Get the Whitepaper called Windows 7/2008 Event Log Forensic and Reversing Analysis.
You can download it from the following link: https://packetstormsecurity.com/files/download/99479/windows-reversing.pdf
Source: https://packetstormsecurity.com/files/99479/Windows-7-2008-Event-Log-Forensic-And-Reversing-Analysis.html