API tools faq
paste
Advertisement
sam20e

eventlog

sam20e
Apr 11th, 2019
317
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 28.23 KB | None | 0 0
raw download clone embed print report
  1. Level Date and Time Source Event ID Task Category
  2. Information 10/4/2019 11:36:58 PM Microsoft-Windows-Kernel-Power 107 (102) The system has resumed from sleep.
  3. Information 10/4/2019 11:36:54 PM Microsoft-Windows-Kernel-Power 42 (64) "The system is entering sleep.
  4.  
  5. Sleep Reason: Application API"
  6. Information 10/4/2019 11:36:51 PM Microsoft-Windows-Kernel-Power 187 (243) User-mode process attempted to change the system state by calling SetSuspendState or SetSystemPowerState APIs.
  7. Information 10/4/2019 11:36:51 PM Win32k 267 None Touch/Touchpad Hardware Quality Assurance verification succeeded.
  8. Information 10/4/2019 11:36:50 PM Microsoft-Windows-Winlogon 7002 (1102) User Logoff Notification for Customer Experience Improvement Program
  9. Information 10/4/2019 11:36:48 PM User32 1074 None "The process C:\Windows\System32\RuntimeBroker.exe (DESKTOP-HJ3E6N4) has initiated the power off of computer DESKTOP-HJ3E6N4 on behalf of user DESKTOP-HJ3E6N4\sampr for the following reason: Other (Unplanned)
  10. Reason Code: 0x0
  11. Shutdown Type: power off
  12. Comment: "
  13. Information 10/4/2019 11:36:33 PM Service Control Manager 7040 None The start type of the Background Intelligent Transfer Service service was changed from demand start to auto start.
  14. Information 10/4/2019 10:24:23 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\ProgramData\Microsoft\Provisioning\Microsoft-Desktop-Provisioning-Sequence.dat was cleared updating 0 keys and creating 0 modified pages.
  15. Information 10/4/2019 10:24:19 PM Service Control Manager 7040 None The start type of the Background Intelligent Transfer Service service was changed from auto start to demand start.
  16. Information 10/4/2019 10:21:05 PM Service Control Manager 7040 None The start type of the Background Intelligent Transfer Service service was changed from demand start to auto start.
  17. Information 10/4/2019 10:18:00 PM Service Control Manager 7040 None The start type of the Background Intelligent Transfer Service service was changed from auto start to demand start.
  18. Information 10/4/2019 10:17:22 PM Microsoft-Windows-Kernel-Power 105 (100) Power source change.
  19. Error 10/4/2019 10:15:59 PM Microsoft-Windows-DistributedCOM 10016 None "The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
  20. Windows.SecurityCenter.SecurityAppBroker
  21. and APPID
  22. Unavailable
  23. to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool."
  24. Error 10/4/2019 10:15:59 PM Microsoft-Windows-DistributedCOM 10016 None "The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
  25. Windows.SecurityCenter.WscBrokerManager
  26. and APPID
  27. Unavailable
  28. to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool."
  29. Error 10/4/2019 10:15:05 PM Microsoft-Windows-DistributedCOM 10016 None "The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  30. {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
  31. and APPID
  32. {15C20B67-12E7-4BB6-92BB-7AFF07997402}
  33. to the user DESKTOP-HJ3E6N4\sampr SID (S-1-5-21-1224730652-1865282460-2047001690-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool."
  34. Error 10/4/2019 10:15:03 PM Microsoft-Windows-DistributedCOM 10016 None "The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  35. {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
  36. and APPID
  37. {15C20B67-12E7-4BB6-92BB-7AFF07997402}
  38. to the user DESKTOP-HJ3E6N4\sampr SID (S-1-5-21-1224730652-1865282460-2047001690-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool."
  39. Warning 10/4/2019 10:14:56 PM Microsoft-Windows-Kernel-Processor-Power 37 (7) The speed of processor 5 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
  40. Warning 10/4/2019 10:14:56 PM Microsoft-Windows-Kernel-Processor-Power 37 (7) The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
  41. Warning 10/4/2019 10:14:56 PM Microsoft-Windows-Kernel-Processor-Power 37 (7) The speed of processor 6 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
  42. Warning 10/4/2019 10:14:56 PM Microsoft-Windows-Kernel-Processor-Power 37 (7) The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
  43. Warning 10/4/2019 10:14:56 PM Microsoft-Windows-Kernel-Processor-Power 37 (7) The speed of processor 7 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
  44. Warning 10/4/2019 10:14:56 PM Microsoft-Windows-Kernel-Processor-Power 37 (7) The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
  45. Warning 10/4/2019 10:14:56 PM Microsoft-Windows-Kernel-Processor-Power 37 (7) The speed of processor 4 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
  46. Warning 10/4/2019 10:14:56 PM Microsoft-Windows-Kernel-Processor-Power 37 (7) The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
  47. Information 10/4/2019 10:14:43 PM Microsoft-Windows-FilterManager 6 None File System Filter 'wcnfs' (10.0, ‎2006‎-‎11‎-‎24T15:13:01.000000000Z) has successfully loaded and registered with Filter Manager.
  48. Information 10/4/2019 10:14:42 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\Users\sampr\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat was cleared updating 15 keys and creating 2 modified pages.
  49. Information 10/4/2019 10:14:39 PM Microsoft-Windows-WindowsUpdateClient 19 Windows Update Agent Installation Successful: Windows successfully installed the following update: 2019-04 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4493509)
  50. Information 10/4/2019 10:14:29 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\WINDOWS\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\State\dosvcState.dat was cleared updating 110 keys and creating 41 modified pages.
  51. Information 10/4/2019 10:14:28 PM Microsoft-Windows-Winlogon 7001 (1101) User Logon Notification for Customer Experience Improvement Program
  52. Information 10/4/2019 10:14:28 PM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.
  53. Information 10/4/2019 10:14:16 PM Microsoft-Windows-HttpEvent 15007 None Reservation for namespace identified by URL prefix http://+:3387/rdp/ was successfully added.
  54. Information 10/4/2019 10:14:16 PM Microsoft-Windows-HttpEvent 15007 None Reservation for namespace identified by URL prefix https://+:3392/rdp/ was successfully added.
  55. Information 10/4/2019 10:14:09 PM Service Control Manager 7040 None The start type of the Symantec Real Time Storage Protection x64 service was changed from system start to demand start.
  56. Information 10/4/2019 10:14:06 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\WINDOWS\system32\config\elam was cleared updating 2 keys and creating 1 modified pages.
  57. Information 10/4/2019 10:14:03 PM Microsoft-Windows-TPM-WMI 1025 None The TPM was successfully provisioned and is now ready for use.
  58. Information 10/4/2019 10:14:02 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\Users\Default\NTUSER.DAT was cleared updating 8 keys and creating 4 modified pages.
  59. Information 10/4/2019 10:14:02 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-20-04102019221402047-ntuser.dat was cleared updating 0 keys and creating 0 modified pages.
  60. Information 10/4/2019 10:14:01 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-19-04102019221401953-ntuser.dat was cleared updating 0 keys and creating 0 modified pages.
  61. Information 10/4/2019 10:14:01 PM Microsoft-Windows-TPM-WMI 1025 None The TPM was successfully provisioned and is now ready for use.
  62. Information 10/4/2019 10:14:01 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-18-04102019221401889-ntuser.dat was cleared updating 0 keys and creating 0 modified pages.
  63. Information 10/4/2019 10:14:01 PM Microsoft-Windows-HttpEvent 15008 None Reservation for namespace identified by URL prefix http://+:3387/rdp/ was successfully deleted.
  64. Information 10/4/2019 10:14:01 PM Microsoft-Windows-HttpEvent 15008 None Reservation for namespace identified by URL prefix https://+:3392/rdp/ was successfully deleted.
  65. Information 10/4/2019 10:14:01 PM Service Control Manager 7045 None "A service was installed in the system.
  66.  
  67. Service Name: MBAMSwissArmy
  68. Service File Name: \SystemRoot\system32\DRIVERS\mbamswissarmy.sys
  69. Service Type: kernel mode driver
  70. Service Start Type: demand start
  71. Service Account: "
  72. Information 10/4/2019 10:13:58 PM TPM 18 None This event triggers the Trusted Platform Module (TPM) provisioning/status check to run.
  73. Information 10/4/2019 10:13:58 PM Service Control Manager 7026 None "The following boot-start or system-start driver(s) did not load:
  74. dam"
  75. Information 10/4/2019 10:13:58 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\WINDOWS\AppCompat\Programs\Amcache.hve was cleared updating 1961 keys and creating 703 modified pages.
  76. Information 10/4/2019 10:13:56 PM Win32k 267 None Touch/Touchpad Hardware Quality Assurance verification succeeded.
  77. Information 10/4/2019 10:13:56 PM IntelHaxm 4 None HAXM is loaded successfully
  78. Error 10/4/2019 10:13:56 PM Service Control Manager 7000 None "The WsDrvInst service failed to start due to the following error:
  79. The system cannot find the file specified."
  80. Information 10/4/2019 10:13:56 PM Microsoft-Windows-WLAN-AutoConfig 4000 None "WLAN AutoConfig service has successfully started.
  81. "
  82. Information 10/4/2019 10:13:54 PM Microsoft-Windows-DHCPv6-Client 51046 Service State Event DHCPv6 client service is started
  83. Information 10/4/2019 10:13:54 PM Microsoft-Windows-Dhcp-Client 50103 Service State Event DHCPv4 client registered for shutdown notification
  84. Information 10/4/2019 10:13:54 PM Microsoft-Windows-Dhcp-Client 50036 Service State Event DHCPv4 client service is started
  85. Information 10/4/2019 10:13:54 PM Microsoft-Windows-FilterManager 6 None File System Filter 'virtual_file' (6.3, ‎2017‎-‎11‎-‎21T22:06:06.000000000Z) has successfully loaded and registered with Filter Manager.
  86. Information 10/4/2019 10:13:54 PM Microsoft-Windows-FilterManager 6 None File System Filter 'MBAMChameleon' (10.0, ‎2018‎-‎11‎-‎16T02:11:24.000000000Z) has successfully loaded and registered with Filter Manager.
  87. Information 10/4/2019 10:13:54 PM Microsoft-Windows-FilterManager 6 None File System Filter 'storqosflt' (10.0, ‎1992‎-‎02‎-‎07T16:10:35.000000000Z) has successfully loaded and registered with Filter Manager.
  88. Information 10/4/2019 10:13:54 PM Microsoft-Windows-FilterManager 6 None File System Filter 'file_protector' (6.3, ‎2017‎-‎12‎-‎12T19:08:30.000000000Z) has successfully loaded and registered with Filter Manager.
  89. Information 10/4/2019 10:13:54 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \SystemRoot\System32\Config\bbimigrate\BBI was cleared updating 1 keys and creating 1 modified pages.
  90. Information 10/4/2019 10:13:53 PM Microsoft-Windows-FilterManager 6 None File System Filter 'CldFlt' (10.0, ‎2098‎-‎06‎-‎25T12:24:31.000000000Z) has successfully loaded and registered with Filter Manager.
  91. Information 10/4/2019 10:13:53 PM Microsoft-Windows-FilterManager 1 None File System Filter 'CldFlt' (Version 10.0, ‎2098‎-‎06‎-‎25T12:24:31.000000000Z) unloaded successfully.
  92. Information 10/4/2019 10:13:53 PM Microsoft-Windows-FilterManager 6 None File System Filter 'CldFlt' (10.0, ‎2098‎-‎06‎-‎25T12:24:31.000000000Z) has successfully loaded and registered with Filter Manager.
  93. Information 10/4/2019 10:13:53 PM Microsoft-Windows-FilterManager 6 None File System Filter 'luafv' (10.0, ‎2022‎-‎11‎-‎24T18:03:32.000000000Z) has successfully loaded and registered with Filter Manager.
  94. Information 10/4/2019 10:13:53 PM Microsoft-Windows-FilterManager 6 None File System Filter 'wcifs' (10.0, ‎1988‎-‎07‎-‎09T10:58:49.000000000Z) has successfully loaded and registered with Filter Manager.
  95. Information 10/4/2019 10:13:53 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \SystemRoot\System32\Config\BBI was cleared updating 344 keys and creating 83 modified pages.
  96. Information 10/4/2019 10:13:53 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\WINDOWS\ServiceProfiles\LocalService\NTUSER.DAT was cleared updating 144 keys and creating 23 modified pages.
  97. Information 10/4/2019 10:13:53 PM Win32k 267 None Touch/Touchpad Hardware Quality Assurance verification succeeded.
  98. Information 10/4/2019 10:13:53 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\WINDOWS\ServiceProfiles\NetworkService\NTUSER.DAT was cleared updating 101 keys and creating 19 modified pages.
  99. Information 10/4/2019 10:13:52 PM Microsoft-Windows-Directory-Services-SAM 16962 None "Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
  100. For more information please see http://go.microsoft.com/fwlink/?LinkId=787651."
  101. Information 10/4/2019 10:13:52 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \SystemRoot\System32\Config\SAM was cleared updating 70 keys and creating 8 modified pages.
  102. Information 10/4/2019 10:13:52 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \SystemRoot\System32\Config\SECURITY was cleared updating 87 keys and creating 5 modified pages.
  103. Information 10/4/2019 10:13:52 PM Microsoft-Windows-Wininit 14 None Credential Guard configuration: 0x0, 0
  104. Information 10/4/2019 10:13:51 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \SystemRoot\System32\Config\DEFAULT was cleared updating 615 keys and creating 86 modified pages.
  105. Information 10/4/2019 10:13:49 PM Microsoft-Windows-Kernel-General 15 None Hive \SystemRoot\System32\Config\SOFTWARE was reorganized with a starting size of 100773888 bytes and an ending size of 100777984 bytes.
  106. Information 10/4/2019 10:13:46 PM Microsoft-Windows-Ntfs 98 None Volume \\?\Volume{0337f223-5980-47d6-a36e-f02ac1bd6187} (\Device\HarddiskVolume5) is healthy. No action is needed.
  107. Information 10/4/2019 10:13:46 PM Microsoft-Windows-Ntfs 98 None Volume \\?\Volume{8a1f177b-97ff-4885-9790-b1757e26d856} (\Device\HarddiskVolume4) is healthy. No action is needed.
  108. Information 10/4/2019 10:13:46 PM MEIx64 2 None Intel(R) Management Engine Interface driver has started successfully.
  109. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Power 521 (220) Active battery count change.
  110. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Power 521 (220) Active battery count change.
  111. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Processor-Power 55 (47) "Processor 7 in group 0 exposes the following power management capabilities:
  112.  
  113. Idle state type: ACPI Idle (C) States (3 state(s))
  114.  
  115. Performance state type: ACPI Performance (P) / Throttle (T) States
  116. Nominal Frequency (MHz): 2601
  117. Maximum performance percentage: 100
  118. Minimum performance percentage: 30
  119. Minimum throttle percentage: 3"
  120. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Processor-Power 55 (47) "Processor 5 in group 0 exposes the following power management capabilities:
  121.  
  122. Idle state type: ACPI Idle (C) States (3 state(s))
  123.  
  124. Performance state type: ACPI Performance (P) / Throttle (T) States
  125. Nominal Frequency (MHz): 2601
  126. Maximum performance percentage: 100
  127. Minimum performance percentage: 30
  128. Minimum throttle percentage: 3"
  129. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Processor-Power 55 (47) "Processor 3 in group 0 exposes the following power management capabilities:
  130.  
  131. Idle state type: ACPI Idle (C) States (3 state(s))
  132.  
  133. Performance state type: ACPI Performance (P) / Throttle (T) States
  134. Nominal Frequency (MHz): 2601
  135. Maximum performance percentage: 100
  136. Minimum performance percentage: 30
  137. Minimum throttle percentage: 3"
  138. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Processor-Power 55 (47) "Processor 1 in group 0 exposes the following power management capabilities:
  139.  
  140. Idle state type: ACPI Idle (C) States (3 state(s))
  141.  
  142. Performance state type: ACPI Performance (P) / Throttle (T) States
  143. Nominal Frequency (MHz): 2601
  144. Maximum performance percentage: 100
  145. Minimum performance percentage: 30
  146. Minimum throttle percentage: 3"
  147. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Processor-Power 55 (47) "Processor 6 in group 0 exposes the following power management capabilities:
  148.  
  149. Idle state type: ACPI Idle (C) States (3 state(s))
  150.  
  151. Performance state type: ACPI Performance (P) / Throttle (T) States
  152. Nominal Frequency (MHz): 2601
  153. Maximum performance percentage: 100
  154. Minimum performance percentage: 30
  155. Minimum throttle percentage: 3"
  156. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Processor-Power 55 (47) "Processor 4 in group 0 exposes the following power management capabilities:
  157.  
  158. Idle state type: ACPI Idle (C) States (3 state(s))
  159.  
  160. Performance state type: ACPI Performance (P) / Throttle (T) States
  161. Nominal Frequency (MHz): 2601
  162. Maximum performance percentage: 100
  163. Minimum performance percentage: 30
  164. Minimum throttle percentage: 3"
  165. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Processor-Power 55 (47) "Processor 2 in group 0 exposes the following power management capabilities:
  166.  
  167. Idle state type: ACPI Idle (C) States (3 state(s))
  168.  
  169. Performance state type: ACPI Performance (P) / Throttle (T) States
  170. Nominal Frequency (MHz): 2601
  171. Maximum performance percentage: 100
  172. Minimum performance percentage: 30
  173. Minimum throttle percentage: 3"
  174. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Processor-Power 55 (47) "Processor 0 in group 0 exposes the following power management capabilities:
  175.  
  176. Idle state type: ACPI Idle (C) States (3 state(s))
  177.  
  178. Performance state type: ACPI Performance (P) / Throttle (T) States
  179. Nominal Frequency (MHz): 2601
  180. Maximum performance percentage: 100
  181. Minimum performance percentage: 30
  182. Minimum throttle percentage: 3"
  183. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Ntfs 98 None Volume D: (\Device\HarddiskVolume6) is healthy. No action is needed.
  184. Information 10/4/2019 10:13:45 PM Microsoft-Windows-Kernel-Power 172 (203) Connectivity state in standby: Disconnected, Reason: NIC compliance
  185. Information 10/4/2019 10:13:45 PM Microsoft-Windows-FilterManager 6 None File System Filter 'BHDrvx64' (6.1, ‎2019‎-‎01‎-‎29T10:34:54.000000000Z) has successfully loaded and registered with Filter Manager.
  186. Information 10/4/2019 10:13:44 PM Microsoft-Windows-FilterManager 6 None File System Filter 'eeCtrl' (6.1, ‎2018‎-‎11‎-‎07T10:08:34.000000000Z) has successfully loaded and registered with Filter Manager.
  187. Information 10/4/2019 10:13:44 PM Microsoft-Windows-FilterManager 6 None File System Filter 'npsvctrig' (10.0, ‎2037‎-‎02‎-‎23T14:11:04.000000000Z) has successfully loaded and registered with Filter Manager.
  188. Information 10/4/2019 10:13:44 PM SRTSP 2003 None Symantec Antivirus minifilter successfully loaded.
  189. Information 10/4/2019 10:13:43 PM Microsoft-Windows-FilterManager 6 None File System Filter 'SRTSP' (10.0, ‎2019‎-‎02‎-‎20T03:31:01.000000000Z) has successfully loaded and registered with Filter Manager.
  190. Information 10/4/2019 10:13:43 PM Microsoft-Windows-FilterManager 6 None File System Filter 'FileCrypt' (10.0, ‎2034‎-‎08‎-‎13T22:30:12.000000000Z) has successfully loaded and registered with Filter Manager.
  191. Information 10/4/2019 10:13:43 PM Microsoft-Windows-Ntfs 98 None Volume C: (\Device\HarddiskVolume3) is healthy. No action is needed.
  192. Information 10/4/2019 10:13:42 PM Microsoft-Windows-FilterManager 6 None File System Filter 'SymEFASI' (10.0, ‎2019‎-‎02‎-‎07T07:47:02.000000000Z) has successfully loaded and registered with Filter Manager.
  193. Information 10/4/2019 10:13:42 PM Microsoft-Windows-FilterManager 6 None File System Filter 'file_tracker' (6.3, ‎2017‎-‎08‎-‎12T01:22:17.000000000Z) has successfully loaded and registered with Filter Manager.
  194. Information 10/4/2019 10:13:42 PM Microsoft-Windows-FilterManager 6 None File System Filter 'Wof' (10.0, ‎1988‎-‎11‎-‎15T07:36:29.000000000Z) has successfully loaded and registered with Filter Manager.
  195. Information 10/4/2019 10:13:42 PM Microsoft-Windows-FilterManager 6 None File System Filter 'FileInfo' (10.0, ‎2041‎-‎01‎-‎31T15:18:31.000000000Z) has successfully loaded and registered with Filter Manager.
  196. Error 10/4/2019 10:13:42 PM Application Popup 56 None "The description for Event ID 56 from source Application Popup cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
  197.  
  198. If the event originated on another computer, the display information had to be saved with the event.
  199.  
  200. The following information was included with the event:
  201.  
  202. ACPI
  203. 5
  204.  
  205. The message resource is present but the message was not found in the message table
  206. "
  207. Information 10/4/2019 10:13:42 PM Microsoft-Windows-Kernel-General 20 (6) "The leap second configuration has been updated.
  208. Reason: Leap second data initialized from registry during boot
  209. Leap seconds enabled: true
  210. New leap second count: 0
  211. Old leap second count: 0"
  212. Information 10/4/2019 10:13:42 PM Microsoft-Windows-Kernel-Boot 30 (21) The firmware reported boot metrics.
  213. Information 10/4/2019 10:13:42 PM Microsoft-Windows-Kernel-Boot 27 (33) The boot type was 0x0.
  214. Information 10/4/2019 10:13:42 PM Microsoft-Windows-Kernel-Boot 25 (32) The boot menu policy was 0x1.
  215. Information 10/4/2019 10:13:42 PM Microsoft-Windows-Kernel-Boot 20 (31) The last shutdown's success status was true. The last boot's success status was true.
  216. Information 10/4/2019 10:13:42 PM Microsoft-Windows-Kernel-Boot 32 (58) The bootmgr spent 0 ms waiting for user input.
  217. Information 10/4/2019 10:13:42 PM Microsoft-Windows-Kernel-Boot 18 (57) There are 0x1 boot options on this system.
  218. Information 10/4/2019 10:13:42 PM Microsoft-Windows-Kernel-Boot 153 (62) Virtualization-based security (policies: 0) is disabled.
  219. Information 10/4/2019 10:13:42 PM Microsoft-Windows-Kernel-General 12 (1) The operating system started at system time ‎2019‎-‎04‎-‎10T14:13:41.500000000Z.
  220. Information 10/4/2019 10:13:32 PM Microsoft-Windows-Kernel-General 13 (2) The operating system is shutting down at system time ‎2019‎-‎04‎-‎10T14:13:32.645949300Z.
  221. Information 10/4/2019 10:13:31 PM Microsoft-Windows-Kernel-Power 109 (103) "The kernel power manager has initiated a shutdown transition.
  222.  
  223. Shutdown Reason: Kernel API"
  224. Information 10/4/2019 10:13:54 PM EventLog 6013 None The system uptime is 12 seconds.
  225. Information 10/4/2019 10:13:54 PM EventLog 6005 None The Event log service was started.
  226. Information 10/4/2019 10:13:54 PM EventLog 6009 None Microsoft (R) Windows (R) 10.00. 17763 Multiprocessor Free.
  227. Information 10/4/2019 10:13:26 PM Microsoft-Windows-Dhcp-Client 50106 Service State Event DHCPv4 is waiting on DHCPv6 service to stop
  228. Information 10/4/2019 10:13:26 PM Microsoft-Windows-DHCPv6-Client 51047 Service State Event DHCPv6 client service is stopped. ShutDown Flag value is 1
  229. Information 10/4/2019 10:13:26 PM Microsoft-Windows-Dhcp-Client 50105 Service State Event DHCPv4 client ProcessDHCPRequestForever received TERMINATE_EVENT
  230. Information 10/4/2019 10:13:26 PM Microsoft-Windows-Dhcp-Client 50104 Service State Event DHCPv4 client received shutdown notification
  231. Information 10/4/2019 10:13:26 PM EventLog 6006 None The Event log service was stopped.
  232. Information 10/4/2019 10:13:22 PM Microsoft-Windows-Kernel-General 16 None The access history in hive \??\C:\WINDOWS\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\State\migration.dat was cleared updating 1 keys and creating 1 modified pages.
  233. Information 10/4/2019 10:12:49 PM Microsoft-Windows-Kernel-General 15 None Hive \SystemRoot\System32\SMI\Store\Machine\schema.dat was reorganized with a starting size of 11685888 bytes and an ending size of 11685888 bytes.
  234. Information 10/4/2019 10:12:43 PM Microsoft-Windows-Kernel-General 15 None Hive \??\C:\WINDOWS\System32\config\COMPONENTS was reorganized with a starting size of 47595520 bytes and an ending size of 47607808 bytes.
  235. Error 10/4/2019 10:12:41 PM Service Control Manager 7023 None "The Update Orchestrator Service service terminated with the following error:
  236. This operation returned because the timeout period expired."
  237. Information 10/4/2019 10:12:35 PM Microsoft-Windows-Winlogon 7002 (1102) User Logoff Notification for Customer Experience Improvement Program
  238. Error 10/4/2019 10:12:34 PM Microsoft-Windows-DistributedCOM 10010 None The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
  239. Error 10/4/2019 10:12:34 PM Microsoft-Windows-DistributedCOM 10010 None The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
  240. Information 10/4/2019 10:12:29 PM Application Popup 26 None "Application popup: Acrobat.exe - Application Error : The instruction at 0x00000000662F9584 referenced memory at 0x00000000662F9584. The memory could not be written.
  241.  
  242. Click on OK to terminate the program"
  243. Information 10/4/2019 10:12:27 PM Microsoft-Windows-Power-Troubleshooter 1 None "The system has returned from a low power state.
  244.  
  245. Sleep Time: ‎2019‎-‎04‎-‎10T14:10:39.751411500Z
  246. Wake Time: ‎2019‎-‎04‎-‎10T14:12:26.851032700Z
  247.  
  248. Wake Source: Timer - Windows will execute 'NT TASK\Microsoft\Windows\UpdateOrchestrator\Reboot' scheduled task that requested waking the computer."
  249. Warning 10/4/2019 10:12:26 PM Microsoft-Windows-Time-Service 134 None NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
  250. Information 10/4/2019 10:12:26 PM Microsoft-Windows-Kernel-Boot 27 (33) The boot type was 0x2.
  251. Information 10/4/2019 10:12:26 PM Microsoft-Windows-Kernel-Boot 25 (32) The boot menu policy was 0x375FE000.
  252. Information 10/4/2019 10:12:26 PM Microsoft-Windows-Kernel-Boot 32 (58) The bootmgr spent 0 ms waiting for user input.
  253. Information 10/4/2019 10:12:26 PM Microsoft-Windows-Kernel-Boot 18 (57) There are 0x1 boot options on this system.
  254. Information 10/4/2019 10:12:26 PM Microsoft-Windows-Kernel-Boot 30 (21) The firmware reported boot metrics.
  255. Information 10/4/2019 10:12:25 PM Microsoft-Windows-Kernel-General 1 (5) "The system time has changed to ‎2019‎-‎04‎-‎10T14:12:25.500000000Z from ‎2019‎-‎04‎-‎10T14:10:44.777296100Z.
  256.  
  257. Change Reason: System time synchronized with the hardware clock.
  258. Process: '' (PID 4)."
  259. Information 10/4/2019 10:10:44 PM Microsoft-Windows-Kernel-Power 107 (102) The system has resumed from sleep.
  260. Information 10/4/2019 10:10:40 PM Microsoft-Windows-Kernel-Power 42 (64) "The system is entering sleep.
  261.  
  262. Sleep Reason: System Idle"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!