Skip to content

Instantly share code, notes, and snippets.

@benblamey

benblamey/BITSissue.csv

Created August 5, 2015 10:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save benblamey/be97b978cdf5bd685a9d to your computer and use it in GitHub Desktop.
Save benblamey/be97b978cdf5bd685a9d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
BITSissue.csv
Time of Day Process Name PID Operation Path Result Detail
10:36:29.1954256 svchost.exe 1340 DeviceIoControl \Device\Mup NO MORE MATCHES Control: 0x1403a4 (Device:0x14 Function:233 Method: 0)
10:36:29.4910912 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:30.2330500 svchost.exe 1340 DeviceIoControl \Device\Mup NO MORE MATCHES Control: 0x1403a4 (Device:0x14 Function:233 Method: 0)
10:36:31.2167575 svchost.exe 1340 DeviceIoControl \Device\Mup NO MORE MATCHES Control: 0x1403a4 (Device:0x14 Function:233 Method: 0)
10:36:31.3223417 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:31.4495830 svchost.exe 264 Thread Create SUCCESS Thread ID: 1036
10:36:31.4652202 svchost.exe 264 RegOpenKey HKLM SUCCESS Desired Access: Maximum Allowed, Granted Access: All Access
10:36:31.4652908 svchost.exe 264 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
10:36:31.4653258 svchost.exe 264 RegOpenKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS SUCCESS Desired Access: Maximum Allowed, Granted Access: All Access
10:36:31.4653976 svchost.exe 264 RegCloseKey HKLM SUCCESS
10:36:31.4654332 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\LogFileSize SUCCESS Type: REG_DWORD, Length: 4, Data: 1
10:36:31.4654827 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\LogFileFlags SUCCESS Type: REG_DWORD, Length: 4, Data: 0
10:36:31.4655086 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\LogFileMinMemory SUCCESS Type: REG_DWORD, Length: 4, Data: 120
10:36:31.4655376 svchost.exe 264 RegCloseKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS SUCCESS
10:36:31.4659805 svchost.exe 264 RegOpenKey HKLM SUCCESS Desired Access: Maximum Allowed, Granted Access: All Access
10:36:31.4660276 svchost.exe 264 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
10:36:31.4660644 svchost.exe 264 RegCreateKey HKLM\SYSTEM\CurrentControlSet\Services\BITS\Performance REPARSE Desired Access: Query Value, Set Value
10:36:31.4661157 svchost.exe 264 RegCreateKey HKLM\System\CurrentControlSet\Services\BITS\Performance SUCCESS Desired Access: Query Value, Set Value
10:36:31.4661754 svchost.exe 264 RegCloseKey HKLM SUCCESS
10:36:31.4662098 svchost.exe 264 RegQueryValue HKLM\System\CurrentControlSet\Services\BITS\Performance\First Counter SUCCESS Type: REG_DWORD, Length: 4, Data: 4700
10:36:31.4662400 svchost.exe 264 RegQueryValue HKLM\System\CurrentControlSet\Services\BITS\Performance\First Help SUCCESS Type: REG_DWORD, Length: 4, Data: 4701
10:36:31.4662629 svchost.exe 264 RegQueryValue HKLM\System\CurrentControlSet\Services\BITS\Performance\Last Counter SUCCESS Type: REG_DWORD, Length: 4, Data: 4716
10:36:31.4662859 svchost.exe 264 RegQueryValue HKLM\System\CurrentControlSet\Services\BITS\Performance\Last Help SUCCESS Type: REG_DWORD, Length: 4, Data: 4717
10:36:31.4663438 svchost.exe 264 RegSetValue HKLM\System\CurrentControlSet\Services\BITS\Performance\PerfMMFileName SUCCESS Type: REG_SZ, Length: 36, Data: Global\MMF_BITS_s
10:36:31.4666763 svchost.exe 264 RegCloseKey HKLM\System\CurrentControlSet\Services\BITS\Performance SUCCESS
10:36:31.4672973 svchost.exe 264 CreateFile C:\ProgramData NAME COLLISION Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: 0
10:36:31.4677963 svchost.exe 264 CreateFile C:\ProgramData SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:36:31.4678820 svchost.exe 264 QueryBasicInformationFile C:\ProgramData SUCCESS CreationTime: 22/08/2013 14:36:15, LastAccessTime: 16/06/2015 06:25:48, LastWriteTime: 16/06/2015 06:25:48, ChangeTime: 16/06/2015 06:25:48, FileAttributes: HDNCI
10:36:31.4679273 svchost.exe 264 CloseFile C:\ProgramData SUCCESS
10:36:31.4684577 svchost.exe 264 CreateFile C:\ProgramData\Microsoft\Network SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:36:31.4685301 svchost.exe 264 QueryBasicInformationFile C:\ProgramData\Microsoft\Network SUCCESS CreationTime: 05/08/2015 10:34:47, LastAccessTime: 05/08/2015 10:34:47, LastWriteTime: 05/08/2015 10:34:47, ChangeTime: 05/08/2015 10:34:47, FileAttributes: DNCI
10:36:31.4685651 svchost.exe 264 CloseFile C:\ProgramData\Microsoft\Network SUCCESS
10:36:31.4690171 svchost.exe 264 CreateFile C:\ProgramData\Microsoft\Network\Downloader SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:36:31.4691830 svchost.exe 264 QueryBasicInformationFile C:\ProgramData\Microsoft\Network\Downloader SUCCESS CreationTime: 05/08/2015 10:34:47, LastAccessTime: 05/08/2015 10:34:47, LastWriteTime: 05/08/2015 10:34:47, ChangeTime: 05/08/2015 10:34:53, FileAttributes: DNCI
10:36:31.4692186 svchost.exe 264 CloseFile C:\ProgramData\Microsoft\Network\Downloader SUCCESS
10:36:31.4693261 svchost.exe 264 RegOpenKey HKLM SUCCESS Desired Access: Maximum Allowed, Granted Access: All Access
10:36:31.4693942 svchost.exe 264 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
10:36:31.4694298 svchost.exe 264 RegOpenKey HKLM\System\CurrentControlSet\Control\BackupRestore\FilesNotToBackup REPARSE Desired Access: Query Value, Set Value
10:36:31.4694751 svchost.exe 264 RegOpenKey HKLM\System\CurrentControlSet\Control\BackupRestore\FilesNotToBackup SUCCESS Desired Access: Query Value, Set Value
10:36:31.4695306 svchost.exe 264 RegCloseKey HKLM SUCCESS
10:36:31.4695656 svchost.exe 264 RegQueryValue HKLM\System\CurrentControlSet\Control\BackupRestore\FilesNotToBackup\BITS_metadata SUCCESS Type: REG_MULTI_SZ, Length: 94, Data: C:\ProgramData\Microsoft\Network\Downloader\*
10:36:31.4696012 svchost.exe 264 RegQueryValue HKLM\System\CurrentControlSet\Control\BackupRestore\FilesNotToBackup\BITS_metadata SUCCESS Type: REG_MULTI_SZ, Length: 94, Data: C:\ProgramData\Microsoft\Network\Downloader\*
10:36:31.4696332 svchost.exe 264 RegQueryValue HKLM\System\CurrentControlSet\Control\BackupRestore\FilesNotToBackup\BITS_metadata SUCCESS Type: REG_MULTI_SZ, Length: 94, Data: C:\ProgramData\Microsoft\Network\Downloader\*
10:36:31.4696640 svchost.exe 264 RegCloseKey HKLM\System\CurrentControlSet\Control\BackupRestore\FilesNotToBackup SUCCESS
10:36:31.4696911 svchost.exe 264 RegOpenKey HKLM SUCCESS Desired Access: Maximum Allowed, Granted Access: All Access
10:36:31.4705939 svchost.exe 264 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
10:36:31.4706440 svchost.exe 264 RegOpenKey HKLM\Software\Policies\Microsoft\Windows\BITS NAME NOT FOUND Desired Access: Maximum Allowed
10:36:31.4707013 svchost.exe 264 RegCloseKey HKLM SUCCESS
10:36:31.4707423 svchost.exe 264 RegOpenKey HKLM SUCCESS Desired Access: Maximum Allowed, Granted Access: All Access
10:36:31.4707918 svchost.exe 264 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
10:36:31.4708232 svchost.exe 264 RegCreateKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS SUCCESS Desired Access: All Access
10:36:31.4708673 svchost.exe 264 RegCloseKey HKLM SUCCESS
10:36:31.4708938 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\JobInactivityTimeout SUCCESS Type: REG_DWORD, Length: 4, Data: 7776000
10:36:31.4709312 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\TimeQuantaLength SUCCESS Type: REG_DWORD, Length: 4, Data: 300
10:36:31.4709566 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\JobNoProgressTimeout SUCCESS Type: REG_DWORD, Length: 4, Data: 1209600
10:36:31.4709819 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\JobMinimumRetryDelay SUCCESS Type: REG_DWORD, Length: 4, Data: 600
10:36:31.4710067 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\TransferBufferSize NAME NOT FOUND Length: 144
10:36:31.4710398 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\SleepAtCallbackBegin NAME NOT FOUND Length: 144
10:36:31.4710616 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\SleepAtCallbackEnd NAME NOT FOUND Length: 144
10:36:31.4710827 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\SleepAtCallbackDuration NAME NOT FOUND Length: 144
10:36:31.4711032 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\TestFlags NAME NOT FOUND Length: 144
10:36:31.4711237 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\ForceFileFlush NAME NOT FOUND Length: 144
10:36:31.4711442 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\CacheRetryIntervalMsec SUCCESS Type: REG_DWORD, Length: 4, Data: 1000
10:36:31.4711684 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\MaximumForegroundCacheRetries SUCCESS Type: REG_DWORD, Length: 4, Data: 5
10:36:31.4711925 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\MaximumBackgroundCacheRetries SUCCESS Type: REG_DWORD, Length: 4, Data: 15
10:36:31.4723783 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\UseLmCompat SUCCESS Type: REG_DWORD, Length: 4, Data: 2
10:36:31.4724700 svchost.exe 264 RegOpenKey HKLM\Software\Policies\Microsoft\SQMClient\Windows NAME NOT FOUND Desired Access: Read
10:36:31.4725098 svchost.exe 264 RegOpenKey HKLM\Software\Microsoft\SQMClient\Windows SUCCESS Desired Access: Read
10:36:31.4725436 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable SUCCESS Type: REG_DWORD, Length: 4, Data: 0
10:36:31.4725720 svchost.exe 264 RegCloseKey HKLM\SOFTWARE\Microsoft\SQMClient\Windows SUCCESS
10:36:31.4725992 svchost.exe 264 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\BITSRealisticEstimate NAME NOT FOUND Length: 144
10:36:31.4735399 svchost.exe 264 QueryNameInformationFile C:\Windows\System32\svchost.exe SUCCESS Name: \Windows\System32\svchost.exe
10:36:31.4792009 svchost.exe 264 RegCloseKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS SUCCESS
10:36:31.4793536 svchost.exe 264 RegOpenKey HKLM SUCCESS Desired Access: Maximum Allowed, Granted Access: All Access
10:36:31.4796305 svchost.exe 264 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
10:36:31.4797011 svchost.exe 264 RegCreateKey HKLM\SYSTEM\CurrentControlSet\Services\BITS\Performance REPARSE Desired Access: Query Value, Set Value
10:36:31.4797651 svchost.exe 264 RegCreateKey HKLM\System\CurrentControlSet\Services\BITS\Performance SUCCESS Desired Access: Query Value, Set Value
10:36:31.4798333 svchost.exe 264 RegCloseKey HKLM SUCCESS
10:36:31.4798737 svchost.exe 264 RegDeleteValue HKLM\System\CurrentControlSet\Services\BITS\Performance\PerfMMFileName SUCCESS
10:36:31.4799624 svchost.exe 264 RegCloseKey HKLM\System\CurrentControlSet\Services\BITS\Performance SUCCESS
10:36:31.4854261 svchost.exe 264 RegOpenKey HKLM SUCCESS Desired Access: Maximum Allowed, Granted Access: All Access
10:36:31.4854816 svchost.exe 264 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
10:36:31.4855136 svchost.exe 264 RegOpenKey HKLM\System\CurrentControlSet\Services REPARSE Desired Access: Read
10:36:31.4855558 svchost.exe 264 RegOpenKey HKLM\System\CurrentControlSet\Services SUCCESS Desired Access: Read
10:36:31.4855956 svchost.exe 264 RegCloseKey HKLM SUCCESS
10:36:31.4856204 svchost.exe 264 RegQueryKey HKLM\System\CurrentControlSet\Services SUCCESS Query: HandleTags, HandleTags: 0x0
10:36:31.4856445 svchost.exe 264 RegOpenKey HKLM\System\CurrentControlSet\Services\BITS SUCCESS Desired Access: Read
10:36:31.4856729 svchost.exe 264 RegQueryKey HKLM\System\CurrentControlSet\Services\BITS SUCCESS Query: HandleTags, HandleTags: 0x0
10:36:31.4856964 svchost.exe 264 RegOpenKey HKLM\System\CurrentControlSet\Services\BITS\Parameters SUCCESS Desired Access: Read
10:36:31.4857399 svchost.exe 264 RegCloseKey HKLM\System\CurrentControlSet\Services SUCCESS
10:36:31.4857628 svchost.exe 264 RegCloseKey HKLM\System\CurrentControlSet\Services\BITS SUCCESS
10:36:31.4857893 svchost.exe 264 RegQueryValue HKLM\System\CurrentControlSet\Services\BITS\Parameters\ServiceDllUnloadOnStop NAME NOT FOUND Length: 144
10:36:31.4858165 svchost.exe 264 RegCloseKey HKLM\System\CurrentControlSet\Services\BITS\Parameters SUCCESS
10:36:31.4861061 svchost.exe 264 Thread Exit SUCCESS Thread ID: 1036, User Time: 0.0000000, Kernel Time: 0.0156250
10:36:32.2142658 svchost.exe 1340 DeviceIoControl \Device\Mup NO MORE MATCHES Control: 0x1403a4 (Device:0x14 Function:233 Method: 0)
10:36:32.4024362 svchost.exe 1000 WriteFile C:\Windows\System32\winevt\Logs\Microsoft-Windows-WMI-Activity%4Operational.evtx SUCCESS Offset: 462,848, Length: 512
10:36:32.4024917 svchost.exe 1000 WriteFile C:\Windows\System32\winevt\Logs\Microsoft-Windows-WMI-Activity%4Operational.evtx SUCCESS Offset: 475,712, Length: 512
10:36:32.5908244 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:33.2368469 svchost.exe 1340 DeviceIoControl \Device\Mup NO MORE MATCHES Control: 0x1403a4 (Device:0x14 Function:233 Method: 0)
10:36:33.6361965 svchost.exe 1932 Thread Exit SUCCESS Thread ID: 6040, User Time: 0.0000000, Kernel Time: 0.0000000
10:36:33.8681126 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:34.0437409 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:34.0438037 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:34.0438544 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:34.0439063 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:34.0439545 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:34.0440004 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:34.0440499 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:34.2466638 svchost.exe 696 FileSystemControl C: SUCCESS Control: FSCTL_FILE_PREFETCH
10:36:34.2520797 svchost.exe 1340 DeviceIoControl \Device\Mup NO MORE MATCHES Control: 0x1403a4 (Device:0x14 Function:233 Method: 0)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment