Log Name: System
Source: Netwtw06
Date: 2018-06-29 11:17:30
Event ID: 7023
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: DOVYDAS_NB.xxxx
Description:
7023 - Intel proprietary
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Netwtw06" />
<EventID Qualifiers="16384">7023</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:30.082448800Z" />
<EventRecordID>22345</EventRecordID>
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security />
</System>
<EventData>
<Data>\Device\NDMP2</Data>
<Data>Intel(R) Dual Band Wireless-AC 8265</Data>
<Binary>0000040002003400000000006F1B004000000000000000000000000000000000000000000000000057445256</Binary>
</EventData>
</Event>
Log Name: System
Source: e1dexpress
Date: 2018-06-29 11:17:27
Event ID: 33
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: DOVYDAS_NB.xxxx
Description:
Intel(R) Ethernet Connection (5) I219-V
Network link has been established at 100Mbps full duplex.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="e1dexpress" />
<EventID Qualifiers="24580">33</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:27.186773600Z" />
<EventRecordID>22344</EventRecordID>
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security />
</System>
<EventData>
<Data>
</Data>
<Data>Intel(R) Ethernet Connection (5) I219-V</Data>
<Binary>0000040002003000000000002100046000000000000000000000000000000000000000000000000021000460</Binary>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Power-Troubleshooter
Date: 2018-06-29 11:17:26
Event ID: 1
Task Category: None
Level: Information
Keywords:
User: LOCAL SERVICE
Computer: DOVYDAS_NB.xxxx
Description:
The system has returned from a low power state.
Sleep Time: 2018-06-29T08:17:15.455607500Z
Wake Time: 2018-06-29T08:17:25.564787200Z
Wake Source: Power Button
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Power-Troubleshooter" Guid="{CDC05E28-C449-49C6-B9D2-88CF761644DF}" />
<EventID>1</EventID>
<Version>2</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:26.592844300Z" />
<EventRecordID>22343</EventRecordID>
<Correlation ActivityID="{9BB13CDA-0CA3-4F18-A3F5-47C26024845A}" />
<Execution ProcessID="4620" ThreadID="20796" />
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security UserID="S-1-5-19" />
</System>
<EventData>
<Data Name="SleepTime">2018-06-29T08:17:15.455607500Z</Data>
<Data Name="WakeTime">2018-06-29T08:17:25.564787200Z</Data>
<Data Name="SleepDuration">2492</Data>
<Data Name="WakeDuration">1064</Data>
<Data Name="DriverInitDuration">412</Data>
<Data Name="BiosInitDuration">1084</Data>
<Data Name="HiberWriteDuration">0</Data>
<Data Name="HiberReadDuration">0</Data>
<Data Name="HiberPagesWritten">0</Data>
<Data Name="Attributes">33573888</Data>
<Data Name="TargetState">4</Data>
<Data Name="EffectiveState">4</Data>
<Data Name="WakeSourceType">1</Data>
<Data Name="WakeSourceTextLength">0</Data>
<Data Name="WakeSourceText">
</Data>
<Data Name="WakeTimerOwnerLength">0</Data>
<Data Name="WakeTimerContextLength">0</Data>
<Data Name="NoMultiStageResumeReason">0</Data>
<Data Name="WakeTimerOwner">
</Data>
<Data Name="WakeTimerContext">
</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Kernel-General
Date: 2018-06-29 11:17:25
Event ID: 1
Task Category: (5)
Level: Information
Keywords: Time
User: LOCAL SERVICE
Computer: DOVYDAS_NB.xxxx
Description:
The system time has changed to 2018-06-29T08:17:25.554379800Z from 2018-06-29T08:17:25.554389300Z.
Change Reason: An application or system component changed the time.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-General" Guid="{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}" />
<EventID>1</EventID>
<Version>1</Version>
<Level>4</Level>
<Task>5</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000010</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:25.554953000Z" />
<EventRecordID>22342</EventRecordID>
<Correlation />
<Execution ProcessID="1484" ThreadID="9200" />
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security UserID="S-1-5-19" />
</System>
<EventData>
<Data Name="NewTime">2018-06-29T08:17:25.554379800Z</Data>
<Data Name="OldTime">2018-06-29T08:17:25.554389300Z</Data>
<Data Name="Reason">1</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Kernel-Power
Date: 2018-06-29 11:17:24
Event ID: 130
Task Category: (33)
Level: Information
Keywords: (1024),(4)
User: N/A
Computer: DOVYDAS_NB.xxxx
Description:
Firmware S3 times. SuspendStart: 46577855, SuspendEnd: 46577866
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />
<EventID>130</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>33</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000404</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:24.714744600Z" />
<EventRecordID>22341</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="21148" />
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security />
</System>
<EventData>
<Data Name="SuspendStart">46577855</Data>
<Data Name="SuspendEnd">46577866</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Kernel-Power
Date: 2018-06-29 11:17:24
Event ID: 131
Task Category: (33)
Level: Information
Keywords: (1024),(4)
User: N/A
Computer: DOVYDAS_NB.xxxx
Description:
Firmware S3 times. ResumeCount: 9, FullResume: 831, AverageResume: 831
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />
<EventID>131</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>33</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000404</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:24.714742800Z" />
<EventRecordID>22340</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="21148" />
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security />
</System>
<EventData>
<Data Name="ResumeCount">9</Data>
<Data Name="FullResume">831</Data>
<Data Name="AverageResume">831</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Kernel-General
Date: 2018-06-29 11:17:24
Event ID: 1
Task Category: (5)
Level: Information
Keywords: Time
User: N/A
Computer: DOVYDAS_NB.xxxx
Description:
The system time has changed to 2018-06-29T08:17:24.500000000Z from 2018-06-29T08:17:20.540827800Z.
Change Reason: System time synchronized with the hardware clock.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-General" Guid="{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}" />
<EventID>1</EventID>
<Version>1</Version>
<Level>4</Level>
<Task>5</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000010</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:24.500078400Z" />
<EventRecordID>22339</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="21148" />
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security />
</System>
<EventData>
<Data Name="NewTime">2018-06-29T08:17:24.500000000Z</Data>
<Data Name="OldTime">2018-06-29T08:17:20.540827800Z</Data>
<Data Name="Reason">2</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Kernel-Power
Date: 2018-06-29 11:17:20
Event ID: 107
Task Category: (102)
Level: Information
Keywords: (1024),(64),(4)
User: N/A
Computer: DOVYDAS_NB.xxxx
Description:
The system has resumed from sleep.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />
<EventID>107</EventID>
<Version>1</Version>
<Level>4</Level>
<Task>102</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000444</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:20.540625400Z" />
<EventRecordID>22338</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="21148" />
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security />
</System>
<EventData>
<Data Name="TargetState">4</Data>
<Data Name="EffectiveState">4</Data>
<Data Name="WakeFromState">4</Data>
<Data Name="ProgrammedWakeTimeAc">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="ProgrammedWakeTimeDc">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="WakeRequesterTypeAc">0</Data>
<Data Name="WakeRequesterTypeDc">0</Data>
</EventData>
</Event>
Log Name: System
Source: Application Popup
Date: 2018-06-29 11:17:17
Event ID: 26
Task Category: None
Level: Information
Keywords:
User: SYSTEM
Computer: DOVYDAS_NB.xxxx
Description:
Application popup: Windows - Write Protect Error : Exception Processing Message 0xc00000a2 Parameters 0x7ffaab461b58 0x7ffaab461b58 0x4 0x7ffaab461b58
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Popup" Guid="{47BFA2B7-BD54-4FAC-B70B-29021084CA8F}" />
<EventID>26</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:17.947841200Z" />
<EventRecordID>22337</EventRecordID>
<Correlation />
<Execution ProcessID="748" ThreadID="1472" />
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Caption">Windows - Write Protect Error</Data>
<Data Name="Message">Exception Processing Message 0xc00000a2 Parameters 0x7ffaab461b58 0x7ffaab461b58 0x4 0x7ffaab461b58</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Kernel-Power
Date: 2018-06-29 11:17:17
Event ID: 42
Task Category: (64)
Level: Information
Keywords: (1024),(4)
User: N/A
Computer: DOVYDAS_NB.xxxx
Description:
The system is entering sleep.
