API tools faq
paste
Guest User

Untitled

a guest
Apr 3rd, 2024
1,307
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.37 KB | None | 0 0
raw download clone embed print report
  1. ===========
  2. KEY:
  3. Log -> Log directory within Event Viewer
  4. Source -> Source shown on Event Viewer
  5. ID -> Event ID shown on Event Viewer
  6. TaskCategory -> Task Category shown on Event Viewer
  7. Desc -> Description of Event within Event Viewer
  8. Context -> Added context from me
  9. ===========
  10.  
  11.  
  12.  
  13. {
  14. Log = /Windows Logs/Application
  15.  
  16. Source = "ESENT"
  17.  
  18. ID = 102 (Application)
  19.  
  20. TaskCategory = "Search service"
  21.  
  22. Desc {
  23. "SearchIndexer (748,P,98) Windows: The database engine (10.00.19045.0000) is starting a new instance (0)."
  24. }
  25.  
  26. Context {
  27. "The Windows Search indexer started a new instance, which happens during boot."
  28. }
  29. }
  30.  
  31.  
  32. {
  33. Log = /Windows Logs/Application
  34.  
  35. Source = "Search"
  36.  
  37. ID = 1003
  38.  
  39. TaskCategory = "Search service"
  40.  
  41. Desc {
  42. "The Windows Search Service started.
  43. "
  44. }
  45.  
  46. Context {
  47. "The Windows Search service started, which happens during boot."
  48. }
  49. }
  50.  
  51.  
  52. {
  53. Log = /Windows Logs/Application
  54.  
  55. Source = "MsiInstaller"
  56.  
  57. ID = 1040
  58.  
  59. TaskCategory = "None"
  60.  
  61. Desc {
  62. "Beginning a Windows Installer transaction: C:\Users\Administrator\Downloads\spacedesk_driver_Win_10_64_v2115.msi. Client
  63. Process Id: 6392."
  64. }
  65.  
  66. Context {
  67. "A screen sharing process is being initiated during startup of Windows, because it is a startup program."
  68. }
  69. }
  70.  
  71.  
  72. {
  73. Log = /Windows Logs/Application
  74.  
  75. Source = "MsiInstaller"
  76.  
  77. ID = 1033
  78.  
  79. TaskCategory = "None"
  80.  
  81. Desc {
  82. "Windows Installer installed the product. Product Name: spacedesk Windows DRIVER. Product Version: 2.1.15.0. Product Language:
  83. 1033. Manufacturer: datronicsoft Inc.. Installation success or error status: 0."
  84. }
  85.  
  86. Context {
  87. "A screen sharing process is being initiated during startup of Windows, because it is a startup program."
  88. }
  89. }
  90.  
  91.  
  92. {
  93. Log = /Windows Logs/Application
  94.  
  95. Source = "MsiInstaller"
  96.  
  97. ID = 1042
  98.  
  99. TaskCategory = "None"
  100.  
  101. Desc {
  102. "Ending a Windows Installer transaction: C:\Users\Administrator\Downloads\spacedesk_driver_Win_10_64_v2115.msi. Client Process Id: 6392."
  103. }
  104.  
  105. Context {
  106. "A screen sharing process is being killed during shutdown of Windows"
  107. }
  108. }
  109.  
  110.  
  111. {
  112. Log = /Windows Logs/Application
  113.  
  114. Source = "User Profile Service"
  115.  
  116. ID = 1531
  117.  
  118. TaskCategory = "None"
  119.  
  120. Desc {
  121. "The User Profile Service has started successfully.
  122.  
  123. "
  124. }
  125. }
  126.  
  127.  
  128. {
  129. Log = /Windows Logs/Application
  130.  
  131. Source = "WMI"
  132.  
  133. ID = 5611
  134.  
  135. TaskCategory = "Search service"
  136.  
  137. Desc {
  138. "The Windows Management Instrumentation service has detected an inconsistent system shutdown."
  139. }
  140.  
  141. Context {
  142. "An inconsistent system shutdown was detected during a boot."
  143. }
  144. }
  145.  
  146.  
  147. {
  148. Log = /Windows Logs/Application
  149.  
  150. Source = "RestartManager"
  151.  
  152. ID = 10000
  153.  
  154. TaskCategory = "None"
  155.  
  156. Desc {
  157. "Starting session 0 - ‎2024‎-‎03‎-‎31T03:00:03.907724400Z."
  158. }
  159.  
  160. Context {
  161. "Session 0 starts, which is a process that happens when Windows boots up."
  162. }
  163. }
  164.  
  165.  
  166. {
  167. Log = /Windows Logs/Application
  168.  
  169. Source = "RestartManager"
  170.  
  171. ID = 10001
  172.  
  173. TaskCategory = "None"
  174.  
  175. Desc {
  176. "Ending session 0 started ‎2024‎-‎03‎-‎31T03:00:03.907724400Z."
  177. }
  178.  
  179. Context {
  180. "Session 0 ends, which happens when Windows shuts down."
  181. }
  182. }
  183.  
  184.  
  185. {
  186. Log = /Windows Logs/Application
  187.  
  188. Source = "MsiInstaller"
  189.  
  190. ID = 11707
  191.  
  192. TaskCategory = "None"
  193.  
  194. Desc {
  195. "Product: spacedesk Windows DRIVER -- Installation completed successfully."
  196. }
  197.  
  198. Context {
  199. "A screen sharing process starts during startup of Windows, because it is a startup program."
  200. }
  201. }
  202.  
  203.  
  204. {
  205. Log = /Windows Logs/System
  206.  
  207. Source = "Kernel-General"
  208.  
  209. ID = 12 (System)
  210.  
  211. TaskCategory = "(1)"
  212.  
  213. Desc {
  214. "The operating system started at system time ‎2024‎-‎04‎-‎01T08:05:09.500000000Z."
  215. }
  216.  
  217. Context {
  218. "Logs Operating System exact startup time"
  219. }
  220. }
  221.  
  222.  
  223. {
  224. Log = /Windows Logs/System
  225.  
  226. Source = "Kernel-General"
  227.  
  228. ID = 13
  229.  
  230. TaskCategory = "(2)"
  231.  
  232. Desc {
  233. "The operating system is shutting down at system time ‎2024‎-‎04‎-‎01T08:04:52.927435100Z."
  234. }
  235.  
  236. Context {
  237. "Logs Operating System exact shutdown time"
  238. }
  239. }
  240.  
  241.  
  242. {
  243. Log = /Windows Logs/System
  244.  
  245. Source = "Kernel-Boot"
  246.  
  247. ID = 18
  248.  
  249. TaskCategory = "(57)"
  250.  
  251. Desc {
  252. "There are 0x1 boot options on this system."
  253. }
  254.  
  255. Context {
  256. "Lists boot options during boot"
  257. }
  258. }
  259.  
  260.  
  261. {
  262. Log = /Windows Logs/System
  263.  
  264. Source = "Kernel-Boot"
  265.  
  266. ID = 20
  267.  
  268. TaskCategory = "(31)"
  269.  
  270. Desc {
  271. "The last shutdown's success status was true. The last boot's success status was true."
  272. }
  273.  
  274. Context {
  275. "Shutdown success status"
  276. }
  277. }
  278.  
  279.  
  280. {
  281. Log = /Windows Logs/System
  282.  
  283. Source = "Kernel-Boot"
  284.  
  285. ID = 20
  286.  
  287. TaskCategory = "(6)"
  288.  
  289. Desc {
  290. "The leap second configuration has been updated.
  291. Reason: Leap second data initialized from registry during boot
  292. Leap seconds enabled: true
  293. New leap second count: 0
  294. Old leap second count: 0"
  295. }
  296.  
  297. Context {
  298. "Updating leap second configuration during boot."
  299. }
  300. }
  301.  
  302.  
  303. {
  304. Log = /Windows Logs/System
  305.  
  306. Source = "Kernel-Boot"
  307.  
  308. ID = 25
  309.  
  310. TaskCategory = "(32)"
  311.  
  312. Desc {
  313. "The boot menu policy was 0x1."
  314. }
  315.  
  316. Context {
  317. "Logs boot menu policy during boot"
  318. }
  319. }
  320.  
  321.  
  322. {
  323. Log = /Windows Logs/System
  324.  
  325. Source = "Kernel-Boot"
  326.  
  327. ID = 27
  328.  
  329. TaskCategory = "(33)"
  330.  
  331. Desc {
  332. "The boot type was 0x0."
  333. }
  334.  
  335. Context {
  336. "Logs boot type during boot"
  337. }
  338. }
  339.  
  340.  
  341. {
  342. Log = /Windows Logs/System
  343.  
  344. Source = "Kernel-Boot"
  345.  
  346. ID = 30
  347.  
  348. TaskCategory = "(21)"
  349.  
  350. Desc {
  351. "The firmware reported boot metrics."
  352. }
  353.  
  354. Context {
  355. "Firmware reporting boot metrics during boot"
  356. }
  357. }
  358.  
  359.  
  360. {
  361. Log = /Windows Logs/System
  362.  
  363. Source = "Kernel-Boot"
  364.  
  365. ID = 32
  366.  
  367. TaskCategory = "(58)"
  368.  
