Analysis
-
max time kernel
118s -
max time network
143s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
21-11-2024 01:29
General
-
Target
6aa986b1611fd71775e14011ce0f4c41282953c46f8a17d9bea89072a383440f.exe
-
Size
54KB
-
MD5
c0c56f310160cb211e7e69fdf24bee43
-
SHA1
6279cf3d1e370444950b2c694f16e3bd7c8ec969
-
SHA256
6aa986b1611fd71775e14011ce0f4c41282953c46f8a17d9bea89072a383440f
-
SHA512
28402f4a022a0d0172ea0547011e9f344f687259f94f857a2250e916f3e83095f46d4f199fb112a10cdca7126f7cf640571595b301ef0e9e374ed067577cf572
-
SSDEEP
768:U+hvPV2e5loa5VIz3+hNbPQNg6OHPSnGoVrtqkql6bcIwC9t+St+:vkoi3+vPQNg6OHPCGyRq56b3hU
Score
9/10
Malware Config
Signatures
-
Clears Windows event logs 1 TTPs 64 IoCs
-
Enumerates connected drives 3 TTPs 1 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Indicator Removal: File Deletion 1 TTPs
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Power Settings 1 TTPs 2 IoCs
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-
Drops file in System32 directory 4 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 64 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
System Time Discovery 1 TTPs 2 IoCs
Adversary may gather the system time and/or time zone settings from a local or remote system.
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\6aa986b1611fd71775e14011ce0f4c41282953c46f8a17d9bea89072a383440f.exe"C:\Users\Admin\AppData\Local\Temp\6aa986b1611fd71775e14011ce0f4c41282953c46f8a17d9bea89072a383440f.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%temp%\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%WINDIR%\temp\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c FOR /D %p IN ("%WINDIR%\temp\*") DO rmdir /s /q "%p"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%USERPROFILE%\Downloads\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%USERPROFILE%\AppData\Local\Temporary Internet Files\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Windows\Logs\CBS\*.*"2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\swtools\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\drivers\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\swsetup\"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Windows\Prefetch\"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%SystemRoot%\Minidump\*.dmp"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%SystemRoot%\Memory.dmp"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%LOCALAPPDATA%\CrashDumps\*.dmp"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%PROGRAMDATA%\Microsoft\Windows\WER\ReportArchive\*.*dmp"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%PROGRAMDATA%\Microsoft\Windows\WER\ReportQueue\*.*dmp"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%PROGRAMDATA%\Diebold\Harvester\logs\*.log"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%PROGRAMDATA%\DieboldNixdorf\packages\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%USERPROFILE%\AppData\local\Microsoft\Windows\WER\ReportArchive\*.*dmp"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%USERPROFILE%\AppData\local\Microsoft\Windows\WER\ReportQueue\*.*dmp"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\LOG\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\*.hprof"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\hs_err_pid*.log"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\FIB_1\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\LOG_1\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\Diebold\Agilis TPM Utilities\logs\*.log"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\Diebold\TEK\logs\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\TrouSerS\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\Diebold\Agilis TPM Utilities\logs\*.log"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\Diebold\TEK\logs\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\TrouSerS\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%AIUROOT%\logs\Archive\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\TrouSerS\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\INVENTORY\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\diagserv\data\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\diagserv\log\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\diagserv\plugins\configuration\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\diagserv\temp\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\diagserv\bin\*.hprof"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\KEYSTORE\RM4H\rm4h_certs.bin"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\RM4H_0\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\SELV5_CRS_0\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\logs\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\firmware\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\XFS_RM4H_0\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\DBD_MODULES\RM4V\GDF\*.GDF"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\KEYSTORE\CMDV6C\cmd_v6c_certs.bin"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c copy "%CSCROOT%\CONF\CMDV6_0\simulatedNoteTable.conf" C:\Agilis2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\CMDV6_0\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c move C:\Agilis\simulatedNoteTable.conf "%CSCROOT%\CONF\CMDV6_0\"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\XFS_CMDV6C_0\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\RM3_CRS_0\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\SELV5_CRS_0\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\KEYSTORE\channelkeys.ubr"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\KEYSTORE\securechannel.ubr"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c copy "%CSCROOT%\CONF\RM3_ATM_0\simulatedNoteTable.conf" C:\Agilis2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\RM3_ATM_0\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c move C:\Agilis\simulatedNoteTable.conf "%CSCROOT%\CONF\RM3_ATM_0\"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\SELV5_ATM_0\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\WfsCashUnits.bak"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\WfsCashUnits.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\WfsCdmPresentStatus.bak"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\WfsCdmPresentStatus.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\WfsCimCashInStatus.bak"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\WfsCimCashInStatus.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\KEYSTORE\securechannel_cmd.ubr"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\RM3_CCDM_0\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_CashUnitMemory.bak"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_CashUnitMemory.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_WfsCimCashInStatus.bak"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_WfsCimCashInStatus.xml"2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_WfsIpmMediaBinInfo.bak"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_WfsIpmMediaBinInfo.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_WfsIpmStatus.bak"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_WfsIpmStatus.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_WfsIpmTransStatus.bak"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_WfsIpmTransStatus.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_SupplyReplenMem.bak"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\Ccdm_SupplyReplenMem.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\CONF\*.dat"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\tpm\restorelog.txt"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\log\tpm\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\KEYSTORE\TpmStatus.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\KEYSTORE\tcsc\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%CSCROOT%\VIDEO\log\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Diebold\Security\TPM\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Diebold\sbxlog\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Diebold\sbx\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Diebold\sbxarchives\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Diebold\logs\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Diebold\vcs\logs\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Diebold\EDC\EDCLocal.dat"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Diebold\Archive\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Diebold\WinSetup\MS_FOD\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Diebold\WinSetup\MS_Updates\Updates-x64\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\Diebold\ABC\message.trc"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\Diebold\Agilis EmPower\Local\Netdata\FITtable.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\Diebold\Agilis EmPower\Local\Netdata\States\States.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\Diebold\Agilis EmPower\States\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\Diebold\Agilis EmPower\Local\Netdata\FITtable.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\Diebold\Agilis EmPower\Local\Netdata\States\States.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\Diebold\Agilis EmPower\States\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\Diebold\ABC\message.trc"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\Diebold\Agilis EmPower\PrintOutput\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\Diebold\Agilis EmPower\PrintOutput\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\Diebold\AMI\AMITRACE\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\Diebold\AMI\AMITRACE\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\Diebold\Agilis EmPower\Config\ExCICounts.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles(x86)%\Diebold\Agilis EmPower\Config\FaulHistory.dat"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\Diebold\Agilis EmPower\Config\ExCICounts.xml"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%ProgramFiles%\Diebold\Agilis EmPower\Config\FaulHistory.dat"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c trcwclr error2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c trcwclr trace2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q "%systemdrive%\Agilis\Logs\*.*"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c cleanmgr.exe /s /q /sagerun2⤵
-
C:\Windows\SysWOW64\cleanmgr.execleanmgr.exe /s /q /sagerun3⤵
- Enumerates connected drives
- Drops file in System32 directory
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c del /s /q %systemdrive%\$Recycle.bin2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe el2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe el3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl AMSI/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl AMSI/Debug3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl AirSpaceChannel2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl AirSpaceChannel3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Analytic3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Application2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Application3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl DirectShowFilterGraph2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl DirectShowFilterGraph3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl DirectShowPluginControl2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl DirectShowPluginControl3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Els_Hyphenation/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Els_Hyphenation/Analytic3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl EndpointMapper2⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl EndpointMapper3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl FirstUXPerf-Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl FirstUXPerf-Analytic3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl ForwardedEvents2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl ForwardedEvents3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl General Logging2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl General Logging3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl HardwareEvents2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl HardwareEvents3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl IHM_DebugChannel2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl IHM_DebugChannel3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Intel-iaLPSS-GPIO/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Intel-iaLPSS-GPIO/Analytic3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Intel-iaLPSS-I2C/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Intel-iaLPSS-I2C/Analytic3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Intel-iaLPSS2-GPIO2/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Intel-iaLPSS2-GPIO2/Debug3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Intel-iaLPSS2-GPIO2/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Intel-iaLPSS2-GPIO2/Performance3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Intel-iaLPSS2-I2C/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Intel-iaLPSS2-I2C/Debug3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Intel-iaLPSS2-I2C/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Intel-iaLPSS2-I2C/Performance3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Internet Explorer2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Internet Explorer3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Key Management Service2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Key Management Service3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MF_MediaFoundationDeviceMFT2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MF_MediaFoundationDeviceMFT3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MF_MediaFoundationDeviceProxy2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MF_MediaFoundationDeviceProxy3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MF_MediaFoundationFrameServer2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MF_MediaFoundationFrameServer3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MedaFoundationVideoProc2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MedaFoundationVideoProc3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MedaFoundationVideoProcD3D2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MedaFoundationVideoProcD3D3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationAsyncWrapper2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationAsyncWrapper3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationContentProtection2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationContentProtection3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationDS2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationDS3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationDeviceProxy2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationDeviceProxy3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationMP42⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationMP43⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationMediaEngine2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationMediaEngine3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationPerformance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationPerformance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationPerformanceCore2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationPerformanceCore3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationPipeline2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationPipeline3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationPlatform2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationPlatform3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl MediaFoundationSrcPrefetch2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl MediaFoundationSrcPrefetch3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-AppV-Client-Streamingux/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-AppV-Client-Streamingux/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-AppV-Client/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-AppV-Client/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-AppV-Client/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-AppV-Client/Debug3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-AppV-Client/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-AppV-Client/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-AppV-Client/Virtual Applications2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-AppV-Client/Virtual Applications3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-AppV-SharedPerformance/Analytic2⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-AppV-SharedPerformance/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Client-Licensing-Platform/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Client-Licensing-Platform/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Client-Licensing-Platform/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Client-Licensing-Platform/Debug3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Client-Licensing-Platform/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Client-Licensing-Platform/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-IE/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-IE/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-IEFRAME/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-IEFRAME/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-JSDumpHeap/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-JSDumpHeap/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-OneCore-Setup/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-OneCore-Setup/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-PerfTrack-IEFRAME/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-PerfTrack-IEFRAME/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-PerfTrack-MSHTML/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-PerfTrack-MSHTML/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-User