General Info

File name

fusion msi x32.msi

Full analysis
https://app.any.run/tasks/2067a29e-d9d3-4735-b364-41af4baac77a
Verdict
Malicious activity
Analysis date
5/14/2019, 22:46:23
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:

generated-doc

opendir

Indicators:

MIME:
application/x-msi
File info:
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Code page: 1252, Title: FusionInventory Agent 2.4.3 (x86 edition) 2.4.3.0, Subject: FusionInventory Agent 2.4.3 (x86 edition), Author: FusionInventory Team, Keywords: Installer, Comments: Installer wrapped by MSI Wrapper (6.0.91.0) from www.exemsi.com, Template: Intel;1033, Revision Number: {8395FC6B-092B-4A0F-BD32-4DE08C17DA49}, Create Time/Date: Wed Dec 17 10:17:14 2014, Last Saved Time/Date: Wed Dec 17 10:17:14 2014, Number of Pages: 200, Number of Words: 2, Name of Creating Application: MSI Wrapper (6.0.91.0), Security: 2
MD5

770364a3401636811abe9321ce0f6acb

SHA1

7043e964451ecc6e3f6189f38e1bb16a5c64851f

SHA256

443d8439723b2c3eec509d3df8151190dc375e06afff78b74fa08351cfe5638a

SSDEEP

196608:FqNsSPjvozSrFFG+AIRQybwWQgwC0JjacTNkwEWRpTtfs:wNnPzozcFGNIRQybwbgwCwjNNfRZ

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Application was dropped or rewritten from another process
  • dmidecode.exe (PID: 3736)
  • dmidecode.exe (PID: 2644)
  • dmidecode.exe (PID: 3256)
  • dmidecode.exe (PID: 4056)
  • dmidecode.exe (PID: 2428)
  • perl.exe (PID: 2804)
  • perl.exe (PID: 3676)
  • dmidecode.exe (PID: 2760)
  • ns9FC4.tmp (PID: 2540)
  • ns8E8C.tmp (PID: 4032)
  • ns9802.tmp (PID: 3112)
  • fusioninventory-agent.exe (PID: 2148)
  • ns8582.tmp (PID: 2036)
  • sed.exe (PID: 1424)
  • sed.exe (PID: 3548)
  • ns8477.tmp (PID: 2692)
  • sed.exe (PID: 2564)
  • ns838C.tmp (PID: 3720)
  • ns8291.tmp (PID: 952)
  • sed.exe (PID: 3536)
  • ns81B5.tmp (PID: 2196)
  • sed.exe (PID: 2676)
  • sed.exe (PID: 1088)
  • sed.exe (PID: 3896)
  • ns80BA.tmp (PID: 3612)
  • sed.exe (PID: 2844)
  • sed.exe (PID: 1848)
  • ns7F62.tmp (PID: 2880)
  • ns7E18.tmp (PID: 1924)
  • ns7BC5.tmp (PID: 2656)
  • ns7D2D.tmp (PID: 3464)
  • sed.exe (PID: 2728)
  • fusion msi x32.exe (PID: 3124)
  • ns5678.tmp (PID: 3228)
  • ns5A70.tmp (PID: 3728)
  • fusioninventory-agent_windows-x86_2.4.3.exe (PID: 3104)
Loads dropped or rewritten executable
  • perl.exe (PID: 2804)
  • perl.exe (PID: 3676)
  • fusioninventory-agent.exe (PID: 2148)
  • sed.exe (PID: 1424)
  • sed.exe (PID: 3548)
  • sed.exe (PID: 3536)
  • sed.exe (PID: 2564)
  • sed.exe (PID: 2676)
  • sed.exe (PID: 3896)
  • sed.exe (PID: 1088)
  • sed.exe (PID: 2728)
  • sed.exe (PID: 1848)
  • sed.exe (PID: 2844)
  • fusioninventory-agent_windows-x86_2.4.3.exe (PID: 3104)
Adds new firewall rule via NETSH.EXE
  • ns9FC4.tmp (PID: 2540)
  • ns9802.tmp (PID: 3112)
  • ns8E8C.tmp (PID: 4032)
Loads the Task Scheduler COM API
  • schtasks.exe (PID: 3696)
Uses Task Scheduler to run other applications
  • cmd.exe (PID: 992)
Uses NETSH.EXE for network configuration
  • ns9FC4.tmp (PID: 2540)
  • ns9802.tmp (PID: 3112)
  • ns8E8C.tmp (PID: 4032)
  • ns5678.tmp (PID: 3228)
Starts CMD.EXE for commands execution
  • fusioninventory-agent_windows-x86_2.4.3.exe (PID: 3104)
  • perl.exe (PID: 2804)
  • perl.exe (PID: 3676)
  • WScript.exe (PID: 2612)
  • ns5A70.tmp (PID: 3728)
Creates files in the program directory
  • fusioninventory-agent.exe (PID: 2148)
  • sed.exe (PID: 1424)
  • sed.exe (PID: 3548)
  • sed.exe (PID: 2564)
  • sed.exe (PID: 3536)
  • sed.exe (PID: 3896)
  • sed.exe (PID: 1088)
  • sed.exe (PID: 2676)
  • sed.exe (PID: 1848)
  • sed.exe (PID: 2844)
  • sed.exe (PID: 2728)
  • fusioninventory-agent_windows-x86_2.4.3.exe (PID: 3104)
Creates a software uninstall entry
  • fusioninventory-agent_windows-x86_2.4.3.exe (PID: 3104)
Executes scripts
  • fusion msi x32.exe (PID: 3124)
Executable content was dropped or overwritten
  • fusion msi x32.exe (PID: 3124)
  • MsiExec.exe (PID: 3880)
  • msiexec.exe (PID: 2472)
  • fusioninventory-agent_windows-x86_2.4.3.exe (PID: 3104)
Starts application with an unusual extension
  • fusioninventory-agent_windows-x86_2.4.3.exe (PID: 3104)
Loads dropped or rewritten executable
  • MsiExec.exe (PID: 3348)
  • MsiExec.exe (PID: 3880)
Dropped object may contain Bitcoin addresses
  • fusioninventory-agent_windows-x86_2.4.3.exe (PID: 3104)
Application launched itself
  • msiexec.exe (PID: 2472)
Adds / modifies Windows certificates
  • DrvInst.exe (PID: 832)
Changes settings of System certificates
  • DrvInst.exe (PID: 832)
Low-level read access rights to disk partition
  • vssvc.exe (PID: 1180)
Searches for installed software
  • msiexec.exe (PID: 2472)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

TRiD
.msi
|   Microsoft Installer (100%)
EXIF
FlashPix
Title:
FusionInventory Agent 2.4.3 (x86 edition) 2.4.3.0
Subject:
FusionInventory Agent 2.4.3 (x86 edition)
Author:
FusionInventory Team
Keywords:
Installer
Comments:
Installer wrapped by MSI Wrapper (6.0.91.0) from www.exemsi.com
Template:
Intel;1033
RevisionNumber:
{8395FC6B-092B-4A0F-BD32-4DE08C17DA49}
CreateDate:
2014:12:17 10:17:14
ModifyDate:
2014:12:17 10:17:14
Pages:
200
Words:
2
Software:
MSI Wrapper (6.0.91.0)
Security:
Read-only recommended
CodePage:
Unicode UTF-16, little endian
LocaleIndicator:
13322
Company:
FusionInventory Team

Screenshots

Processes

Total processes
109
Monitored processes
58
Malicious processes
25
Suspicious processes
9

Behavior graph

+
start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start msiexec.exe no specs msiexec.exe vssvc.exe no specs drvinst.exe no specs msiexec.exe msiexec.exe no specs fusion msi x32.exe wscript.exe no specs cmd.exe no specs fusioninventory-agent_windows-x86_2.4.3.exe ns5678.tmp no specs netsh.exe no specs ns5a70.tmp no specs cmd.exe no specs schtasks.exe no specs find.exe no specs ns7bc5.tmp no specs sed.exe no specs ns7d2d.tmp no specs sed.exe no specs ns7e18.tmp no specs sed.exe no specs ns7f62.tmp no specs sed.exe no specs ns80ba.tmp no specs sed.exe no specs ns81b5.tmp no specs sed.exe no specs ns8291.tmp no specs sed.exe no specs ns838c.tmp no specs sed.exe no specs ns8477.tmp no specs sed.exe no specs ns8582.tmp no specs sed.exe no specs fusioninventory-agent.exe no specs ns8e8c.tmp no specs netsh.exe no specs ns9802.tmp no specs netsh.exe no specs ns9fc4.tmp no specs netsh.exe no specs cmd.exe no specs perl.exe perl.exe cmd.exe no specs dmidecode.exe cmd.exe no specs dmidecode.exe cmd.exe no specs dmidecode.exe cmd.exe no specs dmidecode.exe cmd.exe no specs dmidecode.exe no specs cmd.exe no specs dmidecode.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
3236
CMD
"C:\Windows\System32\msiexec.exe" /i "C:\Users\admin\AppData\Local\Temp\fusion msi x32.msi"
Path
C:\Windows\System32\msiexec.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
1603
Version:
Company
Microsoft Corporation
Description
Windows® installer
Version
5.0.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\msiexec.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msi.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\aclayers.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\samcli.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\msimsg.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\sxs.dll
c:\windows\system32\mscoree.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
c:\windows\microsoft.net\framework\v4.0.30319\clr.dll
c:\windows\microsoft.net\framework\v4.0.30319\fusion.dll
c:\windows\system32\msihnd.dll
c:\windows\system32\comdlg32.dll

PID
2472
CMD
C:\Windows\system32\msiexec.exe /V
Path
C:\Windows\system32\msiexec.exe
Indicators
Parent process
––
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
Microsoft Corporation
Description
Windows® installer
Version
5.0.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\msiexec.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msi.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\aclayers.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\shell32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\samcli.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\msimsg.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\srclient.dll
c:\windows\system32\spp.dll
c:\windows\system32\vssapi.dll
c:\windows\system32\atl.dll
c:\windows\system32\vsstrace.dll
c:\windows\system32\vss_ps.dll
c:\windows\system32\dsrole.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\es.dll
c:\windows\system32\sxs.dll
c:\windows\system32\propsys.dll
c:\windows\system32\samlib.dll
c:\windows\system32\mscoree.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
c:\windows\microsoft.net\framework\v4.0.30319\clr.dll
c:\windows\microsoft.net\framework\v4.0.30319\fusion.dll
c:\windows\system32\rstrtmgr.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\devrtl.dll

PID
1180
CMD
C:\Windows\system32\vssvc.exe
Path
C:\Windows\system32\vssvc.exe
Indicators
No indicators
Parent process
––
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
Microsoft Corporation
Description
Microsoft® Volume Shadow Copy Service
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\vssvc.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\atl.dll
c:\windows\system32\ole32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\vssapi.dll
c:\windows\system32\vsstrace.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\xolehlp.dll
c:\windows\system32\version.dll
c:\windows\system32\resutils.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\authz.dll
c:\windows\system32\virtdisk.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\vss_ps.dll
c:\windows\system32\samlib.dll
c:\windows\system32\es.dll
c:\windows\system32\propsys.dll
c:\windows\system32\catsrvut.dll
c:\windows\system32\mfcsubs.dll
c:\windows\system32\sxs.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll

PID
832
CMD
DrvInst.exe "1" "200" "STORAGE\VolumeSnapshot\HarddiskVolumeSnapshot18" "" "" "6792c44eb" "00000000" "00000560" "000004C0"
Path
C:\Windows\system32\DrvInst.exe
Indicators
No indicators
Parent process
––
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Driver Installation Module
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\drvinst.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\spinf.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\spfileq.dll

PID
3880
CMD
C:\Windows\system32\MsiExec.exe -Embedding 0ED7C0E95499F456C02203DBCA244E9F
Path
C:\Windows\system32\MsiExec.exe
Indicators
Parent process
msiexec.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Windows® installer
Version
5.0.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\msiexec.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msi.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\aclayers.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\shell32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\samcli.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\installer\msi46a7.tmp

PID
3348
CMD
C:\Windows\system32\MsiExec.exe -Embedding 81A3B68699FC638DF1154DBDAA7D3471 M Global\MSI0000
Path
C:\Windows\system32\MsiExec.exe
Indicators
No indicators
Parent process
msiexec.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Windows® installer
Version
5.0.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\msiexec.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msi.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\aclayers.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\shell32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\samcli.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\installer\msi4d40.tmp
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\users\admin\appdata\local\temp\mw-02e3bf8a-3938-412d-99f5-23bfdb567436\fusion msi x32.exe
c:\windows\system32\devrtl.dll
c:\windows\installer\msi7348.tmp

PID
3124
CMD
"C:\Users\admin\AppData\Local\Temp\MW-02e3bf8a-3938-412d-99f5-23bfdb567436\fusion msi x32.exe" /s
Path
C:\Users\admin\AppData\Local\Temp\MW-02e3bf8a-3938-412d-99f5-23bfdb567436\fusion msi x32.exe
Indicators
Parent process
MsiExec.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\mw-02e3bf8a-3938-412d-99f5-23bfdb567436\fusion msi x32.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\riched20.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\clbcatq.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wscript.exe
c:\windows\system32\setupapi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\sfc.dll

PID
2612
CMD
"C:\Windows\System32\WScript.exe" "C:\Users\admin\AppData\Local\Temp\RarSFX0\fusion.VBS"
Path
C:\Windows\System32\WScript.exe
Indicators
No indicators
Parent process
fusion msi x32.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft ® Windows Based Script Host
Version
5.8.7600.16385
Modules
Image
c:\windows\system32\wscript.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\sxs.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\vbscript.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\msisip.dll
c:\windows\system32\wshext.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\scrobj.dll
c:\windows\system32\wshom.ocx
c:\windows\system32\mpr.dll
c:\windows\system32\scrrun.dll
c:\windows\system32\propsys.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\sspicli.dll

PID
1828
CMD
cmd /c ""C:\Users\admin\AppData\Local\Temp\RarSFX0\install.bat" "
Path
C:\Windows\System32\cmd.exe
Indicators
No indicators
Parent process
WScript.exe
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image
c:\windows\system32\cmd.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\rarsfx0\fusioninventory-agent_windows-x86_2.4.3.exe
c:\program files\fusioninventory-agent\perl\bin\perl.exe

PID
3104
CMD
fusioninventory-agent_windows-x86_2.4.3.exe /S /acceptlicense /server="http://inventario-fi.forum.cl/plugins/fusioninventory/" /no-ssl-check /installtasks=full /add-firewall-exception /delaytime=20 /runnow
Path
C:\Users\admin\AppData\Local\Temp\RarSFX0\fusioninventory-agent_windows-x86_2.4.3.exe
Indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
FusionInventory Team (http://www.fusioninventory.org)
Description
FusionInventory Agent for Microsoft Windows
Version
2.4.3.23
Modules
Image
c:\users\admin\appdata\local\temp\rarsfx0\fusioninventory-agent_windows-x86_2.4.3.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\version.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\system.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\getversion.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\registry.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\enumini.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\nsexec.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns5678.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\simplesc.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns5a70.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns7bc5.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns7d2d.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns7e18.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns7f62.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns80ba.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns81b5.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns8291.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns838c.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns8477.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns8582.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns8e8c.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns9802.tmp
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns9fc4.tmp
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\sspicli.dll

PID
3228
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns5678.tmp" netsh advfirewall firewall delete rule name="FusionInventory-Agent"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns5678.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
1
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns5678.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll

PID
996
CMD
netsh advfirewall firewall delete rule name="FusionInventory-Agent"
Path
C:\Windows\system32\netsh.exe
Indicators
No indicators
Parent process
ns5678.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
1
Version:
Company
Microsoft Corporation
Description
Network Command Shell
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\netsh.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\credui.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\mpr.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\rasmontr.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\mfc42u.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\nshwfp.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\slc.dll
c:\windows\system32\dhcpcmonitor.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpqec.dll
c:\windows\system32\qutil.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\wshelper.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\nshhttp.dll
c:\windows\system32\httpapi.dll
c:\windows\system32\fwcfg.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\version.dll
c:\windows\system32\authfwcfg.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\ifmon.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\nci.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netiohlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\whhelper.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\hnetmon.dll
c:\windows\system32\netshell.dll
c:\windows\system32\shell32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rpcnsh.dll
c:\windows\system32\dot3cfg.dll
c:\windows\system32\dot3api.dll
c:\windows\system32\atl.dll
c:\windows\system32\eappcfg.dll
c:\windows\system32\onex.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\napmontr.dll
c:\windows\system32\certcli.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nshipsec.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\logoncli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\polstore.dll
c:\windows\system32\nettrace.dll
c:\windows\system32\ndfapi.dll
c:\windows\system32\wdi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\tdh.dll
c:\windows\system32\wcnnetsh.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\p2pnetsh.dll
c:\windows\system32\p2p.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\wlancfg.dll
c:\windows\system32\wlanhlp.dll
c:\windows\system32\wwancfg.dll
c:\windows\system32\wwapi.dll
c:\windows\system32\peerdistsh.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\qagent.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\bcryptprimitives.dll

PID
3728
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns5A70.tmp" "C:\Windows\system32\cmd.exe" /c schtasks /query /fo csv | find /c "FusionInventory-Agent"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns5A70.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
1
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns5a70.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll

PID
992
CMD
"C:\Windows\system32\cmd.exe" /c schtasks /query /fo csv | find /c "FusionInventory-Agent"
Path
C:\Windows\system32\cmd.exe
Indicators
No indicators
Parent process
ns5A70.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
1
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image
c:\windows\system32\cmd.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\find.exe

PID
3696
CMD
schtasks /query /fo csv
Path
C:\Windows\system32\schtasks.exe
Indicators
No indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Manages scheduled tasks
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\schtasks.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ktmw32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\version.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\sechost.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\taskschd.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\xmllite.dll

PID
3116
CMD
find /c "FusionInventory-Agent"
Path
C:\Windows\system32\find.exe
Indicators
No indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
1
Version:
Company
Microsoft Corporation
Description
Find String (grep) Utility
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\find.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ulib.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
2656
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns7BC5.tmp" "C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\agent-changes.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns7BC5.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns7bc5.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sechost.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe

PID
2728
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\agent-changes.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
Indicators
No indicators
Parent process
ns7BC5.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
GnuWin32 <http://gnuwin32.sourceforge.net>
Description
Sed: stream editor
Version
4.1.5.4013
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libintl3.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libiconv2.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\regex2.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
3464
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns7D2D.tmp" "C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\agent-license.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns7D2D.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns7d2d.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe

PID
2844
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\agent-license.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
Indicators
No indicators
Parent process
ns7D2D.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
GnuWin32 <http://gnuwin32.sourceforge.net>
Description
Sed: stream editor
Version
4.1.5.4013
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libintl3.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libiconv2.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\regex2.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
1924
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns7E18.tmp" "C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\agent-readme.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns7E18.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns7e18.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe

PID
1848
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\agent-readme.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
Indicators
No indicators
Parent process
ns7E18.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
GnuWin32 <http://gnuwin32.sourceforge.net>
Description
Sed: stream editor
Version
4.1.5.4013
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libintl3.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libiconv2.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\regex2.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
2880
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns7F62.tmp" "C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\agent-thanks.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns7F62.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns7f62.tmp

PID
3896
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\agent-thanks.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
Indicators
No indicators
Parent process
ns7F62.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
GnuWin32 <http://gnuwin32.sourceforge.net>
Description
Sed: stream editor
Version
4.1.5.4013
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libintl3.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libiconv2.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\regex2.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
3612
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns80BA.tmp" "C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\installer-acknowledgments.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns80BA.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns80ba.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe

PID
1088
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\installer-acknowledgments.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
Indicators
No indicators
Parent process
ns80BA.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
GnuWin32 <http://gnuwin32.sourceforge.net>
Description
Sed: stream editor
Version
4.1.5.4013
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libintl3.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libiconv2.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\regex2.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
2196
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns81B5.tmp" "C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\installer-changes.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns81B5.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns81b5.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe

PID
2676
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\installer-changes.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
Indicators
No indicators
Parent process
ns81B5.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
GnuWin32 <http://gnuwin32.sourceforge.net>
Description
Sed: stream editor
Version
4.1.5.4013
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libintl3.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libiconv2.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\regex2.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
952
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns8291.tmp" "C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\installer-contributions.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns8291.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns8291.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe

PID
3536
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\installer-contributions.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
Indicators
No indicators
Parent process
ns8291.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
GnuWin32 <http://gnuwin32.sourceforge.net>
Description
Sed: stream editor
Version
4.1.5.4013
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libintl3.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libiconv2.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\regex2.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
3720
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns838C.tmp" "C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\installer-license.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns838C.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns838c.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe

PID
2564
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\installer-license.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
Indicators
No indicators
Parent process
ns838C.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
GnuWin32 <http://gnuwin32.sourceforge.net>
Description
Sed: stream editor
Version
4.1.5.4013
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libintl3.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libiconv2.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\regex2.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\msctf.dll
c:\windows\system32\imm32.dll

PID
2692
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns8477.tmp" "C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\installer-readme.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns8477.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\user32.dll
c:\windows\system32\kernelbase.dll
c:\systemroot\system32\ntdll.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns8477.tmp
c:\windows\system32\kernel32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe

PID
3548
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s/$/\r/" "C:\Program Files\FusionInventory-Agent\docs\releases\installer-readme.txt"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
Indicators
No indicators
Parent process
ns8477.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
GnuWin32 <http://gnuwin32.sourceforge.net>
Description
Sed: stream editor
Version
4.1.5.4013
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libintl3.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libiconv2.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\regex2.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
2036
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns8582.tmp" "C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s|=> undef, # SYSCONFDIR.*|=> q/C:\\Program Files\\FusionInventory-Agent\\etc/,|" "C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Config.pm"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns8582.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns8582.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe

PID
1424
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe" -i -e "s|=> undef, # SYSCONFDIR.*|=> q/C:\\Program Files\\FusionInventory-Agent\\etc/,|" "C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Config.pm"
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
Indicators
No indicators
Parent process
ns8582.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
GnuWin32 <http://gnuwin32.sourceforge.net>
Description
Sed: stream editor
Version
4.1.5.4013
Modules
Image
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\user32.dll
c:\windows\system32\kernelbase.dll
c:\systemroot\system32\ntdll.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\sed.exe
c:\windows\system32\kernel32.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libintl3.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\libiconv2.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\users\admin\appdata\local\temp\nsn54c1.tmp\regex2.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\msctf.dll

PID
2148
CMD
"C:\Program Files\FusionInventory-Agent\perl\bin\fusioninventory-agent.exe" -I"C:\Program Files\FusionInventory-Agent\perl\agent" -I"C:\Program Files\FusionInventory-Agent\perl\lib" -I"C:\Program Files\FusionInventory-Agent\perl\site\lib" -I"C:\Program Files\FusionInventory-Agent\perl\vendor\lib" "C:\Program Files\FusionInventory-Agent\perl\bin\fusioninventory-win32-service"
Path
C:\Program Files\FusionInventory-Agent\perl\bin\fusioninventory-agent.exe
Indicators
No indicators
Parent process
––
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
strawberryperl.com
Description
Perl interpreter
Version
5.24.4.1
Modules
Image
c:\program files\fusioninventory-agent\perl\bin\fusioninventory-agent.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\fusioninventory-agent\perl\bin\perl524.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\program files\fusioninventory-agent\perl\bin\libgcc_s_sjlj-1.dll
c:\program files\fusioninventory-agent\perl\bin\libwinpthread-1.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\fusioninventory-agent\perl\bin\libstdc++-6.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\fusioninventory-agent\perl\lib\auto\cwd\cwd.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\encode\encode.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\fcntl\fcntl.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\storable\storable.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\threads\threads.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\win32\win32.xs.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\daemon\daemon.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\tie\hash\namedcapture\namedcapture.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\list\util\util.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\threads\shared\shared.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\io\io.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\job\job.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32api\registry\registry.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\winerror\winerror.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\socket\socket.xs.dll
c:\windows\system32\mswsock.dll
c:\program files\fusioninventory-agent\perl\lib\auto\attributes\attributes.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\posix\posix.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\file\glob\glob.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\api\api.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\ole\ole.xs.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\cryptbase.dll
c:\program files\fusioninventory-agent\perl\lib\auto\encode\unicode\unicode.xs.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemdisp.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\psapi.dll

PID
4032
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns8E8C.tmp" netsh advfirewall firewall add rule name="FusionInventory-Agent" program="C:\Program Files\FusionInventory-Agent\perl\bin\fusioninventory-agent.exe" description="FusionInventory-Agent service HTTP daemon incoming traffic" protocol=TCP dir=in localport=62354 action=allow
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns8E8C.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns8e8c.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll

PID
3776
CMD
netsh advfirewall firewall add rule name="FusionInventory-Agent" program="C:\Program Files\FusionInventory-Agent\perl\bin\fusioninventory-agent.exe" description="FusionInventory-Agent service HTTP daemon incoming traffic" protocol=TCP dir=in localport=62354 action=allow
Path
C:\Windows\system32\netsh.exe
Indicators
No indicators
Parent process
ns8E8C.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Network Command Shell
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\netsh.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\credui.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\mpr.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\rasmontr.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\mfc42u.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\nshwfp.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\slc.dll
c:\windows\system32\dhcpcmonitor.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpqec.dll
c:\windows\system32\qutil.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\wshelper.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\nshhttp.dll
c:\windows\system32\httpapi.dll
c:\windows\system32\fwcfg.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\version.dll
c:\windows\system32\authfwcfg.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\ifmon.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\nci.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netiohlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\whhelper.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\hnetmon.dll
c:\windows\system32\netshell.dll
c:\windows\system32\shell32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rpcnsh.dll
c:\windows\system32\dot3cfg.dll
c:\windows\system32\dot3api.dll
c:\windows\system32\atl.dll
c:\windows\system32\eappcfg.dll
c:\windows\system32\onex.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\napmontr.dll
c:\windows\system32\certcli.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nshipsec.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\logoncli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\polstore.dll
c:\windows\system32\nettrace.dll
c:\windows\system32\ndfapi.dll
c:\windows\system32\wdi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\tdh.dll
c:\windows\system32\wcnnetsh.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\p2pnetsh.dll
c:\windows\system32\p2p.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\wlancfg.dll
c:\windows\system32\wlanhlp.dll
c:\windows\system32\wwancfg.dll
c:\windows\system32\wwapi.dll
c:\windows\system32\peerdistsh.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\qagentrt.dll
c:\windows\system32\fveui.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\qagent.dll
c:\windows\system32\napipsec.dll
c:\windows\system32\tsgqec.dll
c:\windows\system32\eapqec.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\bcryptprimitives.dll

PID
3112
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns9802.tmp" netsh advfirewall firewall add rule name="FusionInventory-Agent" program="C:\Program Files\FusionInventory-Agent\perl\bin\fusioninventory-agent.exe" description="All FusionInventory-Agent service traffic" dir=out action=allow
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns9802.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns9802.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll

PID
2700
CMD
netsh advfirewall firewall add rule name="FusionInventory-Agent" program="C:\Program Files\FusionInventory-Agent\perl\bin\fusioninventory-agent.exe" description="All FusionInventory-Agent service traffic" dir=out action=allow
Path
C:\Windows\system32\netsh.exe
Indicators
No indicators
Parent process
ns9802.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Network Command Shell
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\netsh.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\credui.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\mpr.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\rasmontr.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\nsi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\mfc42u.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\nshwfp.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\slc.dll
c:\windows\system32\dhcpcmonitor.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpqec.dll
c:\windows\system32\qutil.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\wshelper.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\nshhttp.dll
c:\windows\system32\httpapi.dll
c:\windows\system32\fwcfg.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\version.dll
c:\windows\system32\authfwcfg.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\ifmon.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\nci.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netiohlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\whhelper.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\hnetmon.dll
c:\windows\system32\netshell.dll
c:\windows\system32\shell32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rpcnsh.dll
c:\windows\system32\dot3cfg.dll
c:\windows\system32\dot3api.dll
c:\windows\system32\atl.dll
c:\windows\system32\eappcfg.dll
c:\windows\system32\onex.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\napmontr.dll
c:\windows\system32\certcli.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nshipsec.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\logoncli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\polstore.dll
c:\windows\system32\nettrace.dll
c:\windows\system32\ndfapi.dll
c:\windows\system32\wdi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\tdh.dll
c:\windows\system32\wcnnetsh.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\p2pnetsh.dll
c:\windows\system32\p2p.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\wlancfg.dll
c:\windows\system32\wlanhlp.dll
c:\windows\system32\wwancfg.dll
c:\windows\system32\wwapi.dll
c:\windows\system32\peerdistsh.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\qagent.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\bcryptprimitives.dll

PID
2540
CMD
"C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns9FC4.tmp" netsh advfirewall firewall add rule name="FusionInventory-Agent" program="C:\Program Files\FusionInventory-Agent\perl\bin\perl.exe" description="All FusionInventory-Agent perl interpreter traffic" dir=out action=allow
Path
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns9FC4.tmp
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsn54c1.tmp\ns9fc4.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll

PID
4040
CMD
netsh advfirewall firewall add rule name="FusionInventory-Agent" program="C:\Program Files\FusionInventory-Agent\perl\bin\perl.exe" description="All FusionInventory-Agent perl interpreter traffic" dir=out action=allow
Path
C:\Windows\system32\netsh.exe
Indicators
No indicators
Parent process
ns9FC4.tmp
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Network Command Shell
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\netsh.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\credui.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\mpr.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\rasmontr.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\mfc42u.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\nshwfp.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\slc.dll
c:\windows\system32\dhcpcmonitor.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpqec.dll
c:\windows\system32\qutil.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\wshelper.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\nshhttp.dll
c:\windows\system32\httpapi.dll
c:\windows\system32\fwcfg.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\version.dll
c:\windows\system32\authfwcfg.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\ifmon.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\nci.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netiohlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\whhelper.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\hnetmon.dll
c:\windows\system32\netshell.dll
c:\windows\system32\shell32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rpcnsh.dll
c:\windows\system32\dot3cfg.dll
c:\windows\system32\dot3api.dll
c:\windows\system32\atl.dll
c:\windows\system32\eappcfg.dll
c:\windows\system32\onex.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\napmontr.dll
c:\windows\system32\certcli.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\nshipsec.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\logoncli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\polstore.dll
c:\windows\system32\nettrace.dll
c:\windows\system32\ndfapi.dll
c:\windows\system32\wdi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\tdh.dll
c:\windows\system32\wcnnetsh.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\p2pnetsh.dll
c:\windows\system32\p2p.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\wlancfg.dll
c:\windows\system32\wlanhlp.dll
c:\windows\system32\wwancfg.dll
c:\windows\system32\wwapi.dll
c:\windows\system32\peerdistsh.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\qagent.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\bcryptprimitives.dll

PID
2416
CMD
cmd /c ""C:\Program Files\FusionInventory-Agent\fusioninventory-agent.bat" --wait=5 --delaytime=10"
Path
C:\Windows\system32\cmd.exe
Indicators
No indicators
Parent process
fusioninventory-agent_windows-x86_2.4.3.exe
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image
c:\windows\system32\cmd.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\apphelp.dll
c:\program files\fusioninventory-agent\perl\bin\perl.exe

PID
2804
CMD
perl.exe fusioninventory-agent
Path
C:\Program Files\FusionInventory-Agent\perl\bin\perl.exe
Indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
strawberryperl.com
Description
Perl interpreter
Version
5.24.4.1
Modules
Image
c:\program files\fusioninventory-agent\perl\bin\perl.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\fusioninventory-agent\perl\bin\perl524.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\program files\fusioninventory-agent\perl\bin\libgcc_s_sjlj-1.dll
c:\program files\fusioninventory-agent\perl\bin\libwinpthread-1.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\fusioninventory-agent\perl\bin\libstdc++-6.dll
c:\windows\system32\msctf.dll
c:\windows\system32\imm32.dll
c:\program files\fusioninventory-agent\perl\lib\auto\tie\hash\namedcapture\namedcapture.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\cwd\cwd.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\encode\encode.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\fcntl\fcntl.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\storable\storable.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\file\glob\glob.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\io\io.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\list\util\util.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\api\api.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32api\registry\registry.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\winerror\winerror.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\win32\win32.xs.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\program files\fusioninventory-agent\perl\lib\auto\threads\threads.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\threads\shared\shared.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\job\job.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\socket\socket.xs.dll
c:\windows\system32\mswsock.dll
c:\program files\fusioninventory-agent\perl\lib\auto\attributes\attributes.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\ole\ole.xs.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\cryptbase.dll
c:\program files\fusioninventory-agent\perl\lib\auto\compress\raw\zlib\zlib.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\posix\posix.xs.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshqos.dll
c:\program files\fusioninventory-agent\perl\lib\auto\time\hires\hires.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\re\re.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\digest\sha\sha.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\data\dumper\dumper.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\digest\md5\md5.xs.dll
c:\windows\system32\apphelp.dll
c:\program files\fusioninventory-agent\perl\lib\auto\sys\hostname\hostname.xs.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemdisp.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\sxs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\mime\base64\base64.xs.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\winrnr.dll

PID
3676
CMD
perl.exe fusioninventory-agent --wait=5 --delaytime=10
Path
C:\Program Files\FusionInventory-Agent\perl\bin\perl.exe
Indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
strawberryperl.com
Description
Perl interpreter
Version
5.24.4.1
Modules
Image
c:\program files\fusioninventory-agent\perl\bin\perl.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\fusioninventory-agent\perl\bin\perl524.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\program files\fusioninventory-agent\perl\bin\libgcc_s_sjlj-1.dll
c:\program files\fusioninventory-agent\perl\bin\libwinpthread-1.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\program files\fusioninventory-agent\perl\bin\libstdc++-6.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\fusioninventory-agent\perl\lib\auto\tie\hash\namedcapture\namedcapture.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\cwd\cwd.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\encode\encode.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\fcntl\fcntl.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\storable\storable.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\file\glob\glob.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\io\io.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\list\util\util.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\api\api.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32api\registry\registry.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\winerror\winerror.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\win32\win32.xs.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\program files\fusioninventory-agent\perl\lib\auto\threads\threads.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\threads\shared\shared.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\job\job.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\socket\socket.xs.dll
c:\windows\system32\mswsock.dll
c:\program files\fusioninventory-agent\perl\lib\auto\attributes\attributes.xs.dll
c:\program files\fusioninventory-agent\perl\vendor\lib\auto\win32\ole\ole.xs.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\cryptbase.dll
c:\program files\fusioninventory-agent\perl\lib\auto\compress\raw\zlib\zlib.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\posix\posix.xs.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshqos.dll
c:\program files\fusioninventory-agent\perl\lib\auto\digest\sha\sha.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\data\dumper\dumper.xs.dll
c:\program files\fusioninventory-agent\perl\lib\auto\digest\md5\md5.xs.dll
c:\windows\system32\apphelp.dll
c:\program files\fusioninventory-agent\perl\lib\auto\sys\hostname\hostname.xs.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemdisp.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\sxs.dll

PID
3152
CMD
cmd.exe /x/d/c "dmidecode 2>nul"
Path
C:\Windows\system32\cmd.exe
Indicators
No indicators
Parent process
perl.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image
c:\windows\system32\cmd.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\program files\fusioninventory-agent\perl\bin\dmidecode.exe

PID
2644
CMD
dmidecode
Path
C:\Program Files\FusionInventory-Agent\perl\bin\dmidecode.exe
Indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\program files\fusioninventory-agent\perl\bin\dmidecode.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll

PID
3836
CMD
cmd.exe /x/d/c "dmidecode 2>nul"
Path
C:\Windows\system32\cmd.exe
Indicators
No indicators
Parent process
perl.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image
c:\windows\system32\cmd.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\fusioninventory-agent\perl\bin\dmidecode.exe
c:\windows\system32\apphelp.dll

PID
4056
CMD
dmidecode
Path
C:\Program Files\FusionInventory-Agent\perl\bin\dmidecode.exe
Indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\program files\fusioninventory-agent\perl\bin\dmidecode.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll

PID
3360
CMD
cmd.exe /x/d/c "dmidecode 2>nul"
Path
C:\Windows\system32\cmd.exe
Indicators
No indicators
Parent process
perl.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image
c:\windows\system32\cmd.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\fusioninventory-agent\perl\bin\dmidecode.exe
c:\windows\system32\apphelp.dll

PID
2428
CMD
dmidecode
Path
C:\Program Files\FusionInventory-Agent\perl\bin\dmidecode.exe
Indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\program files\fusioninventory-agent\perl\bin\dmidecode.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll

PID
184
CMD
cmd.exe /x/d/c "dmidecode 2>nul"
Path
C:\Windows\system32\cmd.exe
Indicators
No indicators
Parent process
perl.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image
c:\windows\system32\cmd.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\fusioninventory-agent\perl\bin\dmidecode.exe
c:\windows\system32\apphelp.dll

PID
3256
CMD
dmidecode
Path
C:\Program Files\FusionInventory-Agent\perl\bin\dmidecode.exe
Indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\program files\fusioninventory-agent\perl\bin\dmidecode.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll

PID
2352
CMD
cmd.exe /x/d/c "dmidecode 2>nul"
Path
C:\Windows\system32\cmd.exe
Indicators
No indicators
Parent process
perl.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image

PID
3736
CMD
dmidecode
Path
C:\Program Files\FusionInventory-Agent\perl\bin\dmidecode.exe
Indicators
No indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Exit code
0
Version:
Company
Description
Version
Modules
Image

PID
456
CMD
cmd.exe /x/d/c "dmidecode 2>nul"
Path
C:\Windows\system32\cmd.exe
Indicators
No indicators
Parent process
perl.exe
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
Microsoft Corporation
Description
Windows Command Processor
Version
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Image

PID
2760
CMD
dmidecode
Path
C:\Program Files\FusionInventory-Agent\perl\bin\dmidecode.exe
Indicators
No indicators
Parent process
cmd.exe
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
Description
Version
Modules
Image

Registry activity

Total events
985
Read events
563
Write events
415
Delete events
7

Modification events

PID
Process
Operation
Key
Name
Value
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
SrCreateRp (Enter)
4000000000000000E0A42326960AD501A809000020090000D5070000000000000000000000000000000000000000000000000000000000000000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
SppCreate (Enter)
4000000000000000E0A42326960AD501A809000020090000D0070000000000000000000000000000000000000000000000000000000000000000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
LastIndex
20
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
SppGatherWriterMetadata (Enter)
40000000000000000C519126960AD501A809000020090000D3070000000000000000000000000000000000000000000000000000000000000000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
IDENTIFY (Enter)
40000000000000001A789826960AD501A809000038040000E8030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
IDENTIFY (Leave)
4000000000000000E208AD27960AD501A809000038040000E8030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
SppGatherWriterMetadata (Leave)
4000000000000000C8FF1D2F960AD501A809000020090000D3070000010000000000000000000000000000000000000000000000000000000000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
SppAddInterestingComponents (Enter)
4000000000000000C8FF1D2F960AD501A809000020090000D4070000000000000000000000000000000000000000000000000000000000000000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
SppAddInterestingComponents (Leave)
40000000000000004CD7352F960AD501A809000020090000D4070000010000000000000000000000000000000000000000000000000000000000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
PREPAREBACKUP (Enter)
40000000000000002A11502F960AD501A8090000D0050000E9030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
PREPAREBACKUP (Leave)
400000000000000070D4732F960AD501A8090000D0050000E9030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
GETSTATE (Enter)
4000000000000000CA36762F960AD501A809000074070000F9030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
GETSTATE (Leave)
400000000000000032C07F2F960AD501A809000074070000F9030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
DOSNAPSHOT (Enter)
400000000000000040E7862F960AD501A8090000200900000A040000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
DOSNAPSHOT (Leave)
4000000000000000EE60E530960AD501A8090000D80600000A040000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
SppCreate (Leave)
4000000000000000EE60E530960AD501A809000020090000D0070000010000000000000000000000000000000000000000000000000000000000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
SrCreateRp (Leave)
4000000000000000EE60E530960AD501A809000020090000D5070000010000000000000000000000000000000000000000000000000000000000000000000000
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore
FirstRun
0
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore
LastIndex
20
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\Volatile
NestingLevel
1
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\Volatile
StartNesting
E0A42326960AD501
2472
msiexec.exe
write
HKEY_USERS\S-1-5-21-1302019708-1500728564-335382590-1000\Software\Microsoft\RestartManager\Session0000
Owner
A80900009232D025960AD501
2472
msiexec.exe
write
HKEY_USERS\S-1-5-21-1302019708-1500728564-335382590-1000\Software\Microsoft\RestartManager\Session0000
SessionHash
59AC1E22363789BF2E337382FA476AD786BB8B83AF5E474AAE24FEFFB55CA0C2
2472
msiexec.exe
write
HKEY_USERS\S-1-5-21-1302019708-1500728564-335382590-1000\Software\Microsoft\RestartManager\Session0000
Sequence
1
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InProgress
C:\Windows\Installer\1240ac.ipi
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Config.Msi\
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\1240ad.rbs
30739102
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\1240ad.rbsLow
2492941808
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6F01EDE4F03AC245B7CDA9B504EB5CF
E2E383E87B0DD974992889D9D5AE2BA1
02:\SOFTWARE\EXEMSI.COM\MSI Wrapper\Installed\FusionInventory-Agent\LogonUser
2472
msiexec.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
2472
msiexec.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback
2472
msiexec.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6F01EDE4F03AC245B7CDA9B504EB5CF
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
StringCacheGeneration
99
2472
msiexec.exe
delete key
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\62\52C64B7E
2472
msiexec.exe
delete key
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\62
2472
msiexec.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\Volatile
NestingLevel
0
2472
msiexec.exe
delete key
HKEY_USERS\S-1-5-21-1302019708-1500728564-335382590-1000\Software\Microsoft\RestartManager\Session0000
2472
msiexec.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InProgress
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\ASR Writer
IDENTIFY (Enter)
400000000000000036C6A626960AD5019C040000EC0D0000E8030000010000000100000000000000000000000000000000000000000000000000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
IDENTIFY (Enter)
400000000000000036C6A626960AD5019C040000C4080000E8030000010000000100000000000000000000000000000000000000000000000000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
IDENTIFY (Enter)
400000000000000036C6A626960AD5019C040000F0090000E8030000010000000100000000000000000000000000000000000000000000000000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
IDENTIFY (Enter)
40000000000000009028A926960AD5019C040000180C0000E8030000010000000100000000000000000000000000000000000000000000000000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
IDENTIFY (Leave)
40000000000000005214B526960AD5019C040000F0090000E8030000000000000100000000000000000000000000000000000000000000000000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
IDENTIFY (Leave)
4000000000000000AC76B726960AD5019C040000C4080000E8030000000000000100000000000000000000000000000000000000000000000000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\ASR Writer
IDENTIFY (Leave)
400000000000000006D9B926960AD5019C040000EC0D0000E8030000000000000100000000000000000000000000000000000000000000000000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
IDENTIFY (Leave)
4000000000000000BA9DBE26960AD5019C040000180C0000E8030000000000000100000000000000000000000000000000000000000000000000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_BEGINPREPARE (Enter)
40000000000000002A11502F960AD5019C040000180C000001040000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_BEGINPREPARE (Leave)
40000000000000002A11502F960AD5019C040000180C000001040000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
PREPAREBACKUP (Enter)
4000000000000000DED5542F960AD5019C040000EC0D0000E9030000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
PREPAREBACKUP (Enter)
4000000000000000DED5542F960AD5019C040000180C0000E9030000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
PREPAREBACKUP (Enter)
4000000000000000DED5542F960AD5019C040000C4080000E9030000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
PREPAREBACKUP (Leave)
4000000000000000929A592F960AD5019C040000EC0D0000E9030000000000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
VSS_WS_STABLE (SetCurrentState)
4000000000000000929A592F960AD5019C040000EC0D000001000000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
PREPAREBACKUP (Leave)
4000000000000000ECFC5B2F960AD5019C040000180C0000E9030000000000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
VSS_WS_STABLE (SetCurrentState)
4000000000000000ECFC5B2F960AD5019C040000180C000001000000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
PREPAREBACKUP (Leave)
4000000000000000ECFC5B2F960AD5019C040000C4080000E9030000000000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
VSS_WS_STABLE (SetCurrentState)
4000000000000000ECFC5B2F960AD5019C040000C408000001000000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
GETSTATE (Enter)
400000000000000032C07F2F960AD5019C040000EC0D0000F9030000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
GETSTATE (Enter)
400000000000000032C07F2F960AD5019C040000180C0000F9030000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
GETSTATE (Enter)
400000000000000032C07F2F960AD5019C040000C4080000F9030000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
GETSTATE (Leave)
400000000000000032C07F2F960AD5019C040000180C0000F9030000000000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
GETSTATE (Leave)
400000000000000032C07F2F960AD5019C040000EC0D0000F9030000000000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
GETSTATE (Leave)
400000000000000032C07F2F960AD5019C040000C4080000F9030000000000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_ENDPREPARE (Enter)
400000000000000040E7862F960AD5019C040000600F000002040000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_ENDPREPARE (Leave)
400000000000000028072930960AD5019C040000600F000002040000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
PREPARESNAPSHOT (Enter)
400000000000000028072930960AD5019C040000600F0000EA030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
PREPARESNAPSHOT (Enter)
40000000000000009EB73930960AD5019C04000060090000EA030000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
PREPARESNAPSHOT (Enter)
40000000000000009EB73930960AD5019C04000050090000EA030000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
PREPARESNAPSHOT (Enter)
40000000000000009EB73930960AD5019C040000AC050000EA030000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
PREPARESNAPSHOT (Leave)
40000000000000003EDD5F30960AD5019C04000050090000EA030000000000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
VSS_WS_WAITING_FOR_FREEZE (SetCurrentState)
40000000000000003EDD5F30960AD5019C0400005009000002000000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
PREPARESNAPSHOT (Leave)
4000000000000000F2A16430960AD5019C04000060090000EA030000000000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
VSS_WS_WAITING_FOR_FREEZE (SetCurrentState)
4000000000000000F2A16430960AD5019C0400006009000002000000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
PREPARESNAPSHOT (Leave)
4000000000000000F2A16430960AD5019C040000AC050000EA030000000000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
VSS_WS_WAITING_FOR_FREEZE (SetCurrentState)
4000000000000000F2A16430960AD5019C040000AC05000002000000010000000100000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
PREPARESNAPSHOT (Leave)
400000000000000054B39630960AD5019C040000600F0000EA030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE (Enter)
400000000000000054B39630960AD5019C040000600F0000EB030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE_FRONT (Enter)
400000000000000054B39630960AD5019C040000600F0000EC030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
FREEZE (Enter)
400000000000000008789B30960AD5019C040000540F0000EB030000010000000200000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
FREEZE (Leave)
400000000000000008789B30960AD5019C040000540F0000EB030000000000000200000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
VSS_WS_WAITING_FOR_THAW (SetCurrentState)
400000000000000008789B30960AD5019C040000540F000003000000010000000200000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
BKGND_FREEZE_THREAD (Enter)
400000000000000008789B30960AD5019C040000D4050000FC030000010000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE_FRONT (Leave)
400000000000000062DA9D30960AD5019C040000600F0000EC030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE_BACK (Enter)
400000000000000062DA9D30960AD5019C040000600F0000ED030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE_BACK (Leave)
4000000000000000169FA230960AD5019C040000600F0000ED030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE_SYSTEM (Enter)
4000000000000000169FA230960AD5019C040000600F0000EE030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
FREEZE (Enter)
4000000000000000CA63A730960AD5019C0400009C0F0000EB030000010000000200000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
FREEZE (Leave)
4000000000000000CA63A730960AD5019C0400009C0F0000EB030000000000000200000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
VSS_WS_WAITING_FOR_THAW (SetCurrentState)
4000000000000000CA63A730960AD5019C0400009C0F000003000000010000000200000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
BKGND_FREEZE_THREAD (Enter)
4000000000000000CA63A730960AD5019C040000C8010000FC030000010000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE_SYSTEM (Leave)
4000000000000000D88AAE30960AD5019C040000600F0000EE030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE_KTM (Enter)
4000000000000000D88AAE30960AD5019C040000600F0000F0030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE_KTM (Leave)
4000000000000000D88AAE30960AD5019C040000600F0000F0030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE_RM (Enter)
4000000000000000D88AAE30960AD5019C040000600F0000EF030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
FREEZE (Enter)
40000000000000008C4FB330960AD5019C04000060090000EB030000010000000200000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
FREEZE (Leave)
40000000000000005C62C630960AD5019C04000060090000EB030000000000000200000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
VSS_WS_WAITING_FOR_THAW (SetCurrentState)
40000000000000005C62C630960AD5019C0400006009000003000000010000000200000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
BKGND_FREEZE_THREAD (Enter)
40000000000000005C62C630960AD5019C04000024080000FC030000010000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE_RM (Leave)
40000000000000005C62C630960AD5019C040000600F0000EF030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
FREEZE (Leave)
40000000000000005C62C630960AD5019C040000600F0000EB030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_PRECOMMIT (Enter)
40000000000000005C62C630960AD5019C040000600F000003040000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_PRECOMMIT (Leave)
40000000000000005C62C630960AD5019C040000600F000003040000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace
OPEN_VOLUME_HANDLE (Enter)
40000000000000005C62C630960AD5019C040000600F0000FD030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace(__?_Volume{e1a82db4-a9f0-11e7-b142-806e6f6e6963}_)
OPEN_VOLUME_HANDLE (Enter)
40000000000000005C62C630960AD5019C04000098050000FD030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace(__?_Volume{e1a82db4-a9f0-11e7-b142-806e6f6e6963}_)
OPEN_VOLUME_HANDLE (Leave)
4000000000000000D212D730960AD5019C04000098050000FD030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace
OPEN_VOLUME_HANDLE (Leave)
4000000000000000D212D730960AD5019C040000600F0000FD030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace(__?_Volume{e1a82db4-a9f0-11e7-b142-806e6f6e6963}_)
IOCTL_FLUSH_AND_HOLD (Enter)
4000000000000000D212D730960AD5019C04000098050000FE030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace(__?_Volume{e1a82db4-a9f0-11e7-b142-806e6f6e6963}_)
IOCTL_FLUSH_AND_HOLD (Leave)
400000000000000094FEE230960AD5019C04000098050000FE030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace(__?_Volume{e1a82db4-a9f0-11e7-b142-806e6f6e6963}_)
IOCTL_RELEASE (Enter)
400000000000000094FEE230960AD5019C04000098050000FF030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace(__?_Volume{e1a82db4-a9f0-11e7-b142-806e6f6e6963}_)
IOCTL_RELEASE (Leave)
400000000000000094FEE230960AD5019C04000098050000FF030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace
IOCTL_FLUSH_AND_HOLD (Enter)
4000000000000000D212D730960AD5019C040000600F0000FE030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace
IOCTL_FLUSH_AND_HOLD (Leave)
400000000000000094FEE230960AD5019C040000600F0000FE030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace
IOCTL_RELEASE (Enter)
400000000000000094FEE230960AD5019C040000600F0000FF030000010000000000000000000000000000000000000000000000000000000000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Lovelace
IOCTL_RELEASE (Leave)
400000000000000094FEE230960AD5019C040000600F0000FF030000000000000000000000000000000000000000000000000000000000000000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_COMMIT (Enter)
400000000000000094FEE230960AD5019C0400004C08000004040000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_COMMIT (Leave)
400000000000000094FEE230960AD5019C0400004C08000004040000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_POSTCOMMIT (Enter)
400000000000000094FEE230960AD5019C040000600F000005040000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_POSTCOMMIT (Leave)
4000000000000000EE60E530960AD5019C040000600F000005040000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
THAW_KTM (Enter)
4000000000000000EE60E530960AD5019C040000600F0000F4030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
THAW_KTM (Leave)
4000000000000000EE60E530960AD5019C040000600F0000F4030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
THAW (Enter)
4000000000000000EE60E530960AD5019C040000600F0000F2030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
THAW (Enter)
4000000000000000FC87EC30960AD5019C0400009C0F0000F2030000010000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
THAW (Enter)
4000000000000000FC87EC30960AD5019C040000AC050000F2030000010000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
BKGND_FREEZE_THREAD (Leave)
4000000000000000FC87EC30960AD5019C040000C8010000FC030000000000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
THAW (Leave)
4000000000000000FC87EC30960AD5019C040000AC050000F2030000000000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
VSS_WS_WAITING_FOR_POST_SNAPSHOT (SetCurrentState)
4000000000000000FC87EC30960AD5019C040000AC05000004000000010000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
BKGND_FREEZE_THREAD (Leave)
4000000000000000FC87EC30960AD5019C040000D4050000FC030000000000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
THAW (Leave)
4000000000000000FC87EC30960AD5019C0400009C0F0000F2030000000000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
THAW (Enter)
4000000000000000FC87EC30960AD5019C04000060090000F2030000010000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
VSS_WS_WAITING_FOR_POST_SNAPSHOT (SetCurrentState)
4000000000000000FC87EC30960AD5019C0400009C0F000004000000010000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
BKGND_FREEZE_THREAD (Leave)
4000000000000000FC87EC30960AD5019C04000024080000FC030000000000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
THAW (Leave)
4000000000000000FC87EC30960AD5019C04000060090000F2030000000000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
VSS_WS_WAITING_FOR_POST_SNAPSHOT (SetCurrentState)
4000000000000000FC87EC30960AD5019C0400006009000004000000010000000300000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
THAW (Leave)
4000000000000000FC87EC30960AD5019C040000600F0000F2030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_PREFINALCOMMIT (Enter)
4000000000000000FC87EC30960AD5019C040000600F000006040000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_PREFINALCOMMIT (Leave)
40000000000000000CE64B31960AD5019C040000600F000006040000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
POSTSNAPSHOT (Enter)
40000000000000000CE64B31960AD5019C040000600F0000F5030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
POSTSNAPSHOT (Enter)
4000000000000000CED15731960AD5019C04000050090000F5030000010000000400000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
POSTSNAPSHOT (Enter)
4000000000000000CED15731960AD5019C0400009C0F0000F5030000010000000400000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
POSTSNAPSHOT (Enter)
4000000000000000CED15731960AD5019C040000BC090000F5030000010000000400000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
POSTSNAPSHOT (Leave)
400000000000000028345A31960AD5019C04000050090000F5030000000000000400000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
VSS_WS_WAITING_FOR_BACKUP_COMPLETE (SetCurrentState)
400000000000000028345A31960AD5019C0400005009000005000000010000000400000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
POSTSNAPSHOT (Leave)
400000000000000028345A31960AD5019C040000BC090000F5030000000000000400000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
VSS_WS_WAITING_FOR_BACKUP_COMPLETE (SetCurrentState)
400000000000000028345A31960AD5019C040000BC09000005000000010000000400000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
POSTSNAPSHOT (Leave)
4000000000000000262A3332960AD5019C0400009C0F0000F5030000000000000400000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
VSS_WS_WAITING_FOR_BACKUP_COMPLETE (SetCurrentState)
4000000000000000262A3332960AD5019C0400009C0F000005000000010000000400000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
POSTSNAPSHOT (Leave)
4000000000000000262A3332960AD5019C040000600F0000F5030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_POSTFINALCOMMIT (Enter)
4000000000000000262A3332960AD5019C040000600F000007040000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5}
PROVIDER_POSTFINALCOMMIT (Leave)
40000000000000005EC64F32960AD5019C040000600F000007040000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
BACKUPSHUTDOWN (Enter)
4000000000000000D4766032960AD5019C040000600F0000FB030000010000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
BACKUPSHUTDOWN (Enter)
4000000000000000883B6532960AD5019C040000540F0000FB030000010000000500000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
BACKUPSHUTDOWN (Enter)
4000000000000000883B6532960AD5019C0400009C0F0000FB030000010000000500000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Shadow Copy Optimization Writer
BACKUPSHUTDOWN (Leave)
4000000000000000883B6532960AD5019C040000540F0000FB030000000000000500000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
BACKUPSHUTDOWN (Enter)
4000000000000000883B6532960AD5019C040000BC090000FB030000010000000500000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\Registry Writer
BACKUPSHUTDOWN (Leave)
4000000000000000883B6532960AD5019C0400009C0F0000FB030000000000000500000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\COM+ REGDB Writer
BACKUPSHUTDOWN (Leave)
4000000000000000883B6532960AD5019C040000BC090000FB030000000000000500000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
1180
vssvc.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssvcPublisher
BACKUPSHUTDOWN (Leave)
4000000000000000883B6532960AD5019C040000600F0000FB030000000000000000000000000000A1DF5994DA5A8E45B59C9000DE046D890000000000000000
832
DrvInst.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
832
DrvInst.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
Blob
0F000000010000001400000085FEF11B4F47FE3952F98301C9F98976FEFEE0CE09000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B0601050507030353000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C01400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB5748501D00000001000000100000005B3B67000EEB80022E42605B6B3B72400B000000010000000E000000740068006100770074006500000003000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B812000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68
832
DrvInst.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
Blob
190000000100000010000000DC73F9B71E16D51D26527D32B11A6A3D03000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B810B000000010000000E00000074006800610077007400650000001D00000001000000100000005B3B67000EEB80022E42605B6B3B72401400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB57485053000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C009000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B060105050703030F000000010000001400000085FEF11B4F47FE3952F98301C9F98976FEFEE0CE2000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68
3348
MsiExec.exe
write
HKEY_USERS\S-1-5-21-1302019708-1500728564-335382590-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
3348
MsiExec.exe
write
HKEY_USERS\S-1-5-21-1302019708-1500728564-335382590-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
3124
fusion msi x32.exe
write
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
3124
fusion msi x32.exe
write
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
2612
WScript.exe
write
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
2612
WScript.exe
write
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
Architecture
32
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
DisplayIcon
C:\Program Files\FusionInventory-Agent\Uninstall.exe
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
DisplayName
FusionInventory Agent 2.4.3 (x86 edition)
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
DisplayVersion
2.4.3
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
HelpLink
https://github.com/fusioninventory/fusioninventory-agent
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
InstallerVersion
2.4.301
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
InstallLocation
C:\Program Files\FusionInventory-Agent
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
NoModify
1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
NoRepair
1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
Publisher
FusionInventory Team
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
UninstallString
C:\Program Files\FusionInventory-Agent\Uninstall.exe
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
URLUpdateInfo
https://github.com/fusioninventory/fusioninventory-agent/releases
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
VersionBuild
23
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
VersionMayor
2
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
VersionMinor
4
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
VersionPatch
3
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FusionInventory-Agent
VersionRelease
3
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
backend-collect-timeout
180
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
ca-cert-dir
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
ca-cert-file
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
conf-reload-interval
0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
debug
0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
delaytime
20
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
html
0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
httpd-ip
0.0.0.0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
httpd-port
62354
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
httpd-trust
127.0.0.1/32
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
local
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
logfile
C:\Program Files\FusionInventory-Agent\fusioninventory-agent.log
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
logfile-maxsize
16
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
logger
File
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
no-category
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
no-httpd
0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
no-p2p
0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
no-ssl-check
1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
no-task
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
password
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
proxy
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
server
http://inventario-fi.forum.cl/plugins/fusioninventory/
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
scan-homedirs
0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
scan-profiles
0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
tag
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
tasks
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
timeout
180
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\FusionInventory-Agent
user
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
write
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
996
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
LanguageList
en-US
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\p2pcollab.dll,-8042
Peer to Peer Trust
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\qagentrt.dll,-10
System Health Authentication
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\dnsapi.dll,-103
Domain Name System (DNS) Server Trust
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\System32\fveui.dll,-843
BitLocker Drive Encryption
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\System32\fveui.dll,-844
BitLocker Data Recovery Agent
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\dhcpqec.dll,-100
DHCP Quarantine Enforcement Client
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\dhcpqec.dll,-101
Provides DHCP based enforcement for NAP
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\dhcpqec.dll,-103
1.0
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\dhcpqec.dll,-102
Microsoft Corporation
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\napipsec.dll,-1
IPsec Relying Party
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\napipsec.dll,-2
Provides IPsec based enforcement for Network Access Protection
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\napipsec.dll,-4
1.0
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\napipsec.dll,-3
Microsoft Corporation
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\tsgqec.dll,-100
RD Gateway Quarantine Enforcement Client
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\tsgqec.dll,-101
Provides RD Gateway enforcement for NAP
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\tsgqec.dll,-102
1.0
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\tsgqec.dll,-103
Microsoft Corporation
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\eapqec.dll,-100
EAP Quarantine Enforcement Client
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\eapqec.dll,-101
Provides Network Access Protection enforcement for EAP authenticated network connections, such as those used with 802.1X and VPN technologies.
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\eapqec.dll,-102
1.0
3776
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
@%SystemRoot%\system32\eapqec.dll,-103
Microsoft Corporation
2700
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
LanguageList
en-US
4040
netsh.exe
write
HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\63\52C64B7E
LanguageList
en-US

Files activity

Executable files
104
Suspicious files
16
Text files
2607
Unknown types
0

Dropped files

PID
Process
Filename
Type
2472
msiexec.exe
C:\Windows\Installer\MSI46A7.tmp
executable
MD5: e163ef9519c0d529278b96a26f7fc0b6
SHA256: a1469fbdb2cec72112b6be083c1f891d8ce6b23415a757637ea00b479dda398a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\HTML\Parser\Parser.xs.dll
executable
MD5: b9af01a184c74471564334e8ed563389
SHA256: 012cd368a2477aeaf6055fb2ec3c1ee61ceb5d3fd21645bb279f4d9e401cc755
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\libwinpthread-1.dll
executable
MD5: 2f4d054ba491e43b4827d5669317dee8
SHA256: e5eb3bcc21cdf9eb74fc5b61f22526f6e10b2f569700d9d356bcbc0e20b4b93b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Digest\SHA1\SHA1.xs.dll
executable
MD5: 485b242cfa8334c373c56e04e879facc
SHA256: 5cdd8cefd9f2b445c5bfb3b52ac9514d19927cc6b27373d3893ce72e9d9e391f
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\perl524.dll
executable
MD5: fe2dee6d427d8fa4a8c1f16d9f2368be
SHA256: 28f40d2b2ef35ac1b5550e66fbfa8146aa208fa96896ce5bef52389765d4533d
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Package\Stash\XS\XS.xs.dll
executable
MD5: a106b18a5d7bc39939422e804217f053
SHA256: 56248d7c1b62d8b78caa6c4eb3e43c7cfc4eee5dfcfd75c8610ad3f38837463e
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\fusioninventory-agent.exe
executable
MD5: 7ac4feb57bd48a6af48a7178d5203d93
SHA256: fbc207f8f9c87801c4b4696cfe949e5dd825d3edae25f366178c50651aa58325
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Params\Util\Util.xs.dll
executable
MD5: 17ae116cff10ecee877112d2bd9af728
SHA256: 328df5e2881f0c788bf90e1246d81e407403ac82f7b9ced99cc6858457575e79
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\ssleay32_.dll
executable
MD5: 5bc5a4ca6a5147b59840a657710d5e7a
SHA256: db485533433dc10e908f8956776beefe430b99f48f270a8b58d4fba5239ae92b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Sub\Identify\Identify.xs.dll
executable
MD5: 66c85284aa173fdda3e30201267bf470
SHA256: d4a4e8b8d8e136582d3d3ac03c2145fdac1e7392271947778fde190978d230d7
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\CryptX\CryptX.xs.dll
executable
MD5: 1389cd7570168ca3a6cba765b1f5d94d
SHA256: 37477d8787fd00da9378aafb589afb67c8a55a26205bbea59b8d590362115f70
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\perl.exe
executable
MD5: 7ac4feb57bd48a6af48a7178d5203d93
SHA256: fbc207f8f9c87801c4b4696cfe949e5dd825d3edae25f366178c50651aa58325
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\libstdc++-6.dll
executable
MD5: 2cd6ed71a2dc6490fd69ed109e87023f
SHA256: 95a513d6620b62bb6c683df9da3dcd6e9f036a9b883fe6fd731ad9964ef2c3b0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Variable\Magic\Magic.xs.dll
executable
MD5: 7f8da678ad6c63b36125fe19003aea1c
SHA256: 51fec442f6d5777658e2de15526772f7ddee99b6487fab301594a7d3e2c13bc0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\DateTime\DateTime.xs.dll
executable
MD5: e2f147ec2b7f7acfd5ba1047a8f12c5e
SHA256: 25d3da58c5160ea47d5dacf9f64a1f1d9555044e049c8c429f3f6a66b7262cf5
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\libgcc_s_sjlj-1.dll
executable
MD5: d2002a73e55ffc4e6c70642a401535b9
SHA256: a3e4f852599ab3bf5d4eeeff5c589c412673fea2917a3a7ca6b65a54fd576c19
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Compress\Raw\Bzip2\Bzip2.xs.dll
executable
MD5: c24abb4f94f3afa08cf0e8a59183ad3c
SHA256: ccb13dbbbd620cc6b09599746b6a586475d09854cfeab4502c5d60c84982db99
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Sys\Syslog\Syslog.xs.dll
executable
MD5: ce5a3e6bbf359ff9e75775173c813106
SHA256: 577fcba342d6df80a1c4fa11b7fb4a78f128a823c35c67440754ea4a15f7082d
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Crypt\SSLeay\SSLeay.xs.dll
executable
MD5: 62fbdf67f46c2c69eb5ce4e17ca1da7b
SHA256: 7846319e6efd6bac44fa4333e395a64625d6cab713a0f00ab74d3c1792e6b79b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\perl5.24.4.exe
executable
MD5: 7ac4feb57bd48a6af48a7178d5203d93
SHA256: fbc207f8f9c87801c4b4696cfe949e5dd825d3edae25f366178c50651aa58325
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Cwd\Cwd.xs.dll
executable
MD5: f9dfcfeb1f431fb7e68e7aebef006349
SHA256: 9d0de084734198d1e141f3074ef3b852ce892eed1ead9c2f8678840856126aec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32\Daemon\Daemon.xs.dll
executable
MD5: 3c6295f11db2d711a361e48b8af593ee
SHA256: a8a49f6717c547e9d0c2fd99cd2fb45c53680c1d9ae91eeca14ff76bb5c36823
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Crypt\Rijndael\Rijndael.xs.dll
executable
MD5: 6b7f88a498cd716fa9cad9fbcb5f68a5
SHA256: 435b7a9237f7013b91a8d18715eed1c1fff4c3af3c332e4c9698c5374282650b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\zlib1_.dll
executable
MD5: c1faf35617e5a6edb418ff129048fd95
SHA256: 3285a82c1fe6165b92ebd8e15c66c7baaaace1e74ec2ad74c046c4d93a5b1733
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Compress\Raw\Zlib\Zlib.xs.dll
executable
MD5: 0a2b848ef1b6a13e61eda3c39f745c41
SHA256: 02a0e37a01ccff9d4bfaab35b61efa06d110b1fea3f7999b11aa2fe90c89af30
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32\Job\Job.xs.dll
executable
MD5: 6bf19c263c0fea71cc1479242fe4d489
SHA256: 097a0c6e054565a826070eef87f2478afaa240940ceda0ded6071308be1dc0eb
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Crypt\DES\DES.xs.dll
executable
MD5: 22b6628b05f3a9f05234516652576346
SHA256: 93d0e3e1977ad6c90d0e8eb2bca187ef4440a0481b41a159a3eaf3f6fb86a66f
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\libeay32_.dll
executable
MD5: 9a4799328793a2bea6facdaf2b20da3a
SHA256: a87fb088d811dec163221234461dcfa0865683be256f1ee9cddc18fc60ab3d1b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\B\B.xs.dll
executable
MD5: 61ba29ada82957b870e5d6ce1da48d66
SHA256: 86db287f0d02d30fd4dddac8b9288055906999367836440b0d9a81bfb50094d9
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32\EventLog\EventLog.xs.dll
executable
MD5: e5d6851e7991b75e7286c66467707294
SHA256: 251c738cea96162419ccb0cc1b63c7dd35f871efcd0496d27938d2b8f6d30e16
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\site\lib\auto\Win32\Unicode\Unicode.xs.dll
executable
MD5: 11181ca41c1308b275660819143839a0
SHA256: ac11f14c0c8aba88a41cbd0e0d0a120d811270696735c42027e8c29296464139
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\Uninstall.exe
executable
MD5: a478209b32f757b655a22cf62197588f
SHA256: 77705464e34e8be65e8c9521998ff72ae0f304f820c249447b8f5410b4330683
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Data\Dumper\Dumper.xs.dll
executable
MD5: 6c349abe37efa58787164544860a79f9
SHA256: 4c78917025bb0cd54c0e0da93e31f674a5bb4a2c2d8a8da2672b2d68a694fbfe
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32\OLE\OLE.xs.dll
executable
MD5: f877d4d59faf11cc6fcce0d41e5870e8
SHA256: e61dd96ba669c03214d6fb593d00cd21a0ea7be0ef554ab80878c2143c12bbaf
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\site\lib\auto\Params\Validate\XS\XS.xs.dll
executable
MD5: f463f3ffd3dd7501d11c1a6ce84a1e8f
SHA256: 38498a8449fc294b1913c2d6e27069c9616b773d447ae9581f11274de1a627ce
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\libbz2-1_.dll
executable
MD5: 0103bb5c0d184e25755336d48bc3e27c
SHA256: e0beb300c9c0c0b9c2ccee0e01ea89a2891e26c926a8b29faadb0eb77c284111
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Devel\Peek\Peek.xs.dll
executable
MD5: 6606ed3864597428f11d4359db31fa67
SHA256: c6bf965406b9d2d8c23527842f01dbe01a77817bd3e3fcfd1228c83606d2c789
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32\Process\Process.xs.dll
executable
MD5: 06c2f0ea2303b1333164f7302c843198
SHA256: e76c5af0dc373e4637e23f01062c09e0d417393d30d9a8c6d63267ed469b530b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\site\lib\auto\Net\Pcap\Pcap.xs.dll
executable
MD5: bf064366e77328e805d7471cc98bd11a
SHA256: 7215374a5fc075f4dbe29ac15b2b7ca839d600dad26fbbb1f670f68cefdd825d
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns5A70.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Digest\MD5\MD5.xs.dll
executable
MD5: 14f711b50c460e0d5f0833214101fb91
SHA256: f055c9624a66efd4532617bc557e21fb6e0e3b92f42b0318c17a79d600ba6e25
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32\UTCFileTime\UTCFileTime.xs.dll
executable
MD5: 25c864e9dbc8561397c1a56441d179dc
SHA256: 6e3dfec156bb3a6b2430466c3f3b0076906bd4bd08ea34ff43910273315b42ef
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\version\vxs\vxs.xs.dll
executable
MD5: 5ac9566c13d804fce39054a27378d007
SHA256: 25fa2bb3cf0a738eaddefe8a7037de7d7db1b6f1f6ada132a9e9c8c74c5d7f0c
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\SimpleSC.dll
executable
MD5: d63975ce28f801f236c4aca5af726961
SHA256: e0c580bbe48a483075c21277c6e0f23f3cbd6ce3eb2ccd3bf48cf68f05628f43
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Digest\SHA\SHA.xs.dll
executable
MD5: 6a38c52fef96c98fef7e2c9ef917777d
SHA256: 6fd5e9ab709069e4ab1c83b6cecdc60de87505a2c99f0271abcff6b93a8b948a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32\WinError\WinError.xs.dll
executable
MD5: 009dd5b3cee00482cc80815d31ccbb3b
SHA256: f338b7e89ccba585538173cdf191f91fa99101e4248f58acf34ed86e126fe15e
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\threads\shared\shared.xs.dll
executable
MD5: 8364b103c79a8fe9b430b19c7e981a3b
SHA256: e3247c9e5b523da9cec276966bc377149e3471bfed3bf73c24b8061363265784
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\nsExec.dll
executable
MD5: 1f49d8af9be9e915d54b2441c4a79adf
SHA256: b22c8f676dec58be8d25fbad1a37835ffc4029f29aaf79f4dc0337ca73a38782
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Encode\Byte\Byte.xs.dll
executable
MD5: fc7af9cab01b9eafef5d954c610f71d6
SHA256: 160383b6d16a47d056a2c250d7b55b05cff1251ed683cc49be65ad06dd6609be
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32API\Registry\Registry.xs.dll
executable
MD5: 495e3613401a9c94030a3168419a4c84
SHA256: 385bee7f8543fb31e0541a6655245dc9d1b95230615e68eb4d136e0373283b89
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\re\re.xs.dll
executable
MD5: e83211ee01545d402c404b0a52104f62
SHA256: aab2806b95d549a91ae67cf2665ee64e9dbd776b6070e42eef4c85a51ef39bb7
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns5678.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Encode\JP\JP.xs.dll
executable
MD5: ad4dbcd4eebbc841e98a3b11376be53e
SHA256: 78928838cfbda6ddccaa8ab358c44c7a8a8e4d9e804704afabadacfab34c6f16
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns7D2D.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\attributes\attributes.xs.dll
executable
MD5: 15ddd0977199985007107b2236d5d99c
SHA256: ce162746b57d0ef4f8cd9666403a32b57ae341f8ac684052ae18c72bc2fef3f9
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\EnumINI.dll
executable
MD5: 80403ca224c7aa80e92799b4d1eb242d
SHA256: e1852457fe4bbb8ffe90b711fd4eda3f37b5e1bb284673aef0f8aa57a9b0559d
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Encode\Encode.xs.dll
executable
MD5: 4fb319eb5c7e344739b0c157cb8419ed
SHA256: 8a9180810f62d6ee8e80e9c1b85454c04ba85df1880af87b25c9028420e3cfd3
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns7F62.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Time\HiRes\HiRes.xs.dll
executable
MD5: 7a4ceddbcbd895a4915028791ef854ca
SHA256: a05d82138175ffc4c0b6b3e6904eb75e3536ab49027fc56ab9130c9f8a181f8a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\registry.dll
executable
MD5: 2b7007ed0262ca02ef69d8990815cbeb
SHA256: 0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Encode\CN\CN.xs.dll
executable
MD5: 778d6a829a11320a6223ebaab3cdb042
SHA256: c1582a9abca66b6ca3a91f2eef4d066eb3b5ea53c85893333ddbd186d382608a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns81B5.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\threads\threads.xs.dll
executable
MD5: 0ff626ab7851f0c878f7f63d7b4d90e4
SHA256: cdd802dbb5dd2e6e42000330819a4e961b5440ec839b2f249ebd42228a804e1b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\GetVersion.dll
executable
MD5: 225f776172f1baccd2721a6e5d512b36
SHA256: ecfcbe30f5b248673f9cbebb734b9981ed14b06380ea787c563d67b30e2d069e
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Encode\Unicode\Unicode.xs.dll
executable
MD5: 4710bc84da835e88501472058673dc5a
SHA256: 7dc4cffb2967917fcfdce537a14b878ce81a468b6c20f8025f935be80573584e
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns838C.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Win32\Win32.xs.dll
executable
MD5: b8a3bfcd04d818c39dfde946b7b6005e
SHA256: 4283f3544adea8cf32cba554569e2cd70b5f0bd8350bc44d04fc970c2936570b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\sed.exe
executable
MD5: 289c007f63e4216757e3c03c38555133
SHA256: 5c2e7c4e79b2af04f09ddec2b01bc68de99761a149e90a37319f515682843116
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Fcntl\Fcntl.xs.dll
executable
MD5: 94957cadea6f89c8267b3c5a82030abc
SHA256: c6fadf1e3905add997e81fcf4ad81f95964959726a9a64d2bdcafa4f18cf1a31
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns8582.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\arybase\arybase.xs.dll
executable
MD5: 519b77880b81ebad9e8d293d7663f8de
SHA256: 64e295279e6d3023462dd7f2df9d58faae7c741e9c05281cfe0b09f57312461a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\libintl3.dll
executable
MD5: d202baa425176287017ffe1fb5d1b77c
SHA256: f48ce1866602b114e653c876334b771107559acf1c685373d2305034613958f0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Encode\KR\KR.xs.dll
executable
MD5: 99dd0cd4c49c7e31444b43028a43b230
SHA256: cf3b851284b2d4b10975c6ce202476641671f4f880a384c261c0c56c97305966
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\dmidecode.exe
executable
MD5: bc4474be4e3c69cf320cd96cc3091566
SHA256: 8774b2edbf99e04495fe4c54574e411db75fd7e2943255e2813db00f8e85d3f1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Win32API\File\File.xs.dll
executable
MD5: 7829be262bbdfa1ce2298644c018671a
SHA256: 6162675304325c659019d3a246c9a39a8b435c90376d7349f464118ff11020d0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\regex2.dll
executable
MD5: 547c43567ab8c08eb30f6c6bacb479a3
SHA256: 3a71bf90e8bddfb813b44f9cbcecf431311a7979c1debc976767b3e5e59031af
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Encode\TW\TW.xs.dll
executable
MD5: 5fa1fdb8968a4186ebfa4fa5926e3059
SHA256: 472dcbda1b1415c14a24bf3c8f5848e52cdcb89134b74310dd3ecaae21e85547
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\7z.dll
executable
MD5: 04e4f293970589ead1dc19fc8be60c92
SHA256: 6cd22f513ce36b4727bb6c353c58182c7cc8a14cbe3eefdca85c2a25906a0077
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\mro\mro.xs.dll
executable
MD5: 0da538cab2f4978e7b4ed2c0b6d50131
SHA256: 478995471153d8e0e359414cd95611c45028db4de97122aace5c470d903c4a23
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\libiconv2.dll
executable
MD5: e0dc8c6bbc787b972a9a468648dbfd85
SHA256: 6deedad652bfab7b09ebd0e06045810390b6ac6cb5aa9ef41c9daa5616181f22
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\File\Glob\Glob.xs.dll
executable
MD5: 103aed0fb9a3268bbd81b4a5926183b2
SHA256: ce9286bdf87428e65ae5a3cdd71da99b82f6d75f68d83919e4fc3cdd6df98e40
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\hdparm.exe
executable
MD5: a9df15c63bad11047f5d5af5b27319c5
SHA256: 90d0cb4ede22b2d8a75e0c8b887609e2ae9963f9afa84c4dcc91c8ac0d78fc86
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Tie\Hash\NamedCapture\NamedCapture.xs.dll
executable
MD5: 07996550aa1eec99234ad8a899db1533
SHA256: a6ea414f215f4be9d2b0cbfae2cb66bb2a1129915cde0c42ba4f7fc23e66ced4
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\System.dll
executable
MD5: b0c77267f13b2f87c084fd86ef51ccfc
SHA256: a0cac4cf4852895619bc7743ebeb89f9e4927ccdb9e66b1bcd92a4136d0f9c77
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\IO\IO.xs.dll
executable
MD5: 02f336df798c95ec2cceba133ed82707
SHA256: 3c18a8337937b9a12f173d35ef6cddd5f7ce6b2306e4e1abc1eb6d72db9bf01d
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\7z.exe
executable
MD5: 77e556cdfdc5c592f5c46db4127c6f4c
SHA256: 034eca579f68b44f8f41294d8c9dac96f032c57dee0877095da47913060dff84
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\MIME\Base64\Base64.xs.dll
executable
MD5: f01af237803c21dd8240fcc6941e7976
SHA256: 4247ca181161f77dfddf3611335a38bee26d69b5465e4723724c9329ffd5cc91
3124
fusion msi x32.exe
C:\Users\admin\AppData\Local\Temp\RarSFX0\fusioninventory-agent_windows-x86_2.4.3.exe
executable
MD5: 7a3197375fb29177d4c002959002d2dd
SHA256: 731c0185164bdb8863c433398f498ba575afda318db448310d4d7e79e187852b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\List\Util\Util.xs.dll
executable
MD5: b1aa1ea8a5cd0ea570c35e28d98b5ae9
SHA256: cf2e58518a2daf145f9c25899e14465595f3cc90c53d496d992e4b6139ae9800
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns8E8C.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Hash\Util\FieldHash\FieldHash.xs.dll
executable
MD5: e91267705317bd65fc61a57b37a6d475
SHA256: acabcb86b0c4a7563622f1bc69ab4ac4b27f35c989186b8986149aa4adc34774
2472
msiexec.exe
C:\Windows\Installer\MSI4D40.tmp
executable
MD5: e163ef9519c0d529278b96a26f7fc0b6
SHA256: a1469fbdb2cec72112b6be083c1f891d8ce6b23415a757637ea00b479dda398a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\PerlIO\encoding\encoding.xs.dll
executable
MD5: c1f531068c04466214baa45c42412765
SHA256: f8d1f1b5c45cc3fd67522155d7d621ad501f617eacde528a23d617b63804f25b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns9802.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Storable\Storable.xs.dll
executable
MD5: e9a5713a6e4dcd5b363f7bdc088da3bc
SHA256: 37eb09d371109284837b9f31d0440656b2357b911a0d11c89a38cd7a2aba9581
3880
MsiExec.exe
C:\Users\admin\AppData\Local\Temp\MW-02e3bf8a-3938-412d-99f5-23bfdb567436\fusion msi x32.exe
executable
MD5: 45af8c969bf4509d82bded08889139a3
SHA256: daaf08b7d6e66efb81c9e652d5361eb97f0de9f19ff9787e7da3dfaa32fb5466
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\PerlIO\scalar\scalar.xs.dll
executable
MD5: d6428702416c4cae59305c46ff97b13d
SHA256: 5bf8ff4ea81b95a9b62a3a424689fab498ca08bec4ccba719f4a170bf805d985
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Users\admin\AppData\Local\Temp\nsn54C1.tmp\ns9FC4.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Math\BigInt\FastCalc\FastCalc.xs.dll
executable
MD5: b35bdc477b6d2c7cf96c1a50df894281
SHA256: 3bac18ad713a9d30f0112d97bc754bd606fb14a72e8e80ea451d47681bfc8703
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\POSIX\POSIX.xs.dll
executable
MD5: ca1917b75b02f1a45804c9ffb07ed44d
SHA256: 4208e88d8ac9dceb7b628ee6ad965dc15ec1b7616105eacc2e37572a9164c81b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Socket\Socket.xs.dll
executable
MD5: 2c85311e1c6bfbfe74ea812c45f6d706
SHA256: 53acb1db72dbd566af69f6a2753c3ab09d06dbb6425a8ac5920ca8b04ab707ce
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\lib\auto\Sys\Hostname\Hostname.xs.dll
executable
MD5: b51517c333aead9cec3bf69d344a669a
SHA256: 5391ffac4d194f278dd8c7d0cbb769546bd1a0491d2c87fd8a449add2ecd0877
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\bin\liblzma-5_.dll
executable
MD5: 4c219f4e078a4d34bac0947cd4f1709f
SHA256: 4d8b2d808929361538fa38a2299fca56659e02aa5e651906ca22b7c144958f09
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Softwares.pm
text
MD5: 01ab4dca47373f73aebcbac78b75fcd6
SHA256: d81fadfe46f7ad176f8de7d8024189e0962af8b34e8b75bff0dd5a199316bcbb
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Virtualization\Jails.pm
text
MD5: c50d4a346001bbb585cad8fa7562e35c
SHA256: 8f9f425f06f7d5e591982a022adc4ff3d6ee04570d473f1221c015d89dfe5de2
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Solaris\Controllers.pm
text
MD5: 36d5c7d45f8bdff772be6a0994ea9805
SHA256: b837151ea0dcc5673212f751db3853ca7c7bcc9fcafed722181796fc36a26bdb
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Solaris\Bios.pm
text
MD5: 2d5dff396e3e09d6d0ef27e4f9203f46
SHA256: 6eb21857ea9bdc55842ccd0619c34ba3967846e260cb921b9191f3a7e536dc25
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Storages.pm
text
MD5: 509d9bc9e9259a757e095c65cd995e3c
SHA256: 6d2aa7f84bee55b334e8150bd7d486b22bac42a56ca02a3be8375b209722459a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Solaris\CPU.pm
text
MD5: ffbc21ed30e0a6c727ff4177899d94dc
SHA256: 0b7186a308da81950303c509791adcf8ea8bd3d0d51553dab0d8dd4c3dca4b51
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Solaris\Memory.pm
text
MD5: 5061980f139a4632a458a5149df4e79a
SHA256: 544dbecff398d7dc16de8ac4f4a9de44c22b719d7aaa38cc3bc8e4e77e30aee9
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Solaris\Drives.pm
text
MD5: dd6a819bf460453fffb21bbe47b79ae8
SHA256: e408adec48054c45e5e34d9d2e7d27b7b83e81baf3deda70c23e401a2c2c7d18
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\USB.pm
text
MD5: 05d5c2eef8fc32aa1644979a64f0f872
SHA256: 5b50b7280b41cdd53b30694ed2fa67693981f0aa8442a5cdb6e24fedbc3f2def
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Videos.pm
text
MD5: af0891928d83e8dad2c917b398a5229a
SHA256: 0a780a1afb9f48b935972ec95ee492c027c9daa261c5235942ef343c1348f773
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Uptime.pm
text
MD5: 1a2bda85e6d38e6a404d97a6eaf4f373
SHA256: 1068aa6fc4fb83edb786fc943af04c32c5ba9a72f878256b4819c765c3035bb3
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Sound.pm
text
MD5: 03caf55b0d49ee988d4fa612bdfdfbc6
SHA256: f0ad2c3324d71427308f3f5c2e725cae14ba240c83978f0dc0ff892f89661ff0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Networks.pm
text
MD5: 6064222b4b2c9db4fe8bd4d5271bcbed
SHA256: 987352909f8793bb903afc7235939b16d19c208cb6123112c68dca6563d244a2
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Memory.pm
text
MD5: 16be0352a65dd6e19b2a136b8839e4c1
SHA256: 9e6286c6bb255a0147aa36473ba39e9d2068b12cab90f01f27cf56a30ff291dd
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Batteries.pm
text
MD5: fef99725d70849311bbb0e4a84557f25
SHA256: 653e6bb0840db431c52e8f990a7e819bbefc5802e120dca6209001cb1827bdd6
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Firewall.pm
text
MD5: 1d78e115a4804b22cf9ce30cb5b25bb3
SHA256: 9a23c5310b2426f19dea3ce7c6ad4b620f39acd0f3bffd712b11e7748f287814
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Bios.pm
text
MD5: e77ba666595d84be82edb0e017e8a215
SHA256: bf230007bd2dfa281f52d2e873c79ce57a19bf86ad131166eefd6256ada25cf1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Printers.pm
text
MD5: 9129401ca6c242bc4142728a47c4f5e2
SHA256: 1acfe497c31b7b0a16a6ce2f20f83a217f96948e44d47d5d912744c93e848c72
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\CPU.pm
text
MD5: 52a7d71979e2058326b1b2708a347448
SHA256: bd5b2046d6a887257a5bc259abe3aa88c7540946de9c91ba83b7fda7e6a479fe
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\License.pm
text
MD5: 83e5c2056fa5db2b77827a822657c35b
SHA256: 919fc0f6de579fb797076fb67beacb75f0bd1a53275b438e0be2ed6f9ea12374
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Hostname.pm
text
MD5: daf8476f8302f4c7416b5916a8a78add
SHA256: eddb4f0e0a01d28c70333cab52602a734aa008e33fbd6b2c8204958ca5344f7d
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Drives.pm
text
MD5: 41340c98035426ad0aa169bd723caf46
SHA256: 6faad53cefcb61fe70c0955429899187ebd5433015c7004d8ab1c32e4cd137fb
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\MacOS\Softwares.pm
text
MD5: 1f838591083d05d893e9bb55d611cd50
SHA256: 8314d2cea36fb34b00dd345754e8e9b55386eecc4c428749ec301f9565992e61
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\m68k\CPU.pm
text
MD5: a8471c5696db03b3bc3f883a8f504a16
SHA256: 88fb48e311db5c10bb7c17779173d6fc2919406f5d6f14913ab45d4e266810f1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Storages\ServeRaid.pm
text
