detection.wiki
?
Blog
Labs
References
Microsoft-Windows-Shell-Shwebsvc
16 events across 1 channel
Event ID
Title
Channel
1
Microsoft-Windows-Shell-Shwebsvc
2
Microsoft-Windows-Shell-Shwebsvc
3
Microsoft-Windows-Shell-Shwebsvc
4
Microsoft-Windows-Shell-Shwebsvc
5
Microsoft-Windows-Shell-Shwebsvc
6
Microsoft-Windows-Shell-Shwebsvc
7
Microsoft-Windows-Shell-Shwebsvc
8
Microsoft-Windows-Shell-Shwebsvc
9
Microsoft-Windows-Shell-Shwebsvc
10
Microsoft-Windows-Shell-Shwebsvc
11
Microsoft-Windows-Shell-Shwebsvc
12
Microsoft-Windows-Shell-Shwebsvc
13
Microsoft-Windows-Shell-Shwebsvc
14
Microsoft-Windows-Shell-Shwebsvc
15
Microsoft-Windows-Shell-Shwebsvc
16
Microsoft-Windows-Shell-Shwebsvc
Event ID 1 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
Startup
Opcode
Start
Event ID 2 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
Startup
Opcode
Stop
Event ID 3 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
AddPages
Opcode
Start
Event ID 4 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
AddPages
Opcode
Stop
Event ID 5 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
BuildManifest
Opcode
Start
Event ID 6 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
BuildManifest
Opcode
Stop
Event ID 7 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
InitServices
Opcode
Start
Event ID 8 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
InitServices
Opcode
Stop
Event ID 9 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
Cancel
Opcode
Start
Event ID 10 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
Cancel
Opcode
Stop
Event ID 11 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
Next
Opcode
Start
Event ID 12 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
Next
Opcode
Stop
Event ID 13 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
Back
Opcode
Start
Event ID 14 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
Back
Opcode
Stop
Event ID 15 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
Upload
Opcode
Start
Event ID 16 —
Provider
Microsoft-Windows-Shell-Shwebsvc
Channel
Microsoft-Windows-Shell-Shwebsvc
Task
Upload
Opcode
Stop
Keyboard Shortcuts
j
/
k
Scroll down / up
d
/
u
Half-page down / up
h
/
l
Go back / forward
g
g
Go to top
G
Go to bottom
f
Follow link (SHIFT = new tab)
/
Focus search
?
Toggle this help
See
Navigation Reference
for search modifiers and filters.