363801493-652968184 | 10/19/2022 2:35:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F43B5318-AAD5-4434-952B-AF15F880EB26--76AB14BA-CE2E-4117-A525-142CAAAAEF88 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3266 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4476 | 3412 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4097528600-1144302293-363801493-652968184 | 10/19/2022 2:35:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E0A1C30B-12DE-4DE0-A404-19D2FE995D98--F5780791-865C-4FBD-BE53-17AB44FA5829 (Friendly Name: 312a14b9-7263-46f0-b5f3-5ba222ab866c) successfully connected to port 30D4AD38-8CD3-420D-887D-B50C9E21AB20 (Friendly Name: 312a14b9-7263-46f0-b5f3-5ba222ab866c) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3265 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4236 | 4536 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3768697611-1306530526-3524854948-2556271102 | 10/19/2022 2:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic E0A1C30B-12DE-4DE0-A404-19D2FE995D98--F5780791-865C-4FBD-BE53-17AB44FA5829 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3264 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4236 | 4536 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-C2-A6-74 has moved from port D38DBF3C-8B4C-4EFF-B6EE-3BBE74BC08BF (Friendly Name: d6c1e72f-320c-47b7-8834-d601e69e33d7) to port D38DBF3C-8B4C-4EFF-B6EE-3BBE74BC08BF (Friendly Name: d6c1e72f-320c-47b7-8834-d601e69e33d7). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3263 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 1844 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:34:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F43B5318-AAD5-4434-952B-AF15F880EB26--76AB14BA-CE2E-4117-A525-142CAAAAEF88 (Friendly Name: d6c1e72f-320c-47b7-8834-d601e69e33d7) successfully connected to port D38DBF3C-8B4C-4EFF-B6EE-3BBE74BC08BF (Friendly Name: d6c1e72f-320c-47b7-8834-d601e69e33d7) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3262 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4476 | 4636 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4097528600-1144302293-363801493-652968184 | 10/19/2022 2:34:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic F43B5318-AAD5-4434-952B-AF15F880EB26--76AB14BA-CE2E-4117-A525-142CAAAAEF88 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3261 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4476 | 3132 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:34:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 33BD1604-9D3C-4E79-89B1-B2DCC626E5E3--7B895C58-46D2-4C6F-8EF7-8015CB71DB3C (Friendly Name: d6c1e72f-320c-47b7-8834-d601e69e33d7). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3260 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3252 | 3944 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-868029956-1316592956-3702698377-3823445702 | 10/19/2022 2:34:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 33BD1604-9D3C-4E79-89B1-B2DCC626E5E3--7B895C58-46D2-4C6F-8EF7-8015CB71DB3C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3259 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3252 | 3944 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-868029956-1316592956-3702698377-3823445702 | 10/19/2022 2:34:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 33BD1604-9D3C-4E79-89B1-B2DCC626E5E3--7B895C58-46D2-4C6F-8EF7-8015CB71DB3C (Friendly Name: d6c1e72f-320c-47b7-8834-d601e69e33d7) successfully connected to port 49AEE398-A3D5-4A0E-AC68-D26BA2EFAB81 (Friendly Name: d6c1e72f-320c-47b7-8834-d601e69e33d7) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3258 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3252 | 3944 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-868029956-1316592956-3702698377-3823445702 | 10/19/2022 2:32:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 33BD1604-9D3C-4E79-89B1-B2DCC626E5E3--7B895C58-46D2-4C6F-8EF7-8015CB71DB3C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3257 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3252 | 3944 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:32:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3256 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1872 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:32:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3255 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1872 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:32:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BE36C0FE-EA51-4D22-BA7E-02EA5A26131C--7ED2D749-05D6-419C-8790-F7E983F63D75 (Friendly Name: a05be260-c9e5-4c20-81cc-1c4db4ee71c8). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3254 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1820 | 2304 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3191259390-1294133841-3926032058-471017050 | 10/19/2022 2:32:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BE36C0FE-EA51-4D22-BA7E-02EA5A26131C--7ED2D749-05D6-419C-8790-F7E983F63D75 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3253 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1820 | 2304 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3191259390-1294133841-3926032058-471017050 | 10/19/2022 2:32:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BE36C0FE-EA51-4D22-BA7E-02EA5A26131C--7ED2D749-05D6-419C-8790-F7E983F63D75 (Friendly Name: a05be260-c9e5-4c20-81cc-1c4db4ee71c8) successfully connected to port 004B86EF-58F9-4F78-B9A1-722CB268637E (Friendly Name: a05be260-c9e5-4c20-81cc-1c4db4ee71c8) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3252 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1820 | 1352 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3191259390-1294133841-3926032058-471017050 | 10/19/2022 2:31:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BE36C0FE-EA51-4D22-BA7E-02EA5A26131C--7ED2D749-05D6-419C-8790-F7E983F63D75 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3251 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1820 | 1352 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:31:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3250 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:30:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 3FB3EA56-EF88-48C9-BC9D-6A787BC66792--EA667564-F189-4E76-820B-BF38F4B245E8 (Friendly Name: 86c5823f-8205-4780-b9ce-49febe628ec1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3249 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4364 | 3076 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1068755542-1221193608-2020253116-2456274555 | 10/19/2022 2:29:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3FB3EA56-EF88-48C9-BC9D-6A787BC66792--EA667564-F189-4E76-820B-BF38F4B245E8 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3248 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4364 | 3076 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1068755542-1221193608-2020253116-2456274555 | 10/19/2022 2:29:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A89A53F3-43BA-4DE5-9860-7C4C80EAB2E3--F17A4E39-B6BA-400B-A385-A5547E85B716 (Friendly Name: 02592f2e-2305-4759-8682-77013519583b). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3247 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4652 | 4820 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2828686323-1306870714-1283219608-3820153472 | 10/19/2022 2:29:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A89A53F3-43BA-4DE5-9860-7C4C80EAB2E3--F17A4E39-B6BA-400B-A385-A5547E85B716 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3246 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4652 | 4820 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2828686323-1306870714-1283219608-3820153472 | 10/19/2022 2:29:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-EA-F6-BA has moved from port E9C9E97A-5C21-4CEC-8461-85A55419FDB8 (Friendly Name: 86c5823f-8205-4780-b9ce-49febe628ec1) to port E9C9E97A-5C21-4CEC-8461-85A55419FDB8 (Friendly Name: 86c5823f-8205-4780-b9ce-49febe628ec1). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3245 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 3868 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:29:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-EA-F6-BA has moved from port 92F3D89C-78C1-46A5-A28B-E82AC5E85975 (Friendly Name: br-data_External) to port E9C9E97A-5C21-4CEC-8461-85A55419FDB8 (Friendly Name: 86c5823f-8205-4780-b9ce-49febe628ec1). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3244 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 2576 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:29:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3FB3EA56-EF88-48C9-BC9D-6A787BC66792--EA667564-F189-4E76-820B-BF38F4B245E8 (Friendly Name: 86c5823f-8205-4780-b9ce-49febe628ec1) successfully connected to port E9C9E97A-5C21-4CEC-8461-85A55419FDB8 (Friendly Name: 86c5823f-8205-4780-b9ce-49febe628ec1) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3243 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4364 | 616 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1068755542-1221193608-2020253116-2456274555 | 10/19/2022 2:29:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 3FB3EA56-EF88-48C9-BC9D-6A787BC66792--EA667564-F189-4E76-820B-BF38F4B245E8 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3242 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4364 | 3076 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:29:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 31C76D42-BB97-4186-94B9-09813E830206--632B22D7-7958-4D6B-87FE-1D4415669F31 (Friendly Name: 56a8a321-dfc0-492f-94d8-71315dfbb27e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3241 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3700 | 880 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-835153218-1099348887-2164898196-100827966 | 10/19/2022 2:28:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 31C76D42-BB97-4186-94B9-09813E830206--632B22D7-7958-4D6B-87FE-1D4415669F31 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3240 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3700 | 880 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-835153218-1099348887-2164898196-100827966 | 10/19/2022 2:28:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3239 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1872 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:28:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3238 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:28:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A89A53F3-43BA-4DE5-9860-7C4C80EAB2E3--F17A4E39-B6BA-400B-A385-A5547E85B716 (Friendly Name: 02592f2e-2305-4759-8682-77013519583b) successfully connected to port B6ED48DB-21C4-49C8-853E-269857D895D2 (Friendly Name: 02592f2e-2305-4759-8682-77013519583b) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3237 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4652 | 4820 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2828686323-1306870714-1283219608-3820153472 | 10/19/2022 2:28:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A89A53F3-43BA-4DE5-9860-7C4C80EAB2E3--F17A4E39-B6BA-400B-A385-A5547E85B716 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3236 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4652 | 4820 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:28:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3235 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:28:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3234 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:28:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic DFE03B46-C3B8-4EAB-AC7A-508B388CC6F0--2A7AA009-F630-4442-A7A6-D0DED48CFC67 (Friendly Name: b1e18d21-ade2-47e6-b2c1-cc410da2649f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3233 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2104 | 2524 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3756014406-1319879608-2337307308-4039543864 | 10/19/2022 2:27:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC DFE03B46-C3B8-4EAB-AC7A-508B388CC6F0--2A7AA009-F630-4442-A7A6-D0DED48CFC67 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3232 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2104 | 2524 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3756014406-1319879608-2337307308-4039543864 | 10/19/2022 2:27:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 5E021E50-C378-480F-AE33-BE9CF005B012--0F7CDEAA-4F24-4C4E-8857-93E19C719240 (Friendly Name: 5045020e-1bd4-4eb4-b399-3b9c1a560800). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3231 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2452 | 3476 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1577197136-1208992632-2629710766-313525744 | 10/19/2022 2:27:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5E021E50-C378-480F-AE33-BE9CF005B012--0F7CDEAA-4F24-4C4E-8857-93E19C719240 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3230 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2452 | 3476 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1577197136-1208992632-2629710766-313525744 | 10/19/2022 2:27:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5E021E50-C378-480F-AE33-BE9CF005B012--0F7CDEAA-4F24-4C4E-8857-93E19C719240 (Friendly Name: 5045020e-1bd4-4eb4-b399-3b9c1a560800) successfully connected to port F2A23C36-F3BF-4561-94B4-1FD0A366D0C7 (Friendly Name: 5045020e-1bd4-4eb4-b399-3b9c1a560800) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3229 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2452 | 4596 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-1577197136-1208992632-2629710766-313525744 | 10/19/2022 2:26:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 5E021E50-C378-480F-AE33-BE9CF005B012--0F7CDEAA-4F24-4C4E-8857-93E19C719240 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3228 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2452 | 4596 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:26:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3227 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:26:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3226 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:26:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 22C2852D-72F9-4EA8-9F8B-2073EBA26FFF--0C151271-10BD-4829-8675-85B91E0E308B (Friendly Name: 94d0a1fc-215c-4687-ad1c-708340c2e004). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3225 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4676 | 4200 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-583173421-1319662329-1931512735-4285506283 | 10/19/2022 2:26:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 22C2852D-72F9-4EA8-9F8B-2073EBA26FFF--0C151271-10BD-4829-8675-85B91E0E308B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3224 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4676 | 4200 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-583173421-1319662329-1931512735-4285506283 | 10/19/2022 2:26:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 22C2852D-72F9-4EA8-9F8B-2073EBA26FFF--0C151271-10BD-4829-8675-85B91E0E308B (Friendly Name: 94d0a1fc-215c-4687-ad1c-708340c2e004) successfully connected to port 7B39399C-0BA8-4227-8E84-E55213399CB5 (Friendly Name: 94d0a1fc-215c-4687-ad1c-708340c2e004) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3223 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4676 | 3800 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-583173421-1319662329-1931512735-4285506283 | 10/19/2022 2:26:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 22C2852D-72F9-4EA8-9F8B-2073EBA26FFF--0C151271-10BD-4829-8675-85B91E0E308B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3222 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4676 | 3800 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:26:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC DFE03B46-C3B8-4EAB-AC7A-508B388CC6F0--2A7AA009-F630-4442-A7A6-D0DED48CFC67 (Friendly Name: b1e18d21-ade2-47e6-b2c1-cc410da2649f) successfully connected to port 9F5EC066-ECE4-4A0D-B3A4-E946030AED95 (Friendly Name: b1e18d21-ade2-47e6-b2c1-cc410da2649f) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3221 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2104 | 4148 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3756014406-1319879608-2337307308-4039543864 | 10/19/2022 2:26:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic DFE03B46-C3B8-4EAB-AC7A-508B388CC6F0--2A7AA009-F630-4442-A7A6-D0DED48CFC67 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3220 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2104 | 4148 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:26:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic FF7EDA44-66BF-449F-B558-662E57B21F5A--A3CAEE36-9D7D-4D24-90E5-76456E2C4259 (Friendly Name: 030e855c-5e20-4e06-9fae-6f86073e2c15). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3219 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4856 | 4232 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4286503492-1151297215-778459317-1512026711 | 10/19/2022 2:25:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC FF7EDA44-66BF-449F-B558-662E57B21F5A--A3CAEE36-9D7D-4D24-90E5-76456E2C4259 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3218 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4856 | 4232 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4286503492-1151297215-778459317-1512026711 | 10/19/2022 2:25:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC FF7EDA44-66BF-449F-B558-662E57B21F5A--A3CAEE36-9D7D-4D24-90E5-76456E2C4259 (Friendly Name: 030e855c-5e20-4e06-9fae-6f86073e2c15) successfully connected to port D8FD50AA-B5C3-42F9-9B89-919426FAEE2F (Friendly Name: 030e855c-5e20-4e06-9fae-6f86073e2c15) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3217 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4856 | 4100 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-4286503492-1151297215-778459317-1512026711 | 10/19/2022 2:25:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic FF7EDA44-66BF-449F-B558-662E57B21F5A--A3CAEE36-9D7D-4D24-90E5-76456E2C4259 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3216 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4856 | 4100 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:25:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic ACBD592A-7FBD-49AF-8160-2E592BD414DF--72D235F2-ED2C-4006-AD19-CBFA44ACD363 (Friendly Name: d8c4d914-2e57-4a20-a4fb-7953a0685e01). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3215 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4020 | 4448 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2898090282-1236238269-1496211585-3742684203 | 10/19/2022 2:24:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC ACBD592A-7FBD-49AF-8160-2E592BD414DF--72D235F2-ED2C-4006-AD19-CBFA44ACD363 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3214 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4020 | 4448 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2898090282-1236238269-1496211585-3742684203 | 10/19/2022 2:24:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC ACBD592A-7FBD-49AF-8160-2E592BD414DF--72D235F2-ED2C-4006-AD19-CBFA44ACD363 (Friendly Name: d8c4d914-2e57-4a20-a4fb-7953a0685e01) successfully connected to port 4A3AB027-574D-4EEB-8021-E068FB33C1E5 (Friendly Name: d8c4d914-2e57-4a20-a4fb-7953a0685e01) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3213 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4020 | 4448 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2898090282-1236238269-1496211585-3742684203 | 10/19/2022 2:24:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic ACBD592A-7FBD-49AF-8160-2E592BD414DF--72D235F2-ED2C-4006-AD19-CBFA44ACD363 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3212 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4020 | 4448 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:24:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic C7A07CF9-44FF-4FD5-A3AB-E77D792DB1A5--11AC9EEC-4CFF-4715-B4D3-8038B2908696 (Friendly Name: 1161348b-314e-40b7-b87a-9dd5b9e1eb36). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3211 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2252 | 4492 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3349183737-1339376895-2112334755-2779852153 | 10/19/2022 2:24:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C7A07CF9-44FF-4FD5-A3AB-E77D792DB1A5--11AC9EEC-4CFF-4715-B4D3-8038B2908696 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3210 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2252 | 4492 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3349183737-1339376895-2112334755-2779852153 | 10/19/2022 2:24:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C7A07CF9-44FF-4FD5-A3AB-E77D792DB1A5--11AC9EEC-4CFF-4715-B4D3-8038B2908696 (Friendly Name: 1161348b-314e-40b7-b87a-9dd5b9e1eb36) successfully connected to port 71438022-980E-4293-A032-858C8BC4918D (Friendly Name: 1161348b-314e-40b7-b87a-9dd5b9e1eb36) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3209 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2252 | 2120 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3349183737-1339376895-2112334755-2779852153 | 10/19/2022 2:24:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic C7A07CF9-44FF-4FD5-A3AB-E77D792DB1A5--11AC9EEC-4CFF-4715-B4D3-8038B2908696 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3208 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2252 | 2120 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:24:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 31C76D42-BB97-4186-94B9-09813E830206--632B22D7-7958-4D6B-87FE-1D4415669F31 (Friendly Name: 56a8a321-dfc0-492f-94d8-71315dfbb27e) successfully connected to port EF4CE2AA-1042-443F-960B-666506EF90D9 (Friendly Name: 56a8a321-dfc0-492f-94d8-71315dfbb27e) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3207 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3700 | 4816 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-835153218-1099348887-2164898196-100827966 | 10/19/2022 2:23:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 31C76D42-BB97-4186-94B9-09813E830206--632B22D7-7958-4D6B-87FE-1D4415669F31 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3206 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3700 | 4816 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:23:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A3EB8814-34C2-4FAC-97E7-7E87B2D3F4A8--8D2F7397-98C2-44CA-A93F-C86804243F03 (Friendly Name: 245c3cdd-4e35-4fd4-9951-a02cb5f410af). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3205 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1888 | 2304 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2750122004-1336685762-2273240983-2834617266 | 10/19/2022 2:22:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A3EB8814-34C2-4FAC-97E7-7E87B2D3F4A8--8D2F7397-98C2-44CA-A93F-C86804243F03 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3204 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1888 | 2304 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2750122004-1336685762-2273240983-2834617266 | 10/19/2022 2:22:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A3EB8814-34C2-4FAC-97E7-7E87B2D3F4A8--8D2F7397-98C2-44CA-A93F-C86804243F03 (Friendly Name: 245c3cdd-4e35-4fd4-9951-a02cb5f410af) successfully connected to port 73D6E594-7EDE-4CFD-93C9-15E8C602E86D (Friendly Name: 245c3cdd-4e35-4fd4-9951-a02cb5f410af) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3203 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1888 | 2968 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2750122004-1336685762-2273240983-2834617266 | 10/19/2022 2:22:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A3EB8814-34C2-4FAC-97E7-7E87B2D3F4A8--8D2F7397-98C2-44CA-A93F-C86804243F03 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3202 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1888 | 2968 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:22:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 177C1B1A-42AC-4148-B7F7-0AE57A4CC9F6--736A0796-52F5-419E-844E-159B05430EE3 (Friendly Name: 023437a6-2430-4777-a9cb-98db86e50675). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3201 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 900 | 912 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-394009370-1095254700-3842701239-4140387450 | 10/19/2022 2:21:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 177C1B1A-42AC-4148-B7F7-0AE57A4CC9F6--736A0796-52F5-419E-844E-159B05430EE3 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3200 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 900 | 912 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-394009370-1095254700-3842701239-4140387450 | 10/19/2022 2:21:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 177C1B1A-42AC-4148-B7F7-0AE57A4CC9F6--736A0796-52F5-419E-844E-159B05430EE3 (Friendly Name: 023437a6-2430-4777-a9cb-98db86e50675) successfully connected to port 617615A6-620C-479E-974F-0254867E96E0 (Friendly Name: 023437a6-2430-4777-a9cb-98db86e50675) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3199 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 900 | 1088 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-394009370-1095254700-3842701239-4140387450 | 10/19/2022 2:21:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 177C1B1A-42AC-4148-B7F7-0AE57A4CC9F6--736A0796-52F5-419E-844E-159B05430EE3 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3198 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 900 | 1088 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:21:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3197 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:21:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3196 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:21:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Time Provider NtpClient: No valid response has been received from domain controller n-ad-861333-11.cbci-861333-11.local after 8 attempts to contact it. This domain controller will be discarded as a time source and NtpClient will attempt to discover a new domain controller from which to synchronize. The error was: The peer is unreachable. | 24 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 3195 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1028 | 1212 | n-h2-861333-11.cbci-861333-11.local | S-1-5-19 | 10/19/2022 2:20:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3194 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:19:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3193 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:17:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3192 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:17:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Connectivity Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3191 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:17:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3190 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1440 | 3444 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 2:17:41 PM | 2e74ff98-153f-449e-b309-533c38eb7297 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3189 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:17:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Error Reporting Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3188 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1872 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:15:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3187 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1864 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:15:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3186 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:15:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3185 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:14:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Service Host service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3184 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:13:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3183 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:13:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3182 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:13:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 240000 milliseconds: Restart the service. | 7031 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 3181 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:13:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Error Reporting Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3180 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:13:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 963F6548-6998-45C2-B376-778F3D2D2B7D--CDAB7388-697C-452D-A2DD-1EE31903A845 (Friendly Name: 04a33c58-4661-4ee2-abb3-d117192bbd1b). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3179 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4556 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2520737096-1170368920-2406971059-2099981629 | 10/19/2022 2:13:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 963F6548-6998-45C2-B376-778F3D2D2B7D--CDAB7388-697C-452D-A2DD-1EE31903A845 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3178 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4556 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2520737096-1170368920-2406971059-2099981629 | 10/19/2022 2:13:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic C0051C0E-8213-42EF-9282-64FD6A161D0C--BD9F5DF3-4002-46BB-B9C7-4F24E983FBC6 (Friendly Name: 27b2beed-d677-4bce-9711-508641576473). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3177 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4744 | 4692 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3221560334-1122992659-4251222674-203232874 | 10/19/2022 2:13:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C0051C0E-8213-42EF-9282-64FD6A161D0C--BD9F5DF3-4002-46BB-B9C7-4F24E983FBC6 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3176 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4744 | 4692 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3221560334-1122992659-4251222674-203232874 | 10/19/2022 2:13:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3175 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1864 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:09:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3174 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1864 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:08:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3173 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1864 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:08:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3172 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1864 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 1A3DDA3D-1BC1-4DA6-9B9F-A466B3DB536F--4F157F16-DDED-4505-A876-E62F25B3BD92 (Friendly Name: 77e909d1-6494-481c-8e32-2517c861a555). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3171 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2972 | 5048 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-440261181-1302731713-1722064795-1867766707 | 10/19/2022 2:07:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 1A3DDA3D-1BC1-4DA6-9B9F-A466B3DB536F--4F157F16-DDED-4505-A876-E62F25B3BD92 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3170 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2972 | 5048 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-440261181-1302731713-1722064795-1867766707 | 10/19/2022 2:07:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 1A3DDA3D-1BC1-4DA6-9B9F-A466B3DB536F--4F157F16-DDED-4505-A876-E62F25B3BD92 (Friendly Name: 77e909d1-6494-481c-8e32-2517c861a555) successfully connected to port 82024363-4708-4B91-846E-D3EB28C8DF16 (Friendly Name: 77e909d1-6494-481c-8e32-2517c861a555) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3169 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2972 | 3288 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-440261181-1302731713-1722064795-1867766707 | 10/19/2022 2:06:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 1A3DDA3D-1BC1-4DA6-9B9F-A466B3DB536F--4F157F16-DDED-4505-A876-E62F25B3BD92 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3168 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2972 | 3288 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:06:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3167 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 2:06:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3166 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 2:06:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3165 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:06:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3164 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:06:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3163 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:06:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3162 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4584 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:06:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3161 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:06:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic D657FC2F-753E-4A73-9FDA-ECB4E950890C--C63AAF72-3550-40F6-ACD6-D9C879F4EF2C (Friendly Name: 87f00e5c-8148-4836-b7fc-888cdf773fac). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3160 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5108 | 2772 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3596090415-1249080638-3035421343-210325737 | 10/19/2022 2:04:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D657FC2F-753E-4A73-9FDA-ECB4E950890C--C63AAF72-3550-40F6-ACD6-D9C879F4EF2C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3159 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5108 | 2772 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3596090415-1249080638-3035421343-210325737 | 10/19/2022 2:04:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-F4-09-1B has moved from port CF14FE43-3AE2-4A41-AD6F-1F960DAB2F11 (Friendly Name: 87f00e5c-8148-4836-b7fc-888cdf773fac) to port CF14FE43-3AE2-4A41-AD6F-1F960DAB2F11 (Friendly Name: 87f00e5c-8148-4836-b7fc-888cdf773fac). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3158 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3448 | 2332 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:04:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D657FC2F-753E-4A73-9FDA-ECB4E950890C--C63AAF72-3550-40F6-ACD6-D9C879F4EF2C (Friendly Name: 87f00e5c-8148-4836-b7fc-888cdf773fac) successfully connected to port CF14FE43-3AE2-4A41-AD6F-1F960DAB2F11 (Friendly Name: 87f00e5c-8148-4836-b7fc-888cdf773fac) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3157 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5108 | 3872 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3596090415-1249080638-3035421343-210325737 | 10/19/2022 2:04:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3156 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:04:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D657FC2F-753E-4A73-9FDA-ECB4E950890C--C63AAF72-3550-40F6-ACD6-D9C879F4EF2C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3155 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5108 | 2696 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:04:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
NTLM is a weaker authentication mechanism. Please check:
Which applications are using NTLM authentication?
Are there configuration issues preventing the use of stronger authentication such as Kerberos authentication?
If NTLM must be supported, is Extended Protection configured?
Details on how to complete these checks can be found at http://go.microsoft.com/fwlink/?LinkId=225699. | 6038 | 0 | 0 | 3 | 0 | 0 | 36028797018963968 | 3154 | LsaSrv | 199fe037-2b82-40a9-82ac-e1d46c792b99 | System | 0 | 0 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:04:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3153 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 2:00:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3152 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:59:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic D26AC95D-92BD-4C26-958B-535AF4A66435--A4584C88-64DA-401D-850C-DD7914390B77 (Friendly Name: e587e40f-e579-461e-9d09-1f478b3cb2f1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3151 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3824 | 888 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3530213725-1277596349-1515424661-895788788 | 10/19/2022 1:58:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D26AC95D-92BD-4C26-958B-535AF4A66435--A4584C88-64DA-401D-850C-DD7914390B77 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3150 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3824 | 888 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3530213725-1277596349-1515424661-895788788 | 10/19/2022 1:58:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9942FCC2-32B3-4DCF-9E84-96CBA5ED5293--240ABD70-BEAB-4A23-9DFD-20CE874E606A (Friendly Name: 4e3bc1f9-5f05-4179-88a2-736c48f3c778). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3149 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3208 | 3752 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2571304130-1305424563-3415639198-2471685541 | 10/19/2022 1:58:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9942FCC2-32B3-4DCF-9E84-96CBA5ED5293--240ABD70-BEAB-4A23-9DFD-20CE874E606A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3148 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3208 | 3752 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2571304130-1305424563-3415639198-2471685541 | 10/19/2022 1:58:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D26AC95D-92BD-4C26-958B-535AF4A66435--A4584C88-64DA-401D-850C-DD7914390B77 (Friendly Name: e587e40f-e579-461e-9d09-1f478b3cb2f1) successfully connected to port 18D5C39D-F95C-4D53-87B4-246509320DC1 (Friendly Name: e587e40f-e579-461e-9d09-1f478b3cb2f1) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3147 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3824 | 680 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3530213725-1277596349-1515424661-895788788 | 10/19/2022 1:58:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D26AC95D-92BD-4C26-958B-535AF4A66435--A4584C88-64DA-401D-850C-DD7914390B77 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3146 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3824 | 680 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:58:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 82284BD6-1F76-43E6-A857-CB4417679193--A9FCC0AD-4F11-4900-A40B-7F3A9BB68CE4 (Friendly Name: e587e40f-e579-461e-9d09-1f478b3cb2f1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3145 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 4724 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2183678934-1139154806-1154176936-2475779863 | 10/19/2022 1:58:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 82284BD6-1F76-43E6-A857-CB4417679193--A9FCC0AD-4F11-4900-A40B-7F3A9BB68CE4 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3144 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 4724 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2183678934-1139154806-1154176936-2475779863 | 10/19/2022 1:58:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 82284BD6-1F76-43E6-A857-CB4417679193--A9FCC0AD-4F11-4900-A40B-7F3A9BB68CE4 (Friendly Name: e587e40f-e579-461e-9d09-1f478b3cb2f1) successfully connected to port 61C7B44D-A860-46BD-914D-B7A3929F871A (Friendly Name: e587e40f-e579-461e-9d09-1f478b3cb2f1) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3143 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 4724 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2183678934-1139154806-1154176936-2475779863 | 10/19/2022 1:57:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 82284BD6-1F76-43E6-A857-CB4417679193--A9FCC0AD-4F11-4900-A40B-7F3A9BB68CE4 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3142 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 4724 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:57:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3141 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:57:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic DB599199-E360-4F26-90A8-4BCDF8EC3705--EEAFA216-57DC-4360-AC8E-1AE049732962 (Friendly Name: e587e40f-e579-461e-9d09-1f478b3cb2f1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3140 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2120 | 3980 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3680080281-1327948640-3444287632-87551224 | 10/19/2022 1:57:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC DB599199-E360-4F26-90A8-4BCDF8EC3705--EEAFA216-57DC-4360-AC8E-1AE049732962 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3139 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2120 | 3980 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3680080281-1327948640-3444287632-87551224 | 10/19/2022 1:57:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3138 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:55:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Registry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3137 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:55:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3136 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:54:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3135 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:53:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Connectivity Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3134 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:53:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3133 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1440 | 3444 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:53:23 PM | f55d980f-1ef0-40d7-826f-266612da76c0 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3132 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:53:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Error Reporting Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3131 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:53:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3130 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:52:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3129 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:52:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3128 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:51:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3127 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:51:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3126 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:51:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. | 7031 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 3125 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:51:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Error Reporting Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3124 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 608 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:51:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9942FCC2-32B3-4DCF-9E84-96CBA5ED5293--240ABD70-BEAB-4A23-9DFD-20CE874E606A (Friendly Name: 4e3bc1f9-5f05-4179-88a2-736c48f3c778) successfully connected to port 39AE6B02-5437-4B94-9731-9B497C9287BF (Friendly Name: 4e3bc1f9-5f05-4179-88a2-736c48f3c778) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3123 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3208 | 3092 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2571304130-1305424563-3415639198-2471685541 | 10/19/2022 1:51:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9942FCC2-32B3-4DCF-9E84-96CBA5ED5293--240ABD70-BEAB-4A23-9DFD-20CE874E606A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3122 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3208 | 3092 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:51:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC DB599199-E360-4F26-90A8-4BCDF8EC3705--EEAFA216-57DC-4360-AC8E-1AE049732962 (Friendly Name: e587e40f-e579-461e-9d09-1f478b3cb2f1) successfully connected to port 5BA6546C-7C43-4B5D-9C95-F2C6A9F1590F (Friendly Name: e587e40f-e579-461e-9d09-1f478b3cb2f1) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3121 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2120 | 3980 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3680080281-1327948640-3444287632-87551224 | 10/19/2022 1:50:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic DB599199-E360-4F26-90A8-4BCDF8EC3705--EEAFA216-57DC-4360-AC8E-1AE049732962 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3120 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2120 | 3980 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:50:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 312EE30F-2704-4964-8706-A19C1D69BC52--77E526B9-36DA-448D-8185-5B34A265E643 (Friendly Name: a2cbffb5-dc64-43a1-829b-531fe76e88f9). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3119 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3140 | 3804 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-825156367-1231300356-2627798663-1388079389 | 10/19/2022 1:50:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 312EE30F-2704-4964-8706-A19C1D69BC52--77E526B9-36DA-448D-8185-5B34A265E643 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3118 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3140 | 3804 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-825156367-1231300356-2627798663-1388079389 | 10/19/2022 1:50:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 81DBDAE3-A08D-459B-944F-34D340A01584--91A9B9FE-323B-4D80-BDBF-E0E87AF7BA16 (Friendly Name: 4812e10f-0fea-4cd1-9faf-49561fdd449a). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3117 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4672 | 2288 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2178669283-1167827085-3543420820-2216009792 | 10/19/2022 1:50:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 81DBDAE3-A08D-459B-944F-34D340A01584--91A9B9FE-323B-4D80-BDBF-E0E87AF7BA16 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3116 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4672 | 2288 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2178669283-1167827085-3543420820-2216009792 | 10/19/2022 1:50:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 81DBDAE3-A08D-459B-944F-34D340A01584--91A9B9FE-323B-4D80-BDBF-E0E87AF7BA16 (Friendly Name: 4812e10f-0fea-4cd1-9faf-49561fdd449a) successfully connected to port EE88688E-C4AF-4140-8273-FBA32210A1C5 (Friendly Name: 4812e10f-0fea-4cd1-9faf-49561fdd449a) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3115 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4672 | 4720 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2178669283-1167827085-3543420820-2216009792 | 10/19/2022 1:50:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 81DBDAE3-A08D-459B-944F-34D340A01584--91A9B9FE-323B-4D80-BDBF-E0E87AF7BA16 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3114 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4672 | 4720 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:50:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3113 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:50:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 7F3B8C9D-8DA2-4651-8B7F-59ACBFD7FE44--22A29A89-ABD0-4576-A4B4-A92283C7DA5D (Friendly Name: de28ceeb-6c39-43ab-a8fc-45258c34827f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3112 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4612 | 1864 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2134609053-1179749794-2891546507-1157552063 | 10/19/2022 1:50:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7F3B8C9D-8DA2-4651-8B7F-59ACBFD7FE44--22A29A89-ABD0-4576-A4B4-A92283C7DA5D successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3111 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4612 | 1864 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2134609053-1179749794-2891546507-1157552063 | 10/19/2022 1:50:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C0051C0E-8213-42EF-9282-64FD6A161D0C--BD9F5DF3-4002-46BB-B9C7-4F24E983FBC6 (Friendly Name: 27b2beed-d677-4bce-9711-508641576473) successfully connected to port 80DD18F6-568F-47A0-AB00-31D2EEE1716C (Friendly Name: 27b2beed-d677-4bce-9711-508641576473) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3110 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4744 | 4692 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-3221560334-1122992659-4251222674-203232874 | 10/19/2022 1:50:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic C0051C0E-8213-42EF-9282-64FD6A161D0C--BD9F5DF3-4002-46BB-B9C7-4F24E983FBC6 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3109 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4744 | 4692 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:50:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3108 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:50:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3107 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:50:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7F3B8C9D-8DA2-4651-8B7F-59ACBFD7FE44--22A29A89-ABD0-4576-A4B4-A92283C7DA5D (Friendly Name: de28ceeb-6c39-43ab-a8fc-45258c34827f) successfully connected to port 67A265A9-D3CF-4D25-9891-13A298266720 (Friendly Name: de28ceeb-6c39-43ab-a8fc-45258c34827f) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3106 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4612 | 1864 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2134609053-1179749794-2891546507-1157552063 | 10/19/2022 1:50:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7F3B8C9D-8DA2-4651-8B7F-59ACBFD7FE44--22A29A89-ABD0-4576-A4B4-A92283C7DA5D (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3105 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4612 | 1864 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:50:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 80DE1FEE-C83F-426E-BFAA-4C09E59521C3--10B78764-E862-4DA9-B8E0-8AC5E674894A (Friendly Name: ee2c0692-750d-4772-b66a-ba3829d461e0). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3104 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4796 | 4352 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2162040814-1114556479-156019391-3273758181 | 10/19/2022 1:50:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 80DE1FEE-C83F-426E-BFAA-4C09E59521C3--10B78764-E862-4DA9-B8E0-8AC5E674894A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3103 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4796 | 4352 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2162040814-1114556479-156019391-3273758181 | 10/19/2022 1:50:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 80DE1FEE-C83F-426E-BFAA-4C09E59521C3--10B78764-E862-4DA9-B8E0-8AC5E674894A (Friendly Name: ee2c0692-750d-4772-b66a-ba3829d461e0) successfully connected to port 247CB69B-F326-407A-BA98-4E7E1A880448 (Friendly Name: ee2c0692-750d-4772-b66a-ba3829d461e0) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3102 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4796 | 4352 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2162040814-1114556479-156019391-3273758181 | 10/19/2022 1:49:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 80DE1FEE-C83F-426E-BFAA-4C09E59521C3--10B78764-E862-4DA9-B8E0-8AC5E674894A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3101 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4796 | 4352 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:49:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 963F6548-6998-45C2-B376-778F3D2D2B7D--CDAB7388-697C-452D-A2DD-1EE31903A845 (Friendly Name: 04a33c58-4661-4ee2-abb3-d117192bbd1b) successfully connected to port 72A00EBE-F5A0-41F2-AC78-33DA69A4EC00 (Friendly Name: 04a33c58-4661-4ee2-abb3-d117192bbd1b) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3100 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4496 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-2520737096-1170368920-2406971059-2099981629 | 10/19/2022 1:49:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 963F6548-6998-45C2-B376-778F3D2D2B7D--CDAB7388-697C-452D-A2DD-1EE31903A845 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3099 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4496 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:49:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3098 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 608 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:49:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3097 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 608 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:49:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Status 0x00001069 determining that device interface \\?\{8e7bd593-6e6c-4c52-86a6-77175494dd8e}#MsVhdHba#1&3030e83&0&01#{2accfe60-c130-11d2-b082-00a0c91efb8b} does not support iSCSI WMI interfaces. If this device is not an iSCSI HBA then this error can be ignored. | 108 | | 0 | 3 | 0 | | 36028797018963968 | 3096 | MSiSCSI | | System | | | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:49:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 312EE30F-2704-4964-8706-A19C1D69BC52--77E526B9-36DA-448D-8185-5B34A265E643 (Friendly Name: a2cbffb5-dc64-43a1-829b-531fe76e88f9) successfully connected to port FEC0E140-29A3-492B-8DB6-F31E190456B0 (Friendly Name: a2cbffb5-dc64-43a1-829b-531fe76e88f9) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3095 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3140 | 4532 | n-h2-861333-11.cbci-861333-11.local | S-1-5-83-1-825156367-1231300356-2627798663-1388079389 | 10/19/2022 1:49:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 312EE30F-2704-4964-8706-A19C1D69BC52--77E526B9-36DA-448D-8185-5B34A265E643 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3094 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3140 | 4532 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:49:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3093 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:49:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3092 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:49:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3091 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:49:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3090 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:49:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3089 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:49:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Biometric Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3088 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:48:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3087 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:48:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3086 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:48:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3085 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:48:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3084 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:48:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3083 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:47:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3082 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:47:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3081 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:47:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3080 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:47:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3079 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:47:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3078 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:47:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3077 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:47:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3076 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:47:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3075 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:47:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3074 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:46:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The neutron-hyperv-agent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3073 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user CBCI-861333-11\administrator SID (S-1-5-21-276382910-4033749550-1106752159-500) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3072 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 980 | 1568 | n-h2-861333-11.cbci-861333-11.local | S-1-5-21-276382910-4033749550-1106752159-500 | 10/19/2022 1:45:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the neutron-hyperv-agent service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3071 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:45:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nova-compute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3070 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user CBCI-861333-11\administrator SID (S-1-5-21-276382910-4033749550-1106752159-500) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3069 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 980 | 1568 | n-h2-861333-11.cbci-861333-11.local | S-1-5-21-276382910-4033749550-1106752159-500 | 10/19/2022 1:45:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nova-compute service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3068 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:45:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3067 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3066 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3065 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1440 | 3444 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:45:41 PM | f8172612-c6de-48c1-9b14-82eff7702949 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3064 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3063 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1440 | 3444 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:45:30 PM | 65b6c383-4a45-4d21-95c1-20f554b35b91 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3062 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source VM IC Time Synchronization Provider. | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3061 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1028 | 1832 | n-h2-861333-11.cbci-861333-11.local | S-1-5-19 | 10/19/2022 1:45:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3060 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 608 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 3059 | Virtual Disk Service | | System | | | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3058 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 608 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 3057 | Virtual Disk Service | | System | | | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3056 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 980 | 104 | n-h2-861333-11.cbci-861333-11.local | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:45:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from n-ad-861333-11.cbci-861333-11.local (ntp.d|0.0.0.0:123->10.222.0.45:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3055 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1028 | 1152 | n-h2-861333-11.cbci-861333-11.local | S-1-5-19 | 10/19/2022 1:45:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\cloudbase-init SID (S-1-5-21-1583402943-1249759785-120919696-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3054 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 980 | 1016 | n-h2-861333-11.cbci-861333-11.local | S-1-5-21-1583402943-1249759785-120919696-1000 | 10/19/2022 1:45:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The W32Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3053 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system failed to register pointer (PTR) resource records (RRs) for network adapter
with settings:
Adapter Name : {D03F2D0A-BFE3-4AE0-94E1-97A489774C5C}
Host Name : n-h2-861333-11
Adapter-specific Domain Suffix : cbci-861333-11.local
DNS server list :
10.222.0.45, 8.8.8.8, 4.4.4.4
Sent update to server : <?>
IP Address :
10.222.0.49
The reason the system could not register these RRs during the update request was because of a system problem. You can manually retry DNS registration of the network adapter and its settings by typing 'ipconfig /registerdns' at the command prompt. If problems still persist, contact your DNS server or network systems administrator. See event details for specific error code information. | 8014 | 0 | | 4 | 1028 | 0 | 4611686018427387904 | 3052 | Microsoft-Windows-DNS-Client | 1c95126e-7eea-49a9-a3fe-a378b03ddb4d | System | 1128 | 2352 | n-h2-861333-11.cbci-861333-11.local | S-1-5-20 | 10/19/2022 1:45:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3051 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wuauserv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3050 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3049 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1440 | 3444 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:45:05 PM | eda93d42-65eb-4ae4-ae2c-0c1e7accafa0 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3048 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3047 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 608 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3046 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1440 | 2808 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:45:04 PM | 4f770fa6-ccda-42c7-9352-42ff487b911f | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3045 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The swprv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3044 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmcompute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3043 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The firewall exception to allow Internet Storage Name Server (iSNS) client functionality is not enabled. iSNS client functionality is not available. | 121 | | 0 | 3 | 0 | | 36028797018963968 | 3042 | MSiSCSI | | System | | | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wlidsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3041 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3040 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MSiSCSI service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3039 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 3038 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 504 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3037 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 3036 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 808 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\cloudbase-init SID (S-1-5-21-1583402943-1249759785-120919696-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3035 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 980 | 100 | n-h2-861333-11.cbci-861333-11.local | S-1-5-21-1583402943-1249759785-120919696-1000 | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3034 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1092 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:10.222.0.49 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3033 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 1440 | 2144 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 3032 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 504 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3031 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3030 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The KeyIso service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3029 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1304 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3028 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3027 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3026 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3025 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1268 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3024 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SessionEnv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3023 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1092 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3022 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1092 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3021 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1304 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3020 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1304 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TimeBrokerSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3019 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3018 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 608 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3017 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 608 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3016 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1088 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3015 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1264 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3014 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1096 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3013 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3012 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1096 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3011 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1096 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3010 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 604 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Netlogon service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3009 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3008 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IKEEXT service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3007 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3006 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3005 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CertPropSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3004 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3003 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3002 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A new self signed certificate to be used for RD Session Host Server authentication on SSL connections was generated. The name on this certificate is n-h2-861333-11.cbci-861333-11.local. The SHA1 hash of the certificate is in the event data. | 1056 | 0 | 49152 | 4 | 0 | 0 | 36028797018963968 | 3001 | Microsoft-Windows-TerminalServices-RemoteConnectionManager | c76baa63-ae81-421c-b425-340b4b24157f | System | 0 | 0 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 3000 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2999 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2998 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2997 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2996 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UmRdpService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2995 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1096 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) is now operational. | 23 | 0 | | 4 | 1016 | 0 | -9223372036854775808 | 2994 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 504 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2993 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 504 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2992 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 504 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PolicyAgent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2991 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2990 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 604 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2989 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 604 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2988 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 604 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:45:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2987 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1080 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2986 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 604 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2985 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 604 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcbService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2984 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1088 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2983 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2982 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1088 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2981 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2980 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2979 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1088 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2978 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1088 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2977 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2976 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2975 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2974 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2973 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2972 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 208 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2971 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 208 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2970 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2969 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1272 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?10?-?19T13:44:59.463000000Z from ?2022?-?10?-?19T13:44:59.413849800Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2968 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1036 | 1332 | n-h2-861333-11.cbci-861333-11.local | S-1-5-19 | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2967 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 208 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2966 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 604 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2965 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1304 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2964 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2963 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1036 | 1208 | n-h2-861333-11.cbci-861333-11.local | S-1-5-19 | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TermService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2962 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2961 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1036 | 1124 | n-h2-861333-11.cbci-861333-11.local | S-1-5-19 | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2960 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2959 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 548 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2958 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1084 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2957 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2956 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 904 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2955 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2954 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2953 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2952 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2951 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2950 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2949 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 820 | 824 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:58 PM | f5eb6c1c-e3c0-0005-1f6c-ebf5c0e3d801 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2948 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 692 | 696 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2947 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) is now operational. | 23 | 0 | | 4 | 1016 | 0 | -9223372036854775808 | 2946 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 384 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2945 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) is no longer operational. | 24 | 0 | | 4 | 1017 | 0 | -9223372036854775808 | 2944 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 384 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Protocol NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) successfully bound to port 92F3D89C-78C1-46A5-A28B-E82AC5E85975 (Friendly Name: br-data_External) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 17 | 0 | | 4 | 1012 | 0 | -9223372036854775808 | 2943 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 384 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) successfully connected to port 92F3D89C-78C1-46A5-A28B-E82AC5E85975 (Friendly Name: br-data_External) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2942 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 384 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully updated NIC NDIS QoS with Miniport NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) | 191 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2941 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 384 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2940 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 384 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2939 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2938 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2937 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2936 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2935 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2934 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2933 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2932 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2931 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2930 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2929 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2928 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| If Digest support selected for iSCSI Session, Will use Processor support for Digest computation. | 67 | | 16384 | 4 | 0 | | 36028797018963968 | 2927 | iScsiPrt | | System | | | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403 (Friendly Name: br-data) successfully initialized. | 9 | 0 | | 4 | 1005 | 0 | -9223372036854775808 | 2926 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 184 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403 (Friendly Name: br-data) successfully connected to port 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403 (Friendly Name: br-data) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2925 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 184 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403 (Friendly Name: br-data). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2924 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 184 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2923 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2922 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 208 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2921 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2920 | VfpExt | | System | | | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2919 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume C: (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2918 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 208 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2917 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2916 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2915 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2914 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2913 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2912 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2911 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2910 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2909 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2908 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2907 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2906 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2022?-?10?-?19T13:44:50.491885800Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2905 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | n-h2-861333-11.cbci-861333-11.local | S-1-5-18 | 10/19/2022 1:44:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2022?-?10?-?19T13:44:43.405575300Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2904 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 3836 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2903 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 692 | 696 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2902 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system uptime is 9 seconds. | 6013 | | 32768 | 4 | 0 | | 36028797018963968 | 2901 | EventLog | | System | | | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2900 | EventLog | | System | | | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2899 | EventLog | | System | | | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Initiator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2898 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2897 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2896 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2895 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2894 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2893 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11.cbci-861333-11.local | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2892 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2891 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2890 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2889 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IKE and AuthIP IPsec Keying Modules service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2888 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2887 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2886 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2885 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1200 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2884 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Software Shadow Copy Provider service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2883 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Target Server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2882 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2881 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2880 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IPsec Policy Agent service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2879 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2878 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2877 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2876 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3968 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2875 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2874 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1428 | 1536 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services UserMode Port Redirector service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2873 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4380 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Install Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2872 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4380 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2871 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3968 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2870 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2924 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2869 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1428 | 1552 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?10?-?19T13:44:38.468000000Z from ?2022?-?10?-?19T13:44:38.473674900Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2868 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1436 | 1504 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HV Host Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2867 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1424 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2866 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2865 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2864 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:44:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2863 | EventLog | | System | | | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is not listening for WS-Management requests.
