Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Kernel-PnP

Event ID 204 v1

Message:

OS Loader Start: %{OSLoaderStart}
OS Loader End: %{OSLoaderEnd}

Event Data:

# Name In Type
Out Type
1 OSLoaderStart win:UInt64 xs:unsignedLong
2 OSLoaderEnd win:UInt64 xs:unsignedLong
3 PreloadEndTime win:UInt64 xs:unsignedLong
4 TcbLoaderStartTime win:UInt64 xs:unsignedLong
5 LoadHypervisorTime win:UInt64 xs:unsignedLong
6 LaunchHypervisorTime win:UInt64 xs:unsignedLong
7 LoadVsmTime win:UInt64 xs:unsignedLong
8 LaunchVsmTime win:UInt64 xs:unsignedLong

Observed Windows Versions:

Version: 1

Fingerprint: ETZMLVAQHW5I4