Elastic Windows Event Explorer

Publisher - Microsoft-Windows-UAC-FileVirtualization

Event ID 2017


Failed to perform the merged directory query.

Event Data:

# Name In Type
Out Type
1 Flags win:UInt32 win:HexInt32
2 SidLength win:UInt32 xs:unsignedInt
3 Sid win:SID xs:string
4 FileNameLength win:UInt16 xs:unsignedShort
5 FileNameBuffer win:UnicodeString xs:string
6 ProcessImageNameLength win:UInt16 xs:unsignedShort
7 ProcessImageNameBuffer win:UnicodeString xs:string
8 Error win:UInt32 win:HexInt32

Observed Windows Versions:

Version: 0

Fingerprint: DLNLEZGO7CJIW