User Action
If you did not intentionally stop the service, use the following command to see the WinRM configuration:
winrm enumerate winrm/config/listener | 10149 | 0 | 7 | 3 | 0 | 0 | 36028797018963968 | 2862 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | n-h2-861333-11 | | 10/19/2022 1:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2861 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:44:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2860 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:44:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2859 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:44:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\system32\shutdown.exe (N-H2-861333-11) has initiated the restart of computer N-H2-861333-11 on behalf of user N-H2-861333-11\Admin for the following reason: No title for this reason could be found
Reason Code: 0x800000ff
Shutdown Type: restart
Comment: Reboot initiated by Ansible | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2858 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 596 | 612 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:44:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2857 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:44:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The machine n-h2-861333-11 successfully joined the domain cbci-861333-11.local. | 4096 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2856 | NetJoin | 9741fd4e-3757-479f-a3c6-fc49f6d5edd0 | System | 1332 | 1368 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:44:33 PM | 00000000-0000-0000-0100-000000000000 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Netlogon service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2855 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Connectivity Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2854 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| This computer has been successfully joined to domain 'cbci-861333-11.local'. | 3260 | | 0 | 4 | 0 | | 36028797018963968 | 2853 | Workstation | | System | | | n-h2-861333-11 | | 10/19/2022 1:44:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2852 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:44:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2851 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:44:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2850 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:44:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2849 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:44:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2848 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:44:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source VM IC Time Synchronization Provider. | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2847 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1436 | 3956 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:43:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2846 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1436 | 1516 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:43:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2845 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:40:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2844 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:38:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2843 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:38:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2842 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:32:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2841 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4608 | n-h2-861333-11 | | 10/19/2022 1:30:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2840 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 4608 | n-h2-861333-11 | | 10/19/2022 1:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The firewall exception to allow Internet Storage Name Server (iSNS) client functionality is not enabled. iSNS client functionality is not available. | 121 | | 0 | 3 | 0 | | 36028797018963968 | 2839 | MSiSCSI | | System | | | n-h2-861333-11 | | 10/19/2022 1:29:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Initiator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2838 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:29:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2837 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:29:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2836 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1152 | n-h2-861333-11 | | 10/19/2022 1:29:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| If Digest support selected for iSCSI Session, Will use Processor support for Digest computation. | 67 | | 16384 | 4 | 0 | | 36028797018963968 | 2835 | iScsiPrt | | System | | | n-h2-861333-11 | | 10/19/2022 1:29:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2834 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:29:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft iSCSI Initiator Service service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2833 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:29:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2832 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:29:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2831 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:29:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2830 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:29:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2829 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:29:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2828 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:29:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2827 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:29:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2826 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:28:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2825 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:28:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2824 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:28:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2823 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:28:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2822 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:28:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2821 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:27:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2820 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:26:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2819 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:26:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2818 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:26:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2817 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:26:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2816 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:26:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2815 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:24:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2814 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:23:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2813 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:22:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2812 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:22:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2811 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:22:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2810 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2809 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:21:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2808 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:21:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2807 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:21:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2806 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:20:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2805 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:20:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2804 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:20:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2803 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:20:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2802 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:20:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2801 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:19:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2800 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:19:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2799 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:19:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2798 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:18:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2797 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:18:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Registry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2796 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:18:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The App Readiness service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2795 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:18:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2794 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:18:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2793 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:17:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2792 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:16:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2791 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:16:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2790 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:16:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2789 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:16:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2788 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:16:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Time Provider NtpClient: No valid response has been received from manually configured peer time.windows.com,0x8 after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The peer is unreachable. | 47 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 2787 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1436 | 1516 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:15:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2786 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:15:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2785 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:14:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2784 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:14:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2783 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:14:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2782 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2781 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2780 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2779 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2778 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2777 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2776 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2775 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2774 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2773 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2772 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2771 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | | 10/19/2022 1:14:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2770 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2769 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:14:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2768 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:13:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2767 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:13:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2766 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:13:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2765 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:13:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2764 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:13:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2763 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:12:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2762 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:12:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2761 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:12:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2760 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | | 10/19/2022 1:12:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2759 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:12:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2758 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:12:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2757 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | | 10/19/2022 1:12:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2756 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:12:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2755 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:12:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2754 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:12:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2753 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-20 | 10/19/2022 1:11:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2752 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:11:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Biometric Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2751 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:11:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2750 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1012 | n-h2-861333-11 | S-1-5-20 | 10/19/2022 1:11:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2749 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2748 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2747 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2746 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | | 10/19/2022 1:11:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2745 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2744 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | | 10/19/2022 1:11:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2743 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2742 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2741 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2740 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2739 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1436 | 1512 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:11:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2738 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1436 | 1516 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:11:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2737 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 996 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2736 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1436 | 1512 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:11:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2735 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1624 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2734 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1624 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:11:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2733 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) successfully connected to port 92F3D89C-78C1-46A5-A28B-E82AC5E85975 (Friendly Name: br-data_External) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2732 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2496 | 2832 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) is now operational. | 23 | 0 | | 4 | 1016 | 0 | -9223372036854775808 | 2731 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 1244 | n-h2-861333-11 | | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2730 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 1244 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) is no longer operational. | 24 | 0 | | 4 | 1017 | 0 | -9223372036854775808 | 2729 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 1244 | n-h2-861333-11 | | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Protocol NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) successfully bound to port (Friendly Name: ) on switch (Friendly Name: ). | 17 | 0 | | 4 | 1012 | 0 | -9223372036854775808 | 2728 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 1244 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully updated NIC NDIS QoS with Miniport NIC /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: Microsoft Hyper-V Network Adapter #2) | 191 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2727 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 1244 | n-h2-861333-11 | | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic /DEVICE/{40B36698-539F-4B08-A7B1-DDECC2618E13} (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2726 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 1244 | n-h2-861333-11 | | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Initialization failed because the driver device could not be created. Use the string "FA163EE797AA" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the Globally Unique Interface Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither the MAC address nor the GUID were available, the string represents a cluster device name. | 4311 | | 49152 | 2 | 0 | | 36028797018963968 | 2725 | NetBT | | System | | | n-h2-861333-11 | | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2724 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3656 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2723 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-861333-11 | | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2722 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3656 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal is no longer active. | 4201 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2721 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 620 | 3548 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' is halting | 6 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2720 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3836 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2719 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3836 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2718 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:10:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403 (Friendly Name: br-data) successfully initialized. | 9 | 0 | | 4 | 1005 | 0 | -9223372036854775808 | 2717 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2496 | 1752 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403 (Friendly Name: br-data) successfully connected to port 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403 (Friendly Name: br-data) on switch 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2716 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2496 | 1752 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7C7E08E8-069E-47A8-A9C6-7BA3AED0B403 (Friendly Name: br-data). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2715 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2496 | 1752 | n-h2-861333-11 | | 10/19/2022 1:10:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver wvms_mp.inf_amd64_e1065995a017ab1b\wvms_mp.inf for Device Instance ID ROOT\VMS_VSMP\0000 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2714 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 3860 | 1580 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: VMSMP
Service File Name: \SystemRoot\System32\drivers\vmswitch.sys
Service Type: kernel mode driver
Service Start Type: demand start
Service Account: | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2713 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2712 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1608 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the neutron-hyperv-agent service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2711 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: neutron-hyperv-agent
Service File Name: c:\openstack\bin\OpenStackService.exe neutron-hyperv-agent c:\python38\scripts\neutron-hyperv-agent.exe --config-file c:\openstack\etc\neutron-hyperv-agent.conf
Service Type: user mode service
Service Start Type: auto start
Service Account: LocalSystem | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2710 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2709 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | | 10/19/2022 1:10:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2708 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1436 | 1628 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:10:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2707 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | | 10/19/2022 1:10:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nova-compute service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2706 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: nova-compute
Service File Name: c:\openstack\bin\OpenStackService.exe nova-compute c:\python38\scripts\nova-compute.exe --config-file c:\openstack\etc\nova.conf
Service Type: user mode service
Service Start Type: auto start
Service Account: LocalSystem | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2705 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1616 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2704 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1616 | n-h2-861333-11 | | 10/19/2022 1:10:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2703 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1608 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IKE and AuthIP IPsec Keying Modules service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2702 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | | 10/19/2022 1:10:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the IKE and AuthIP IPsec Keying Modules service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2701 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1700 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:10:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2700 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:10:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2699 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:10:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2698 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2697 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:10:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2696 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:10:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2695 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:10:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2694 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1000 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2693 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1608 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2692 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1608 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:10:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushsvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2691 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:10:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2690 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1608 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:09:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2689 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1924 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:09:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2688 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:09:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2687 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:09:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PolicyAgent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2686 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:09:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| SSL Certificate Settings created by an admin process for endpoint : 0.0.0.0:5986 . | 15301 | 0 | 32768 | 3 | 0 | 0 | 36028797018963968 | 2685 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 136 | n-h2-861333-11 | | 10/19/2022 1:09:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Reservation for namespace identified by URL prefix https://+:5986/wsman/ was successfully added. | 15007 | 0 | 16384 | 4 | 0 | 0 | 36028797018963968 | 2684 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 136 | n-h2-861333-11 | | 10/19/2022 1:09:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Reservation for namespace identified by URL prefix https://+:5986/wsman/ was successfully deleted. | 15008 | 0 | 16384 | 4 | 0 | 0 | 36028797018963968 | 2683 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 136 | n-h2-861333-11 | | 10/19/2022 1:09:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2682 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:09:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 2681 | Virtual Disk Service | | System | | | n-h2-861333-11 | | 10/19/2022 1:09:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2680 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:09:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 2679 | Virtual Disk Service | | System | | | n-h2-861333-11 | | 10/19/2022 1:09:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\Admin SID (S-1-5-21-1583402943-1249759785-120919696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2678 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1608 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1001 | 10/19/2022 1:09:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2677 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TBS device identifier has been generated. | 1282 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2676 | Microsoft-Windows-TPM-WMI | 7d5387b0-cbe0-11da-a94d-0800200c9a66 | System | 2208 | 3564 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2675 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\cloudbase-init SID (S-1-5-21-1583402943-1249759785-120919696-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2674 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1924 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1000 | 10/19/2022 1:08:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2673 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:08:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 1 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 2672 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 620 | 3080 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:41 PM | 4b1bcb94-bcf1-401d-b53c-0856ef0b6a4c | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrustedInstaller service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2671 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:08:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2670 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:08:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-861333-11\cloudbase-init