SEC 440 WPA - JadenGil/Jaden-Tech-Journal GitHub Wiki

Deliverable 1:

image

image

These images show notepad.exe running and me saving ETWLab.txt to the ETW Folder on the File I/O section of Windows Performance Analyzer.

Deliverable 2:

Using the search function I found notepad.exe

image

Deliverable 3:

Using logman query by using the name of the provider. (Command highlighted)

image

Deliverable 4:

image

Deliverable 5:

image

Deliverable 6:

image

Deliverable 7:

image

Deliverable 8:

image

Deliverable 9:

Notepad:

image

CMD:

image

Paint:

image

Deliverable 10:

image

Deliverable 11: