.

KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
System : Windows NT SERVER-PC 10.0 build 26200 (Windows 11) AMD64
User : ServerPC ( 0)
PHP Version : 8.2.12
Disable Function : NONE
Directory : C:/Windows/System32/winevt/Logs/
Upload File :
Current File : C:/Windows/System32/winevt/Logs/Microsoft-Windows-Kernel-LiveDump%4Operational.evtx
ElfFile%�ّ
�ElfChnk$$��J�L�sýkʶ6��^=�����f?�m�MF�)
&��
�!**�{��.o���1�&��1��a�P��=׆[�A~M�Event�j�xmlns5http://schemas.microsoft.com/win/2004/08/events/event����oTSystemA��Y�{Provider6F=K�NameX)GuidAMz�aEventID'�X)�
Qualifiers"�	Version�d�LevelE{Task ?�Opcode$fj�KeywordsA��P�;�TimeCreated'�j<{
SystemTime
.�F
EventRecordID

A�����Correlation\FF
�
ActivityIDmz5�RelatedActivityID
A��m���	ExecutionHF�F
�	ProcessID��9ThreadID	"�aChannel��6F�;nComputer	Server-PCA��B��.Security�fLUserID!
BZ�!s@{��.o���^#�-<Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational>c'�>c'�޽XS떂7�r�n��b6D�	EventDataA��9^��oData=NTStatus
4��**�R?��.o���1�&
BZ9!e@R?��.o���^#�-<Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�L
�LNc�T�� �����6�**x�A��.o���1�&
BZ!h@�A��.o���^#�-<Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�L
x**r���.o���1�&
BZ�!'}@r���.o���^#�-<Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)
�T5�
��\��F*�A�l��`6A��%^=Callout
A��'^=Included


**�p���.o���1�&
BZ!'}@p���.o���^#�-<Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**�����.o���1�&
BZ!'}@����.o���^#�-<Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**�`���.o���1�&
BZ!'}@`���.o���^#�-<Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**�b���.o���1�&
BZ!'}@b���.o���^#�-<Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**p	���.o���1�&
BZ!i@���.o���^#�-<	Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�L
p**�
x��.o���1�&
BZ�!j@x��.o���^#�-<
Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational��aʥ��aʞ_�Y��r�Ҁ����6A��]^O=#NtEstimatedRequiredPrimaryDataBytes

A��M^?=NtEstimatedPrimaryDataBytes

A��M^?=HvEstimatedPrimaryDataBytes

A��Q^C=HvEstimatedSecondaryDataBytes

A��M^?=SkEstimatedPrimaryDataBytes

A��M^?=MemoryEstimationDuration_ms

A��I^;=SystemQuiescedDuration_ms

A��Q^C=EndMirroringPhasesDuration_ms

A��U^G=MirrorPhysicalMemoryDuration_ms

A��U^G=MirrorPhysicalMemorySizeInBytes
	
A��]^O=#HvlCalculateLiveDumpSizeDuration_ms












p�PY���H����**H�YU�.o���1�&
BZ�!q@�YU�.o���^#�-<Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operationalٮ:��ٮ:��&�\xmT˱���H��<6A��;^-=EstimatedPageCount

A��;^-=AllocatedPageCount

A��c^U=&VMMemoryPartitionIOSpaceAllocatedPages

A��U^G=VMMemoryPartitionAllocatedPages

A��_^Q=$SystemPartitionIOSpaceAllocatedPages

A��Q^C=SystemPartitionAllocatedPages

A��9^+=LimitDumpFileSize
A��G^9=DumpFileSizeLimitInBytes

A��G^9=DumpFileSizeLimitReached
A��K^==AbortWhileBufferAllocation
	







�+�H**�;[U�.o���1�&
BZ7!@;[U�.o���^#�-<Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational`�<8�!`�<8[�Z7~+�'7�����|6A��'^=NTStatus
A��/^!=BugcheckCode
A��;^-=BugCheckParameter1
A��;^-=BugCheckParameter2
A��;^-=BugCheckParameter3
A��;^-=BugCheckParameter4
A��A^3=AbortIfMemoryPressure
A��C^5=DumpCaptureDuration_ms

A��1^#=
SelectiveDump
A��S^E=DynamicLowMemoryThresholdBytes
	
A��S^E=AvailablePhysicalMemoryInBytes

A��K^==TotalPhysicalMemoryInBytes

A��3^%=IOSpaceEnabled







@�A`�
����TT����@�
�����i�p��**�
W��Ws���1�&
BZ!s@W��Ws���M�8
Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational>c'�4��**x�+��Ws���1�&
BZ!e@�+��Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�L
x**xu,��Ws���1�&
BZ!h@u,��Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�L
x**����Ws���1�&
BZ!'}@���Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**�����Ws���1�&
BZ!'}@����Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**�����Ws���1�&
BZ!'}@����Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**�s���Ws���1�&
BZ!'}@s���Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**�u���Ws���1�&
BZ!'}@u���Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**p����Ws���1�&
BZ!i@����Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�L
p**����Ws���1�&
BZ�!j@����Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational��aʥ










���7GF�PM�**��ׇ�Ws���1�&
BZ{!q@�ׇ�Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operationalٮ:��







!L�**`ه�Ws���1�&
BZ�!@`ه�Ws���M�8Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational`�<8�!





@�A@������>����@O����R�#p�**��������1�&
BZ!s@��������!���Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational>c'�4��**x�������1�&
BZ!e@��������!���Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�L
x**x��������1�&
BZ!h@���������!���Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�L
x**��������1�&
BZ!'}@��������!���Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**��������1�&
BZ!'}@��������!���Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**��������1�&
BZ!'}@��������!���Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**��������1�&
BZ!'}@��������!���Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**� �������1�&
BZ!'}@��������!��� Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�T5�)

�**p!��������1�&
BZ!i@���������!���!Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational�L
p**"������1�&
BZ�!j@�������!���"Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational��aʥ










P�P����/X�**�#��F�����1�&
BZ{!q@��F������!���#Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operationalٮ:��







�-��**$:�F�����1�&
BZ�!@:�F������!���$Microsoft-Windows-Kernel-LiveDump���́���^�a�p�Microsoft-Windows-Kernel-LiveDump/Operational`�<8�!





@�A`4�W�����E�������Z����b�{�p�
Anon7 - 2021