I was browsing through my event viewer today and I came across this event. I've looked around for an answer, and while I did find some information, it really only confused me more. If anyone can tell me what this is (I'm just a newb) I would really appreciate it. Also, I'm confused by the reference to "HarddiskVolume2". I only have one SSD in this machine, and the only partitions are the OS and the "restore" created by MS during the installation.

Thanks,
Paige




Log Name: Microsoft-Windows-UAC-FileVirtualization/Operational
Source: Microsoft-Windows-UAC-FileVirtualization
Date: 1/29/2016 5:51:16 PM
Event ID: 5000
Task Category: None
Level: Verbose
Keywords:
User: PAIGEDESKTOP\Paige Perry
Computer: PaigeDesktop
Description:
Operation on file "\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" excluded from virtualization.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-UAC-FileVirtualization" Guid="{C02AFC2B-E24E-4449-AD76-BCC2C2575EAD}" />
<EventID>5000</EventID>
<Version>0</Version>
<Level>5</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2016-01-29T22:51:16.451156500Z" />
<EventRecordID>17</EventRecordID>
<Correlation />
<Execution ProcessID="6412" ThreadID="6908" />
<Channel>Microsoft-Windows-UAC-FileVirtualization/Operational</Channel>
<Computer>PaigeDesktop</Computer>
<Security UserID="S-1-5-21-1311319171-3916018615-375967268-1001" />
</System>
<EventData>
<Data Name="Flags">0</Data>
<Data Name="SidLength">28</Data>
<Data Name="Sid">S-1-5-21-1311319171-3916018615-375967268-1001</Data>
<Data Name="FileNameLength">115</Data>
<Data Name="FileNameBuffer">\Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe</Data>
<Data Name="ProcessImageNameLength">52</Data>
<Data Name="ProcessImageNameBuffer">\Device\HarddiskVolume2\Windows\SysWOW64\dllhost.exe</Data>
<Data Name="CreateOptions">16908384</Data>
<Data Name="DesiredAccess">1179785</Data>
<Data Name="IrpMajorFunction">0</Data>
<Data Name="Exclusions">1024</Data>
</EventData>
</Event>