API tools faq
paste
Advertisement
Guest User

Eventlogs

a guest
Apr 24th, 2021
321
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 44.10 KB | None | 0 0
raw download clone embed print report
  1. Log Name: Application
  2. Source: Microsoft-Windows-Security-SPP
  3. Date: 24/04/2021 16:05:54
  4. Event ID: 8233
  5. Task Category: None
  6. Level: Warning
  7. Keywords: Classic
  8. User: N/A
  9. Computer: DESKTOP-T3O9TSS
  10. Description:
  11. The rules engine reported a failed VL activation attempt.
  12. Reason:0x8007232B
  13. AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64
  14. Trigger=UserLogon(1)
  15. Event Xml:
  16. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  17. <System>
  18. <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
  19. <EventID Qualifiers="16384">8233</EventID>
  20. <Version>0</Version>
  21. <Level>3</Level>
  22. <Task>0</Task>
  23. <Opcode>0</Opcode>
  24. <Keywords>0x80000000000000</Keywords>
  25. <TimeCreated SystemTime="2021-04-24T14:05:54.6474859Z" />
  26. <EventRecordID>1129</EventRecordID>
  27. <Correlation />
  28. <Execution ProcessID="0" ThreadID="0" />
  29. <Channel>Application</Channel>
  30. <Computer>DESKTOP-T3O9TSS</Computer>
  31. <Security />
  32. </System>
  33. <EventData>
  34. <Data>0x8007232B</Data>
  35. <Data>0ff1ce15-a989-479d-af46-f275c6370663</Data>
  36. <Data>d450596f-894d-49e0-966a-fd39ed4c4c64</Data>
  37. <Data>UserLogon(1)</Data>
  38. </EventData>
  39. </Event>
  40.  
  41. Log Name: Application
  42. Source: Microsoft-Windows-Search
  43. Date: 24/04/2021 16:05:52
  44. Event ID: 1003
  45. Task Category: Search service
  46. Level: Information
  47. Keywords: Classic
  48. User: N/A
  49. Computer: DESKTOP-T3O9TSS
  50. Description:
  51. The Windows Search Service started.
  52.  
  53. Event Xml:
  54. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  55. <System>
  56. <Provider Name="Microsoft-Windows-Search" Guid="{CA4E628D-8567-4896-AB6B-835B221F373F}" EventSourceName="Windows Search Service" />
  57. <EventID Qualifiers="16384">1003</EventID>
  58. <Version>0</Version>
  59. <Level>4</Level>
  60. <Task>1</Task>
  61. <Opcode>0</Opcode>
  62. <Keywords>0x80000000000000</Keywords>
  63. <TimeCreated SystemTime="2021-04-24T14:05:52.0624817Z" />
  64. <EventRecordID>1128</EventRecordID>
  65. <Correlation />
  66. <Execution ProcessID="0" ThreadID="0" />
  67. <Channel>Application</Channel>
  68. <Computer>DESKTOP-T3O9TSS</Computer>
  69. <Security />
  70. </System>
  71. <EventData>
  72. <Data Name="ExtraInfo">
  73. </Data>
  74. </EventData>
  75. </Event>
  76.  
  77. Log Name: Application
  78. Source: ESENT
  79. Date: 24/04/2021 16:05:51
  80. Event ID: 326
  81. Task Category: (1)
  82. Level: Information
  83. Keywords: Classic
  84. User: N/A
  85. Computer: DESKTOP-T3O9TSS
  86. Description:
  87. SearchIndexer (7676,D,50) Windows: The database engine attached a database (1, C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb). (Time=0 seconds)
  88.  
  89. Saved Cache: 0 0
  90. Additional Data: lgposAttach = 00000066:0094:0268,
  91. dbv = 1568.110.240
  92.  
  93. Internal Timing Sequence:
  94. [1] 0.000002 +J(0)
  95. [2] 0.000286 +J(0) +M(C:0K, Fs:24, WS:32K # 0K, PF:32K # 0K, P:32K)
  96. [3] 0.005070 -0.001623 (5) WT +J(CM:0, PgRf:0, Rd:0/0, Dy:0/0, Lg:3480/2) +M(C:0K, Fs:17, WS:36K # 0K, PF:40K # 0K, P:40K)
  97. [4] 0.000077 +J(0)
  98. [5] -
  99. [6] -
  100. [7] -
  101. [8] 0.001950 -0.000847 (2) CM +J(CM:2, PgRf:2, Rd:14/2, Dy:0/0, Lg:54/1) +M(C:0K, Fs:23, WS:92K # 0K, PF:608K # 0K, P:608K)
  102. [9] 0.007057 -0.000166 (5) CM -0.006671 (1) WT +J(CM:5, PgRf:23, Rd:0/5, Dy:0/0, Lg:0/0) +M(C:0K, Fs:55, WS:220K # 0K, PF:224K # 0K, P:224K)
  103. [10] 0.000293 -0.000218 (1) CM +J(CM:1, PgRf:40, Rd:0/1, Dy:0/0, Lg:0/0) +M(C:0K, Fs:9, WS:36K # 0K, PF:32K # 0K, P:32K)
  104. [11] 0.000007 +J(CM:0, PgRf:1, Rd:0/0, Dy:0/0, Lg:0/0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
  105. [12] 0.000022 +J(CM:0, PgRf:42, Rd:0/0, Dy:0/0, Lg:0/0) +M(C:0K, Fs:3, WS:12K # 0K, PF:0K # 0K, P:0K)
  106. [13] 0.0 +J(0)
  107. [14] 0.0 +J(0)
  108. [15] 0.000003 +J(CM:0, PgRf:1, Rd:0/0, Dy:0/0, Lg:0/0).
  109. Event Xml:
  110. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  111. <System>
  112. <Provider Name="ESENT" />
  113. <EventID Qualifiers="0">326</EventID>
  114. <Version>0</Version>
  115. <Level>4</Level>
  116. <Task>1</Task>
  117. <Opcode>0</Opcode>
  118. <Keywords>0x80000000000000</Keywords>
  119. <TimeCreated SystemTime="2021-04-24T14:05:51.9622430Z" />
  120. <EventRecordID>1127</EventRecordID>
  121. <Correlation />
  122. <Execution ProcessID="0" ThreadID="0" />
  123. <Channel>Application</Channel>
  124. <Computer>DESKTOP-T3O9TSS</Computer>
  125. <Security />
  126. </System>
  127. <EventData>
  128. <Data>SearchIndexer</Data>
  129. <Data>7676,D,50</Data>
  130. <Data>Windows: </Data>
  131. <Data>1</Data>
  132. <Data>C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb</Data>
  133. <Data>0</Data>
  134. <Data>
  135. [1] 0.000002 +J(0)
  136. [2] 0.000286 +J(0) +M(C:0K, Fs:24, WS:32K # 0K, PF:32K # 0K, P:32K)
  137. [3] 0.005070 -0.001623 (5) WT +J(CM:0, PgRf:0, Rd:0/0, Dy:0/0, Lg:3480/2) +M(C:0K, Fs:17, WS:36K # 0K, PF:40K # 0K, P:40K)
  138. [4] 0.000077 +J(0)
  139. [5] -
  140. [6] -
  141. [7] -
  142. [8] 0.001950 -0.000847 (2) CM +J(CM:2, PgRf:2, Rd:14/2, Dy:0/0, Lg:54/1) +M(C:0K, Fs:23, WS:92K # 0K, PF:608K # 0K, P:608K)
  143. [9] 0.007057 -0.000166 (5) CM -0.006671 (1) WT +J(CM:5, PgRf:23, Rd:0/5, Dy:0/0, Lg:0/0) +M(C:0K, Fs:55, WS:220K # 0K, PF:224K # 0K, P:224K)
  144. [10] 0.000293 -0.000218 (1) CM +J(CM:1, PgRf:40, Rd:0/1, Dy:0/0, Lg:0/0) +M(C:0K, Fs:9, WS:36K # 0K, PF:32K # 0K, P:32K)
  145. [11] 0.000007 +J(CM:0, PgRf:1, Rd:0/0, Dy:0/0, Lg:0/0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
  146. [12] 0.000022 +J(CM:0, PgRf:42, Rd:0/0, Dy:0/0, Lg:0/0) +M(C:0K, Fs:3, WS:12K # 0K, PF:0K # 0K, P:0K)
  147. [13] 0.0 +J(0)
  148. [14] 0.0 +J(0)
  149. [15] 0.000003 +J(CM:0, PgRf:1, Rd:0/0, Dy:0/0, Lg:0/0).</Data>
  150. <Data>0 0</Data>
  151. <Data>lgposAttach = 00000066:0094:0268,
  152. dbv = 1568.110.240</Data>
  153. </EventData>
  154. </Event>
  155.  
  156. Log Name: Application
  157. Source: Microsoft-Windows-Security-SPP
  158. Date: 24/04/2021 16:05:51
  159. Event ID: 8233
  160. Task Category: None
  161. Level: Warning
  162. Keywords: Classic
  163. User: N/A
  164. Computer: DESKTOP-T3O9TSS
  165. Description:
  166. The rules engine reported a failed VL activation attempt.
  167. Reason:0x8007232B
  168. AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64
  169. Trigger=NetworkAvailable
  170. Event Xml:
  171. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  172. <System>
  173. <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
  174. <EventID Qualifiers="16384">8233</EventID>
  175. <Version>0</Version>
  176. <Level>3</Level>
  177. <Task>0</Task>
  178. <Opcode>0</Opcode>
  179. <Keywords>0x80000000000000</Keywords>
  180. <TimeCreated SystemTime="2021-04-24T14:05:51.9466219Z" />
  181. <EventRecordID>1126</EventRecordID>
  182. <Correlation />
  183. <Execution ProcessID="0" ThreadID="0" />
  184. <Channel>Application</Channel>
  185. <Computer>DESKTOP-T3O9TSS</Computer>
  186. <Security />
  187. </System>
  188. <EventData>
  189. <Data>0x8007232B</Data>
  190. <Data>0ff1ce15-a989-479d-af46-f275c6370663</Data>
  191. <Data>d450596f-894d-49e0-966a-fd39ed4c4c64</Data>
  192. <Data>NetworkAvailable</Data>
  193. </EventData>
  194. </Event>
  195.  
  196. Log Name: Application
  197. Source: ESENT
  198. Date: 24/04/2021 16:05:51
  199. Event ID: 105
  200. Task Category: (1)
  201. Level: Information
  202. Keywords: Classic
  203. User: N/A
  204. Computer: DESKTOP-T3O9TSS
  205. Description:
  206. SearchIndexer (7676,D,0) Windows: The database engine started a new instance (0). (Time=0 seconds)
  207.  
  208. Additional Data:
  209. lgposV2[] = 00000065:009D:0000 - 00000065:00FD:0609 - 00000066:0092:0000 - 00000066:0092:0000 (00000000:0000:0000)
  210. cReInits = 1
  211.  
  212.  
  213. Internal Timing Sequence:
  214. [1] 0.000612 +J(0) +M(C:0K, Fs:191, WS:732K # 732K, PF:5392K # 5392K, P:5392K)
  215. [2] 0.000259 +J(0) +M(C:0K, Fs:227, WS:908K # 908K, PF:448K # 448K, P:448K)
  216. [3] 0.000027 +J(0) +M(C:0K, Fs:27, WS:104K # 104K, PF:68K # 68K, P:68K)
  217. [4] 0.000099 +J(0) +M(C:0K, Fs:39, WS:152K # 152K, PF:368K # 368K, P:368K)
  218. [5] 0.001074 +J(0) +M(C:0K, Fs:9, WS:36K # 36K, PF:24K # 32K, P:24K)
  219. [6] 0.002401 +J(0) +M(C:0K, Fs:23, WS:92K # 92K, PF:12K # 4K, P:12K)
  220. [7] 0.001714 +J(0) +M(C:0K, Fs:271, WS:1080K # 1080K, PF:1028K # 1028K, P:1028K)
  221. [8] 0.143796 -0.107082 (511) CM -0.003827 (7) WT +J(CM:511, PgRf:2759, Rd:0/511, Dy:49/719, Lg:390063/10855) +M(C:0K, Fs:4739, WS:11772K # 11772K, PF:11612K # 11612K, P:11612K)
  222. [9] 0.054358 -0.002756 (403) CM -0.000763 (5) WT +J(CM:403, PgRf:5351, Rd:333/403, Dy:163/6049, Lg:586236/21188) +M(C:0K, Fs:3295, WS:340K # 360K, PF:252K # 252K, P:252K) + 1 lgens
  223. [10] 0.000655 +J(0) +M(C:0K, Fs:0, WS:-1020K # 0K, PF:-1020K # 0K, P:-1020K)
  224. [11] 0.000028 +J(CM:0, PgRf:0, Rd:0/0, Dy:0/0, Lg:49/1) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
  225. [12] 0.033561 -0.000006 (142) CM -0.029859 (3) WT +J(CM:142, PgRf:0, Rd:0/142, Dy:0/0, Lg:0/0) +M(C:0K, Fs:898, WS:-56K # 0K, PF:-64K # 0K, P:-64K)
  226. [13] 0.038235 -0.000424 (2) CM -0.029646 (22) WT +J(CM:2, PgRf:2, Rd:0/2, Dy:0/0, Lg:8759/5) +M(C:0K, Fs:309, WS:-10852K # 0K, PF:-10244K # 0K, P:-10244K)
  227. [14] 0.000017 +J(0)
  228. [15] 0.000035 +J(0)
  229. [16] 0.000123 +J(0) +M(C:0K, Fs:2, WS:0K # 0K, PF:0K # 0K, P:0K).
  230. Event Xml:
  231. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  232. <System>
  233. <Provider Name="ESENT" />
  234. <EventID Qualifiers="0">105</EventID>
  235. <Version>0</Version>
  236. <Level>4</Level>
  237. <Task>1</Task>
  238. <Opcode>0</Opcode>
  239. <Keywords>0x80000000000000</Keywords>
  240. <TimeCreated SystemTime="2021-04-24T14:05:51.9310001Z" />
  241. <EventRecordID>1125</EventRecordID>
  242. <Correlation />
  243. <Execution ProcessID="0" ThreadID="0" />
  244. <Channel>Application</Channel>
  245. <Computer>DESKTOP-T3O9TSS</Computer>
  246. <Security />
  247. </System>
  248. <EventData>
  249. <Data>SearchIndexer</Data>
  250. <Data>7676,D,0</Data>
  251. <Data>Windows: </Data>
  252. <Data>0</Data>
  253. <Data>0</Data>
  254. <Data>
  255. [1] 0.000612 +J(0) +M(C:0K, Fs:191, WS:732K # 732K, PF:5392K # 5392K, P:5392K)
  256. [2] 0.000259 +J(0) +M(C:0K, Fs:227, WS:908K # 908K, PF:448K # 448K, P:448K)
  257. [3] 0.000027 +J(0) +M(C:0K, Fs:27, WS:104K # 104K, PF:68K # 68K, P:68K)
  258. [4] 0.000099 +J(0) +M(C:0K, Fs:39, WS:152K # 152K, PF:368K # 368K, P:368K)
  259. [5] 0.001074 +J(0) +M(C:0K, Fs:9, WS:36K # 36K, PF:24K # 32K, P:24K)
  260. [6] 0.002401 +J(0) +M(C:0K, Fs:23, WS:92K # 92K, PF:12K # 4K, P:12K)
  261. [7] 0.001714 +J(0) +M(C:0K, Fs:271, WS:1080K # 1080K, PF:1028K # 1028K, P:1028K)
  262. [8] 0.143796 -0.107082 (511) CM -0.003827 (7) WT +J(CM:511, PgRf:2759, Rd:0/511, Dy:49/719, Lg:390063/10855) +M(C:0K, Fs:4739, WS:11772K # 11772K, PF:11612K # 11612K, P:11612K)
  263. [9] 0.054358 -0.002756 (403) CM -0.000763 (5) WT +J(CM:403, PgRf:5351, Rd:333/403, Dy:163/6049, Lg:586236/21188) +M(C:0K, Fs:3295, WS:340K # 360K, PF:252K # 252K, P:252K) + 1 lgens
  264. [10] 0.000655 +J(0) +M(C:0K, Fs:0, WS:-1020K # 0K, PF:-1020K # 0K, P:-1020K)
  265. [11] 0.000028 +J(CM:0, PgRf:0, Rd:0/0, Dy:0/0, Lg:49/1) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
  266. [12] 0.033561 -0.000006 (142) CM -0.029859 (3) WT +J(CM:142, PgRf:0, Rd:0/142, Dy:0/0, Lg:0/0) +M(C:0K, Fs:898, WS:-56K # 0K, PF:-64K # 0K, P:-64K)
  267. [13] 0.038235 -0.000424 (2) CM -0.029646 (22) WT +J(CM:2, PgRf:2, Rd:0/2, Dy:0/0, Lg:8759/5) +M(C:0K, Fs:309, WS:-10852K # 0K, PF:-10244K # 0K, P:-10244K)
  268. [14] 0.000017 +J(0)
  269. [15] 0.000035 +J(0)
  270. [16] 0.000123 +J(0) +M(C:0K, Fs:2, WS:0K # 0K, PF:0K # 0K, P:0K).</Data>
  271. <Data>lgposV2[] = 00000065:009D:0000 - 00000065:00FD:0609 - 00000066:0092:0000 - 00000066:0092:0000 (00000000:0000:0000)
  272. cReInits = 1
  273. </Data>
  274. </EventData>
  275. </Event>
  276.  
  277. Log Name: Application
  278. Source: ESENT
  279. Date: 24/04/2021 16:05:51
  280. Event ID: 302
  281. Task Category: (3)
  282. Level: Information
  283. Keywords: Classic
  284. User: N/A
  285. Computer: DESKTOP-T3O9TSS
  286. Description:
  287. SearchIndexer (7676,U,98) Windows: The database engine has successfully completed recovery steps.
  288. Event Xml:
  289. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  290. <System>
  291. <Provider Name="ESENT" />
  292. <EventID Qualifiers="0">302</EventID>
  293. <Version>0</Version>
  294. <Level>4</Level>
  295. <Task>3</Task>
  296. <Opcode>0</Opcode>
  297. <Keywords>0x80000000000000</Keywords>
  298. <TimeCreated SystemTime="2021-04-24T14:05:51.9310001Z" />
  299. <EventRecordID>1124</EventRecordID>
  300. <Correlation />
  301. <Execution ProcessID="0" ThreadID="0" />
  302. <Channel>Application</Channel>
  303. <Computer>DESKTOP-T3O9TSS</Computer>
  304. <Security />
  305. </System>
  306. <EventData>
  307. <Data>SearchIndexer</Data>
  308. <Data>7676,U,98</Data>
  309. <Data>Windows: </Data>
  310. </EventData>
  311. </Event>
  312.  
  313. Log Name: Application
  314. Source: ESENT
  315. Date: 24/04/2021 16:05:51
  316. Event ID: 301
  317. Task Category: (3)
  318. Level: Information
  319. Keywords: Classic
  320. User: N/A
  321. Computer: DESKTOP-T3O9TSS
  322. Description:
  323. SearchIndexer (7676,R,98) Windows: The database engine has finished replaying logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.jtx.
  324.  
  325. Processing Stats:
  326. [1] 0.049424 -0.002756 (403) CM -0.000763 (5) WT +J(CM:403, PgRf:5351, Rd:324/403, Dy:163/6049, Lg:586236/21188) +M(C:0K, Fs:3266, WS:356K # 316K, PF:236K # 172K, P:236K).
  327. Log record of type 'Commit ' was seen most frequently (5292 times)
  328. Event Xml:
  329. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  330. <System>
  331. <Provider Name="ESENT" />
  332. <EventID Qualifiers="0">301</EventID>
  333. <Version>0</Version>
  334. <Level>4</Level>
  335. <Task>3</Task>
  336. <Opcode>0</Opcode>
  337. <Keywords>0x80000000000000</Keywords>
  338. <TimeCreated SystemTime="2021-04-24T14:05:51.8620024Z" />
  339. <EventRecordID>1123</EventRecordID>
  340. <Correlation />
  341. <Execution ProcessID="0" ThreadID="0" />
  342. <Channel>Application</Channel>
  343. <Computer>DESKTOP-T3O9TSS</Computer>
  344. <Security />
  345. </System>
  346. <EventData>
  347. <Data>SearchIndexer</Data>
  348. <Data>7676,R,98</Data>
  349. <Data>Windows: </Data>
  350. <Data>C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.jtx</Data>
  351. <Data>
  352. [1] 0.049424 -0.002756 (403) CM -0.000763 (5) WT +J(CM:403, PgRf:5351, Rd:324/403, Dy:163/6049, Lg:586236/21188) +M(C:0K, Fs:3266, WS:356K # 316K, PF:236K # 172K, P:236K).</Data>
  353. <Data>Commit </Data>
  354. <Data>5292</Data>
  355. </EventData>
  356. </Event>
  357.  
  358. Log Name: Application
  359. Source: ESENT
  360. Date: 24/04/2021 16:05:51
  361. Event ID: 301
  362. Task Category: (3)
  363. Level: Information
  364. Keywords: Classic
  365. User: N/A
  366. Computer: DESKTOP-T3O9TSS
  367. Description:
  368. SearchIndexer (7676,R,98) Windows: The database engine has finished replaying logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00065.jtx.
  369.  
  370. Processing Stats:
  371. [1] 0.139114 -0.107082 (511) CM -0.003669 (6) WT +J(CM:511, PgRf:2759, Rd:0/511, Dy:49/719, Lg:390063/10855) +M(C:0K, Fs:4473, WS:10716K # 10716K, PF:10792K # 10792K, P:10792K).
  372. Log record of type 'Commit ' was seen most frequently (2705 times)
  373. Event Xml:
  374. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  375. <System>
  376. <Provider Name="ESENT" />
  377. <EventID Qualifiers="0">301</EventID>
  378. <Version>0</Version>
  379. <Level>4</Level>
  380. <Task>3</Task>
  381. <Opcode>0</Opcode>
  382. <Keywords>0x80000000000000</Keywords>
  383. <TimeCreated SystemTime="2021-04-24T14:05:51.7995166Z" />
  384. <EventRecordID>1122</EventRecordID>
  385. <Correlation />
  386. <Execution ProcessID="0" ThreadID="0" />
  387. <Channel>Application</Channel>
  388. <Computer>DESKTOP-T3O9TSS</Computer>
  389. <Security />
  390. </System>
  391. <EventData>
  392. <Data>SearchIndexer</Data>
  393. <Data>7676,R,98</Data>
  394. <Data>Windows: </Data>
  395. <Data>C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00065.jtx</Data>
  396. <Data>
  397. [1] 0.139114 -0.107082 (511) CM -0.003669 (6) WT +J(CM:511, PgRf:2759, Rd:0/511, Dy:49/719, Lg:390063/10855) +M(C:0K, Fs:4473, WS:10716K # 10716K, PF:10792K # 10792K, P:10792K).</Data>
  398. <Data>Commit </Data>
  399. <Data>2705</Data>
  400. </EventData>
  401. </Event>
  402.  
  403. Log Name: Application
  404. Source: ESENT
  405. Date: 24/04/2021 16:05:51
  406. Event ID: 300
  407. Task Category: (3)
  408. Level: Information
  409. Keywords: Classic
  410. User: N/A
  411. Computer: DESKTOP-T3O9TSS
  412. Description:
  413. SearchIndexer (7676,R,98) Windows: The database engine is initiating recovery steps.
  414. Event Xml:
  415. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  416. <System>
  417. <Provider Name="ESENT" />
  418. <EventID Qualifiers="0">300</EventID>
  419. <Version>0</Version>
  420. <Level>4</Level>
  421. <Task>3</Task>
  422. <Opcode>0</Opcode>
  423. <Keywords>0x80000000000000</Keywords>
  424. <TimeCreated SystemTime="2021-04-24T14:05:51.6691480Z" />
  425. <EventRecordID>1121</EventRecordID>
  426. <Correlation />
  427. <Execution ProcessID="0" ThreadID="0" />
  428. <Channel>Application</Channel>
  429. <Computer>DESKTOP-T3O9TSS</Computer>
  430. <Security />
  431. </System>
  432. <EventData>
  433. <Data>SearchIndexer</Data>
  434. <Data>7676,R,98</Data>
  435. <Data>Windows: </Data>
  436. </EventData>
  437. </Event>
  438.  
  439. Log Name: Application
  440. Source: ESENT
  441. Date: 24/04/2021 16:05:51
  442. Event ID: 102
  443. Task Category: (1)
  444. Level: Information
  445. Keywords: Classic
  446. User: N/A
  447. Computer: DESKTOP-T3O9TSS
  448. Description:
  449. SearchIndexer (7676,P,98) Windows: The database engine (10.00.19041.0000) is starting a new instance (0).
  450. Event Xml:
  451. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  452. <System>
  453. <Provider Name="ESENT" />
  454. <EventID Qualifiers="0">102</EventID>
  455. <Version>0</Version>
  456. <Level>4</Level>
  457. <Task>1</Task>
  458. <Opcode>0</Opcode>
  459. <Keywords>0x80000000000000</Keywords>
  460. <TimeCreated SystemTime="2021-04-24T14:05:51.6535172Z" />
  461. <EventRecordID>1120</EventRecordID>
  462. <Correlation />
  463. <Execution ProcessID="0" ThreadID="0" />
  464. <Channel>Application</Channel>
  465. <Computer>DESKTOP-T3O9TSS</Computer>
  466. <Security />
  467. </System>
  468. <EventData>
  469. <Data>SearchIndexer</Data>
  470. <Data>7676,P,98</Data>
  471. <Data>Windows: </Data>
  472. <Data>0</Data>
  473. <Data>10</Data>
  474. <Data>00</Data>
  475. <Data>19041</Data>
  476. <Data>0000</Data>
  477. </EventData>
  478. </Event>
  479.  
  480. Log Name: Application
  481. Source: Microsoft-Windows-Winlogon
  482. Date: 24/04/2021 16:05:50
  483. Event ID: 6000
  484. Task Category: None
  485. Level: Information
  486. Keywords: Classic
  487. User: N/A
  488. Computer: DESKTOP-T3O9TSS
  489. Description:
  490. The winlogon notification subscriber <SessionEnv> was unavailable to handle a notification event.
  491. Event Xml:
  492. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  493. <System>
  494. <Provider Name="Microsoft-Windows-Winlogon" Guid="{DBE9B383-7CF3-4331-91CC-A3CB16A3B538}" EventSourceName="Wlclntfy" />
  495. <EventID Qualifiers="32768">6000</EventID>
  496. <Version>0</Version>
  497. <Level>4</Level>
  498. <Task>0</Task>
  499. <Opcode>0</Opcode>
  500. <Keywords>0x80000000000000</Keywords>
  501. <TimeCreated SystemTime="2021-04-24T14:05:50.1278394Z" />
  502. <EventRecordID>1119</EventRecordID>
  503. <Correlation />
  504. <Execution ProcessID="0" ThreadID="0" />
  505. <Channel>Application</Channel>
  506. <Computer>DESKTOP-T3O9TSS</Computer>
  507. <Security />
  508. </System>
  509. <EventData>
  510. <Data>SessionEnv</Data>
  511. <Binary>D9060000</Binary>
  512. </EventData>
  513. </Event>
  514.  
  515. Log Name: Application
  516. Source: Microsoft-Windows-Winlogon
  517. Date: 24/04/2021 16:05:49
  518. Event ID: 6003
  519. Task Category: None
  520. Level: Information
  521. Keywords: Classic
  522. User: N/A
  523. Computer: DESKTOP-T3O9TSS
  524. Description:
  525. The winlogon notification subscriber <SessionEnv> was unavailable to handle a critical notification event.
  526. Event Xml:
  527. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  528. <System>
  529. <Provider Name="Microsoft-Windows-Winlogon" Guid="{DBE9B383-7CF3-4331-91CC-A3CB16A3B538}" EventSourceName="Wlclntfy" />
  530. <EventID Qualifiers="32768">6003</EventID>
  531. <Version>0</Version>
  532. <Level>4</Level>
  533. <Task>0</Task>
  534. <Opcode>0</Opcode>
  535. <Keywords>0x80000000000000</Keywords>
  536. <TimeCreated SystemTime="2021-04-24T14:05:49.9651213Z" />
  537. <EventRecordID>1118</EventRecordID>
  538. <Correlation />
  539. <Execution ProcessID="0" ThreadID="0" />
  540. <Channel>Application</Channel>
  541. <Computer>DESKTOP-T3O9TSS</Computer>
  542. <Security />
  543. </System>
  544. <EventData>
  545. <Data>SessionEnv</Data>
  546. <Binary>D9060000</Binary>
  547. </EventData>
  548. </Event>
  549.  
  550. Log Name: Application
  551. Source: Microsoft-Windows-WMI
  552. Date: 24/04/2021 16:05:48
  553. Event ID: 5617
  554. Task Category: None
  555. Level: Information
  556. Keywords:
  557. User: SYSTEM
  558. Computer: DESKTOP-T3O9TSS
  559. Description:
  560. Windows Management Instrumentation Service subsystems initialized successfully
  561. Event Xml:
  562. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  563. <System>
  564. <Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" />
  565. <EventID>5617</EventID>
  566. <Version>2</Version>
  567. <Level>4</Level>
  568. <Task>0</Task>
  569. <Opcode>0</Opcode>
  570. <Keywords>0x8000000000000000</Keywords>
  571. <TimeCreated SystemTime="2021-04-24T14:05:48.2308515Z" />
  572. <EventRecordID>1117</EventRecordID>
  573. <Correlation />
  574. <Execution ProcessID="3472" ThreadID="3848" />
  575. <Channel>Application</Channel>
  576. <Computer>DESKTOP-T3O9TSS</Computer>
  577. <Security UserID="S-1-5-18" />
  578. </System>
  579. <EventData>
  580. </EventData>
  581. </Event>
  582.  
  583. Log Name: Application
  584. Source: Microsoft-Windows-Security-SPP
  585. Date: 24/04/2021 16:05:48
  586. Event ID: 902
  587. Task Category: None
  588. Level: Information
  589. Keywords: Classic
  590. User: N/A
  591. Computer: DESKTOP-T3O9TSS
  592. Description:
  593. The Software Protection service has started.
  594. 10.0.19041.867
  595. Event Xml:
  596. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  597. <System>
  598. <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
  599. <EventID Qualifiers="16384">902</EventID>
  600. <Version>0</Version>
  601. <Level>0</Level>
  602. <Task>0</Task>
  603. <Opcode>0</Opcode>
  604. <Keywords>0x80000000000000</Keywords>
  605. <TimeCreated SystemTime="2021-04-24T14:05:48.7286948Z" />
  606. <EventRecordID>1116</EventRecordID>
  607. <Correlation />
  608. <Execution ProcessID="0" ThreadID="0" />
  609. <Channel>Application</Channel>
  610. <Computer>DESKTOP-T3O9TSS</Computer>
  611. <Security />
  612. </System>
  613. <EventData>
  614. <Data>10.0.19041.867</Data>
  615. </EventData>
  616. </Event>
  617.  
  618. Log Name: Application
  619. Source: Microsoft-Windows-Security-SPP
  620. Date: 24/04/2021 16:05:48
  621. Event ID: 1003
  622. Task Category: None
  623. Level: Information
  624. Keywords: Classic
  625. User: N/A
  626. Computer: DESKTOP-T3O9TSS
  627. Description:
  628. The Software Protection service has completed licensing status check.
  629. Application Id=55c92734-d682-4d71-983e-d6ec3f16059f
  630. Licensing Status=
  631. 1: 040fa323-92b1-4baf-97a2-5b67feaefddb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  632. 2: 0724cb7d-3437-4cb7-93cb-830375d0079d, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  633. 3: 0ad2ac98-7bb9-4201-8d92-312299201369, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  634. 4: 1a9a717a-cf13-4ba5-83c3-0fe25fa868d5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  635. 5: 221a02da-e2a1-4b75-864c-0a4410a33fdf, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  636. 6: 291ece0e-9c38-40ca-a9e1-32cc7ec19507, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  637. 7: 2936d1d2-913a-4542-b54e-ce5a602a2a38, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  638. 8: 2c293c26-a45a-4a2a-a350-c69a67097529, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  639. 9: 2de67392-b7a7-462a-b1ca-108dd189f588, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  640. 10: 2ffd8952-423e-4903-b993-72a1aa44cf82, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  641. 11: 30a42c86-b7a0-4a34-8c90-ff177cb2acb7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  642. 12: 345a5db0-d94f-4e3b-a0c0-7c42f7bc3ebf, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  643. 13: 3502365a-f88a-4ba4-822a-5769d3073b65, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  644. 14: 377333b1-8b5d-48d6-9679-1225c872d37c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  645. 15: 3df374ef-d444-4494-a5a1-4b0d9fd0e203, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  646. 16: 3f1afc82-f8ac-4f6c-8005-1d233e606eee, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  647. 17: 49cd895b-53b2-4dc4-a5f7-b18aa019ad37, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  648. 18: 4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c, 1, 1 [(0 )(1 )(2 [0x00000000, 1, 0], [(?)( 1 0x00000000)(?)(?)(?)(?)( 10 0x00000000 msft:rm/algorithm/flags/1.0)(?)])(3 )]
  649. 19: 4f3da0d2-271d-4508-ae81-626b60809a38, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  650. 20: 60b3ec1b-9545-4921-821f-311b129dd6f6, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  651. 21: 613d217f-7f13-4268-9907-1662339531cd, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  652. 22: 62f0c100-9c53-4e02-b886-a3528ddfe7f6, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  653. 23: 6365275e-368d-46ca-a0ef-fc0404119333, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  654. 24: 721f9237-9341-4453-a661-09e8baa6cca5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  655. 25: 73111121-5638-40f6-bc11-f1d7b0d64300, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  656. 26: 7a802526-4c94-4bd1-ba14-835a1aca2120, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  657. 27: 7cb546c0-c7d5-44d8-9a5c-69ecdd782b69, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  658. 28: 82bbc092-bc50-4e16-8e18-b74fc486aec3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  659. 29: 8ab9bdd1-1f67-4997-82d9-8878520837d9, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  660. 30: 8b351c9c-f398-4515-9900-09df49427262, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  661. 31: 90da7373-1c51-430b-bf26-c97e9c5cdc31, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  662. 32: 95dca82f-385d-4d39-b85b-5c73fa285d6f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  663. 33: a48938aa-62fa-4966-9d44-9f04da3f72f2, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  664. 34: b0773a15-df3a-4312-9ad2-83d69648e356, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  665. 35: b4bfe195-541e-4e64-ad23-6177f19e395e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  666. 36: b68e61d2-68ca-4757-be45-0cc2f3e68eee, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  667. 37: bd3762d7-270d-4760-8fb3-d829ca45278a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  668. 38: c86d5194-4840-4dae-9c1c-0301003a5ab0, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  669. 39: d552befb-48cc-4327-8f39-47d2d94f987c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  670. 40: d6eadb3b-5ca8-4a6b-986e-35b550756111, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  671. 41: df96023b-dcd9-4be2-afa0-c6c871159ebe, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  672. 42: e0c42288-980c-4788-a014-c080d2e1926e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  673. 43: e4db50ea-bda1-4566-b047-0ca50abc6f07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  674. 44: e558417a-5123-4f6f-91e7-385c1c7ca9d4, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  675. 45: e7a950a2-e548-4f10-bf16-02ec848e0643, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  676. 46: eb6d346f-1c60-4643-b960-40ec31596c45, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  677. 47: ec868e65-fadf-4759-b23e-93fe37f2cc29, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  678. 48: ef51e000-2659-4f25-8345-3de70a9cf4c4, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  679. 49: f7af7d09-40e4-419c-a49b-eae366689ebd, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  680. 50: fa755fe6-6739-40b9-8d84-6d0ea3b6d1ab, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  681. 51: fe74f55b-0338-41d6-b267-4a201abe7285, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  682.  
  683.  
  684. Event Xml:
  685. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  686. <System>
  687. <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
  688. <EventID Qualifiers="16384">1003</EventID>
  689. <Version>0</Version>
  690. <Level>4</Level>
  691. <Task>0</Task>
  692. <Opcode>0</Opcode>
  693. <Keywords>0x80000000000000</Keywords>
  694. <TimeCreated SystemTime="2021-04-24T14:05:48.6685794Z" />
  695. <EventRecordID>1115</EventRecordID>
  696. <Correlation />
  697. <Execution ProcessID="0" ThreadID="0" />
  698. <Channel>Application</Channel>
  699. <Computer>DESKTOP-T3O9TSS</Computer>
  700. <Security />
  701. </System>
  702. <EventData>
  703. <Data>55c92734-d682-4d71-983e-d6ec3f16059f</Data>
  704. <Data>
  705. 1: 040fa323-92b1-4baf-97a2-5b67feaefddb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  706. 2: 0724cb7d-3437-4cb7-93cb-830375d0079d, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  707. 3: 0ad2ac98-7bb9-4201-8d92-312299201369, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  708. 4: 1a9a717a-cf13-4ba5-83c3-0fe25fa868d5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  709. 5: 221a02da-e2a1-4b75-864c-0a4410a33fdf, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  710. 6: 291ece0e-9c38-40ca-a9e1-32cc7ec19507, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  711. 7: 2936d1d2-913a-4542-b54e-ce5a602a2a38, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  712. 8: 2c293c26-a45a-4a2a-a350-c69a67097529, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  713. 9: 2de67392-b7a7-462a-b1ca-108dd189f588, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  714. 10: 2ffd8952-423e-4903-b993-72a1aa44cf82, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  715. 11: 30a42c86-b7a0-4a34-8c90-ff177cb2acb7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  716. 12: 345a5db0-d94f-4e3b-a0c0-7c42f7bc3ebf, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  717. 13: 3502365a-f88a-4ba4-822a-5769d3073b65, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  718. 14: 377333b1-8b5d-48d6-9679-1225c872d37c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  719. 15: 3df374ef-d444-4494-a5a1-4b0d9fd0e203, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  720. 16: 3f1afc82-f8ac-4f6c-8005-1d233e606eee, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  721. 17: 49cd895b-53b2-4dc4-a5f7-b18aa019ad37, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  722. 18: 4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c, 1, 1 [(0 )(1 )(2 [0x00000000, 1, 0], [(?)( 1 0x00000000)(?)(?)(?)(?)( 10 0x00000000 msft:rm/algorithm/flags/1.0)(?)])(3 )]
