Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Log Name: System
- Source: Microsoft-Windows-Kernel-Power
- Date: 24/3/2017 5:32:59 PM
- Event ID: 41
- Task Category: (63)
- Level: Critical
- Keywords: (70368744177664),(2)
- User: SYSTEM
- Computer: DESKTOP-PAT
- Description:
- The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
- Event Xml:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
- <Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />
- <EventID>41</EventID>
- <Version>4</Version>
- <Level>1</Level>
- <Task>63</Task>
- <Opcode>0</Opcode>
- <Keywords>0x8000400000000002</Keywords>
- <TimeCreated SystemTime="2017-03-24T09:32:59.347101600Z" />
- <EventRecordID>7032</EventRecordID>
- <Correlation />
- <Execution ProcessID="4" ThreadID="8" />
- <Channel>System</Channel>
- <Computer>DESKTOP-PAT</Computer>
- <Security UserID="S-1-5-18" />
- </System>
- <EventData>
- <Data Name="BugcheckCode">0</Data>
- <Data Name="BugcheckParameter1">0x0</Data>
- <Data Name="BugcheckParameter2">0x0</Data>
- <Data Name="BugcheckParameter3">0x0</Data>
- <Data Name="BugcheckParameter4">0x0</Data>
- <Data Name="SleepInProgress">0</Data>
- <Data Name="PowerButtonTimestamp">0</Data>
- <Data Name="BootAppStatus">0</Data>
- <Data Name="Checkpoint">0</Data>
- <Data Name="ConnectedStandbyInProgress">false</Data>
- <Data Name="SystemSleepTransitionsToOn">0</Data>
- <Data Name="CsEntryScenarioInstanceId">0</Data>
- </EventData>
- </Event>
- Log Name: System
- Source: EventLog
- Date: 24/3/2017 5:33:13 PM
- Event ID: 6008
- Task Category: None
- Level: Error
- Keywords: Classic
- User: N/A
- Computer: DESKTOP-PAT
- Description:
- The previous system shutdown at 5:13:29 PM on ?24/?3/?2017 was unexpected.
- Event Xml:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
- <Provider Name="EventLog" />
- <EventID Qualifiers="32768">6008</EventID>
- <Level>2</Level>
- <Task>0</Task>
- <Keywords>0x80000000000000</Keywords>
- <TimeCreated SystemTime="2017-03-24T09:33:13.009689100Z" />
- <EventRecordID>7022</EventRecordID>
- <Channel>System</Channel>
- <Computer>DESKTOP-PAT</Computer>
- <Security />
- </System>
- <EventData>
- <Data>5:13:29 PM</Data>
- <Data>?24/?3/?2017</Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>30</Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Binary>E10703000500180011000D001D002502E10703000500180009000D001D0025023C0000003C000000010000003C00000000000000B00400000100000000000000</Binary>
- </EventData>
- </Event>
- Log Name: Application
- Source: Microsoft-Windows-Security-SPP
- Date: 24/3/2017 5:18:46 PM
- Event ID: 8233
- Task Category: None
- Level: Warning
- Keywords: Classic
- User: N/A
- Computer: DESKTOP-PAT
- Description:
- The rules engine reported a failed VL activation attempt.
- Reason:0x8007007B
- AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64
- Trigger=NetworkAvailable
- Event Xml:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
- <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
- <EventID Qualifiers="16384">8233</EventID>
- <Version>0</Version>
- <Level>3</Level>
- <Task>0</Task>
- <Opcode>0</Opcode>
- <Keywords>0x80000000000000</Keywords>
- <TimeCreated SystemTime="2017-03-24T09:18:46.040964900Z" />
- <EventRecordID>10232</EventRecordID>
- <Correlation />
- <Execution ProcessID="0" ThreadID="0" />
- <Channel>Application</Channel>
- <Computer>DESKTOP-PAT</Computer>
- <Security />
- </System>
- <EventData>
- <Data>0x8007007B</Data>
- <Data>0ff1ce15-a989-479d-af46-f275c6370663</Data>
- <Data>d450596f-894d-49e0-966a-fd39ed4c4c64</Data>
- <Data>NetworkAvailable</Data>
- </EventData>
- </Event>
- Log Name: Application
- Source: SideBySide
- Date: 24/3/2017 5:15:43 PM
- Event ID: 35
- Task Category: None
- Level: Error
- Keywords: Classic
- User: N/A
- Computer: DESKTOP-PAT
- Description:
- Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Please use sxstrace.exe for detailed diagnosis.
- Event Xml:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
- <Provider Name="SideBySide" />
- <EventID Qualifiers="49409">35</EventID>
- <Level>2</Level>
- <Task>0</Task>
- <Keywords>0x80000000000000</Keywords>
- <TimeCreated SystemTime="2017-03-24T09:15:43.292509200Z" />
- <EventRecordID>10223</EventRecordID>
- <Channel>Application</Channel>
- <Computer>DESKTOP-PAT</Computer>
- <Security />
- </System>
- <EventData>
- <Data>UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"</Data>
- <Data>UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0"</Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest</Data>
- <Data>C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL</Data>
- <Data>1</Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- <Data>
- </Data>
- </EventData>
- </Event>
- Log Name: Application
- Source: Microsoft-Windows-Security-SPP
- Date: 24/3/2017 5:14:24 PM
- Event ID: 8233
- Task Category: None
- Level: Warning
- Keywords: Classic
- User: N/A
- Computer: DESKTOP-PAT
- Description:
- The rules engine reported a failed VL activation attempt.
- Reason:0x8007007B
- AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64
- Trigger=UserLogon(1)
- Event Xml:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
- <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
- <EventID Qualifiers="16384">8233</EventID>
- <Version>0</Version>
- <Level>3</Level>
- <Task>0</Task>
- <Opcode>0</Opcode>
- <Keywords>0x80000000000000</Keywords>
- <TimeCreated SystemTime="2017-03-24T09:14:24.692927900Z" />
- <EventRecordID>10210</EventRecordID>
- <Correlation />
- <Execution ProcessID="0" ThreadID="0" />
- <Channel>Application</Channel>
- <Computer>DESKTOP-PAT</Computer>
- <Security />
- </System>
- <EventData>
- <Data>0x8007007B</Data>
- <Data>0ff1ce15-a989-479d-af46-f275c6370663</Data>
- <Data>d450596f-894d-49e0-966a-fd39ed4c4c64</Data>
- <Data>UserLogon(1)</Data>
- </EventData>
- </Event>
- Log Name: System
- Source: Microsoft-Windows-DistributedCOM
- Date: 24/3/2017 5:13:39 PM
- Event ID: 10016
- Task Category: None
- Level: Error
- Keywords: Classic
- User: SYSTEM
- Computer: DESKTOP-PAT
- Description:
- The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
- and APPID
- {F72671A9-012C-4725-9D2F-2A4D32D65169}
- to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Event Xml:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
- <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
- <EventID Qualifiers="0">10016</EventID>
- <Version>0</Version>
- <Level>2</Level>
- <Task>0</Task>
- <Opcode>0</Opcode>
- <Keywords>0x8080000000000000</Keywords>
- <TimeCreated SystemTime="2017-03-24T09:13:39.720638700Z" />
- <EventRecordID>7011</EventRecordID>
- <Correlation />
- <Execution ProcessID="1020" ThreadID="3156" />
- <Channel>System</Channel>
- <Computer>DESKTOP-PAT</Computer>
- <Security UserID="S-1-5-18" />
- </System>
- <EventData>
- <Data Name="param1">application-specific</Data>
- <Data Name="param2">Local</Data>
- <Data Name="param3">Activation</Data>
- <Data Name="param4">{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}</Data>
- <Data Name="param5">{F72671A9-012C-4725-9D2F-2A4D32D65169}</Data>
- <Data Name="param6">NT AUTHORITY</Data>
- <Data Name="param7">SYSTEM</Data>
- <Data Name="param8">S-1-5-18</Data>
- <Data Name="param9">LocalHost (Using LRPC)</Data>
- <Data Name="param10">Unavailable</Data>
- <Data Name="param11">Unavailable</Data>
- </EventData>
- </Event>
- Log Name: Application
- Source: Microsoft-Windows-Security-SPP
- Date: 24/3/2017 5:13:39 PM
- Event ID: 8233
- Task Category: None
- Level: Warning
- Keywords: Classic
- User: N/A
- Computer: DESKTOP-PAT
- Description:
- The rules engine reported a failed VL activation attempt.
- Reason:0x8007007B
- AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64
- Trigger=NetworkAvailable
- Event Xml:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
- <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
- <EventID Qualifiers="16384">8233</EventID>
- <Version>0</Version>
- <Level>3</Level>
- <Task>0</Task>
- <Opcode>0</Opcode>
- <Keywords>0x80000000000000</Keywords>
- <TimeCreated SystemTime="2017-03-24T09:13:39.486239500Z" />
- <EventRecordID>10201</EventRecordID>
- <Correlation />
- <Execution ProcessID="0" ThreadID="0" />
- <Channel>Application</Channel>
- <Computer>DESKTOP-PAT</Computer>
- <Security />
- </System>
- <EventData>
- <Data>0x8007007B</Data>
- <Data>0ff1ce15-a989-479d-af46-f275c6370663</Data>
- <Data>d450596f-894d-49e0-966a-fd39ed4c4c64</Data>
- <Data>NetworkAvailable</Data>
- </EventData>
- </Event>
- Log Name: System
- Source: Service Control Manager
- Date: 24/3/2017 5:13:30 PM
- Event ID: 7000
- Task Category: None
- Level: Error
- Keywords: Classic
- User: N/A
- Computer: DESKTOP-PAT
- Description:
- The InstallerService service failed to start due to the following error:
- The system cannot find the file specified.
- Event Xml:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
- <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
- <EventID Qualifiers="49152">7000</EventID>
- <Version>0</Version>
- <Level>2</Level>
- <Task>0</Task>
- <Opcode>0</Opcode>
- <Keywords>0x8080000000000000</Keywords>
- <TimeCreated SystemTime="2017-03-24T09:13:30.143646400Z" />
- <EventRecordID>7008</EventRecordID>
- <Correlation />
- <Execution ProcessID="788" ThreadID="2232" />
- <Channel>System</Channel>
- <Computer>DESKTOP-PAT</Computer>
- <Security />
- </System>
- <EventData>
- <Data Name="param1">InstallerService</Data>
- <Data Name="param2">%%2</Data>
- <Binary>49006E007300740061006C006C006500720053006500720076006900630065000000</Binary>
- </EventData>
- </Event>
- Log Name: Security
- Source: Microsoft-Windows-Eventlog
- Date: 24/3/2017 5:13:30 PM
- Event ID: 1101
- Task Category: Event processing
- Level: Error
- Keywords: Audit Success
- User: N/A
- Computer: DESKTOP-PAT
- Description:
- Audit events have been dropped by the transport. 0
- Event Xml:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
- <Provider Name="Microsoft-Windows-Eventlog" Guid="{fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148}" />
- <EventID>1101</EventID>
- <Version>0</Version>
- <Level>2</Level>
- <Task>101</Task>
- <Opcode>0</Opcode>
- <Keywords>0x4020000000000000</Keywords>
- <TimeCreated SystemTime="2017-03-24T09:13:30.018639900Z" />
- <EventRecordID>98361</EventRecordID>
- <Correlation />
- <Execution ProcessID="1412" ThreadID="1996" />
- <Channel>Security</Channel>
- <Computer>DESKTOP-PAT</Computer>
- <Security />
- </System>
- <UserData>
- <AuditEventsDropped xmlns="http://manifests.microsoft.com/win/2004/08/windows/eventlog">
- <Reason>0</Reason>
- </AuditEventsDropped>
- </UserData>
- </Event>
- Log Name: System
- Source: Microsoft-Windows-Kernel-Power
- Date: 24/3/2017 5:13:15 PM
- Event ID: 41
- Task Category: (63)
- Level: Critical
- Keywords: (70368744177664),(2)
- User: SYSTEM
- Computer: DESKTOP-PAT
- Description:
- The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
- Event Xml:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
- <Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />
- <EventID>41</EventID>
- <Version>4</Version>
- <Level>1</Level>
- <Task>63</Task>
- <Opcode>0</Opcode>
- <Keywords>0x8000400000000002</Keywords>
- <TimeCreated SystemTime="2017-03-24T09:13:15.355498200Z" />
- <EventRecordID>6987</EventRecordID>
- <Correlation />
- <Execution ProcessID="4" ThreadID="8" />
- <Channel>System</Channel>
- <Computer>DESKTOP-PAT</Computer>
- <Security UserID="S-1-5-18" />
- </System>
- <EventData>
- <Data Name="BugcheckCode">0</Data>
- <Data Name="BugcheckParameter1">0x0</Data>
- <Data Name="BugcheckParameter2">0x0</Data>
- <Data Name="BugcheckParameter3">0x0</Data>
- <Data Name="BugcheckParameter4">0x0</Data>
- <Data Name="SleepInProgress">0</Data>
- <Data Name="PowerButtonTimestamp">0</Data>
- <Data Name="BootAppStatus">0</Data>
- <Data Name="Checkpoint">0</Data>
- <Data Name="ConnectedStandbyInProgress">false</Data>
- <Data Name="SystemSleepTransitionsToOn">0</Data>
- <Data Name="CsEntryScenarioInstanceId">0</Data>
- </EventData>
- </Event>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement