4663101280100x80200000000000001448986Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448985Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448984Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448983Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448982Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448981Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448980Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448979Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448978Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448977Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448976Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448975Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448974Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448973Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448972Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448971Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448970Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448969Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448968Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448967Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448966Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448965Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448964Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448963Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448962Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448961Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448960Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448959Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448958Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448957Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448956Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448955Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448954Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448953Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448952Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448951Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448950Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448949Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448948Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448947Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448946Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448945Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448944Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448943Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448942Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448941Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448940Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448939Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448938Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448937Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448936Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448935Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448934Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448933Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448932Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448931Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448930Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448929Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448928Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448927Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448926Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448925Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448924Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448923Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448922Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448921Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448920Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448919Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448918Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448917Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448916Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448915Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448914Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448913Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448912Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448911Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448910Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448909Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448908Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448907Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448906Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448905Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448904Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448903Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448902Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448901Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448900Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448899Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448898Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448897Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448896Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448895Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448894Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448893Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448892Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448891Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448890Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448889Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448888Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448887Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448886Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448885Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448884Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448883Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448882Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448881Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448880Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448879Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448878Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448877Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448876Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448875Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448874Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448873Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448872Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448871Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448870Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448869Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448868Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448867Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448866Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448865Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448864Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448863Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448862Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448861Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448860Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448859Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448858Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448857Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448856Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448855Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448854Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448853Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448852Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448851Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448850Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448849Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448848Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448847Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448846Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448845Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448844Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448843Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448842Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448841Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448840Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448839Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448838Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448837Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448836Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448835Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448834Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448833Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448832Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448831Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448830Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448829Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448828Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448827Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448826Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448825Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448824Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448823Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448822Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448821Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448820Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448819Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448818Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448817Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448816Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448815Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448814Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448813Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448812Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448811Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448810Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448809Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448808Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448807Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448806Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448805Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448804Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448803Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448802Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448801Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448800Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448799Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448798Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448797Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448796Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448795Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448794Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448793Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448792Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448791Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448790Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448789Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448788Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448787Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448786Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448785Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448784Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448783Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448782Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448781Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448780Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448779Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448778Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448777Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448776Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448775Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448774Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448773Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448772Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448771Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448770Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448769Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448768Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448767Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448766Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448765Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448764Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448763Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448762Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448761Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448760Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448759Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448758Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448757Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448756Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448755Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448754Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448753Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448752Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448751Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448750Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448749Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448748Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448747Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448746Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448745Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448744Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448743Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448742Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448741Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448740Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448739Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448738Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448737Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448736Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448735Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448734Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448733Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448732Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448731Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448730Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448729Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448728Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448727Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448726Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448725Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448724Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448723Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448722Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448721Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448720Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448719Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448718Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448717Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448716Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448715Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448714Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448713Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448712Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448711Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448710Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448709Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448708Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448707Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448706Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448705Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448704Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448703Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448702Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448701Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448700Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448699Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448698Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448697Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448696Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448695Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448694Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448693Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448692Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448691Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448690Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448689Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448688Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448687Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448686Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448685Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448684Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448683Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448682Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448681Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448680Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448679Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448678Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448677Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448676Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448675Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449238Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449237Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449236Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449235Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449234Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449233Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449232Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449231Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449230Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449229Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449228Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449227Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449226Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449225Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449224Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449223Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449222Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449221Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449220Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449219Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449218Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449217Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449216Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449215Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449214Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449213Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449212Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449211Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449210Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449209Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449208Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449207Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449206Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449205Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449204Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449203Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449202Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449201Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449200Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449199Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449198Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449197Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449196Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449195Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449194Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449193Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449192Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449191Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449190Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449189Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449188Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449187Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449186Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449185Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449184Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449183Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449182Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449181Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449180Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449179Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449178Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449177Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449176Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449175Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449174Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449173Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449172Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449171Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449170Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449169Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449168Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449167Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449166Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449165Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449164Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449163Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449162Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449161Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449160Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449159Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449158Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449157Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449156Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449155Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449154Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449153Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449152Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449151Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449150Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449149Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449148Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449147Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449146Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449145Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449144Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449143Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449142Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449141Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449140Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449139Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449138Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449137Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449136Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449135Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449134Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449133Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449132Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449131Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449130Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449129Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449128Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449127Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449126Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449125Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449124Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449123Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449122Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449121Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449120Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449119Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449118Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449117Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449116Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449115Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449114Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449113Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449112Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449111Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449110Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449109Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449108Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449107Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449106Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449105Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449104Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449103Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449102Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449101Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449100Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449099Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449098Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449097Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449096Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449095Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449094Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449093Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449092Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449091Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449090Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449089Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449088Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449087Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449086Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449085Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449084Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449083Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449082Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449081Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449080Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449079Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449078Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449077Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449076Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449075Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449074Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449073Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449072Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449071Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449070Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449069Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449068Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449067Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449066Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449065Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449064Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449063Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449062Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449061Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449060Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449059Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f8%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449058Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449057Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449056Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449055Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449054Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449053Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449052Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449051Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449050Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449049Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449048Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449047Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449046Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449045Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449044Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449043Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449042Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449041Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449040Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449039Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449038Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449037Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449036Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449035Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x200%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449034Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449033Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449032Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449031Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449030Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449029Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449028Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449027Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449026Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449025Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449024Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449023Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449022Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449021Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449020Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449019Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449018Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449017Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449016Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449015Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449014Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449013Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449012Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449011Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449010Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449009Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449008Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449007Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449006Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449005Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449004Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449003Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449002Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449001Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449000Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448999Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1ec%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448998Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448997Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448996Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448995Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448994Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448993Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448992Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448991Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448990Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448989Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448988Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001448987Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449406Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449405Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449404Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449403Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449402Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449401Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449400Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449399Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449398Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449397Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449396Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449395Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449394Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449393Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449392Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449391Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449390Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449389Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449388Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449387Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449386Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449385Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449384Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449383Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449382Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449381Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449380Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449379Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449378Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449377Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449376Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449375Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449374Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449373Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449372Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449371Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449370Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449369Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449368Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449367Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449366Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449365Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449364Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449363Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449362Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449361Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449360Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449359Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449358Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449357Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449356Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449355Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449354Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449353Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449352Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449351Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449350Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449349Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449348Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449347Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449346Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449345Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449344Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449343Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449342Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449341Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449340Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449339Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449338Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449337Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449336Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449335Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449334Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449333Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449332Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449331Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449330Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449329Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449328Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449327Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449326Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449325Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449324Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449323Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449322Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449321Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449320Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449319Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449318Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449317Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449316Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449315Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449314Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449313Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449312Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449311Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449310Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449309Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449308Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449307Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449306Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449305Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449304Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449303Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449302Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449301Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449300Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449299Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449298Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449297Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449296Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449295Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449294Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449293Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449292Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449291Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449290Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449289Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449288Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449287Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449286Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449285Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449284Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449283Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449282Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449281Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449280Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449279Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449278Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449277Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449276Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449275Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449274Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449273Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449272Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449271Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449270Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449269Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449268Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449267Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449266Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449265Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449264Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449263Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449262Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449261Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449260Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449259Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449258Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449257Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449256Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449255Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449254Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449253Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449252Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449251Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1e0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449250Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449249Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449248Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449247Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449246Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449245Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449244Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449243Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449242Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449241Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449240Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449239Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449574Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449573Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449572Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449571Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449570Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449569Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449568Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449567Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449566Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449565Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449564Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449563Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449562Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449561Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449560Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449559Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449558Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449557Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449556Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449555Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449554Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449553Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449552Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449551Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449550Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449549Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449548Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449547Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449546Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449545Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449544Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449543Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449542Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449541Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449540Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449539Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449538Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449537Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1dc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449536Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449535Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449534Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449533Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449532Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449531Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1fc%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449530Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449529Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449528Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449527Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449526Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449525Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449524Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449523Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449522Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449521Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449520Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449519Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449518Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449517Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449516Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449515Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449514Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449513Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449512Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449511Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449510Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449509Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449508Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449507Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449506Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449505Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449504Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449503Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449502Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449501Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449500Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449499Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449498Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449497Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449496Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449495Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449494Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449493Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449492Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449491Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449490Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449489Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449488Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449487Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449486Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449485Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449484Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449483Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449482Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449481Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449480Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449479Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449478Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449477Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449476Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449475Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449474Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449473Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449472Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449471Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449470Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449469Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449468Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449467Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x204%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449466Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449465Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449464Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449463Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449462Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449461Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449460Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449459Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449458Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449457Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449456Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449455Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell0x1f0%%4432
0x10x1378C:\Windows\System32\conhost.exe-
4663101280100x80200000000000001449454Securityar-win-dc.attackrange.localATTACKRANGE\AdministratoradministratorATTACKRANGE0x811c5SecurityKey\REGISTRY\USER\ATTACKRANGE\Administrator\SOFTWARE\Microsoft\Windows\DWM