  723. 19: 4f3da0d2-271d-4508-ae81-626b60809a38, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  724. 20: 60b3ec1b-9545-4921-821f-311b129dd6f6, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  725. 21: 613d217f-7f13-4268-9907-1662339531cd, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  726. 22: 62f0c100-9c53-4e02-b886-a3528ddfe7f6, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  727. 23: 6365275e-368d-46ca-a0ef-fc0404119333, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  728. 24: 721f9237-9341-4453-a661-09e8baa6cca5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  729. 25: 73111121-5638-40f6-bc11-f1d7b0d64300, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  730. 26: 7a802526-4c94-4bd1-ba14-835a1aca2120, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  731. 27: 7cb546c0-c7d5-44d8-9a5c-69ecdd782b69, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  732. 28: 82bbc092-bc50-4e16-8e18-b74fc486aec3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  733. 29: 8ab9bdd1-1f67-4997-82d9-8878520837d9, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  734. 30: 8b351c9c-f398-4515-9900-09df49427262, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  735. 31: 90da7373-1c51-430b-bf26-c97e9c5cdc31, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  736. 32: 95dca82f-385d-4d39-b85b-5c73fa285d6f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  737. 33: a48938aa-62fa-4966-9d44-9f04da3f72f2, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  738. 34: b0773a15-df3a-4312-9ad2-83d69648e356, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  739. 35: b4bfe195-541e-4e64-ad23-6177f19e395e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  740. 36: b68e61d2-68ca-4757-be45-0cc2f3e68eee, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  741. 37: bd3762d7-270d-4760-8fb3-d829ca45278a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  742. 38: c86d5194-4840-4dae-9c1c-0301003a5ab0, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  743. 39: d552befb-48cc-4327-8f39-47d2d94f987c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  744. 40: d6eadb3b-5ca8-4a6b-986e-35b550756111, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  745. 41: df96023b-dcd9-4be2-afa0-c6c871159ebe, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  746. 42: e0c42288-980c-4788-a014-c080d2e1926e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  747. 43: e4db50ea-bda1-4566-b047-0ca50abc6f07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  748. 44: e558417a-5123-4f6f-91e7-385c1c7ca9d4, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  749. 45: e7a950a2-e548-4f10-bf16-02ec848e0643, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  750. 46: eb6d346f-1c60-4643-b960-40ec31596c45, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  751. 47: ec868e65-fadf-4759-b23e-93fe37f2cc29, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  752. 48: ef51e000-2659-4f25-8345-3de70a9cf4c4, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  753. 49: f7af7d09-40e4-419c-a49b-eae366689ebd, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  754. 50: fa755fe6-6739-40b9-8d84-6d0ea3b6d1ab, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  755. 51: fe74f55b-0338-41d6-b267-4a201abe7285, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
  756.  
  757. </Data>
  758. </EventData>
  759. </Event>
  760.  
  761. Log Name: Application
  762. Source: Microsoft-Windows-Security-SPP
  763. Date: 24/04/2021 16:05:48
  764. Event ID: 1066
  765. Task Category: None
  766. Level: Information
  767. Keywords: Classic
  768. User: N/A
  769. Computer: DESKTOP-T3O9TSS
  770. Description:
  771. Initialization status for service objects.
  772. C:\WINDOWS\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
  773. C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/inherited/1.0, 0x00000000, 0x00000000
  774. C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
  775. C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/pkey/detect, 0x00000000, 0x00000000
  776. C:\WINDOWS\system32\sppobjs.dll, msft:spp/ActionScheduler/1.0, 0x00000000, 0x00000000
  777. C:\WINDOWS\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
  778. C:\WINDOWS\system32\sppobjs.dll, msft:spp/statecollector/pkey, 0x00000000, 0x00000000
  779. C:\WINDOWS\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
  780. C:\WINDOWS\system32\sppobjs.dll, msft:spp/volume/services/kms/activationinfo/1.0, 0x00000000, 0x00000000
  781.  
  782. Event Xml:
  783. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  784. <System>
  785. <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
  786. <EventID Qualifiers="16384">1066</EventID>
  787. <Version>0</Version>
  788. <Level>4</Level>
  789. <Task>0</Task>
  790. <Opcode>0</Opcode>
  791. <Keywords>0x80000000000000</Keywords>
  792. <TimeCreated SystemTime="2021-04-24T14:05:48.5843539Z" />
  793. <EventRecordID>1114</EventRecordID>
  794. <Correlation />
  795. <Execution ProcessID="0" ThreadID="0" />
  796. <Channel>Application</Channel>
  797. <Computer>DESKTOP-T3O9TSS</Computer>
  798. <Security />
  799. </System>
  800. <EventData>
  801. <Data>C:\WINDOWS\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
  802. C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/inherited/1.0, 0x00000000, 0x00000000
  803. C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
  804. C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/pkey/detect, 0x00000000, 0x00000000
  805. C:\WINDOWS\system32\sppobjs.dll, msft:spp/ActionScheduler/1.0, 0x00000000, 0x00000000
  806. C:\WINDOWS\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
  807. C:\WINDOWS\system32\sppobjs.dll, msft:spp/statecollector/pkey, 0x00000000, 0x00000000
  808. C:\WINDOWS\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
  809. C:\WINDOWS\system32\sppobjs.dll, msft:spp/volume/services/kms/activationinfo/1.0, 0x00000000, 0x00000000
  810. </Data>
  811. </EventData>
  812. </Event>
  813.  
  814. Log Name: Application
  815. Source: Microsoft-Windows-Security-SPP
  816. Date: 24/04/2021 16:05:48
  817. Event ID: 16394
  818. Task Category: None
  819. Level: Information
  820. Keywords: Classic
  821. User: N/A
  822. Computer: DESKTOP-T3O9TSS
  823. Description:
  824. Offline downlevel migration succeeded.
  825. Event Xml:
  826. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  827. <System>
  828. <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
  829. <EventID Qualifiers="49152">16394</EventID>
  830. <Version>0</Version>
  831. <Level>4</Level>
  832. <Task>0</Task>
  833. <Opcode>0</Opcode>
  834. <Keywords>0x80000000000000</Keywords>
  835. <TimeCreated SystemTime="2021-04-24T14:05:48.5531111Z" />
  836. <EventRecordID>1113</EventRecordID>
  837. <Correlation />
  838. <Execution ProcessID="0" ThreadID="0" />
  839. <Channel>Application</Channel>
  840. <Computer>DESKTOP-T3O9TSS</Computer>
  841. <Security />
  842. </System>
  843. <EventData>
  844. </EventData>
  845. </Event>
  846.  
