Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Kernel-General

Event ID 11

Message:

TxR init phase for hive %{ExtraString} (TM: %{TmId}, RM: %{RmId}) finished with result=%{Status} (Internal code=%{InternalCode}).

Event Data:

# Name In Type
Out Type
1 ExtraStringLength win:UInt16 xs:unsignedShort
2 ExtraString win:UnicodeString xs:string
3 TmId win:GUID xs:GUID
4 RmId win:GUID xs:GUID
5 Status win:HexInt32 win:HexInt32
6 InternalCode win:UInt32 xs:unsignedInt

Observed Windows Versions:

Version: 0

Fingerprint: ALYRL4X7QINJ2