SID (S-1-5-21-1583402943-1249759785-120919696-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2669 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 956 | 1924 | n-h2-861333-11 | S-1-5-21-1583402943-1249759785-120919696-1000 | 10/19/2022 1:08:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wuauserv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2668 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The swprv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2667 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:192.168.0.61 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2666 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 620 | 2900 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:10.222.0.49 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2665 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 620 | 2900 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| This event triggers the TBS device identifier generation. | 1281 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2664 | Microsoft-Windows-TPM-WMI | 7d5387b0-cbe0-11da-a94d-0800200c9a66 | System | 620 | 3024 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LicenseManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2663 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:08:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SessionEnv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2662 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2661 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UmRdpService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2660 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A new self signed certificate to be used for RD Session Host Server authentication on SSL connections was generated. The name on this certificate is n-h2-861333-11. The SHA1 hash of the certificate is in the event data. | 1056 | 0 | 49152 | 4 | 0 | 0 | 36028797018963968 | 2659 | Microsoft-Windows-TerminalServices-RemoteConnectionManager | c76baa63-ae81-421c-b425-340b4b24157f | System | 0 | 0 | n-h2-861333-11 | | 10/19/2022 1:08:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cloudbase-init service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2658 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TermService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2657 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 868 | n-h2-861333-11 | | 10/19/2022 1:08:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source VM IC Time Synchronization Provider. | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2656 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1436 | 1628 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:08:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The KeyIso service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2655 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1656 | n-h2-861333-11 | | 10/19/2022 1:08:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ClipSVC service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2654 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1656 | n-h2-861333-11 | | 10/19/2022 1:08:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmcompute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2653 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1656 | n-h2-861333-11 | | 10/19/2022 1:08:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2652 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 228 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2651 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 508 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2650 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1656 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2649 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1656 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2648 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1656 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DmEnrollmentSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2647 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1656 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2646 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 2645 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 808 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2644 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2643 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DmEnrollmentSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2642 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2641 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wlidsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2640 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2639 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1668 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2638 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2637 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2636 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1620 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2635 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1660 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2634 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1880 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2633 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1880 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 2632 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | n-h2-861333-11 | | 10/19/2022 1:08:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2631 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1880 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2630 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1644 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2629 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1880 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2628 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1880 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2627 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1880 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2626 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1880 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2625 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1880 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TimeBrokerSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2624 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1640 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2623 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1880 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2622 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2621 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1640 | n-h2-861333-11 | | 10/19/2022 1:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2620 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1640 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2619 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1640 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2618 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2617 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1640 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2616 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2615 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1660 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2614 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1660 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2613 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2612 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 136 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2611 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1644 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2610 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1620 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2609 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 228 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2608 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 228 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcbService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2607 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 876 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2606 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppReadiness service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2605 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 876 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?10?-?19T13:08:24.321000000Z from ?2022?-?10?-?19T13:08:24.406832700Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2604 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1428 | 1940 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2603 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 876 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2602 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 876 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2601 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 876 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DsmSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2600 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1896 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2599 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1644 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2598 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1644 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2597 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1644 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2596 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2595 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2594 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1696 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2593 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1620 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2592 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1472 | n-h2-861333-11 | | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2591 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1428 | 1552 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2590 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1428 | 1536 | n-h2-861333-11 | S-1-5-19 | 10/19/2022 1:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2589 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11 | | 10/19/2022 1:08:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2588 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11 | | 10/19/2022 1:08:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The W32Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2587 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11 | | 10/19/2022 1:08:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2586 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully logged OS information | 2004 | 0 | | 4 | 4000 | 0 | 2305983746702049280 | 2585 | Microsoft-Windows-Setup | 75ebc33e-997f-49cf-b49f-ecc50184b75d | System | 1172 | 1176 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | OS information | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2584 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppXSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2583 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2582 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushservice service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2581 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2580 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2579 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DeviceInstall service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2578 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2577 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2576 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2575 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2574 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | n-h2-861333-11 | | 10/19/2022 1:08:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2573 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2572 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2571 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2570 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-861333-11 | | 10/19/2022 1:08:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2569 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 820 | 824 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:08 PM | d1d541ab-e3bb-0002-ad41-d5d1bbe3d801 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2568 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 692 | 696 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2567 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 512 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2566 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 228 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2565 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 228 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2564 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2563 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2562 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2561 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2560 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2559 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2558 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 364 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2557 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-861333-11 | | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2556 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-861333-11 | | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2555 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 228 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2554 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 364 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2553 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | n-h2-861333-11 | | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2552 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 364 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2551 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2550 | VfpExt | | System | | | n-h2-861333-11 | | 10/19/2022 1:08:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2549 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume C: (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2548 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 228 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2547 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2546 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2545 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2544 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2543 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2542 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2541 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2540 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2539 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2538 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2537 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2536 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2022?-?10?-?19T13:08:02.481339300Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2535 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | n-h2-861333-11 | S-1-5-18 | 10/19/2022 1:08:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2022?-?10?-?19T13:07:55.496869900Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2534 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 596 | n-h2-861333-11 | | 10/19/2022 1:07:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2533 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 696 | 700 | n-h2-861333-11 | | 10/19/2022 1:07:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system uptime is 21 seconds. | 6013 | | 32768 | 4 | 0 | | 36028797018963968 | 2532 | EventLog | | System | | | n-h2-861333-11 | | 10/19/2022 1:08:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2531 | EventLog | | System | | | n-h2-861333-11 | | 10/19/2022 1:08:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2530 | EventLog | | System | | | n-h2-861333-11 | | 10/19/2022 1:08:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetBIOS name and DNS host name of this machine have been changed from WIN-M7VEF9V8QI7 to N-H2-861333-11. | 6011 | | 32768 | 4 | 0 | | 36028797018963968 | 2529 | EventLog | | System | | | n-h2-861333-11 | | 10/19/2022 1:08:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2528 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | n-h2-861333-11 | | 10/19/2022 1:07:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2527 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | n-h2-861333-11 | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2526 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | n-h2-861333-11 | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2525 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | n-h2-861333-11 | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2524 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | n-h2-861333-11 | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Install Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2523 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | n-h2-861333-11 | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2522 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | n-h2-861333-11 | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2521 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2520 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2519 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2518 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1284 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2517 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1284 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2516 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1284 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2515 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1284 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2514 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1284 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2513 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1260 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?10?-?19T13:07:45.789000000Z from ?2022?-?10?-?19T13:07:45.796700500Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2512 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1488 | 2208 | WIN-5T344G8GM1H | S-1-5-19 | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2511 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1380 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2510 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1284 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2509 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1296 | 1572 | WIN-5T344G8GM1H | S-1-5-19 | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2508 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1296 | 1664 | WIN-5T344G8GM1H | S-1-5-19 | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HV Host Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2507 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2506 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1376 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2505 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1376 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2504 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1272 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2503 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1272 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2502 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1272 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2501 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 872 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2500 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 872 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\system32\winlogon.exe (WIN-5T344G8GM1H) has initiated the restart of computer WIN-M7VEF9V8QI7 on behalf of user NT AUTHORITY\SYSTEM for the following reason: Operating System: Upgrade (Planned)
Reason Code: 0x80020003
Shutdown Type: restart
Comment: | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2499 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 608 | 760 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2498 | EventLog | | System | | | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is not listening for WS-Management requests.
User Action
If you did not intentionally stop the service, use the following command to see the WinRM configuration:
winrm enumerate winrm/config/listener | 10149 | 0 | 7 | 3 | 0 | 0 | 36028797018963968 | 2497 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | WIN-5T344G8GM1H | | 10/19/2022 1:07:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtual Disk service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2496 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 872 | WIN-5T344G8GM1H | | 10/19/2022 1:07:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 2495 | Virtual Disk Service | | System | | | WIN-5T344G8GM1H | | 10/19/2022 1:07:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtual Disk service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2494 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1396 | WIN-5T344G8GM1H | | 10/19/2022 1:07:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 2493 | Virtual Disk Service | | System | | | WIN-5T344G8GM1H | | 10/19/2022 1:07:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \??\C:\windows\System32\SMI\Store\Machine\SCHEMA.DAT was reorganized with a starting size of 12853248 bytes and an ending size of 11681792 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2492 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1176 | 1180 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:07:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2491 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1396 | WIN-5T344G8GM1H | | 10/19/2022 1:07:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \??\C:\windows\System32\config\COMPONENTS was reorganized with a starting size of 71872512 bytes and an ending size of 56864768 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2490 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1176 | 1180 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:07:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2489 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2488 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2487 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2486 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1715_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2485 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2484 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source VM IC Time Synchronization Provider. | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2483 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1488 | 1732 | WIN-5T344G8GM1H | S-1-5-19 | 10/19/2022 1:06:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2482 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2481 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.AssignedAccessLockApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2480 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2479 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2478 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\AppCompat\Programs\Amcache.hve was cleared updating 629 keys and creating 196 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2477 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 2116 | 2572 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BioEnrollment_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2476 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1715_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2475 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2924 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2474 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1272 | WIN-5T344G8GM1H | | 10/19/2022 1:06:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2473 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1100 | 2916 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver wvmbusvideo.inf_amd64_1f06cc897822eef5\wvmbusvideo.inf for Device Instance ID VMBUS\{DA0A7802-E377-4AAC-8E77-0558EB1073F8}\{5620E0C7-8062-4DCE-AEB7-520C7EF76171} with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2472 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2460 | 2500 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service HyperVideo for Device Instance ID VMBUS\{DA0A7802-E377-4AAC-8E77-0558EB1073F8}\{5620E0C7-8062-4DCE-AEB7-520C7EF76171} with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2471 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2460 | 2500 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver msports.inf_amd64_280f71b0b084cc3b\msports.inf for Device Instance ID ACPI\PNP0501\1 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2470 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2468 | 2504 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serenum for Device Instance ID ACPI\PNP0501\1 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2469 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2468 | 2504 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serial for Device Instance ID ACPI\PNP0501\1 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2468 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2468 | 2504 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver msports.inf_amd64_280f71b0b084cc3b\msports.inf for Device Instance ID ACPI\PNP0501\2 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2467 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2512 | 2536 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Host Compute Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2466 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1396 | WIN-5T344G8GM1H | | 10/19/2022 1:06:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Time Broker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2465 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1272 | WIN-5T344G8GM1H | | 10/19/2022 1:06:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serenum for Device Instance ID ACPI\PNP0501\2 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2464 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2512 | 2536 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serial for Device Instance ID ACPI\PNP0501\2 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2463 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2512 | 2536 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2462 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2461 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2460 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | WIN-5T344G8GM1H | | 10/19/2022 1:06:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2459 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1420 | WIN-5T344G8GM1H | | 10/19/2022 1:06:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2458 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1420 | WIN-5T344G8GM1H | | 10/19/2022 1:06:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 2457 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 812 | WIN-5T344G8GM1H | | 10/19/2022 1:06:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2456 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1332 | WIN-5T344G8GM1H | | 10/19/2022 1:06:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2455 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1332 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2454 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1420 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service terminated with the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. | 7023 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 2453 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1420 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2452 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1420 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2451 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1420 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2450 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1420 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2449 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1420 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2448 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1404 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2447 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1404 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2446 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1404 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The W32Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2445 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1404 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2444 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1380 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2443 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1400 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 2442 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2441 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1392 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2440 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2439 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1392 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2438 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2437 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2436 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1392 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2435 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1392 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2434 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2433 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2432 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2431 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2430 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2429 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service terminated with the following error:
The device is not ready. | 7023 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 2428 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2427 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2426 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2425 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2424 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1392 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2423 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1392 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2422 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1392 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2421 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1392 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2420 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2419 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1296 | 1664 | WIN-5T344G8GM1H | S-1-5-19 | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2418 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1296 | 1572 | WIN-5T344G8GM1H | S-1-5-19 | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2417 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2416 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2415 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2414 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2413 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1268 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2412 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1392 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2411 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1392 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2410 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 900 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2409 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2408 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2407 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?10?-?19T13:06:35.200000000Z from ?2022?-?10?-?19T13:06:35.133505800Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2406 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1296 | 1428 | WIN-5T344G8GM1H | S-1-5-19 | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2405 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1256 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2404 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1256 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2403 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1420 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DsmSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2402 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2401 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1260 | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2400 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 1284 | WIN-5T344G8GM1H | | 10/19/2022 1:06:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\BBI was cleared updating 10 keys and creating 2 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2399 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 916 | 100 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2398 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2397 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppXSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2396 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2395 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2394 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2393 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 240 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2392 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | WIN-5T344G8GM1H | | 10/19/2022 1:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2391 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 240 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2390 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2389 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2388 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | WIN-5T344G8GM1H | | 10/19/2022 1:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2387 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushservice service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2386 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2385 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2384 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DeviceInstall service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2383 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2382 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2381 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2380 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 892 | WIN-5T344G8GM1H | | 10/19/2022 1:06:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2379 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 896 | WIN-5T344G8GM1H | | 10/19/2022 1:06:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2378 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 896 | WIN-5T344G8GM1H | | 10/19/2022 1:06:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2377 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 896 | WIN-5T344G8GM1H | | 10/19/2022 1:06:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2376 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 896 | WIN-5T344G8GM1H | | 10/19/2022 1:06:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2375 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 808 | 896 | WIN-5T344G8GM1H | | 10/19/2022 1:06:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2374 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 824 | 828 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:25 PM | 89de6779-e3bb-0005-7f67-de89bbe3d801 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2373 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 696 | 700 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Default\NTUSER.DAT was cleared updating 126 keys and creating 18 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2372 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\UsrClass.dat was cleared updating 628 keys and creating 85 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2371 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Administrator\NTUSER.DAT was cleared updating 1935 keys and creating 116 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2370 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\ServiceProfiles\NetworkService\NTUSER.DAT was cleared updating 128 keys and creating 20 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2369 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\ServiceProfiles\LocalService\NTUSER.DAT was cleared updating 137 keys and creating 21 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2368 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\SAM was cleared updating 80 keys and creating 7 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2367 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 552 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\SECURITY was cleared updating 87 keys and creating 5 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2366 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 536 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\DEFAULT was cleared updating 229 keys and creating 27 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2365 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 548 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \SystemRoot\System32\Config\SOFTWARE was reorganized with a starting size of 78917632 bytes and an ending size of 74686464 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2364 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 540 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \Device\HarddiskVolume1\Boot\BCD was cleared updating 82 keys and creating 1 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2363 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 488 | 492 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \SystemRoot\System32\config\DRIVERS was reorganized with a starting size of 5177344 bytes and an ending size of 5169152 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2362 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 240 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2361 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2360 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2359 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2358 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2357 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2356 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2355 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | WIN-5T344G8GM1H | | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2354 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 472 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2353 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2352 | VfpExt | | System | | | WIN-5T344G8GM1H | | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2351 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume \\?\Volume{be07386b-0000-0000-0000-100000000000} (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2350 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 212 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2349 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2348 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2347 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2346 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2345 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2344 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2343 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2342 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2341 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2340 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2339 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2338 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2022?-?10?-?19T13:06:01.491325400Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2337 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 10/19/2022 1:06:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2018?-?01?-?19T09:48:14.082208700Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2336 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 2896 | WIN-5T344G8GM1H | | 1/19/2018 9:48:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2335 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 520 | 524 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2334 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2333 | EventLog | | System | | | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2332 | EventLog | | System | | | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetBIOS name and DNS host name of this machine have been changed from WIN-5T344G8GM1H to WIN-M7VEF9V8QI7. | 6011 | | 32768 | 4 | 0 | | 36028797018963968 | 2331 | EventLog | | System | | | WIN-5T344G8GM1H | | 10/19/2022 1:06:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2330 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2329 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2328 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2327 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2326 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2325 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2324 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2323 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Target Server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2322 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2321 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2320 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2319 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2318 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Software Shadow Copy Provider service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2317 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2316 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2315 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2314 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services UserMode Port Redirector service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2313 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1100 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2312 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 416 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2311 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 416 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2018?-?01?-?19T09:48:13.152000000Z from ?2018?-?01?-?19T09:48:13.164762500Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2310 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1244 | 2300 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Credential Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2309 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1080 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2308 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 2116 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2307 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1048 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2306 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 436 | 1300 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2305 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 436 | 1360 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2304 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2303 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2302 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2301 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2300 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2299 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| User Logoff Notification for Customer Experience Improvement Program | 7002 | 0 | | 4 | 1102 | 0 | 2305878193585782784 | 2298 | Microsoft-Windows-Winlogon | dbe9b383-7cf3-4331-91cc-a3cb16a3b538 | System | 584 | 916 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2297 | EventLog | | System | | | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CDPUserSvc_24762 service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2296 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Sync Host_24762 service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2295 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2294 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 820 | 972 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2293 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Configuration service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2292 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\System32\Sysprep\Sysprep.exe (WIN-5T344G8GM1H) has initiated the shutdown of computer WIN-5T344G8GM1H on behalf of user WIN-5T344G8GM1H\Administrator for the following reason: No title for this reason could be found
Reason Code: 0x40002
Shutdown Type: shutdown
Comment: | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2291 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 448 | 464 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Process C:\Windows\System32\Sysprep\sysprep.exe (process ID:4012) reset policy scheme from {381B4222-F694-41F0-9685-FF5BB260DF2E} to {381B4222-F694-41F0-9685-FF5BB260DF2E} | 12 | 0 | | 4 | 10 | 0 | 4611686018427387904 | 2290 | Microsoft-Windows-UserModePowerService | ce8dee0b-d539-4000-b0f8-77bed049c590 | System | 764 | 316 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2289 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2288 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2287 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x8'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) | 134 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 2286 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1244 | 1320 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2285 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2284 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2283 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TCP/IP NetBIOS Helper service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2282 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TCP/IP NetBIOS Helper service was successfully sent a stop control.
The reason specified was: 0x40030011 [Operating System: Network Connectivity (Planned)]
Comment: None | 7042 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2281 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport Teredo Tunneling Pseudo-Interface, {8A97E6D0-A2AF-48AE-8BC2-FFC865CC4DF6}, had event Network Interface deleted while PNP Device still exists. Note that this event is provided for informational purpose and might not be an error always (Eg: In case of vSwitch which was recently un-installed or a LBFO team was removed) | 10317 | 0 | | 2 | 2 | 0 | 2305843009213710358 | 2280 | Microsoft-Windows-NDIS | cdead503-17f5-4a3e-b7ae-df8cc2902eb9 | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | 8a97e6d0-a2af-48ae-8bc2-ffc865cc4df6 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | PnP | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' is halting | 6 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2279 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 1984 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport Microsoft Hyper-V Network Adapter #2, {518CDFA4-5492-4D9E-BEAA-908825A4A289}, had event Network Interface deleted while PNP Device still exists. Note that this event is provided for informational purpose and might not be an error always (Eg: In case of vSwitch which was recently un-installed or a LBFO team was removed) | 10317 | 0 | | 2 | 2 | 0 | 2305843009213710358 | 2278 | Microsoft-Windows-NDIS | cdead503-17f5-4a3e-b7ae-df8cc2902eb9 | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | 518cdfa4-5492-4d9e-beaa-908825a4a289 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | PnP | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x8'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) | 134 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 2277 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1244 | 1800 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.{518CDFA4-5492-4D9E-BEAA-908825A4A289} is no longer active. | 4201 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2276 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 976 | 1376 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2275 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2274 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft-Windows-Kernel-PnP/Configuration log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2273 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the VIA StorX Storage RAID Controller Windows Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2272 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the vsmraid service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2271 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Universal Flash Storage (UFS) Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2270 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Standard NVM Express Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2269 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the stexstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2268 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SiSRaid4 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2267 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SiSRaid2 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2266 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Storage Class Memory Bus Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2265 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SBP-2 Transport/Protocol Bus Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2264 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic [FCoE] STOR Miniport Inbox Driver (wx64) service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2263 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic iSCSI Miniport Inbox Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2262 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Fibre Channel STOR Miniport Inbox Driver (wx64) service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2261 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the percsas3i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2260 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the percsas2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2259 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the pcmcia service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2258 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nvraid service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2257 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nvstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2256 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic 10 Gigabit Ethernet Adapter VBD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2255 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Network Adapter VBD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2254 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the mvumis service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2253 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Standard SATA AHCI Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2252 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the pciide service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2251 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasr service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2250 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasas2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2249 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasas service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2248 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the isapnp service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2247 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SSS service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2246 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS3i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2245 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2244 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2243 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Intel RAID Controller Windows 7 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2242 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Intel(R) SATA RAID Controller Windows service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2241 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the HpSAMD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2240 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the elxstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2239 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the elxfcoe service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2238 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2237 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cht4iscsi service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2236 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Offload iSCSI Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2235 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic FCoE Offload driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2234 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the bfadfcoei service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2233 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the bfadi service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2232 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Adaptec SAS/SATA-II RAID Storport's Miniport Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2231 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdsbs service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2230 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdxata service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2229 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdsata service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2228 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the ADP80XX service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2227 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the 3ware service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2226 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2225 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2224 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2223 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2222 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2221 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Setup log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2220 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Application log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2219 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The System log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2218 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |