Level Date and Time Source Event ID Task Category Information 6/22/2021 8:09:23 AM VSS 8224 None The VSS service is shutting down due to idle timeout. Information 6/22/2021 8:05:22 AM edgeupdate 0 None Service stopped. Information 6/22/2021 8:04:53 AM Microsoft-Windows-Security-SPP 16384 None Successfully scheduled Software Protection service for re-start at 2121-05-29T12:04:53Z. Reason: RulesEngine. Information 6/22/2021 8:02:40 AM Microsoft-Windows-Security-SPP 16394 None Offline downlevel migration succeeded. Information 6/22/2021 7:59:50 AM VSS 8224 None The VSS service is shutting down due to idle timeout. Information 6/22/2021 7:58:24 AM Microsoft-Windows-Security-SPP 16384 None Successfully scheduled Software Protection service for re-start at 2121-05-29T11:58:24Z. Reason: RulesEngine. Information 6/22/2021 7:57:41 AM CbDefense 17 None Information: The application C:\program files\windowsapps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\hxtsr.exe attempted to establish a TCP/443 connection to 152.195.19.97:443 from 192.168.10.37:63480. The operation was blocked by Carbon Black Cloud. Information 6/22/2021 7:57:41 AM CbDefense 17 None Information: The application C:\program files\windowsapps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\hxtsr.exe attempted to establish a TCP/443 connection to 23.194.120.77:443 from 192.168.10.37:63479. The operation was blocked by Carbon Black Cloud. Information 6/22/2021 7:57:40 AM CbDefense 17 None Information: The application C:\program files\windowsapps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\hxoutlook.exe attempted to establish a TCP/443 connection to 52.109.20.75:443 from 192.168.10.37:63478. The operation was blocked by Carbon Black Cloud. Information 6/22/2021 7:57:40 AM Microsoft-Windows-Security-SPP 16394 None Offline downlevel migration succeeded. Information 6/22/2021 7:57:29 AM Microsoft-Windows-Security-SPP 16384 None Successfully scheduled Software Protection service for re-start at 2121-05-29T11:57:29Z. Reason: RulesEngine. Information 6/22/2021 7:56:52 AM DDVCollectorSvcApi 0 None The operation completed successfully. Information 6/22/2021 7:56:51 AM Microsoft-Windows-Security-SPP 16394 None Offline downlevel migration succeeded. Information 6/22/2021 7:56:51 AM Microsoft-Windows-Security-SPP 900 None "The Software Protection service is starting. Parameters:" Information 6/22/2021 7:56:50 AM gupdate 0 None The operation completed successfully. Information 6/22/2021 7:56:50 AM edgeupdate 0 None Service stopped. Information 6/22/2021 7:56:50 AM DellClientManagementService 0 None Service started successfully. Information 6/22/2021 7:56:47 AM Dell SupportAssist Remediation 0 None Service started successfully. Information 6/22/2021 7:56:47 AM Dell Hardware Support 0 None Service started successfully. Information 6/22/2021 7:56:45 AM AESMService 0 None AESMService: Service started/resumed Information 6/22/2021 7:56:25 AM CbDefense 17 None Information: The application C:\program files\windowsapps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\hxtsr.exe attempted to establish a TCP/443 connection to 52.167.17.97:443 from 192.168.10.37:49973. The operation was blocked by Carbon Black Cloud. Information 6/22/2021 7:56:25 AM CbDefense 17 None Information: The application C:\program files\windowsapps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\hxtsr.exe attempted to establish a TCP/443 connection to 13.107.5.88:443 from 192.168.10.37:49974. The operation was blocked by Carbon Black Cloud. Information 6/22/2021 7:55:46 AM CbDefense 17 None Information: BACKGROUND_SCAN: COMPLETE. Information 6/22/2021 7:55:39 AM igfxCUIService2.0.0.0 0 None The operation completed successfully. Information 6/22/2021 7:55:39 AM Microsoft-Windows-Winlogon 6000 None The winlogon notification subscriber was unavailable to handle a notification event. Information 6/22/2021 