API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 21st, 2017
536
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
XML 61.45 KB | None | 0 0
raw download clone embed print report
  1. <?xml version="1.0" encoding="utf-8" standalone="yes"?>
  2. <Events><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-DistributedCOM' Guid='{1B562E86-B7AA-4131-BADC-B6F3A001407E}' EventSourceName='DCOM'/><EventID Qualifiers='0'>10016</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8080000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:02:48.925426900Z'/><EventRecordID>9172</EventRecordID><Correlation/><Execution ProcessID='472' ThreadID='3208'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-21-3246834207-1126968518-1000785926-1001'/></System><EventData><Data Name='param1'>application-specific</Data><Data Name='param2'>Local</Data><Data Name='param3'>Launch</Data><Data Name='param4'>{7022A3B3-D004-4F52-AF11-E9E987FEE25F}</Data><Data Name='param5'>{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}</Data><Data Name='param6'>AURIGAE</Data><Data Name='param7'>JC</Data><Data Name='param8'>S-1-5-21-3246834207-1126968518-1000785926-1001</Data><Data Name='param9'>LocalHost (Using LRPC)</Data><Data Name='param10'>Unavailable</Data><Data Name='param11'>Unavailable</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-DistributedCOM' Guid='{1B562E86-B7AA-4131-BADC-B6F3A001407E}' EventSourceName='DCOM'/><EventID Qualifiers='0'>10016</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8080000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:02:43.616410300Z'/><EventRecordID>9171</EventRecordID><Correlation/><Execution ProcessID='472' ThreadID='2628'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-21-3246834207-1126968518-1000785926-1001'/></System><EventData><Data Name='param1'>application-specific</Data><Data Name='param2'>Local</Data><Data Name='param3'>Launch</Data><Data Name='param4'>{7022A3B3-D004-4F52-AF11-E9E987FEE25F}</Data><Data Name='param5'>{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}</Data><Data Name='param6'>AURIGAE</Data><Data Name='param7'>JC</Data><Data Name='param8'>S-1-5-21-3246834207-1126968518-1000785926-1001</Data><Data Name='param9'>LocalHost (Using LRPC)</Data><Data Name='param10'>Unavailable</Data><Data Name='param11'>Unavailable</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Winlogon' Guid='{DBE9B383-7CF3-4331-91CC-A3CB16A3B538}'/><EventID>7001</EventID><Version>0</Version><Level>4</Level><Task>1101</Task><Opcode>0</Opcode><Keywords>0x2000200000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:02:43.238468200Z'/><EventRecordID>9170</EventRecordID><Correlation/><Execution ProcessID='956' ThreadID='436'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='TSId'>1</Data><Data Name='UserSid'>S-1-5-21-3246834207-1126968518-1000785926-1001</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Service Control Manager' Guid='{555908d1-a6d7-4695-8e1e-26931d2012f4}' EventSourceName='Service Control Manager'/><EventID Qualifiers='16384'>7045</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8080000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:09.679232100Z'/><EventRecordID>9169</EventRecordID><Correlation/><Execution ProcessID='724' ThreadID='844'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='ServiceName'>WinRing0_1_2_0</Data><Data Name='ImagePath'>C:\Program Files\aquasuite\AquaComputerService.sys</Data><Data Name='ServiceType'>kernel mode driver</Data><Data Name='StartType'>demand start</Data><Data Name='AccountName'></Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Time-Service' Guid='{06EDCFEB-0FD0-4E53-ACCA-A6F8BBF81BCB}'/><EventID>37</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:08.589180900Z'/><EventRecordID>9168</EventRecordID><Correlation/><Execution ProcessID='2824' ThreadID='2776'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData Name='TMP_EVENT_TIME_SOURCE_REACHABLE'><Data Name='TimeSource'>time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123-&gt;51.141.32.51:123)</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='e1iexpress'/><EventID Qualifiers='24580'>32</EventID><Level>4</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:07.007887000Z'/><EventRecordID>9167</EventRecordID><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data></Data><Data>Intel(R) Ethernet Connection (2) I218-V</Data><Binary>0000040002003000000000002000046000000000000000000000000000000000000000000000000020000460</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Time-Service' Guid='{06EDCFEB-0FD0-4E53-ACCA-A6F8BBF81BCB}'/><EventID>134</EventID><Version>0</Version><Level>3</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:06.962529600Z'/><EventRecordID>9166</EventRecordID><Correlation/><Execution ProcessID='2824' ThreadID='2776'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData Name='TMP_EVENT_MANUAL_PEER_DNS_ERROR'><Data Name='ErrorMessage'>No such host is known. (0x80072AF9)</Data><Data Name='RetryMinutes'>15</Data><Data Name='DomainPeer'>time.windows.com,0x9</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Service Control Manager' Guid='{555908d1-a6d7-4695-8e1e-26931d2012f4}' EventSourceName='Service Control Manager'/><EventID Qualifiers='49152'>7026</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8080000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:06.167834600Z'/><EventRecordID>9165</EventRecordID><Correlation/><Execution ProcessID='724' ThreadID='728'/><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data Name='param1'>
