Skip to content

Instantly share code, notes, and snippets.

@enigma0x3

enigma0x3/rpc_dump_rs5.txt

Forked from masthoon/rpc_dump_rs5.txt
Created January 22, 2019 16:57
Show Gist options
  • Star 15 You must be signed in to star a gist
  • Fork 4 You must be signed in to fork a gist
  • Save enigma0x3/2e549345e7f0ac88fad130e2444bb702 to your computer and use it in GitHub Desktop.
Save enigma0x3/2e549345e7f0ac88fad130e2444bb702 to your computer and use it in GitHub Desktop.
Download ZIP
RPC interfaces RS5
Raw
rpc_dump_rs5.txt
--------------------------------------------------------------------------------
<WinProcess "smss.exe" pid 368 at 0x5306908L>
64
[!!] Invalid rpcrt4 base: 0x0 vs 0x7ffec24f0000
--------------------------------------------------------------------------------
<WinProcess "csrss.exe" pid 472 at 0x5306e48L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "wininit.exe" pid 548 at 0x5306780L>
64
Interfaces :
RPC 76f226c3-ec14-4325-8a99-6a46348418ae (1.0) -- C:\windows\system32\wininit.exe
0 -> I_WMsgkSendMessage
1 -> I_WMsgkSendPSPMessage
RPC 894de0c0-0d55-11d3-a322-00c04fa321a1 (1.0) -- C:\windows\system32\wininit.exe
0 -> s_BaseInitiateShutdown
1 -> s_BaseAbortShutdown
2 -> s_BaseInitiateShutdownEx
RPC d95afe70-a6d5-4259-822e-2c84da1ddb0d (1.0) -- C:\windows\system32\wininit.exe
0 -> s_WsdrInitiateShutdown
1 -> s_WsdrAbortShutdown
2 -> s_WsdrCheckForHiberboot
RPC 76f226c3-ec14-4325-8a99-6a46348418af (1.0) -- C:\windows\system32\wininit.exe
0 -> I_WMsgSendMessage
1 -> I_WMsgSendPSPMessage
2 -> I_WMsgSendNotifyMessage
3 -> I_WMsgSendReconnectionUpdateMessage
Endpoints :
ncalrpc : WMsgKRpc0551A0
ncacn_np : \PIPE\InitShutdown
ncalrpc : WindowsShutdown
ncacn_ip_tcp : 49664
--------------------------------------------------------------------------------
<WinProcess "csrss.exe" pid 564 at 0x53069e8L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "winlogon.exe" pid 644 at 0x5306860L>
64
Interfaces :
RPC 76f226c3-ec14-4325-8a99-6a46348418ae (1.0) -- C:\windows\system32\winlogon.exe
0 -> I_WMsgkSendMessage
1 -> I_WMsgkSendPSPMessage
RPC 76f226c3-ec14-4325-8a99-6a46348418af (1.0) -- C:\windows\system32\winlogon.exe
0 -> I_WMsgSendMessage
1 -> I_WMsgSendPSPMessage
2 -> I_WMsgSendNotifyMessage
3 -> I_WMsgSendReconnectionUpdateMessage
Endpoints :
ncalrpc : WMsgKRpc058201
--------------------------------------------------------------------------------
<WinProcess "services.exe" pid 684 at 0x5306320L>
64
Interfaces :
RPC 367abb81-9844-35f1-ad32-98f038001003 (2.0) -- C:\windows\system32\services.exe
0 -> RCloseServiceHandle
1 -> RControlService
2 -> RDeleteService
3 -> RLockServiceDatabase
4 -> RQueryServiceObjectSecurity
5 -> RSetServiceObjectSecurity
6 -> RQueryServiceStatus
7 -> RSetServiceStatus
8 -> RUnlockServiceDatabase
9 -> RNotifyBootConfigStatus
10 -> RI_ScSetServiceBitsW
11 -> RChangeServiceConfigW
12 -> RCreateServiceW
13 -> REnumDependentServicesW
14 -> REnumServicesStatusW
15 -> ROpenSCManagerW
16 -> ROpenServiceW
17 -> RQueryServiceConfigW
18 -> RQueryServiceLockStatusW
19 -> RStartServiceW
20 -> RGetServiceDisplayNameW
21 -> RGetServiceKeyNameW
22 -> CServiceRecord::GetStatusInternal
23 -> RChangeServiceConfigA
24 -> RCreateServiceA
25 -> REnumDependentServicesA
26 -> REnumServicesStatusA
27 -> ROpenSCManagerA
28 -> ROpenServiceA
29 -> RQueryServiceConfigA
30 -> RQueryServiceLockStatusA
31 -> RStartServiceA
32 -> RGetServiceDisplayNameA
33 -> RGetServiceKeyNameA
34 -> CServiceRecord::GetStatusInternal
35 -> REnumServiceGroupW
36 -> RChangeServiceConfig2A
37 -> RChangeServiceConfig2W
38 -> RQueryServiceConfig2A
39 -> RQueryServiceConfig2W
40 -> RQueryServiceStatusEx
41 -> REnumServicesStatusExA
42 -> REnumServicesStatusExW
43 -> RI_ScBroadcastServiceControlMessage
44 -> RCreateServiceWOW64A
45 -> RCreateServiceWOW64W
46 -> RI_ScQueryServiceTagInfo
47 -> RNotifyServiceStatusChange
48 -> RGetNotifyResults
49 -> RCloseNotifyHandle
50 -> RControlServiceExA
51 -> RControlServiceExW
52 -> RI_ScSendPnPMessage
53 -> RI_ScValidatePnPService
54 -> RI_ScOpenServiceStatusHandle
55 -> RI_ScQueryServiceConfig
56 -> RQueryServiceConfigEx
57 -> RI_ScRegisterPreshutdownRestart
58 -> RI_ScReparseServiceDatabase
59 -> RQueryUserServiceName
60 -> RCreateWowService
61 -> RGetServiceRegistryStateKey
62 -> RGetServiceDirectory
63 -> RGetServiceProcessToken
RPC a2c45f7c-7d32-46ad-96f5-adafb486be74 (1.0) -- C:\windows\system32\services.exe
0 -> RI_ScOpenServiceChannelHandle
1 -> RI_ScSendResponseReceiveControls
2 -> RI_ScCloseServiceChannelHandle
RPC 93149ca2-973b-11d1-8c39-00c04fb984f9 (0.0) -- C:\windows\SYSTEM32\scesrv.dll
0 -> SceSvcRpcQueryInfo
1 -> SceSvcRpcSetInfo
2 -> SceRpcSetupUpdateObject
3 -> SceRpcSetupMoveFile
4 -> SceRpcGenerateTemplate
5 -> SceRpcConfigureSystem
6 -> SceRpcGetDatabaseInfo
7 -> SceRpcGetObjectChildren
8 -> SceRpcOpenDatabase
9 -> SceRpcCloseDatabase
10 -> SceRpcGetDatabaseDescription
11 -> SceRpcGetDBTimeStamp
12 -> SceRpcGetObjectSecurity
13 -> SceRpcGetAnalysisSummary
14 -> SceRpcAnalyzeSystem
15 -> SceRpcUpdateDatabaseInfo
16 -> SceRpcUpdateObjectInfo
17 -> SceRpcStartTransaction
18 -> SceRpcCommitTransaction
19 -> SceRpcRollbackTransaction
20 -> SceRpcGetServerProductType
21 -> SceSvcRpcUpdateInfo
22 -> SceRpcCopyObjects
23 -> SceRpcSetupResetLocalPolicy
24 -> SceRpcNotifySaveChangesInGP
25 -> SceRpcControlNotificationQProcess
26 -> SceRpcBrowseDatabaseTable
27 -> SceRpcGetSystemSecurity
28 -> SceRpcGetSystemSecurity
29 -> SceRpcSetSystemSecurity
30 -> SceRpcSetSystemSecurity
31 -> SceRpcSetDatabaseSetting
32 -> SceRpcGetDatabaseSetting
33 -> SceRpcConfigureConvertedFileSecurityImmediately
Endpoints :
ncalrpc : ntsvcs
ncacn_np : \pipe\ntsvcs
ncacn_np : \PIPE\scerpc
ncacn_ip_tcp : 49677
--------------------------------------------------------------------------------
<WinProcess "lsass.exe" pid 692 at 0x53062b0L>
64
['KeyIso', 'SamSs', 'VaultSvc']
Interfaces :
RPC 12345778-1234-abcd-ef00-0123456789ab (0.0) -- C:\windows\system32\lsasrv.dll
0 -> LsarClose
1 -> CredrRename
2 -> LsarEnumeratePrivileges
3 -> LsarQuerySecurityObject
4 -> LsarSetSecurityObject
5 -> LsaITestCall
6 -> LsarOpenPolicyRPC
7 -> LsarQueryInformationPolicy
8 -> LsarSetInformationPolicy
9 -> LsaITestCall
10 -> LsarCreateAccount
11 -> LsarEnumerateAccounts
12 -> LsarCreateTrustedDomain
13 -> LsarEnumerateTrustedDomains
14 -> LsarLookupNames
15 -> LsarLookupSids
16 -> LsarCreateSecret
17 -> LsarOpenAccount
18 -> LsarEnumeratePrivilegesAccount
19 -> LsarAddPrivilegesToAccount
20 -> LsarRemovePrivilegesFromAccount
21 -> LsarGetQuotasForAccount
22 -> LsarSetQuotasForAccount
23 -> LsarGetSystemAccessAccount
24 -> LsarSetSystemAccessAccount
25 -> LsarOpenTrustedDomain
26 -> LsarQueryInfoTrustedDomain
27 -> LsarSetInformationTrustedDomain
28 -> LsarOpenSecret
29 -> LsarSetSecret
30 -> LsarQuerySecret
31 -> LsarLookupPrivilegeValue
32 -> LsarLookupPrivilegeName
33 -> LsarLookupPrivilegeDisplayName
34 -> LsarDeleteObject
35 -> LsarEnumerateAccountsWithUserRight
36 -> LsarEnumerateAccountRights
37 -> LsarAddAccountRights
38 -> LsarRemoveAccountRights
39 -> LsarQueryTrustedDomainInfo
40 -> LsarSetTrustedDomainInfo
41 -> LsarDeleteTrustedDomain
42 -> LsarStorePrivateData
43 -> LsarRetrievePrivateData
44 -> LsarOpenPolicy2
45 -> LsarGetUserName
46 -> LsarQueryInformationPolicy2
47 -> LsarSetInformationPolicy2
48 -> LsarQueryTrustedDomainInfoByName
49 -> LsarSetTrustedDomainInfoByName
50 -> LsarEnumerateTrustedDomainsEx
51 -> LsarCreateTrustedDomainEx
52 -> LsaITestCall
53 -> LsarQueryDomainInformationPolicy
54 -> LsarSetDomainInformationPolicy
55 -> LsarOpenTrustedDomainByName
56 -> LsaITestCall
57 -> LsarLookupSids2
58 -> LsarLookupNames2
59 -> LsarCreateTrustedDomainEx2
60 -> CredrWrite
61 -> CredrRead
62 -> CredrEnumerate
63 -> CredrWriteDomainCredentials
64 -> CredrReadDomainCredentials
65 -> CredrDelete
66 -> CredrGetTargetInfo
67 -> CredrProfileLoaded
68 -> LsarLookupNames3
69 -> CredrGetSessionTypes
70 -> LsarRegisterAuditEvent
71 -> LsarGenAuditEvent
72 -> LsarUnregisterAuditEvent
73 -> LsarQueryForestTrustInformation
74 -> LsarSetForestTrustInformation
75 -> CredrRename
76 -> LsarLookupSids3
77 -> LsarLookupNames4
78 -> LsarOpenPolicySce
79 -> LsarAdtRegisterSecurityEventSource
80 -> LsarAdtUnregisterSecurityEventSource
81 -> LsarAdtReportSecurityEvent
82 -> CredrFindBestCredential
83 -> LsarSetAuditPolicy
84 -> LsarQueryAuditPolicy
85 -> LsarEnumerateAuditPolicy
86 -> LsarEnumerateAuditCategories
87 -> LsarEnumerateAuditSubCategories
88 -> LsarLookupAuditCategoryName
89 -> LsarLookupAuditSubCategoryName
90 -> LsarSetAuditSecurity
91 -> LsarQueryAuditSecurity
92 -> CredrReadByTokenHandle
93 -> CredrRestoreCredentials
94 -> CredrBackupCredentials
95 -> LsarManageSidNameMapping
96 -> CredrProfileUnloaded
97 -> CredrRename
98 -> CredrRename
99 -> CredrRename
100 -> CredrRename
101 -> CredrRename
102 -> LsarEfsGetSmartcardCredentials
103 -> LsarAuditSetGlobalSacl
104 -> LsarAuditQueryGlobalSacl
105 -> CredrProfileLoadedEx
106 -> LsarInteractiveSessionIsLoggedOff
107 -> LsarConfigureAutoLogonCredentials
108 -> LsarGetDeviceRegistrationInfo
109 -> LsaITestCall
110 -> LsarProfileDeleted
111 -> LsaITestCall
112 -> CredrRename
113 -> LsarValidateProcUniqueLuid
114 -> LsarIsArsoAllowedByPolicy
115 -> LsarIsArsoAllowedByConsent
116 -> LsarEnableArsoConsent
117 -> LsarDisableArsoConsent
118 -> LsarIsArsoAllowedByPolicy
119 -> LsarIsUserArsoEnabled
120 -> LsarEnableUserArso
121 -> LsarDisableUserArso
122 -> LsarConfigureUserArso
123 -> LsarGetInprocDispatchTable
124 -> LsarSetSharedUserSession
125 -> LsarClearSharedUserSession
126 -> LsarEnablePasswordLessCurrentUser
127 -> LsarDisablePasswordLessCurrentUser
RPC ace1c026-8b3f-4711-8918-f345d17f5bff (1.0) -- C:\windows\system32\lsasrv.dll
0 -> S_RPC_LspUpdatePrivateData
1 -> S_RPC_LspReadPrivateData
RPC afc07e2e-311c-4435-808c-c483ffeec7c9 (1.0) -- C:\windows\system32\lsasrv.dll
0 -> LsarGetAvailableCAPIDs
1 -> LsarSetCAPs
2 -> LsarQueryCAPs
RPC c0d930f0-b787-4124-99bc-21f0ecb642ce (0.0) -- C:\windows\system32\lsasrv.dll
0 -> LsarConnectLocalUser
1 -> LsarDisconnectLocalUser
2 -> LsarCreateConnectedUser
3 -> LsarIsCurrentUserConnected
4 -> LsarRenewCertificate
5 -> LsarGetSSOAccountType
6 -> LsarIsUserMSA
RPC d25576e4-00d2-43f7-98f9-b4c0724158f9 (0.0) -- C:\windows\system32\lsasrv.dll
0 -> LsarEasMarkUserControlled
1 -> LsarEasGetCallerPasswordComplexity
2 -> LsarEasGetControlledUsersInfo
RPC c681d488-d850-11d0-8c52-00c04fd90f7e (1.0) -- C:\windows\system32\efslsaext.dll
0 -> EfsRpcOpenFileRaw_Downlevel
1 -> EfsRpcReadFileRaw_Downlevel
2 -> EfsRpcWriteFileRaw_Downlevel
3 -> EfsRpcCloseRaw_Downlevel
4 -> EfsRpcEncryptFileSrv_Downlevel
5 -> EfsRpcDecryptFileSrv_Downlevel
6 -> EfsRpcQueryUsersOnFile_Downlevel
7 -> EfsRpcQueryRecoveryAgents_Downlevel
8 -> EfsRpcRemoveUsersFromFile_Downlevel
9 -> EfsRpcAddUsersToFile_Downlevel
10 -> EfsRpcFileKeyInfoEx_Downlevel
11 -> EfsRpcFileKeyInfoEx_Downlevel
12 -> EfsRpcFileKeyInfo_Downlevel
13 -> EfsRpcDuplicateEncryptionInfoFile_Downlevel
14 -> EfsRpcFileKeyInfoEx_Downlevel
15 -> EfsRpcAddUsersToFileEx_Downlevel
16 -> EfsRpcFileKeyInfoEx_Downlevel
17 -> EfsRpcFileKeyInfoEx_Downlevel
18 -> EfsRpcFileKeyInfoEx_Downlevel
19 -> EfsRpcFileKeyInfoEx_Downlevel
20 -> EfsRpcFlushEfsCache_Downlevel
RPC fb8a0729-2d04-4658-be93-27b4ad553fac (1.0) -- C:\windows\system32\lsass.exe
0 -> LsaLookuprOpenPolicy2
1 -> LsaLookuprClose
2 -> LsaLookuprTranslateSids2
3 -> LsaLookuprTranslateNames3
4 -> LsaLookuprManageCache
5 -> LsaLookuprGetDomainInfo
6 -> LsaLookuprUserAccountType
RPC 4f32adc8-6052-4a04-8701-293ccf2096f0 (1.0) -- C:\windows\SYSTEM32\SspiSrv.dll
0 -> SspirConnectRpc
1 -> SspirDisconnectRpc
2 -> SspirDisconnectRpc
3 -> SspirCallRpc
4 -> SspirAcquireCredentialsHandle
5 -> SspirFreeCredentialsHandle
6 -> SspirProcessSecurityContext
7 -> SspirDeleteSecurityContext
8 -> SspirSslQueryCredentialsAttributes
9 -> SspirNegQueryContextAttributes
10 -> SspirSslSetCredentialsAttributes
11 -> SspirApplyControlToken
12 -> SspirLogonUser
13 -> SspirLookupAccountSid
14 -> SspirGetUserName
15 -> SspirGetInprocDispatchTable
RPC 11220835-5b26-4d94-ae86-c3e475a809de (1.0) -- C:\windows\system32\dpapisrv.dll
0 -> s_SSCryptProtectData
1 -> s_SSCryptUnprotectData
2 -> s_SSCryptUpdateProtectedState
RPC 5cbe92cb-f4be-45c9-9fc9-33e73e557b20 (1.0) -- C:\windows\system32\dpapisrv.dll
0 -> s_SSRecoverQueryStatus
1 -> s_SSRecoverImportRecoveryKey
2 -> s_SSRecoverPassword
RPC 7f1317a8-4dea-4fa2-a551-df5516ff8879 (1.0) -- C:\windows\system32\dpapisrv.dll
0 -> s_LRpcSIDKeyProtect
1 -> s_LRpcSIDKeyUnprotect
RPC 3919286a-b10c-11d0-9ba8-00c04fd92ef5 (0.0) -- C:\windows\system32\lsasrv.dll
0 -> DsRolerGetPrimaryDomainInformation
RPC 12345778-1234-abcd-ef00-0123456789ac (1.0) -- C:\windows\SYSTEM32\samsrv.dll
0 -> SamrConnect
1 -> SamrCloseHandle
2 -> SamrSetSecurityObject
3 -> SamrQuerySecurityObject
4 -> SamrShutdownSamServer
5 -> SamrLookupDomainInSamServer
6 -> SamrEnumerateDomainsInSamServer
7 -> SamrOpenDomain
8 -> SamrQueryInformationDomain
9 -> SamrSetInformationDomain
10 -> SamrCreateGroupInDomain
11 -> SamrEnumerateGroupsInDomain
12 -> SamrCreateUserInDomain
13 -> SamrEnumerateUsersInDomain
14 -> SamrCreateAliasInDomain
15 -> SamrEnumerateAliasesInDomain
16 -> SamrGetAliasMembership
17 -> SamrLookupNamesInDomain
18 -> SamrLookupIdsInDomain
19 -> SamrOpenGroup
20 -> SamrQueryInformationGroup
21 -> SamrSetInformationGroup
22 -> SamrAddMemberToGroup
23 -> SamrDeleteGroup
24 -> SamrRemoveMemberFromGroup
25 -> SamrGetMembersInGroup
26 -> SamrSetMemberAttributesOfGroup
27 -> SamrOpenAlias
28 -> SamrQueryInformationAlias
29 -> SamrSetInformationAlias
30 -> SamrDeleteAlias
31 -> SamrAddMemberToAlias
32 -> SamrRemoveMemberFromAlias
33 -> SamrGetMembersInAlias
34 -> SamrOpenUser
35 -> SamrDeleteUser
36 -> SamrQueryInformationUser
37 -> SamrSetInformationUser
38 -> SamrChangePasswordUser
39 -> SamrGetGroupsForUser
40 -> SamrQueryDisplayInformation
41 -> SamrGetDisplayEnumerationIndex
42 -> SamrTestPrivateFunctionsDomain
43 -> SamrTestPrivateFunctionsUser
44 -> SamrGetUserDomainPasswordInformation
45 -> SamrRemoveMemberFromForeignDomain
46 -> SamrQueryInformationDomain2
47 -> SamrQueryInformationUser2
48 -> SamrQueryDisplayInformation2
49 -> SamrGetDisplayEnumerationIndex2
50 -> SamrCreateUser2InDomain
51 -> SamrQueryDisplayInformation3
52 -> SamrAddMultipleMembersToAlias
53 -> SamrRemoveMultipleMembersFromAlias
54 -> SamrOemChangePasswordUser2
55 -> SamrUnicodeChangePasswordUser2
56 -> SamrGetDomainPasswordInformation
57 -> SamrConnect2
58 -> SamrSetInformationUser2
59 -> SamrSetBootKeyInformation
60 -> SamrGetBootKeyInformation
61 -> SamrConnect3
62 -> SamrConnect4
63 -> SamrUnicodeChangePasswordUser3
64 -> SamrConnect5
65 -> SamrRidToSid
66 -> SamrSetDSRMPassword
67 -> SamrValidatePassword
68 -> SamrQueryLocalizableAccountsInDomain
69 -> SamrPerformGenericOperation
70 -> SamrSyncDSRMPasswordFromAccount
71 -> SamrLookupNamesInDomain2
72 -> SamrEnumerateUsersInDomain2
RPC b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 (2.0) -- C:\windows\system32\keyiso.dll
0 -> s_SrvRpcCreateContext
1 -> s_SrvRpcReleaseContext
2 -> s_SrvRpcCryptOpenStorageProvider
3 -> s_SrvRpcCryptIsAlgSupported
4 -> s_SrvRpcCryptEnumAlgorithms
5 -> s_SrvRpcCryptEnumKeys
6 -> s_SrvRpcCryptFreeBuffer
7 -> s_SrvRpcCryptFreeProvider
8 -> s_SrvRpcCryptFreeKey
9 -> s_SrvRpcCryptOpenKey
10 -> s_SrvRpcCryptCreatePersistedKey
11 -> s_SrvRpcCryptGetProviderProperty
12 -> s_SrvRpcCryptSetProviderProperty
13 -> s_SrvRpcCryptGetKeyProperty
14 -> s_SrvRpcCryptSetKeyProperty
15 -> s_SrvRpcCryptFinalizeKey
16 -> s_SrvRpcCryptEncrypt
17 -> s_SrvRpcCryptDecrypt
18 -> s_SrvRpcCryptImportKey
19 -> s_SrvRpcCryptExportKey
20 -> s_SrvRpcCryptSignHash
21 -> s_SrvRpcCryptVerifySignature
22 -> s_SrvRpcCryptDeleteKey
23 -> s_SrvRpcCryptNotifyChangeKey
24 -> s_SrvRpcCryptSecretAgreement
25 -> s_SrvRpcCryptDeriveKey
26 -> s_SrvRpcCryptFreeSecret
27 -> s_SrvRpcCryptCipherEncrypt
28 -> s_SrvRpcCryptCipherDecrypt
29 -> s_SrvRpcCryptKeyDerivation
30 -> s_SrvRpcCryptCreateClaim
31 -> s_SrvRpcCryptVerifyClaim
RPC 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b (1.0) -- C:\windows\system32\keyiso.dll
0 -> s_GetSymmetricPopKeyTransportKey
1 -> s_GetSymmetricPopKeyTransportKeyName
2 -> s_DeleteSymmetricPopKeyTransportKey
3 -> s_ImportSymmetricPopKey
4 -> s_SignWithSymmetricPopKey
5 -> s_VerifyWithSymmetricPopKey
6 -> s_DecryptWithSymmetricPopKey
7 -> s_EncryptWithSymmetricPopKey
8 -> s_GetKeyAttestationForContainerService
9 -> s_RenewKeyAttestation
10 -> s_GetPregenUserKey
11 -> s_GetPregenKeyState
RPC 51a227ae-825b-41f2-b4a9-1ac9557a1018 (1.0) -- C:\windows\system32\keyiso.dll
0 -> s_TokenBindingGenerateTpmKeyFromSoftware
RPC bb8b98e8-84dd-45e7-9f34-c3fb6155eeed (1.0) -- C:\Windows\System32\vaultsvc.dll
0 -> VltCreateItemType
1 -> VltDeleteItemType
2 -> VltEnumerateItemTypes
3 -> VltAddItem
4 -> VltFindItems
5 -> VltEnumerateItems
6 -> VltGetItem
7 -> VltRemoveItem
8 -> VltGetItemType
9 -> VltOpenVault
10 -> VltCloseVault
11 -> VltGetInformation
12 -> VltEnumerateVaults
13 -> VltEnumerateSettingUnits
14 -> VltGetSettingUnit
15 -> VltApplySettingUnit
16 -> VltRemoveSettingUnit
17 -> VltTriggerSync
18 -> VltGetSettingUnitInfo
Endpoints :
ncacn_np : \pipe\lsass
ncalrpc : audit
ncalrpc : securityevent
ncalrpc : LSARPC_ENDPOINT
ncalrpc : lsacap
ncalrpc : LSA_IDPEXT_ENDPOINT
ncalrpc : LSA_EAS_ENDPOINT
ncalrpc : lsapolicylookup
ncalrpc : lsasspirpc
ncalrpc : protected_storage
ncalrpc : SidKey Local End Point
ncalrpc : samss lpc
ncacn_ip_tcp : 49678
ncalrpc : Vault
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 808 at 0x5306e10L>
64
['PlugPlay']
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "fontdrvhost.exe" pid 832 at 0x5306ba8L>
64
[!!] Invalid rpcrt4 base: 0x0 vs 0x7ffec24f0000
--------------------------------------------------------------------------------
<WinProcess "fontdrvhost.exe" pid 828 at 0x5306898L>
64
[!!] Invalid rpcrt4 base: 0x0 vs 0x7ffec24f0000
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 844 at 0x53064a8L>
64
['BrokerInfrastructure', 'DcomLaunch', 'Power', 'SystemEventsBroker']
Interfaces :
RPC 6c9b7b96-45a8-4cca-9eb3-e21ccf8b5a89 (1.1) -- c:\windows\system32\umpo.dll
0 -> UmpoRpcGetPowerConfiguration
1 -> UmpoRpcReadFromSystemPowerKey
2 -> UmpoRpcReadFromUserPowerKey
3 -> UmpoRpcReadACValue
4 -> UmpoRpcReadDCValue
5 -> UmpoRpcWriteToSystemPowerKey
6 -> UmpoRpcWriteToUserPowerKey
7 -> UmpoRpcApplyPowerRequestOverride
8 -> UmpoRpcApplyPowerSetting
9 -> UmpoRpcSetActiveScheme
10 -> UmpoRpcGetActiveScheme
11 -> UmpoRpcSetActiveOverlayScheme
12 -> UmpoRpcGetActualOverlayScheme
13 -> UmpoRpcGetEffectiveOverlayScheme
14 -> UmpoRpcGetOverlaySchemes
15 -> UmpoRpcRestoreDefaultScheme
16 -> UmpoRpcRestoreDefaultSchemesAll
17 -> UmpoRpcDuplicateScheme
18 -> UmpoRpcDeleteScheme
19 -> UmpoRpcImportScheme
20 -> UmpoRpcReplaceDefaultPowerSchemes
21 -> UmpoRpcLegacyEventRegisterNotification
22 -> UmpoRpcEnumerate
23 -> UmpoRpcReadSecurityDescriptor
24 -> UmpoRpcWriteSecurityDescriptor
25 -> UmpoRpcSettingAccessCheck
26 -> UmpoRpcCreateSetting
27 -> UmpoRpcCreatePossibleSetting
28 -> UmpoRpcRemoveSetting
29 -> UmpoSetExpectedUserAwayIntervals
30 -> UmpoClearExpectedUserAwayIntervals
31 -> UmpoGetMinUserAwayPredictionInterval
32 -> UmpoRpcGetAdaptiveStandbyDiagnostics
RPC 9b8699ae-0e44-47b1-8e7f-86a461d7ecdc (0.0) -- c:\windows\system32\rpcss.dll
0 -> _LaunchActivatorServer
1 -> _LaunchRunAsServer
2 -> _LaunchService
3 -> _LaunchWinRTActivatorServer
4 -> _LaunchWinRTRunAsServer
5 -> _LaunchWinRTService
6 -> _CertifyServerIdentity
7 -> _QueryNTService
8 -> _QueryNTServiceType
9 -> ControlNTService
10 -> PrivTranslateShareName
11 -> GenericStreamBase<IMarshalingStream,AllocationWrapper>::Commit
12 -> IsPortOpen
13 -> TickleActivationSettings
14 -> QueryProcessArchitecture
15 -> PrivilegedNotifyWinRTActivationStoreChanged
16 -> _QueryUserSidForSession
17 -> PrivActivatePsmServer
18 -> _PrivGetUserTokenForSession
19 -> PrivGetBrokerToken
20 -> PrivGetDesktopWinRTBrokerToken
21 -> PrivGetPsmToken
22 -> GetSessionUserTokenCacheDetails
23 -> PrivilegedNotifyComClassChangesFromDeployment
24 -> PrivGetPsmTokenWithDynamicId
25 -> PrivGetInteractiveUserToken
26 -> PrivReportUnhealthyProcess
27 -> PrivNormalizePsmTokenHostId
RPC 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 (1.0) -- c:\windows\system32\psmsrv.dll
0 -> PsmSrvActivateApplication
1 -> PsmSrvCloseActivationChannel
2 -> PsmSrvOpenActivationChannel
3 -> PsmSrvRegisterProcess
RPC 085b0334-e454-4d91-9b8c-4134f9e793f3 (1.0) -- c:\windows\system32\psmsrv.dll
0 -> PsmSrvOpenManagementChannel
1 -> PsmSrvSetApplicationState
2 -> PsmSrvSetApplicationPriority
3 -> PsmSrvReleaseCacheEntry
4 -> PsmSrvAcquireCachedEntries
5 -> PsmSrvQueryApplicationSwapState
6 -> PsmSrvCloseActivationChannel
7 -> PsmSrvSetApplicationProperties
8 -> PsmSrvQueryApplicationProperties
9 -> PsmSrvQueryApplicationResourceUsage
10 -> PsmSrvQueryMemoryUsage
11 -> PsmSrvResetMaxMemoryUsage
12 -> PsmSrvQuerySharedCommit
RPC 8782d3b9-ebbd-4644-a3d8-e8725381919b (1.0) -- c:\windows\system32\psmsrv.dll
0 -> PsmSrvRegisterQuiesceResumeApp
1 -> PsmSrvQuiesceCallbacksComplete
2 -> PsmSrvCloseActivationChannel
RPC 3b338d89-6cfa-44b8-847e-531531bc9992 (1.0) -- c:\windows\system32\psmsrv.dll
0 -> PsmSrvQueryApplicationPerformanceInformation
1 -> PsmSrvQueryQuotaInformation
RPC bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 (1.0) -- c:\windows\system32\psmsrv.dll
0 -> PsmSrvOpenTcChannel
1 -> PsmSrvApplyTaskCompletion
2 -> PsmSrvRegisterDynamicProcess
3 -> PsmSrvCloseActivationChannel
4 -> PsmSrvGetSessionInfo
RPC 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 (1.0) -- c:\windows\system32\psmsrv.dll
0 -> PsmSrvRegisterAppPriorityNotification
1 -> PsmSrvQueryApplicationResourceUsageForTimer
2 -> PsmSrvTimerStart
3 -> PsmSrvTimerCleanup
4 -> PsmSrvTimerRemainingResourceTimeGet
5 -> PsmSrvTimerElapsedResourceTimeGet
RPC 0361ae94-0316-4c6c-8ad8-c594375800e2 (1.0) -- c:\windows\system32\psmsrv.dll
0 -> PsmSrvQueryCurrentApplications
1 -> PsmSrvQueryApplicationHosts
2 -> PsmSrvQueryApplicationHostExecutionState
3 -> PsmSrvQueryApplicationHostJob
4 -> PsmSrvConnect
5 -> PsmSrvDisconnect
6 -> PsmSrvSubscribeToNotifications
7 -> PsmSrvUnsubscribeFromNotifications
RPC 2d98a740-581d-41b9-aa0d-a88b9d5ce938 (1.0) -- C:\windows\SYSTEM32\bisrv.dll
0 -> RBiSrvActivateDeferredWorkItem
1 -> RBiSrvActivateInBackground
2 -> RBiSrvActivateWorkItem
3 -> RBiSrvAssociateActivationProxy
4 -> RBiSrvAssociateApplicationExtensionClass
5 -> RBiSrvCancelWorkItem
6 -> RBiSrvCreateEvent
7 -> RBiSrvCreateEventForPackageName
8 -> RBiSrvDeleteEvent
9 -> RBiSrvDisassociateWorkItem
10 -> RBiSrvDiscardPendingActivations
11 -> RBiSrvEnumerateBrokeredEvents
12 -> RBiSrvEnumerateUserContexts
13 -> RBiSrvEnumerateUserSessions
14 -> RBiSrvEnumerateWorkItemsForPackageName
15 -> RBiPtSrvGetStatusStateNameFromBrokerEventId
16 -> RBiSrvQueryBrokeredEvent
17 -> RBiSrvQuerySystemStateBroadcastChannels
18 -> RBiSrvQueryUserContext
19 -> RBiSrvQueryUserSession
20 -> RBiSrvQueryWorkItem
21 -> RBiPtSrvQueryWorkItemStatusStateName
22 -> RBiSrvSignalEvent
23 -> RBiSrvSignalMultipleEvents
24 -> RBiSrvSignalTriggerEvent
25 -> RBiSrvUpdateEventParameters
26 -> RBiSrvUpdateEventFlags
27 -> RBiSrvUpdateEventInformation
RPC 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a (1.0) -- C:\windows\SYSTEM32\bisrv.dll
0 -> RBiSrvActivateWorkItemForUser
1 -> RBiSrvChangeApplicationStateForPackageNameForUser
2 -> RBiSrvChangeApplicationStateForPsmKeyForUser
3 -> RBiSrvChangeUserState
4 -> RBiSrvEnumerateWorkItemsForPackageNameAndUser
5 -> RBiSrvGetActiveBackgroundTasksEventForUser
6 -> RBiSrvGetCancellationTimeoutInMs
7 -> RBiSrvIsApplicationTerminateSensitiveForUser
8 -> RBiSrvNotifyEndSession
9 -> RBiSrvNotifyNewSession
10 -> RBiSrvNotifyNewSessionComplete
11 -> RBiSrvNotifyNewUser
12 -> RBiSrvQueryWorkItemForUser
13 -> RBiSrvResetActiveUserForPackage
14 -> RBiSrvSetActiveUserForPackage
15 -> RBiSrvTerminateApplicationHostForUser
16 -> RBiSrvUpdateBackgroundAccessApplicationsForUser
RPC 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 (1.0) -- C:\windows\SYSTEM32\bisrv.dll
0 -> RBiRtSrvAddWaitableEvent
1 -> RBiRtSrvAssociateWorkItem
2 -> RBiRtSrvCreateEvent
3 -> RBiRtSrvCreateEventForApp
4 -> RBiRtSrvCreateStatusStateName
5 -> RBiRtSrvDeleteEvent
6 -> RBiRtSrvDisassociateWorkItem
7 -> RBiRtSrvEnumerateBrokeredEvents
8 -> RBiRtSrvEnumerateWorkItems
9 -> RBiRtSrvGetWorkItemProperties
10 -> RBiRtSrvInitiatePause
11 -> RBiRtSrvQueryBrokerEventId
12 -> RBiRtSrvQueryBrokerEventIdFromWorkItem
13 -> RBiRtSrvRegisterWorkItem
14 -> RBiRtSrvSignalEvent
15 -> RBiRtSrvUpdateEventParameters
RPC c605f9fb-f0a3-4e2a-a073-73560f8d9e3e (1.0) -- C:\windows\SYSTEM32\bisrv.dll
0 -> RBiSrvSignalEvent
RPC 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e (1.0) -- C:\windows\SYSTEM32\bisrv.dll
0 -> RBiPtSrvActivateDeferredWorkItem
1 -> RBiPtSrvActivateInBackground
2 -> RBiPtSrvActivateWorkItem
3 -> RBiPtSrvAssociateActivationProxy
4 -> RBiPtSrvAssociateApplicationEntryPoint
5 -> RBiPtSrvCancelWorkItem
6 -> RBiPtSrvCreateEvent
7 -> RBiPtSrvCreateEventForApp
8 -> RBiPtSrvCreateEventForPackageName
9 -> RBiPtSrvDeleteEvent
10 -> RBiPtSrvDisableWorkItem
11 -> RBiPtSrvDisassociateWorkItem
12 -> RBiPtSrvEnableWorkItem
13 -> RBiPtSrvEnumerateBrokeredEvents
14 -> RBiPtSrvEnumerateWorkItemsForPackageName
15 -> RBiPtSrvGetStatusStateNameFromBrokerEventId
16 -> RBiPtSrvQueryBrokeredEvent
17 -> RBiPtSrvQueryBrokerEventId
18 -> RBiPtSrvQuerySystemStateBroadcastChannels
19 -> RBiPtSrvQueryWorkItem
20 -> RBiPtSrvQueryWorkItemStatusStateName
21 -> RBiPtSrvSignalEvent
22 -> RBiPtSrvSignalMultipleEvents
23 -> RBiPtSrvSignalTriggerEvent
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
RPC 2513bcbe-6cd4-4348-855e-7efb3c336dd3 (1.0) -- C:\windows\SYSTEM32\bisrv.dll
0 -> SrvOdbCreateSession
1 -> SrvOdbCompleteSession
2 -> SrvOdbLaunchBackgroundTask
3 -> SrvOdbCancelBackgroundTask
4 -> SrvOdbCancelBackgroundTasksForPackage
RPC 20c40295-8dba-48e6-aebf-3e78ef3bb144 (1.0) -- C:\windows\SYSTEM32\bisrv.dll
0 -> SrvOdbPtCreateSession
1 -> SrvOdbPtCompleteSession
2 -> SrvOdbPtLaunchBackgroundTask
3 -> SrvOdbPtCancelBackgroundTask
4 -> SrvOdbPtCancelBackgroundTasksForPackage
RPC b8cadbaf-e84b-46b9-84f2-6f71c03f9e55 (1.0) -- C:\windows\SYSTEM32\bisrv.dll
0 -> SrvOdbLbPublishLegacyExitCode
RPC 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf (1.0) -- C:\windows\SYSTEM32\bisrv.dll
0 -> SrvOdbPrivGetLaunchInfo
RPC 55e6b932-1979-45d6-90c5-7f6270724112 (1.0) -- C:\windows\SYSTEM32\resourcepolicyserver.dll
0 -> Srv_GetResourcePolicyKey
1 -> Srv_GetResourcePolicyInformation
2 -> Srv_CreateResourcePolicy
3 -> Srv_GetResourcePolicyName
4 -> Srv_CreatePolicyEngineClientContext
5 -> Srv_ClosePolicyEngineClientContext
6 -> Srv_RegisterForPackageEnergyStateChangeNotifications
7 -> Srv_IsPackageInGoodEnergyState
8 -> Srv_InterruptiveUIStateChanged_Subscribe
9 -> Srv_InterruptiveUIStateChanged_Unsubscribe
RPC 76c217bc-c8b4-4201-a745-373ad9032b1a (1.0) -- C:\windows\SYSTEM32\resourcepolicyserver.dll
0 -> Srv_QueryApplicationEnergyUsage
1 -> Srv_GetDeviceSpecificConversionFactor
2 -> Srv_ResetTotalEnergyUsage
RPC 88abcbc3-34ea-76ae-8215-767520655a23 (0.0) -- C:\windows\SYSTEM32\resourcepolicyserver.dll
0 -> GcsSrv_GetGameConfigSize
1 -> GcsSrv_GetGameConfig
2 -> GcsSrv_GetGameConfigSizeForClientProcess
3 -> GcsSrv_GetGameConfigForClientProcess
4 -> GcsSrv_ModifyGameConfig
5 -> GcsSrv_AddGameConfig
6 -> GcsSrv_RemoveGameConfig
7 -> GcsSrv_GetGameIdByAUMID
8 -> GcsSrv_GetGameIdByPID
9 -> GcsSrv_GetGameIdCount
10 -> GcsSrv_GetAllGameIds
11 -> GcsSrv_GetGameIdsByExeNameCount
12 -> GcsSrv_GetGameIdsByExeName
13 -> GcsSrv_GetGameProperty
14 -> GcsSrv_GetGamePropertySize
15 -> GcsSrv_SetGameProperty
16 -> GcsSrv_GetGlobalProperty
17 -> GcsSrv_GetGlobalPropertySize
18 -> GcsSrv_SetGlobalProperty
19 -> GcsSrv_SetGamePropertyUserOverride
20 -> GcsSrv_GetGamePropertyIsUserOverride
RPC 2c7fd9ce-e706-4b40-b412-953107ef9bb0 (0.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> RmgrSrv_RegisterWithServer
1 -> RmgrSrv_RmSetMemoryUsageLimit
2 -> RmgrSrv_RmRegisterResource
3 -> RmgrSrv_RmAccessCheck
4 -> RmgrSrv_RmAccessCheckOnCaller
5 -> RmgrSrv_RmAvailabilityCheck
6 -> RmgrSrv_RmAcquireResources
7 -> RmgrSrv_RmGetNotification
8 -> RmgrSrv_RmReleaseResources
RPC c521facf-09a9-42c5-b155-72388595cbf0 (0.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> RmtSrv_RM_ConnectToServer
1 -> RmtSrv_RM_DisconnectFromServer
2 -> RmtSrv_RM_AcquireResourceSet
3 -> RmtSrv_RS_Apply
4 -> RmtSrv_RS_ReleaseResources
5 -> ExecutionModel::BaseResourceSet::OnAccessLost
6 -> RmtSrv_RS_SetExternalResourcePriorities
7 -> ExecutionModel::BaseResourceSet::OnAccessLost
RPC 1832bcf6-cab8-41d4-85d2-c9410764f75a (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> RmCoreRpcSrvConnectToRmServer
1 -> RmCoreRpcSrvDisconnectFromRmServer
2 -> RmCoreRpcSrvRegisterActivityHostCallbacks
3 -> RmCoreRpcSrvUnregisterActivityHostCallbacks
4 -> RmCoreRpcSrvAcquireResourceSet
5 -> RmCoreRpcSrvApplyResourceSet
6 -> RmCoreRpcSrvReleaseResourceSet
7 -> CrmRpcSrvActivityRenew
8 -> RmCoreRpcSrvQueryHostMemoryLimitValues
RPC 4dace966-a243-4450-ae3f-9b7bcb5315b8 (2.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> RmGameModeSrvRegisterProcess
1 -> RmGameModeSrvUnregisterProcess
2 -> RmGameModeSrvDisableForRegisteredProcess
3 -> RmGameModeSrvReenableForRegisteredProcess
4 -> RmGameModeSrvGetLargestValidResourceRequest
5 -> RmGameModeSrvRegisterPairedAuxiliaryProcess
RPC 178d84be-9291-4994-82c6-3f909aca5a03 (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> RmGameModeRSrvRegisterProcess
1 -> RmGameModeRSrvUnregisterProcess
2 -> RmGameModeRSrvDisableForRegisteredProcess
3 -> RmGameModeRSrvReenableForRegisteredProcess
4 -> RmGameModeRSrvRegisterPairedAuxiliaryProcess
RPC e53d94ca-7464-4839-b044-09a2fb8b3ae5 (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> HamRpcSrvConnect
1 -> HamRpcSrvDisconnect
2 -> HamRpcSrvCreateActivity
3 -> HamRpcSrvCreateActivityForProcess
4 -> HamRpcSrvCreateAutoRestartActivity
5 -> HamRpcSrvStartActivityAsync
6 -> HamRpcSrvStopActivity
7 -> HamRpcSrvUpdateActivityProperties
8 -> HamRpcSrvTerminateActivityHost
9 -> HamRpcSrvSetExternalResourcePriority
10 -> HamRpcSrvResetExternalResourcePriority
11 -> HamRpcSrvCloseActivity
12 -> HamRpcSrvIsHostBeingDebugged
13 -> HamRpcSrvTerminateHostOnProcessExit
14 -> HamRpcSrvGetApplicationInterruptiveUIState
15 -> HamRpcSrvGetPackageInterruptiveUIState
16 -> HamRpcSrvGetInterruptiveUIStateForAumid
RPC fae436b0-b864-4a87-9eda-298547cd82f2 (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> HamRpcSrvConnectDebugging
1 -> HamRpcSrvDisconnect
2 -> HamRpcSrvDebugOpenPackageHandle
3 -> HamRpcSrvDebugClosePackageHandle
4 -> HamRpcSrvDebugModeEnable
5 -> HamRpcSrvDebugTerminatePackage
6 -> HamRpcSrvDebugQueryPackageState
7 -> HamRpcSrvDebugSuspendPackage
RPC 082a3471-31b6-422a-b931-a54401960c62 (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> HamRpcSrvConnectExtendedExecution
1 -> HamRpcSrvDisconnect
2 -> HamRpcSrvIsHostHamManaged
3 -> HamRpcSrvQueryTaskCompletionsForTerminateGraph
4 -> HamRpcSrvCreateExtendedExecution
5 -> HamRpcSrvStartExtendedExecutionAsync
6 -> HamRpcSrvCloseActivity
7 -> HamRpcSrvAddDependency
8 -> HamRpcSrvRemoveDependency
9 -> HamRpcSrvAddHostDependency
10 -> HamRpcSrvRemoveHostDependency
11 -> HamRpcSrvTerminateSelf
12 -> HamRpcSrvTerminateSelfOnRequiredProcessExit
13 -> HamRpcSrvTryEstimateRemainingQuiesceTime
RPC 6982a06e-5fe2-46b1-b39c-a2c545bfa069 (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> HamRpcSrvConnectFullTrust
1 -> HamRpcSrvDisconnect
2 -> HamRpcSrvFullTrustOpenPackageHandle
3 -> HamRpcSrvDebugClosePackageHandle
4 -> HamRpcSrvDebugTerminatePackage
RPC 0ff1f646-13bb-400a-ab50-9a78f2b7a85a (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> HamRpcSrvFindOrCreateHostId
1 -> HamRpcSrvCreateSingleUseHostId
2 -> HamRpcSrvRetrieveDynamicIdForHostId
RPC 4ed8abcc-f1e2-438b-981f-bb0e8abc010c (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> HamRpcSrvConnectStateChangeNotifications
1 -> HamRpcSrvDisconnect
2 -> HamRpcSrvGetApplicationStateForPsmKey
3 -> HamRpcSrvTerminateIfSuspendedByProcess
RPC 95406f0b-b239-4318-91bb-cea3a46ff0dc (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> HamRpcSrvConnectServicing
1 -> HamRpcSrvDisconnect
2 -> HamRpcSrvFullTrustOpenPackageHandle
3 -> HamRpcSrvDebugClosePackageHandle
4 -> HamRpcSrvServicingQueryActiveAppsInPackage
5 -> HamRpcSrvServicingEnableServicing
6 -> HamRpcSrvDebugTerminatePackage
RPC 0d47017b-b33b-46ad-9e18-fe96456c5078 (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> HamRpcSrvConnectSessionState
1 -> HamRpcSrvDisconnect
2 -> HamRpcSrvSessionStateLogoffUser
3 -> HamRpcSrvSessionStateLogoffSession
RPC dd59071b-3215-4c59-8481-972edadc0f6a (1.0) -- C:\windows\SYSTEM32\psmserviceexthost.dll
0 -> CrmRpcSrvRegister
1 -> CrmRpcSrvUnregister
2 -> CrmRpcSrvActivityAllocate
3 -> CrmRpcSrvActivityQueryWindowClosedReasons
4 -> CrmRpcSrvActivityFree
5 -> CrmRpcSrvActivityStart
6 -> CrmRpcSrvActivityRenew
7 -> CrmRpcSrvActivityStop
8 -> CrmRpcSrvActivityWindowClosedReasonSubscribe
9 -> CrmRpcSrvActivityWindowClosedReasonUnsubscribe
RPC d09bdeb5-6171-4a34-bfe2-06fa82652568 (1.0) -- c:\windows\system32\BrokerLib.dll
0 -> _BriCreateEvent
1 -> _BriDeleteEvent
2 -> BriDisableEvent
3 -> BriEnableEvent
4 -> BriSignalEvent
RPC 9b008953-f195-4bf9-bde0-4471971e58ed (1.0) -- c:\windows\system32\systemeventsbrokerserver.dll
0 -> SebiEnumerateEvents
1 -> _SebiEnumerateEventsByType
2 -> _SebiQueryEventData
3 -> SebiQueryEventPackage
4 -> _SebiSignalSyncEventEx
5 -> SebiGetUserPresenceHistory
RPC 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 (1.0) -- c:\windows\system32\systemeventsbrokerserver.dll
0 -> CSebiCreateWellKnownEvent
1 -> _CSebiCreatePrivateEvent
2 -> _CSebiDeleteEvent
3 -> CSebiEnumerateEvents
4 -> CSebiQueryEventData
5 -> CSebiCreateCustomEvent
RPC 1377d115-98fd-4034-b574-111156ca239c (1.0) -- c:\windows\system32\systemeventsbrokerserver.dll
0 -> _CSebiRegisterPublisher
1 -> CSebiPublisherUpdateLevelEvent
2 -> CSebiUnregisterPublisher
RPC 7419cf08-91a7-4afd-8f5e-1dd76de094fd (1.0) -- c:\windows\system32\DAB.dll
0 -> s_DabRpcRegisterTriggerConsumer
1 -> s_DabRpcUnregisterTriggerConsumer
2 -> s_DabRpcGetLastScheduledRunTime
RPC fc48cd89-98d6-4628-9839-86f7a3e4161a (1.0) -- C:\Windows\System32\ACPBackgroundManagerPolicy.dll
0 -> MVoipSrvNotifyVoipActiveCall
1 -> MVoipSrvNotifyVoipActivityCompleted
2 -> MVoipSrvHoldActiveCall
3 -> MVoipSrvUnholdActiveCall
4 -> MVoipSrvNotifyIncomingCallDialogDisplayed
5 -> MVoipSrvNotifyIncomingCallDialogDismissed
6 -> MVoipSrvLaunchVoipRtcTask
7 -> MVoipSrvLaunchVoipActivity
8 -> MVoipSrvCancelVoipCall
OLE 7656cfa4-b63a-4542-a8de-ef402bac895d (0.0) -- IUserApplicationStateChangeHandler
OLE 43c6b434-c1be-4ad2-af03-c0deaccebd1f (0.0) -- IBackgroundAccessStateChangeHandler
OLE 0166231b-fd21-4e33-a713-75eb3207a138 (0.0) -- IBackgroundWorkItemInstanceRemote
Endpoints :
ncalrpc : umpo
ncalrpc : actkernel
ncalrpc : LRPC-52052fd65c5c272467
ncalrpc : OLE0B4A1FCA316D75160A1E9D74EAA9
ncalrpc : LRPC-4ab018e2789c955e4e
ncalrpc : LRPC-10ae42bf2b12c862e5
ncalrpc : LRPC-72ebfc69859a71292b
ncalrpc : LRPC-841d50e1fe23b6a7d7
ncalrpc : LRPC-b950717adfd86cb405
ncalrpc : csebpub
ncalrpc : dabrpc
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 940 at 0x5306550L>
64
['RpcEptMapper', 'RpcSs']
Interfaces :
RPC e1af8308-5d1f-11c9-91a4-08002b14a0fa (3.0) -- c:\windows\system32\rpcepmap.dll
0 -> ept_delete
1 -> ept_delete
2 -> ept_lookup
3 -> ept_map
4 -> ept_lookup_handle_free
5 -> ept_delete
6 -> ept_delete
7 -> ept_map_auth
8 -> ept_map_auth_async
RPC 0b0a6584-9e0f-11cf-a3cf-00805f68cb1b (1.1) -- c:\windows\system32\rpcepmap.dll
0 -> OpenEndpointMapper
1 -> AllocateReservedIPPort
2 -> ept_insert_ex
3 -> ept_delete_ex
4 -> SetRestrictRemoteClients
5 -> ResetWithNoAuthException
RPC 1d55b526-c137-46c5-ab79-638f2a68e869 (1.0) -- c:\windows\system32\rpcepmap.dll
0 -> RemoteGetCellByDebugCellID
1 -> RemoteOpenRPCDebugCallInfoEnumeration
2 -> RemoteGetNextRPCDebugCallInfo
3 -> RemoteFinishRPCDebugCallInfoEnumeration
4 -> RemoteOpenRPCDebugEndpointInfoEnumeration
5 -> RemoteGetNextRPCDebugEndpointInfo
6 -> RemoteFinishRPCDebugEndpointInfoEnumeration
7 -> RemoteOpenRPCDebugThreadInfoEnumeration
8 -> RemoteGetNextRPCDebugThreadInfo
9 -> RemoteFinishRPCDebugThreadInfoEnumeration
10 -> RemoteOpenRPCDebugClientCallInfoEnumeration
11 -> RemoteGetNextRPCDebugClientCallInfo
12 -> RemoteFinishRPCDebugClientCallInfoEnumeration
RPC 64fe0b7f-9ef5-4553-a7db-9a1975777554 (1.0) -- C:\windows\system32\RpcRtRemote.dll
0 -> FwConnectToManager
1 -> FwSubscribeForNewRulesNotification
2 -> FwInterfaceRegistered
RPC e60c73e6-88f9-11cf-9af1-0020af6e72f4 (2.0) -- c:\windows\system32\rpcss.dll
0 -> _Connect
1 -> _SetAppID
2 -> GetDefaultSecurityPermissions
3 -> _AllocateReservedIds
4 -> _BulkUpdateOIDs
5 -> _ClientResolveOXID
6 -> _ServerAllocateOXIDAndOIDs
7 -> _ServerAllocateOIDs
8 -> _ServerFreeOXIDAndOIDs
9 -> _SetServerOIDFlags
10 -> _Disconnect
11 -> GetUpdatedResolverBindings
RPC 99fcfec4-5260-101b-bbcb-00aa0021347a (0.0) -- c:\windows\system32\rpcss.dll
0 -> ResolveOxid
1 -> SimplePing
2 -> ComplexPing
3 -> ServerAlive
4 -> ResolveOxid2
5 -> ServerAlive2
RPC b9e79e60-3d52-11ce-aaa1-00006901293f (0.2) -- c:\windows\system32\rpcss.dll
0 -> IrotRegister
1 -> IrotRevoke
2 -> IrotIsRunning
3 -> IrotGetObject
4 -> IrotNoteChangeTime
5 -> IrotGetTimeOfLastChange
6 -> IrotEnumRunning
7 -> IMgotRegister
8 -> IMgotRevoke
9 -> IMgotGetObject
10 -> IMgotEnumRunning
RPC 412f241e-c12a-11ce-abff-0020af6e7a17 (0.2) -- c:\windows\system32\rpcss.dll
0 -> ServerRegisterClsid
1 -> ServerRevokeClsid
2 -> ServerRegisterActivatableClasses
3 -> ServerRevokeActivatableClasses
4 -> GetThreadID
5 -> UpdateActivationSettings
6 -> RegisterWindowPropInterface
7 -> GetWindowPropInterface
8 -> EnableDisableDynamicIPTracking
9 -> GetCurrentAddrExclusionList
10 -> SetAddrExclusionList
11 -> FlushSCMBindings
12 -> RetireServer
13 -> NotifyDDStartOrStop
14 -> QueryDragDropActive
15 -> SetOrRevokeForcedDropTarget
16 -> IsObjectCreationAllowed
17 -> ControlTracingForProcess
18 -> QueryPIDForActivation
19 -> NotifyWinRTActivationStoreChanged
20 -> DecodeProxy
21 -> NotifyPsmResume
22 -> QueryServerProcessHandleHeld
23 -> RegisterRacActivationToken
24 -> RevokeRacActivationToken
25 -> RegisterConsoleHandles
26 -> RevokeConsoleHandles
27 -> NotifyComClassChangesFromDeployment
DCOM 00000136-0000-0000-c000-000000000046 (0.0) -- ISCMLocalActivator
RPC c6f3ee72-ce7e-11d1-b71e-00c04fc3111a (1.0) -- c:\windows\system32\rpcss.dll
0 -> ProcessActivatorStarted
1 -> ProcessActivatorInitializing
2 -> ProcessActivatorReady
3 -> ProcessActivatorStopped
4 -> ProcessActivatorPaused
5 -> ProcessActivatorResumed
6 -> ProcessActivatorUserInitializing
RPC 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57 (0.0) -- c:\windows\system32\rpcss.dll
0 -> RemoteActivation
DCOM 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
RPC cb40a179-20e1-43f0-97fb-3c5c6ff37ec3 (0.0) -- c:\windows\system32\rpcss.dll
0 -> CrossContainerActivation
Endpoints :
ncalrpc : epmapper
ncacn_ip_tcp : 135
ncacn_np : \pipe\epmapper
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 980 at 0x5306cc0L>
64
['LSM']
Interfaces :
RPC c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 (1.0) -- c:\windows\system32\SYSNTFY.dll
0 -> s_OnInitialConnection
1 -> s_OnCreateSession
2 -> s_OnStartScreenSaverAsDefaultUser
3 -> s_OnStopScreenSaverAsDefaultUser
4 -> s_OnLogon
5 -> s_OnLock
6 -> s_OnUnlock
7 -> s_OnStartScreenSaverAsUser
8 -> s_OnStopScreenSaverAsUser
9 -> s_OnDisconnect
10 -> s_OnReconnect
11 -> s_OnLogoff
12 -> s_OnTerminateSession
13 -> s_OnStartShell
14 -> s_OnEndShell
RPC 11f25515-c879-400a-989e-b074d5f092fe (1.0) -- c:\windows\system32\lsm.dll
0 -> RpcGetUserToken
1 -> RpcConnectTerminal
2 -> RpcSystemShutdownStarted
3 -> RpcConsumeCacheSession
4 -> RpcGetRequestForWinlogon
5 -> RpcReportWinlogonReply
6 -> RpcGetReconnectId
7 -> RpcCreateWorkerSession
8 -> RpcGetWorkerSessionGpuLuid
RPC 1e665584-40fe-4450-8f6e-802362399694 (1.0) -- c:\windows\system32\lsm.dll
0 -> RpcBroadcastSystemMessage
1 -> RpcSendWindowMessage
2 -> RpcCreateSession
3 -> RpcTerminateSession
RPC 484809d6-4239-471b-b5bc-61df8c23ac48 (1.0) -- c:\windows\system32\lsm.dll
0 -> RpcOpenSession
1 -> RpcCloseSession
2 -> RpcConnect
3 -> RpcDisconnect
4 -> RpcLogoff
5 -> RpcGetUserName
