hocam olay günlüğünde çok fazla bilgi var arada uyarı birkaç tane de hata var en yukarıdaki bilgide böyle yazıyor
- <Event xmlns="
">
- <System>
<Provider Name="
ESENT" />
<EventID Qualifiers="
0">326</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>1</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="
2023-10-26T14:54:47.1625579Z" />
<EventRecordID>13868</EventRecordID>
<Correlation />
<Execution ProcessID="
0" ThreadID="
0" />
<Channel>Application</Channel>
<Computer>DESKTOP-MMJKSPT</Computer>
<Security />
</System>
- <EventData>
<Data>svchost</Data>
<Data>11776,D,50</Data>
<Data>DS_Token_DB:</Data>
<Data>1</Data>
<Data>C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat</Data>
<Data>0</Data>
<Data>[1] 0.000003 +J(0) [2] 0.000638 -0.000248 (1) WT +J(0) +M(C:0K, Fs:17, WS:4K # 4K, PF:4K # 0K, P:4K) [3] 0.002974 -0.000254 (6) WT +J(CM:0, PgRf:0, Rd:0/0, Dy:0/0, Lg:3480/2) +M(C:0K, Fs:11, WS:40K # 0K, PF:36K # 0K, P:36K) [4] 0.000730 +J(0) [5] - [6] - [7] - [8] 0.000317 -0.000219 (2) CM -0.000172 (2) WT +J(CM:2, PgRf:2, Rd:6/2, Dy:0/0, Lg:54/1) +M(C:16K, Fs:6, WS:24K # 0K, PF:36K # 0K, P:36K) [9] 0.000556 -0.000356 (3) CM -0.000297 (3) WT +J(CM:3, PgRf:23, Rd:0/3, Dy:0/0, Lg:0/0) +M(C:12K, Fs:18, WS:72K # 72K, PF:208K # 192K, P:208K) [10] 0.000153 -0.000087 (1) CM -0.000068 (1) WT +J(CM:1, PgRf:40, Rd:0/1, Dy:0/0, Lg:0/0) +M(C:0K, Fs:1, WS:4K # 4K, PF:0K # 0K, P:0K) [11] 0.000007 +J(CM:0, PgRf:1, Rd:0/0, Dy:0/0, Lg:0/0) +M(C:0K, Fs:2, WS:8K # 8K, PF:0K # 0K, P:0K) [12] 0.000025 +J(CM:0, PgRf:42, Rd:0/0, Dy:0/0, Lg:0/0) +M(C:0K, Fs:6, WS:24K # 24K, PF:0K # 0K, P:0K) [13] 0.0 +J(0) [14] 0.0 +J(0) [15] 0.000003 +J(CM:0, PgRf:1, Rd:0/0, Dy:0/0, Lg:0/0).</Data>
<Data>1 0</Data>
<Data>lgposAttach = 0000000C:000D:0268, dbv = 1568.110.240</Data>
</EventData>
</Event>
İlk çıkan uyarıda ise böyle yazıyor
- <Event xmlns="
">
- <System>
<Provider Name="
Microsoft-Windows-WMI" Guid="
{1edeee53-0afe-4609-b846-d8c0b2075b1f}" />
<EventID>63</EventID>
<Version>2</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="
2023-10-26T14:03:31.3818297Z" />
<EventRecordID>13847</EventRecordID>
<Correlation />
<Execution ProcessID="
4316" ThreadID="
4636" />
<Channel>Application</Channel>
<Computer>DESKTOP-MMJKSPT</Computer>
<Security UserID="
S-1-5-18" />
</System>
- <UserData>
- <data_0x8000003F xmlns="
">
<Provider>IntelMEProv</Provider>
<Namespace>root\Intel_ME</Namespace>
</data_0x8000003F>
</UserData>
</Event>