我是注册表新手,我正在查看日志并尝试确定学生用户最后一次登录失败的时间。我该如何确定?提前致谢!
Sun Aug 2 19:44:34 2015Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\000003E9
Sun Aug 2 19:44:34 2015Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\000003E9
Sun Aug 2 19:44:34 2015Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\000003E9
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups\00000201
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names\student
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000220
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000221
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744\000003E9
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups\00000201
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names\student
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000220
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000221
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744\000003E9
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups\00000201
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names\student
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000220
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000221
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744
Wed Dec 11 19:15:17 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744\000003E9
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups\Names
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups\Names\None
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names\Administrator
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names\Guest
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Access Control Assistance Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Administrators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Backup Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Cryptographic Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Distributed COM Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Event Log Readers
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Guests
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Hyper-V Administrators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\IIS_IUSRS
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Network Configuration Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Performance Log Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Performance Monitor Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Power Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Remote Desktop Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Remote Management Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Replicator
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups\Names
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups\Names\None
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names\Administrator
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names\Guest
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Access Control Assistance Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Administrators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Backup Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Cryptographic Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Distributed COM Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Event Log Readers
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Guests
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Hyper-V Administrators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\IIS_IUSRS
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Network Configuration Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Performance Log Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Performance Monitor Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Power Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Remote Desktop Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Remote Management Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Replicator
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups\Names
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups\Names\None
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names\Administrator
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\Names\Guest
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Access Control Assistance Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Administrators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Backup Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Cryptographic Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Distributed COM Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Event Log Readers
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Guests
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Hyper-V Administrators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\IIS_IUSRS
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Network Configuration Operators
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Performance Log Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Performance Monitor Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Power Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Remote Desktop Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Remote Management Users
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Replicator
Fri Dec 6 21:42:16 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Names\Users
Fri Dec 6 21:41:18 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\000001F4
Fri Dec 6 21:41:18 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\000001F5
Fri Dec 6 21:41:18 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\000001F4
Fri Dec 6 21:41:18 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\000001F5
Fri Dec 6 21:41:18 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\000001F4
Fri Dec 6 21:41:18 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Users\000001F5
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000222
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744\000001F4
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744\000001F5
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000222
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744\000001F4
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744\000001F5
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000222
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744\000001F4
Fri Dec 6 21:39:47 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5-21-4148432325-2076671351-2709350744\000001F5
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000223
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000227
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000228
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022B
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022C
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000239
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000242
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000243
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\LastSkuUpgrade
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000223
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000227
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000228
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022B
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022C
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000239
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000242
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000243
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\LastSkuUpgrade
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000223
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000227
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000228
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022B
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022C
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000239
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000242
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000243
Mon Sep 30 04:03:42 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\LastSkuUpgrade
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\000003E8
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\Names
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\Names\WinRMRemoteWMIUsers__
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\000003E8
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\Names
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\Names\WinRMRemoteWMIUsers__
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\000003E8
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\Names
Thu Aug 22 14:46:01 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\Names\WinRMRemoteWMIUsers__
Thu Aug 22 14:45:24 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5
Thu Aug 22 14:45:24 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5\00000004
Thu Aug 22 14:45:24 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5\0000000B
Thu Aug 22 14:45:24 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5
Thu Aug 22 14:45:24 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5\00000004
Thu Aug 22 14:45:24 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5\0000000B
Thu Aug 22 14:45:24 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5
Thu Aug 22 14:45:24 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5\00000004
Thu Aug 22 14:45:24 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5\0000000B
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\Members
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022E
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022F
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000232
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000238
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000023D
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000244
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5\00000011
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\Members
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022E
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022F
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000232
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000238
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000023D
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000244
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5\00000011
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Aliases\Members
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Account\Groups
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022E
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000022F
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000232
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000238
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\0000023D
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\00000244
Thu Aug 22 14:45:11 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Aliases\Members\S-1-5\00000011
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Groups
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Groups\Names
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Users
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Users\Names
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\RXACT
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Groups
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Groups\Names
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Users
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Users\Names
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\RXACT
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Groups
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Groups\Names
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Users
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\Domains\Builtin\Users\Names
Thu Aug 22 14:45:10 2013Z CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\SAM\RXACT
----------------------------------------
答案1
我正在查看日志,试图确定上次登录失败的时间
您正在查看错误的日志。
登录(成功和失败)都记录在安全事件日志中。
您需要寻找的事件是:
事件 ID 4625:帐户登录失败
要查找此类事件:
开始 -> 运行 > “eventvwr.exe”
展开左侧的“Windows 日志”,选择“安全”
在右侧的“操作”部分单击“过滤当前日志...”
在“过滤当前日志”对话框中单击“<所有事件 ID>”,输入“4625”,然后单击“确定”:
如果有任何登录失败,您将看到事件。它们看起来像这样:
在我的例子中你可以看到:
帐户名称:DavidPostill