6 -> RpcGetTerminalName
7 -> RpcGetState
8 -> RpcIsSessionDesktopLocked
9 -> RpcShowMessageBox
10 -> RpcGetTimes
11 -> RpcGetSessionCounters
12 -> RpcGetSessionInformation
13 -> RpcSwitchToServicesSession
14 -> RpcRevertFromServicesSession
15 -> RpcGetLoggedOnCount
16 -> RpcGetSessionType
17 -> RpcGetSessionInformationEx
18 -> RpcIsTerminalRemote
19 -> RpcIsBoundToCacheTerminal
20 -> RpcConnectAndLockTargetDesktop
RPC e3907f22-c899-44e7-9d11-9d8b3d924832 (1.0) -- c:\windows\system32\lsm.dll
0 -> RpcEnableChildSessions
1 -> RpcIsChildSessionsEnabled
2 -> RpcGetChildSessionId
3 -> RpcGetParentSessionId
4 -> RpcGetAllUserSessions
RPC 53825514-1183-4934-a0f4-cfdc51c3389b (1.0) -- c:\windows\system32\lsm.dll
0 -> RpcIsCurrentSessionTerminalRemote
1 -> RpcGetCurrentSessionTerminalName
2 -> RpcGetCurrentSessionInformation
3 -> RpcGetCurrentSessionCapabilities
4 -> RpcGetCurrentSessionType
RPC 11899a43-2b68-4a76-92e3-a3d6ad8c26ce (1.0) -- c:\windows\system32\lsm.dll
0 -> RpcWaitForSessionState
1 -> RpcRegisterAsyncNotification
2 -> RpcWaitAsyncNotification
3 -> RpcUnRegisterAsyncNotification
RPC c2d15ccf-a416-46dc-ba58-4624ac7a9123 (1.0) -- c:\windows\system32\lsm.dll
0 -> RpcRegisterCurrentSessionAsyncNotification
1 -> RpcWaitAsyncNotificationEx
2 -> RpcUnRegisterAsyncNotificationEx
RPC 88143fd0-c28d-4b2b-8fef-8d882f6a9390 (1.0) -- c:\windows\system32\lsm.dll
0 -> RpcOpenEnum
1 -> RpcCloseEnum
2 -> RpcFilterByState
3 -> RpcFilterByCallersName
4 -> RpcEnumAddFilter
5 -> RpcGetEnumResult
6 -> RpcFilterBySessionType
7 -> RpcFilterByLicenseType
8 -> RpcGetSessionIds
9 -> RpcGetEnumResultEx
10 -> RpcGetAllSessions
11 -> RpcGetAllSessionsEx
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 517f87fe-597a-4672-8555-6daf1c8c788d (0.0) -- ISessionManager
OLE 75a446c5-40b7-41d3-8d53-292652c04121 (0.0) -- ITSEventDispatcher
OLE 959c5a99-177c-478e-8c3b-77e07e9bf3aa (0.0) -- ISessionList
OLE a8105b4f-7d5a-402b-aac0-fd85daecf94c (0.0) -- ISessionEnum
OLE a1b7de7a-4e77-43db-ae78-96fc182fed4a (0.0) -- ITSSession
OLE 1a8a5d71-d95b-4dcd-915e-f9f6d31879ad (0.0) -- ITerminal
OLE 6344a5b7-ef1c-47ba-98b7-28c664427793 (0.0) -- IGlassTerminal
OLE c2d3e131-c587-49b4-8bae-f0ee269eeb31 (0.0) -- ITSSessionAttribute
OLE 35481b58-f46c-4254-b52c-fdc3001484c3 (0.0) -- IRestrictedCalls
OLE 4d10b48b-c531-4731-9bde-b03c28e9c61c (0.0) -- IUserName
Endpoints :
ncalrpc : LRPC-6b49de762b15890702
ncalrpc : LSMApi
ncacn_np : \pipe\LSM_API_service
ncalrpc : OLE3F9B241B15C1D6F0A2B264568291
--------------------------------------------------------------------------------
<WinProcess "LogonUI.exe" pid 420 at 0x5306278L>
64
Interfaces :
RPC f3f09ffd-fbcf-4291-944d-70ad6e0e73bb (1.0) -- C:\windows\System32\logoncontroller.dll
0 -> WluirAbort
1 -> WluirSecureDisplayLocked
2 -> WluirDisplayLocked
3 -> WluirWaitForLockScreenDismiss
4 -> WluirDisplayMessage
5 -> WluirDisplayRequestCredentialsError
6 -> WluirDisplaySecurityOptions
7 -> WluirDisplayStatus
8 -> WluirDisplayTSDisconnectOptions
9 -> WluirDisplayWelcome
10 -> WluirNotifyIsReadyForDesktopSwitch
11 -> WluirPromptForCredentials
12 -> WluirReleaseContext
13 -> WluirClearUIState
14 -> WluirReportResult
15 -> WluirRequestCredentials
16 -> WluirDisplayTSDisconnectUI
17 -> WluirDisplayTSReconnectUI
18 -> WluirNotifyUserIsLoggedOn
19 -> WluirFinishOperation
20 -> WluirInformLogonUI
21 -> WluirDelayLocked
22 -> WluirSecureDelayLocked
23 -> WluirGetShutdownResolverInfo
24 -> WluirSignalShutdown
25 -> WluirPrepareWebDialog
26 -> WluirWaitForWebDialogComplete
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 0000000c-0000-0000-c000-000000000046 (0.0) -- IStream
OLE 06386a7a-e009-5b0b-ab68-a8e48b516647 (0.0) -- __FIAsyncOperationWithProgressCompletedHandler_2_Windows__CStorage__CStreams__CIBuffer_UINT32
OLE 30d5a829-7fa4-4026-83bb-d75bae4ea99e (0.0) -- IClosable
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE ce17c10a-90f9-42e5-a43b-4ffee2f937a0 (0.0) -- IObjectWithRWLock
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
OLE 947aab5f-0a5c-4c13-b4d6-4bf7836fc9f8 (0.0) -- IFileOperation
Endpoints :
ncalrpc : LRPC-7ad18c0181b776e795
ncalrpc : OLE273901A57D58B270B18B090D94E5
--------------------------------------------------------------------------------
<WinProcess "dwm.exe" pid 416 at 0x53068d0L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00621c22-42e8-529f-9270-836b32931d72 (0.0) -- __FIEventHandler_1_Windows__CGaming__CInput__CRawGameController
Endpoints :
ncalrpc : OLE23E3E1AC7EE9CC6F1F25CDFF90CC
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 496 at 0x5306160L>
64
['TermService']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE be5a9fee-1c29-4aae-a6b7-feb0e4c96d5e (0.0) -- IConnectionManager
OLE 6e796d86-376c-46fe-8381-43982edd00fe (0.0) -- ITSNotifySink
RPC 2f59a331-bf7d-48cb-9e5c-7c090d76e8b8 (1.0) -- c:\windows\system32\termsrv.dll
0 -> RpcLicensingOpenServer
1 -> RpcLicensingCloseServer
2 -> RpcLicensingLoadPolicy
3 -> RpcLicensingLoadPolicy
4 -> RpcLicensingSetPolicy
5 -> RpcLicensingGetAvailablePolicyIds
6 -> RpcLicensingGetPolicy
7 -> RpcLicensingGetPolicyInformation
8 -> RpcLicensingDeactivateCurrentPolicy
9 -> RpcLicensingServerPing
10 -> RpcGetSessionUnderArbitration
RPC 1f260487-ba29-4f13-928a-bbd29761b083 (1.0) -- c:\windows\system32\termsrv.dll
0 -> RpcIsSessionPermitted
1 -> RpcGetUserCredentials
2 -> RpcGetUserProfile
3 -> RpcWinStationRedirectErrorMessage
4 -> RpcRedirectLogonBeginPainting
5 -> RpcRedirectLogonStatus
6 -> RpcRedirectLogonMessage
7 -> RpcRedirectLogonError
8 -> RpcGetRedirectAuthInfo
9 -> RpcGetRestrictedLogonInfo
RPC ecd85155-cc3a-4f10-aad5-9a9a2bf2ef0c (1.0) -- c:\windows\system32\termsrv.dll
0 -> RpcSetAutologonPassword
RPC bde95fdf-eee0-45de-9e12-e5a61cd0d4fe (1.0) -- c:\windows\system32\termsrv.dll
0 -> RpcGetClientData
1 -> RpcGetConfigData
2 -> RpcGetProtocolStatus
3 -> RpcGetLastInputTime
4 -> RpcGetRemoteAddress
5 -> RpcShadow
6 -> RpcShadowTarget
7 -> RpcShadowStop
8 -> RpcGetAllListeners
9 -> RpcGetSessionProtocolLastInputTime
10 -> RpcGetUserCertificates
11 -> RpcQuerySessionData
RPC 497d95a6-2d27-4bf5-9bbd-a6046957133c (1.0) -- c:\windows\system32\termsrv.dll
0 -> RpcOpenListener
1 -> RpcCloseListener
2 -> RpcStopListener
3 -> RpcStartListener
4 -> RpcIsListening
RPC 5267aaba-4f49-4653-8e26-d1e11f3f2ad9 (1.0) -- c:\windows\system32\termsrv.dll
0 -> RpcCreateVirtualChannel
1 -> CConnectionEx::Connect
2 -> RpcPopSecurityDialog
3 -> RpcGetInitialApplication
4 -> RpcGetConnectionProperty
5 -> CConnectionEx::Connect
6 -> RpcVerify
7 -> RpcCreateChildSessionTransport
8 -> RpcRcmShadow2
9 -> RpcShadowAccessCheck
10 -> RpcShadowStop2
RPC 28098650-fe3c-4af4-8a41-8bcd284941c5 (1.0) -- c:\windows\system32\termsrv.dll
0 -> RpcGetCurrentSessionConnectionProperty
1 -> RpcGetCurrentSessionClientData
2 -> RpcGetCurrentSessionConfigData
3 -> RpcGetCurrentSessionProtocolLastInputTime
RPC 5ca4a760-ebb1-11cf-8611-00a0245420ed (1.0) -- c:\windows\system32\termsrv.dll
0 -> RpcWinStationOpenServer
1 -> RpcWinStationCloseServer
2 -> RpcIcaServerPing
3 -> RpcWinStationEnumerate
4 -> RpcWinStationRename
5 -> RpcWinStationQueryInformation
6 -> RpcWinStationSetInformation
7 -> RpcWinStationSendMessage
8 -> RpcLogonIdFromWinStationName
9 -> RpcWinStationNameFromLogonId
10 -> RpcWinStationConnect
11 -> RpcWinStationVirtualOpen
12 -> RpcWinStationBeepOpen
13 -> RpcWinStationDisconnect
14 -> RpcWinStationReset
15 -> RpcWinStationShutdownSystem
16 -> RpcWinStationWaitSystemEvent
17 -> RpcWinStationShadow
18 -> RpcWinStationShadowTargetSetup
19 -> RpcWinStationShadowTarget
20 -> RpcWinStationGenerateLicense
21 -> RpcWinStationInstallLicense
22 -> RpcWinStationEnumerateLicenses
23 -> RpcWinStationActivateLicense
24 -> RpcWinStationRemoveLicense
25 -> RpcWinStationQueryLicense
26 -> RpcWinStationSetPoolCount
27 -> RpcWinStationQueryUpdateRequired
28 -> RpcWinStationCallback
29 -> RpcWinStationBreakPoint
30 -> RpcWinStationReadRegistry
31 -> RpcWinStationWaitForConnect
32 -> RpcWinStationNotifyLogon
33 -> RpcWinStationNotifyLogoff
34 -> OldRpcWinStationEnumerateProcesses
35 -> RpcWinStationAnnoyancePopup
36 -> RpcWinStationEnumerateProcesses
37 -> RpcWinStationTerminateProcess
38 -> RpcServerNWLogonSetAdmin
39 -> RpcServerNWLogonQueryAdmin
40 -> RpcWinStationCheckForApplicationName
41 -> RpcWinStationGetApplicationInfo
42 -> RpcWinStationNtsdDebug
43 -> RpcWinStationGetAllProcesses
44 -> RpcWinStationGetProcessSid
45 -> RpcWinStationGetTermSrvCountersValue
46 -> RpcWinStationReInitializeSecurity
47 -> RpcWinStationBroadcastSystemMessage
48 -> RpcWinStationSendWindowMessage
49 -> RpcWinStationNotifyNewSession
50 -> RpcServerGetInternetConnectorStatus
51 -> RpcServerSetInternetConnectorStatus
52 -> RpcServerQueryInetConnectorInformation
53 -> RpcWinStationGetLanAdapterName
54 -> RpcWinStationUpdateUserConfig
55 -> RpcWinStationQueryLogonCredentials
56 -> RpcWinStationRegisterConsoleNotification
57 -> RpcWinStationUnRegisterConsoleNotification
58 -> RpcWinStationUpdateSettings
59 -> RpcWinStationShadowStop
60 -> RpcWinStationCloseServerEx
61 -> RpcWinStationIsHelpAssistantSession
62 -> RpcWinStationGetMachinePolicy
63 -> RpcWinStationUpdateClientCachedCredentials
64 -> RpcWinStationFUSCanRemoteUserDisconnect
65 -> RpcWinStationCheckLoopBack
66 -> RpcConnectCallback
67 -> RpcWinStationNotifyDisconnectPipe
68 -> RpcWinStationSessionInitialized
69 -> RpcRemoteAssistancePrepareSystemRestore
70 -> RpcWinStationGetAllProcesses_NT6
71 -> RpcWinStationRegisterNotificationEvent
72 -> RpcWinStationUnRegisterNotificationEvent
73 -> RpcWinStationAutoReconnect
74 -> RpcWinStationCheckAccess
75 -> RpcWinStationOpenSessionDirectory
OLE 4d10b48b-c531-4731-9bde-b03c28e9c61c (0.0) -- IUserName
OLE 02e6ec4c-96e4-42e8-b533-336916a0087d (0.0) -- ISessionEnumFilter
OLE 1a8a5d71-d95b-4dcd-915e-f9f6d31879ad (0.0) -- ITerminal
OLE a9052eea-734f-41d8-978b-e32cad12381a (0.0) -- ISessionArbitration
Endpoints :
ncalrpc : OLE5AE2BB39E98F6C6862D43D1741FE
ncalrpc : LcRpc
ncalrpc : TermSrvApi
ncacn_np : \pipe\TermSrv_API_service
ncacn_np : \pipe\Ctx_WinStation_API_service
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1064 at 0x5306b38L>
64
['CoreMessagingRegistrar']
Interfaces :
RPC df4df73a-c52d-4e3a-8003-8437fdf8302a (0.0) -- c:\windows\system32\coremessaging.dll
0 -> ServerValidateWindowId
1 -> ServerValidateWindowIdAndOwner
Endpoints :
ncalrpc : LRPC-0004450a441212400f
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1104 at 0x53067f0L>
64
['NcbService']
Interfaces :
RPC d09bdeb5-6171-4a34-bfe2-06fa82652568 (1.0) -- c:\windows\system32\BrokerLib.dll
0 -> _BriCreateEvent
1 -> _BriDeleteEvent
2 -> BriDisableEvent
3 -> BriEnableEvent
4 -> BriSignalEvent
RPC 5222821f-d5e2-4885-84f1-5f6185a0ec41 (1.0) -- c:\windows\system32\ncbservice.dll
0 -> RpcSrvRegisterControlChannelReset
1 -> RpcSrvUnregisterControlChannelReset
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\Windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 1299cf18-c4f5-4b6a-bb0f-2299f0398e27 (0.0) -- INotifyNetworkListManagerEvents
OLE 22d2e146-1a68-40b8-949c-8fd848b415e6 (0.0) -- INotifyNetworkEvents
OLE 2abc0864-9677-42e5-882a-d415c556c284 (0.0) -- INotifyNetworkInterfaceEvents
OLE 733b7764-5c0c-4ad6-bb4b-d0585e993e0e (0.0) -- INotifyNetworkGlobalCostEvents
RPC 880fd55e-43b9-11e0-b1a8-cf4edfd72085 (1.0) -- c:\windows\system32\ncbservice.dll
0 -> KapiRegisterProvider
1 -> KapiDeregisterProvider
2 -> KapiUpdateKaSample
3 -> KapiReceiveKaUpdateRequest
RPC e40f7b57-7a25-4cd3-a135-7f7d3df9d16b (1.0) -- c:\windows\system32\ncbservice.dll
0 -> RpcSrvCreateSession
1 -> RpcSrvDestroySession
2 -> RpcSrvStartBrokeredActivation
3 -> RpcSrvSetServerKeepAliveInterval
4 -> RpcSrvGetCurrentKeepAliveInterval
5 -> RpcSrvDecreaseKeepAliveInterval
6 -> RpcSrvUsingTransport
7 -> RpcSrvIndicateSlotAllocation
8 -> RpcSrvSBCreatePushEnabledContext
9 -> RpcSrvSBTransferOwnership
10 -> RpcSrvSBRetrieveSocket
11 -> RpcSrvSBCompleteRetrieveSocket
12 -> RpcSrvSBRetrieveContext
13 -> RpcSrvSBEnumSockets
14 -> RpcSrvHotspotRegisterHotspotApp
15 -> RpcSrvHotspotFindEventForPackage
16 -> RpcSrvHotspotTriggerBackgroundEvent
17 -> RpcSrvHotspotIsAppInstalled
18 -> RpcSrvFirewallWcmSetFirewallRule
19 -> RpcSrvFirewallWcmSetFirewallRuleFlags
20 -> RpcSrvFirewallWcmDeleteFirewallRule
Endpoints :
ncalrpc : LRPC-c671927dd9659a0385
ncalrpc : LRPC-b104ee7e9393d8bf7f
ncalrpc : OLE9C9313BE9E1E2574A19C7FAC69FC
ncalrpc : LRPC-0c5aafc72066fcc0c4
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1176 at 0x5306978L>
64
['TimeBrokerSvc']
Interfaces :
RPC d09bdeb5-6171-4a34-bfe2-06fa82652568 (1.0) -- c:\windows\system32\BrokerLib.dll
0 -> _BriCreateEvent
1 -> _BriDeleteEvent
2 -> BriDisableEvent
3 -> BriEnableEvent
4 -> BriSignalEvent
RPC a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 (1.0) -- c:\windows\system32\timebrokerserver.dll
0 -> _TbiEnumerateEvents
1 -> _TbiQueryEventData
2 -> _TbiUpdateEvent
3 -> _TbiQueryCEventData
4 -> _TbiQueryCEventTriggerTime
5 -> _TbiUpdateCEvent
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\Windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : LRPC-0f32fccfe501ad8fa4
ncalrpc : LRPC-c73bd8309b02b2a015
ncalrpc : OLEC1455F967D34F83BDA59E71D52F7
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1260 at 0x5306f98L>
64
['vmicheartbeat']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE f7c4122f-6e32-4075-99d4-3d2b080b204e (0.0) -- IVmApplicationHealthQuery
Endpoints :
ncalrpc : OLEBCE0F0E17E902814B1FB5192AA95
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1268 at 0x53060f0L>
64
['EventLog']
Interfaces :
RPC 82273fdc-e32a-18c3-3f78-827929dc23ea (0.0) -- c:\windows\system32\wevtsvc.dll
0 -> ElfrClearELFW
1 -> ElfrBackupELFW
2 -> ElfrCloseEL
3 -> ElfrDeregisterEventSource
4 -> ElfrNumberOfRecords
5 -> ElfrOldestRecord
6 -> ElfrChangeNotify
7 -> ElfrOpenELW
8 -> ElfrRegisterEventSourceW
9 -> ElfrOpenBELW
10 -> ElfrReadELW
11 -> ElfrReportEventW
12 -> ElfrClearELFA
13 -> ElfrBackupELFA
14 -> ElfrOpenELA
15 -> ElfrRegisterEventSourceA
16 -> ElfrOpenBELA
17 -> ElfrReadELA
18 -> ElfrReportEventA
19 -> ElfrRegisterClusterSvc
20 -> ElfrDeregisterClusterSvc
21 -> ElfrWriteClusterEvents
22 -> ElfrGetLogInformation
23 -> ElfrFlushEL
24 -> ElfrReportEventAndSourceW
25 -> ElfrReportEventExW
26 -> ElfrReportEventExA
RPC f6beaff7-1e19-4fbb-9f8f-b89e2018337c (1.0) -- c:\windows\system32\wevtsvc.dll
0 -> _EvtRpcRegisterRemoteSubscription
1 -> _EvtRpcRemoteSubscriptionNextAsync
2 -> _EvtRpcRemoteSubscriptionNext
3 -> EvtRpcRemoteSubscriptionWaitAsync
4 -> EvtRpcRegisterControllableOperation
5 -> _EvtRpcRegisterLogQuery
6 -> EvtRpcClearLog
7 -> EvtRpcExportLog
8 -> EvtRpcLocalizeExportLog
9 -> _EvtRpcMessageRender
10 -> EvtRpcMessageRenderDefault
11 -> _EvtRpcQueryNext
12 -> _EvtRpcQuerySeek
13 -> EvtRpcClose
14 -> EvtRpcCancel
15 -> _EvtRpcAssertConfig
16 -> EvtRpcRetractConfig
17 -> _EvtRpcOpenLogHandle
18 -> _EvtRpcGetLogFileInfo
19 -> _EvtRpcGetChannelList
20 -> _EvtRpcGetChannelConfig
21 -> EvtRpcPutChannelConfig
22 -> _EvtRpcGetPublisherList
23 -> EvtRpcGetPublisherListForChannel
24 -> _EvtRpcGetPublisherMetadata
25 -> _EvtRpcGetPublisherResourceMetadata
26 -> EvtRpcGetEventMetadataEnum
27 -> EvtRpcGetNextEventMetadata
28 -> _EvtRpcGetClassicLogDisplayName
Endpoints :
ncalrpc : eventlog
ncacn_np : \pipe\eventlog
ncacn_ip_tcp : 49665
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1288 at 0x5306400L>
64
['vmickvpexchange']
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1308 at 0x53060b8L>
64
['vmicrdv']
Interfaces :
RPC f763c91c-2ab1-47fa-868f-7de7efd42194 (1.0) -- C:\windows\system32\vmrdvcore.dll
0 -> VmGetAppAllowListEntryByAlias
1 -> VmVerifyAppAllowed
Endpoints :
ncalrpc : RdvVmAllowListRpc
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1348 at 0x53062e8L>
64
['vmicshutdown']
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1372 at 0x53069b0L>
64
['vmictimesync']
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1392 at 0x5306ac8L>
64
['UmRdpService']
Interfaces :
RPC 7212a04b-b463-402e-9649-2ba477394676 (1.0) -- c:\windows\system32\umrdp.dll
0 -> CTSEventFilterBlockAllEvents::AllowTSEvent
1 -> RpcOpenDevice
2 -> RpcCloseDevice
3 -> RpcGetSessionId
4 -> RpcGetInterfaceGuids
5 -> RpcGetClientDeviceId
6 -> RpcGetDeviceCaps
RPC c80066a8-7579-44fc-b9b2-8466930791b0 (1.0) -- c:\windows\system32\umrdp.dll
0 -> RpcPrintDrvGetInfo
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : RemoteDevicesLPC_API
ncalrpc : TSUMRPD_PRINT_DRV_LPC_API
ncalrpc : OLEF239C965B5F7A486BA655D8FB6B3
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1408 at 0x5306b00L>
64
['vmicvss']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
Endpoints :
ncalrpc : OLE0AC93FC754D4BF276C3945B96D2C
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1576 at 0x5306d30L>
64
['ProfSvc']
Interfaces :
RPC 326731e3-c1c0-4a69-ae20-7d9044a4ea5c (1.0) -- c:\windows\system32\profsvc.dll
0 -> DropClientContext
1 -> ReleaseClientContext
2 -> LoadUserProfileServer
3 -> UnloadUserProfileServer
4 -> DeleteProfileServer
5 -> RemapProfileServer
6 -> CreateProfileServer
7 -> ProcessWmiSettingsServer
RPC c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 (1.0) -- c:\windows\system32\SYSNTFY.dll
0 -> s_OnInitialConnection
1 -> s_OnCreateSession
2 -> s_OnStartScreenSaverAsDefaultUser
3 -> s_OnStopScreenSaverAsDefaultUser
4 -> s_OnLogon
5 -> s_OnLock
6 -> s_OnUnlock
7 -> s_OnStartScreenSaverAsUser
8 -> s_OnStopScreenSaverAsUser
9 -> s_OnDisconnect
10 -> s_OnReconnect
11 -> s_OnLogoff
12 -> s_OnTerminateSession
13 -> s_OnStartShell
14 -> s_OnEndShell
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
Endpoints :
ncalrpc : IUserProfile2
ncalrpc : OLE578C3DF3149721A3389842CC648C
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1604 at 0x5306be0L>
64
['nsi']
Interfaces :
RPC 7ea70bcf-48af-4f6a-8968-6a440754d5fa (1.0) -- c:\windows\system32\nsisvc.dll
0 -> RpcNsiGetParameter
1 -> RpcNsiGetAllParameters
2 -> RpcNsiEnumerateObjectsAllParameters
3 -> RpcNsiSetParameter
4 -> RpcNsiSetAllParameters
5 -> RpcNsiRegisterChangeNotification
6 -> RpcNsiDeregisterChangeNotification
7 -> RpcNsiRequestChangeNotification
8 -> RpcNsiParameterChange
Endpoints :
ncalrpc : LRPC-743e6bda820abcb648
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1652 at 0x53063c8L>
64
['EventSystem']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 64b8f404-a4ae-11d1-b7b6-00c04fb926af (0.0) -- IEventSystemTier2Factory
OLE 00000001-0000-0000-c000-000000000046 (0.0) -- IClassFactory
OLE 609b954b-4fb6-11d1-9971-00c04fbbb345 (0.0) -- IEventSystemTier2
OLE 609b9555-4fb6-11d1-9971-00c04fbbb345 (0.0) -- IEventClassTier2
OLE 00000100-0000-0000-c000-000000000046 (0.0) -- IEnumUnknown
OLE 609b9557-4fb6-11d1-9971-00c04fbbb345 (0.0) -- IEventSubscriptionTier2
Endpoints :
ncalrpc : OLE5B2510DDA8851BF9D25D05E69921
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1660 at 0x5306d68L>
64
['SysMain']
Interfaces :
RPC b58aa02e-2884-4e97-8176-4ee06d794184 (1.0) -- c:\windows\system32\sysmain.dll
0 -> PfRpcServerExecuteCommand
Endpoints :
ncalrpc : LRPC-7489ddaf2de31ec276
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1684 at 0x5306080L>
64
['Themes']
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "Memory Compression" pid 1932 at 0x5306da0L>
64
[!!] Invalid rpcrt4 base: 0x0 vs 0x7ffec24f0000
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1980 at 0x5306518L>
64
['Dhcp']
Interfaces :
RPC 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 (1.0) -- C:\windows\system32\dhcpcore6.dll
0 -> RpcSrvRequestPrefixEx
1 -> RpcSrvRenewPrefixEx
2 -> RpcSrvReleasePrefixEx
3 -> RpcSrvCancelOperation
4 -> RpcSrvEnablev6Tracing
5 -> RpcSrvRequestParams
6 -> RpcSrvAcquireParametersv6
7 -> RpcSrvReleaseParametersv6
8 -> RpcSrvQueryLeaseInfov6
9 -> RpcSrvGetTraceArray
10 -> RpcSrvSetUserClass
11 -> RpcSrvQueryLeaseInfov6Array
12 -> RpcSrvEnableDhcpv6
RPC 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 (1.0) -- c:\windows\system32\dhcpcore.dll
0 -> RpcSrvEnableDhcp
1 -> RpcSrvRenewLease
2 -> RpcSrvDeleteStaticAddressAndDefaultGateways
3 -> RpcSrvCheckServerAvailability
4 -> RpcSrvRenewLeaseByBroadcast
5 -> RpcSrvReleaseLease
6 -> RpcSrvSetFallbackParams
7 -> RpcSrvGetFallbackParams
8 -> RpcSrvFallbackRefreshParams
9 -> RpcSrvStaticRefreshParams
10 -> RpcSrvRemoveDnsRegistrations
