970290.1g2o8.group - /Windows/System32/winevt/Logs/
[To Parent Directory]
11/28/2024 12:24 PM 20975616 Application.evtx
11/14/2018 11:09 PM 69632 HardwareEvents.evtx
11/14/2018 11:09 PM 69632 Internet Explorer.evtx
11/14/2018 11:09 PM 69632 Key Management Service.evtx
7/5/2024 4:20 AM 1052672 Microsoft-Client-Licensing-Platform%4Admin.evtx
3/12/2021 11:24 AM 69632 Microsoft-Rdms-UI%4Admin.evtx
3/12/2021 11:24 AM 69632 Microsoft-Rdms-UI%4Operational.evtx
9/7/2022 7:54 AM 69632 Microsoft-Windows-AAD%4Operational.evtx
12/21/2020 1:08 PM 69632 Microsoft-Windows-All-User-Install-Agent%4Admin.evtx
4/24/2023 4:42 PM 69632 Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx
3/12/2021 11:24 AM 69632 Microsoft-Windows-Application-Experience%4Program-Compatibility-Troubleshooter.evtx
3/12/2021 11:24 AM 69632 Microsoft-Windows-Application-Experience%4Program-Inventory.evtx
3/12/2021 11:24 AM 69632 Microsoft-Windows-Application-Experience%4Program-Telemetry.evtx
3/12/2021 11:24 AM 69632 Microsoft-Windows-Application-Experience%4Steps-Recorder.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-AppModel-Runtime%4Admin.evtx
12/29/2020 2:26 PM 1118208 Microsoft-Windows-AppReadiness%4Admin.evtx
12/29/2020 2:26 PM 1118208 Microsoft-Windows-AppReadiness%4Operational.evtx
7/3/2021 6:24 AM 1052672 Microsoft-Windows-AppXDeployment%4Operational.evtx
7/5/2024 4:31 AM 3215360 Microsoft-Windows-AppXDeploymentServer%4Operational.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-AppXDeploymentServer%4Restricted.evtx
7/5/2024 8:18 PM 1052672 Microsoft-Windows-AppxPackaging%4Operational.evtx
3/12/2021 11:24 AM 69632 Microsoft-Windows-BackgroundTaskInfrastructure%4Operational.evtx
7/5/2024 8:18 PM 1052672 Microsoft-Windows-Biometrics%4Operational.evtx
7/5/2024 5:55 AM 1052672 Microsoft-Windows-Bits-Client%4Operational.evtx
12/31/2020 6:39 AM 1052672 Microsoft-Windows-CAPI2%4Operational.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-CloudStore%4Operational.evtx
7/5/2024 4:17 AM 69632 Microsoft-Windows-CodeIntegrity%4Operational.evtx
7/5/2024 4:17 AM 69632 Microsoft-Windows-Containers-Wcifs%4Operational.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-Crypto-DPAPI%4BackUpKeySvc.evtx
7/5/2024 4:24 AM 1052672 Microsoft-Windows-Crypto-DPAPI%4Operational.evtx
7/29/2024 6:42 PM 69632 Microsoft-Windows-DataIntegrityScan%4Admin.evtx
4/26/2019 6:14 PM 69632 Microsoft-Windows-DataIntegrityScan%4CrashRecovery.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Admin.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-DeviceSetupManager%4Admin.evtx
7/5/2024 4:16 AM 1052672 Microsoft-Windows-DeviceSetupManager%4Operational.evtx
8/30/2024 4:22 PM 1052672 Microsoft-Windows-Dhcp-Client%4Admin.evtx
6/25/2021 5:24 PM 69632 Microsoft-Windows-Dhcpv6-Client%4Admin.evtx
7/3/2021 6:24 AM 1052672 Microsoft-Windows-Diagnosis-DPS%4Operational.evtx
7/8/2024 4:35 AM 1052672 Microsoft-Windows-Diagnosis-PCW%4Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-Diagnosis-PLA%4Operational.evtx
7/7/2021 4:15 AM 1052672 Microsoft-Windows-Diagnosis-Scheduled%4Operational.evtx
3/14/2023 10:56 PM 1052672 Microsoft-Windows-Diagnosis-Scripted%4Admin.evtx
4/29/2023 2:49 PM 1052672 microsoft-windows-diagnosis-scripted%4operational.evtx
4/26/2019 5:33 PM 69632 Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx
6/26/2021 4:52 PM 69632 Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx
12/12/2019 5:04 PM 69632 Microsoft-Windows-FeatureConfiguration%4Operational.evtx
