Microsoft-Windows-Kernel-Prm

4 events across 1 channel

Event ID	Title	Channel
1	PRM has been invoked.	Operational
2	PRM module update failed.	Operational
3	PRM invocation failed.	Operational
4	Excessive PRM handler runtime.	Operational

Event ID 1 — PRM has been invoked.

Provider: Microsoft-Windows-Kernel-Prm
Channel: Operational

Description

PRM has been invoked.

Message #

PRM has been invoked.

Event ID 2 — PRM module update failed.

Provider: Microsoft-Windows-Kernel-Prm
Channel: Operational

Description

PRM module update failed. Module GUID ModuleGuid, module version ModuleVersion, status NtStatus.

Message #

PRM module update failed. Module GUID %1, module version %2, status %3.

Fields #

Name	Description
`ModuleGuid` GUID	—
`ModuleVersion` UInt64	—
`NtStatus` UInt64	—

Event ID 3 — PRM invocation failed.

Provider: Microsoft-Windows-Kernel-Prm
Channel: Operational

Description

PRM invocation failed. Handler GUID HandlerGuid, module GUID ModuleGuid, module version ModuleVersion, interface status InterfaceStatus, handler status HandlerStatus.

Message #

PRM invocation failed. Handler GUID %1, module GUID %2, module version %3, interface status %4, handler status %5.

Fields #

Name	Description
`HandlerGuid` GUID	—
`ModuleGuid` GUID	—
`ModuleVersion` UInt64	—
`InterfaceStatus` UInt64	—
`HandlerStatus` UInt64	—

Event ID 4 — Excessive PRM handler runtime.

Provider: Microsoft-Windows-Kernel-Prm
Channel: Operational

Description

Excessive PRM handler runtime. Handler GUID HandlerGuid, module GUID ModuleGuid, module version ModuleVersion, duration DurationInUs us.

Message #

Excessive PRM handler runtime. Handler GUID %1, module GUID %2, module version %3, duration %4 us.

Fields #

Name	Description
`HandlerGuid` GUID	—
`ModuleGuid` GUID	—
`ModuleVersion` UInt64	—
`DurationInUs` UInt64	—