Sleep Reason: System Idle
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />
<EventID>42</EventID>
<Version>3</Version>
<Level>4</Level>
<Task>64</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000404</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:17.946494100Z" />
<EventRecordID>22336</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="21148" />
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security />
</System>
<EventData>
<Data Name="TargetState">4</Data>
<Data Name="EffectiveState">4</Data>
<Data Name="Reason">7</Data>
<Data Name="Flags">0</Data>
<Data Name="TransitionsToOn">9</Data>
</EventData>
</Event>
Log Name: System
Source: BROWSER
Date: 2018-06-29 11:17:17
Event ID: 8033
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: DOVYDAS_NB.xxxx
Description:
The browser has forced an election on network \Device\NetBT_Tcpip_{F8701EEB-2715-4DC3-AC6E-1ECC0D01511F} because a master browser was stopped.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="BROWSER" />
<EventID Qualifiers="16384">8033</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:17.966516500Z" />
<EventRecordID>22335</EventRecordID>
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security />
</System>
<EventData>
<Data>\Device\NetBT_Tcpip_{F8701EEB-2715-4DC3-AC6E-1ECC0D01511F}</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Kernel-General
Date: 2018-06-29 11:17:16
Event ID: 1
Task Category: (5)
Level: Information
Keywords: Time
User: LOCAL SERVICE
Computer: DOVYDAS_NB.xxxx
Description:
The system time has changed to 2018-06-29T08:17:16.794433800Z from 2018-06-29T08:17:16.794444400Z.
Change Reason: An application or system component changed the time.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-General" Guid="{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}" />
<EventID>1</EventID>
<Version>1</Version>
<Level>4</Level>
<Task>5</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000010</Keywords>
<TimeCreated SystemTime="2018-06-29T08:17:16.793732100Z" />
<EventRecordID>22334</EventRecordID>
<Correlation />
<Execution ProcessID="1484" ThreadID="1488" />
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security UserID="S-1-5-19" />
</System>
<EventData>
<Data Name="NewTime">2018-06-29T08:17:16.794433800Z</Data>
<Data Name="OldTime">2018-06-29T08:17:16.794444400Z</Data>
<Data Name="Reason">1</Data>
</EventData>
</Event>
Log Name: System
Source: Netwtw06
Date: 2018-06-29 11:16:27
Event ID: 7023
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: DOVYDAS_NB.xxxx
Description:
7023 - Intel proprietary
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Netwtw06" />
<EventID Qualifiers="16384">7023</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2018-06-29T08:16:27.365333600Z" />
<EventRecordID>22333</EventRecordID>
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security />
</System>
<EventData>
<Data>\Device\NDMP2</Data>
<Data>Intel(R) Dual Band Wireless-AC 8265</Data>
<Binary>0000040002003400000000006F1B004000000000000000000000000000000000000000000000000057445256</Binary>
</EventData>
</Event>
Log Name: System
Source: Netwtw06
Date: 2018-06-29 11:15:25
Event ID: 7023
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: DOVYDAS_NB.xxxx
Description:
7023 - Intel proprietary
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Netwtw06" />
<EventID Qualifiers="16384">7023</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2018-06-29T08:15:25.229554400Z" />
<EventRecordID>22332</EventRecordID>
<Channel>System</Channel>
<Computer>DOVYDAS_NB.xxxx</Computer>
<Security />
</System>
<EventData>
<Data>\Device\NDMP2</Data>
<Data>Intel(R) Dual Band Wireless-AC 8265</Data>
<Binary>0000040002003400000000006F1B004000000000000000000000000000000000000000000000000057445256</Binary>
</EventData>
</Event>