4/26/2019 6:14 PM 69632 Microsoft-Windows-FileServices-ServerManager-EventProvider%4Admin.evtx
12/29/2020 2:26 PM 69632 Microsoft-Windows-FileServices-ServerManager-EventProvider%4Operational.evtx
7/5/2024 4:17 AM 1118208 Microsoft-Windows-GroupPolicy%4Operational.evtx
7/3/2021 6:24 AM 69632 Microsoft-Windows-HelloForBusiness%4Operational.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Host-Network-Service-Admin.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Host-Network-Service-Operational.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-HostGuardianClient-Service%4Admin.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-HostGuardianClient-Service%4Operational.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-HostGuardianService-CA%4Admin.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-HostGuardianService-CA%4Operational.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-HostGuardianService-Client%4Admin.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-HostGuardianService-Client%4Operational.evtx
7/5/2024 4:18 AM 69632 Microsoft-Windows-Hyper-V-Compute-Admin.evtx
7/5/2024 4:18 AM 69632 Microsoft-Windows-Hyper-V-Compute-Operational.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Hyper-V-Config-Admin.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Hyper-V-Config-Operational.evtx
3/2/2021 1:39 PM 69632 microsoft-windows-hyper-v-guest-drivers%4admin.evtx
7/5/2024 4:17 AM 69632 Microsoft-Windows-Hyper-V-Hypervisor-Admin.evtx
3/2/2021 1:39 PM 69632 Microsoft-Windows-Hyper-V-Hypervisor-Operational.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Hyper-V-StorageVSP-Admin.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Hyper-V-VID-Admin.evtx
7/5/2024 4:18 AM 1052672 Microsoft-Windows-Hyper-V-VMMS-Admin.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Hyper-V-VMMS-Networking.evtx
3/12/2021 11:24 AM 69632 Microsoft-Windows-Hyper-V-VMMS-Operational.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Hyper-V-VMMS-Storage.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Hyper-V-VmSwitch-Operational.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Hyper-V-Worker-Admin.evtx
3/2/2021 12:55 PM 69632 Microsoft-Windows-Hyper-V-Worker-Operational.evtx
7/5/2024 4:14 AM 69632 Microsoft-Windows-IKE%4Operational.evtx
3/15/2021 10:18 AM 1052672 Microsoft-Windows-International%4Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-Kernel-Boot%4Operational.evtx
4/6/2022 11:44 AM 69632 Microsoft-Windows-Kernel-EventTracing%4Admin.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-Kernel-IO%4Operational.evtx
7/5/2024 4:11 AM 1052672 Microsoft-Windows-Kernel-PnP%4Configuration.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx
7/5/2024 4:12 AM 69632 Microsoft-Windows-Kernel-ShimEngine%4Operational.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-Kernel-WHEA%4Errors.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-Kernel-WHEA%4Operational.evtx
7/5/2024 4:20 AM 1052672 Microsoft-Windows-Known Folders API Service.evtx
7/8/2024 4:17 AM 1052672 Microsoft-Windows-LanguagePackSetup%4Operational.evtx
7/5/2024 4:20 AM 1052672 Microsoft-Windows-LiveId%4Operational.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-MUI%4Admin.evtx
7/3/2021 5:58 AM 69632 Microsoft-Windows-MUI%4Operational.evtx
7/5/2024 4:17 AM 69632 Microsoft-Windows-NCSI%4Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-NetworkProfile%4Operational.evtx