Experience Virtualization-Admin/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-User Experience Virtualization-Admin/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-User Experience Virtualization-Agent Driver/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-User Experience Virtualization-Agent Driver/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-User Experience Virtualization-Agent Driver/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-User Experience Virtualization-Agent Driver/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-User Experience Virtualization-App Agent/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-User Experience Virtualization-App Agent/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-User Experience Virtualization-App Agent/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-User Experience Virtualization-App Agent/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-User Experience Virtualization-App Agent/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-User Experience Virtualization-App Agent/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-User Experience Virtualization-IPC/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-User Experience Virtualization-IPC/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-User Experience Virtualization-SQM Uploader/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-User Experience Virtualization-SQM Uploader/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-User Experience Virtualization-SQM Uploader/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-User Experience Virtualization-SQM Uploader/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-User Experience Virtualization-SQM Uploader/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-User Experience Virtualization-SQM Uploader/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AAD/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AAD/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AAD/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AAD/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ADSI/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ADSI/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ASN1/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ASN1/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ATAPort/General2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ATAPort/General3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ATAPort/SATA-LPM2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ATAPort/SATA-LPM3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ActionQueue/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ActionQueue/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-All-User-Install-Agent/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-All-User-Install-Agent/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AllJoyn/Debug2⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AllJoyn/Debug3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AllJoyn/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AllJoyn/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppHost/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppHost/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppHost/ApplicationTracing2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppHost/ApplicationTracing3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppHost/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppHost/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppHost/Internal2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppHost/Internal3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppID/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppID/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppLocker/EXE and DLL2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppLocker/EXE and DLL3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppLocker/MSI and Script2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppLocker/MSI and Script3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppLocker/Packaged app-Deployment2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppLocker/Packaged app-Deployment3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppLocker/Packaged app-Execution2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppLocker/Packaged app-Execution3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppModel-Runtime/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppModel-Runtime/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppModel-Runtime/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppModel-Runtime/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppModel-Runtime/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppModel-Runtime/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppModel-Runtime/Diagnostics2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppModel-Runtime/Diagnostics3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppModel-State/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppModel-State/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppModel-State/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppModel-State/Diagnostic3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppReadiness/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppReadiness/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppReadiness/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppReadiness/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppReadiness/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppReadiness/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppSruProv2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppSruProv3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppXDeployment/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppXDeployment/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppXDeployment/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppXDeployment/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppXDeploymentServer/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppXDeploymentServer/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppXDeploymentServer/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppXDeploymentServer/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppXDeploymentServer/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppXDeploymentServer/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppXDeploymentServer/Restricted2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppXDeploymentServer/Restricted3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ApplicabilityEngine/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ApplicabilityEngine/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ApplicabilityEngine/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ApplicabilityEngine/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application Server-Applications/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application Server-Applications/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application Server-Applications/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application Server-Applications/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application Server-Applications/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application Server-Applications/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application Server-Applications/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application Server-Applications/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Inventory2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Inventory3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Telemetry2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application-Experience/Program-Telemetry3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Application-Experience/Steps-Recorder2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Application-Experience/Steps-Recorder3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppxPackaging/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppxPackaging/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppxPackaging/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppxPackaging/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AppxPackaging/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AppxPackaging/Performance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AssignedAccess/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AssignedAccess/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AssignedAccess/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AssignedAccess/Operational3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AssignedAccessBroker/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AssignedAccessBroker/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AssignedAccessBroker/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AssignedAccessBroker/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AsynchronousCausality/Causality2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AsynchronousCausality/Causality3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Audio/CaptureMonitor2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Audio/CaptureMonitor3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Audio/GlitchDetection2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Audio/GlitchDetection3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Audio/Informational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Audio/Informational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Audio/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Audio/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Audio/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Audio/Performance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Audio/PlaybackManager2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Audio/PlaybackManager3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Audit/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Audit/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Authentication User Interface/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Authentication User Interface/Operational3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Authentication/ProtectedUser-Client2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Authentication/ProtectedUser-Client3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-AxInstallService/Log2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-AxInstallService/Log3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BTH-BTHPORT/HCI2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BTH-BTHPORT/HCI3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BTH-BTHPORT/L2CAP2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BTH-BTHPORT/L2CAP3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BTH-BTHUSB/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BTH-BTHUSB/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BTH-BTHUSB/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BTH-BTHUSB/Performance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BackgroundTaskInfrastructure/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BackgroundTaskInfrastructure/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Backup2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Backup3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Base-Filtering-Engine-Connections/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Base-Filtering-Engine-Connections/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Battery/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Battery/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Biometrics/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Biometrics/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Biometrics/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Biometrics/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BitLocker-DrivePreparationTool/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BitLocker-DrivePreparationTool/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BitLocker-DrivePreparationTool/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BitLocker-DrivePreparationTool/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BitLocker-Driver-Performance/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BitLocker-Driver-Performance/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BitLocker/BitLocker Management2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BitLocker/BitLocker Management3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BitLocker/BitLocker Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BitLocker/BitLocker Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BitLocker/Tracing2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BitLocker/Tracing3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Bits-Client/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Bits-Client/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Bits-Client/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Bits-Client/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Bluetooth-Bthmini/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Bluetooth-Bthmini/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Bluetooth-MTPEnum/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Bluetooth-MTPEnum/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Bluetooth-Policy/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Bluetooth-Policy/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BranchCache/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BranchCache/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BranchCacheClientEventProvider/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BranchCacheClientEventProvider/Diagnostic3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BranchCacheEventProvider/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BranchCacheEventProvider/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BranchCacheMonitoring/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BranchCacheMonitoring/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BranchCacheSMB/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BranchCacheSMB/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-BranchCacheSMB/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-BranchCacheSMB/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CAPI2/Catalog Database Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CAPI2/Catalog Database Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CAPI2/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CAPI2/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CDROM/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CDROM/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COM/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COM/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COM/ApartmentInitialize2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COM/ApartmentInitialize3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COM/ApartmentUninitialize2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COM/ApartmentUninitialize3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COM/Call2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COM/Call3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COM/CreateInstance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COM/CreateInstance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COM/ExtensionCatalog2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COM/ExtensionCatalog3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COM/FreeUnusedLibrary2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COM/FreeUnusedLibrary3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COM/RundownInstrumentation2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COM/RundownInstrumentation3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COMRuntime/Activations2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COMRuntime/Activations3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COMRuntime/MessageProcessing2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COMRuntime/MessageProcessing3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-COMRuntime/Tracing2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-COMRuntime/Tracing3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CertPoleEng/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CertPoleEng/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Cleanmgr/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Cleanmgr/Diagnostic3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ClearTypeTextTuner/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ClearTypeTextTuner/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CloudStore/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CloudStore/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CloudStore/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CloudStore/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CmiSetup/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CmiSetup/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CodeIntegrity/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CodeIntegrity/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CodeIntegrity/Verbose2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CodeIntegrity/Verbose3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ComDlg32/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ComDlg32/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ComDlg32/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ComDlg32/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Compat-Appraiser/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Compat-Appraiser/Analytic3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Compat-Appraiser/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Compat-Appraiser/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Containers-BindFlt/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Containers-BindFlt/Debug3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Containers-BindFlt/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Containers-BindFlt/Operational3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Containers-Wcifs/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Containers-Wcifs/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Containers-Wcifs/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Containers-Wcifs/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Containers-Wcnfs/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Containers-Wcnfs/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Containers-Wcnfs/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Containers-Wcnfs/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CoreApplication/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CoreApplication/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CoreApplication/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CoreApplication/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CoreApplication/Tracing2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CoreApplication/Tracing3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CoreWindow/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CoreWindow/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CoreWindow/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CoreWindow/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CorruptedFileRecovery-Client/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CorruptedFileRecovery-Client/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CorruptedFileRecovery-Server/Operational2⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CorruptedFileRecovery-Server/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Crashdump/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Crashdump/Operational3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-CredUI/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-CredUI/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Crypto-BCRYPT/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Crypto-BCRYPT/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Crypto-CNG/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Crypto-CNG/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Crypto-DPAPI/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Crypto-DPAPI/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Crypto-DPAPI/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Crypto-DPAPI/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Crypto-DSSEnh/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Crypto-DSSEnh/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Crypto-NCrypt/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Crypto-NCrypt/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Crypto-RNG/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Crypto-RNG/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Crypto-RSAEnh/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Crypto-RSAEnh/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-D3D10Level9/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-D3D10Level9/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-D3D10Level9/PerfTiming2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-D3D10Level9/PerfTiming3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DAL-Provider/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DAL-Provider/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DAL-Provider/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DAL-Provider/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DAMM/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DAMM/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DCLocator/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DCLocator/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DDisplay/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DDisplay/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DDisplay/Logging2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DDisplay/Logging3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DLNA-Namespace/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DLNA-Namespace/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DNS-Client/Operational2⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DNS-Client/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DSC/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DSC/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DSC/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DSC/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DSC/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DSC/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DSC/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DSC/Operational3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DUI/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DUI/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DUSER/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DUSER/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DXGI/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DXGI/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DXGI/Logging2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DXGI/Logging3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DXP/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DXP/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Data-Pdf/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Data-Pdf/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DataIntegrityScan/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DataIntegrityScan/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DataIntegrityScan/CrashRecovery2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DataIntegrityScan/CrashRecovery3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DateTimeControlPanel/Analytic2⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DateTimeControlPanel/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DateTimeControlPanel/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DateTimeControlPanel/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DateTimeControlPanel/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DateTimeControlPanel/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Deduplication/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Deduplication/Diagnostic3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Deduplication/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Deduplication/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Deduplication/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Deduplication/Performance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Deduplication/Scrubbing2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Deduplication/Scrubbing3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Defrag-Core/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Defrag-Core/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Deplorch/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Deplorch/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DesktopActivityModerator/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DesktopActivityModerator/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceAssociationService/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceAssociationService/Performance3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceConfidence/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceConfidence/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceGuard/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceGuard/Operational3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceGuard/Verbose2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceGuard/Verbose3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceSetupManager/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceSetupManager/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceSetupManager/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceSetupManager/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceSetupManager/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceSetupManager/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceSetupManager/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceSetupManager/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceSync/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceSync/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceSync/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceSync/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceUpdateAgent/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceUpdateAgent/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceUx/Informational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceUx/Informational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DeviceUx/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DeviceUx/Performance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Devices-Background/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Devices-Background/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dhcp-Client/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dhcp-Client/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dhcp-Client/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dhcp-Client/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dhcpv6-Client/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dhcpv6-Client/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dhcpv6-Client/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dhcpv6-Client/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DiagCpl/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DiagCpl/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-DPS/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-DPS/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-DPS/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-DPS/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-DPS/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-DPS/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-MSDE/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-MSDE/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-PCW/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-PCW/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-PCW/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-PCW/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-PCW/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-PCW/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-PLA/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-PLA/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-PLA/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-PLA/Operational3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-Perfhost/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-Perfhost/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-Scheduled/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-Scheduled/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-Scripted/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-Scripted/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-Scripted/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-Scripted/Analytic3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-Scripted/Debug2⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-Scripted/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-Scripted/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-Scripted/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-WDC/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-WDC/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnosis-WDI/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnosis-WDI/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnostics-Networking/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnostics-Networking/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnostics-Networking/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnostics-Networking/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnostics-Performance/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnostics-Performance/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Diagnostics-Performance/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Diagnostics-Performance/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Direct3D10/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Direct3D10/Analytic3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Direct3D10_1/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Direct3D10_1/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Direct3D11/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Direct3D11/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Direct3D11/Logging2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Direct3D11/Logging3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Direct3D11/PerfTiming2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Direct3D11/PerfTiming3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Direct3D12/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Direct3D12/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Direct3D12/Logging2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Direct3D12/Logging3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Direct3D12/PerfTiming2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Direct3D12/PerfTiming3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Direct3D9/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Direct3D9/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Direct3DShaderCache/Default2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Direct3DShaderCache/Default3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DirectComposition/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DirectComposition/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DirectManipulation/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DirectManipulation/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DirectShow-KernelSupport/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DirectShow-KernelSupport/Performance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DirectSound/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DirectSound/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Disk/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Disk/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DiskDiagnostic/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DiskDiagnostic/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DiskDiagnosticDataCollector/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DiskDiagnosticDataCollector/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DiskDiagnosticResolver/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DiskDiagnosticResolver/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dism-Api/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dism-Api/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dism-Api/ExternalAnalytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dism-Api/ExternalAnalytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dism-Api/InternalAnalytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dism-Api/InternalAnalytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dism-Cli/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dism-Cli/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DisplayColorCalibration/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DisplayColorCalibration/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DisplayColorCalibration/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DisplayColorCalibration/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DisplaySwitch/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DisplaySwitch/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Documents/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Documents/Performance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dot3MM/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dot3MM/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DriverFrameworks-UserMode/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DriverFrameworks-UserMode/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DucUpdateAgent/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DucUpdateAgent/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dwm-API/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dwm-API/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dwm-Core/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dwm-Core/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dwm-Dwm/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dwm-Dwm/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dwm-Redir/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dwm-Redir/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Dwm-Udwm/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Dwm-Udwm/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DxgKrnl-Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DxgKrnl-Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DxgKrnl-Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DxgKrnl-Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DxgKrnl/Contention2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DxgKrnl/Contention3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DxgKrnl/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DxgKrnl/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DxgKrnl/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DxgKrnl/Performance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DxgKrnl/Power2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DxgKrnl/Power3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-DxpTaskSyncProvider/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-DxpTaskSyncProvider/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EDP-Application-Learning/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EDP-Application-Learning/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EDP-Audit-Regular/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EDP-Audit-Regular/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EDP-Audit-TCB/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EDP-Audit-TCB/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EFS/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EFS/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ESE/IODiagnose2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ESE/IODiagnose3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-ESE/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-ESE/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EapHost/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EapHost/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EapHost/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EapHost/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EapHost/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EapHost/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EapMethods-RasChap/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EapMethods-RasChap/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EapMethods-RasTls/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EapMethods-RasTls/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EapMethods-Sim/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EapMethods-Sim/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EapMethods-Ttls/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EapMethods-Ttls/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EaseOfAccess/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EaseOfAccess/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Energy-Estimation-Engine/EventLog2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Energy-Estimation-Engine/EventLog3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Energy-Estimation-Engine/Trace2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Energy-Estimation-Engine/Trace3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EventCollector/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EventCollector/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EventCollector/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EventCollector/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EventLog-WMIProvider/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EventLog-WMIProvider/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EventLog/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EventLog/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-EventLog/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-EventLog/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FMS/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FMS/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FMS/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FMS/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FMS/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FMS/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FailoverClustering-Client/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FailoverClustering-Client/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Fault-Tolerant-Heap/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Fault-Tolerant-Heap/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FeatureConfiguration/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FeatureConfiguration/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FeatureConfiguration/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FeatureConfiguration/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-Catalog/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-Catalog/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-Catalog/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-Catalog/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-ConfigManager/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-ConfigManager/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-ConfigManager/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-ConfigManager/Debug3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-Core/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-Core/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-Core/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-Core/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-Core/WHC2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-Core/WHC3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-Engine/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-Engine/Analytic3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-Engine/BackupLog2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-Engine/BackupLog3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-Engine/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-Engine/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-EventListener/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-EventListener/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-EventListener/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-EventListener/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-Service/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-Service/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-Service/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-Service/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-UI-Events/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-UI-Events/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileHistory-UI-Events/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileHistory-UI-Events/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-FileInfoMinifilter/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-FileInfoMinifilter/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Firewall-CPL/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Firewall-CPL/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Folder Redirection/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Folder Redirection/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Forwarding/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Forwarding/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Forwarding/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Forwarding/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-GPIO-ClassExtension/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-GPIO-ClassExtension/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-GenericRoaming/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-GenericRoaming/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-GroupPolicy/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-GroupPolicy/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HAL/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HAL/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HealthCenter/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HealthCenter/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HealthCenter/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HealthCenter/Performance3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HealthCenterCPL/Performance2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HealthCenterCPL/Performance3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HelloForBusiness/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HelloForBusiness/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Help/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Help/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HomeGroup Control Panel/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HomeGroup Control Panel/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HomeGroup Listener Service/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HomeGroup Listener Service/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HomeGroup Provider Service/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HomeGroup Provider Service/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HomeGroup-ListenerService2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HomeGroup-ListenerService3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HotspotAuth/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HotspotAuth/Analytic3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HotspotAuth/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HotspotAuth/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HttpService/Log2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HttpService/Log3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-HttpService/Trace2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-HttpService/Trace3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-Guest-Drivers/Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-Guest-Drivers/Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-Guest-Drivers/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-Guest-Drivers/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-Guest-Drivers/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-Guest-Drivers/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-Hypervisor-Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-Hypervisor-Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-Hypervisor-Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-Hypervisor-Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-Hypervisor-Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-Hypervisor-Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-NETVSC/Diagnostic2⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-NETVSC/Diagnostic3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-VID-Admin2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-VID-Admin3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Hyper-V-VID-Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Hyper-V-VID-Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IE-SmartScreen2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IE-SmartScreen3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IKE/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IKE/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IKEDBG/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IKEDBG/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-Broker/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-Broker/Analytic3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-CandidateUI/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-CandidateUI/Analytic3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-CustomerFeedbackManager/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-CustomerFeedbackManager/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-JPAPI/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-JPAPI/Analytic3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-JPLMP/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-JPLMP/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-JPPRED/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-JPPRED/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-JPSetting/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-JPSetting/Analytic3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-JPTIP/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-JPTIP/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-KRAPI/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-KRAPI/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-KRTIP/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-KRTIP/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-OEDCompiler/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-OEDCompiler/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-TCCORE/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-TCCORE/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-TCTIP/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-TCTIP/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IME-TIP/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IME-TIP/Analytic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IPNAT/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IPNAT/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IPSEC-SRV/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IPSEC-SRV/Diagnostic3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IPxlatCfg/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IPxlatCfg/Debug3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IPxlatCfg/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IPxlatCfg/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IdCtrls/Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IdCtrls/Analytic3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IdCtrls/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IdCtrls/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Input-HIDCLASS-Analytic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Input-HIDCLASS-Analytic3⤵
- Clears Windows event logs
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-InputSwitch/Diagnostic2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-InputSwitch/Diagnostic3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-International-RegionalOptionsControlPanel/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-International-RegionalOptionsControlPanel/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Iphlpsvc/Debug2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Iphlpsvc/Debug3⤵
- System Location Discovery: System Language Discovery
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Iphlpsvc/Operational2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Iphlpsvc/Operational3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-Iphlpsvc/Trace2⤵
-
C:\Windows\SysWOW64\wevtutil.exewevtutil.exe cl Microsoft-Windows-Iphlpsvc/Trace3⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"cmd.exe" /c wevtutil.exe cl Microsoft-Windows-KdsSvc/Operational2⤵
-
Network
MITRE ATT&CK Enterprise v15
Defense Evasion
Indicator Removal
2Clear Windows Event Logs
1File Deletion
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5be9d1343fba03f161c665b7aedd9cb4c
SHA173baa42da8d8460445d0af492a056c955701c17b
SHA256a79b142e8ba0bf22a7a2888204bd944385ba0f761e339fb67ec4bb87418c7ea2
SHA5121b261013a11273c6e13533cb62eeb8ec0abbac033f6d205ddc41d1b675a1dd955e02936ce031fb2698de707f9525e0e1f5af69d1deafbe190cb496974dc4a4e8
-
Filesize
4KB
MD5af7efddb6e3e41b90ba42f9643f16915
SHA1b0f1f15fb751a466fd815bb3fce4c372b6dcd102
SHA256cb7a52c4c212a9f722e353e81cd35caa8cb47e37e25bc6e902af5817c3a091b6
SHA51248e9b35d1f4e042de2d0dd77b89fd58bb1dc510ef6978a7a9d16a4a8a310c670b1891c23506190ff5f23af37512096693d54ed1c2a332a6ea7f7665ab1193885
-
Filesize
619B
MD5e85253699999bec282fcda4bc2df0243
SHA1cbf431d65596144341311927e13715b78f42c72d
SHA256bc0a9b631f5c6a052e94a4df202e61c06410b03c5d91cc316322185ce7341880
SHA512f3f46f0be7459516829a0b150f91a98021a3e94b14073f6bf13ef7cb9cd8fb64b3ef2f501dd5aa3aa4e485c885de35879873c2f4a149eb5c76dbc70bb606c1bc
-
Filesize
9KB
MD5b355d70e0ef45ad2e5a9e763e6ac83cb
SHA1493689aa3f36f6cc433f0a4a73bf1abf58fb7895
SHA25621ee544e25e2588783c44abb3f3293d044f9b0d6294aac7a6c93c8955f54bc0d
SHA512339c67805a9a29ec781dffce2c09fa844eca080eb36a28205af39ccb9de6d731f128547c83a5d08fae61a63311ef673c113da3d04e3b071f52c03a8c53c6f7c7
-
Filesize
9KB
MD5ef82b304067edcf3cf990a42de93b695
SHA1a2a2af4015e81562bab4454232bbcb69708f5cd9
SHA25663a505045b1d4549428a469bf00b0f83aaf58cfd9eb2c32b24f17336e323ab31
SHA5128f5e17ed20bd033370220c7dc9f1373cd9aa79d3fe3b73cef1dbf0134f8705997f1287427c03d87e16a5932855a553501988b3c43b4ca2329d4d8f153dbe5d41
-
Filesize
10KB
MD560ebe5da79ae5d8741589f91a73c70c1
SHA1966524c0324f8f4190f017849ee66386c5759427
SHA256711a59b703bc56664263274fc39a865fd37922639efeb676f7e1bbbb423a72d8
SHA512a3869ad4003df1ab778cd5a515306668ab34403dd563df936dc5746c4034700b8cce54836100bef502305c2e16331705085b634813d856144fac3680a314da89
-
Filesize
1009B
MD510d13254388097e1c3a73500a4ecd974
SHA16053c9b2cba04082e92ef779916f182ac32e6c8a
SHA2566b092e7e9fdf9f825aaeb6f8f6105245c91e61a2c1f12a859ef77a9e191a861f
SHA5121e2e51b0d98782e1161f773f5c57a316bdd1a1cd91403f5b28fdb6b8d4147b32eedcc90bda4a1f32d42ee0619be08deecdc169af0cefc1ddcec270f12860d161
-
Filesize
136KB
-
Filesize
4KB
-
Filesize
80KB
-
Filesize
4KB
-
Filesize
5.6MB
-
Filesize
584KB