MD5: 20a1a91a132330e3cf68f13b298694b1
SHA256: e935cde3ce60ac230506c3b06bb2bb9101963f9eefb5b62135b92e1aeca18051
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Storages\Megacli.pm
text
MD5: a4911c5d50f48e1ecdce2a065084d1a6
SHA256: 023311552d7c4b84af6ffd814c53e4b9dd4aa89c81e2acfbe00f1d7cecab2673
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Storages\Lsilogic.pm
text
MD5: 1296c445d0d345d13c5f905d456bc026
SHA256: 670ef3c2829f386c80b0df623cbfc842d88d891522cb2ea8661584446d4e5115
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Storages\Megaraid.pm
text
MD5: e11cc24781b7713ae479b86a01b23eac
SHA256: 0d92010d0b60e3e78419e2181cfa067747227e17713640f710c139682cc4cef6
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Storages\Adaptec.pm
text
MD5: 1c9738cc158bd54688c3611694f84c9a
SHA256: e744f3278c7b882fb5ae86b9d21a1814714b796963c3e9ff7b9ef74e0b0d17d9
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\i386\CPU.pm
text
MD5: 594a95291582beb2df8ae93a8b3e0c35
SHA256: b750c9aca55d314e4ff88a1b98b14a785f80d2b73caecb2695b97fce443681d1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\SPARC\CPU.pm
text
MD5: d2870d6448664a8d8e7ab3acc26f31a9
SHA256: bc6572f02ad59c7b0b636285f76cc83473f0512f9184ae75f1542aaecdc4ffc9
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Networks\FibreChannel.pm
text
MD5: 06e322de2d17e5911669625fa7d163be
SHA256: d6201f6d1c3867f0ded9772f3b92a76dff129b88d81b8807d7622653396ff944
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\PowerPC\CPU.pm
text
MD5: ca16762d504da1c35936a0f034005342
SHA256: ae7321479aeedf03f7c84e079a345498dff1458578e911c25ebcee24cd4cbdcf
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\PowerPC\Bios.pm
text
MD5: fd1d492eb6471d32526816e1cd0a9444
SHA256: 6af0ef055c8b403fda0927dc5c2403e93bf7c4a5d21c8b113605cb45ba7fc2f9
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Distro\NonLSB.pm
text
MD5: 77d2ffc18d5bc371f0956f683c0a73a3
SHA256: 4921eb5982f56021c93524e8b13ee098b1400b4b8907f467f2a5a57eaba28683
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Alpha\CPU.pm
text
MD5: f101eedb64d12e8ade2ceb9f89e5af60
SHA256: 0d36245679087feaf6c8b052f084c218be12f9583e4060c49712cd7997ff117c
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\MIPS\CPU.pm
text
MD5: 2e3f6fcf4486e804ab8b32b93c3565f3
SHA256: aa30318a217dfa3bb7b4742459ac6886689930e6cf54befff92244cb3f4bf978
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\ARM\CPU.pm
text
MD5: a27d1ca380de6711ded11c38b592036e
SHA256: c895427df7811138853ecc069a1c6bec4fd0585cd83d52d4892af6e50e49a703
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Distro\OSRelease.pm
text
MD5: ec0b37bdcb2b9986bafbb5ec160feae8
SHA256: a1b9ad0155a835fad9837ed018fadbb5e54a345af05719a53439b40b46a61d41
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\PowerPC.pm
text
MD5: f7f7cda79766b84683f4042ad8b0a835
SHA256: 296fe725fbcc2805e1ef85a0223ee2248d55ef5f401b0789d4045b4957afbfa2
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\MIPS.pm
text
MD5: 5d436b32b3a8368d3ccca7f13492f18f
SHA256: a3261207bd07c1bff631570fcd33342384fd118b72cdd318ce636e057b3aef2c
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\m68k.pm
text
MD5: 86ba83bb2e6fd5f4c6941c4e093bd7bc
SHA256: e0d4e8101a8a4da67ec03a8079a20fcc5187d3672abe2c1d2fc5d1ad02e1eb3c
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\ARM\Board.pm
text
MD5: 4c99d020a62640467b4edd26229f5259
SHA256: 67ea7264f79864af64e0ce40abb5580dd57ab540f70f313f2f223edc0ae585e2
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Storages.pm
text
MD5: b2b4c3e7ec0b2c324bab573f1aa5d8ef
SHA256: b17e70ab93497c983b3a007f348df8e2643c446916447710af176629e12a6f56
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Memory.pm
text
MD5: 6e2ccd5ff71bff7f267f04cf40c809bc
SHA256: 70829112ef4b6b0ea24c46cc0c240330a62630a9ba3c6aa28d633a200d396aea
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Videos.pm
text
MD5: 9b008da6e3d456af4184f349eb771a29
SHA256: c73106fd4b037a3c15d2aab788d14319785900f975567e42a56806a0539d33dc
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\i386.pm
text
MD5: 76033d48f4c5f79d0e6392ccd0a95297
SHA256: c1df9ba8114455cebcb16c84d7c4ec0795ce13d014734cf5286e0b3fdadea3df
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Networks.pm
text
MD5: 2aa12c3cbc1e9b029e4fc898f91d934d
SHA256: 885fac160a9851e356e4324a43874a850e2b8358f74ccb5042fe47b4d4071ad3
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\LVM.pm
text
MD5: 23ef89c1d587bc5737ef47e4dc2593cd
SHA256: c4e7c24c448a4760ace312112d352855f06cca7ba266209946621695b3d6dddc
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\SPARC.pm
text
MD5: b098559136a6b6571a57db5612ef4545
SHA256: 5002b8722fcb943ced9a99591803d052a7e7d5e43622eded729d5148bce3c8e4
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Inputs.pm
text
MD5: 7910f4fa16a22a965222ea1ceae82112
SHA256: 0227c028c47e6f58153a11643461a563986810f281168ad8888be2d3403e9c60
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Uptime.pm
text
MD5: 670bd9acc93f58afcd3ca490841199a9
SHA256: 0e2cb530e252ea90025af2dd77f94a2e04686594c5b07431edad54675210cd1a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\CPU.pm
text
MD5: fde5eb9c59529507d7c0e84c9ff1289c
SHA256: 8c9666050dbebd6f96644393fdb5348c511403f9b13a5bce38da7644bab0eced
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\Slots.pm
text
MD5: d5be8d7e2be7cc5dbd1ff63970c4ef44
SHA256: c21bf06c3c062a0a8b0c49a37798caf48e5a1d4712726e3277a87e89558a29d3
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\Uptime.pm
text
MD5: 2641287912a69e3244413ccda17d0ba9
SHA256: c03ee34f32f4f22d0ba90e589e56801567e78496e739377d3de5d2600973f294
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\Drives.pm
text
MD5: e0c339fbee1d536383e56a509973dde0
SHA256: 318797974f599d7802af6438f6062820e7fdebc863a5142d577e1c5e826a4d31
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\Networks.pm
text
MD5: d6b5a31603595cb69e1f6d6cddc1fabb
SHA256: 561e82e856b81aa7f62f3ffafecccdfc22e001913589a30c9317eb7d8d54e9cb
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\MP.pm
text
MD5: a286c4d2d1857c2074e588b9e9e1b3fb
SHA256: ce76acbe50f7eb91ab67af94bf44912b4e4c115908cf2745208efa84b7b64b0f
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\Memory.pm
text
MD5: ac4d2a520b56c20b4ad34bf9282e9aad
SHA256: 7cd999bf68a5a0bea34e19632a4b71687d6fa5a0dfa6ec0e617f53515f095236
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\Controllers.pm
text
MD5: 0af2e352afbd800234a8d271313819cc
SHA256: bb3775e2ab6e6da984587ce9f4055572ead67ee102fed5670bc2ea967ca97289
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Drives.pm
text
MD5: 2cd2ad8609791fe4c249493020ed21e7
SHA256: b8a13396d0943638b7df1a9f1f4a8da0e254b49690ef0572d7a944a14ac4d826
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Distro.pm
text
MD5: 3cf1bdf98b1036a31f692987533efd3a
SHA256: 3f3dcd0f0fc62e1797e8b58c59203fbd518d25c037408d64cfce34168cadad64
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\Softwares.pm
text
MD5: 901a4887ca1bbb5a33989b1c9f554adf
SHA256: 2e7430d79c0dc3eb1717dd2bc63ca5f77075c48baded43a58fdf9a522d1afaf8
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Bios.pm
text
MD5: 18add415508f98162ea4c6ed615d3c7a
SHA256: 98063849740273e4e685ed84ec62ac6e2720ddfcd0118dff003498bbf658eb4c
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\Storages.pm
text
MD5: fe2e998a95a2391a78f258c36b707cb9
SHA256: f320c920c4f75ac128f167b04718acc777b15ccd6566a921fdc93a026412ce33
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\Alpha.pm
text
MD5: 8827ea8f2190ce5b3a657bb06dcbcab6
SHA256: 036bb4b751c71974b7ded4b4b525642f02457621efdb9ccc8e2a2fdbcef1c13b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Linux\ARM.pm
text
MD5: 0972fb9efb984e98f422431f4a27ff95
SHA256: 5fb21c3800ce6f6b350432f4c7532eddfe93d4818582499203405f33a31f5122
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Remote_Mgmt\TeamViewer.pm
text
MD5: 41e2cd89496c8dbaecc85f5474b83a84
SHA256: 5dbfb2db05950cfbc0f98ae7b986237ac32b0c2f93b08f96ef217f448d6242fc
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Storages\HP.pm
text
MD5: 1be2bb404619a8aadce6ea4bad1cf00d
SHA256: d744a9428322998dfdfe6d286ccf10bcf5bf5c7e4a910f9ae7899051309dff82
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Softwares\Deb.pm
text
MD5: deb8422df236d41f319c9be7a7b1a733
SHA256: a48b33616598e43ca9331e05533bd473def3050004b754dcf018e2eba7e07747
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Softwares\Nix.pm
text
MD5: 53c35bff9d8d0110cf83634df76630f3
SHA256: d35e31b331836bf10ff9c711813830d0d0b64016dbd0ae81af8925e06855ae44
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Softwares\Slackware.pm
text
MD5: 57e6903b7710b93015e3bb8cf361de90
SHA256: 7d04641b5a0916df13b74d6caf9bb8f41174268015d0baa415f50679e7d3cca1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Softwares\Pacman.pm
text
MD5: 90749fc656a4494ababf5c6282b2a434
SHA256: 01d0d2209dfd1f33a957b16cf2ee38de2d8d8587a453c39278fa657dfa809554
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Softwares\RPM.pm
text
MD5: 3c484b253c783d270b86017ae9bde10e
SHA256: 76a95879f9a8ccec4b72d2b04b13b9fa34cc1717805477ef4f3f021532a8e5a2
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX\Bios.pm
text
MD5: 3210389d6f0b93679e673f4b97af2198
SHA256: ca40dd2300ee63997330c505ef1a01107b5e5a1b632e9eb38ba7fd1d3a056e7b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Softwares\Gentoo.pm
text
MD5: 844fbb0a442e62daf4a83258e9f28146
SHA256: 803ade58635979d1f5cddd415f7968bc07e6ec1dd9c3fae222ee81b7422c8506
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Storages\3ware.pm
text
MD5: 0e374a9e306066aacb0e6c6374e2b71d
SHA256: 78ec23582e5e5de289dfe5d61322fd52930da26fda6922529c7171c0a2adb68d
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Ipmi\Lan.pm
text
MD5: 639b7a841dcd5f38f2b31d89305c4b1f
SHA256: 532da24db99b3cea3f03badecf6955a8965698f1016aae7b6a3f494a4c0c33b0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Networks\iLO.pm
text
MD5: da7b7665d3bf2bed05956141107d68fa
SHA256: 977744428548abceb35a3eabff8fcd937ac6a1d4a0a118245a42fad5be006c74
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\PCI\Controllers.pm
text
MD5: b2dc061690f2d11e434c913a7eee82d7
SHA256: 58c1c9319dab7861ecd8bfe79bbb53a7d3000f5fb52aa14b9b11b124c44ef5d7
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Firewall\Ufw.pm
text
MD5: 1398bb1ebf065aecb584cbc8e3257159
SHA256: 574cb9e8ca3782412291e4adc9700a4f9755a05e6e35d5ad1ffad66e415ff949
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\PCI\Sounds.pm
text
MD5: 2ef57929e895c9a060f70689425baff6
SHA256: 6ee0adb3ff49fb19d9edceb27fd68b00c6823b4e42fbb8e5475e3737187f3d42
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\PCI\Videos.pm
text
MD5: 964886e9bb3a54fff2d4549f215f533f
SHA256: fe6956e7abbe556e3fb8e376a44dbfdc0553e08d65447641965dfcff80731202
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Ipmi\Fru.pm
text
MD5: 1e812a8d582b1772443a0e20d24fca60
SHA256: 53f199a66c89c93ec71ba2534a2ad116b3c2fc5e1400e3e724603686d36390c4
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\PCI\Modems.pm
text
MD5: 4922c093ed7594a185b8fd0a2d87db02
SHA256: 7f6acc36bf4051f3866cfef20590681a2cd79adaa2de9f562dd22fec9ab8fd91
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Firewall\Systemd.pm
text
MD5: b6985ce0c01db852eae5995afe5450cb
SHA256: d66c99764774107123fa3be1556816c5d91404a9a05bac252619527ccd746495
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Dmidecode\Battery.pm
text
MD5: c20a1c05d315f73ee14faaa7eedec83d
SHA256: af0d4b66feb2c814217dfbe183103febb1dc5af5d629a90e97c7dd815c355634
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Batteries\Upower.pm
text
MD5: c0bdc56a68090bc3f87805fb520943f6
SHA256: 2b17d7b5cd74d901c63a7f75229b690287559415f638787bb7b7bf5bf6dd3ecd
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Dmidecode\Memory.pm
text
MD5: 1416aed3c155545eb566214ef71ff6e5
SHA256: 45a4ee002b560bb0e447fbc7856624583e2e700261dc0c899f4669caca14de5d
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Timezone.pm
text
MD5: 158fad253ec9129837d30cdc1e79f6b3
SHA256: 00b1f3b10bf4ebcf11818bf4efe7eb2aa77c842a6ebe8d704ad0deec024a1e1e
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\USB.pm
text
MD5: a81c68c9d3394ebf040b212388480206
SHA256: 1bcc906e186a9d575f460f6a590959628dbabf649839594ce6c6e1a7e1c1740e
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Dmidecode\Bios.pm
text
MD5: 87590ae696d9a67dc27bdda20cbb17f0
SHA256: 02d76439ca85dccafbc7ecede1235fc93c61eb6c78a93bc4d90451243b0dfac7
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Drives\ASM.pm
text
MD5: df812e4ce60fdfeef66bc80cd6ff7c34
SHA256: d4aa7d8ddb722385ef38d926d1cf644d850b2c12b08435e0f527005309b0b479
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Users.pm
text
MD5: da3d0eee32e8becca55d20e281db070c
SHA256: 75c5136eaf488d5f7d3445edbacf4cc2cc47d5b102f3b1e175a514866aac1338
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Batteries\Acpiconf.pm
text
MD5: ae86e2c47d6a031a003ce90ea9b17710
SHA256: 956a8be1137349f6a0b1590d6959a52f11f8a9d01b951675f5765f73cc092903
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Dmidecode\Psu.pm
text
MD5: b186b18c3be636e73e1334f3757884e7
SHA256: e8f930205c4365edcbb1046967ae80627bd9690e3b142e31aa921b2012a51944
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Dmidecode\Ports.pm
text
MD5: b104bd3a61f2cbed870b48b0a460652a
SHA256: 9dd7d310449775ccd82b3d3486977134a571627cb6350927b1e3b7057a364d51
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Dmidecode\Slots.pm
text
MD5: ac98eb2552a2cdc974f6b133b3035158
SHA256: 3533f0b7ca4a98a2947ccd3029403fb2778692bc51694722896a367b893506c7
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\SSH.pm
text
MD5: 9f1d61d1093caaa503981e37eadae115
SHA256: 9d334892ec3462380fff4dc41c31822335201e25a5d4a7997f20bb7a0146c681
2472
msiexec.exe
C:\System Volume Information\SPP\snapshot-2
binary
MD5: 4d3349e2ba0926266529e916995c9fb1
SHA256: 967f8f8012af4697be394dd35ef570aea64e9f51e457724637c985d65528a0ed
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Storages.pm
text
MD5: 7895969fe108259835fa09b79df8b39c
SHA256: 94eade185e1f5e43830cdf0b6fdacc53ac089e79bf0850ac827b3ea1b000729f
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Remote_Mgmt.pm
text
MD5: abc39fb7d68833177698e9bf9bd520d2
SHA256: 5b14c3f1e3d1fb212d80c5b31d7d56f3e2449611e22b4fd0be2903da9135f631
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Rudder.pm
text
MD5: 198a8dc83cf4b08d8f62cb5be6dd5b2f
SHA256: f6b9628ad317f84a39c134a961cb3a7ffce8b742ce78b88bb93b23f05e2e1799
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Screen.pm
text
MD5: 49149e325f58f5a446ab7cdae4ac5b51
SHA256: 5455e980940795b946f7da8c81a53e07a39a6d284194f524cba238e671358aff
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Firewall.pm
text
MD5: a9abc384547d124464956909b6c7a7fd
SHA256: 54ae2323ab9b042a63b5b6c383e324eaf5e735dbb22c9e915c2fbf716ab5c0c1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Printers.pm
text
MD5: dd3ec38f625dd1d07e4dafc64d780959
SHA256: 3081595fc85a97c01182b305d833f245c233852a09fa8bd2c06acc45bdcf62a1
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Arch.pm
text
MD5: e4fcdd67109ef31df0b55524b9ddb269
SHA256: 5370a9cebd49b9ed78aed3a343840856bf751e4e80c732ecc79cbab6fe95618b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\Storages\Megaraid.pm
text
MD5: fb750305711cac232ff39f13f403486e
SHA256: 044979d08f0f6f29ea768dc9cb6f7624938335dfa764882a5efde40fc0d2d0ed
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\PCI.pm
text
MD5: d2b9800611d8fe3c2619bc5fc0bb6063
SHA256: f6842857fc60f88522d47c7f262c3a4787cb6ffcefa2841159d3e77f949ee7db
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Processes.pm
text
MD5: 31e5edf3354b0fab4b70f728515e389a
SHA256: eab6a1658d736df1c5dec8273a2a163370f41b25b59c8591e253a10b1c104099
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Domains.pm
text
MD5: 3341fb080ba8112ec26574578114bebe
SHA256: 4956fd6512dcaebdcba74622f2e9f1e5312495939b5ff48c0dae62a25edc9b68
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Environment.pm
text
MD5: e1b1acae6a62c09883eacee0b3514199
SHA256: 63187f8950d7a1466b2be3eb7daecd043340874ef8ab75ece81fb326c7341e5b
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Ipmi.pm
text
MD5: a132207143b2c88d0a6e6c48e1b8487c
SHA256: 56e7de2046e594ccd0d0be11f07f9b388c89f9d74d1401ba5a0e1da2d1085de3
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Batteries.pm
text
MD5: 722fd0511f823d8653dff9c2276010d0
SHA256: 2e44f5302d8baa6ec3931395f2b02018ef0cb4c69be5a2f9cf02705f9e246874
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Dmidecode.pm
text
MD5: 4793e016edd22af17d6099757c9eba23
SHA256: c7960c81791eb94c6c8c582b3ecefd30b5f3e7366078ddbe0898453d81173fbe
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Networks.pm
text
MD5: c990c550cbcf23a9f3bbbb64df8aeb05
SHA256: 693bbbd155d15e8971abb219042627c858d92c179582df62a3f675a81e3ca474
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Hostname.pm
text
MD5: 476b38962e534e2840b49b5c6b86e70d
SHA256: 1f4ac39cdf70ccbea42e246a011165c5037abbb80a790f99188950339490e1f5
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic\Drives.pm
text
MD5: 7fed31606d7a3315f820216db59a36ea
SHA256: 5438101150ce1cd9e45ea22e4956cd544578be7a6b50fd00e70c46ebaffe811c
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\Drives.pm
text
MD5: fe2f886874d3a848db65f3f7ad72feb8
SHA256: 67b2f12765661e6d34b75b62bcf2adce7251661dd15547c50292281167c790f0
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\SPARC.pm
text
MD5: 9231e7030fa11a056463b3534d57304c
SHA256: 6faed75c4a3e802b1be42c6da167e43cbca83be7c32649fa489aff0c0eae6437
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\Networks.pm
text
MD5: 9dae8b46836bcd17427165c32054b594
SHA256: 7c9d958e904b86f6e36a8a7bd7b02c193022fe60f88752187938cfc22bfb584a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\Softwares.pm
text
MD5: e83bd1467852b23e03eafb5e14d4a25d
SHA256: 6af2513532385387970f23196a9e2dbbe6c7ea17f8301ec52a4a2b192650f556
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\Alpha.pm
text
MD5: b509d83b1798e74987e6d6ef8ba483c1
SHA256: c0526f85c829afb96ec6c6eea3701d8eadde859f9effff297cf0ada31c964a7c
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\Memory.pm
text
MD5: 621e9b47e8d5fceccd806b958dbd31f8
SHA256: 6de76ba63caae570beeaa40d3069ff1ee292e015dc3686dc076e8a836d30bdf2
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\Uptime.pm
text
MD5: 6256388ae1bab8e1f79e07a1fcac5099
SHA256: df2e117cf802640c5bc600d10bb23ab19068709eec64979ca09ad8420ca1bb0a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\MIPS.pm
text
MD5: a931d875ffeb913d0842f421dc95b8c8
SHA256: 613e84b04cd576e654def752801019e4e68015f245685cdd4d9c2be5197c2b13
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\CPU.pm
text
MD5: bbac5bfec69fb4a15cd1432ef52f8b7c
SHA256: ad950f23cfa9b571aafa21014eb6ac477c523b410999167656e85e9db6e92f63
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\Storages.pm
text
MD5: 39db83d708cda25639a5c178e02d65c2
SHA256: 609d4ea826681349ce3d0a69f9343ada70fc5a5245751362c14d79cab3575082
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD\i386.pm
text
MD5: 16df383160d18ce644562a96a9984b12
SHA256: 55beb7bb6aaf3200204306fd798c79c5fafce1eebb30451ca65c60f9bb530dc9
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\Networks.pm
text
MD5: 21aa0d51c4f1ade992beb6bc3bfa9a8c
SHA256: a82e6022123796c1cfc423d213fe60841eb018e89dba29fa9f06b03835ad50b9
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\Drives.pm
text
MD5: 43d887990ba2182cdb585ffbe9d0c4b5
SHA256: 598704abd433891c4f393fe1f27dfd1a893663bda4a57c256e0c0a9cfc9f7490
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\Controllers.pm
text
MD5: c5c8ede9fe8101e8821cd76d0c5b202f
SHA256: ae2eead7a88c26f3a185d96cdbddf42bad121ce3c7ce6f42d7a0c79947001a61
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\Modems.pm
text
MD5: a85593b04d5d2083387f6a512303f82a
SHA256: 6bccaffe95d81f29050d8c713fd433628e9ca21bb33e0d5978a17ae183cd7178
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\Sounds.pm
text
MD5: e58106ea792d8673c291b9d37259e829
SHA256: 2012089ecb7fd9d9f70ac58dccae223f0b51b475d516045dc3b7a33ec4225342
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\CPU.pm
text
MD5: c2656ecfc133920d2ba62323037f511d
SHA256: bc7105b4e15a9382d150dd417f166d7d7c958e973936c9202c8f5c25eae2527a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Win32.pm
text
MD5: 881932e5269f03e2e9adf285d5940e76
SHA256: b572bce79f2df1bee426382e76b85a21c007f3ed2ade245d986e6c39587b8c69
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\Videos.pm
text
MD5: f17c18a12671638e5ae17b46811c1460
SHA256: 80cc7dcfeb79958bf6b3d112285c9d3ec8e4ed68c705811fa89ed6c63ed769e7
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Provider.pm
text
MD5: a9aafafbf7cabfc71c3e464e6a1d2b4f
SHA256: e1532d59bded0b45c93d50346b5f108e86597bbe8ecf1bc9f8d2dd42f4675c3e
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\LVM.pm
text
MD5: 20b69f50abd5d22e972a60e5b957f470
SHA256: 9ecc287b78d7dba8265f4be979b33de0c97ee02f64d452ff193b1d08c8b86b4a
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\Slots.pm
text
MD5: be04713177ee78c751915b0e3a5a961f
SHA256: ed09ee79d03e8bd5b0698399d1b0f7b07b8fee81b7a129297884571780a1acf5
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\Softwares.pm
text
MD5: ce2acebbe0cd729afe3939c686b40a5a
SHA256: e47e1d63693949af9cd92ebfb3caa68d71c05343d9fd994ba9a670bdd1318656
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\Storages.pm
text
MD5: f12cc17f3f528c5b39ddcfc71dd6a523
SHA256: fdc294b83bdae0d0c2698da80c1188fbfc9e6545b03bbf14c59c7c20257fcd9f
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Module.pm
text
MD5: c9283dda927cb2353c170b50d3b0975f
SHA256: f3a8fc9b2ae585092eac79f13a3abade86b0734c52c80d1c1adde7bbb71061bd
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Virtualization.pm
text
MD5: 8fbbdd0819897902a15b2d3c80d2f8a6
SHA256: 03b21450f05a2f64b67712193246f5be0e4b8d87eb5828cebf669d252a0b73d2
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Version.pm
text
MD5: c1165ab67f3cb7e4dec2ee13c50f7a00
SHA256: aac3d406e338f4358fc3000e2c7d9e4001ff368007c1ac5b3e5746865b42e9fa
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Solaris.pm
text
MD5: a2efc91901b42dfc1346c537c9df2900
SHA256: 9a6ce066d5b6b31feb027cec8b5d79206235cb94ebc27593058193d307c29f5e
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX\Memory.pm
text
MD5: 0f335c5dde29dbdfec2b8b8983d3fad0
SHA256: fc9e030e3f9bc07270702d952af8a1e2ce9ad3d1899598989b614f1c698ea2ba
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\Generic.pm
text
MD5: a4138bdec498d378b6dfb013abd305f9
SHA256: 07e16d9b17ff2f416b77132b80b73d4b557569cd76eff44ce0494ceb878a4d1c
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\HPUX.pm
text
MD5: 71fddf8cb874a257c2f0c4165b3ee4ab
SHA256: d53a9d0b1802c56a0b7197381391a0b34211de320c3f9456fbaada90db67201e
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\WMI.pm
text
MD5: 0039b1386deb2d6ac920c92f86625c5f
SHA256: 110c79785fcc85f3ce532b2a6cdf05faeb22e56bc15f87e837a568dc4374c022
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\BSD.pm
text
MD5: 957899f32f10c5b01545ca8c937d67d2
SHA256: d1aa7967f05bbb4ae4b7211f98b8d88a52f8f19a04c55a944069f57b90f6c641
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\fusioninventory-wmi.bat
text
MD5: 48b58b3611dc76e29611051f4eba02cb
SHA256: c0bcb40c102c045f61a74ba35ed1657c08136c12432df76fe475aaeb701ff577
3104
fusioninventory-agent_windows-x86_2.4.3.exe
C:\Program Files\FusionInventory-Agent\perl\agent\FusionInventory\Agent\Task\Inventory\AIX.pm
text
MD5: 4dc2cbd00520fa30bc14c4c8886fd71b
SHA256: b663ea0eedb087be8639865b02e4680ed8173765c0f2a695b918791741292424