????
Your IP : 3.147.2.160
<?xml version='1.0' encoding='utf-8' standalone='yes'?>
<assembly
xmlns="urn:schemas-microsoft-com:asm.v3"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
manifestVersion="1.0"
>
<assemblyIdentity
buildType="$(build.buildType)"
language="neutral"
name="Windows-Defender-Service-NisSrvEtw"
processorArchitecture="$(build.arch)"
publicKeyToken="$(Build.WindowsPublicKeyToken)"
version="$(build.version)"
versionScope="nonSxS"
/>
<instrumentation>
<events
xmlns="http://schemas.microsoft.com/win/2004/08/events"
xmlns:win="http://manifests.microsoft.com/win/2004/08/windows/events"
>
<provider
guid="{102aab0a-9d9c-4887-a860-55de33b96595}"
message="$(string.Microsoft-Antimalware-NIS.provider.name)"
messageFileName="%ProgramFiles%\Windows Defender\NisSrv.exe"
name="Microsoft-Antimalware-NIS"
resourceFileName="%ProgramFiles%\Windows Defender\NisSrv.exe"
symbol="Microsoft_Antimalware_NIS"
>
<tasks>
<task
eventGUID="{b33e041e-3a75-4f52-bf0e-c85d0963b7fb}"
name="NISSignatureMatch"
value="1"
/>
<task
eventGUID="{7c654438-0b9a-4559-b702-7d344f1c84a5}"
name="NISConnectionBlock"
value="2"
/>
<task
eventGUID="{6052715a-b52c-45cb-a3ee-cb74cd7f4e02}"
name="NISInterceptionPointEnabled"
value="3"
/>
<task
eventGUID="{32cfdd79-5cc7-4f3c-856a-50c1bfc88b84}"
name="NISInterceptionPointDisabled"
value="4"
/>
<task
eventGUID="{12624686-1960-4395-8deb-2271447ae2fb}"
name="NISGapaEngineLoad"
value="5"
/>
<task
eventGUID="{5790d2a5-a4e3-4144-bb6e-2b47c4b5b085}"
name="NISGapaEngineUnload"
value="6"
/>
<task
eventGUID="{10d6893f-871c-4768-92c1-774c6e19f0eb}"
name="NISConsumerLoad"
value="7"
/>
<task
eventGUID="{9f836f7d-71b7-4c2f-a676-46687b2b1054}"
name="NISConsumerUnload"
value="8"
/>
<task
eventGUID="{32256f60-cddd-4c41-bff7-3775cce39db0}"
name="Service"
value="9"
/>
<task
eventGUID="{d40d57e9-89d3-4c2b-b541-4c32e6cd1229}"
name="ConfigurationReloadFailure"
value="10"
/>
<task
eventGUID="{5ffa485b-d88f-4b1a-8347-60fc2794b20b}"
name="DriverMsgBuffer"
value="11"
/>
<task
eventGUID="{bbd3fffd-5a7e-4470-9c1f-8a90628e2cc3}"
name="DriverMsgBufferLost"
value="12"
/>
<task
eventGUID="{ba718a12-1699-49a5-915f-9f05b79f3f8b}"
name="FrameOutOfOrder"
value="13"
/>
<task
eventGUID="{6111e41a-555f-4690-ab13-85ca4b8c7a93}"
name="ConnectionReCreation"
value="14"
/>
<task
eventGUID="{03b7314e-30bf-4f30-a1c0-df09d1353b15}"
name="Connection"
value="15"
/>
<task
eventGUID="{43033349-5987-4340-384d-3b15bc6543a2}"
name="UMFlow"
value="16"
/>
</tasks>
<events>
<event
level="win:Informational"
opcode="win:Info"
symbol="NISSignatureMatchEvent"
task="NISSignatureMatch"
value="1"
version="0"
/>
<event
level="win:Informational"
opcode="win:Info"
symbol="NISConnectionBlockEvent"
task="NISConnectionBlock"
value="2"
version="0"
/>
<event
level="win:Informational"
opcode="win:Info"
symbol="NISInterceptionPointEnabledEvent"
task="NISInterceptionPointEnabled"
value="3"
version="0"
/>
<event
level="win:Informational"
opcode="win:Info"
symbol="NISInterceptionPointDisabledEvent"
task="NISInterceptionPointDisabled"
value="4"
version="0"
/>
<event
level="win:Informational"
opcode="win:Info"
symbol="NISGapaEngineLoadEvent"
task="NISGapaEngineLoad"
value="5"
version="0"
/>
<event
level="win:Informational"
opcode="win:Info"
symbol="NISGapaEngineUnloadEvent"
task="NISGapaEngineUnload"
value="6"
version="0"
/>
<event
level="win:Informational"
opcode="win:Info"
symbol="NISConsumerLoadEvent"
task="NISConsumerLoad"
value="7"
version="0"
/>
<event
level="win:Informational"
opcode="win:Info"
symbol="NISConsumerUnloadEvent"
task="NISConsumerUnload"
value="8"
version="0"
/>
<event
level="win:Informational"
opcode="win:DC_Start"
symbol="Service_Start"
task="Service"
value="9"
version="0"
/>
<event
level="win:Informational"
opcode="win:DC_Stop"
symbol="Service_Stop"
task="Service"
value="10"
version="0"
/>
<event
level="win:Informational"
opcode="win:Info"
symbol="ConfigurationReloadFailure"
task="ConfigurationReloadFailure"
value="11"
version="0"
/>
<event
level="win:Verbose"
opcode="win:Start"
symbol="DriverMsgBuffer_Pend"
task="DriverMsgBuffer"
value="12"
version="0"
/>
<event
level="win:Verbose"
opcode="win:Stop"
symbol="DriverMsgBuffer_Complete"
task="DriverMsgBuffer"
value="13"
version="0"
/>
<event
level="win:Warning"
opcode="win:Info"
symbol="DriverMsgBuffer_Lost"
task="DriverMsgBufferLost"
value="14"
version="0"
/>
<event
level="win:Warning"
opcode="win:Info"
symbol="FrameOutOfOrder"
task="FrameOutOfOrder"
value="15"
version="0"
/>
<event
level="win:Warning"
opcode="win:Info"
symbol="ConnectionReCreation"
task="ConnectionReCreation"
value="16"
version="0"
/>
<event
level="win:Informational"
opcode="win:Start"
symbol="Connection_Start"
task="Connection"
value="17"
version="0"
/>
<event
level="win:Informational"
opcode="win:Stop"
symbol="Connection_Stop"
task="Connection"
value="18"
version="0"
/>
<event
level="win:Informational"
opcode="win:Info"
symbol="UMFlow"
task="UMFlow"
template="tidUMFlow"
value="19"
version="0"
/>
</events>
<templates>
<template tid="tidUMFlow">
<data
inType="win:UInt64"
name="Context"
/>
<data
inType="win:UnicodeString"
name="Stage"
/>
<data
inType="win:UInt32"
name="Data"
/>
</template>
</templates>
</provider>
</events>
</instrumentation>
<localization>
<resources culture="en-US">
<stringTable>
<string
id="Microsoft-Antimalware-NIS.provider.name"
value="Microsoft-Antimalware-NIS"
/>
</stringTable>
</resources>
</localization>
</assembly>