  3. CldFlt
  4. dam</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Time-Service' Guid='{06EDCFEB-0FD0-4E53-ACCA-A6F8BBF81BCB}'/><EventID>134</EventID><Version>0</Version><Level>3</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.460889600Z'/><EventRecordID>9164</EventRecordID><Correlation/><Execution ProcessID='2824' ThreadID='3052'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData Name='TMP_EVENT_MANUAL_PEER_DNS_ERROR'><Data Name='ErrorMessage'>No such host is known. (0x80072AF9)</Data><Data Name='RetryMinutes'>15</Data><Data Name='DomainPeer'>time.windows.com,0x9</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Time-Service' Guid='{06EDCFEB-0FD0-4E53-ACCA-A6F8BBF81BCB}'/><EventID>158</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.458435800Z'/><EventRecordID>9163</EventRecordID><Correlation/><Execution ProcessID='2824' ThreadID='2932'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData Name='TMP_EVENT_TIMEPROV_INDICATED_UNSUPPORTED'><Data Name='TimeProvider'>VMICTimeProvider</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Service Control Manager' Guid='{555908d1-a6d7-4695-8e1e-26931d2012f4}' EventSourceName='Service Control Manager'/><EventID Qualifiers='49152'>7023</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8080000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.448055100Z'/><EventRecordID>9161</EventRecordID><Correlation/><Execution ProcessID='724' ThreadID='1328'/><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data Name='param1'>WdiServiceHost</Data><Data Name='param2'>%%1052</Data><Binary>570064006900530065007200760069006300650048006F00730074000000</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Service Control Manager' Guid='{555908d1-a6d7-4695-8e1e-26931d2012f4}' EventSourceName='Service Control Manager'/><EventID Qualifiers='49152'>7023</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8080000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.448055100Z'/><EventRecordID>9162</EventRecordID><Correlation/><Execution ProcessID='724' ThreadID='2736'/><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data Name='param1'>WdiSystemHost</Data><Data Name='param2'>%%1052</Data><Binary>570064006900530079007300740065006D0048006F00730074000000</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-DHCPv6-Client' Guid='{6A1F2B00-6A90-4C38-95A5-5CAB3B056778}'/><EventID>51046</EventID><Version>0</Version><Level>4</Level><Task>4</Task><Opcode>62</Opcode><Keywords>0x2000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.346944400Z'/><EventRecordID>9160</EventRecordID><Correlation/><Execution ProcessID='1960' ThreadID='2100'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Dhcp-Client' Guid='{15A7A4F8-0072-4EAB-ABAD-F98A4D666AED}'/><EventID>50103</EventID><Version>0</Version><Level>4</Level><Task>4</Task><Opcode>129</Opcode><Keywords>0x2000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.341216500Z'/><EventRecordID>9159</EventRecordID><Correlation/><Execution ProcessID='1960' ThreadID='2056'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Dhcp-Client' Guid='{15A7A4F8-0072-4EAB-ABAD-F98A4D666AED}'/><EventID>50036</EventID><Version>0</Version><Level>4</Level><Task>4</Task><Opcode>68</Opcode><Keywords>0x2000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.340974500Z'/><EventRecordID>9158</EventRecordID><Correlation/><Execution ProcessID='1960' ThreadID='2056'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='EventLog'/><EventID Qualifiers='32768'>6013</EventID><Level>4</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.179170500Z'/><EventRecordID>9129</EventRecordID><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data></Data><Data></Data><Data></Data><Data></Data><Data>3</Data><Data>60</Data><Data>-60 W. Europe Standard Time</Data><Binary>31002E003100000030000000570069006E0064006F00770073002000310030002000500072006F0020004E000000310030002E0030002E003100350030003600330020004200750069006C0064002000310035003000360033002000200000004D0075006C0074006900700072006F0063006500730073006F007200200046007200650065000000310035003000360033002E007200730032005F00720065006C0065006100730065002E003100370030003300310037002D00310038003300340000003500390036003200320062003700640000004E006F007400200041007600610069006C00610062006C00650000004E006F007400200041007600610069006C00610062006C0065000000390000003100320000003100360032003800380000003400300039000000410075007200690067006100650000000000</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='EventLog'/><EventID Qualifiers='32768'>6005</EventID><Level>4</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.179170500Z'/><EventRecordID>9128</EventRecordID><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Binary>E1070800010015000E0001000500B3000000000000000000</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='EventLog'/><EventID Qualifiers='32768'>6009</EventID><Level>4</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.179170500Z'/><EventRecordID>9127</EventRecordID><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data>10.00.</Data><Data>15063</Data><Data></Data><Data>Multiprocessor Free</Data><Data>0</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='EventLog'/><EventID Qualifiers='32768'>6008</EventID><Level>2</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.179170500Z'/><EventRecordID>9126</EventRecordID><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data>15:59:43</Data><Data>‎2017-‎08-‎21</Data><Data></Data><Data></Data><Data>112520</Data><Data></Data><Data></Data><Binary>E1070800010015000F003B002B003002E1070800010015000D003B002B0030023C0000003C000000000000000000000000000000000000000100000000000000</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-FilterManager' Guid='{F3C5E28E-63F6-49C7-A204-E48A1BC4B09D}'/><EventID>6</EventID><Version>1</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000400000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.137427300Z'/><EventRecordID>9157</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='152'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='FinalStatus'>0x0</Data><Data Name='DeviceVersionMajor'>10</Data><Data Name='DeviceVersionMinor'>0</Data><Data Name='DeviceNameLength'>10</Data><Data Name='DeviceName'>storqosflt</Data><Data Name='DeviceTime'>2015-12-18T05:36:27.000000000Z</Data><Data Name='ExtraInfoLength'>239</Data><Data Name='ExtraInfoString'>{ "flags" : "0x00000010" , "registration_version" : "0x00000203" , "tx" : false , "sections" : false , "frame" : 0 , "class_name" : "FSFilter Quota Management" , "supportedFeatures": "0x00000003" , "instances" : [["244000","0x00000000"]] }</Data><Data Name='FilterID'>{02000000-000B-0000-4CD6-16EE851AD301}</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-FilterManager' Guid='{F3C5E28E-63F6-49C7-A204-E48A1BC4B09D}'/><EventID>6</EventID><Version>1</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000400000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.135929600Z'/><EventRecordID>9156</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='152'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='FinalStatus'>0x0</Data><Data Name='DeviceVersionMajor'>10</Data><Data Name='DeviceVersionMinor'>0</Data><Data Name='DeviceNameLength'>5</Data><Data Name='DeviceName'>luafv</Data><Data Name='DeviceTime'>2037-06-08T11:55:59.000000000Z</Data><Data Name='ExtraInfoLength'>237</Data><Data Name='ExtraInfoString'>{ "flags" : "0x00000014" , "registration_version" : "0x00000203" , "tx" : false , "sections" : false , "frame" : 0 , "class_name" : "FSFilter Virtualization" , "supportedFeatures": "0x00000003" , "instances" : [["135000","0x00000000"]] }</Data><Data Name='FilterID'>{02000000-000A-0000-4CD6-16EE851AD301}</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-FilterManager' Guid='{F3C5E28E-63F6-49C7-A204-E48A1BC4B09D}'/><EventID>6</EventID><Version>1</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000400000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:05.125291400Z'/><EventRecordID>9155</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='412'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='FinalStatus'>0x0</Data><Data Name='DeviceVersionMajor'>10</Data><Data Name='DeviceVersionMinor'>0</Data><Data Name='DeviceNameLength'>5</Data><Data Name='DeviceName'>wcifs</Data><Data Name='DeviceTime'>2088-07-29T05:04:59.000000000Z</Data><Data Name='ExtraInfoLength'>237</Data><Data Name='ExtraInfoString'>{ "flags" : "0x00000014" , "registration_version" : "0x00000203" , "tx" : false , "sections" : false , "frame" : 0 , "class_name" : "FSFilter Virtualization" , "supportedFeatures": "0x00000000" , "instances" : [["189900","0x00000000"]] }</Data><Data Name='FilterID'>{02000000-0009-0000-FA73-14EE851AD301}</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Directory-Services-SAM' Guid='{0D4FDC09-8C27-494A-BDA0-505E4FD8ADAE}'/><EventID>16962</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:04.959139300Z'/><EventRecordID>9154</EventRecordID><Correlation ActivityID='{EBEBEC72-1A85-0008-78EC-EBEB851AD301}'/><Execution ProcessID='732' ThreadID='736'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData Name='SAMMSG_RESTRICT_REMOTE_SAM_DEFAULT_SD'><Data Name='Default SD String:'>O:SYG:SYD:(A;;RC;;;BA)</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Wininit' Guid='{206F6DEA-D3C5-4D10-BC72-989F03C8B84B}'/><EventID>14</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x4000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:04.866993300Z'/><EventRecordID>9153</EventRecordID><Correlation/><Execution ProcessID='644' ThreadID='648'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Config'>0</Data><Data Name='IsTestConfig'>0</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.175077400Z'/><EventRecordID>9152</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>11</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.174331000Z'/><EventRecordID>9151</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>9</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.173665400Z'/><EventRecordID>9150</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>7</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.172997500Z'/><EventRecordID>9149</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>5</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.172325200Z'/><EventRecordID>9148</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>3</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.171642900Z'/><EventRecordID>9147</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>1</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.170954200Z'/><EventRecordID>9146</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>10</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.170273900Z'/><EventRecordID>9145</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>8</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.169603400Z'/><EventRecordID>9144</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>6</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.168940100Z'/><EventRecordID>9143</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>4</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.168283600Z'/><EventRecordID>9142</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>2</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Processor-Power' Guid='{0F67E49F-FE51-4E9F-B490-6F2948CC6027}'/><EventID>55</EventID><Version>0</Version><Level>4</Level><Task>47</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:03.167529000Z'/><EventRecordID>9141</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='216'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Group'>0</Data><Data Name='Number'>0</Data><Data Name='IdleStateCount'>1</Data><Data Name='IdleImplementation'>1</Data><Data Name='NominalFrequency'>3500</Data><Data Name='MaximumPerformancePercent'>100</Data><Data Name='MinimumPerformancePercent'>100</Data><Data Name='MinimumThrottlePercent'>100</Data><Data Name='PerformanceImplementation'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Ntfs' Guid='{3FF37A1C-A68D-4D6E-8C9B-F79E8B16C482}'/><EventID>98</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000002</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.782432300Z'/><EventRecordID>9140</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='420'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='DriveName'>\\?\Volume{f46ab89a-27c9-4e43-bdb5-7d8887f4b913}</Data><Data Name='DeviceName'>\Device\HarddiskVolume1</Data><Data Name='CorruptionActionState'>0</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Power' Guid='{331C3B3A-2005-44C2-AC5E-77220C37D6B4}'/><EventID>172</EventID><Version>0</Version><Level>4</Level><Task>203</Task><Opcode>0</Opcode><Keywords>0x8000000000000404</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.702561100Z'/><EventRecordID>9139</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='412'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='State'>2</Data><Data Name='Reason'>6</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Power' Guid='{331C3B3A-2005-44C2-AC5E-77220C37D6B4}'/><EventID>41</EventID><Version>5</Version><Level>1</Level><Task>63</Task><Opcode>0</Opcode><Keywords>0x8000400000000002</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.702316500Z'/><EventRecordID>9138</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='BugcheckCode'>278</Data><Data Name='BugcheckParameter1'>0xffff818a35e474a0</Data><Data Name='BugcheckParameter2'>0x0</Data><Data Name='BugcheckParameter3'>0x0</Data><Data Name='BugcheckParameter4'>0x0</Data><Data Name='SleepInProgress'>0</Data><Data Name='PowerButtonTimestamp'>0</Data><Data Name='BootAppStatus'>0</Data><Data Name='Checkpoint'>0</Data><Data Name='ConnectedStandbyInProgress'>false</Data><Data Name='SystemSleepTransitionsToOn'>1</Data><Data Name='CsEntryScenarioInstanceId'>0</Data><Data Name='BugcheckInfoFromEFI'>true</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-FilterManager' Guid='{F3C5E28E-63F6-49C7-A204-E48A1BC4B09D}'/><EventID>6</EventID><Version>1</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000400000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.687678600Z'/><EventRecordID>9137</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='FinalStatus'>0x0</Data><Data Name='DeviceVersionMajor'>10</Data><Data Name='DeviceVersionMinor'>0</Data><Data Name='DeviceNameLength'>9</Data><Data Name='DeviceName'>npsvctrig</Data><Data Name='DeviceTime'>2097-07-25T12:18:05.000000000Z</Data><Data Name='ExtraInfoLength'>219</Data><Data Name='ExtraInfoString'>{ "flags" : "0x00000018" , "registration_version" : "0x00000203" , "tx" : false , "sections" : false , "frame" : 0 , "class_name" : "(null)" , "supportedFeatures": "0x00000000" , "instances" : [["46000","0x00000000"]] }</Data><Data Name='FilterID'>{02000000-0006-0000-091F-A1EC851AD301}</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-FilterManager' Guid='{F3C5E28E-63F6-49C7-A204-E48A1BC4B09D}'/><EventID>6</EventID><Version>1</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000400000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.646132000Z'/><EventRecordID>9136</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='FinalStatus'>0x0</Data><Data