Skip to content

Commit

Permalink
add March 2023 ISOs
Browse files Browse the repository at this point in the history
  • Loading branch information
@AndrewRathbun
AndrewRathbun committed Apr 17, 2023
1 parent f57bfc6 commit 3e09319
Show file tree
Hide file tree
Showing 5,364 changed files with 4,685,022 additions and 0 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
6,785 changes: 6,785 additions & 0 deletions ETWProvidersManifests/Windows10/21H2/W10_21H2_Pro_20230321_19044.2728/WEPExplorer/All.xml
View file

Large diffs are not rendered by default.

0 ...21.1265/WEPExplorer/Application Popup.xml → ...44.2728/WEPExplorer/Application Popup.xml
View file
File renamed without changes.
0 ...orer/Application-Addon-Event-Provider.xml → ...orer/Application-Addon-Event-Provider.xml
View file
File renamed without changes.
0 ...621.1265/WEPExplorer/Error Instrument.xml → ...044.2728/WEPExplorer/Error Instrument.xml
View file
File renamed without changes.
0 ...21.1265/WEPExplorer/Intel-iaLPSS-GPIO.xml → ...44.2728/WEPExplorer/Intel-iaLPSS-GPIO.xml
View file
File renamed without changes.
0 ...621.1265/WEPExplorer/Intel-iaLPSS-I2C.xml → ...044.2728/WEPExplorer/Intel-iaLPSS-I2C.xml
View file
File renamed without changes.
0 ....1265/WEPExplorer/Intel-iaLPSS2-GPIO2.xml → ....2728/WEPExplorer/Intel-iaLPSS2-GPIO2.xml
View file
File renamed without changes.
0 ...21.1265/WEPExplorer/Intel-iaLPSS2-I2C.xml → ...44.2728/WEPExplorer/Intel-iaLPSS2-I2C.xml
View file
File renamed without changes.
0 ...0230221_22621.1265/WEPExplorer/LsaSrv.xml → ...0230321_19044.2728/WEPExplorer/LsaSrv.xml
View file
File renamed without changes.
282 changes: 282 additions & 0 deletions ...ws10/21H2/W10_21H2_Pro_20230321_19044.2728/WEPExplorer/Microsoft-Antimalware-AMFilter.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,282 @@
<Providers>
<Provider>
<Name>Microsoft-Antimalware-AMFilter</Name>
<Metadata>
<Guid>{CFEB0608-330E-4410-B00D-56D8DA9986E6}</Guid>
<ResourceFilePath>C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2303.8-0\Drivers\WdFilter.sys</ResourceFilePath>
<ParameterFilePath>C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2303.8-0\Drivers\WdFilter.sys</ParameterFilePath>
<MessageFilePath>C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2303.8-0\Drivers\WdFilter.sys</MessageFilePath>
<HelpLink>https://go.microsoft.com/fwlink/events.asp?CoName=Microsoft%20Corporation&amp;ProdName=Microsoft%c2%ae%20Windows%c2%ae%20Operating%20System&amp;ProdVer=4.18.2303.8&amp;FileName=WdFilter.sys&amp;FileVer=4.18.2303.8</HelpLink>
<PublisherMessage>Microsoft-Antimalware-AMFilter</PublisherMessage>
<Channels>
</Channels>
<Levels>
<Level>
<Message>Information</Message>
<Name>win:Informational</Name>
<Value>4</Value>
</Level>
<Level>
<Message>Verbose</Message>
<Name>win:Verbose</Name>
<Value>5</Value>
</Level>
</Levels>
<Tasks>
<Task>
<Message></Message>
<Name>AMFilter_CacheFlush</Name>
<Guid>{C1C40073-FEEE-4BAD-BBD8-432809E7321B}</Guid>
<Value>1</Value>
</Task>
<Task>
<Message></Message>
<Name>AMFilter_CacheRemove</Name>
<Guid>{FD2DD5D6-D0AE-4A27-B81F-65CEE630D427}</Guid>
<Value>2</Value>
</Task>
<Task>
<Message></Message>
<Name>AMFilter_CacheHit</Name>
<Guid>{F4B8837C-CBBC-4465-B67F-7C1DC7B0254F}</Guid>
<Value>3</Value>
</Task>
<Task>
<Message></Message>
<Name>AMFilter_CacheMiss</Name>
<Guid>{9AAA2163-02A1-411C-B86B-E39F6736EA8F}</Guid>
<Value>4</Value>
</Task>
<Task>
<Message></Message>
<Name>AMFilter_CacheAdd</Name>
<Guid>{BBB3C641-850D-43E2-BF03-1AB1464A19BD}</Guid>
<Value>5</Value>
</Task>
<Task>
<Message></Message>
<Name>AMFilter_SeqReadFlag</Name>
<Guid>{4AAA2E11-D313-4B4D-A0CE-C870C77BA4E9}</Guid>
<Value>6</Value>
</Task>
<Task>
<Message></Message>
<Name>AMFilter_TrustedProcess</Name>
<Guid>{09A0ABB6-F30E-4004-8A64-A421C73A8FDC}</Guid>
<Value>7</Value>
</Task>
<Task>
<Message></Message>
<Name>AMFilter_ProcessContext</Name>
<Guid>{7D5E421D-75B3-4C51-AD8C-9D56967A8004}</Guid>
<Value>8</Value>
</Task>
<Task>
<Message></Message>
<Name>AMFilter_FileScan</Name>
<Guid>{9FB4677D-CE50-4E86-A0D5-02FE5099A29D}</Guid>
<Value>9</Value>
</Task>
<Task>
<Message></Message>
<Name>AMFilter_DeleteStreamContext</Name>
<Guid>{1CA41536-FBF1-4194-838C-A84BA1CA2E2F}</Guid>
<Value>10</Value>
</Task>
<Task>
<Message></Message>
<Name>AMFilter_FileScanResult</Name>
<Guid>{F569B04C-D7E0-4802-8B7E-8B5A45385A72}</Guid>
<Value>11</Value>
</Task>
</Tasks>
<Opcodes>
<Opcode>
<Message>Info</Message>
<Name>win:Info</Name>
<Value>0</Value>
<Task>0</Task>
</Opcode>
</Opcodes>
<Keywords>
<Keyword>
<Message></Message>
<Name>FileScan</Name>
<Value>1</Value>
</Keyword>
<Keyword>
<Message></Message>
<Name>ProcessContext</Name>
<Value>2</Value>
</Keyword>
<Keyword>
<Message></Message>
<Name>Cache</Name>
<Value>4</Value>
</Keyword>
<Keyword>
<Message></Message>
<Name>TrustedProcess</Name>
<Value>8</Value>
</Keyword>
<Keyword>
<Message></Message>
<Name>IoBehavior</Name>
<Value>16</Value>
</Keyword>
<Keyword>
<Message></Message>
<Name>StreamContext</Name>
<Value>32</Value>
</Keyword>
</Keywords>
</Metadata>
<EventMetadata>
<Event>
<Id>1</Id>
<Version>0</Version>
<Level>Information</Level>
<Task>AMFilter_CacheFlush</Task>
<Keyword>Cache</Keyword>
<Template><![CDATA[
]]></Template>
</Event>
<Event>
<Id>2</Id>
<Version>0</Version>
<Level>Verbose</Level>
<Task>AMFilter_CacheRemove</Task>
<Keyword>Cache</Keyword>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="File_ID" inType="win:UInt64" outType="xs:unsignedLong"/>
</template>
]]></Template>
</Event>
<Event>
<Id>3</Id>
<Version>0</Version>
<Level>Verbose</Level>
<Task>AMFilter_CacheHit</Task>
<Keyword>Cache</Keyword>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="File_ID" inType="win:UInt64" outType="xs:unsignedLong"/>
</template>
]]></Template>
</Event>
<Event>
<Id>4</Id>
<Version>0</Version>
<Level>Verbose</Level>
<Task>AMFilter_CacheMiss</Task>
<Keyword>Cache</Keyword>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="File_ID" inType="win:UInt64" outType="xs:unsignedLong"/>
</template>
]]></Template>
</Event>
<Event>
<Id>5</Id>
<Version>0</Version>
<Level>Verbose</Level>
<Task>AMFilter_CacheAdd</Task>
<Keyword>Cache</Keyword>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="File_ID" inType="win:UInt64" outType="xs:unsignedLong"/>
</template>
]]></Template>
</Event>
<Event>
<Id>6</Id>
<Version>0</Version>
<Level>Information</Level>
<Task>AMFilter_SeqReadFlag</Task>
<Keyword>IoBehavior</Keyword>
<Template><![CDATA[
]]></Template>
</Event>
<Event>
<Id>7</Id>
<Version>0</Version>
<Level>Information</Level>
<Task>AMFilter_TrustedProcess</Task>
<Keyword>TrustedProcess</Keyword>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="Pid" inType="win:UInt32" outType="xs:unsignedInt"/>
<data name="Reason" inType="win:UnicodeString" outType="xs:string"/>
<data name="Trusted" inType="win:UInt32" outType="xs:unsignedInt"/>
<data name="TotalTrusted" inType="win:UInt32" outType="xs:unsignedInt"/>
<data name="TotalUntrusted" inType="win:UInt32" outType="xs:unsignedInt"/>
<data name="Path" inType="win:UnicodeString" outType="xs:string"/>
</template>
]]></Template>
</Event>
<Event>
<Id>8</Id>
<Version>0</Version>
<Level>Information</Level>
<Task>AMFilter_ProcessContext</Task>
<Keyword>ProcessContext</Keyword>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="Pid" inType="win:UInt32" outType="xs:unsignedInt"/>
<data name="Reason" inType="win:UnicodeString" outType="xs:string"/>
<data name="Flags" inType="win:UInt32" outType="win:HexInt32"/>
<data name="ProcessFilterFlags" inType="win:UInt32" outType="win:HexInt32"/>
<data name="ProcessName" inType="win:UnicodeString" outType="xs:string"/>
<data name="VmHardenType" inType="win:UInt64" outType="win:HexInt64"/>
<data name="ExemptVmHardenedTypes" inType="win:UInt64" outType="win:HexInt64"/>
</template>
]]></Template>
</Event>
<Event>
<Id>9</Id>
<Version>0</Version>
<Level>Information</Level>
<Task>AMFilter_FileScan</Task>
<Keyword>FileScan</Keyword>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="FileName" inType="win:UnicodeString" outType="xs:string"/>
<data name="Reason" inType="win:UnicodeString" outType="xs:string"/>
<data name="IoStatusBlockForNewFile" inType="win:UInt64" outType="win:HexInt64"/>
</template>
]]></Template>
</Event>
<Event>
<Id>10</Id>
<Version>0</Version>
<Level>Verbose</Level>
<Task>AMFilter_DeleteStreamContext</Task>
<Keyword>StreamContext</Keyword>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="File_ID" inType="win:UInt64" outType="xs:unsignedLong"/>
</template>
]]></Template>
</Event>
<Event>
<Id>11</Id>
<Version>0</Version>
<Level>Information</Level>
<Task>AMFilter_FileScanResult</Task>
<Keyword>FileScan</Keyword>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="FileName" inType="win:UnicodeString" outType="xs:string"/>
<data name="Reason" inType="win:UInt32" outType="xs:unsignedInt"/>
<data name="ScanStatus" inType="win:UInt32" outType="win:HexInt32"/>
<data name="State" inType="win:UInt32" outType="xs:unsignedInt"/>
<data name="ScanAttributes" inType="win:UInt32" outType="win:HexInt32"/>
<data name="FileId" inType="win:UInt64" outType="win:HexInt64"/>
<data name="USN" inType="win:UInt64" outType="win:HexInt64"/>
</template>
]]></Template>
</Event>
</EventMetadata>
</Provider>
</Providers>
Expand Down
82 changes: 82 additions & 0 deletions ...21H2_Pro_20230321_19044.2728/WEPExplorer/Microsoft-Antimalware-Engine-Instrumentation.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
<Providers>
<Provider>
<Name>Microsoft-Antimalware-Engine-Instrumentation</Name>
<Metadata>
<Guid>{68621C25-DF8D-4A6B-AABC-19A22E296A7C}</Guid>
<ResourceFilePath>C:\ProgramData\Microsoft\Windows Defender\Definition Updates\StableEngineEtwLocation\mpengine_etw.dll</ResourceFilePath>
<ParameterFilePath>C:\ProgramData\Microsoft\Windows Defender\Definition Updates\StableEngineEtwLocation\mpengine_etw.dll</ParameterFilePath>
<MessageFilePath>C:\ProgramData\Microsoft\Windows Defender\Definition Updates\StableEngineEtwLocation\mpengine_etw.dll</MessageFilePath>
<HelpLink>https://go.microsoft.com/fwlink/events.asp?CoName=Microsoft%20Corporation&amp;ProdName=Microsoft%20Malware%20Protection&amp;ProdVer=1.1.20200.4&amp;FileName=mpengine_etw.dll&amp;FileVer=1.1.20200.4</HelpLink>
<PublisherMessage></PublisherMessage>
<Channels>
</Channels>
<Levels>
<Level>
<Message>Information</Message>
<Name>win:Informational</Name>
<Value>4</Value>
</Level>
</Levels>
<Tasks>
<Task>
<Message>Data driven signature task</Message>
<Name>DataDrivenSignatureTask</Name>
<Guid>{E3A31A90-71CD-4AE7-9729-03F343805188}</Guid>
<Value>1</Value>
</Task>
</Tasks>
<Opcodes>
<Opcode>
<Message>Start</Message>
<Name>win:Start</Name>
<Value>1</Value>
<Task>0</Task>
</Opcode>
<Opcode>
<Message>Stop</Message>
<Name>win:Stop</Name>
<Value>2</Value>
<Task>0</Task>
</Opcode>
</Opcodes>
<Keywords>
</Keywords>
</Metadata>
<EventMetadata>
<Event>
<Id>1</Id>
<Version>1</Version>
<Level>Information</Level>
<Task>Data driven signature task</Task>
<Opcode>Start</Opcode>
<Message><![CDATA[
Data driven signature start event]]></Message>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="Type" inType="win:AnsiString" outType="xs:string"/>
<data name="Name" inType="win:AnsiString" outType="xs:string"/>
<data name="FileName" inType="win:UnicodeString" outType="xs:string"/>
<data name="VPath" inType="win:UnicodeString" outType="xs:string"/>
</template>
]]></Template>
</Event>
<Event>
<Id>2</Id>
<Version>1</Version>
<Level>Information</Level>
<Task>Data driven signature task</Task>
<Opcode>Stop</Opcode>
<Message><![CDATA[
Data driven signature end event]]></Message>
<Template><![CDATA[
<template xmlns="http://schemas.microsoft.com/win/2004/08/events">
<data name="Type" inType="win:AnsiString" outType="xs:string"/>
<data name="Name" inType="win:AnsiString" outType="xs:string"/>
<data name="FileName" inType="win:UnicodeString" outType="xs:string"/>
<data name="VPath" inType="win:UnicodeString" outType="xs:string"/>
</template>
]]></Template>
</Event>
</EventMetadata>
</Provider>
</Providers>
Expand Down
2 changes: 2 additions & 0 deletions ...dows10/21H2/W10_21H2_Pro_20230321_19044.2728/WEPExplorer/Microsoft-Antimalware-Engine.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
<Providers>
</Providers>
14 changes: 14 additions & 0 deletions ...Windows10/21H2/W10_21H2_Pro_20230321_19044.2728/WEPExplorer/Microsoft-Antimalware-NIS.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
<Providers>
<Provider>
<Name>Microsoft-Antimalware-NIS</Name>
<Metadata>
<Guid>{102AAB0A-9D9C-4887-A860-55DE33B96595}</Guid>
<ResourceFilePath>C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2303.8-0\NisSrv.exe</ResourceFilePath>
<ParameterFilePath>C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2303.8-0\NisSrv.exe</ParameterFilePath>
<MessageFilePath>C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2303.8-0\NisSrv.exe</MessageFilePath>
<HelpLink>https://go.microsoft.com/fwlink/events.asp?CoName=Microsoft%20Corporation&amp;ProdName=Microsoft%c2%ae%20Windows%c2%ae%20Operating%20System&amp;ProdVer=4.18.2303.8&amp;FileName=NisSrv.exe&amp;FileVer=4.18.2303.8</HelpLink>
</Metadata>
<EventMetadata>
</EventMetadata>
</Provider>
</Providers>
Loading

0 comments on commit 3e09319

Please sign in to comment.