10 - Microsoft - Digging Deeper for best viewing this tab should be set at a size of 65%
return to main Windows Security Services Microsoft Message Analyzer (1094 message types)
Major Server Based Security Applications MicroSoft Console (*.MSC) "Snap-In" Tools * Present on:        Windows Server 2008 Windows Server 2012 Event Tracing for Windows (ETW) [back to home this page] Category
Group Policy Administrator (GPO) *.msc files e.g from admin cmd box, enter adfs.msc  Win7 Win10 2008/12/16 Server   MSC file name MMC name NAME ID Windows & Addl Security Services (100 services) Identity Authentication Encryption A/V Anti Malware Scanning Perimeter Host Access Mgmt 3rd Party Updates Cross & General
Active Directory (AD) adfs.msc AD Federation Services (FS) N N Y 1 adfs.msc Active Directory Federation Services (AD FS) +   1 AAD 4de9bc9c-b27a-43c9-8994-0915f1a5e24f Name Status   Startup Type Log On As Description
AD Federation Services (FS) adrmadmin AD Rights Management N N Y 2 AdRmsAdmin.msc Active Directory Rights Management Services + + 2 ACL-UI ea4cc8b8-a150-47a3-afb9-c8d194b19452 1 Application Identity   Manual (Trigger Start) Local Service X X                 Determines and verifies the identity of an application. Disabling this service will prevent AppLocker from being enforced.  
Lightweight Directory Services (LDS) adsiedit AD Service Interfaces Edit N N Y 3 adsiedit.msc ADSI edit + + 3 ACPI Driver Trace Provider dab01d4d-2d48-477d-b1c3-daad0ce6f06b 2 Certificate Propagation Running Automatic (Trigger Start) Local System               X     Copies user certificates and root certificates from smart cards into the current user's certificate store, detects when a smart card is inserted into a smart card reader, and, if needed, installs the smart card Plug and Play minidriver.  
Domain Name Service DNS dsa AD Users and Computers N N Y 4 azman.msc Authorization Manager + + 4 ActionQueue 0dd4d48e-2bbf-452f-a7ec-ba3dba8407ae 3 CNG Key Isolation Running Manual (Trigger Start) Local System     X               The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements.  
Dynamic Host Configuration Protocol DHCP dssite AD Sites and Services N N Y 5 certlm.msc Certificates (Local Computer)   + 5 Active Directory Domain Services: SAM 8e598056-8993-11d2-819e-0000f875a064 4 Cryptographic Services Running Automatic Network Service     X               Provides three management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.  
Systems Center Operations Manager dhcpmgmt DHCP N N Y 6 certmgr.msc Certificates (Current User) + + 6 Active Directory: Kerberos Client bba3add2-c229-4cdb-ae2b-57eb6966b0c4 5 Encrypting File System (EFS)   Manual (Trigger Start) Local System     X               Provides the core file encryption technology used to store encrypted files on NTFS file system volumes. If this service is stopped or disabled, applications will be unable to access encrypted files.  
Internet Information Server dnsmgmt DNS N N Y 7 certsrv.msc Certification Authority + + 7 Active Directory: NetLogon f33959b4-dbec-11d2-895b-00c04f79ab69 6 Extensible Authentication Protocol   Manual Local System   X                 The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP).  EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication process.  If you disable this service, this computer is prevented from accessing networks that require EAP authentication.  
Microsoft Server 2003, 2008, 2012, 2016 azman Windows Authorization Manager   Y Y 8 certtmpl.msc Certificate Templates + + 8 ADODB.1 04c8a86f-3369-12f8-4769-24e484a9e725 7 Group Policy Client   Automatic (Trigger Start) Local System                   X The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is disabled, the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is disabled.  
Powershell certlm Certificate Manager Local Machine   Y Y 9 CIADV.MSC Indexing Service +   9 ADOMD.1 7ea56435-3f2f-3f63-a829-f0b35b5cad41 8 IKE and AuthIP IPsec Keying Modules Running Automatic (Trigger Start) Local System     X               The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running.  
Windows Logs certmgr Certificate Manager   Y Y 10 CluAdmin.msc Failover Cluster Manager + + 10 ADSI 7288c9f8-d63c-4932-a345-89d6b060174d 9 IPsec Policy Agent Running Manual (Trigger Start) Network Service   X X               Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection.  This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec".  If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec.  Also,remote management of Windows Defender Firewall is not available when this service is stopped.  
Microsoft Message Analyzer comexp Component Services   Y Y 11 comexp.msc Component Services + + 11 AIT 6addabf4-8c54-4eab-bf4f-fbef61b62eb0 10 Malwarebytes Service Running Automatic Local System         X           Malwarebytes Service  
MSI Telemetry - windows installs compmgmt Computer Management   Y Y 12 compmgmt.msc Computer Management + + 12 AllJoyn 2ed299d2-2f6b-411d-8d15-f4cc6fde0c70 11 McAfee Security Scan Component Host Service   Manual Local System           X         McAfee Security Scan Component Host Service  
devmgmt Device Manager   Y Y 13 da6to4.msc Performance Monitor (Network Interfaces) +   13 All-User-Install-Agent d2e990da-8504-4702-a5e5-367fc2f823bf 12 McAfee Vpn Service   Manual Local System   X X               Virtual Private Network Authentication & Encryption  
WMIC Modules diskmgt Disk Manager   Y Y 14 daiphttps.msc Performance Monitor (HTTPS traffic) +   14 AppHost 98e0765d-8c42-44a3-a57b-760d7f93225a 13 Microsoft Passport Running Manual (Trigger Start) Local System   X X               Provides process isolation for cryptographic keys used to authenticate to a user’s associated identity providers. If this service is disabled, all uses and management of these keys will not be available, which includes machine logon and single-sign on for apps and websites. This service starts and stops automatically. It is recommended that you do not reconfigure this service.  
Windows Management Instrumentation Console* eventvwr Event Viewer   Y Y 15 daipsecdos.msc Performance Monitor (IPsec) +   15 AppID 3cb2a168-fe19-4a4e-bdad-dcf422f13473 14 Microsoft Passport Container Running Manual (Trigger Start) Local Service     X               Manages local user identity keys used to authenticate user to identity providers as well as TPM virtual smart cards. If this service is disabled, local user identity keys and TPM virtual smart cards will not be accessible. It is recommended that you do not reconfigure this service.  
A capability for command line queries for over 80 different services such as Memory Chip info, Login Information, Management of Protocols, Network Adapters, BIOS, Installed OS, Remote Desktops, Voltage Sensor, and Shares. Has recently been degradated with access superceded by Powershell Commandlets gpedit Group Policy Editor   Y Y 16 daisatap.msc Performance Monitor (ISATAP) +   16 AppIDServiceTrigger d02a9c27-79b8-40d6-9b97-cf3f8b7b5d60 15 Secondary Logon   Manual Local System   X                 Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.  
iis Internet Information Server   Y Y 17 DAMgmt.msc DirectAccess +   17 ApplicabilityEngine 10a208dd-a372-421c-9d99-4fad6db68b62 16 Secure Socket Tunneling Protocol Service Running Manual Local Service     X               Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN. If this service is disabled, users will not be able to use SSTP to access remote servers.  
lusmgr Local Users & Groups     Y 18 datrds.msc Performance Monitor (Teredo Server) + + 18 Application Popup 47bfa2b7-bd54-4fac-b70b-29021084ca8f 17 Security Accounts Manager Running Automatic Local System   X                 The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests.  Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly. This service should not be disabled.  
napclcfg Network Access Protection Client Configuration     Y 19 devmgmt.msc Device Manager + + 19 Application Server-Applications c651f5f6-1c0d-492e-8ae1-b4efd7c9d503 18 Security Center Running Automatic (Delayed Start) Local Service                   X The WSCSVC (Windows Security Center) service monitors and reports security health settings on the computer.  The health settings include firewall (on/off), antivirus (on/off/out of date), antispyware (on/off/out of date), Windows Update (automatically/manually download and install updates), User Account Control (on/off), and Internet settings (recommended/not recommended). The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center service.  The Security and Maintenance UI uses the service to provide systray alerts and a graphical view of the security health states in the Security and Maintenance control panel.  Network Access Protection (NAP) uses the service to report the security health states of clients to the NAP Network Policy Server to make network quarantine decisions.  The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of   
perfmon Performance Monitor     Y 20 dfsmgmt.msc DFS Management + + 20 Application-Addon-Event-Provider a83fa99f-c356-4ded-9fd6-5a5eb8546d68 19 Smart Card   Manual (Trigger Start) Local Service   X                 Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.  
printmanagement Print Management     Y 21 dhcpmgmt.msc DHCP + + 21 Application-Experience eef54e71-0661-422d-9a98-82fd4940b820 20 Smart Card Device Enumeration Service   Manual (Trigger Start) Local System   X                 Creates software device nodes for all smart card readers accessible to a given session. If this service is disabled, WinRT APIs will not be able to enumerate smart card readers.  
Windows Security & Other Services rsop Resultant Set of Policy   Y Y 22 diskmgmt.msc Disk Management + + 22 ApplicationExperience-Cache 6d8a3a60-40af-445a-98ca-99359e500146 21 Smart Card Removal Policy   Manual Local System   X                 Allows the system to be configured to lock the user desktop upon smart card removal.  
c:\windows\notepad.exe secpol Security Policy (local)   Y Y 23 dnsmgmt.msc DNS Manager + + 23 ApplicationExperienceInfrastructure 5ec13d8e-4b3f-422e-a7e7-3121a1d90c7a 22 Software Protection   Automatic (Delayed Start, Trigger Start) Network Service               X     Enables the download, installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled, the operating system and licensed applications may run in a notification mode. It is strongly recommended that you not disable the Software Protection service.  
services Service Enable/Disable   Y Y 24 domain.msc Active Directory Domains and Trusts + + 24 ApplicationExperience-LookupServiceTrigger 18f4a5fd-fd3b-40a5-8fc2-e5d261c5d02e 23 Tenable Nessus   Manual Local System           X         Tenable Nessus Network Security Scanner  
fsmgmt Shared Folders   Y Y 25 dsa.msc Active Directory Users and Computers + + 25 ApplicationExperience-SwitchBack 17d6e590-f5fe-11dc-95ff-0800200c9a66 24 Windows 10 Update Facilitation Service Running Automatic Local System                 X   A lightweight service for update facilitation in Windows 10.  
taskschd Task Scheduler   Y Y 26 dssite.msc Active Directory Sites and Cervices + + 26 ApplicationResourceManagementSystem 770ca594-b467-4811-b355-28f5e5706987 25 Windows Defender Advanced Threat Protection Service   Manual Local System             X       Windows Defender Advanced Threat Protection service helps protect against advanced threats by monitoring and reporting security events that happen on the computer.  
tpm Trusted Platform Module   Y Y 27 eventvwr.msc Event Viewer + + 27 AppLocker cbda4dbf-8d5d-4f69-9578-be14aa540d22 26 Windows Biometric Service   Manual (Trigger Start) Local System   X                 The Windows biometric service gives client applications the ability to capture, compare, manipulate, and store biometric data without gaining direct access to any biometric hardware or samples. The service is hosted in a privileged SVCHOST process.  
virtmgmt Hyper-V Manager     Y 28 FailoverClusters.SnapInHelper.msc Failover Cluster Manager + + 28 AppModel-Exec eb65a492-86c0-406a-bace-9912d595bd69 27 Windows Defender Antivirus Network Inspection Service Running Manual Network Service       X             Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols  
wf Windows Firewall   Y Y 29 fsmgmt.msc Shared Folders + + 29 AppModel-MessagingDataModel 1e2462be-b025-48da-8c1f-7b60b8ccae53 28 Windows Defender Antivirus Service Running Automatic Local System       X             Helps protect users from malware and other potentially unwanted software  
wmimgmt Windows Management Instrumentation   Y Y 30 fsrm.msc File Server Resource Manager + + 30 AppModel-Runtime f1ef270a-0d32-4352-ba52-dbab41e1d859 29 Windows Defender Firewall Running Automatic Local Service             X       Windows Defender Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network.  
mmc Microsoft Management Console   Y Y 31 fxsadmin.msc Microsoft Fax Service Manager + + 31 AppModel-State bff15e13-81bf-45ee-8b16-7cfead00da86 30 Windows Defender Security Center Service Running Automatic Local System             X       Windows Defender Security Center Service handles unified device protection and health information  
32 gpedit.msc Local Group Policy Editor + + 32 AppReadiness f0be35f8-237b-4814-86b5-ade51192e503 31 Windows Encryption Provider Host Service   Manual (Trigger Start) Local Service     X               Windows Encryption Provider Host Service brokers encryption related functionalities from 3rd Party Encryption Providers to processes that need to evaluate and apply EAS policies. Stopping this will compromise EAS compliancy checks that have been established by the connected Mail Accounts  
33 gpmc.msc Group Policy Managerment + + 33 AppSruProv 0cc157b3-cf07-4fc2-91ee-31ac92e05fe1 32 Windows Remediation Service Running Automatic (Delayed Start) Local System                 X   Remediates Windows Update Components  
34 gpme.msc Group Policy Managerment Editor + + 34 AppXDeployment 8127f6d4-59f9-4abf-8952-3e3a02073d5f 33 Windows Update Running Manual (Trigger Start) Local System                 X   Enables the detection, download, and installation of updates for Windows and other programs. If this service is disabled, users of this computer will not be able to use Windows Update or its automatic updating feature, and programs will not be able to use the Windows Update Agent (WUA) API.  
35 gptedit.msc Group Policy Starter GPO Editor +   35 AppXDeployment-Server 3f471139-acb7-4a01-b7a7-ff5da4ba2d43 34 HVCI Mode –Hypervisor Code Integrity In Windows 10  Identity Authentication Encryption  A/V Anti Malware Scanning Perimeter Host Access Mgmt 3rd Party Updates Cross & General
36 gptedit.msc Local Group Policy Editor   + 36 AppxPackagingOM ba723d81-0d0c-4f1e-80c8-54740f508ddf 35 DEP – Data Execution Prevention 
* Accessible msc in Win10 located in C:\Windows\SysWOW64\ or C:\Windows\System32\ 37 HCSCFG.MSC Health Registration Authority + + 37 ASN1 d92ef8ac-99dd-4ab8-b91d-c6eba85f3755 36 SEHOP - Structured Exception Handler Overwrite Protection
38 idmumgmt.msc Microsoft Identity Management for UNIX + + 38 AssignedAccess 8530db6e-51c0-43d6-9d02-a8c2088526cd 37 ASLR -  Address Space Location Randomization
39 iis.msc Internet Information Services (IIS) Manager + + 39 AssignedAccessBroker f2311b48-32be-4902-a22a-7240371dbb2c 38 Null Page Allocation  
40 iis6.msc Internet Information Services (IIS) 6.0 Manager + + 40 AsynchronousCausality 19a4c69a-28eb-4d4b-8d94-5f19055a1b5c 39 Heapspray Allocation
41 lsdiag.msc RD Licensing Diagnoser   + 41 ATA Port Driver Tracing Provider d08bd885-501e-489a-bac6-b7d24bfe6bbf 40 Export Address Table Access Filtering (EAF)
42 lusrmgr.msc Local Users and Groups + + 42 ATAPort cb587ad1-cc35-4ef1-ad93-36cc82a2d319 41 Export Address Table Access Filtering Plus (EAF+)
43 Microsoft.IdentityServer.msc AD FS   + 43 Audio ae4bd3be-f36f-45b6-8d21-bdd6fb832853 42 Bottom-up Randomization (BottomUP ASLR) 
44 NAPCLCFG.MSC NAP Client Configuration + + 44 Audit 75ebc33e-0936-4a55-9d26-5f298f3180bf 43 Attack Surface Reduction (ASR) – malware controls blocking Office-, script-, and email-based threats”
45 nfsmgmt.msc Services for Network File System + + 45 Audit-CVE 85a62a0d-7e17-485f-9d4f-749a287193a6 44 Blocking Untrusted Fonts
46 nps.msc Network Policy Server + + 46 AuthenticationProvider dddc1d91-51a1-4a8d-95b5-350c4ee3d809 45 Return-Oriented Programming mitigations
47 ocsp.msc Online Responder + + 47 AuthFw NetShell Plugin 935f4ae6-845d-41c6-97fa-380dad429b72 46 Windows Authorization Manager
48 perfmon.msc Performance Monitor + + 48 AxInstallService dab3b18c-3c0f-43e8-80b1-e44bc0dad901 47 Certificate Manager Local Machine
49 pkiview.msc Enterprise PKI + + 49 BackgroundTransfer-ContentPrefetcher 648a0644-7d62-4fd3-8841-440064762f95 48 Certificate Manager
50 printmanagement.msc Print Management + + 50 Backup 1db28f2e-8f80-4027-8c5a-a11f7f10f62d 49 Microsoft Message Analyzer
51 remoteprograms.msc RemoteApp Manager (Local) +   51 Base-Filtering-Engine-Connections 121d3da8-baf1-4dcb-929f-2d4c9a47f7ab 50 Network Policy Server
52 rrasmgmt.msc Routing and Remote Access + + 52 Base-Filtering-Engine-Resource-Flows 92765247-03a9-4ae3-a575-b42264616e78 51 Local Group Policy Editor
53 rsop.msc Resultant Set of Policy + + 53 Battery 59819d0a-adaf-46b2-8d7c-990bc39c7c15 52 Group Policy Managerment
54 SanMmc.msc Storage Manager for SANs (Local) +   54 BCP.1 24722b88-df97-4ff6-e395-db533ac42a1e 53 Group Policy Managerment Editor
55 sbmgr.msc Remote Desktop Connection Manager +   55 BFE Trace Provider 106b464a-8043-46b1-8cb8-e92a0cd7a560 54 Group Policy Starter GPO Editor
56 ScanManagement.msc Scan Management + + 56 BfeTriggerProvider 54732ee5-61ca-4727-9da1-10be5a4f773d 55 Local Group Policy Editor
57 secpol.msc Local Security Policy + + 57 Biometrics a0e3d8ea-c34f-4419-a1db-90435b8b21d0 56 Performance Monitor (Network Interfaces)
58 ServerManager.msc Server Manager +   58 BitLocker-API 5d674230-ca9f-11da-a94d-0800200c9a66 57 Performance Monitor (HTTPS traffic)
59 services.msc Services + + 59 BitLocker-DrivePreparationTool 632f767e-0ec3-47b9-ba1c-a0e62a74728a 58 Performance Monitor (IPsec)
60 storagemgmt.msc Share and Storage Management + + 60 BitLocker-Driver 651df93b-5053-4d1e-94c5-f6e6d25908d0 59 Performance Monitor (ISATAP)
61 storexpl.msc Storage Explorer +   61 BitLocker-Driver-Performance 1de130e1-c026-4cbf-ba0f-ab608e40aeea 60 BitLocker-API
62 tapimgmt.msc Telephony + + 62 BITS Service Trace 4a8aaa94-cfc4-46a7-8e4e-17bc45608f0a 61 CorruptedFileRecovery-Client
63 taskschd.msc Task Scheduler + + 63 Bits-Client ef1cc15b-46c1-414e-bb95-e76b077bd51e 62 CorruptedFileRecovery-Server
64 tpm.msc Trusted Platform Module (TPM) Management + + 64 Bluetooth-BthLEEnum eb492407-201e-4281-8531-cdfb141ca69f 63 Crypto-BCrypt
65 tsadmin.msc Remote Desktop Services Manager +   65 Bluetooth-BthLEPrepairing 4af188ac-e9c4-4c11-b07b-1fabc07dfeb2 64 Crypto-CNG
66 tsconfig.msc Remote Desktop Session Host Configuration +   66 Bluetooth-MTPEnum 04268430-d489-424d-b914-0cff741d6684 65 Crypto-DPAPI
67 tsgateway.msc RD Gateway Manager + + 67 Bluetooth-Policy 0602ecef-6381-4bc0-aeda-eb9bb919b276 66 Crypto-DSSEnh
68 tsmmc.msc Remote Desktops +   68 BootUX 67d781bd-cbd2-4bd2-ad1f-6152fb891246 67 Crypto-NCrypt
69 virtmgmt.msc Hyper-V Manager + + 69 BranchCache 7eafcf79-06a7-460b-8a55-bd0a0c9248aa 68 Crypto-RNG
70 wbadmin.msc Windows Server Backup + + 70 BranchCacheClientEventProvider e837619c-a2a8-4689-833f-47b48ebd2442 69 Crypto-RSAEnh
71 WdsMgmt.msc Windows Deployment Services + + 71 BranchCacheEventProvider dd85457f-4e2d-44a5-a7a7-6253362e34dc 70 Downlevel IPsec API
72 WF.msc Windows Firewall with Advanced Security + + 72 BranchCacheMonitoring a2f55524-8ebc-45fd-88e4-a1b39f169e08 71 Microsoft-Antimalware-AMFilter
73 winsmgmt.msc WINS + + 73 BranchCacheSMB 4a933674-fb3d-4e8d-b01d-17ee14e91a3e 72 Security: Kerberos Authentication
74 wlbadmin.msc Windows Server Backup   + 74 BrokerInfrastructure e6835967-e0d2-41fb-bcec-58387404e25a 73 Security: NTLM Authentication
75 WmiMgmt.msc WMI Management + + 75 BTH-BTHPORT 8a1f9517-3a8c-4a9e-a018-4f17a200f277 74 Security: SChannel
76 WSRM.msc Windows System Resource Manager + + 76 BTH-BTHUSB 33693e1d-246a-471b-83be-3e75f47a832d 75 Security: TSPkg
77 wsus.msc Update Services   + 77 Build-RegDll d39b6336-cfcb-483b-8c76-7c3e7d02bcb8 76 Security: WDigest
Windows Logs - contained in c:\windows\system32\winevt 78 CAPI2 5bbca4a8-b209-48dc-a8c7-b23d3e5216fb 77 Security-Adminless
09/21/2022  08:59 PM             4,096 AirSpaceChannel.etl 79 CDROM 9b6123dc-9af6-4430-80d7-7d36f054fb9f 78 Security-Audit-Configuration-Client
08/03/2022  08:34 PM            69,632 AMSI%4Operational.evtx 80 Certificate Services Client CredentialRoaming Trace ef4109dc-68fc-45af-b329-ca2825437209 79 Security-Auditing
09/22/2022  07:48 AM        20,975,616 Application.evtx 81 Certificate Services Client Trace f01b7774-7ed7-401e-8088-b576793d7841 80 Security-EnterpriseData-FileRevocationManager
09/21/2022  08:59 PM             4,096 DebugChannel.etl 82 CertificateServicesClient 73370bd6-85e5-430b-b60a-fea1285808a7 81 Security-ExchangeActiveSyncProvisioning
08/04/2022  05:13 PM            69,632 ForwardedEvents.evtx 83 CertificateServicesClient-AutoEnrollment f0db7ef8-b6f3-4005-9937-feb77b9e1b43 82 Security-IdentityListener
04/13/2021  09:20 AM            69,632 HardwareEvents.evtx 84 CertificateServicesClient-CertEnroll 54164045-7c50-4905-963f-e5bc1eef0cca 83 Security-IdentityStore
04/13/2021  09:20 AM            69,632 Hewlett-Packard.evtx 85 CertificateServicesClient-CredentialRoaming 89a2278b-c662-4aff-a06c-46ad3f220bca 84 Security-Kerberos
04/13/2021  09:20 AM            69,632 HP HotKey Support.evtx 86 CertificateServicesClient-Lifecycle-System bc0669e1-a10d-4a78-834e-1ca3c806c93b 85 Security-LessPrivilegedAppContainer
04/13/2021  09:20 AM            69,632 Internet Explorer.evtx 87 CertificateServicesClient-Lifecycle-User bea18b89-126f-4155-9ee4-d36038b02680 86 Security-Mitigations
04/13/2021  09:20 AM            69,632 isaAgentLog.evtx 88 CertificationAuthorityClient-CertCli 98bf1cd3-583e-4926-95ee-a61bf3f46470 87 SecurityMitigationsBroker
04/13/2021  09:20 AM            69,632 Key Management Service.evtx 89 CertPolEng af9cc194-e9a8-42bd-b0d1-834e9cfab799 88 Security-Netlogon
08/03/2022  08:34 PM            69,632 Microsoft-AppV-Client%4Admin.evtx 90 Circular Kernel Session Provider 54dea73a-ed1f-42a4-af71-3e63d056f174 89 Security-SPP
08/03/2022  08:34 PM            69,632 Microsoft-AppV-Client%4Operational.evtx 91 Classpnp Driver Tracing Provider fa8de7c4-acde-4443-9994-c4e2359a9edb 90 Security-SPP-UX
08/03/2022  08:34 PM            69,632 Microsoft-AppV-Client%4Virtual Applications.evtx 92 ClearTypeTextTuner 0a88862d-20a3-4c1f-b76f-162c55adbf93 91 Security-SPP-UX-GC
08/10/2022  10:34 PM            69,632 Microsoft-Client-License-Flexible-Platform%4Admin.evtx 93 CloudStorageWizard 9fc66dd7-98c7-4b83-8293-46a18439b03b 92 Security-SPP-UX-GenuineCenter-Logging
09/21/2022  09:04 PM         1,052,672 Microsoft-Client-Licensing-Platform%4Admin.evtx 94 CloudStore 741bb90c-a7a3-49d6-bd82-1e6b858403f7 93 Security-SPP-UX-Notifications
09/21/2022  08:59 PM             4,096 Microsoft-Pef-WebProxy%4Analytic.etl 95 CmiSetup 75ebc33e-0cc6-49da-8cd9-8903a5222aa0 94 Security-UserConsentVerifier
08/03/2022  08:34 PM            69,632 Microsoft-User Experience Virtualization-Agent Driver%4Operational.evtx 96 CodeIntegrity 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 95 Security-Vault
08/03/2022  08:34 PM            69,632 Microsoft-User Experience Virtualization-App Agent%4Operational.evtx 97 COM d4263c98-310c-4d97-ba39-b55354f08584 96 Windows Information Protection
08/03/2022  08:34 PM            69,632 Microsoft-User Experience Virtualization-IPC%4Operational.evtx 98 ComDlg32 7f912b92-21ad-496e-b97a-88622a72bc42 97 Code Integrity /Secure Boot
08/03/2022  08:34 PM            69,632 Microsoft-User Experience Virtualization-SQM Uploader%4Operational.evtx 99 Compat-Appraiser 442c11c5-304b-45a4-ae73-dc2194c4e876 98 Windows Update
09/13/2021  05:04 PM            69,632 Microsoft-Windows-AAD%4Operational.evtx 100 COM-Perf b8d6861b-d20f-4eec-bbae-87e0dd80602b 99 Windows Defender Device Guard
08/03/2022  08:34 PM            69,632 Microsoft-Windows-All-User-Install-Agent%4Admin.evtx 101 Complus 0f177893-4a9c-4709-b921-f432d67f43d5 100 Windows Defender Credential Guard
09/21/2022  08:59 PM            69,632 Microsoft-Windows-AllJoyn%4Operational.evtx 102 COM-RundownInstrumentation 2957313d-fcaa-5d4a-2f69-32ce5f0ac44e 101 Active Directory Explorer AdExplorer - part of Sysinternals Suite
03/06/2022  10:07 AM            69,632 Microsoft-Windows-AppHost%4Admin.evtx 103 COMRuntime bf406804-6afa-46e7-8a48-6c357e1d6d61
08/03/2022  08:34 PM            69,632 Microsoft-Windows-AppID%4Operational.evtx 104 Containers-BindFlt fc4e8f51-7a04-4bab-8b91-6321416f72ab
08/03/2022  08:34 PM            69,632 Microsoft-Windows-ApplicabilityEngine%4Operational.evtx 105 Containers-Wcifs aec5c129-7c10-407d-be97-91a042c61aaa
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Application Server-Applications%4Admin.evtx 106 Containers-Wcnfs b99317e5-89b7-4c0d-abd1-6e705f7912dc
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Application Server-Applications%4Operational.evtx 107 CoreSystem-InitMachineConfig 0b886108-1899-4d3a-9c0d-42d8fc4b9108
09/21/2022  08:48 PM         1,052,672 Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx 108 CoreSystem-NetProvision-JoinProviderOnline 3629dd4d-d6f1-4302-a623-0768b51501c7
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Application-Experience%4Program-Compatibility-Troubleshooter.evtx 109 CoreSystem-SmsRouter a9c11050-9e93-4fa4-8fe0-7c4750a345b2
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Application-Experience%4Program-Inventory.evtx 110 CoreWindow a3d95055-34cc-4e4a-b99f-ec88f5370495
09/22/2022  07:46 AM         1,052,672 Microsoft-Windows-Application-Experience%4Program-Telemetry.evtx 111 CorruptedFileRecovery-Client ba093605-3909-4345-990b-26b746adee0a
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Application-Experience%4Steps-Recorder.evtx 112 CorruptedFileRecovery-Server d6f68875-cdf5-43a5-a3e3-53ffd683311c
08/03/2022  08:34 PM            69,632 Microsoft-Windows-ApplicationResourceManagementSystem%4Operational.evtx 113 Crashdump ecdaacfa-6fe9-477c-b5f0-85b76f8f50aa
08/03/2022  08:34 PM            69,632 Microsoft-Windows-AppLocker%4EXE and DLL.evtx 114 CredUI 5a24fcdb-1cf3-477b-b422-ef4909d51223
08/03/2022  08:34 PM            69,632 Microsoft-Windows-AppLocker%4MSI and Script.evtx 115 Critical Section Trace Provider 3ac66736-cc59-4cff-8115-8df50e39816b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-AppLocker%4Packaged app-Deployment.evtx 116 Crypto-BCrypt c7e089ac-ba2a-11e0-9af7-68384824019b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-AppLocker%4Packaged app-Execution.evtx 117 Crypto-CNG e3e0e2f0-c9c5-11e0-8ab9-9ebc4824019b
09/22/2022  08:45 AM         1,052,672 Microsoft-Windows-AppModel-Runtime%4Admin.evtx 118 Crypto-DPAPI 89fe8f40-cdce-464e-8217-15ef97d4c7c3
09/22/2022  07:51 AM         2,166,784 Microsoft-Windows-AppReadiness%4Admin.evtx 119 Crypto-DSSEnh 43dad447-735f-4829-a6ff-9829a87419ff
09/22/2022  07:51 AM         1,118,208 Microsoft-Windows-AppReadiness%4Operational.evtx 120 Crypto-NCrypt e8ed09dc-100c-45e2-9fc8-b53399ec1f70
09/22/2022  07:46 AM         1,052,672 Microsoft-Windows-AppXDeployment%4Operational.evtx 121 Crypto-RNG 54d5ac20-e14f-4fda-92da-ebf7556ff176
09/22/2022  07:46 AM         5,246,976 Microsoft-Windows-AppXDeploymentServer%4Operational.evtx 122 Crypto-RSAEnh 152fdb2b-6e9d-4b60-b317-815d5f174c4a
04/13/2021  09:20 AM            69,632 Microsoft-Windows-AppXDeploymentServer%4Restricted.evtx 123 D3D10Level9 7e7d3382-023c-43cb-95d2-6f0ca6d70381
09/21/2022  08:59 PM         1,052,672 Microsoft-Windows-AppxPackaging%4Operational.evtx 124 D3D9 783aca0a-790e-4d7f-8451-aa850511c6b9
08/03/2022  08:34 PM            69,632 Microsoft-Windows-AssignedAccess%4Admin.evtx 125 DAL-Provider 7e87506f-bace-4bf1-bc09-3a1f37045c71
08/03/2022  08:34 PM            69,632 Microsoft-Windows-AssignedAccessBroker%4Admin.evtx 126 DataIntegrityScan 13bc4371-4e21-4e46-a84f-8c0ffb548ced
04/13/2021  09:20 AM            69,632 Microsoft-Windows-Audio%4CaptureMonitor.evtx 127 Data-Pdf b97561fe-b27a-4c48-aa3e-7d3addc105b1
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Audio%4Operational.evtx 128 DateTimeControlPanel 741fc222-44ed-4ba7-98e3-f405b2d2c4b4
09/18/2022  07:58 AM         1,052,672 Microsoft-Windows-Audio%4PlaybackManager.evtx 129 DBNETLIB.1 bd568f20-fccd-b948-054e-db3421115d61
09/22/2022  07:51 AM            69,632 Microsoft-Windows-Authentication User Interface%4Operational.evtx 130 DCLocator cfaa5446-c6c4-4f5c-866f-31c9b55b962d