8/29/2024 9:03 PM 1052672 Microsoft-Windows-NlaSvc%4Operational.evtx
7/5/2024 4:17 AM 33558528 Microsoft-Windows-Ntfs%4Operational.evtx
7/5/2024 4:17 AM 69632 Microsoft-Windows-Ntfs%4WHC.evtx
7/5/2024 4:17 AM 1118208 Microsoft-Windows-Partition%4Diagnostic.evtx
11/15/2018 3:18 PM 69632 Microsoft-Windows-PowerShell%4Admin.evtx
7/5/2024 4:19 AM 15732736 Microsoft-Windows-PowerShell%4Operational.evtx
7/5/2021 6:30 AM 69632 Microsoft-Windows-PrintService%4Admin.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-Program-Compatibility-Assistant%4CompatAfterUpgrade.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-PushNotification-Platform%4Admin.evtx
7/3/2021 6:24 AM 1052672 Microsoft-Windows-PushNotification-Platform%4Operational.evtx
11/15/2018 1:35 AM 69632 Microsoft-Windows-RemoteDesktopServices-RdpCoreTS%4Admin.evtx
11/28/2024 3:18 PM 1052672 Microsoft-Windows-RemoteDesktopServices-RdpCoreTS%4Operational.evtx
7/23/2021 2:06 PM 69632 Microsoft-Windows-RemoteDesktopServices-SessionServices%4Operational.evtx
7/5/2024 4:32 AM 1052672 Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx
7/9/2021 3:17 PM 69632 Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-RestartManager%4Operational.evtx
7/5/2024 4:02 AM 1052672 Microsoft-Windows-Security-Mitigations%4KernelMode.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-Security-Mitigations%4UserMode.evtx
11/15/2018 3:52 PM 69632 Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging%4Operational.evtx
7/5/2024 4:26 AM 69632 Microsoft-Windows-Security-SPP-UX-Notifications%4ActionCenter.evtx
7/5/2024 4:27 AM 1052672 Microsoft-Windows-ServerManager-DeploymentProvider%4Operational.evtx
7/6/2024 4:17 AM 1052672 Microsoft-Windows-ServerManager-MgmtProvider%4Operational.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-ServerManager-MultiMachine%4Admin.evtx
7/3/2021 6:24 AM 1052672 Microsoft-Windows-ServerManager-MultiMachine%4Operational.evtx
7/4/2021 6:00 AM 1052672 Microsoft-Windows-SettingSync%4Debug.evtx
12/29/2020 2:26 PM 69632 Microsoft-Windows-SettingSync%4Operational.evtx
11/15/2018 1:35 AM 69632 Microsoft-Windows-Shell-ConnectedAccountState%4ActionCenter.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-Shell-Core%4ActionCenter.evtx
7/5/2024 4:24 AM 1052672 Microsoft-Windows-Shell-Core%4AppDefaults.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-Shell-Core%4LogonTasksChannel.evtx
4/24/2023 4:42 PM 1052672 Microsoft-Windows-Shell-Core%4Operational.evtx
7/3/2021 6:24 AM 1052672 Microsoft-Windows-ShellCommon-StartLayoutPopulation%4Operational.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-SmbClient%4Audit.evtx
7/5/2024 4:17 AM 1118208 Microsoft-Windows-SmbClient%4Connectivity.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-SMBClient%4Operational.evtx
11/14/2018 11:15 PM 69632 Microsoft-Windows-SmbClient%4Security.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-SMBServer%4Audit.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-SMBServer%4Connectivity.evtx
7/5/2024 4:17 AM 1118208 Microsoft-Windows-SMBServer%4Operational.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-SMBServer%4Security.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-SMBWitnessClient%4Admin.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-SMBWitnessClient%4Informational.evtx
7/5/2024 4:22 AM 2166784 Microsoft-Windows-StateRepository%4Operational.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-StateRepository%4Restricted.evtx