  847. Log Name: Application
  848. Source: Microsoft-Windows-Security-SPP
  849. Date: 24/04/2021 16:05:48
  850. Event ID: 900
  851. Task Category: None
  852. Level: Information
  853. Keywords: Classic
  854. User: N/A
  855. Computer: DESKTOP-T3O9TSS
  856. Description:
  857. The Software Protection service is starting.
  858. Parameters:TriggerStarted:6
  859. Event Xml:
  860. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  861. <System>
  862. <Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
  863. <EventID Qualifiers="16384">900</EventID>
  864. <Version>0</Version>
  865. <Level>4</Level>
  866. <Task>0</Task>
  867. <Opcode>0</Opcode>
  868. <Keywords>0x80000000000000</Keywords>
  869. <TimeCreated SystemTime="2021-04-24T14:05:48.3994991Z" />
  870. <EventRecordID>1112</EventRecordID>
  871. <Correlation />
  872. <Execution ProcessID="0" ThreadID="0" />
  873. <Channel>Application</Channel>
  874. <Computer>DESKTOP-T3O9TSS</Computer>
  875. <Security />
  876. </System>
  877. <EventData>
  878. <Data>TriggerStarted:6</Data>
  879. </EventData>
  880. </Event>
  881.  
  882. Log Name: Application
  883. Source: Microsoft-Windows-WMI
  884. Date: 24/04/2021 16:05:47
  885. Event ID: 5611
  886. Task Category: None
  887. Level: Information
  888. Keywords:
  889. User: SYSTEM
  890. Computer: DESKTOP-T3O9TSS
  891. Description:
  892. The Windows Management Instrumentation service has detected an inconsistent system shutdown.
  893. Event Xml:
  894. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  895. <System>
  896. <Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" />
  897. <EventID>5611</EventID>
  898. <Version>2</Version>
  899. <Level>4</Level>
  900. <Task>0</Task>
  901. <Opcode>0</Opcode>
  902. <Keywords>0x8000000000000000</Keywords>
  903. <TimeCreated SystemTime="2021-04-24T14:05:47.3248736Z" />
  904. <EventRecordID>1111</EventRecordID>
  905. <Correlation />
  906. <Execution ProcessID="3472" ThreadID="3848" />
  907. <Channel>Application</Channel>
  908. <Computer>DESKTOP-T3O9TSS</Computer>
  909. <Security UserID="S-1-5-18" />
  910. </System>
  911. <EventData>
  912. </EventData>
  913. </Event>
  914.  
  915. Log Name: Application
  916. Source: Microsoft-Windows-WMI
  917. Date: 24/04/2021 16:05:46
  918. Event ID: 5615
  919. Task Category: None
  920. Level: Information
  921. Keywords:
  922. User: SYSTEM
  923. Computer: DESKTOP-T3O9TSS
  924. Description:
  925. Windows Management Instrumentation Service started sucessfully
  926. Event Xml:
  927. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  928. <System>
  929. <Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" />
  930. <EventID>5615</EventID>
  931. <Version>2</Version>
  932. <Level>4</Level>
  933. <Task>0</Task>
  934. <Opcode>0</Opcode>
  935. <Keywords>0x8000000000000000</Keywords>
  936. <TimeCreated SystemTime="2021-04-24T14:05:46.6639830Z" />
  937. <EventRecordID>1110</EventRecordID>
  938. <Correlation />
  939. <Execution ProcessID="3472" ThreadID="3704" />
  940. <Channel>Application</Channel>
  941. <Computer>DESKTOP-T3O9TSS</Computer>
  942. <Security UserID="S-1-5-18" />
  943. </System>
  944. <EventData>
  945. </EventData>
  946. </Event>
  947.  
  948. Log Name: Application
  949. Source: Microsoft-Windows-User Profiles Service
  950. Date: 24/04/2021 16:05:45
  951. Event ID: 1531
  952. Task Category: None
  953. Level: Information
  954. Keywords:
  955. User: SYSTEM
  956. Computer: DESKTOP-T3O9TSS
  957. Description:
  958. The User Profile Service has started successfully.
  959.  
  960.  
  961. Event Xml:
  962. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  963. <System>
  964. <Provider Name="Microsoft-Windows-User Profiles Service" Guid="{89b1e9f0-5aff-44a6-9b44-0a07a7ce5845}" />
  965. <EventID>1531</EventID>
  966. <Version>0</Version>
  967. <Level>4</Level>
  968. <Task>0</Task>
  969. <Opcode>0</Opcode>
  970. <Keywords>0x8000000000000000</Keywords>
  971. <TimeCreated SystemTime="2021-04-24T14:05:45.9071201Z" />
  972. <EventRecordID>1109</EventRecordID>
  973. <Correlation />
  974. <Execution ProcessID="1696" ThreadID="1772" />
  975. <Channel>Application</Channel>
  976. <Computer>DESKTOP-T3O9TSS</Computer>
  977. <Security UserID="S-1-5-18" />
  978. </System>
  979. <EventData>
  980. </EventData>
  981. </Event>
  982.  
  983. Log Name: Application
  984. Source: IntelDalJhi
  985. Date: 24/04/2021 16:05:46
  986. Event ID: 0
  987. Task Category: None
  988. Level: Information
  989. Keywords: Classic
  990. User: N/A
  991. Computer: DESKTOP-T3O9TSS
  992. Description:
  993. The description for Event ID 0 from source IntelDalJhi cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
  994.  
  995. If the event originated on another computer, the display information had to be saved with the event.
  996.  
  997. The following information was included with the event:
  998.  
  999.  
  1000. The specified resource type cannot be found in the image file
  1001.  
  1002. Event Xml:
  1003. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  1004. <System>
  1005. <Provider Name="IntelDalJhi" />
  1006. <EventID Qualifiers="16384">0</EventID>
  1007. <Version>0</Version>
  1008. <Level>4</Level>
  1009. <Task>0</Task>
  1010. <Opcode>0</Opcode>
  1011. <Keywords>0x80000000000000</Keywords>
  1012. <TimeCreated SystemTime="2021-04-24T14:05:46.7099773Z" />
  1013. <EventRecordID>1108</EventRecordID>
  1014. <Correlation />
  1015. <Execution ProcessID="0" ThreadID="0" />
  1016. <Channel>Application</Channel>
  1017. <Computer>DESKTOP-T3O9TSS</Computer>
  1018. <Security />
  1019. </System>
  1020. <EventData>
  1021. </EventData>
  1022. </Event>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!