09/21/2022  08:59 PM         1,052,672 Microsoft-Windows-BackgroundTaskInfrastructure%4Operational.evtx 131 DDisplay 75051c9d-2833-4a29-8923-046db7a432ca
04/20/2021  10:13 PM            69,632 Microsoft-Windows-Backup.evtx 132 Deduplication f9fe3908-44b8-48d9-9a32-5a763ff5ed79
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Biometrics%4Operational.evtx 133 Deduplication Tracing Provider 5ebb59d1-4739-4e45-872d-b8703956d84b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-BitLocker%4BitLocker Management.evtx 134 Deduplication-Change 1d5e499d-739c-45a6-a3e1-8cbe0a352beb
08/03/2022  08:34 PM            69,632 Microsoft-Windows-BitLocker-DrivePreparationTool%4Admin.evtx 135 Defrag-Core e3257c8c-c7cb-444f-9da0-5d92a2625289
08/03/2022  08:34 PM            69,632 Microsoft-Windows-BitLocker-DrivePreparationTool%4Operational.evtx 136 DeliveryOptimization f8ad09ba-419c-5134-1750-270f4d0fb889
09/22/2022  07:45 AM         1,052,672 Microsoft-Windows-Bits-Client%4Operational.evtx 137 Deplorch b9da9fe6-ae5f-4f3e-b2fa-8e623c11dc75
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Bluetooth-BthLEEnum%4Operational.evtx 138 DesktopActivityModerator 32dd13df-9c0b-4c3b-b854-ee76c050f5f4
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Bluetooth-BthLEPrepairing%4Operational.evtx 139 DesktopWindowManager-Diag 31f60101-3703-48ea-8143-451f8de779d2
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Bluetooth-MTPEnum%4Operational.evtx 140 DeviceAssociationService 56c71c31-cfbd-4cdd-8559-505e042bbbe1
08/03/2022  08:34 PM            69,632 Microsoft-Windows-BranchCache%4Operational.evtx 141 DeviceConfidence 1d5990c1-ec62-49f0-9e37-1f4db12db41e
08/03/2022  08:34 PM            69,632 Microsoft-Windows-BranchCacheSMB%4Operational.evtx 142 DeviceGuard f717d024-f5b4-4f03-9ab9-331b2dc38ffb
08/03/2022  08:34 PM            69,632 Microsoft-Windows-CertificateServicesClient-Lifecycle-System%4Operational.evtx 143 DeviceManagement-Enterprise-Diagnostics-Provider 3da494e4-0fe2-415c-b895-fb5265c5c83b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-CertificateServicesClient-Lifecycle-User%4Operational.evtx 144 DeviceManagement-Pushrouter f1201b5a-e170-42b6-8d20-b57ac57e6416
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Cleanmgr%4Diagnostic.evtx 145 Devices-Background 64ef2b1c-4ae1-4e64-8599-1636e441ec88
08/03/2022  08:34 PM            69,632 Microsoft-Windows-CloudStorageWizard%4Operational.evtx 146 DeviceSetupManager fcbb06bb-6a2a-46e3-abaa-246cb4e508b2
09/22/2022  07:45 AM         1,052,672 Microsoft-Windows-CloudStore%4Operational.evtx 147 DeviceSync 09ec9687-d7ad-40ca-9c5e-78a04a5ae993
09/22/2022  07:45 AM         1,052,672 Microsoft-Windows-CodeIntegrity%4Operational.evtx 148 DeviceUpdateAgent e8f9af91-afbe-5a03-dfec-5d591686326c
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Compat-Appraiser%4Operational.evtx 149 DeviceUx ded165cf-485d-4770-a3e7-9c5f0320e80c
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Containers-BindFlt%4Operational.evtx 150 DevMgmt-UefiCsp 739d66d8-76c4-4004-873f-169ae5c6eaca
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Containers-Wcifs%4Operational.evtx 151 DfsSvc 7da4fe0e-fd42-4708-9aa5-89b77a224885
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Containers-Wcnfs%4Operational.evtx 152 Dhcp-Client 15a7a4f8-0072-4eab-abad-f98a4d666aed
08/03/2022  08:34 PM            69,632 Microsoft-Windows-CoreApplication%4Operational.evtx 153 DHCPv6-Client 6a1f2b00-6a90-4c38-95a5-5cab3b056778
09/22/2022  08:05 AM         1,052,672 Microsoft-Windows-CoreSystem-SmsRouter-Events%4Operational.evtx 154 DiagCpl 1a396961-5f3c-4c71-8310-44c653c0bf8a
08/03/2022  08:34 PM            69,632 Microsoft-Windows-CorruptedFileRecovery-Client%4Operational.evtx 155 Diagnosis-AdvancedTaskManager 178dadaf-7ac4-4593-ab3e-a45fda6d0d55
08/03/2022  08:34 PM            69,632 Microsoft-Windows-CorruptedFileRecovery-Server%4Operational.evtx 156 Diagnosis-DPS 6bba3851-2c7e-4dea-8f54-31e5afd029e3
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Crypto-DPAPI%4BackUpKeySvc.evtx 157 Diagnosis-MSDE a50b09f8-93eb-4396-84c9-dc921259f952
09/22/2022  07:45 AM         1,052,672 Microsoft-Windows-Crypto-DPAPI%4Operational.evtx 158 Diagnosis-PCW aabf8b86-7936-4fa2-acb0-63127f879dbf
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-Crypto-NCrypt%4Operational.evtx 159 Diagnosis-PerfHost f27b948b-0a7c-4eb6-92ec-8a2c1b353ecd
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DAL-Provider%4Operational.evtx 160 Diagnosis-PLA e4d53f84-7de3-11d8-9435-505054503030
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DataIntegrityScan%4Admin.evtx 161 Diagnosis-Scheduled 40ab57c2-1c53-4df9-9324-ff7cf898a02c
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DataIntegrityScan%4CrashRecovery.evtx 162 Diagnosis-Scripted e1dd7e52-621d-44e3-a1ad-0370c2b25946
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DateTimeControlPanel%4Operational.evtx 163 Diagnosis-ScriptedDiagnosticsProvider 9363ccd9-d429-4452-9adb-2501e704b810
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Deduplication%4Diagnostic.evtx 164 Diagnosis-WDC 05921578-2261-42c7-a0d3-26ddbce6c50d
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Deduplication%4Operational.evtx 165 Diagnosis-WDI e01b1a7c-c5c9-4e67-99a9-5e85acfb2e10
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Deduplication%4Scrubbing.evtx 166 Diagnostics-LoggingChannel 4bd2826e-54a1-4ba9-bf63-92b73ea1ac4a
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DeviceGuard%4Operational.evtx 167 Diagnostics-Networking 36c23e18-0e66-11d9-bbeb-505054503030
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Admin.evtx 168 Diagnostics-Performance cfc18ec0-96b1-4eba-961b-622caee05b0a
09/22/2022  07:50 AM         1,052,672 Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Operational.evtx 169 Diagnostics-PerfTrack 030f2f57-abd0-4427-bcf1-3a3587d7dc7d
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Devices-Background%4Operational.evtx 170 Diagnostics-PerfTrack-Counters c06ed57a-a7bd-42d7-b5ff-77a9dec5732d
09/22/2022  07:45 AM         1,052,672 Microsoft-Windows-DeviceSetupManager%4Admin.evtx 171 Diagtrack 56dc463b-97e8-4b59-e836-ab7c9bb96301
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-DeviceSetupManager%4Operational.evtx 172 Direct3D10 9b7e4c0f-342c-4106-a19f-4f2704f689f0
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DeviceSync%4Operational.evtx 173 Direct3D10_1 9b7e4c8f-342c-4106-a19f-4f2704f689f0
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DeviceUpdateAgent%4Operational.evtx 174 Direct3D11 db6f6ddb-ac77-4e88-8253-819df9bbf140
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-Dhcp-Client%4Admin.evtx 175 Direct3D12 5d8087dd-3a9b-4f56-90df-49196cdc4f11
09/22/2022  07:47 AM            69,632 Microsoft-Windows-Dhcpv6-Client%4Admin.evtx 176 Direct3DShaderCache 2d4ebca6-ea64-453f-a292-ae2ea0ee513b
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-Diagnosis-DPS%4Operational.evtx 177 DirectAccess-MediaManager dd2fe441-6c12-41fd-8232-3709c6045f63
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Diagnosis-PCW%4Operational.evtx 178 DirectComposition c44219d0-f344-11df-a5e2-b307dfd72085
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Diagnosis-PLA%4Operational.evtx 179 DirectManipulation 5786e035-ef2d-4178-84f2-5a6bbedbb947
09/21/2022  09:06 AM         1,052,672 Microsoft-Windows-Diagnosis-Scheduled%4Operational.evtx 180 Directory-Services-SAM 0d4fdc09-8c27-494a-bda0-505e4fd8adae
09/22/2022  07:51 AM            69,632 Microsoft-Windows-Diagnosis-Scripted%4Admin.evtx 181 Directory-Services-SAM-Utility bd8fea17-5549-4b49-aa03-1981d16396a9
09/22/2022  07:51 AM         1,052,672 Microsoft-Windows-Diagnosis-Scripted%4Operational.evtx 182 DirectShow-Core 968f313b-097f-4e09-9cdd-bc62692d138b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider%4Operational.evtx 183 DirectShow-KernelSupport 3cc2d4af-da5e-4ed4-bcbe-3cf995940483
09/22/2022  07:51 AM            69,632 Microsoft-Windows-Diagnostics-Networking%4Operational.evtx 184 DirectSound 8a93b54b-c75a-49b5-a5be-9060715b1a33
09/22/2022  07:47 AM         1,052,672 Microsoft-Windows-Diagnostics-Performance%4Operational.evtx 185 Disk 6b4db0bc-9a3d-467d-81b9-a84c6f2f3d40
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DiskDiagnostic%4Operational.evtx 186 Disk Class Driver Tracing Provider 945186bf-3dd6-4f3f-9c8e-9edd3fc9d558
05/03/2021  09:55 AM            69,632 Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx 187 DiskDiagnostic e670a5a2-ce74-4ab4-9347-61b815319f4c
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DiskDiagnosticResolver%4Operational.evtx 188 DiskDiagnosticDataCollector e104fb41-6b04-4f3a-b47d-f0df2f02b954
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DSC%4Admin.evtx 189 DiskDiagnosticResolver 6b1ffe48-5b1e-4793-9f7f-ae926454499d
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DSC%4Operational.evtx 190 Dism-Api 75b0da21-8b50-42eb-9448-ec48b1729b57
09/17/2021  12:03 AM            69,632 Microsoft-Windows-DucUpdateAgent%4Operational.evtx 191 Dism-Cli 2f959466-24d4-4972-8729-0d5e3539ebc3
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DxgKrnl-Admin.evtx 192 Display 6ece3302-fee1-4ea9-8b88-086d459ed976
08/03/2022  08:34 PM            69,632 Microsoft-Windows-DxgKrnl-Operational.evtx 193 DisplayColorCalibration 3239eb6f-c7fc-4953-aa15-646829a4ca4c
09/22/2022  07:51 AM            69,632 Microsoft-Windows-EapHost%4Operational.evtx 194 DisplaySwitch 192ede41-9175-4c86-ac02-9d003c9d43ab
09/22/2022  07:51 AM            69,632 Microsoft-Windows-EapMethods-RasChap%4Operational.evtx 195 DistributedCOM 1b562e86-b7aa-4131-badc-b6f3a001407e
09/22/2022  07:51 AM            69,632 Microsoft-Windows-EapMethods-RasTls%4Operational.evtx 196 DLNA-Namespace d38fb874-33e4-4dcf-911e-1b53bb106d53
08/03/2022  08:34 PM            69,632 Microsoft-Windows-EapMethods-Sim%4Operational.evtx 197 DNS-Client 1c95126e-7eea-49a9-a3fe-a378b03ddb4d
08/03/2022  08:34 PM            69,632 Microsoft-Windows-EapMethods-Ttls%4Operational.evtx 198 Documents c89b991e-3b48-49b2-80d3-ac000dfc9749
08/03/2022  08:34 PM            69,632 Microsoft-Windows-EDP-Application-Learning%4Admin.evtx 199 DomainJoinManagerTriggerProvider 5b004607-1087-4f16-b10e-979685a8d131
08/03/2022  08:34 PM            69,632 Microsoft-Windows-EDP-Audit-Regular%4Admin.evtx 200 Dot3MM f3419a17-e994-4c40-b593-79b8edec54e9
08/03/2022  08:34 PM            69,632 Microsoft-Windows-EDP-Audit-TCB%4Admin.evtx 201 DotNETRuntime e13c0d23-ccbc-4e12-931b-d9cc2eee27e4
08/03/2022  08:34 PM            69,632 Microsoft-Windows-EventCollector%4Operational.evtx 202 DotNETRuntimeRundown a669021c-c450-4609-a035-5af59af4df18
09/21/2022  08:59 PM            69,632 Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx 203 Downlevel IPsec API 94335eb3-79ea-44d5-8ea9-306f49b3a041
08/03/2022  08:34 PM            69,632 Microsoft-Windows-FeatureConfiguration%4Operational.evtx 204 Downlevel IPsec NetShell Plugin e4ff10d8-8a88-4fc6-82c8-8c23e9462fe5
09/22/2022  08:45 AM         1,052,672 Microsoft-Windows-FileHistory-Core%4WHC.evtx 205 Downlevel IPsec Policy Store 94335eb3-79ea-44d5-8ea9-306f49b3a070
09/21/2022  08:48 PM         1,052,672 Microsoft-Windows-FileHistory-Engine%4BackupLog.evtx 206 Downlevel IPsec Service 94335eb3-79ea-44d5-8ea9-306f49b3a040
08/03/2022  08:34 PM            69,632 Microsoft-Windows-FMS%4Operational.evtx 207 DriverFrameworks-KernelMode-Performance 486a5c7c-11cc-46c5-9de7-43dfe0bb57c1
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Folder Redirection%4Operational.evtx 208 DriverFrameworks-UserMode 2e35aaeb-857f-4beb-a418-2e6c0e54d988
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Forwarding%4Operational.evtx 209 DriverFrameworks-UserMode-Performance 9fa5dd5d-999e-466a-8ca9-7b3a66f8882f
08/03/2022  08:34 PM            69,632 Microsoft-Windows-GenericRoaming%4Admin.evtx 210 DSC 50df9e12-a8c4-4939-b281-47e1325ba63e
09/22/2022  07:44 AM         4,198,400 Microsoft-Windows-GroupPolicy%4Operational.evtx 211 DUI 8360bd0f-a7dc-4391-91a7-a457c5c381e4
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Guest-Network-Service-Admin.evtx 212 DUSER 8429e243-345b-47c1-8a91-2c94caf0daab
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Guest-Network-Service-Operational.evtx 213 DVD e18d0fca-9515-4232-98e4-89e456d8551b
09/22/2022  07:45 AM         1,052,672 Microsoft-Windows-HelloForBusiness%4Operational.evtx 214 Dwm-Api 292a52c4-fa27-4461-b526-54a46430bd54
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Help%4Operational.evtx 215 Dwm-Core 9e9bba3c-2e38-40cb-99f4-9e8281425164
09/13/2021  05:04 PM            69,632 Microsoft-Windows-HomeGroup Control Panel%4Operational.evtx 216 Dwm-Dwm d29d56ea-4867-4221-b02e-cfd998834075
08/03/2022  08:34 PM            69,632 Microsoft-Windows-HomeGroup Listener Service%4Operational.evtx 217 Dwm-Redir 7d99f6a4-1bec-4c09-9703-3aaa8148347f
08/03/2022  08:34 PM            69,632 Microsoft-Windows-HomeGroup Provider Service%4Operational.evtx 218 Dwm-Udwm a2d1c713-093b-43a7-b445-d09370ec9f47
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-Host-Network-Service-Admin.evtx 219 DXGI ca11c036-0102-4a2d-a6ad-f03cfed5d3c9
09/22/2022  07:50 AM         1,052,672 Microsoft-Windows-Host-Network-Service-Operational.evtx 220 DxgKrnl 802ec45a-1e99-4b83-9920-87c98277ba9d
04/13/2021  09:20 AM            69,632 Microsoft-Windows-HotspotAuth%4Operational.evtx 221 DXP 728b8c72-0f0f-4071-9bcc-27cb3b6dacbe
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Hyper-V-Compute-Admin.evtx 222 DxpTaskSyncProvider 271c5228-c3fe-4e47-831f-48c3652ce5ac
09/21/2022  09:04 PM         4,263,936 Microsoft-Windows-Hyper-V-Compute-Operational.evtx 223 EA IME API e2a24a32-00dc-4025-9689-c108c01991c5
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Hyper-V-Guest-Drivers%4Admin.evtx 224 EapHost 6eb8db94-fe96-443f-a366-5fe0cee7fb1c
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Hyper-V-Hypervisor-Admin.evtx 225 EapMethods-RasChap 58980f4b-bd39-4a3e-b344-492ed2254a4e
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Hyper-V-Hypervisor-Operational.evtx 226 EapMethods-RasTls 9cc0413e-5717-4af5-82eb-6103d8707b45
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Hyper-V-StorageVSP-Admin.evtx 227 EapMethods-Sim 3d42a67d-9ce8-4284-b755-2550672b0ce0
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Hyper-V-VID-Admin.evtx 228 EapMethods-Ttls d710d46c-235d-4798-ac20-9f83e1dcd557
09/22/2022  07:50 AM         1,052,672 Microsoft-Windows-Hyper-V-VmSwitch-Operational.evtx 229 EaseOfAccess 74b4a4b1-2302-4768-ac5b-9773dd456b08
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Hyper-V-Worker-Admin.evtx 230 EDP-AppLearning 9803daa0-81ba-483a-986c-f0e395b9f8d1
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Hyper-V-Worker-Operational.evtx 231 EDP-Audit-Regular 50f99b2d-96d2-421f-be4c-222c4140da9f
08/03/2022  08:34 PM            69,632 Microsoft-Windows-IdCtrls%4Operational.evtx 232 EDP-Audit-TCB 287d59b6-79ba-4741-a08b-2fedeede6435
04/14/2021  10:48 PM            69,632 Microsoft-Windows-IKE%4Operational.evtx 233 EFS 3663a992-84be-40ea-bba9-90c7ed544222
08/03/2022  08:34 PM            69,632 Microsoft-Windows-International%4Operational.evtx 234 ELS-Hyphenation 51aedb05-890b-4ade-8ba1-0ba14b8e8973
08/03/2022  08:34 PM            69,632 Microsoft-Windows-International-RegionalOptionsControlPanel%4Operational.evtx 235 EndpointTriggerProvider 92aab24d-d9a9-4a60-9f94-201fed3e3e88
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Iphlpsvc%4Operational.evtx 236 EnergyEfficiencyWizard 1a772f65-be1e-4fc6-96bb-248e03fa60f5
08/03/2022  08:34 PM            69,632 Microsoft-Windows-IPxlatCfg%4Operational.evtx 237 Energy-Estimation-Engine ddcc3826-a68a-4e0d-bcfd-9c06c27c6948
08/03/2022  08:34 PM            69,632 Microsoft-Windows-KdsSvc%4Operational.evtx 238 EnhancedStorage-EhStorTcgDrv aa3aa23b-bb6d-425a-b58c-1d7e37f5d02a
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Kernel-ApphelpCache%4Operational.evtx 239 EQoS 54cb22ff-26b4-4393-a8c2-6b0715912c5f
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Kernel-Boot%4Operational.evtx 240 Error Instrument cd7cf0d0-02cc-4872-9b65-0dba0a90efe8
09/22/2022  08:04 AM         1,052,672 Microsoft-Windows-Kernel-EventTracing%4Admin.evtx 241 ErrorReportingConsole 017247f2-7e96-11dc-8314-0800200c9a66
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Kernel-IO%4Operational.evtx 242 ESE 478ea8a8-00be-4ba6-8e75-8b9dc7db9f78
09/22/2022  07:51 AM         1,052,672 Microsoft-Windows-Kernel-LiveDump%4Operational.evtx 243 EventCollector b977cf02-76f6-df84-cc1a-6a4b232322b6
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-Kernel-PnP%4Configuration.evtx 244 Eventlog fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148
09/21/2022  09:03 AM         1,052,672 Microsoft-Windows-Kernel-PnP%4Driver Watchdog.evtx 245 EventLog-WMIProvider 35ac6ce8-6104-411d-976c-877f183d2d32
04/13/2021  09:20 AM            69,632 Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx 246 EventSystem 899daace-4868-4295-afcd-9eb8fb497561
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Kernel-ShimEngine%4Operational.evtx 247 exFAT-SQM 494e7a3d-8db9-4ec4-b43e-2844af6e38d6
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx 248 FailoverClustering-Client a82fda5d-745f-409c-b0fe-18ae0678a0e0
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Kernel-WDI%4Operational.evtx 249 Fat-SQM 3e59a529-b0b3-4a11-8129-9ffe6bb46eb9
04/13/2021  09:20 AM            69,632 Microsoft-Windows-Kernel-WHEA%4Errors.evtx 250 Fault-Tolerant-Heap 6b93bf66-a922-4c11-a617-cf60d95c133d
09/21/2022  09:04 PM         4,263,936 Microsoft-Windows-Kernel-WHEA%4Operational.evtx 251 Fax 8e0e93fb-76ad-42ee-8770-b9dfea596f65
04/13/2021  09:20 AM            69,632 Microsoft-Windows-KeyboardFilter%4Admin.evtx 252 FD Core Trace 480217a9-f824-4bd4-bbe8-f371caaf9a0d
09/22/2022  07:47 AM         1,052,672 Microsoft-Windows-Known Folders API Service.evtx 253 FD Publication Trace 649e3596-2620-4d58-a01f-17aefe8185db
09/22/2022  07:51 AM         1,052,672 Microsoft-Windows-LanguagePackSetup%4Operational.evtx 254 FD SSDP Trace db1d0418-105a-4c77-9a25-8f96a19716a4
09/22/2022  07:50 AM         1,052,672 Microsoft-Windows-LiveId%4Operational.evtx 255 FD WNet Trace 8b20d3e4-581f-4a27-8109-df01643a7a93
08/03/2022  08:34 PM            69,632 Microsoft-Windows-MemoryDiagnostics-Results%4Debug.evtx 256 FD WSDAPI Trace 7e2dbfc7-41e8-4987-bca7-76cadfad765f
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task%4Operational.evtx 257 FDPHost Service Trace f1c521ca-da82-4d79-9ee4-d7a375723b68
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Mobile-Broadband-Experience-SmsRouter%4Admin.evtx 258 FeatureConfiguration c2f36562-a1e4-4bc3-a6f6-01a7adb643e8
08/03/2022  08:34 PM            69,632 Microsoft-Windows-ModernDeployment-Diagnostics-Provider%4Admin.evtx 259 Feedback-Service-TriggerProvider e46eead8-0c54-4489-9898-8fa79d059e0e
08/03/2022  08:34 PM            69,632 Microsoft-Windows-ModernDeployment-Diagnostics-Provider%4Autopilot.evtx 260 File Kernel Trace; Operation Set 1 d75d8303-6c21-4bde-9c98-ecc6320f9291
08/10/2022  10:34 PM            69,632 Microsoft-Windows-ModernDeployment-Diagnostics-Provider%4Diagnostics.evtx 261 File Kernel Trace; Operation Set 2 058dd951-7604-414d-a5d6-a56d35367a46
08/03/2022  08:34 PM            69,632 Microsoft-Windows-ModernDeployment-Diagnostics-Provider%4ManagementService.evtx 262 File Kernel Trace; Optional Data 7da1385c-f8f5-414d-b9d0-02fca090f1ec
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Mprddm%4Operational.evtx 263 File Kernel Trace; Volume To Log 127d46af-4ad3-489f-9165-f00ba64d5467
04/14/2021  10:48 PM            69,632 Microsoft-Windows-MUI%4Admin.evtx 264 FileHistory-Catalog b447b4dc-7780-11e0-ada3-18a90531a85a
04/14/2021  10:48 PM            69,632 Microsoft-Windows-MUI%4Operational.evtx 265 FileHistory-ConfigManager b447b4dd-7780-11e0-ada3-18a90531a85a
07/05/2022  04:04 PM            69,632 Microsoft-Windows-NcdAutoSetup%4Operational.evtx 266 FileHistory-Core b447b4db-7780-11e0-ada3-18a90531a85a
09/22/2022  07:43 AM         1,052,672 Microsoft-Windows-NCSI%4Operational.evtx 267 FileHistory-Engine b447b4de-7780-11e0-ada3-18a90531a85a
08/03/2022  08:34 PM            69,632 Microsoft-Windows-NdisImPlatform%4Operational.evtx 268 FileHistory-EventListener b447b4df-7780-11e0-ada3-18a90531a85a
07/05/2022  04:04 PM            69,632 Microsoft-Windows-NetworkLocationWizard%4Operational.evtx 269 FileHistory-Service b447b4e0-7780-11e0-ada3-18a90531a85a
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-NetworkProfile%4Operational.evtx 270 FileHistory-UI b447b4e1-7780-11e0-ada3-18a90531a85a
08/03/2022  08:34 PM            69,632 Microsoft-Windows-NetworkProvider%4Operational.evtx 271 FileInfoMinifilter a319d300-015c-48be-acdb-47746e154751
08/03/2022  08:34 PM            69,632 Microsoft-Windows-NetworkProvisioning%4Operational.evtx 272 FilterManager f3c5e28e-63f6-49c7-a204-e48a1bc4b09d
09/22/2022  07:51 AM            69,632 Microsoft-Windows-NlaSvc%4Operational.evtx 273 Firewall e595f735-b42a-494b-afcd-b68666945cd3
09/22/2022  07:47 AM        33,558,528 Microsoft-Windows-Ntfs%4Operational.evtx 274 Firewall-CPL 546549be-9d63-46aa-9154-4f6eb9526378
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Ntfs%4WHC.evtx 275 FirstUX-PerfInstrumentation fbef8096-2ca3-4082-acde-dcfb47e96b72
08/03/2022  08:34 PM            69,632 Microsoft-Windows-NTLM%4Operational.evtx 276 FMS dea07764-0790-44de-b9c4-49677b17174f
09/17/2021  12:03 AM            69,632 Microsoft-Windows-OcpUpdateAgent%4Operational.evtx 277 Folder Redirection 7d7b0c39-93f6-4100-bd96-4dda859652c5
08/03/2022  08:34 PM            69,632 Microsoft-Windows-OfflineFiles%4Operational.evtx 278 Forwarding 699e309c-e782-4400-98c8-e21d162d7b7b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-OneBackup%4Debug.evtx 279 FunctionDiscovery 9db0fdb5-3b21-440e-a94b-63738a4be5de
08/03/2022  08:34 PM            69,632 Microsoft-Windows-OOBE-Machine-DUI%4Operational.evtx 280 FunctionDiscoveryHost 538cbbad-4877-4eb2-b26e-7caee8f0f8cb
07/13/2022  09:41 PM         1,052,672 Microsoft-Windows-PackageStateRoaming%4Operational.evtx 281 FWPKCLNT Trace Provider ad33fa19-f2d2-46d1-8f4c-e3c3087e45ad
08/03/2022  08:34 PM            69,632 Microsoft-Windows-ParentalControls%4Operational.evtx 282 FWPUCLNT Trace Provider 5a1600d2-68e5-4de7-bcf4-1c2d215fe0fe
09/21/2022  09:04 PM         4,263,936 Microsoft-Windows-Partition%4Diagnostic.evtx 283 GenericRoaming 4eacb4d0-263b-4b93-8cd6-778a278e5642
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PerceptionRuntime%4Operational.evtx 284 Globalization 12e3da5b-14e4-4f76-8e35-c540763ef300
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PerceptionSensorDataService%4Operational.evtx 285 Globalization-FontGroups e1168941-8333-497f-98d9-67bee05a6034
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PersistentMemory-INvdimm%4Operational.evtx 286 GPIOButtons e13ff11e-e989-4838-a9fa-38a4d13914cf
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PersistentMemory-Nvdimm%4Operational.evtx 287 GPIO-ClassExtension 55ab77f6-fa04-43ef-af45-688fbf500482
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PersistentMemory-NvdimmN%4Operational.evtx 288 Graphics-Printing e7aa32fb-77d0-477f-987d-7e83df1b7ed0
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PersistentMemory-PmemDisk%4Operational.evtx 289 Graphics-Printing3D be967569-e3c8-425b-ad0e-4f2c790b1848
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PersistentMemory-ScmBus%4Certification.evtx 290 GroupPolicy aea1b4fa-97d1-45f2-a64c-4d69fffd92c9
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PersistentMemory-ScmBus%4Operational.evtx 291 GroupPolicyTriggerProvider bd2f4252-5e1e-49fc-9a30-f3978ad89ee2
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PersistentMemory-VirtualNvdimm%4Operational.evtx 292 HAL 63d1e632-95cc-4443-9312-af927761d52a
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Policy%4Operational.evtx 293 HealthCenter 588c5c5a-ffc5-44a2-9a7f-d5e8dbe6efd7
04/14/2021  10:48 PM            69,632 Microsoft-Windows-PowerShell%4Admin.evtx 294 HealthCenterCPL 959f1fac-7ca8-4ed1-89dc-cdfa7e093cb0
09/22/2022  07:47 AM         7,409,664 Microsoft-Windows-PowerShell%4Operational.evtx 295 Heap Trace Provider 222962ab-6180-4b88-a825-346b75f2a24a
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager%4Operational.evtx 296 Heap-Snapshot 901d2afa-4ff6-46d7-8d0e-53645e1a47f5
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PrintBRM%4Admin.evtx 297 HelloForBusiness 906b8a99-63ce-58d7-86ab-10989bbd5567
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PrintService%4Admin.evtx 298 Help de513a55-c345-438b-9a74-e18cac5c5cc5
08/03/2022  08:34 PM            69,632 Microsoft-Windows-PriResources-Deployment%4Operational.evtx 299 HomeGroup-ControlPanel 134ea407-755d-4a93-b8a6-f290cd155023
09/21/2022  08:48 PM         4,263,936 Microsoft-Windows-Privacy-Auditing%4Operational.evtx 300 HomeGroup-ListenerService af0a5a6d-e009-46d4-8867-42f2240f8a72
04/13/2021  09:20 AM            69,632 Microsoft-Windows-Program-Compatibility-Assistant%4CompatAfterUpgrade.evtx 301 HomeGroup-ProviderService c9bdb4eb-9287-4c8e-8378-6896f0d1c5ef
09/22/2022  08:04 AM         1,052,672 Microsoft-Windows-Provisioning-Diagnostics-Provider%4Admin.evtx 302 HotspotAuth de095dbe-8667-4168-94c2-48ca61665aca
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Provisioning-Diagnostics-Provider%4AutoPilot.evtx 303 HttpEvent 7b6bc78c-898b-4170-bbf8-1a469ea43fc5
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Provisioning-Diagnostics-Provider%4ManagementService.evtx 304 HttpLog c42a2738-2333-40a5-a32f-6acc36449dcc
04/14/2021  10:48 PM            69,632 Microsoft-Windows-PushNotification-Platform%4Admin.evtx 305 HttpService dd5ef90a-6398-47a4-ad34-4dcecdef795f
09/22/2022  07:47 AM         1,052,672 Microsoft-Windows-PushNotification-Platform%4Operational.evtx 306 Http-SQM-Provider f5344219-87a4-4399-b14a-e59cd118abb8
09/22/2022  07:47 AM         1,052,672 Microsoft-Windows-ReadyBoost%4Operational.evtx 307 Hyper-V-Guest-Drivers-Dynamic-Memory ba2ffb5c-e20a-4fb9-91b4-45f61b4b66a0
08/03/2022  08:34 PM            69,632 Microsoft-Windows-ReadyBoostDriver%4Operational.evtx 308 Hyper-V-Guest-Drivers-IcSvc c18672d1-dc18-4dfd-91e4-170cf37160cf
08/03/2022  08:34 PM            69,632 Microsoft-Windows-ReFS%4Operational.evtx 309 Hyper-V-Guest-Drivers-Storage-Filter 0b9fdccc-451c-449c-9bd8-6756fcc6091a
06/14/2022  07:43 AM            69,632 Microsoft-Windows-Regsvr32%4Operational.evtx 310 Hyper-V-Guest-Drivers-Vmbus f2e2ce31-0e8a-4e46-a03b-2e0fe97e93c2
08/03/2022  08:34 PM            69,632 Microsoft-Windows-RemoteApp and Desktop Connections%4Admin.evtx 311 Hyper-V-Hypervisor 52fc89f8-995e-434c-a91e-199986449890
08/03/2022  08:34 PM            69,632 Microsoft-Windows-RemoteApp and Desktop Connections%4Operational.evtx 312 Hyper-V-Netvsc 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c
08/03/2022  08:34 PM            69,632 Microsoft-Windows-RemoteAssistance%4Admin.evtx 313 IdCtrls 6d7662a9-034e-4b1f-a167-67819c401632
08/03/2022  08:34 PM            69,632 Microsoft-Windows-RemoteAssistance%4Operational.evtx 314 IdleTriggerProvider 9e03f75a-bcbe-428a-8f3c-d46f2a444935
08/03/2022  08:34 PM            69,632 Microsoft-Windows-RemoteDesktopServices-RdpCoreTS%4Admin.evtx 315 IE-F12-Provider d17fff2f-392d-478c-a41d-737a216eb2a4
08/03/2022  08:34 PM            69,632 Microsoft-Windows-RemoteDesktopServices-RdpCoreTS%4Operational.evtx 316 IE-SmartScreen 52f82079-1974-4c67-81da-807b892778bb
08/03/2022  08:34 PM            69,632 Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc%4Admin.evtx 317 IKEEXT Trace Provider 106b464d-8043-46b1-8cb8-e92a0cd7a560
08/03/2022  08:34 PM            69,632 Microsoft-Windows-RemoteDesktopServices-SessionServices%4Operational.evtx 318 IMAPI1 Shim 1ff10429-99ae-45bb-8a67-c9e945b9fb6c
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx 319 IMAPI2 Concatenate Stream 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e9d
09/22/2022  07:51 AM         1,052,672 Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx 320 IMAPI2 Disc Master 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e91
04/14/2021  10:48 PM            69,632 Microsoft-Windows-RestartManager%4Operational.evtx 321 IMAPI2 Disc Recorder 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e93
08/03/2022  08:34 PM            69,632 Microsoft-Windows-RetailDemo%4Admin.evtx 322 IMAPI2 Disc Recorder Enumerator 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e92
08/03/2022  08:34 PM            69,632 Microsoft-Windows-RetailDemo%4Operational.evtx 323 IMAPI2 dll 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e90
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SearchUI%4Operational.evtx 324 IMAPI2 Interleave Stream 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e9e
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Security-Adminless%4Operational.evtx 325 IMAPI2 Media Eraser 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e97
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Security-Audit-Configuration-Client%4Operational.evtx 326 IMAPI2 MSF 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e9f
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Security-EnterpriseData-FileRevocationManager%4Operational.evtx 327 IMAPI2 Multisession Sequential 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7ea0
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Security-LessPrivilegedAppContainer%4Operational.evtx 328 IMAPI2 Pseudo-Random Stream 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e9c
09/21/2022  09:03 PM         1,052,672 Microsoft-Windows-Security-Mitigations%4KernelMode.evtx 329 IMAPI2 Raw CD Writer 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e9a
04/13/2021  09:20 AM            69,632 Microsoft-Windows-Security-Mitigations%4UserMode.evtx 330 IMAPI2 Raw Image Writer 07e397ec-c240-4ed7-8a2a-b9ff0fe5d581
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Security-Netlogon%4Operational.evtx 331 IMAPI2 Standard Data Writer 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e98
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging%4Operational.evtx 332 IMAPI2 Track-at-Once CD Writer 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e99
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Security-SPP-UX-Notifications%4ActionCenter.evtx 333 IMAPI2 Utilities 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e94
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Security-UserConsentVerifier%4Audit.evtx 334 IMAPI2 Write Engine 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e96
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SecurityMitigationsBroker%4Operational.evtx 335 IMAPI2 Zero Stream 0e85a5a5-4d5c-44b7-8bda-5b7ab54f7e9b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SENSE%4Operational.evtx 336 IMAPI2FS Tracing f8036571-42d9-480a-babb-de7833cb059c
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SenseIR%4Operational.evtx 337 IME-Broker e2c15fd7-8924-4c8c-8cfe-da0be539ce27
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-SettingSync%4Debug.evtx 338 IME-CandidateUI 7c4117b1-ed82-4f47-b2ca-29e4e25719c7
07/13/2022  09:41 PM         1,052,672 Microsoft-Windows-SettingSync%4Operational.evtx 339 IME-CustomerFeedbackManager e2242b38-9453-42fd-b446-00746e76eb82
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SettingSync-Azure%4Debug.evtx 340 IME-CustomerFeedbackManagerUI 1b734b40-a458-4b81-954f-ad7c9461bed8
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SettingSync-Azure%4Operational.evtx 341 IME-JPAPI 31bcac7f-4ab8-47a1-b73a-a161ee68d585
07/13/2022  09:41 PM         1,052,672 Microsoft-Windows-SettingSync-OneDrive%4Debug.evtx 342 IME-JPLMP dbc388bc-89c2-4fe0-b71f-6e4881fb575c
07/10/2022  08:23 AM            69,632 Microsoft-Windows-SettingSync-OneDrive%4Operational.evtx 343 IME-JPPRED 3ad571f3-bdae-4942-8733-4d1b85870a1e
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Shell-ConnectedAccountState%4ActionCenter.evtx 344 IME-JPSetting 14371053-1813-471a-9510-1cf1d0a055a8
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Shell-Core%4ActionCenter.evtx 345 IME-JPTIP 8c8a69ad-cc89-481f-bbad-fd95b5006256
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-Shell-Core%4AppDefaults.evtx 346 IME-KRAPI 7562948e-2671-4dda-8f8f-bf945ef984a1
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Shell-Core%4LogonTasksChannel.evtx 347 IME-KRTIP e013e74b-97f4-4e1c-a120-596e5629ecfe
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-Shell-Core%4Operational.evtx 348 IME-OEDCompiler fd44a6e7-580f-4a9c-83d9-d820b7d3a033
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-ShellCommon-StartLayoutPopulation%4Operational.evtx 349 IME-TCCORE f67b2345-47fa-4721-a6fb-fe08110eecf7
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SmartCard-Audit%4Authentication.evtx 350 IME-TCTIP d5268c02-6f51-436f-983b-74f2efbfaf3a
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-SmartCard-DeviceEnum%4Operational.evtx 351 IME-TIP bdd4b92e-19ef-4497-9c4a-e10e7fd2e227
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SmartCard-TPM-VCard-Module%4Admin.evtx 352 Immersive-Shell 315a8872-923e-4ea2-9889-33cd4754bf64
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SmartCard-TPM-VCard-Module%4Operational.evtx 353 Immersive-Shell-API 5f0e257f-c224-43e5-9555-2adcb8540a58
04/14/2021  10:48 PM            69,632 Microsoft-Windows-SmbClient%4Audit.evtx 354 IndirectDisplays-ClassExtension-Events 966cd1c0-3f69-42ad-9877-517dce8462b4
09/22/2022  07:44 AM         8,392,704 Microsoft-Windows-SmbClient%4Connectivity.evtx 355 Infrared Monitor Service d2c4d428-7b68-4563-af51-96c13f95a807
04/14/2021  10:48 PM            69,632 Microsoft-Windows-SMBClient%4Operational.evtx 356 Input-HIDCLASS 6465da78-e7a0-4f39-b084-8f53c7c30dc6
09/22/2022  07:44 AM         1,118,208 Microsoft-Windows-SmbClient%4Security.evtx 357 InputSwitch bb8e7234-bbf4-48a7-8741-339206ed1dfb
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SMBDirect%4Admin.evtx 358 Install-Agent e0c6f6de-258a-50e0-ac1a-103482d118bc
04/13/2021  09:20 AM            69,632 Microsoft-Windows-SMBServer%4Audit.evtx 359 Intel-iaLPSS2-GPIO2 63848cff-3ec7-4ddf-8072-5f95e8c8eb98
04/13/2021  09:20 AM            69,632 Microsoft-Windows-SMBServer%4Connectivity.evtx 360 Intel-iaLPSS2-I2C c2f86198-03ca-4771-8d4c-ce6e15cbca56
09/22/2022  07:44 AM         8,392,704 Microsoft-Windows-SMBServer%4Operational.evtx 361 Intel-iaLPSS-GPIO d386cc7a-620a-41c1-abf5-55018c6c699a
04/13/2021  09:20 AM            69,632 Microsoft-Windows-SMBServer%4Security.evtx 362 Intel-iaLPSS-I2C d4aeac44-ad44-456e-9c90-33f8cdced6af
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SMBWitnessClient%4Admin.evtx 363 International 3aa52b8b-6357-4c18-a92e-b53fb177853b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SMBWitnessClient%4Informational.evtx 364 International-RegionalOptionsControlPanel c6bf6832-f7bd-4151-ac21-753ce4707453
09/21/2022  09:04 PM         5,246,976 Microsoft-Windows-StateRepository%4Operational.evtx 365 Iphlpsvc 66a5c15c-4f8e-4044-bf6e-71d896038977
04/13/2021  09:20 AM            69,632 Microsoft-Windows-StateRepository%4Restricted.evtx 366 Iphlpsvc-Trace 6600e712-c3b6-44a2-8a48-935c511f28c8
09/22/2022  07:43 AM         6,295,552 Microsoft-Windows-Storage-ClassPnP%4Operational.evtx 367 IPMI Driver Trace d5c6a3e9-fa9c-434e-9653-165b4fc869e4
09/22/2022  07:43 AM         6,295,552 Microsoft-Windows-Storage-Storport%4Health.evtx 368 IPMI Provider Trace 651d672b-e11f-41b7-add3-c2f6a4023672
09/22/2022  07:48 AM        19,992,576 Microsoft-Windows-Storage-Storport%4Operational.evtx 369 IPMIProvider 2a45d52e-bbf3-4843-8e18-b356ed5f6a65
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Storage-Tiering%4Admin.evtx 370 IPNAT a67075c2-3e39-4109-b6cd-6d750058a732
08/03/2022  08:34 PM            69,632 Microsoft-Windows-StorageManagement%4Operational.evtx 371 IPSEC-SRV c91ef675-842f-4fcf-a5c9-6ea93f2e4f8b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-StorageSettings%4Diagnostic.evtx 372 IrDA Protocol Driver 2d333977-52e1-4886-801f-2d59eb8060af
04/13/2021  09:20 AM            69,632 Microsoft-Windows-StorageSpaces-Driver%4Diagnostic.evtx 373 IsolatedUserMode 73a33ab2-1966-4999-8add-868c41415269
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-StorageSpaces-Driver%4Operational.evtx 374 KdsSvc 89203471-d554-47d4-bde4-7552ec219999
04/14/2021  10:48 PM            69,632 Microsoft-Windows-StorageSpaces-ManagementAgent%4WHC.evtx 375 Kernel-Acpi c514638f-7723-485b-bcfc-96565d735d4a
08/03/2022  08:34 PM            69,632 Microsoft-Windows-StorageSpaces-SpaceManager%4Diagnostic.evtx 376 Kernel-AppCompat 16a1adc1-9b7f-4cd9-94b3-d8296ab1b130
08/03/2022  08:34 PM            69,632 Microsoft-Windows-StorageSpaces-SpaceManager%4Operational.evtx 377 Kernel-Audit-API-Calls e02a841c-75a3-4fa7-afc8-ae09cf9b7f23
09/22/2022  07:47 AM        20,058,112 Microsoft-Windows-Store%4Operational.evtx 378 Kernel-Boot 15ca44ff-4d7a-4baa-bba5-0998955e531e
09/21/2022  09:04 PM         1,118,208 Microsoft-Windows-Storsvc%4Diagnostic.evtx 379 Kernel-BootDiagnostics 96ac7637-5950-4a30-b8f7-e07e8e5734c1
09/22/2022  07:50 AM        67,112,960 Microsoft-Windows-Sysmon%4Operational.evtx 380 Kernel-Disk c7bde69a-e1e0-4177-b6ef-283ad1525271
08/03/2022  08:34 PM            69,632 Microsoft-Windows-SystemSettingsThreshold%4Operational.evtx 381 Kernel-EventTracing b675ec37-bdb6-4648-bc92-f3fdc74d3ca2
09/22/2022  08:05 AM         1,052,672 Microsoft-Windows-TaskScheduler%4Maintenance.evtx 382 Kernel-File edd08927-9cc4-4e65-b970-c2560fb5c289
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TCPIP%4Operational.evtx 383 Kernel-General a68ca8b7-004f-d7b6-a698-07e2de0f1f5d
11/11/2021  12:42 AM            69,632 Microsoft-Windows-TenantRestrictions%4Operational.evtx 384 Kernel-Interrupt-Steering 951b41ea-c830-44dc-a671-e2c9958809b8
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-ClientUSBDevices%4Admin.evtx 385 Kernel-IO abf1f586-2e50-4ba8-928d-49044e6f0db7
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-ClientUSBDevices%4Operational.evtx 386 Kernel-IoTrace a103cabd-8242-4a93-8df5-1cdf3b3f26a6
04/13/2021  09:20 AM            69,632 Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx 387 Kernel-LicensingSqm a0af438f-4431-41cb-a675-a265050ee947
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx 388 Kernel-Licensing-StartServiceTrigger f5528ada-be5f-4f14-8aef-a95de7281161
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-PnPDevices%4Admin.evtx 389 Kernel-LiveDump bef2aa8e-81cd-11e2-a7bb-5eac6188709b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-PnPDevices%4Operational.evtx 390 Kernel-Memory d1d93ef7-e1f2-4f45-9943-03d245fe6c00
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-Printers%4Admin.evtx 391 Kernel-Network 7dd42a49-5329-4832-8dfd-43d979153a88
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-Printers%4Operational.evtx 392 Kernel-Pep 5412704e-b2e1-4624-8ffd-55777b8f7373
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-RDPClient%4Operational.evtx 393 Kernel-PnP 9c205a39-1250-487d-abd7-e831c6290539
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Admin.evtx 394 Kernel-PnP-Rundown b3a0c2c8-83bb-4ddf-9f8d-4b22d3c38ad7
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Operational.evtx 395 Kernel-Power 331c3b3a-2005-44c2-ac5e-77220c37d6b4
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-ServerUSBDevices%4Admin.evtx 396 Kernel-PowerTrigger aa1f73e8-15fd-45d2-abfd-e7f64f78eb11
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TerminalServices-ServerUSBDevices%4Operational.evtx 397 Kernel-Prefetch 5322d61a-9efa-4bc3-a3f9-14be95c144f8
09/22/2022  09:40 AM         1,052,672 Microsoft-Windows-Time-Service%4Operational.evtx 398 Kernel-Process 22fb2cd6-0e7b-422b-a0c7-2fad1fd0e716
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Time-Service-PTP-Provider%4PTP-Operational.evtx 399 Kernel-Processor-Power 0f67e49f-fe51-4e9f-b490-6f2948cc6027
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Troubleshooting-Recommended%4Admin.evtx 400 Kernel-Registry 70eb4f03-c1de-4f73-a051-33d13d5413bd
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Troubleshooting-Recommended%4Operational.evtx 401 Kernel-ShimEngine 0bf2fb94-7b60-4b4d-9766-e82f658df540
09/21/2022  08:59 PM            69,632 Microsoft-Windows-TWinUI%4Operational.evtx 402 Kernel-StoreMgr a6ad76e3-867a-4635-91b3-4904ba6374d7
09/22/2022  07:51 AM            69,632 Microsoft-Windows-TZSync%4Operational.evtx 403 KernelStreaming 548c4417-ce45-41ff-99dd-528f01ce0fe1
08/03/2022  08:34 PM            69,632 Microsoft-Windows-TZUtil%4Operational.evtx 404 Kernel-Tm 4cec9c95-a65f-4591-b5c4-30100e51d870
09/22/2022  07:51 AM            69,632 Microsoft-Windows-UAC%4Operational.evtx 405 Kernel-Tm-Trigger ce20d1c3-a247-4c41-bcb8-3c7f52c8b805
09/17/2021  12:02 AM            69,632 Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx 406 Kernel-WDI 2ff3e6b7-cb90-4700-9621-443f389734ed
09/22/2022  07:46 AM         1,052,672 Microsoft-Windows-UniversalTelemetryClient%4Operational.evtx 407 Kernel-WHEA 7b563579-53c8-44e7-8236-0f87b9fe6594
08/03/2022  08:34 PM            69,632 Microsoft-Windows-User Control Panel%4Operational.evtx 408 Kernel-WSService-StartServiceTrigger 3635d4b6-77e3-4375-8124-d545b7149337
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-User Device Registration%4Admin.evtx 409 Kernel-XDV f029ac39-38f0-4a40-b7de-404d244004cb
09/22/2022  07:44 AM         2,166,784 Microsoft-Windows-User Profile Service%4Operational.evtx 410 KMDFv1 Trace Provider 544d4c9d-942c-46d5-bf50-df5cd9524a50
08/03/2022  08:34 PM            69,632 Microsoft-Windows-User-Loader%4Operational.evtx 411 KnownFolders 8939299f-2315-4c5c-9b91-abb86aa0627d
09/14/2021  05:11 PM            69,632 Microsoft-Windows-UserPnp%4ActionCenter.evtx 412 L2NACP 85fe7609-ff4a-48e9-9d50-12918e43e1da
09/22/2022  07:47 AM         1,052,672 Microsoft-Windows-UserPnp%4DeviceInstall.evtx 413 LanGPA cb070027-1534-4cf3-98ea-b9751f508376
04/14/2021  10:48 PM            69,632 Microsoft-Windows-VDRVROOT%4Operational.evtx 414 LanguagePackSetup 7237fff9-a08a-4804-9c79-4a8704b70b87
08/03/2022  08:34 PM            69,632 Microsoft-Windows-VerifyHardwareSecurity%4Admin.evtx 415 LanguageProfile f91577c6-a704-4a0a-a8f5-7d10dfc761df
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-VHDMP-Operational.evtx 416 Layer2 Security HC Diagnostics Trace 2e8d9ec5-a712-48c4-8ce0-631eb0c1cd65
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Volume%4Diagnostic.evtx 417 LDAP-Client 099614a5-5dd7-4788-8bc9-e29f43db28fc
09/21/2022  09:04 PM         1,052,672 Microsoft-Windows-VolumeSnapshot-Driver%4Operational.evtx 418 LimitsManagement 73aa0094-facb-4aeb-bd1d-a7b98dd5c799
04/14/2021  10:48 PM            69,632 Microsoft-Windows-VPN%4Operational.evtx 419 LinkLayerDiscoveryProtocol dcbfb8f0-cd19-4f1c-a27d-23ac706ded72
08/03/2022  08:34 PM            69,632 Microsoft-Windows-VPN-Client%4Operational.evtx 420 LiveId 05f02597-fe85-4e67-8542-69567ab8fd4f
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-Wcmsvc%4Operational.evtx 421 LLTD-Mapper ccc64809-6b5f-4c1b-ab39-336904da9b3b
08/03/2022  08:34 PM            69,632 Microsoft-Windows-WDAG-PolicyEvaluator-CSP%4Operational.evtx 422 LLTD-MapperIO 0741c7be-daac-4a5b-b00a-4bd9a2d89d0e
08/03/2022  08:34 PM            69,632 Microsoft-Windows-WDAG-PolicyEvaluator-GP%4Operational.evtx 423 LLTD-Responder e159fc63-02fe-42f3-a234-028b9b8561cb
08/03/2022  08:34 PM            69,632 Microsoft-Windows-WDAG-Service%4Operational.evtx 424 Local Security Authority (LSA) cc85922f-db41-11d2-9244-006008269001
09/21/2022  09:04 PM         1,118,208 Microsoft-Windows-WebAuthN%4Operational.evtx 425 LsaSrv 199fe037-2b82-40a9-82ac-e1d46c792b99
09/21/2022  08:59 PM         1,052,672 Microsoft-Windows-WER-PayloadHealth%4Operational.evtx 426 LUA 93c05d69-51a3-485e-877f-1806a8731346
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-WFP%4Operational.evtx 427 Magnification c882ff1d-7585-4b33-b135-95c577179137
04/13/2021  09:20 AM            69,632 Microsoft-Windows-Win32k%4Operational.evtx 428 Management-SecureAssessment a329cf81-57ec-46ed-ab7c-261a52b0754a
09/21/2022  08:59 PM         1,052,672 Microsoft-Windows-Windows Defender%4Operational.evtx 429 MCCS-AccountAccessor 4025d192-273d-42ec-bdf8-940ec34eedca
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Windows Defender%4WHC.evtx 430 MCCS-AccountsHost 04eccf8e-8490-4ad1-8ed5-0ae7750e69e6
04/14/2021  10:48 PM            69,632 Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx 431 MCCS-AccountsRT dd2743c6-1722-4674-9f6f-c80044c4232e
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx 432 MCCS-ActiveSyncCsp 602a0873-9bde-48b3-b6b7-277035293458
09/21/2022  09:03 AM         1,052,672 Microsoft-Windows-Windows Firewall With Advanced Security%4FirewallDiagnostics.evtx 433 MCCS-ActiveSyncProvider 4a155f10-25ad-47e6-aba8-2c4f5eee7846
04/14/2021  10:48 PM            69,632 Microsoft-Windows-WindowsBackup%4ActionCenter.evtx 434 MCCS-DavSyncProvider 5d86c4e2-8fcd-48d7-a713-9a04609c0189
09/10/2022  09:43 AM         1,052,672 Microsoft-Windows-WindowsSystemAssessmentTool%4Operational.evtx 435 MCCS-EngineShared bf460fc6-45c5-4119-add3-e361a6e7d5ac
09/22/2022  07:45 AM         1,052,672 Microsoft-Windows-WindowsUpdateClient%4Operational.evtx 436 MCCS-InternetMail 618473bc-8eef-4868-adff-a1b640b06411
09/14/2021  05:11 PM            69,632 Microsoft-Windows-WinINet-Config%4ProxyConfigChanged.evtx 437 MCCS-InternetMailCsp bec5e7a4-0527-42e8-8174-fabde799ad7f
09/22/2022  07:45 AM         1,052,672 Microsoft-Windows-Winlogon%4Operational.evtx 438 MCCS-NetworkHelper 25b99a4c-2f80-4fcd-982d-69cd1f77badf
09/22/2022  07:46 AM         1,052,672 Microsoft-Windows-WinRM%4Operational.evtx 439 MCCS-SyncController 7fcb9791-f481-46d1-846e-2eb6f003c4d3
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx 440 MCCS-SyncUtil dca074ce-547c-4595-ae90-56229b8e3bd9
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Wired-AutoConfig%4Operational.evtx 441 MediaEngine 8f2048e0-f260-4f57-a8d1-932376291682
09/22/2022  07:44 AM         1,052,672 Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx 442 MediaFoundation-MFCaptureEngine b8197c10-845f-40ca-82ab-9341e98cfc2b
09/22/2022  07:47 AM         1,052,672 Microsoft-Windows-WMI-Activity%4Operational.evtx 443 MediaFoundation-MFReadWrite 4b7eac67-fc53-448c-a49d-7cc6db524da7
08/03/2022  08:34 PM            69,632 Microsoft-Windows-WMPNSS-Service%4Operational.evtx 444 MediaFoundation-MSVProc a4112d1a-6dfa-476e-bb75-e350d24934e1
08/03/2022  08:34 PM            69,632 Microsoft-Windows-WorkFolders%4Operational.evtx 445 MediaFoundation-Performance f404b94e-27e0-4384-bfe8-1d8d390b0aa3
04/14/2021  10:48 PM            69,632 Microsoft-Windows-WorkFolders%4WHC.evtx 446 MediaFoundation-Performance-Core b20e65ac-c905-4014-8f78-1b6a508142eb
08/03/2022  08:34 PM            69,632 Microsoft-Windows-Workplace Join%4Admin.evtx 447 MediaFoundation-Platform bc97b970-d001-482f-8745-b8d7d5759f99
05/16/2022  11:31 AM            69,632 Microsoft-Windows-WPD-ClassInstaller%4Operational.evtx 448 MediaFoundation-PlayAPI b65471e1-019d-436f-bc38-e15fa8e87f53
08/03/2022  08:34 PM            69,632 Microsoft-Windows-WPD-CompositeClassDriver%4Operational.evtx 449 Media-Protection-PlayReady-Performance d2402fde-7526-5a7b-501a-25dc7c9c282e
09/22/2022  07:50 AM         1,052,672 Microsoft-Windows-WPD-MTPClassDriver%4Operational.evtx 450 Media-Streaming 982824e5-e446-46ae-bc74-836401ffb7b6
08/03/2022  08:34 PM            69,632 Microsoft-Windows-WWAN-SVC-Events%4Operational.evtx 451 MemoryDiagnostics-Results 5f92bc59-248f-4111-86a9-e393e12c6139
04/13/2021  09:20 AM            69,632 Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel.evtx 452 MemoryDiagnostics-Schedule 73e9c9de-a148-41f7-b1db-4da051fdc327
09/21/2022  08:48 PM         1,052,672 OAlerts.evtx 453 Memory-Diagnostic-Task-Handler babda89a-4d5e-48eb-af3d-e0e8410207c0
08/03/2022  08:34 PM            69,632 OpenSSH%4Admin.evtx 454 MF a7364e1a-894f-4b3d-a930-2ed9c8c4c811
08/03/2022  08:34 PM            69,632 OpenSSH%4Operational.evtx 455 MFH264Enc 2a49de31-8a5b-4d3a-a904-7fc7409ae90d
09/22/2022  07:50 AM        20,975,616 Security.evtx 456 Microsoft.Windows.ResourceManager 4180c4f7-e238-5519-338f-ec214f0b49aa
09/21/2022  08:59 PM         1,052,672 Setup.evtx 457 Microsoft-Antimalware-AMFilter cfeb0608-330e-4410-b00d-56d8da9986e6
08/03/2022  08:34 PM            69,632 SMSApi.evtx 458 Microsoft-Antimalware-Protection e4b70372-261f-4c54-8fa6-a5a7914d73da
09/22/2022  08:57 AM        20,975,616 System.evtx 459 Microsoft-Antimalware-RTP 8e92deef-5e17-413b-b927-59b2f06a3cfc
09/22/2022  07:47 AM         5,312,512 Windows PowerShell.evtx 460 Microsoft-Antimalware-Scan-Interface 2a576b87-09a7-520e-c21a-4942f0271d67
             382 File(s)    398,385,152 bytes 461 Microsoft-Antimalware-Service 751ef305-6c6e-4fed-b847-02ef79d26aef
               2 Dir(s)  97,024,434,176 bytes free 462 Microsoft-Antimalware-UI 911f2490-c3db-4781-94e6-7a9c404803e5
463 Microsoft-AppV-Client e4f68870-5ae8-4e5b-9ce7-ca9ed75b0245
464 Microsoft-AppV-Client-StreamingUX 28cb46c7-4003-4e50-8bd9-442086762d12
465 Microsoft-AppV-ServiceLog 9cc69d1c-7917-4acd-8066-6bf8b63e551b
466 Microsoft-AppV-SharedPerformance fb4a19ee-eb5a-47a4-bc52-e71aac6d0859
467 Microsoft-Client-Licensing-Platform b6cc0d55-9ecc-49a8-b929-2b9022426f2a
468 Microsoft-IE 9e3b3947-ca5d-4614-91a2-7b624e0e7244
469 Microsoft-IEFRAME 5c8bb950-959e-4309-8908-67961a1205d5
470 Microsoft-IE-JSDumpHeap 7f8e35ca-68e8-41b9-86fe-d6adc5b327e7
471 Microsoft-JScript 57277741-3638-4a4b-bdba-0ac6e45da56c
472 Microsoft-Office-Business Connectivity Services b8622a02-c377-46b1-b861-38a787a8e44a
473 Microsoft-Office-Events 8736922d-e8b2-47eb-8564-23e77e728cf3
474 Microsoft-Office-Word daf0b914-9c1c-450a-81b2-fea7244f6ffa
475 Microsoft-Office-Word2 bb00e856-a12f-4ab7-b2c8-4e80caea5b07
476 Microsoft-OneCore-OnlineSetup 41862974-da3b-4f0b-97d5-bb29fbb9b71e
477 Microsoft-Pef-WebProxy 6ef4653a-71f9-4ad3-b093-61c38c9c299f
478 Microsoft-Pef-WFP-MessageProvider c22d1b14-c242-49de-9f17-1d76b8b9c458
479 Microsoft-PerfTrack-IEFRAME b2a40f1f-a05a-4dfd-886a-4c4f18c4334c
480 Microsoft-PerfTrack-MSHTML ffdb9886-80f3-4540-aa8b-b85192217ddf
481 Microsoft-RMS-MSIPC d40dc05f-f932-416b-a915-a92b0745a199
482 Microsoft-User Experience Virtualization-Admin 61bc445e-7a8d-420e-ab36-9c7143881b98
483 Microsoft-User Experience Virtualization-Agent Driver de29cf61-5ee6-43ff-9aac-959c4e13cc6c
484 Microsoft-User Experience Virtualization-App Agent 1ed6976a-4171-4764-b415-7ea08bc46c51
485 Microsoft-User Experience Virtualization-IPC 21d79db0-8e03-41cd-9589-f3ef7001a92a
486 Microsoft-User Experience Virtualization-SQM Uploader 57003e21-269b-4bdc-8434-b3bf8d57d2d5
487 Microsoft-Windows Networking VPN Plugin Platform e5fc4a0f-7198-492f-9b0f-88fdcbfded48
488 Microsoft-WindowsPhone-ConfigManager2 2f94e1cc-a8c5-4fe7-a1c3-53d7bda8e73e
489 Microsoft-WindowsPhone-CoreMessaging 922cdcf3-6123-42da-a877-1a24f23e39c5
490 Microsoft-WindowsPhone-CoreUIComponents a0b7550f-4e9a-4f03-ad41-b8042d06a2f7
491 Microsoft-WindowsPhone-LocationServiceProvider 4d13548f-c7b8-4174-bb7a-d7f64bf22d29
492 Microsoft-WindowsPhone-Net-Cellcore-CellManager 9a6615a6-902a-4705-804b-57b8813089b8
493 Microsoft-WindowsPhone-Net-Cellcore-CellularAPI 6b7b5e3a-f4de-42d9-9545-bae12852d778
494 Microsoft-WindowsPhone-Ufx e98ebdbf-3058-4784-8521-47860b1d2b8e
495 Minstore 55b24b1d-dd9c-44c0-ba77-4f749f1b6976
496 MMC 9c88041d-349d-4647-8bfd-2c0a167bfe58
497 MMCSS 36008301-e154-466c-acec-5f4cbd6b4694
498 Mobile-Broadband-Experience-Api 2e2bbb16-0c36-4b9b-a567-40924a199fd5
499 Mobile-Broadband-Experience-Api-Internal 2aabd03b-f48b-419a-b4ce-7a14403f4a46
500 Mobile-Broadband-Experience-Parser-Task 28e25b07-c47f-473d-8b24-2e171cca808a
501 Mobile-Broadband-Experience-SmsApi 0ff1c24b-7f05-45c0-abdc-3c8521be4f62
502 Mobile-Broadband-Experience-SmsRouter fa773482-f6ed-4895-8a7d-4f5850678e59
503 Mobility Center Performance Trace 8a8b5246-6eb6-4339-8b59-b0085b9f4890
504 Mobility Center Trace 082dff20-f430-11d9-8cd6-0800200c9a66
505 MobilityCenter 91f42016-0b4e-4a4b-9bbb-825d06cbed35
506 mobsync b44aec44-38f4-4b59-8df3-10306abf19b2
507 Mount Manager Trace 467c1914-37f0-4c7d-b6db-5cd7dfe7bd5e
508 MountMgr e3bac9f8-27be-4823-8d7f-1cc320c05fa7
509 MP4SDECD 7f2bd991-ae93-454a-b219-0bc23f02262a
510 MPEG2_DLNA-Encoder 86efff39-2bdd-4efd-bd0b-853d71b2a9dc
511 Mprddm 3a5bef13-d0f7-4e7f-9ec8-5e707df711d0
512 MPRMSG f2c628ae-d26c-4352-9c45-74754e1e2f9f
513 MPS-CLNT 37945dc2-899b-44d1-b79c-dd4a9e57ff98
514 MPS-DRV 50bd1bfd-936b-4db3-86be-e25b96c25898
515 MPS-SRV 5444519f-2484-45a2-991e-953e4b54c8e0
516 MSADCE.1 76dba919-5a36-fc80-2cad-3185532b7cb1
517 MSADCF.1 101c0e21-ebba-a60a-ec3d-58797788928a
518 MSADCO.1 5c6ce734-1b3e-705e-c2ab-b272d99aaf8f
519 MSADDS.1 13cd7f92-5baa-8c7c-3d72-b69fac139a46
520 MSADOX.1 6c770d53-0441-afd4-dcab-1d89155fecfc
521 MSDADIAG.ETW 8b98d3f2-3cc6-0b9c-6651-9649cce5c752
522 MSDAPRST.1 64a552e0-6c60-b907-e59c-10f1dff76b0d
523 MSDAREM.1 564f1e24-fc86-28e1-74f8-5ca0d950bee0
524 MSDART.1 ceb7253c-bb96-9dfe-51d1-53d966d0cf8b
525 MSDASQL_1 b6501ba0-c61a-c4e6-6fa2-a4e7f8c8e7a0
526 MSDATL3.1 87b93a44-1f73-ec83-7261-2dfc972d9b1e
527 MSDTC 719be4ed-e9bc-4dd8-a7cf-c85ce8e4975d
528 MSDTC 2 5d9e0020-3761-4f36-90c8-38ce6511bd12
529 MSDTC Client 7a67066e-193f-4d3a-82d3-322fee5259de
530 MSDTC Client 2 155cb334-3d7f-4ff1-b107-df8afc3c0363
531 MSFTEDIT 9640427c-7d03-4331-b8ee-fb77625bf381
532 msiscsi_iScsi 1babefb4-59cb-49e5-9698-fd38ac830a91
533 MsiServer 17e92e2a-3d08-413e-baeb-a79a262bf486
534 MSMPEG2ADEC 51311de3-d55e-454a-9c58-43dc7b4c01d2
535 MSMPEG2VDEC ae5cf422-786a-476a-ac96-753b05877c99
536 msmpeg2venc d17b213a-c505-49c9-98cc-734253ef65d4
537 MSPaint 1d75856d-36a7-4ecb-a3f5-b13152222d29
538 MUI a8a1f2f6-a13a-45e9-b1fe-3419569e5ef2
539 MUI Resource Trace d3de60b2-a663-45d5-9826-a0a5949d2cb0
540 Narrator 835b79e2-e76a-44c4-9885-26ad122d3b4d
541 Native WIFI Filter Driver Trace d905ac1c-65e7-4242-99ea-fe66a8355df8
542 Native WIFI MSM Trace d905ac1d-65e7-4242-99ea-fe66a8355df8
543 Ncasvc 126ded58-a28d-4113-8e7a-59d7444b2af1
544 NcdAutoSetup ec23f986-ae2d-4269-b52f-4e20765c1a94
545 NCSI 314de49f-ce63-4779-ba2b-d616f6963a88
546 NDF-HelperClassDiscovery fc3bc8a7-2f61-449c-a8b4-22ac22058f92
547 NDIS cdead503-17f5-4a3e-b7ae-df8cc2902eb9
548 NdisImPlatformEventProvider 11c5d8ad-756a-42c2-8087-eb1b4a72a846
549 NdisImPlatformSysEvtProvider 62de9e48-90c6-4755-8813-6a7d655b0802
550 NDIS-PacketCapture 2ed6006e-4729-4609-b423-3ee7bcd678ef
551 Ndu df271536-4298-45e1-b0f2-e88f78619c5d
552 NetAdapterCim-Diag 6cc2405d-817f-4886-886f-d5d1643210f0
553 NetJoin 9741fd4e-3757-479f-a3c6-fc49f6d5edd0
554 Netshell af2e340c-0743-4f5a-b2d3-2f7225d215de
555 Network Location Awareness Trace 1ac55562-d4ff-4bc5-8ef3-a18e07c4668e
556 Network Profile Manager d9131565-e1dd-4c9e-a728-951999c2adb5
557 Network-and-Sharing-Center 6a502821-ab44-40c8-b32f-37315d9d52e0
558 NetworkBridge a67075c2-3e39-4109-b6cd-6d750058a731
559 Network-Connection-Broker 3eb875eb-8f4a-4800-a00b-e484c97d7551
560 NetworkConnectivityStatus 014de49f-ce63-4779-ba2b-d616f6963a87
561 Network-DataUsage 5c1c9ab3-8689-4e41-90fa-85858306d7b7
562 NetworkGCW be932b00-0f8e-4386-ab89-873f7d0274aa
563 Networking-Correlation 83ed54f0-4d48-4e45-b16e-726ffd1fa4af
564 Networking-RealTimeCommunication 1e39b4ce-d1e6-46ce-b65b-5ab05d6cc266
565 NetworkManagerTriggerProvider 9b307223-4e4d-4bf5-9be8-995cd8e7420b
566 NetworkProfile fbcfac3f-8459-419f-8e48-1f0b49cdb85e
567 NetworkProfileTriggerProvider fbcfac3f-8460-419f-8e48-1f0b49cdb85e
568 NetworkProvider 1e9a4978-78c2-441e-8858-75b5d1326bc5
569 NetworkProvisioning 93a19ab3-fb2c-46eb-91ef-56b0a318b983
570 NetworkSecurity 7b702970-90bc-4584-8b20-c0799086ee5a
571 Network-Setup a111f1c2-5923-47c0-9a68-d0bafb577901
572 NetworkStatus 7868b0d4-1423-4681-afdf-27913575441e
573 NFC-ClassExtension 85c070e6-f9ae-481f-aacb-bc550bfd35a1
574 NisDrvWFP Provider 49d6ad7b-52c4-4f79-a164-4dcd908391e4
575 NlaSvc 63b530f8-29c9-4880-a5b4-b8179096e7b8
576 NSC IrDA Driver 57ac2b71-75cd-4043-9b00-b51674b0dc71
577 Ntfs 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482
578 Ntfs dd70bc80-ef44-421b-8ac3-cd31da613a4e
579 Ntfs_NtfsLog b2fc00c4-2941-4d11-983b-b16e8aa4e25d
580 Ntfs-UBPM 8e6a5303-a4ce-498f-afdb-e03a8a82b077
581 NTLM ac43300d-5fcc-4800-8e99-1bd3f85f0320
582 NTLM Security Protocol c92cf544-91b3-4dc0-8e11-c580339a0bf8
583 ntshrui 676f167f-f72c-446e-a498-eda43319a5e3
584 NWiFi 0bd3506a-9030-4f76-9b88-3e8fe1f7cfb6
585 ODBC.1 f34765f6-a1be-4b9d-1400-b8a12921f704
586 ODBCBCP.1 932b59f1-90c2-d8ba-0956-3975c344ae2b
587 OfficeAirSpace f562bb8e-422d-4b5c-b20e-90d710f7d11c
588 OfficeLoggingLiblet f50d9315-e17e-43c1-8370-3edf6cc057be
589 OfflineFiles 95353826-4fbe-41d4-9c42-f521c6e86360
590 OfflineFiles-CscApi 19ee4cf9-5322-4843-b0d8-bab81be4e81e
591 OfflineFiles-CscDclUser d5418619-c167-44d9-bc36-765beb5d55f3
592 OfflineFiles-CscFastSync 791cd79c-65b5-48a3-804c-786048994f47
593 OfflineFiles-CscNetApi 361f227c-aa14-4d19-9007-0c8d1a8a541b
594 OfflineFiles-CscService 89d89015-c0df-414c-bc48-f50e114832bc
595 OfflineFiles-CscUM 5e23b838-5b71-47e6-b123-6fe02ef573ef
596 OLEACC 19d2c934-ee9b-49e5-aaeb-9cce721d2c65
597 OLEDB.1 0dd082c4-66f2-271f-74ba-2bf1f9f65c66
598 OLE-Perf 84958368-7da7-49a0-b33d-07fabb879626
599 OneBackup 72561cf0-c85c-4f78-9e8d-cba9093df62d
600 OneX ab0d8ef9-866d-4d39-b83f-453f3b8f6325
601 OOBE-FirstLogonAnim 2d4c0c5e-6704-493a-a44b-f5add4fc9283
602 OobeLdr 75ebc33e-8670-4eb6-b535-3b9d6bb222fd
603 OOBE-Machine-Core ec276cde-2a17-473c-a010-2ff78d5426d2
604 OOBE-Machine-DUI f5dbaa02-15d6-4644-a784-7032d508bf64
605 OOBE-Machine-Plugins-Wireless 0f352580-e9e2-46c2-8336-6ac66e986416
606 osk 4f768be8-9c69-4bbc-87fc-95291d3f9d0c
607 OtpCredentialProviderEvt 5cad485a-210f-4c16-80c5-f892de74e28d
608 OverlayFilter 46c78e5c-a213-46a8-8a6b-622f6916201d
609 P2PIMSvc 2992e9cf-4f99-48f5-a0b6-b99b11cd387d
610 P2P-Mesh 3333d2fc-3aee-479f-985d-8bebae552b99
611 P2P-PNRP bbbc81cf-e219-469c-a405-f820ee496194
612 PackageStateRoaming 5b5ab841-7d2e-4a95-bb4f-095cdf66d8f0
613 ParentalControls 01090065-b467-4503-9b28-533766761087
614 Partition 412bdff2-a8c4-470d-8f33-63fe0d8c20e2
615 PCI 1a9443d4-b099-44d6-8eb1-829b9c2fe290
616 PDC a6bf0deb-3659-40ad-9f81-e25af62ce3c7
617 PDFReader dfa86faa-2c55-4140-bff9-5cc586217a7b
618 PDH 04d66358-c4a1-419b-8023-23b73902de2c
619 PeerToPeerDrtEventProvider 40ae003c-6f3d-4590-ae1c-0e8be526b50f
620 PerceptionRuntime add0de40-32b0-4b58-9d5e-938b2f5c1d1f
621 PerceptionSensorDataService 85be49ea-38f1-4547-a604-80060202fb27
622 PerfCtrs 973143dd-f3c7-4ef5-b156-544ac38c39b6
623 PerfDisk 7f9d83de-8abb-457f-98e8-4ad161449ecc
624 Perflib 13b197bd-7cee-4b4e-8dd0-59314ce374ce
625 PerfNet cab2b8a5-49b9-4eec-b1b0-fac21da05a3b
626 Performance-Recorder-Control 36b6f488-aad7-48c2-afe3-d4ec2c8b46fa
627 PerfOS f82fb576-e941-4956-a2c7-a0cf83f6450a
628 PerfProc 72d211e1-4c54-4a93-9520-4901681b2271
629 PersistentMemory-INvdimm 94d560d0-147e-51c9-763a-b03634331449
630 PersistentMemory-Nvdimm a7f2235f-be51-51ed-decf-f4498812a9a2
631 PersistentMemory-NvdimmN ba4b59d0-3388-55a0-bdd7-8fd539dee1d2
632 PersistentMemory-PmemDisk 0fa2ee03-1feb-5057-3bb3-eb25521b8482
633 PersistentMemory-ScmBus c03715ce-ea6f-5b67-4449-da1d1e1afeb8
634 PersistentMemory-VirtualNvdimm 3244f41a-e7e6-5f92-8c62-6ca864cb8cea
635 PhotoAcq 76cfa528-b26e-b773-62d0-9588270442a6
636 Photo-Image-Codec be3a31ea-aa6c-4196-9dcc-9ca13a49e09f
637 PlayToManager bb311100-2d9f-4cd3-b2d6-f4ea3839c548
638 PNPX AssocDB Trace 7311ad03-18d6-45ac-9b08-b020bdd6a590
639 PNRPSvc bbe94f36-f8dc-4c33-8227-81602b7a3d53
640 Portable Device Connectivity API Trace 02fe721a-0725-469e-a26d-37b3c09faac1
641 PortableDeviceStatusProvider 8c63b5a5-b484-4381-892d-edd424582df7
642 PortableDeviceSyncProvider a3e1697b-a12c-46b9-84d1-7ffe73c4b678
643 PortableWorkspaces-Creator-Tool 42d5f8cb-0d2b-4522-8059-c35a37c94a77
644 Power-CAD daba4d32-cc40-4266-bb95-c30344dbc680
645 PowerCfg 9f0c4ea8-ec01-4200-a00d-b9701cbea5d8
646 PowerCpl b1f90b27-4551-49d6-b2bd-dfc6453762a6
647 Power-Meter-Polling 306c4e0b-e148-543d-315b-c618eb93157c
648 PowerShell a0c1853b-5c40-4b15-8766-3cf1c58f985a
649 PowerShell-DesiredStateConfiguration-FileDownloadManager aaf67066-0bf8-469f-ab76-275590c434ee
650 Power-Troubleshooter cdc05e28-c449-49c6-b9d2-88cf761644df
651 PrimaryNetworkIcon 8ce93926-bdae-4409-9155-2fe4799ef4d3
652 PrintBRM cf3f502e-b40d-4071-996f-00981edf938e
653 PrintDialogs 27e76321-1e5b-4a82-ba0c-26e978f15072
654 PrintFilterPipelineSvc_ObjectsGuid aefe45f4-8548-42b4-b1c8-25673b07ad8b
655 PrintService 747ef6fd-e535-4d16-b510-42c90f6873a1
656 PrintService-USBMon 7f812073-b28d-4afc-9ced-b8010f914ef6
657 PriResources-Deployment 9213c3e1-0d6c-52dd-78ea-f3b082111406
658 ProcessExitMonitor fd771d53-8492-4057-8e35-8c02813af49b
659 Processor-Aggregator cba16cf2-2fab-49f8-89ae-894e718649e7
660 ProcessStateManager d49918cf-9489-4bf1-9d7b-014d864cf71f
661 Program-Compatibility-Assistant 4cb314df-c11f-47d7-9c04-65fb0051561b
662 propsys 9485fa1e-23cd-49a1-84e3-11d8bc550cb7
663 Provisioning-Diagnostics-Provider ed8b9bd3-f66e-4ff2-b86b-75c7925f72a9
664 Proximity-Common 28058203-d394-4afc-b2a6-2f9155a3bb95
665 PushNotifications-Developer 5cad3597-5fec-4c62-9ce1-9d7abc723d3a
666 PushNotifications-InProc 815a1f4a-3f8d-4b37-9b31-5142f9d724a5
667 PushNotifications-Platform 88cd9180-4491-4640-b571-e3bee2527943
668 Push-To-Install-Service 3a718a68-6974-4075-abd3-e8243caef398
669 QoS-Pacer 914ed502-b70d-4add-b758-95692854f8a3
670 QoS-qWAVE 6ba132c4-da49-415b-a7f4-31870dc9fe25
671 QoS-WMI-Diag 725ba9b3-c1f3-4518-af1b-c8d669191e15
672 RadioManager 92061e3d-21cd-45bc-a3df-0e8ae5e8580a
673 Ras-AgileVpn b5325cd6-438e-4ec1-aa46-14f46f2570e4
674 Ras-NdisWanPacketCapture d84521f7-2235-4237-a7c0-14e3a9676286
675 RasServer 29d13147-1c2e-48ec-9994-e29dfe496eb3
676 RasSstp 6c260f2c-049a-43d8-bf4d-d350a4e6611a
677 RdpCore Api Trace d4199645-41be-4fd5-9d71-a612c508fdc6
678 RDPEncComTrace d4199645-41be-4fd5-9d71-a612c508fdc7
679 ReadyBoost e6307a09-292c-497e-aad6-498f68e2b619
680 ReadyBoostDriver 2a274310-42d5-4019-b816-e4b8c7abe95c
681 ReFS cd9c6198-bf73-4106-803b-c17d26559018
682 ReFS-v1 059f0f37-910e-4ff0-a7ee-ae8d49dd319b
683 Refsv1WppTrace 6d2fd9c5-8bd8-4a5d-8aa8-01e5c3b2ae23
684 RefsWppTrace 740f3c34-57df-4bad-8eea-72ac69ad5df5
685 Registry-SQM-Provider 017ba13c-9a55-4f1f-8200-323055aac810
686 RemoteApp and Desktop Connections 1b8b402d-78dc-46fb-bf71-46e64aedf165
687 RemoteAssistance 5b0a651a-8807-45cc-9656-7579815b6af0
688 RemoteDesktopServices-RdpCoreTS 1139c61b-b549-4251-8ed3-27250a1edec8
689 RemoteDesktopServices-RemoteFX-Synth3dvsc 3903d5b9-988d-4c31-9ccd-4022f96703f0
690 RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport 7eb5f4cf-a4f6-4e92-aa8f-a8e7ef937745
691 RemoteDesktopServices-RemoteFX-VM-User-Mode-Transport 741c6be3-f74b-4e4d-88e7-5ce3a35faeb3
692 RemoteDesktopServices-SessionServices f1394de0-32c7-4a76-a6de-b245e48f4615
693 Remote-FileSystem-Log 20c46239-d059-4214-a11e-7d6769cbe020
694 Remote-FileSystem-Monitor 51734b23-5b7e-4892-ba8e-45bc110b735c
695 Remotefs-Rdbss 1a870028-f191-4699-8473-6fcd299eab77
696 ResetEng a4445c76-ed85-c8a3-02c1-532a38614a9e
697 ResetEng-Trace 7fa514b5-a023-4b62-a6ab-2946a483e065
698 Resource-Exhaustion-Detector 9988748e-c2e8-4054-85f6-0c3e1cad2470
699 Resource-Exhaustion-Resolver 91f5fb12-fdea-4095-85d5-614b495cd9de
700 ResourcePublication 74c2135f-cc76-45c3-879a-ef3bb1eeaf86
701 RetailDemo d3f29eda-805d-428a-9902-b259b937f84b
702 RmClient_RestartManager 0888e5ef-9b98-4695-979d-e92ce4247224
703 RowsetHelper.1 74a75b02-36d8-ede6-d10e-95b691503408
704 RPC 6ad52b32-d609-4be9-ae07-ce8dae937e39
705 RPC-Events f4aed7c7-a898-4627-b053-44a7caa12fcd
706 RPC-FirewallManager f997cd11-0fc9-4ab4-acba-bc742a4c0dd3
707 RPC-Proxy-LBS 272a979b-34b5-48ec-94f5-7225a59c85a0
708 RPCSS d8975f88-7ddb-4ed0-91bf-3adf48c48e0c
709 RRAS 24989972-0967-4e21-a926-93854033638e
710 RSS Platform Backgroundsync Perf Trace ca1cf55c-9e49-4ad3-8038-39cb6f66af11
711 RSS Platform Backgroundsync Trace f59d1d86-cc03-4736-bc9c-4c7936871b3d
712 RSS Platform Perf Trace 2b240425-3141-43ee-931f-ec9f997c7d7e
713 RSS Platform Trace 8c50fa6e-394e-4b47-b6d1-a880a5f225a2
714 RTWorkQueue-Extended 83faaa86-63c8-4dd8-a2da-fbadddfc0655
715 RTWorkQueue-Threading e18d0fc9-9515-4232-98e4-89e456d8551b
716 Runtime-Graphics fa5cf675-72eb-49e2-b447-de5552faff1c
717 Runtime-Media 8f0db3a8-299b-4d64-a4ed-907b409d4584
718 Runtime-Networking 6eb875eb-8f4a-4800-a00b-e484c97d7561
719 Runtime-Networking-BackgroundTransfer b9d5b35d-bbb8-4625-9450-f71a5d414f4f
720 Runtime-WebAPI 6bd96334-dc49-441a-b9c4-41425ba628d8
721 Runtime-Web-Http 41877cb4-11fc-4188-b590-712c143c881d
722 SBP2 Port Driver Tracing Provider 6710597f-7319-4aae-9b85-c8d87136a56b
723 Schannel 1f678132-5938-4686-9fdc-c8ff68f15c85
724 Schannel-Events 91cc1150-71aa-47e2-ae18-c96e61736b6f
725 SCPNP 9f650c63-9409-453c-a652-83d7185a2e83
726 SD Bus Trace 3b9e3da4-70b8-46d3-9ef2-3ddf128bded8
727 Sdbus fe28004e-b08f-4407-92b3-bad3a2c51708
728 Sdstor afe654eb-0a83-4eb4-948f-d4510ec39c30
729 Search ca4e628d-8567-4896-ab6b-835b221f373f
730 Search-Core 49c2c27c-fe2d-40bf-8c4e-c3fb518037e7
731 Search-ProfileNotify fc6f77dd-769a-470e-bcf9-1b6555a118be
732 Search-ProtocolHandlers dab065a9-620f-45ba-b5d6-d6bb8efedee9
733 SEC 16c6501a-ff2d-46ea-868d-8f96cb0cb52d
734 Security: Kerberos Authentication 6b510852-3583-4e2d-affe-a67f9f223438
735 Security: NTLM Authentication 5bbb6c18-aa45-49b1-a15f-085f7ed0aa90
736 Security: SChannel 37d2c3cd-c5d4-4587-8531-4696c44244c8
737 Security: TSPkg 6165f3e2-ae38-45d4-9b23-6b4818758bd9
738 Security: WDigest fb6a424f-b5d6-4329-b9d5-a975b3a93ead
739 Security-Adminless ea216962-877b-5b73-f7c5-8aef5375959e
740 Security-Audit-Configuration-Client 08466062-aed4-4834-8b04-cddb414504e5
741 Security-Auditing 54849625-5478-4994-a5ba-3e3b0328c30d
742 Security-EnterpriseData-FileRevocationManager 2cd58181-0bb6-463e-828a-056ff837f966
743 Security-ExchangeActiveSyncProvisioning 9249d0d0-f034-402f-a29b-92fa8853d9f3
744 Security-IdentityListener 3c6c422b-019b-4f48-b67b-f79a3fa8b4ed
745 Security-IdentityStore 00b7e1df-b469-4c69-9c41-53a6576e3dad
746 Security-Kerberos 98e6cfcb-ee0a-41e0-a57b-622d4e1b30b1
747 Security-LessPrivilegedAppContainer 45eec9e5-4a1b-5446-7ad8-a4ab1313c437
748 Security-Mitigations fae10392-f0af-4ac0-b8ff-9f4d920c3cdf
749 SecurityMitigationsBroker ea8cd8a5-78ff-4418-b292-aadc6a7181df
750 Security-Netlogon e5ba83f6-07d0-46b1-8bc7-7e669a1d31dc
751 Security-SPP e23b33b0-c8c9-472c-a5f9-f2bdfea0f156
752 Security-SPP-UX 6bdadc96-673e-468c-9f5b-f382f95b2832
753 Security-SPP-UX-GC bbbdd6a3-f35e-449b-a471-4d830c8eda1f
754 Security-SPP-UX-GenuineCenter-Logging fb829150-cd7d-44c3-af5b-711a3c31cedc
755 Security-SPP-UX-Notifications c4efc9bb-2570-4821-8923-1bad317d2d4b
756 Security-UserConsentVerifier 40783728-8921-45d0-b231-919037b4b4fd
757 Security-Vault e6c92fb8-89d7-4d1f-be46-d56e59804783
758 SendTo 35642cf5-da5e-410b-9d9c-a45f3638042b
759 Sens be69781c-b63b-41a1-8e24-a4fc7b3fc498
760 SENSE fae96d09-ade1-5223-0098-af7b67348531
761 SenseIR b6d775ef-1436-4fe6-bad3-9e436319e218
762 Sensor ClassExtension Trace a1e89bb0-ef73-4980-8c99-dd15f7271d7e
763 Sensors d8900e18-36cb-4548-966f-13f068d1f78e
764 Serial-ClassExtension 47bc9477-a8ba-452e-b951-4f2ed3593cf9
765 Serial-ClassExtension-V2 eee173ef-7ed2-45de-9877-01c70a852fbd
766 Service Control Manager 555908d1-a6d7-4695-8e1e-26931d2012f4
767 Service Control Manager Trace ebcca1c2-ab46-4a1d-8c2a-906c2ff25f39
768 ServiceReportingApi 606a6a38-70ec-4309-b3a3-82ff86f73329
769 Services 0063715b-eeda-4007-9429-ad526f62696e
770 Services-Svchost 06184c97-5201-480e-92af-3a3626c5b140
771 ServiceTriggerPerfEventProvider 6545939f-3398-411a-88b7-6a8914b8cec7
772 Servicing bd12f3b8-fc40-4a61-a307-b7a013a069c1
773 SettingSync 83d6e83b-900b-48a3-9835-57656b6f6474
774 SettingSync-Azure 9f973c1d-d056-4e38-84a5-7be81cdd6ab6
775 SettingSync-Desktop 579402a2-883c-45d8-b70a-9bc856407751
776 SettingSync-OneDrive f43c3c35-22e2-53eb-f169-07594054779e
777 Setup 75ebc33e-997f-49cf-b49f-ecc50184b75d
778 SetupAPI Trace a676b545-4cfb-4306-a067-502d9a0f2220
779 SetupCl 75ebc33e-d017-4d0f-93ab-0b4f86579164
780 SetupPlatform 530fb9b9-c515-4472-9313-fb346f9255e3
781 SetupQueue a615acb9-d5a4-4738-b561-1df301d207f8
782 SetupUGC 75ebc33e-0870-49e5-bdce-9d7028279489
783 SharedAccess_NAT a6f32731-9a38-4159-a220-3d9b7fc5fe5d
784 ShareMedia-ControlPanel 02012a8a-adf5-4fab-92cb-ccb7bb3e689a
785 Shell-AppWizCpl 08d945eb-c8bd-44aa-994f-86079d8dce35
786 Shell-AuthUI 63d2bb1d-e39a-41b8-9a3d-52dd06677588
787 ShellCommon-StartLayoutPopulation 97ca8142-10b1-4baa-9fbb-70a7d11231c3
788 Shell-ConnectedAccountState 6df57621-e7e4-410f-a7e9-e43eeb61b11f
789 Shell-Core 30336ed4-e327-447c-9de0-51b652c86108
790 Shell-DefaultPrograms 65d99466-7a8e-489c-b8e1-962bc945031e
791 Shell-LockScreenContent a3c0d58a-9fe5-4f24-a2ce-e16de8baa0d2
792 Shell-OpenWith 11bd2a68-77ff-4991-9658-f451f2eb6ce1
793 Shell-Search-UriHandler 606c6fe0-a9dc-4a9d-bdea-830aff6716e7
794 Shell-Shwebsvc f61cefc0-aa2e-11da-a746-0800200c9a66
795 Shell-ZipFolder 1f84007d-19ce-4b15-9e81-8a3dd8eb9ecb
796 Shsvcs 059c3e04-5535-4929-85e1-93030e78f47b
797 SleepStudy d37687e7-8bf0-4d11-b589-a7abe080756a
798 SmartCard-Audit 09ac07b9-6ac9-43bc-a50f-58419a797c69
799 SmartCard-DeviceEnum aaeac398-3028-487c-9586-44eacad03637
800 Smartcard-Server 4fcbf664-a33a-4652-b436-9d558983d955
801 SmartCard-TPM-VCard-Module 125f2cf1-2768-4d33-976e-527137d080f8
802 Smartcard-Trigger aedd909f-41c6-401a-9e41-dfc33006af5d
803 SmartScreen 3cb2a168-fe34-4a4e-bdad-dcf422f34473
804 SMBClient 988c59c5-0a1c-45b6-a555-0c62276e327d
805 SMBDirect db66ea65-b7bb-4ca9-8748-334cb5c32400
806 SMBServer d48ce617-33a2-4bc3-a5c7-11aa4f29619e
807 SMBWitnessClient 32254f6c-aa33-46f0-a5e3-1cbcc74bf683
808 SmbWmiProvider 50b9e206-9d55-4092-92e8-f157a8235799
809 SoftwareRestrictionPolicies 7d29d58a-931a-40ac-8743-48c733045548
810 SPB-ClassExtension 72cd9ff7-4af8-4b89-aede-5f26fda13567
811 SPB-HIDI2C 991f8fe6-249d-44d6-b93d-5a3060c1dedb
812 Speech-TTS 74dcc47a-846e-4c98-9e2c-80043ed82b15
813 Speech-UserExperience 13480a22-d79f-4334-9d32-aa239398ad3c
814 SpellChecker b2fcd41f-9a40-4150-8c92-b224b7d8c8aa
815 Spell-Checking d0e22efc-ac66-4b25-a72d-382736b5e940
816 Spellchecking-Host 1bda2ab1-bbc1-4acb-a849-c0ef2b249672
817 SQLOLEDB_1 c5bffe2e-9d87-d568-a09e-08fc83d0c7c2
818 SQLSRV32.1 4b647745-f438-0a42-f870-5dbd29949c99
819 SruMon c8dbf506-e3d3-4822-930d-84c557eb6247
820 SrumTelemetry 48d445a8-2f64-4d49-b093-a5774d8dc531
821 StartLmhosts 2d7904d8-5c90-4209-ba6a-4c08f409934c
822 StartupRepair c914f0df-835a-4a22-8c70-732c9a80c634
823 StateRepository 89592015-d996-4636-8f61-066b5d4dd739
824 stobject 86133982-63d7-4741-928e-ef1349b80219
825 StorageManagement 7e58e69a-e361-4f06-b880-ad2f4b64c944
826 StorageManagement-WSP-FS 435f8e4b-8cc4-430e-9796-28cae4976576
827 StorageManagement-WSP-Health b1f01d1a-ae3a-4940-81ee-ddccbad380ef
828 StorageManagement-WSP-Host 595f33ea-d4af-4f4d-b4dd-9dacdd17fc6e
829 StorageManagement-WSP-Spaces 88c09888-118d-48fc-8863-e1c6d39ca4df
830 StorageSpaces-Driver 595f7f52-c90a-4026-a125-8eb5e083f15e
831 StorageSpaces-ManagementAgent aa4c798d-d91b-4b07-a013-787f5803d6fc
832 StorageSpaces-SpaceManager 69c8ca7e-1adf-472b-ba4c-a0485986b9f6
833 Storage-Tiering 4a104570-ec6d-4560-a40f-858fa955e84f
834 Storage-Tiering-IoHeat 990c55fc-2662-47f6-b7d7-eb3c027cb13f
835 StorDiag f5d05b38-80a6-4653-825d-c414e4ab3c68
836 Store 9c2a37f3-e5fd-5cae-bcd1-43dafeee1ff0
837 StorPort c4636a1e-7986-4646-bf10-7bc3b4a76e8e
838 StorSqm 1be1a88d-8e34-4170-9123-f503375bbcef
839 Subsys-Csr e8316a2d-0d94-4f52-85dd-1e15b66c5891
840 Subsys-SMSS 43e63da5-41d1-4fbf-aded-1bbed98fdd1d
841 Superfetch 99806515-9f51-4c2f-b918-1eae407aa8cb
842 Sysprep 75ebc33e-77b8-4ba8-9474-4f4a9db2f5c6
843 SystemEventsBroker b6bfcc79-a3af-4089-8d4d-0eecb1b80779
844 System-Profile-HardwareId 3419de6d-5d7f-4668-acc8-f80566814d96
845 System-Restore 126cdb97-d346-4894-8a34-658da5eea1b6
846 SystemSettingsHandlers fbbd52e1-df97-529d-4b67-53f67da99a98
847 SystemSettingsThreshold 8bcdf442-3070-4118-8c94-e8843be363b3
848 TabletPC-CoreInkRecognition c2fa0899-8a10-412b-a42e-9e5b284a2437
849 TabletPC-InputPanel e978f84e-582d-4167-977e-32af52706888
850 TabletPC-InputPersonalization a8106e5c-293a-4cd0-9397-2e6fac7f9749
851 TabletPC-MathInput 8443ccb7-feb0-4b8d-8e28-8d4c7cb814e8
852 TabletPC-MathRecognizer bdb462fc-a297-49a2-bf2e-4f1809e12abc
853 TabletPC-Platform-Input-Core b5fd844a-01d4-4b10-a57f-58b13b561582
854 TabletPC-Platform-Input-Ninput 2c3e6d9f-8298-450f-8e5d-49b724f1216f
855 TabletPC-Platform-Input-Wisp e5aa2a53-30be-40f5-8d84-ad3f40a404cd
856 TabletPC-Platform-Manipulations 2fd7a9a5-b1a1-4fc7-b95c-c32fed818f30
857 TaskbarCPL 05d7b0f0-2121-4eff-bf6b-ed3f69b894d7
858 TaskScheduler de7b24ea-73c8-4a09-985d-5bdadcfa9017
859 TCPIP 2f07e2ee-15db-40f1-90ef-9d7ba282188a
860 TCPIP Service Trace eb004a05-9b1a-11d4-9123-0050047759bc
861 Tcpip-SQM-Provider c8f7689f-3692-4d66-b0c0-9536d21082c9
862 Telephony-PhoneOm e08c85f4-c224-499d-b5b3-c1bce960f096
863 Telephony-PhoneProviders 1db8dad0-7ca6-4f18-b357-43bfdd8c9806
864 Telephony-PhoneUtil 04a490d4-84c6-4920-9c22-51c80825ff2c
865 Telephony-TelephonyInteractiveUser 088a803b-578d-41b1-9402-92b7ceb380c8
866 Telephony-VoipRT bd1a62ed-263b-4a66-a574-1f43c79c64be
867 TerminalServer-MediaFoundationPlugin 4199ee71-d55d-47d7-9f57-34a1d5b2c904
868 TerminalServices-ClientActiveXCore 28aa95bb-d444-4719-a36f-40462168127e
869 TerminalServices-ClientUSBDevices 6e400999-5b82-475f-b800-cef6fe361539
870 TerminalServices-LocalSessionManager 5d896912-022d-40aa-a3a8-4fa5515c76d7
871 TerminalServices-MediaRedirection 3f7b2f99-b863-4045-ad05-f6afb62e7af1
872 TerminalServices-PnPDevices 27a8c1e2-eb19-463e-8424-b399df27a216
873 TerminalServices-Printers 952773bf-c2b7-49bc-88f4-920744b82c43
874 TerminalServices-RdpSoundDriver 127e0dc5-e13b-4935-985e-78fd508b1d80
875 TerminalServices-RemoteConnectionManager c76baa63-ae81-421c-b425-340b4b24157f
876 TerminalServices-ServerUSBDevices dcbe5aaa-16e2-457c-9337-366950045f0a
877 Tethering-Manager cc311f1f-623c-4ca4-ba44-a458016555e8
878 Tethering-Station 585cab4f-9351-436e-9d99-dc4b41a20de0
879 TextPredictionEngine 39a63500-7d76-49cd-994f-ffd796ef5a53
880 ThemeCPL 61f044af-9104-4ca5-81ee-cb6c51bb01ab
881 ThemeUI 869fb599-80aa-485d-bca7-db18d72b7219
882 Thermal-Polling e8a7c168-81ee-465c-8e8e-d39a2ac1ca41
883 Thread Pool c861d0e2-a2c1-4d36-9f9c-970bab943a12
884 Threat-Intelligence f4e1897c-bb5d-5668-f1d8-040f4d8dd344
885 TimeBroker 0657adc1-9ae8-4e18-932d-e6079cda5ab3
886 Time-Service 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb
887 TPM 1b6b0772-251b-4d42-917d-faca166bc059
888 TPM-WMI 7d5387b0-cbe0-11da-a94d-0800200c9a66
889 TriggerEmulatorProvider f230d19a-5d93-47d9-a83f-53829edfb8df
890 TS Client ActiveX Control Trace daa6caf5-6678-43f8-a6fe-b40ee096e06e
891 TS Client Trace 0c51b20c-f755-48a8-8123-bf6da2adc727
892 TS Rdp Init Trace c127c1a8-6ceb-11da-8bde-f66bad1e3f3a
893 TS RDP Shell Trace bfa655dc-6c51-11da-8bde-f66bad1e3f3a
894 TS Rdp Sound End Point Trace 5a966d1c-6b48-11da-8bde-f66bad1e3f3a
895 TSF-msctf 4fba1227-f606-4e5f-b9e8-fab9ab5740f3
896 TSF-msutb 74b655a2-8958-410e-80e2-3457051b8dff
897 TSF-UIManager 4dd778b8-379c-4d8c-b659-517a43d6df7d
898 TunnelDriver 4edbe902-9ed3-4cf0-93e8-b8b5fa920299
899 TunnelDriver-SQM-Provider 4214dcd2-7c33-4f74-9898-719ccceec20f
900 TZSync 3527cb55-1298-49d4-ab94-1243db0fcaff
901 TZUtil 2d318b91-e6e7-4c46-bd04-bfe6db412cf9
902 UAC e7558269-3fa5-46ed-9f4d-3c6e282dde55
903 UAC-FileVirtualization c02afc2b-e24e-4449-ad76-bcc2c2575ead
904 UIAnimation e0a40b26-30c4-4656-bc9a-74a5c3a0b2ec
905 UIAutomationCore 820a42d8-38c4-465d-b64e-d7d56ea1d612
906 UI-Input-Inking bf1db390-3e67-4d4d-a287-8958044a3db4
907 UIRibbon 87d476fe-1a0f-4370-b785-60b028019693
908 UI-Search d8965fcf-7397-4e0e-b750-21a4580bd880
909 UI-Shell e3ee1525-8742-4e05-871b-dd2a60330c53
910 UMB Trace 96ab095a-9519-4f5c-81ee-c510b0a45463
911 UmBus Driver Trace f9be9c98-10db-4318-bb61-cb0ddea08bf7
912 UMDF - Driver Manager Trace 485e7dea-0a80-11d8-ad15-505054503030
913 UMDF - Framework Trace 485e7de9-0a80-11d8-ad15-505054503030
914 UMDF - Host Process Trace 485e7df0-0a80-11d8-ad15-505054503030
915 UMDF - Lpc Driver Trace 485e7ded-0a80-11d8-ad15-505054503030
916 UMDF - Lpc Trace 485e7def-0a80-11d8-ad15-505054503030
917 UMDF - Platform Library Trace 485e7de8-0a80-11d8-ad15-505054503030
918 UMDF - Reflector Trace 485e7dee-0a80-11d8-ad15-505054503030
919 UMDF - Test Trace 485e7deb-0a80-11d8-ad15-505054503030
920 UMPass Driver Trace ff9e2bdd-0e24-437c-84be-7cfcae635808
921 UniversalTelemetryClient 6489b27f-7c43-5886-1d00-0a61bb2a375b
922 URLMon 245f975d-909d-49ed-b8f9-9a75691d6b6b
923 USB Storage Driver Tracing Provider 72fb9358-a9b3-41e0-ae41-e8deca41e3a8
924 USB-CCID f708c483-4880-11e6-9121-5cf37068b67b
925 USB-MAUSBHOST 7725b5f9-1f2e-4e21-baeb-b2af4690bc87
926 USB-UCX 36da592d-e43a-4e28-af6f-4bc57c5a11e8
927 USB-USBHUB 7426a56b-e2d5-4b30-bdef-b31815c1a74a
928 USB-USBHUB3 ac52ad17-cc01-4f85-8df5-4dce4333c99b
929 USB-USBPORT c88a4ef5-d048-4013-9408-e04b7db2814a
930 USB-USBXHCI 30e1d284-5d88-459c-83fd-6345b39b19ec
931 USBVideo da1d1dbd-3186-4fa2-bc2d-075efd9e43e2
932 User Device Registration 23b8d46b-67dd-40a3-b636-d43e50552c6d
933 User Profiles General db00dfb6-29f9-4a9c-9b3b-1f4f9e7d9770
934 User Profiles Service 89b1e9f0-5aff-44a6-9b44-0a07a7ce5845
935 User32 b0aa8734-56f7-41cc-b2f4-de228e98b946
936 UserAccountControl 2683b597-3cca-410a-97fe-6f7ee3d09b94
937 User-ControlPanel 319122a9-1485-4e48-af35-7db2d93b8ad2
938 UserDataAccess-CallHistoryClient f5988abb-323a-4098-8a34-85a3613d4638
939 UserDataAccess-CEMAPI 83a9277a-d2fc-4b34-bf81-8ceb4407824f
940 UserDataAccess-PimIndexMaintenance 99c66ba7-5a97-40d5-aa01-8a07fb3db292
941 UserDataAccess-Poom 0bd19909-eb6f-4b16-8074-6dce803f091d
942 UserDataAccess-UnifiedStore 56f519ab-9df6-4345-8491-a4ba21ac825b
943 UserDataAccess-UserDataApis b9b2de3c-3fbd-4f42-8ff7-33c3bad35fd4
944 UserDataAccess-UserDataService fb19ee2c-0d22-4a2e-969e-dd41ae0ce1a9
945 UserDataAccess-UserDataUtils d1f688bf-012f-4aec-a38c-e7d4649f8cd2
946 User-Diagnostic 305fc87b-002a-5e26-d297-60223012ca9c
947 User-Loader b059b83f-d946-4b13-87ca-4292839dc2f2
948 UserModePowerService ce8dee0b-d539-4000-b0f8-77bed049c590
949 UserPnp 96f4a050-7e31-453c-88be-9634f4e02139
950 UxInit 4154a29c-40d9-445f-8d65-24da473e8f65
951 UxTheme 422088e6-cd0c-4f99-bd0b-6985fa290bdf
952 VAN 01578f96-c270-4602-ade0-578d9c29fc0c
953 VDRVROOT e4480490-85b6-11dd-ad8b-0800200c9a66
954 VerifyHardwareSecurity f3f53c76-b06d-4f15-b412-61164a0d2b73
955 VHDMP e2816346-87f4-4f85-95c3-0c79409aa89d
956 Video-For-Windows 712abb2d-d806-4b42-9682-26da01d8b307
957 VIRTDISK 4d20df22-e177-4514-a369-f1759feedeb3
958 Volsnap cb017cd2-1f37-4e65-82bc-3e91f6a37559
959 Volume 9f7b5df4-b902-48bc-bc94-95068c6c7d26
960 VolumeControl 07de7879-1c96-41ce-afbd-c659a0e8e643
961 VolumeSnapshot-Driver 67fe2216-727a-40cb-94b2-c02211edb34a
962 VPN-Client 3c088e51-65be-40d1-9b90-62bfec076737
963 VSS tracing provider 9138500e-3648-4edb-aa4c-859e9f7b7c38
964 VWiFi 314b2b0d-81ee-4474-b6e0-c2aaec0ddbde
965 WABSyncProvider 17f14a23-551d-40cc-a086-e4194d64ed4c
966 Wallet 6ed11b00-c1b5-48cb-aecc-ff72ebefbae8
967 Wcmsvc 67d07935-283a-4791-8f8d-fa9117f3e6f2
968 WCN-Config-Registrar c100becf-d33a-4a4b-bf23-bbef4663d017
969 WCN-Config-Registrar-Secure c100becc-d33a-4a4b-bf23-bbef4663d017
970 WCNWiz e8aa5402-26a1-455e-a21b-f240ed62d155
971 WDAG-PolicyEvaluator-CSP 64a98c25-9e00-404e-84ad-6700dfe02529
972 WDAG-PolicyEvaluator-GP e53df8ba-367a-4406-98d5-709ffb169681
973 WDAG-Service 728b02d9-bf21-49f6-be3f-91bc06f7467e
974 WebAuth db6972b6-dddf-4820-84b1-2ed6ac0b96e5
975 WebAuthN 3ae1ea61-c002-47fb-b06c-4022a8c98929
976 WebcamExperience 9e12ceb1-e3ff-46ad-a0aa-11738b122d20
977 WebdavClient-LookupServiceTrigger 22b6d684-fa63-4578-87c9-effcbe6643c7
978 WebIO 50b3e73c-9370-461d-bb9f-26f32d68887d
979 WebServices e04fe2e0-c6cf-4273-b59d-5c97c9c374a4
980 Websocket-Protocol-Component cba5f63c-e2cf-4b36-8305-bde1311924fc
981 WEPHOSTSVC d5f7235b-48e2-4e9c-92fe-0e4950aba9e8
982 WER-Diag ad8aa069-a01b-40a0-ba40-948d1d8dedc5
983 WER-SystemErrorReporting abce23e7-de45-4366-8631-84fa6c525952
984 WFP 0c478c5b-0351-41b1-8c58-4a6737da32e3
985 WHEA-Logger c26c4f3c-3f66-4e99-8f8a-39405cfed220
986 WiFiDisplay 712880e9-7813-41a3-8e4c-e4e0c4f6580a
987 WiFiHotspotService 814182fe-58f7-11e1-853c-78e7d1ca7337
988 WiFiNetworkManager e5c16d49-2464-4382-bb20-97a4b5465db9
989 Win32k 8c416c79-d49b-4f01-a467-e56d3aa8234c
990 Windeploy 75ebc33e-c8ae-4f93-9ca1-683a53e20cb6
991 Windows Connect Now c100bece-d33a-4a4b-bf23-bbef4663d017
992 Windows Defender 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78
993 Windows Defender Firewall API 28c9f48f-d244-45a8-842f-dc9fbc9b6e92
994 Windows Defender Firewall API - GP 0eff663f-8b6e-4e6d-8182-087a8eaa29cb
995 Windows Defender Firewall Driver d5e09122-d0b2-4235-adc1-c89faaaf1069
996 Windows Defender Firewall NetShell Plugin 28c9f48f-d244-45a8-842f-dc9fbc9b6e94
997 Windows Defender Firewall Service 5eefebdb-e90c-423a-8abf-0241e7c5b87d
998 Windows Firewall With Advanced Security d1bc9aff-2abf-4d71-9146-ecb2a986eb85
999 Windows Kernel Trace 9e814aad-3204-11d2-9a82-006008a86939
1000 Windows Media Player Trace a9c1a3b7-54f3-4724-adce-58bc03e3bc78
1001 Windows NetworkItemFactory Trace d2a60d61-0f87-4673-a86c-9c461457fe27
1002 Windows Notification Facility Provider 42695762-ea50-497a-9068-5cbbb35e0b95
1003 Windows Remote Management Trace 04c6e16d-b99f-4a3a-9b3e-b8325bbc781e
1004 Windows Wininit Trace c2ba06e2-f7ce-44aa-9e7e-62652cdefe97
1005 Windows Winlogon Trace d451642c-63a6-11d7-9720-00b0d03e0347
1006 Windows-ApplicationModel-Store-SDK ff79a477-c45f-4a52-8ae0-2b324346d4e4
1007 WindowsBackup 01979c6a-42fa-414c-b8aa-eee2c8202018
1008 WindowsColorSystem d53270e3-c8cf-4707-958a-dad20c90073c
1009 WindowsSystemAssessmentTool 11a75546-3234-465e-bec8-2d301cb501ac
1010 WindowsToGo-StartupOptions 2e6cb42e-161d-413b-a6c1-84ca4c1e5890
1011 WindowsUIImmersive 74827cbb-1e0f-45a2-8523-c605866d2f22
1012 WindowsUpdateClient 945a8954-c147-4acd-923f-40c45405a658
1013 WinHttp 7d44233d-3055-4b9c-ba64-0d47ca40a232
1014 WinINet 43d1a55c-76d6-4f7e-995c-64c711e5cafe
1015 WinINet-Capture a70ff94f-570b-4979-ba5c-e59c9feab61b
1016 WinINet-Config 5402e5ea-1bdd-4390-82be-e108f1e634f5
1017 Wininit 206f6dea-d3c5-4d10-bc72-989f03c8b84b
1018 WinJson 4637124c-1d40-4b4d-892f-2aaecf24ff06
1019 Winlogon dbe9b383-7cf3-4331-91cc-a3cb16a3b538
1020 WinMDE 77549803-7bb1-418b-a98e-f2e22f35a873
1021 WinML c8517e09-bea2-5bb6-bef3-50b4c91c431e
1022 WinNat 66c07ecd-6667-43fc-93f8-05cf07f446ec
1023 WinRM a7975c8f-ac13-49f1-87da-5a984a4ab417
1024 WinRT-Error a86f8471-c31d-4fbc-a035-665d06047b03
1025 WINSATAPI_ETW_PROVIDER 617853d6-728b-4b59-8a78-c3a9a5eade92
1026 Winsock-AFD e53c6823-7bb8-44bb-90dc-3f86090d48a6
1027 Winsock-NameResolution 55404e71-4db9-4deb-a5f5-8f86e46dde56
1028 Winsock-SQM 093da50c-0bb9-4d7d-b95c-3bb9fcda5ee8
1029 Winsock-WS2HELP d5c25f9a-4d47-493e-9184-40dd397a004d
1030 Winsrv 9d55b53d-449b-4824-a637-24f9d69aa02f
1031 Wired-AutoConfig b92cf7fd-dc10-4c6b-a72d-1613bf25e597
1032 Wireless Client Trace 8a3cf0b5-e0bc-450b-ae4b-61728ffa1d58
1033 WLAN AutoConfig Trace 0c5a3172-2248-44fd-b9a6-8389cb1dc56a
1034 WLAN Diagnostics Trace 637a0f36-dff5-4b2f-83dd-b106c1c725e2
1035 WLAN Dialog Trace 520319a9-b932-4ec7-943c-61e560939101
1036 WLAN Extensibility Trace e2eb5b52-08b1-4391-b670-f58317376247
1037 WLAN HC Diagnostics Trace 6da4ddca-0901-4bae-9ad4-7e6030bab531
1038 WLAN-AutoConfig 9580d7dd-0379-4658-9870-d5be7d52d6de
1039 WlanConn 239cfb83-cbb7-4bbc-a02e-9bdb496aa7c2
1040 WlanDlg d4afa0dc-4dd1-40af-afce-cb0d0e6736a7
1041 WLAN-Driver daa6a96b-f3e7-4d4d-a0d6-31a350e6a445
1042 WLAN-MediaManager 323dad74-d3ec-44a8-8b9d-cafeb4999274
1043 WlanPref ca5ba219-c0d4-4efa-9ceb-72aff92672b0
1044 WLGPA 46098845-8a94-442d-9095-366a6bcfefa9
1045 WMI 1edeee53-0afe-4609-b846-d8c0b2075b1f
1046 WMI_Tracing 1ff6b227-2ca7-40f9-9a66-980eadaa602e
1047 WMI_Tracing_Client_Operations 8e6b6962-ab54-4335-8229-3255b919dd0e
1048 WMI-Activity 1418ef04-b0b4-4623-bf7e-d74ab47bbdaa
1049 WMP f3f14ff3-7b80-4868-91d0-d77e497b025e
1050 WMP Network Sharing API 8ed60a3a-8c12-49c5-a518-fdf451bc10fc
1051 WMP Network Sharing Service a7eb57f6-145e-4f18-bd75-dbbf6f7e23a7
1052 WMP Network Sharing Taskbar d804a67f-4c25-43c1-896f-89ff78b3a911
1053 WMPDMCUI 3f9e07bd-0e26-4241-a5a5-28cafa150a75
1054 WMPNSS-PublicAPI 614696c9-85af-4e64-b389-d2c0db4ff87b
1055 WMPNSS-Service 6a2dc7c1-930a-4fb5-bb44-80b30aebed6c
1056 WMPNSSUI 7c314e58-8246-47d1-8f7a-4049dc543e0b
1057 WMP-Setup_WM 0d759f0f-cff9-4902-8867-eb9e29d7a98b
1058 wmvdecod 55bacc9f-9ac0-46f5-968a-a5a5dd024f8a
1059 WMVENCOD 313b0545-bf9c-492e-9173-8de4863b8573
1060 Wordpad 54ffd262-99fe-4576-96e7-1adb500370dc
1061 WorkFolders 34a3697e-0f10-4e48-af3c-f869b5babebb
1062 Workplace Join 76ab12d5-c986-4e60-9d7c-2a092b284cdd
1063 WPD API Trace c3c5d8af-2fd5-4500-a8e7-379c2d0bbe2e
1064 WPD Bluetooth MTP Emumerator Driver Trace 4b6efb94-30ea-49a7-bb29-e9ed9dce67da
1065 WPD BusEnumService Trace 0381564e-d5cb-4e48-ab35-be24389b0f59
1066 WPD ClassExtension Trace a0a352c5-b8ec-41e9-9936-8452c1c0a6cf
1067 WPD ClassInstaller Trace 45350d79-4497-42f1-bd1b-83587575b91a
1068 WPD Composite Driver Trace 72891ee8-c088-4331-9745-5bf4aa7b344d
1069 WPD FSDriver Trace 1311095b-b9ff-497a-8560-2f43ca5438e4
1070 WPD ShellExtension Trace a42c7bd1-5af3-4b32-9bc6-b85eb31d3f4a
1071 WPD ShellServiceObject Trace 1ab5ac29-037f-43a1-9484-78c9db61f869
1072 WPD Types Trace 58e8f67d-29e9-456c-b23d-c6489e341bb0
1073 WPD WiaCompat Trace b809f4ff-3023-473c-971b-ab594429ea57
1074 WPD WMDMCompat Trace 17abf473-982c-4d0e-b502-3a59d89e71de
1075 WPD-API 31569dcf-9c6f-4b8e-843a-b7c1cc7ffcba
1076 WPDClassInstaller ad5162d8-daf0-4a25-88a7-01cbeb33902e
1077 WPD-CompositeClassDriver 355c44fe-0c8e-4bf8-be28-8bc7b5a42720
1078 WPD-MTPBT 92ab58d3-f351-4af5-9c72-d52f36ee2c92
1079 WPD-MTPClassDriver 21b7c16e-c5af-4a69-a74a-7245481c1b97
1080 WPD-MTPIP c374d21e-69b2-4cd7-9a25-62187c5a5619
1081 WPD-MTPUS dcfc4489-9ce0-403c-99df-a05422c60898
1082 WSAT_TraceProvider 7f3fe630-462b-47c5-ab07-67ca84934abd
1083 WSC-SRV 5857d6ca-9732-4454-809b-2a87b70881f8
1084 WUSA 09608c12-c1da-4104-a6fe-b959cf57560a
1085 WWAN-CFE 71c993b8-1e28-4543-9886-fb219b63fdb3
1086 WWAN-MediaManager f4c9be26-414f-42d7-b540-8bff965e6d32
1087 WWAN-MM-EVENTS 7839bb2a-2ea3-4eca-a00f-b558ba678bec
1088 WWAN-NDISUIO-EVENTS b3eee223-d0a9-40cd-adfc-50f1888138ab
1089 WWAN-SVC-EVENTS 3cb40aaa-1145-4fb8-b27b-7e30f0454316
1090 XAML 531a35ab-63ce-4bcf-aa98-f88c7a89e455
1091 XAML-Diagnostics 59e7a714-73a4-4147-b47e-0957048c75c4
1092 XAudio2 1ee3abdb-c1fc-4b43-9e56-11064abba866
1093 XWizard Framework 777ba8ff-2498-4875-933a-3067de883070
1094 XWizards 777ba8fe-2498-4875-933a-3067de883070