Defender

C:\ProgramData\Microsoft\Windows Defender\Quarantine C:\ProgramData\Microsoft\Windows Defender\Support C:\ProgramData\Microsoft\WER %User Profile%\AppData\Local\Microsoft\Windows\WER

Process log: SHA1, detection, tainted, SDN Query

Microsoft-Windows-Windows Defender%4Operational.evtx

PreviousShimCache/ AppCompatCacheNextPowerShell / CMD

Last updated