Event[0]:
  Log Name: System
  Source: Microsoft-Windows-FilterManager
  Date: 2017-08-12T07:19:58.342
  Event ID: 6
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
File System Filter 'FileInfo' (6.1, ?2009?-?07?-?14T00:34:25.000000000Z) has successfully loaded and registered with Filter Manager.

Event[1]:
  Log Name: System
  Source: HECIx64
  Date: 2017-08-12T07:20:07.640
  Event ID: 2
  Task: N/A
  Level: Information
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Adams-PC
  Description: 
Intel(R) Management Engine Interface driver has started successfully.

Event[2]:
  Log Name: System
  Source: Microsoft-Windows-Kernel-Processor-Power
  Date: 2017-08-12T07:20:08.264
  Event ID: 26
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
Processor 0 in group 0 exposes the following:

3 idle state(s)
12 performance state(s)
8 throttle state(s)

Event[3]:
  Log Name: System
  Source: Microsoft-Windows-Kernel-Processor-Power
  Date: 2017-08-12T07:20:08.264
  Event ID: 26
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
Processor 2 in group 0 exposes the following:

3 idle state(s)
12 performance state(s)
8 throttle state(s)

Event[4]:
  Log Name: System
  Source: Microsoft-Windows-Kernel-Processor-Power
  Date: 2017-08-12T07:20:08.310
  Event ID: 26
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
Processor 1 in group 0 exposes the following:

3 idle state(s)
12 performance state(s)
8 throttle state(s)

Event[5]:
  Log Name: System
  Source: Microsoft-Windows-Kernel-Processor-Power
  Date: 2017-08-12T07:20:08.498
  Event ID: 26
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
Processor 3 in group 0 exposes the following:

3 idle state(s)
12 performance state(s)
8 throttle state(s)

Event[6]:
  Log Name: System
  Source: Microsoft-Windows-Kernel-Power
  Date: 2017-08-12T07:20:09.340
  Event ID: 89
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
ACPI thermal zone ACPI\ThermalZone\THRM has been enumerated.             
_PSV = 352K             
_TC1 = 4             
_TC2 = 3             
_TSP = 10000ms             
_AC0 = 333K             
_AC1 = 0K             
_AC2 = 0K             
_AC3 = 0K             
_AC4 = 0K             
_AC5 = 0K             
_AC6 = 0K             
_AC7 = 0K             
_AC8 = 0K             
_AC9 = 0K             
_CRT = 362K             
_HOT = 0K             
_PSL - see event data.

Event[7]:
  Log Name: System
  Source: Microsoft-Windows-Directory-Services-SAM
  Date: 2017-08-12T07:20:20.400
  Event ID: 16962
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
Remote calls to the SAM database are being restricted using the default security descriptor: .
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651.

Event[8]:
  Log Name: System
  Source: Service Control Manager
  Date: 2017-08-12T07:20:23.489
  Event ID: 7036
  Task: N/A
  Level: Information
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Adams-PC
  Description: 
The Plug and Play service entered the running state.

Event[9]:
  Log Name: System
  Source: Microsoft-Windows-UserPnp
  Date: 2017-08-12T07:20:23.489
  Event ID: 20010
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
One or more of the Plug and Play service's subsystems has changed state. 

PlugPlay install subsystem enabled: 'true' 
PlugPlay caching subsystem enabled: 'true' 


Event[10]:
  Log Name: System
  Source: Service Control Manager
  Date: 2017-08-12T07:20:23.801
  Event ID: 7036
  Task: N/A
  Level: Information
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Adams-PC
  Description: 
The Power service entered the running state.

Event[11]:
  Log Name: System
  Source: Microsoft-Windows-FilterManager
  Date: 2017-08-12T07:20:23.942
  Event ID: 6
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
File System Filter 'luafv' (6.1, ?2009?-?07?-?14T00:26:13.000000000Z) has successfully loaded and registered with Filter Manager.

Event[12]:
  Log Name: System
  Source: Microsoft-Windows-FilterManager
  Date: 2017-08-12T07:20:26.032
  Event ID: 6
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
File System Filter 'PSINFile' (6.1, ?2017?-?07?-?19T04:30:44.000000000Z) has successfully loaded and registered with Filter Manager.

Event[13]:
  Log Name: System
  Source: Microsoft-Windows-FilterManager
  Date: 2017-08-12T07:20:26.048
  Event ID: 6
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
File System Filter 'PSINProc' (6.1, ?2017?-?07?-?19T04:33:58.000000000Z) has successfully loaded and registered with Filter Manager.

Event[14]:
  Log Name: System
  Source: Service Control Manager
  Date: 2017-08-12T07:20:26.235
  Event ID: 7036
  Task: N/A
  Level: Information
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Adams-PC
  Description: 
The DCOM Server Process Launcher service entered the running state.

Event[15]:
  Log Name: System
  Source: Service Control Manager
  Date: 2017-08-12T07:20:26.453
  Event ID: 7036
  Task: N/A
  Level: Information
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Adams-PC
  Description: 
The RPC Endpoint Mapper service entered the running state.

Event[16]:
  Log Name: System
  Source: Service Control Manager
  Date: 2017-08-12T07:20:27.530
  Event ID: 7036
  Task: N/A
  Level: Information
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Adams-PC
  Description: 
The Remote Procedure Call (RPC) service entered the running state.

Event[17]:
  Log Name: System
  Source: Microsoft-Windows-Wininit
  Date: 2017-08-12T07:20:27.748
  Event ID: 11
  Task: N/A
  Level: Warning
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: Adams-PC
  Description: 
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Event[18]:
  Log Name: System
  Source: Service Control Manager
  Date: 2017-08-12T07:20:28.434
  Event ID: 7036
  Task: N/A
  Level: Information
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Adams-PC
  Description: 
The Windows Event Log service entered the running state.

Event[19]:
  Log Name: System
  Source: Service Control Manager
  Date: 2017-08-12T07:20:28.497
  Event ID: 7036
  Task: N/A
  Level: Information
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Adams-PC
  Description: 
The Multimedia Class Scheduler service entered the running state.