These are just random notes and programs that may have incomplete descriptions. Any scripts or programs use at your risk
<QueryList>
<Query Id="0" Path="Security">
<Select Path="Security">*[System[(EventID=4624)] and EventData[Data[@Name='LmPackageName']='NTLM V1']]</Select>
</Query>
</QueryList>
No comments:
Post a Comment