7:55:38 AM Microsoft-Windows-Security-SPP 903 None "The Software Protection service has stopped. " Information 6/22/2021 7:55:38 AM Microsoft-Windows-Security-SPP 16384 None Successfully scheduled Software Protection service for re-start at 2121-05-29T11:55:38Z. Reason: RulesEngine. Information 6/22/2021 7:55:38 AM igfxCUIService2.0.0.0 0 None The operation completed successfully. Information 6/22/2021 7:55:38 AM igfxCUIService2.0.0.0 0 None The operation completed successfully. Information 6/22/2021 7:55:36 AM Microsoft-Windows-Search-ProfileNotify 5 None "Windows Search Service has created default configuration for new user 'CORP-NJ\Anna.Sarkisian' . " Information 6/22/2021 7:55:36 AM Microsoft-Windows-Winlogon 6003 None The winlogon notification subscriber was unavailable to handle a critical notification event. Information 6/22/2021 7:55:19 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\Darko.Bozilovic' successfully removed in response to user profile deletion. " Information 6/22/2021 7:55:19 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\Darko.Bozilovic' successfully removed in response to user profile deletion. " Information 6/22/2021 7:55:19 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\Darko.Bozilovic' successfully removed in response to user profile deletion. " Information 6/22/2021 7:55:12 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\eric.biederman' successfully removed in response to user profile deletion. " Information 6/22/2021 7:55:12 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\eric.biederman' successfully removed in response to user profile deletion. " Information 6/22/2021 7:55:12 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\eric.biederman' successfully removed in response to user profile deletion. " Information 6/22/2021 7:55:07 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\james.cumberland' successfully removed in response to user profile deletion. " Information 6/22/2021 7:55:07 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\james.cumberland' successfully removed in response to user profile deletion. " Information 6/22/2021 7:55:07 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\james.cumberland' successfully removed in response to user profile deletion. " Information 6/22/2021 7:55:02 AM SecurityCenter 15 None Updated Windows Defender status successfully to SECURITY_PRODUCT_STATE_OFF. Information 6/22/2021 7:55:02 AM SecurityCenter 15 None Updated Windows Defender status successfully to SECURITY_PRODUCT_STATE_ON. Information 6/22/2021 7:55:02 AM SecurityCenter 15 None Updated Carbon Black Cloud status successfully to SECURITY_PRODUCT_STATE_ON. Information 6/22/2021 7:54:56 AM Windows Error Reporting 1001 None "Fault bucket 1454144528969960194, type 5 Event Name: MpTelemetry Response: Not available Cab Id: 0 Problem signature: P1: unspecified P2: HardeningTelemetry P3: HardeningTelemetryDisableAS P4: 4.18.1909.6 P5: unspecified P6: unspecified P7: unspecified P8: P9: P10: Attached files: \\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER6EA9.tmp.WERInternalMetadata.xml These files may be available here: \\?\C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_unspecified_83c4c02d85e0f0a09e833b59aa6be6e2117b361d_00000000_2cea257e-30a2-4dd2-8015-80cc293ec928 Analysis symbol: Rechecking for solution: 0 Report Id: 2cea257e-30a2-4dd2-8015-80cc293ec928 Report Status: 268435456 Hashed bucket: d4370a7f576b33d6842e28bea5550b02 Cab Guid: 0" Information 6/22/2021 7:54:55 AM Windows Error Reporting 1001 None "Fault bucket 1893641917150752350, type 5 Event Name: MpTelemetry Response: Not available Cab Id: 0 Problem signature: P1: unspecified P2: HardeningTelemetry P3: HardeningTelemetryDisableAV P4: 4.18.1909.6 P5: unspecified P6: unspecified P7: unspecified P8: P9: P10: Attached files: \\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER665B.tmp.WERInternalMetadata.xml These files may be available here: \\?