7/5/2024 4:17 AM 6295552 Microsoft-Windows-Storage-ClassPnP%4Operational.evtx
11/15/2018 1:35 AM 69632 Microsoft-Windows-Storage-Storport%4Health.evtx
7/5/2024 4:17 AM 33558528 Microsoft-Windows-Storage-Storport%4Operational.evtx
7/5/2024 8:18 PM 1118208 Microsoft-Windows-StorageManagement%4Operational.evtx
12/21/2020 1:10 PM 69632 Microsoft-Windows-StorageManagement-PartUtil%4Operational.evtx
12/21/2020 1:10 PM 69632 Microsoft-Windows-StorageSpaces-Api%4Operational.evtx
12/12/2019 5:04 PM 69632 Microsoft-Windows-StorageSpaces-Driver%4Diagnostic.evtx
7/5/2024 4:17 AM 69632 Microsoft-Windows-StorageSpaces-Driver%4Operational.evtx
11/15/2018 1:35 AM 69632 Microsoft-Windows-StorageSpaces-ManagementAgent%4WHC.evtx
7/5/2024 4:20 AM 14749696 Microsoft-Windows-Store%4Operational.evtx
11/28/2024 11:26 AM 314576896 Microsoft-Windows-SystemDataArchiver%4Diagnostic.evtx
7/5/2024 4:32 PM 1052672 Microsoft-Windows-TaskScheduler%4Maintenance.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx
7/5/2021 11:39 AM 69632 Microsoft-Windows-TerminalServices-Printers%4Admin.evtx
12/29/2020 2:26 PM 69632 Microsoft-Windows-TerminalServices-Printers%4Operational.evtx
7/5/2024 5:53 PM 1052672 Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Admin.evtx
11/28/2024 6:55 AM 1052672 Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-Time-Service%4Operational.evtx
12/12/2019 7:13 PM 69632 Microsoft-Windows-TWinUI%4Operational.evtx
7/5/2024 4:32 PM 1052672 Microsoft-Windows-TZSync%4Operational.evtx
12/21/2020 1:08 PM 69632 Microsoft-Windows-TZUtil%4Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-UniversalTelemetryClient%4Operational.evtx
7/5/2024 4:17 AM 69632 Microsoft-Windows-User Device Registration%4Admin.evtx
7/5/2024 4:24 AM 1118208 Microsoft-Windows-User Profile Service%4Operational.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-UserPnp%4ActionCenter.evtx
7/5/2024 4:27 AM 69632 Microsoft-Windows-UserPnp%4DeviceInstall.evtx
12/12/2019 5:04 PM 69632 Microsoft-Windows-VDRVROOT%4Operational.evtx
3/12/2021 11:24 AM 69632 Microsoft-Windows-VHDMP-Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-VolumeSnapshot-Driver%4Operational.evtx
7/5/2024 4:14 AM 69632 Microsoft-Windows-VPN%4Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-Wcmsvc%4Operational.evtx
7/5/2024 4:17 AM 69632 Microsoft-Windows-WebAuthN%4Operational.evtx
7/5/2024 4:18 AM 1052672 Microsoft-Windows-WER-PayloadHealth%4Operational.evtx
7/5/2024 4:15 AM 69632 Microsoft-Windows-WFP%4Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-Win32k%4Operational.evtx
11/1/2024 5:02 AM 16781312 Microsoft-Windows-Windows Defender%4Operational.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-Windows Defender%4WHC.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx
7/5/2024 4:17 AM 69632 Microsoft-Windows-Windows Firewall With Advanced Security%4FirewallDiagnostics.evtx
7/5/2024 4:24 AM 1052672 Microsoft-Windows-WindowsUpdateClient%4Operational.evtx
11/14/2018 11:09 PM 69632 Microsoft-Windows-WinINet-Config%4ProxyConfigChanged.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-Winlogon%4Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-WinRM%4Operational.evtx
7/5/2024 4:17 AM 1052672 Microsoft-Windows-WMI-Activity%4Operational.evtx
11/15/2018 1:35 AM 69632 Parameters.evtx
11/28/2024 8:23 AM 20975616 Security.evtx
7/3/2021 5:58 AM 1052672 Setup.evtx
11/15/2018 1:35 AM 69632 State.evtx
11/28/2024 12:24 PM 20975616 System.evtx
7/5/2024 4:20 AM 15732736 Windows PowerShell.evtx