Name='DeviceVersionMajor'>10</Data><Data Name='DeviceVersionMinor'>0</Data><Data Name='DeviceNameLength'>9</Data><Data Name='DeviceName'>FileCrypt</Data><Data Name='DeviceTime'>2030-05-28T10:10:59.000000000Z</Data><Data Name='ExtraInfoLength'>233</Data><Data Name='ExtraInfoString'>{ "flags" : "0x00000000" , "registration_version" : "0x00000203" , "tx" : false , "sections" : false , "frame" : 0 , "class_name" : "FSFilter Encryption" , "supportedFeatures": "0x00000003" , "instances" : [["141100","0x00000000"]] }</Data><Data Name='FilterID'>{02000000-0005-0000-FFF7-99EC851AD301}</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='volmgr'/><EventID Qualifiers='49156'>161</EventID><Level>2</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.620917700Z'/><EventRecordID>9135</EventRecordID><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data>\Device\HarddiskVolume4</Data><Binary>000000000100000000000000A10004C001000200010000C000000000000000000000000000000000</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Ntfs' Guid='{3FF37A1C-A68D-4D6E-8C9B-F79E8B16C482}'/><EventID>98</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000002</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.597172200Z'/><EventRecordID>9134</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='292'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='DriveName'>C:</Data><Data Name='DeviceName'>\Device\HarddiskVolume4</Data><Data Name='CorruptionActionState'>0</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-FilterManager' Guid='{F3C5E28E-63F6-49C7-A204-E48A1BC4B09D}'/><EventID>6</EventID><Version>1</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000400000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.488522000Z'/><EventRecordID>9133</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='FinalStatus'>0x0</Data><Data Name='DeviceVersionMajor'>10</Data><Data Name='DeviceVersionMinor'>0</Data><Data Name='DeviceNameLength'>8</Data><Data Name='DeviceName'>WdFilter</Data><Data Name='DeviceTime'>2102-10-04T18:25:01.000000000Z</Data><Data Name='ExtraInfoLength'>232</Data><Data Name='ExtraInfoString'>{ "flags" : "0x00000030" , "registration_version" : "0x00000203" , "tx" : true , "sections" : false , "frame" : 0 , "class_name" : "FSFilter Anti-Virus" , "supportedFeatures": "0x00000003" , "instances" : [["328010","0x00000000"]] }</Data><Data Name='FilterID'>{02000000-0003-0000-7D20-82EC851AD301}</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-FilterManager' Guid='{F3C5E28E-63F6-49C7-A204-E48A1BC4B09D}'/><EventID>6</EventID><Version>1</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000400000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.487665700Z'/><EventRecordID>9132</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='FinalStatus'>0x0</Data><Data Name='DeviceVersionMajor'>10</Data><Data Name='DeviceVersionMinor'>0</Data><Data Name='DeviceNameLength'>3</Data><Data Name='DeviceName'>Wof</Data><Data Name='DeviceTime'>1974-03-12T00:47:45.000000000Z</Data><Data Name='ExtraInfoLength'>232</Data><Data Name='ExtraInfoString'>{ "flags" : "0x00000010" , "registration_version" : "0x00000203" , "tx" : true , "sections" : false , "frame" : 0 , "class_name" : "FSFilter Compression" , "supportedFeatures": "0x00000003" , "instances" : [["40700","0x00000000"]] }</Data><Data Name='FilterID'>{02000000-0002-0000-7D20-82EC851AD301}</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-FilterManager' Guid='{F3C5E28E-63F6-49C7-A204-E48A1BC4B09D}'/><EventID>6</EventID><Version>1</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000400000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.486985700Z'/><EventRecordID>9131</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='FinalStatus'>0x0</Data><Data Name='DeviceVersionMajor'>10</Data><Data Name='DeviceVersionMinor'>0</Data><Data Name='DeviceNameLength'>8</Data><Data Name='DeviceName'>FileInfo</Data><Data Name='DeviceTime'>2042-06-30T16:43:32.000000000Z</Data><Data Name='ExtraInfoLength'>228</Data><Data Name='ExtraInfoString'>{ "flags" : "0x00000010" , "registration_version" : "0x00000203" , "tx" : false , "sections" : false , "frame" : 0 , "class_name" : "FSFilter Bottom" , "supportedFeatures": "0x00000003" , "instances" : [["40500","0x00000000"]] }</Data><Data Name='FilterID'>{02000000-0001-0000-7D20-82EC851AD301}</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='secnvme'/><EventID Qualifiers='16385'>11</EventID><Level>4</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:02.479986900Z'/><EventRecordID>9130</EventRecordID><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data>\Device\RaidPort0</Data><Data>144d</Data><Data>Samsung SSD 950 PRO 256GB</Data><Binary>0F00200003004800000000000B00014000000000000000000000000000000000000000000000000001000000200000000B0001400000000000000000000000000000000000000000</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>30</EventID><Version>0</Version><Level>4</Level><Task>21</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:01.530013600Z'/><EventRecordID>9125</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='ResetEndStart'>0</Data><Data Name='LoadOSImageStart'>1464295</Data><Data Name='StartOSImageStart'>1464298</Data><Data Name='ExitBootServicesEntry'>1465056</Data><Data Name='ExitBootServicesExit'>1465189</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>32</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:01.529957700Z'/><EventRecordID>9124</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='BitlockerUserInputTime'>0</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>18</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:01.529936700Z'/><EventRecordID>9123</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='EntryCount'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>25</EventID><Version>0</Version><Level>4</Level><Task>32</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:01.529898600Z'/><EventRecordID>9122</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='BootMenuPolicy'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>27</EventID><Version>1</Version><Level>4</Level><Task>33</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:01.529898300Z'/><EventRecordID>9121</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='BootType'>0</Data><Data Name='LoadOptions'> NOEXECUTE=OPTIN  NOVGA</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>20</EventID><Version>1</Version><Level>4</Level><Task>31</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:01.529802700Z'/><EventRecordID>9120</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='LastShutdownGood'>false</Data><Data Name='LastBootGood'>true</Data><Data Name='LastBootId'>99</Data><Data Name='BootStatusPolicy'>2</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>153</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T14:01:01.529764300Z'/><EventRecordID>9119</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Status'>0</Data><Data Name='EnableDisableReason'>0</Data><Data Name='VsmPolicy'>0</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-General' Guid='{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}'/><EventID>12</EventID><Version>0</Version><Level>4</Level><Task>1</Task><Opcode>0</Opcode><Keywords>0x8000000000000080</Keywords><TimeCreated SystemTime='2017-08-21T14:01:01.529717500Z'/><EventRecordID>9118</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='MajorVersion'>10</Data><Data Name='MinorVersion'>0</Data><Data Name='BuildVersion'>15063</Data><Data Name='QfeVersion'>413</Data><Data Name='ServiceVersion'>0</Data><Data Name='BootMode'>0</Data><Data Name='StartTime'>2017-08-21T14:01:01.369255700Z</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-UserModePowerService' Guid='{CE8DEE0B-D539-4000-B0F8-77BED049C590}'/><EventID>22</EventID><Version>0</Version><Level>4</Level><Task>18</Task><Opcode>0</Opcode><Keywords>0x4000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:54:25.222524000Z'/><EventRecordID>9117</EventRecordID><Correlation/><Execution ProcessID='868' ThreadID='8340'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='Turn'>5</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-General' Guid='{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}'/><EventID>16</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:54:24.521949200Z'/><EventRecordID>9116</EventRecordID><Correlation/><Execution ProcessID='4452' ThreadID='7024'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='HiveNameLength'>85</Data><Data Name='HiveName'>\??\C:\ProgramData\Microsoft\Provisioning\Microsoft-Desktop-Provisioning-Sequence.dat</Data><Data Name='KeysUpdated'>0</Data><Data Name='DirtyPages'>0</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Service Control Manager' Guid='{555908d1-a6d7-4695-8e1e-26931d2012f4}' EventSourceName='Service Control Manager'/><EventID Qualifiers='16384'>7045</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8080000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:47:08.654464800Z'/><EventRecordID>9115</EventRecordID><Correlation/><Execution ProcessID='720' ThreadID='5168'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='ServiceName'>MpKsl65f29acd</Data><Data Name='ImagePath'>C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4F316DFC-55A6-4B49-A582-670D2E49C803}\MpKsl65f29acd.sys</Data><Data Name='ServiceType'>kernel mode driver</Data><Data Name='StartType'>system start</Data><Data Name='AccountName'></Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-General' Guid='{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}'/><EventID>15</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:43:22.306273500Z'/><EventRecordID>9114</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='1556'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='HiveNameLength'>35</Data><Data Name='HiveName'>\SystemRoot\System32\config\DRIVERS</Data><Data Name='OriginalSize'>5226496</Data><Data Name='NewSize'>5226496</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-FilterManager' Guid='{F3C5E28E-63F6-49C7-A204-E48A1BC4B09D}'/><EventID>6</EventID><Version>1</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000400000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:39:08.866738500Z'/><EventRecordID>9113</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='8796'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='FinalStatus'>0x0</Data><Data Name='DeviceVersionMajor'>10</Data><Data Name='DeviceVersionMinor'>0</Data><Data Name='DeviceNameLength'>7</Data><Data Name='DeviceName'>BEDaisy</Data><Data Name='DeviceTime'>2017-01-11T05:01:10.000000000Z</Data><Data Name='ExtraInfoLength'>220</Data><Data Name='ExtraInfoString'>{ "flags" : "0x00000000" , "registration_version" : "0x00000202" , "tx" : false , "sections" : false , "frame" : 0 , "class_name" : "(null)" , "supportedFeatures": "0x00000000" , "instances" : [["363220","0x00000000"]] }</Data><Data Name='FilterID'>{02000000-000E-0000-4E9B-88DD821AD301}</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Service Control Manager' Guid='{555908d1-a6d7-4695-8e1e-26931d2012f4}' EventSourceName='Service Control Manager'/><EventID Qualifiers='16384'>7045</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8080000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:39:08.851926200Z'/><EventRecordID>9112</EventRecordID><Correlation/><Execution ProcessID='720' ThreadID='1100'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='ServiceName'>BEDaisy</Data><Data Name='ImagePath'>C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys</Data><Data Name='ServiceType'>kernel mode driver</Data><Data Name='StartType'>demand start</Data><Data Name='AccountName'></Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Winlogon' Guid='{DBE9B383-7CF3-4331-91CC-A3CB16A3B538}'/><EventID>7001</EventID><Version>0</Version><Level>4</Level><Task>1101</Task><Opcode>0</Opcode><Keywords>0x2000200000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:37:24.672395300Z'/><EventRecordID>9111</EventRecordID><Correlation/><Execution ProcessID='8448' ThreadID='8616'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-18'/></System><EventData><Data Name='TSId'>2</Data><Data Name='UserSid'>S-1-5-21-3246834207-1126968518-1000785926-1001</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Time-Service' Guid='{06EDCFEB-0FD0-4E53-ACCA-A6F8BBF81BCB}'/><EventID>37</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:37:05.396604000Z'/><EventRecordID>9110</EventRecordID><Correlation/><Execution ProcessID='2916' ThreadID='3680'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData Name='TMP_EVENT_TIME_SOURCE_REACHABLE'><Data Name='TimeSource'>time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123-&gt;51.141.32.51:123)</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Time-Service' Guid='{06EDCFEB-0FD0-4E53-ACCA-A6F8BBF81BCB}'/><EventID>134</EventID><Version>0</Version><Level>3</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:37:03.170732800Z'/><EventRecordID>9109</EventRecordID><Correlation/><Execution ProcessID='2916' ThreadID='3132'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData Name='TMP_EVENT_MANUAL_PEER_DNS_ERROR'><Data Name='ErrorMessage'>No such host is known. (0x80072AF9)</Data><Data Name='RetryMinutes'>15</Data><Data Name='DomainPeer'>time.windows.com,0x9</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='e1iexpress'/><EventID Qualifiers='24580'>32</EventID><Level>4</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:37:00.369542100Z'/><EventRecordID>9108</EventRecordID><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data></Data><Data>Intel(R) Ethernet Connection (2) I218-V</Data><Binary>0000040002003000000000002000046000000000000000000000000000000000000000000000000020000460</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Power-Troubleshooter' Guid='{CDC05E28-C449-49C6-B9D2-88CF761644DF}'/><EventID>1</EventID><Version>2</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:36:59.414553600Z'/><EventRecordID>9107</EventRecordID><Correlation ActivityID='{3A20FB4F-A608-46B2-98F4-B8737FC4D0A1}'/><Execution ProcessID='2600' ThreadID='4920'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData><Data Name='SleepTime'>2017-08-20T17:10:39.935385900Z</Data><Data Name='WakeTime'>2017-08-21T13:36:57.514106300Z</Data><Data Name='SleepDuration'>304</Data><Data Name='WakeDuration'>1014</Data><Data Name='DriverInitDuration'>886</Data><Data Name='BiosInitDuration'>0</Data><Data Name='HiberWriteDuration'>1094</Data><Data Name='HiberReadDuration'>955</Data><Data Name='HiberPagesWritten'>117572</Data><Data Name='Attributes'>33571073</Data><Data Name='TargetState'>6</Data><Data Name='EffectiveState'>5</Data><Data Name='WakeSourceType'>0</Data><Data Name='WakeSourceTextLength'>0</Data><Data Name='WakeSourceText'></Data><Data Name='WakeTimerOwnerLength'>0</Data><Data Name='WakeTimerContextLength'>0</Data><Data Name='NoMultiStageResumeReason'>0</Data><Data Name='WakeTimerOwner'></Data><Data Name='WakeTimerContext'></Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Time-Service' Guid='{06EDCFEB-0FD0-4E53-ACCA-A6F8BBF81BCB}'/><EventID>134</EventID><Version>0</Version><Level>3</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:36:57.422665800Z'/><EventRecordID>9106</EventRecordID><Correlation/><Execution ProcessID='2916' ThreadID='2912'/><Channel>System</Channel><Computer>Aurigae</Computer><Security UserID='S-1-5-19'/></System><EventData Name='TMP_EVENT_MANUAL_PEER_DNS_ERROR'><Data Name='ErrorMessage'>No such host is known. (0x80072AF9)</Data><Data Name='RetryMinutes'>15</Data><Data Name='DomainPeer'>time.windows.com,0x9</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>25</EventID><Version>0</Version><Level>4</Level><Task>32</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:36:57.414909300Z'/><EventRecordID>9104</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='6456'/><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data Name='BootMenuPolicy'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>27</EventID><Version>1</Version><Level>4</Level><Task>33</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:36:57.414909300Z'/><EventRecordID>9105</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='6456'/><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data Name='BootType'>1</Data><Data Name='LoadOptions'></Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>32</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:36:57.414868300Z'/><EventRecordID>9103</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='6456'/><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data Name='BitlockerUserInputTime'>0</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>18</EventID><Version>0</Version><Level>4</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:36:57.414841100Z'/><EventRecordID>9102</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='6456'/><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data Name='EntryCount'>1</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Boot' Guid='{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}'/><EventID>30</EventID><Version>0</Version><Level>4</Level><Task>21</Task><Opcode>0</Opcode><Keywords>0x8000000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:36:57.414743100Z'/><EventRecordID>9101</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='6456'/><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data Name='ResetEndStart'>0</Data><Data Name='LoadOSImageStart'>21133</Data><Data Name='StartOSImageStart'>21136</Data><Data Name='ExitBootServicesEntry'>21534</Data><Data Name='ExitBootServicesExit'>21667</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='e1iexpress'/><EventID Qualifiers='40964'>27</EventID><Level>3</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:36:56.754335800Z'/><EventRecordID>9100</EventRecordID><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data></Data><Data>Intel(R) Ethernet Connection (2) I218-V</Data><Binary>0000040002003000000000001B0004A00000000000000000000000000000000000000000000000001B0004A0</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='EventLog'/><EventID Qualifiers='32768'>6013</EventID><Level>4</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2017-08-21T13:36:56.656240700Z'/><EventRecordID>9097</EventRecordID><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data></Data><Data></Data><Data></Data><Data></Data><Data>111153</Data><Data>60</Data><Data>-60 W. Europe Standard Time</Data><Binary>31002E003100000030000000570069006E0064006F00770073002000310030002000500072006F0020004E000000310030002E0030002E003100350030003600330020004200750069006C0064002000310035003000360033002000200000004D0075006C0074006900700072006F0063006500730073006F007200200046007200650065000000310035003000360033002E007200730032005F00720065006C0065006100730065002E003100370030003300310037002D00310038003300340000003500390036003200320062003700640000004E006F007400200041007600610069006C00610062006C00650000004E006F007400200041007600610069006C00610062006C0065000000390000003100320000003100360032003800380000003400300039000000410075007200690067006100650000000000</Binary></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-General' Guid='{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}'/><EventID>1</EventID><Version>1</Version><Level>4</Level><Task>5</Task><Opcode>0</Opcode><Keywords>0x8000000000000010</Keywords><TimeCreated SystemTime='2017-08-21T13:36:56.499893500Z'/><EventRecordID>9099</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='6456'/><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data Name='NewTime'>2017-08-21T13:36:56.500000000Z</Data><Data Name='OldTime'>2017-08-20T17:10:40.605180600Z</Data><Data Name='Reason'>2</Data></EventData></Event><Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Kernel-Power' Guid='{331C3B3A-2005-44C2-AC5E-77220C37D6B4}'/><EventID>107</EventID><Version>1</Version><Level>4</Level><Task>102</Task><Opcode>0</Opcode><Keywords>0x8000000000000444</Keywords><TimeCreated SystemTime='2017-08-20T17:10:40.605149000Z'/><EventRecordID>9098</EventRecordID><Correlation/><Execution ProcessID='4' ThreadID='6456'/><Channel>System</Channel><Computer>Aurigae</Computer><Security/></System><EventData><Data Name='TargetState'>6</Data><Data Name='EffectiveState'>5</Data><Data Name='WakeFromState'>5</Data><Data Name='ProgrammedWakeTimeAc'>1601-01-01T00:00:00.000000000Z</Data><Data Name='ProgrammedWakeTimeDc'>1601-01-01T00:00:00.000000000Z</Data><Data Name='WakeRequesterTypeAc'>0</Data><Data Name='WakeRequesterTypeDc'>0</Data></EventData></Event></Events>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!