\C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_unspecified_f6be9ed36c54ff773e22e2ba3c6583c66eff8_00000000_64def83e-d4a8-4468-b13d-344991f200fe Analysis symbol: Rechecking for solution: 0 Report Id: 64def83e-d4a8-4468-b13d-344991f200fe Report Status: 268435456 Hashed bucket: ef9bd283d37435801a47914a6b8f6e5e Cab Guid: 0" Information 6/22/2021 7:54:52 AM Windows Error Reporting 1001 None "Fault bucket , type 0 Event Name: MpTelemetry Response: Not available Cab Id: 0 Problem signature: P1: unspecified P2: HardeningTelemetry P3: HardeningTelemetryDisableAS P4: 4.18.1909.6 P5: unspecified P6: unspecified P7: unspecified P8: P9: P10: Attached files: These files may be available here: \\?\C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_unspecified_83c4c02d85e0f0a09e833b59aa6be6e2117b361d_00000000_2cea257e-30a2-4dd2-8015-80cc293ec928 Analysis symbol: Rechecking for solution: 0 Report Id: 2cea257e-30a2-4dd2-8015-80cc293ec928 Report Status: 4 Hashed bucket: Cab Guid: 0" Information 6/22/2021 7:54:52 AM Windows Error Reporting 1001 None "Fault bucket , type 0 Event Name: MpTelemetry Response: Not available Cab Id: 0 Problem signature: P1: unspecified P2: HardeningTelemetry P3: HardeningTelemetryDisableAV P4: 4.18.1909.6 P5: unspecified P6: unspecified P7: unspecified P8: P9: P10: Attached files: These files may be available here: \\?\C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_unspecified_f6be9ed36c54ff773e22e2ba3c6583c66eff8_00000000_64def83e-d4a8-4468-b13d-344991f200fe Analysis symbol: Rechecking for solution: 0 Report Id: 64def83e-d4a8-4468-b13d-344991f200fe Report Status: 4 Hashed bucket: Cab Guid: 0" Information 6/22/2021 7:54:48 AM SecurityCenter 15 None Updated Windows Defender status successfully to SECURITY_PRODUCT_STATE_ON. Information 6/22/2021 7:54:47 AM Microsoft-Windows-Search 1003 Search service The Windows Search Service started. Information 6/22/2021 7:54:47 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\Anna.Sarkisian' successfully removed in response to user profile deletion. " Information 6/22/2021 7:54:47 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\Anna.Sarkisian' successfully removed in response to user profile deletion. " Information 6/22/2021 7:54:47 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\Anna.Sarkisian' successfully removed in response to user profile deletion. " Information 6/22/2021 7:54:47 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\Anna.Sarkisian' successfully removed in response to user profile deletion. " Information 6/22/2021 7:54:47 AM Microsoft-Windows-Search-ProfileNotify 1 None "Windows Search Service indexed data for user 'CORP-NJ\Anna.Sarkisian' successfully removed in response to user profile deletion. " Information 6/22/2021 7:54:47 AM ESENT 326 General "SearchIndexer (11028,D,50) Windows: The database engine attached a database (1, C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb). (Time=0 seconds) Saved Cache: 0 0 Additional Data: lgposAttach = 0000032D:00C0:0268, dbv = 1568.110.240 Internal Timing Sequence: [1] 0.000004 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K) [2] 0.000901 -0.000251 (1) WT +J(0) +M(C:0K, Fs:25, WS:36K # 0K, PF:32K # 0K, P:32K) [3] 0.003530 -0.000753 (6) WT +J(CM:0, PgRf:0, Rd:0/0, Dy:0/0, Lg:3480/2) +M(C:0K, Fs:48, WS:152K # 0K, PF:144K # 0K, P:144K) [4] 0.000229 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K) [5] - [6] - [7] - [8] 0.001106 -0.000711 (2) CM +J(CM:2, PgRf:2, Rd:14/2, Dy:0/0, Lg:54/1) +M(C:0K, Fs:56, WS:220K # 0K, PF:696K # 0K, P:696K) [9] 0.015601 -0.000181 (5) CM -0.015237 (1) WT +J(CM:5, PgRf:23, Rd:0/5, Dy:0/0, Lg:0/0) +M(C:0K, Fs:68, WS:272K # 28K, PF:288K # 208K, P:288K) [10] 0.000176 -0.000099 (1) CM +J(CM:1, PgRf:40, Rd:0/1, Dy:0/0, Lg:0/0) +M(C:0K, Fs:11, WS:44K # 44K, PF:96K # 96K, P:96K) [11] 0.000012 +J(CM:0, PgRf:1, Rd:0/0, Dy:0/0, Lg:0/0) +M(C:0K, Fs:1, WS:4K # 4K, PF:0K # 0K, P:0K) [12] 0.000045 +J(CM:0, PgRf:42, Rd:0/0, Dy:0/0, Lg:0/0) +M(C:0K, Fs:3, WS:12K # 12K, PF:0K # 0K, P:0K) [13] 0.0 +J(0) [14] 0.0 +J(0) [15] 0.000005 +J(CM:0, PgRf:1, Rd:0/0, Dy:0/0, Lg:0/0)." Information 6/22/2021 7:54:47 AM ESENT 105 General "SearchIndexer (11028,D,0) Windows: The database engine started a new instance (0). (Time=0 seconds) Additional Data: Internal Timing Sequence: [1] 0.000801 +J(0) +M(C:0K, Fs:220, WS:852K # 852K, PF:5452K # 5452K, P:5452K) [2] 0.000305 +J(0) +M(C:0K, Fs:245, WS:972K # 972K, PF:444K # 444K, P:444K) [3] 0.000045 +J(0) +M(C:0K, Fs:10, WS:40K # 40K, PF:64K # 64K, P:64K) [4] 0.000091 +J(0) +M(C:0K, Fs:29, WS:116K # 116K, PF:352K # 352K, P:352K) [5] 0.000951 +J(0) +M(C:0K, Fs:15, WS:60K # 60K, PF:20K # 20K, P:20K) [6] 0.002590 +J(0) +M(C:0K, Fs:24, WS:92K # 92K, PF:16K # 16K, P:16K) [7] 0.003127 -0.001416 (2) WT +J(0) +M(C:0K, Fs:270, WS:1080K # 1080K, PF:1028K # 1028K, P:1028K) [8] - [9] - [10] - [11] - [12] - [13] 0.005348 -0.000163 (1) WT +J(CM:0, PgRf:0, Rd:0/0, Dy:0/0, Lg:616/1) +M(C:0K, Fs:8, WS:-1000K # 24K, PF:-1020K # 12K, P:-1020K) [14] 0.000020 +J(0) +M(C:0K, Fs:3, WS:12K # 0K, PF:8K # 0K, P:8K) [15] 0.000053 +J(0) +M(C:0K, Fs:65, WS:260K # 0K, PF:64K # 0K, P:64K) [16] 0.000083 +J(0) +M(C:0K, Fs:2, WS:0K # 0K, PF:0K # 0K, P:0K)." Information 6/22/2021 7:54:47 AM ESENT 102 General SearchIndexer (11028,P,98) Windows: The database engine (10.00.19042.0000) is starting a new instance (0). Information 6/22/2021 7:54:46 AM SecurityCenter 15 None Updated Carbon Black Cloud status successfully to SECURITY_PRODUCT_STATE_OFF. Information 6/22/2021 7:54:46 AM SecurityCenter 15 None Updated Carbon Black Cloud status successfully to SECURITY_PRODUCT_STATE_OFF. Information 6/22/2021 7:54:46 AM SecurityCenter 15 None Updated Carbon Black Cloud status successfully to SECURITY_PRODUCT_STATE_OFF. Information 6/22/2021 7:54:45 AM Microsoft-Windows-Security-SPP 902 None "The Software Protection service has started. 10.0.19041.867" Information 6/22/2021 7:54:44 AM Microsoft-Windows-Security-SPP 1003 None "The Software Protection service has completed licensing status check. Application Id=55c92734-d682-4d71-983e-d6ec3f16059f Licensing Status= 1: 040fa323-92b1-4baf-97a2-5b67feaefddb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 2: 0724cb7d-3437-4cb7-93cb-830375d0079d, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 3: 0ad2ac98-7bb9-4201-8d92-312299201369, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 4: 1a9a717a-cf13-4ba5-83c3-0fe25fa868d5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 5: 221a02da-e2a1-4b75-864c-0a4410a33fdf, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 6: 291ece0e-9c38-40ca-a9e1-32cc7ec19507, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 7: 2936d1d2-913a-4542-b54e-ce5a602a2a38, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 8: 2c293c26-a45a-4a2a-a350-c69a67097529, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 9: 2de67392-b7a7-462a-b1ca-108dd189f588, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 10: 2ffd8952-423e-4903-b993-72a1aa44cf82, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 11: 30a42c86-b7a0-4a34-8c90-ff177cb2acb7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 12: 345a5db0-d94f-4e3b-a0c0-7c42f7bc3ebf, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 13: 3502365a-f88a-4ba4-822a-5769d3073b65, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 14: 377333b1-8b5d-48d6-9679-1225c872d37c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 15: 3df374ef-d444-4494-a5a1-4b0d9fd0e203, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 16: 3f1afc82-f8ac-4f6c-8005-1d233e606eee, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 17: 49cd895b-53b2-4dc4-a5f7-b18aa019ad37, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 18: 4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 19: 4f3da0d2-271d-4508-ae81-626b60809a38, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 20: 60b3ec1b-9545-4921-821f-311b129dd6f6, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 21: 613d217f-7f13-4268-9907-1662339531cd, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 22: 62f0c100-9c53-4e02-b886-a3528ddfe7f6, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 23: 6365275e-368d-46ca-a0ef-fc0404119333, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 24: 721f9237-9341-4453-a661-09e8baa6cca5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 25: 73111121-5638-40f6-bc11-f1d7b0d64300, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 26: 7a802526-4c94-4bd1-ba14-835a1aca2120, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 27: 7cb546c0-c7d5-44d8-9a5c-69ecdd782b69, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 28: 82bbc092-bc50-4e16-8e18-b74fc486aec3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 29: 8ab9bdd1-1f67-4997-82d9-8878520837d9, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 30: 8b351c9c-f398-4515-9900-09df49427262, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 31: 90da7373-1c51-430b-bf26-c97e9c5cdc31, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 32: 95dca82f-385d-4d39-b85b-5c73fa285d6f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 33: a48938aa-62fa-4966-9d44-9f04da3f72f2, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 34: b0773a15-df3a-4312-9ad2-83d69648e356, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 35: b4bfe195-541e-4e64-ad23-6177f19e395e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 36: b68e61d2-68ca-4757-be45-0cc2f3e68eee, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 37: bd3762d7-270d-4760-8fb3-d829ca45278a, 1, 1 [(0 )(1 )(2 [0x00000000, 1, 0], [(?)( 1 0x00000000)(?)(?)(?)(?)( 10 0x00000000 msft:rm/algorithm/flags/1.0)(?)])(3 )] 38: c86d5194-4840-4dae-9c1c-0301003a5ab0, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 39: d552befb-48cc-4327-8f39-47d2d94f987c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 40: d6eadb3b-5ca8-4a6b-986e-35b550756111, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 41: df96023b-dcd9-4be2-afa0-c6c871159ebe, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 42: e0c42288-980c-4788-a014-c080d2e1926e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 43: e4db50ea-bda1-4566-b047-0ca50abc6f07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 44: e558417a-5123-4f6f-91e7-385c1c7ca9d4, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 45: e7a950a2-e548-4f10-bf16-02ec848e0643, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 46: eb6d346f-1c60-4643-b960-40ec31596c45, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 47: ec868e65-fadf-4759-b23e-93fe37f2cc29, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 48: ef51e000-2659-4f25-8345-3de70a9cf4c4, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 49: f7af7d09-40e4-419c-a49b-eae366689ebd, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 50: fa755fe6-6739-40b9-8d84-6d0ea3b6d1ab, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] 51: fe74f55b-0338-41d6-b267-4a201abe7285, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )] " Information 6/22/2021 7:54:44 AM CbDefense 1 None Success: CbDefense Debug Port has been opened. Information 6/22/2021 7:54:44 AM Microsoft-Windows-Security-SPP 1066 None "Initialization status for service objects. C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/inherited/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/detect, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/ActionScheduler/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/statecollector/pkey, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000 C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/activationinfo/1.0, 0x00000000, 0x00000000 " Information 6/22/2021 7:54:44 AM CbDefense 1 None Success: The CbDefense Service version 3.6.0.1979 has started. CbShared[103552] Policy[666] FileAnalysis[240] Proto[454]. Information 6/22/2021 7:54:44 AM Microsoft-Windows-Security-SPP 16394 None Offline downlevel migration succeeded. Information 6/22/2021 7:54:43 AM Microsoft-Windows-Security-SPP 900 None "The Software Protection service is starting. Parameters:TriggerStarted:6" Information 6/22/2021 7:54:43 AM SceCli 1704 None Security policy in the Group policy objects has been applied successfully. Information 6/22/2021 7:54:43 AM SecurityCenter 1 None The Windows Security Center Service has started. Information 6/22/2021 7:54:42 AM KAPSService 0 None Service started successfully. Information 6/22/2021 7:54:42 AM KAPSService 0 None Starting KAPS.exe Information 6/22/2021 7:54:42 AM KAPSService 0 None envar KAPSS_HOME=C:\Windows\System32\drivers\RivetNetworks\Killer Information 6/22/2021 7:54:41 AM igccservice 0 None Service started successfully. Information 6/22/2021 7:54:41 AM dwmrcs 105 Service "The service was started. Listening on port: 6129 Protocol Family: AF_INET6 Listening on port: 6129 Protocol Family: AF_INET Service: C:\Windows\dwrcs\DWRCS.EXE -service (srv 64 bit) " Information 6/22/2021 7:54:41 AM Service1 0 None Service started successfully. Information 6/22/2021 7:54:41 AM LMS 0 None "The description for Event ID 0 from source LMS cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: Service started/resumed The message resource is present but the message was not found in the message table " Information 6/22/2021 7:54:41 AM LMS 2000 LMS Local Management Service started. Information 6/22/2021 7:54:41 AM RtkAudioUniversalService 0 None The operation completed successfully. Information 6/22/2021 7:54:41 AM AdobeARMservice 0 None The operation completed successfully. Information 6/22/2021 7:54:40 AM Service1 0 None Service started successfully. Information 6/22/2021 7:54:40 AM IntelDalJhi 0 None "The description for Event ID 0 from source IntelDalJhi cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: The specified resource type cannot be found in the image file " Information 6/22/2021 7:54:40 AM Killer Analytics Service 0 None The operation completed successfully. Information 6/22/2021 7:54:40 AM Killer Analytics Service 16 (1) The directory cannot be removed. Information 6/22/2021 7:54:40 AM Microsoft-Windows-WMI 5617 None Windows Management Instrumentation Service subsystems initialized successfully Information 6/22/2021 7:54:39 AM Microsoft-Windows-WMI 5615 None Windows Management Instrumentation Service started sucessfully Information 6/22/2021 7:54:39 AM Microsoft-Windows-User Profiles Service 1531 None "The User Profile Service has started successfully. " Information 6/22/2021 7:54:39 AM igfxCUIService2.0.0.0 0 None The operation completed successfully. Information 6/22/2021 7:54:39 AM Desktop Window Manager 9027 None The Desktop Window Manager has registered the session port. Information 6/22/2021 7:54:39 AM Microsoft-Windows-EventSystem 4625 None The EventSystem sub system is suppressing duplicate event log entries for a duration of 86400 seconds. The suppression timeout can be controlled by a REG_DWORD value named SuppressDuplicateDuration under the following registry key: HKLM\Software\Microsoft\EventSystem\EventLog. Information 6/21/2021 5:02:34 PM Microsoft-Windows-User Profiles Service 1532 None "The User Profile Service has stopped. " Information 6/21/2021 5:02:34 PM igccservice 0 None Service has been successfully shut down. Information 6/21/2021 5:02:34 PM Service1 0 None Service has been successfully shut down. Information 6/21/2021 5:02:34 PM Microsoft-Windows-MSDTC 4111 SVC The MS DTC service is stopping. Information 6/21/2021 5:02:29 PM KAPSService 0 None Child process [7868 - KAPS.exe ] terminated with -1 Information 6/21/2021 5:02:29 PM KAPSService 0 None Service stopped successfully.