  369. Desc {
  370. "The bootmgr spent 0 ms waiting for user input."
  371. }
  372.  
  373. Context {
  374. "Boot manager waits for user's input for specified milliseconds"
  375. }
  376. }
  377.  
  378.  
  379. {
  380. Log = /Windows Logs/System
  381.  
  382. Source = "Ntfs (Microsoft-Windows-Ntfs)"
  383.  
  384. ID = 98
  385.  
  386. TaskCategory = "None"
  387.  
  388. Desc {
  389. "Volume C: (\Device\HarddiskVolume6) is healthy. No action is needed."
  390. }
  391.  
  392. Context {
  393. "Chkdsk at boot"
  394. }
  395. }
  396.  
  397.  
  398.  
  399. {
  400. Log = /Windows Logs/System
  401.  
  402. Source = "Kernel-Power"
  403.  
  404. ID = 109
  405.  
  406. TaskCategory = "(103)"
  407.  
  408. Desc {
  409. "The kernel power manager has initiated a shutdown transition.
  410.  
  411. Shutdown Reason: Kernel API"
  412. }
  413.  
  414. Context {
  415. "Kernel power manager is initiating a shutdown"
  416. }
  417. }
  418.  
  419.  
  420. {
  421. Log = /Windows Logs/System
  422.  
  423. Source = "Kernel-Boot"
  424.  
  425. ID = 153
  426.  
  427. TaskCategory = "(62)"
  428.  
  429. Desc {
  430. "Virtualization-based security (policies: 0) is disabled."
  431. }
  432.  
  433. Context {
  434. "Something that happens during boot"
  435. }
  436. }
  437.  
  438.  
  439.  
  440. {
  441. Log = /Windows Logs/System
  442.  
  443. Source = "User32"
  444.  
  445. ID = 1074
  446.  
  447. TaskCategory = "None"
  448.  
  449. Desc {
  450. "The process C:\Windows\System32\RuntimeBroker.exe (DESKTOP-C8KOR5V) has initiated the restart of computer DESKTOP-C8KOR5V on
  451. behalf of user DESKTOP-C8KOR5V\Administrator for the following reason: Other (Unplanned)
  452. Reason Code: 0x0
  453. Shutdown Type: restart
  454. Comment: "
  455. }
  456.  
  457. Context {
  458. "Verbose log of shutdown inititation"
  459. }
  460. }
  461.  
  462.  
  463. {
  464. Log = /Windows Logs/System
  465.  
  466. Source = "EventLog"
  467.  
  468. ID = 6005
  469.  
  470. TaskCategory = "None"
  471.  
  472. Desc {
  473. "The Event log service was started."
  474. }
  475.  
  476. Context {
  477. "Time where Event viewer service started at startup"
  478. }
  479. }
  480.  
  481.  
  482. {
  483. Log = /Windows Logs/System
  484.  
  485. Source = "EventLog"
  486.  
  487. ID = 6006
  488.  
  489. TaskCategory = "None"
  490.  
  491. Desc {
  492. "The Event log service was stopped."
  493. }
  494.  
  495. Context {
  496. "Time where Event viewer service stopped at startup"
  497. }
  498. }
  499.  
  500.  
  501. {
  502. Log = /Windows Logs/System
  503.  
  504. Source = "EventLog"
  505.  
  506. ID = 6008
  507.  
  508. TaskCategory = "None"
  509.  
  510. Desc {
  511. "The previous system shutdown at 3:48:31 AM on ‎4/‎1/‎2024 was unexpected."
  512. }
  513.  
  514. Context {
  515. "Tells you an unnexpected shutdown happened at last shutdown time"
  516. }
  517. }
  518.  
  519.  
  520. {
  521. Log = /Windows Logs/System
  522.  
  523. Source = "EventLog"
  524.  
  525. ID = 6013
  526.  
  527. TaskCategory = "None"
  528.  
  529. Desc {
  530. "The system uptime is 28 seconds."
  531. }
  532.  
  533. Context {
  534. "Recording system uptime after booting"
  535. }
  536. }
  537.  
  538.  
  539. {
  540. Log = /Windows Logs/System
  541.  
  542. Source = "DriverFrameworks-UserMode"
  543.  
  544. ID = 10118
  545.  
  546. TaskCategory = "Startup of the UMDF reflector"
  547.  
  548. Desc {
  549. "UMDF reflector is unable to connect to service control manager (SCM). This is expected during boot, when SCM has not started
  550. yet. Will retry when it starts."
  551. }
  552.  
  553. Context {
  554. "UMDF reflector tries to connect during boot, but fails, and then recognizes it's during a boot."
  555. }
  556. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!