Continuous Improvement - Event Log Investigation

[rsoyxihnark]

CONFIRMED SPAMMER, REMOVAL APPROVED

ID - SOURCE - LOG 1108 - Eventlog - The event logging service encountered an error while processing an incoming event published from Microsoft-Windows-Security-Auditing. 6062 - Netwtw10 - Lso was triggered 8233 - Security-SPP - The rules engine reported a failed VL activation attempt

28 - Error setting traits on Provider {77811378-e885-4ac2-a580-bc86e4f1bc93}. Error: 0xC0000005 46 - Crash dump initialization failed! 167 - The hypervisor did not enable mitigations for side channel vulnerabilities for virtual machines because HyperThreading is enabled. To enable mitigations for virtual machines, disable HyperThreading. 219 - The driver \Driver\WUDFRd failed to load for the device PCI\VEN_8086&DEV_9A03&SUBSYS_1354152D&REV_05\3&11583659&0&20. 360 - Windows Hello for Business provisioning will not be launched. 1016 - DCOM The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 6155 - LSA package is not signed as expected. This can cause unexpected behavior with Credential Guard. - PackageName: kerberos 10002 - WLAN Extensibility Module has stopped. 10006 - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID - Windows.SecurityCenter.WscDataProtection

[rsoyxihnark]

block known EventLog spammers.

• ID: 6062 - Netwt10 - Lso was triggered
• ID: 1108 - Event Log - The event logging service encountered an error while processing an incoming event published from Microsoft-Windows-Security-Auditing.