Elastic Windows Event Explorer


Publisher - Microsoft-Antimalware-UacScan

Event ID 1201

Message:

UacScan

Event Data:

# Name In Type
Out Type
1 requestorProcessId win:UInt32 xs:unsignedInt
2 uacRequestType win:UInt8 xs:unsignedByte
3 uacTrustState win:UInt8 xs:unsignedByte
4 autoElevateRequest win:Boolean xs:boolean
5 exeApplicationName win:UnicodeString xs:string
6 exeCommandLine win:UnicodeString xs:string
7 exeDllParam win:UnicodeString xs:string
8 comServerBinary win:UnicodeString xs:string
9 comRequestor win:UnicodeString xs:string
10 comClsid win:GUID xs:GUID

Observed Windows Versions:

Version: 0

Fingerprint: 5RZVT435AVBKO