11 -> RpcSrvRequestParams
12 -> RpcSrvPersistentRequestParams
13 -> RpcSrvRegisterParams
14 -> RpcSrvDeRegisterParams
15 -> RpcSrvEnumInterfaces
16 -> RpcSrvQueryLeaseInfo
17 -> RpcSrvQueryLeaseInfoArray
18 -> RpcSrvSetClassId
19 -> RpcSrvGetClassId
20 -> RpcSrvSetClientId
21 -> RpcSrvGetClientId
22 -> RpcSrvNotifyMediaReconnected
23 -> RpcSrvGetOriginalSubnetMask
24 -> RpcSrvSetMSFTVendorSpecificOptions
25 -> RpcSrvRequestCachedParams
26 -> RpcSrvRegisterConnectionStateNotification
27 -> RpcSrvDeRegisterConnectionStateNotification
28 -> RpcSrvGetNotificationStatus
29 -> RpcSrvGetDhcpServicedConnections
30 -> RpcSrvGetTraceArray
31 -> RpcSrvEnableTracing
32 -> RpcSrvLeaseIpAddressEx
33 -> RpcSrvRenewIpAddressLeaseEx
34 -> RpcSrvReleaseIpAddressLeaseEx
35 -> RpcSrvMadcapApiStartup
36 -> RpcSrvMadcapApiCleanup
37 -> RpcSrvMadcapEnumerateScopes
38 -> RpcSrvMadcapGenUID
39 -> RpcSrvMadcapRequestAddress
40 -> RpcSrvMadcapRenewAddress
41 -> RpcSrvMadcapReleaseAddress
Endpoints :
ncalrpc : dhcpcsvc6
ncalrpc : dhcpcsvc
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1132 at 0x5306ef0L>
64
['CertPropSvc']
Interfaces :
RPC 30b044a5-a225-43f0-b3a4-e060df91f9c1 (1.0) -- c:\windows\system32\certprop.dll
0 -> s_RPC_SmartCardRootCertsNotifyService
1 -> s_RPC_SmartCardCertsNotifyService
Endpoints :
ncalrpc : LRPC-0bf0ff1ef1a9db2596
--------------------------------------------------------------------------------
<WinProcess "VSSVC.exe" pid 404 at 0x5306a20L>
64
['VSS']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 77ed5996-2f63-11d3-8a39-00c04f72d8e3 (0.0) -- IVssAdmin
OLE fa7df749-66e7-4986-a27f-e2f04ae53772 (0.0) -- IVssSnapshotMgmt
Endpoints :
ncalrpc : OLE3C135C6FB627CF9DADFBB6BC8CEA
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1472 at 0x5306048L>
64
['Schedule']
Interfaces :
RPC 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 (1.0) -- c:\windows\system32\schedsvc.dll
0 -> ItSrvRegisterIdleTask
1 -> ItSrvUnregisterIdleTask
2 -> ItSrvProcessIdleTasks
3 -> ItSrvSetDetectionParameters
4 -> ItSrvSetRuntimeOverrides
RPC 1ff70682-0a51-30e8-076d-740be8cee98b (1.0) -- C:\windows\system32\taskcomp.dll
0 -> NetrJobAdd
1 -> NetrJobDel
2 -> NetrJobEnum
3 -> NetrJobGetInfo
RPC 378e52b0-c0a9-11cf-822d-00aa0051e40f (1.0) -- C:\windows\system32\taskcomp.dll
0 -> SASetAccountInformation
1 -> SASetNSAccountInformation
2 -> SAGetNSAccountInformation
3 -> SAGetAccountInformation
RPC 2a82bb21-e44f-4791-9aa1-dfae788e2f43 (1.0) -- c:\windows\system32\UBPM.dll
0 -> s_UbpmRpcOpenTaskHostChannel
1 -> s_UbpmRpcCloseTaskHostChannel
2 -> s_UbpmRpcTaskHostSendResponseReceiveCommand
3 -> s_UbpmRpcTaskHostReportTaskStatus
RPC 33d84484-3626-47ee-8c6f-e7e98b113be1 (2.0) -- C:\windows\SYSTEM32\WPTaskScheduler.dll
0 -> s_TaskSchedulerCreateSchedule
1 -> s_TaskSchedulerDeleteSchedule
2 -> s_TaskSchedulerFindFirstSchedule
3 -> s_TaskSchedulerFindNextSchedule
4 -> s_TaskSchedulerFindScheduleClose
5 -> s_TaskSchedulerGetSchedule
6 -> s_TaskSchedulerEnableSchedule
7 -> s_TaskSchedulerExecuteSchedule
8 -> s_TaskSchedulerAdvanceSchedule
9 -> s_TaskSchedulerAdvanceScheduleIntervals
10 -> s_TaskSchedulerSnoozeSchedule
11 -> s_TaskSchedulerGetPublishStateName
12 -> s_TaskSchedulerServiceControl
RPC 86d35949-83c9-4044-b424-db363231fd0c (1.0) -- c:\windows\system32\schedsvc.dll
0 -> SchRpcHighestVersion
1 -> _SchRpcRegisterTask
2 -> SchRpcRetrieveTask
3 -> SchRpcCreateFolder
4 -> SchRpcSetSecurity
5 -> SchRpcGetSecurity
6 -> SchRpcEnumFolders
7 -> SchRpcEnumTasks
8 -> SchRpcEnumInstances
9 -> SchRpcGetInstanceInfo
10 -> SchRpcStopInstance
11 -> SchRpcStop
12 -> SchRpcRun
13 -> SchRpcDelete
14 -> SchRpcRename
15 -> SchRpcScheduledRuntimes
16 -> SchRpcGetLastRunInfo
17 -> _SchRpcGetTaskInfo
18 -> SchRpcGetNumberOfMissedRuns
19 -> SchRpcEnableTask
RPC 3a9ef155-691d-4449-8d05-09ad57031823 (1.0) -- c:\windows\system32\schedsvc.dll
0 -> I_pSchRpcRegisterTask
1 -> I_pSchRpcEnumTasks
2 -> I_pSchRpcGetTaskInfo
3 -> I_pSchRpcAquireTaskStateNotificationsName
4 -> I_pAcquireBackgroundExecutionMode
5 -> I_pReleaseBackgroundExecutionMode
6 -> I_pSetTaskDisabledForCurrentUser
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : LRPC-69ba40d97baa37e78b
ncacn_np : \PIPE\atsvc
ncalrpc : ubpmtaskhostchannel
ncalrpc : LRPC-1eae62186b2bb71d85
ncacn_ip_tcp : 49666
ncalrpc : OLEB9967DDCAAC08A0219EA8093CC24
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2056 at 0x5306828L>
64
['SENS']
Interfaces :
RPC 63fbe424-2029-11d1-8db8-00aa004abd5e (1.0) -- c:\windows\system32\sens.dll
0 -> RPC_IsNetworkAlive
1 -> RPC_IsDestinationReachableA
2 -> RPC_IsDestinationReachableA
RPC a0bc4698-b8d7-4330-a28f-7709e18b6108 (4.0) -- c:\windows\system32\sens.dll
0 -> RPC_SensNotifyWinlogonEvent
1 -> RPC_SensNotifyRasEvent
2 -> RPC_SensNotifyNetconEvent
RPC c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 (1.0) -- c:\windows\system32\SYSNTFY.dll
0 -> s_OnInitialConnection
1 -> s_OnCreateSession
2 -> s_OnStartScreenSaverAsDefaultUser
3 -> s_OnStopScreenSaverAsDefaultUser
4 -> s_OnLogon
5 -> s_OnLock
6 -> s_OnUnlock
7 -> s_OnStartScreenSaverAsUser
8 -> s_OnStopScreenSaverAsUser
9 -> s_OnDisconnect
10 -> s_OnReconnect
11 -> s_OnLogoff
12 -> s_OnTerminateSession
13 -> s_OnStartShell
14 -> s_OnEndShell
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 97312c82-d4c2-11d1-b682-00805fc79216 (0.0) -- ICollectionNotify
Endpoints :
ncalrpc : senssvc
ncalrpc : LRPC-cc6192df9611677bb5
ncalrpc : OLE12DBE078CDEC19CDB2151EB60065
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2132 at 0x5306fd0L>
64
['AudioEndpointBuilder']
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2156 at 0x5319898L>
64
['FontCache']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 97ea99c7-0186-4ad4-8df9-c5b4e0ed6b22 (0.0) -- IBackgroundCopyCallback
Endpoints :
ncalrpc : OLEB3F53AD0BE01D0AE74A209B34604
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2168 at 0x5319cf8L>
64
['LanmanWorkstation']
Interfaces :
RPC f2c9b409-c1c9-4100-8639-d8ab1486694a (1.0) -- c:\windows\system32\wkssvc.dll
0 -> ClusterConnectUpcall
1 -> ClusterDisConnectUpcall
RPC eb081a0d-10ee-478a-a1dd-50995283e7a8 (3.0) -- c:\windows\system32\wkssvc.dll
0 -> GetWitnessNodes
RPC 6bffd098-a112-3610-9833-46c3f87e345a (1.0) -- c:\windows\system32\wkssvc.dll
0 -> NetrWkstaGetInfo
1 -> NetrWkstaSetInfo
2 -> NetrWkstaUserEnum
3 -> NetrWkstaUserGetInfo
4 -> NetrWkstaUserSetInfo
5 -> NetrWkstaTransportEnum
6 -> NetrWkstaTransportAdd
7 -> NetrWkstaTransportDel
8 -> NetrUseAdd
9 -> NetrUseGetInfo
10 -> NetrUseDel
11 -> NetrUseEnum
12 -> I_NetrLogonDomainNameAdd
13 -> NetrWorkstationStatisticsGet
14 -> I_NetrLogonDomainNameAdd
15 -> I_NetrLogonDomainNameAdd
16 -> I_NetrLogonDomainNameAdd
17 -> I_NetrLogonDomainNameAdd
18 -> I_NetrLogonDomainNameAdd
19 -> I_NetrLogonDomainNameAdd
20 -> NetrGetJoinInformation
21 -> I_NetrLogonDomainNameAdd
22 -> NetrJoinDomain2
23 -> NetrUnjoinDomain2
24 -> NetrRenameMachineInDomain2
25 -> NetrValidateName2
26 -> NetrGetJoinableOUs2
27 -> NetrAddAlternateComputerName
28 -> NetrRemoveAlternateComputerName
29 -> NetrSetPrimaryComputerName
30 -> NetrEnumerateComputerNames
RPC 7f1343fe-50a9-4927-a778-0c5859517bac (1.0) -- c:\windows\system32\wkssvc.dll
0 -> DfsDsGetDcName
1 -> DfsDsIsDomainController
2 -> DfsCredWrite
3 -> DfsCredDelete
Endpoints :
ncalrpc : LRPC-28f9e92a2d2927492b
ncacn_np : \PIPE\wkssvc
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2256 at 0x5319cc0L>
64
['NlaSvc']
Interfaces :
RPC aa411582-9bdf-48fb-b42b-faa1eee33949 (1.0) -- c:\windows\system32\nlasvc.dll
0 -> PMuxRpcPluginRegister
1 -> PMuxRpcPluginUnregister
2 -> PMuxRpcPluginDataIndicate
RPC c33b9f46-2088-4dbc-97e3-6125f127661c (1.0) -- c:\windows\system32\nlasvc.dll
0 -> AppSrv_NlaOpenQuery
1 -> AppSrv_NlaAsyncIndicate
2 -> AppSrv_NlaRefreshQuery
3 -> AppSrv_NlaCloseQuery
4 -> RpcNlaIndicateReprobe
5 -> RpcNlaGetCaptivePortalHosts
RPC 4c8d0bef-d7f1-49f0-9102-caa05f58d114 (1.0) -- c:\windows\system32\nlasvc.dll
0 -> RPCQueryLANIds
Endpoints :
ncalrpc : nlaplg
ncalrpc : nlaapi
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2308 at 0x5319f60L>
64
['Dnscache']
Interfaces :
RPC 45776b01-5956-4485-9f80-f428f7d60129 (2.0) -- c:\windows\system32\dnsrslvr.dll
0 -> CRrReadCache
1 -> R_ResolverGetConfig
2 -> R_ResolverFlushCache
3 -> R_ResolverFlushCacheEntry
4 -> R_ResolverQuery
5 -> R_DnsRegisterLocal
6 -> R_DnsDeRegisterLocal
7 -> R_DnsStartMulticastQuery
8 -> R_DnsGetMulticastData
9 -> R_DnsStopMulticastQuery
10 -> R_ResolverSimpleOp
11 -> R_DnsGetProxyInformation
12 -> R_DnsGetPolicyTableInfo
13 -> R_DnsSetConnectionPolicyInfo
14 -> R_DnsDeleteConnectionPolicyInfo
15 -> R_DnsGetSettings
16 -> R_DnsSetSettings
17 -> R_DnsGetInterfaceSettings
18 -> R_DnsSetInterfaceSettings
19 -> R_DnsGetAdaptersInfo
Endpoints :
ncalrpc : DNSResolver
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2360 at 0x5319da0L>
64
['Audiosrv']
Interfaces :
RPC 09704557-82c0-416b-b6e4-c85b8f789803 (2.8) -- c:\windows\system32\audiosrv.dll
0 -> AudioServerGetMixFormat
1 -> AudioServerIsFormatSupported
2 -> AudioServerGetDevicePeriod
3 -> AudioServerIsOffloadCapable
4 -> AudioServerInitialize
5 -> AudioServerDisconnect
6 -> AudioServerGetAudioSession
7 -> AudioServerCreateStream
8 -> AudioServerStartStream
9 -> AudioServerStopStream
10 -> AudioServerPreStartStream
11 -> AudioServerStartStreamAborted
12 -> AudioServerResetEndpoint
13 -> AudioServerDestroyStream
14 -> AudioServerGetEndpointBufferSize
15 -> AudioServerGetStreamLatency
16 -> AudioServerSetStreamSampleRate
17 -> AudioServerGetChannelCount
18 -> AudioServerSetChannelVolume
19 -> AudioServerGetChannelVolume
20 -> AudioServerSetAllVolumes
21 -> AudioServerGetAllVolumes
22 -> AudioServerSetAllInitialVolumesWithRamp
23 -> AudioSessionGetId
24 -> AudioSessionGetInstanceId
25 -> AudioSessionGetStreamSwitchId
26 -> AudioSessionGetProcessId
27 -> AudioSessionGetState
28 -> AudioSessionGetLastActivation
29 -> AudioSessionGetLastInactivation
30 -> AudioSessionIsSystemSoundsSession
31 -> AudioSessionGetDisplayOptions
32 -> AudioSessionGetDisplayName
33 -> AudioSessionSetDisplayName
34 -> AudioSessionGetIconPath
35 -> AudioSessionSetIconPath
36 -> AudioSessionGetGroupingParam
37 -> AudioSessionSetGroupingParam
38 -> AudioSessionGetVolume
39 -> AudioSessionSetVolume
40 -> AudioSessionGetMute
41 -> AudioSessionSetMute
42 -> AudioSessionGetChannelCount
43 -> AudioSessionSetChannelVolume
44 -> AudioSessionGetChannelVolume
45 -> AudioSessionSetAllVolumes
46 -> AudioSessionGetAllVolumes
47 -> AudioSessionPropertyStoreCommit
48 -> AudioSessionPropertyStoreGetAt
49 -> AudioSessionPropertyStoreGetCount
50 -> AudioSessionPropertyStoreGetValue
51 -> AudioSessionPropertyStoreSetValue
52 -> AudioSessionSetDuckingPreference
53 -> AudioSessionGetDuckingState
54 -> AudioSessionGetIsComms
55 -> AudioSessionDestroy
56 -> AudioSessionMeterGetPeakValue
57 -> AudioSessionMeterGetMeteringChannelCount
58 -> AudioSessionMeterGetChannelsPeakValues
59 -> AudioSessionSetWindowId
60 -> PolicyConfigGetMixFormat
61 -> PolicyConfigGetDeviceFormat
62 -> PolicyConfigSetDeviceFormat
63 -> PolicyConfigResetDeviceFormat
64 -> PolicyConfigGetProcessingPeriod
65 -> PolicyConfigSetProcessingPeriod
66 -> PolicyConfigGetShareMode
67 -> PolicyConfigSetShareMode
68 -> PolicyConfigGetPropertyValue
69 -> PolicyConfigSetPropertyValue
70 -> PolicyConfigSetDefaultEndpoint
71 -> PolicyConfigSetEndpointVisibility
72 -> PolicyConfigSetEndpointAbilityToBeDefault
73 -> PolicyConfigSetAccessibilityAudioMonoMixState
74 -> PolicyConfigGetAccessibilityAudioMonoMixState
75 -> PolicyConfigValidateSpatialAudioSettings
76 -> PolicyConfigReportSpatialLicenseChanged
77 -> PolicyConfigSetMixedRealitySpatialAudioFormatPolicy
78 -> PolicyConfigGetDeviceFormatAndSpatialSettings
79 -> PolicyConfigSetDeviceSpatialSettings
80 -> PolicyConfigAddDynamicRoutingRule
81 -> PolicyConfigRemoveDynamicRoutingRule
82 -> PolicyConfigUpdateDynamicRoutingRule
83 -> PolicyConfigGetDynamicRoutingRule
84 -> GetAudioSessionManager
85 -> AudioSessionManagerDestroy
86 -> AudioSessionManagerGetAudioSessions
87 -> AudioSessionManagerGetCurrentSession
88 -> AudioSessionManagerGetExistingSession
89 -> AudioSessionManagerGetSessionForStreamSwitch
90 -> AudioSessionManagerAddAudioSessionClientNotification
91 -> AudioSessionManagerDeleteAudioSessionClientNotification
92 -> AudioSessionManagerAddVolumeDuckNotification
93 -> AudioSessionManagerDeleteVolumeDuckNotification
94 -> AudioVolumeConnect
95 -> AudioVolumeDisconnect
96 -> AudioVolumeQueryHardwareSupport
97 -> AudioVolumeGetVolumeRange
98 -> AudioVolumeGetChannelCount
99 -> AudioVolumeSetMasterVolumeLevel
100 -> AudioVolumeSetMasterVolumeLevelScalar
101 -> AudioVolumeGetMasterVolumeLevel
102 -> AudioVolumeGetMasterVolumeLevelScalar
103 -> AudioVolumeSetChannelVolumeLevel
104 -> AudioVolumeSetChannelVolumeLevelScalar
105 -> AudioVolumeGetChannelVolumeLevel
106 -> AudioVolumeGetChannelVolumeLevelScalar
107 -> AudioVolumeSetMute
108 -> AudioVolumeGetMute
109 -> AudioVolumeAddMasterVolumeNotification
110 -> AudioVolumeDeleteMasterVolumeNotification
111 -> AudioMeterGetPeakValue
112 -> AudioMeterGetMeteringChannelCount
113 -> AudioMeterGetChannelsPeakValues
114 -> AudioVolumeGetStepInfo
115 -> AudioVolumeStepUp
116 -> AudioVolumeStepDown
117 -> AudioServerGetBufferSizeLimits
118 -> AudioServerSetLastBufferInProgress
119 -> AudioServerIsRawStreamSupported
120 -> AudioServerDeriveStreamCategory
121 -> AudioServerGetStreamVpoContext
122 -> AudioServerGetEndpointVpoContext
123 -> AudioServerCloseVpoContext
124 -> AudioServerGetCurrentSharedModeEnginePeriod
125 -> AudioServerGetSharedModeEnginePeriod
126 -> AudioServerRequestSpatialDynamicObjects
127 -> AudioServerSetAmbMetadata
128 -> AudioServerSetAmbHeadTracking
129 -> AudioServerGetAmbHeadTracking
130 -> AudioServerSetAmbRotation
131 -> asm_GetApplicationSubmixContext
132 -> asm_GetApplicationSubmixContextFromPID
133 -> asm_GetApplicationSubmixContextForProcessTree
134 -> asm_ApplicationSubmixContextDestroy
135 -> asm_GetApplicationSubmixes
136 -> asm_ApplicationSubmixDestroy
137 -> asm_AudioServerGetApplicationSubmixFormat
138 -> asm_AudioServerGetApplicationSubmixPeriod
139 -> asm_AudioServerGetApplicationSubmixId
140 -> asm_GetApplicationSubmixFromId
141 -> asm_AudioServerInitializeStream
142 -> AudioServerTelephonyControlStartSession
143 -> AudioServerTelephonyControlIsSessionStarted
144 -> AudioServerTelephonyControlEndSession
145 -> AudioServerTelephonyControlSetRoutingPolicy
146 -> AudioServerTelephonyControlGetRoutingPolicy
147 -> AudioServerTelephonyControlSetCallState
148 -> AudioServerTelephonyControlGetCallState
149 -> AudioServerTelephonyControlProviderChange
150 -> AudioServerTelephonyControlSetMute
151 -> AudioServerTelephonyControlGetMute
152 -> AudioServerTelephonyControlSetVOIPMute
153 -> AudioServerTelephonyControlGetVOIPMute
154 -> AudioServerTelephonyControlSetVolume
155 -> AudioServerTelephonyControlGetMaxCallInstanceCount
156 -> AudioServerTelephonyControlGetValidTelephonyInstance
157 -> AudioServerGetAudioHistoryProducerHandle
158 -> AudioServerReleaseAudioHistoryProducerHandle
159 -> AudioServerGetAudioHistoryProducerInfo
160 -> AudioServerPopulateAudioHistoryForStream
161 -> PolicyConfigGetEndpointExtendedSpatialLicenseInfo
RPC 7c69ac10-fa12-4dbf-90d9-c7f1e40f5dc5 (1.6) -- c:\windows\system32\audiosrv.dll
0 -> s_winmmGetPnpInfo
1 -> s_mmeNotifyDeviceStateChanged
2 -> s_mmeNotifyDeviceAdded
3 -> s_mmeNotifyDeviceRemoved
4 -> s_mmeNotifyDefaultDeviceChanged
5 -> s_tsSessionGetAudioProtocol
6 -> s_tsRegisterAudioProtocolNotification
7 -> s_tsUnregisterAudioProtocolNotification
8 -> s_sndevtResolveSoundAlias
9 -> s_pbmRegisterPlaybackManagerNotifications
10 -> s_pbmUnregisterPlaybackManagerNotifications
11 -> s_pbmSetSmtcSubscriptionState
12 -> s_pbmGetSoundLevel
13 -> s_ccCreateHandsfreeHidFileFromAudioId
14 -> s_pbmRegisterAppClosureNotification
15 -> s_pbmUnregisterAppClosureNotification
16 -> s_pbmPlayToStreamStateChanged
17 -> s_pbmIsPlaying
18 -> s_pbmCastingAppStateChanged
19 -> s_pbmVoipCallStateChanged
20 -> s_pbmLaunchBackgroundTask
21 -> s_pbmRegisterAsBackgroundTask
22 -> s_afxOpenAudioEffectsWatcher
23 -> s_afxCloseAudioEffectsWatcher
24 -> s_midiOpenPort
25 -> s_rtgGetDefaultAudioEndpoint
26 -> s_apmRegisterProxyAudioProcess
27 -> s_apmSetDuckingGainForId
28 -> s_apmSetLayoutGainForId
29 -> s_apmSetVolumeGroupGainForId
30 -> s_apmSetVolumeGroupGainScalarForId
31 -> s_apmSetVolumeGroupMuteForId
32 -> s_setRingerVibrateState
33 -> s_getRingerVibrateState
34 -> s_getEmergencyCallbackMode
35 -> s_setEmergencyCallbackMode
36 -> s_apmSetPersistedDefaultAudioEndpoint
37 -> s_apmGetPersistedDefaultAudioEndpoint
38 -> s_apmClearAllPersistedApplicationDefaultEndpoints
39 -> s_apmRegisterAudioStateMonitor
40 -> s_apmUnregisterAudioStateMonitor
41 -> s_apmHandleEuVolumeNotificationResponse
42 -> AudioServerTelephonyControlGetCallStateSync
43 -> AudioServerTelephonyControlGetMuteSync
44 -> s_apmSetBalanceGroupBalanceForId
45 -> s_apmSetPreferredChatApplication
46 -> s_apmResetPreferredChatApplication
47 -> s_CreateHolographicDisplay
48 -> s_DestroyHolographicDisplay
49 -> s_GetHeadRotation
RPC 910562c3-ebd9-46b9-baba-1d45842a0ceb (1.0) -- c:\windows\system32\audiosrv.dll
0 -> s_pbmReportAppInteractivityChange
1 -> CHybridPropertyStore::Commit
2 -> s_pbmAllowMediaPlaybackForApp
3 -> s_CapabilityAccessManagerNotification
4 -> s_pbmRegisterAppManagerNotification
5 -> s_pbmUnregisterAppManagerNotification
6 -> s_pbmReportAppClosing
7 -> s_pbmReportHostedAppStateChange
8 -> s_SetScreenReaderState
9 -> s_pbmSwitchSoftNonInteractiveAppsToHardNonInteractive
10 -> s_pbmReportApplicationState
11 -> s_pbmSetApplicationViewPosition
RPC cba4c918-e55a-46ee-aa62-cade158e9165 (1.0) -- c:\windows\system32\audiosrv.dll
0 -> s_adGetDeviceGraphWnfStateName
RPC c7ce3826-891f-4376-b161-c63d2403142c (1.0) -- c:\windows\system32\audiosrv.dll
0 -> s_RequestHrtfData
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE a8a900c6-da0b-5bcc-a71a-be0b9265d87a (0.0) -- __FITypedEventHandler_2_Windows__CApplicationModel__CPackageCatalog_Windows__CApplicationModel__CPackageInstallingEventArgs
OLE bd636cf1-541f-53ea-8efc-e1604a395b1a (0.0) -- __FITypedEventHandler_2_Windows__CApplicationModel__CPackageCatalog_Windows__CApplicationModel__CPackageUninstallingEventArgs
OLE 2f732065-eff0-4c7c-8fc1-363851b1f1d7 (0.0) -- iaudiographcallback
Endpoints :
ncalrpc : AudioClientRpc
ncalrpc : Audiosrv
ncalrpc : PlaybackManagerRpc
ncalrpc : AudioSrvDiagnosticsRpc
ncalrpc : SpatialSoundDataManagerRpc
ncalrpc : OLEA1694B7BE165BE08A75BA4D67625
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2440 at 0x5319a58L>
64
['SessionEnv']
Interfaces :
RPC c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 (1.0) -- c:\windows\system32\SYSNTFY.dll
0 -> s_OnInitialConnection
1 -> s_OnCreateSession
2 -> s_OnStartScreenSaverAsDefaultUser
3 -> s_OnStopScreenSaverAsDefaultUser
4 -> s_OnLogon
5 -> s_OnLock
6 -> s_OnUnlock
7 -> s_OnStartScreenSaverAsUser
8 -> s_OnStopScreenSaverAsUser
9 -> s_OnDisconnect
10 -> s_OnReconnect
11 -> s_OnLogoff
12 -> s_OnTerminateSession
13 -> s_OnStartShell
14 -> s_OnEndShell
RPC b12fd546-c875-4b41-97d8-950487662202 (1.0) -- c:\windows\system32\sessenv.dll
0 -> RpcCreateUserVhdTemplate
1 -> RpcGetCreateUserProfileVhd
2 -> RpcDestroyUserProfileVhd
3 -> RpcRepairUserProfileVhd
4 -> RpcReEncryptUserCredential
5 -> RpcDeleteFileFromVHD
6 -> RpcSetupVhdForRdv
7 -> RpcCopyRdvFolderFromVhdToHost
8 -> RpcQueryVhdOfflineInformation
RPC 1257b580-ce2f-4109-82d6-a9459d0bf6bc (1.0) -- c:\windows\system32\sessenv.dll
0 -> RpcShadow2
RPC 29770a8f-829b-4158-90a2-78cd488501f7 (1.0) -- c:\windows\system32\sessenv.dll
0 -> TSSDFarmRpcGrantUserTSAccessRight
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : LRPC-b8b4b9a4b26ab9c3dd
ncalrpc : SessEnvPrivateRpc
ncacn_np : \pipe\SessEnvPublicRpc
ncacn_ip_tcp : 49667
ncalrpc : OLEBE26F437DB1B1A053CE2B4E444BD
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2552 at 0x5319160L>
64
['netprofm']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE d0074ffd-570f-4a9b-8d69-199fdba5723b (0.0) -- INetworkListManager
OLE b196b284-bab4-101a-b69c-00aa00341d07 (0.0) -- IConnectionPointContainer
OLE 26656eaa-54eb-4e6f-8f85-4f0ef901a406 (0.0) -- IEnumNetwork
OLE b196b286-bab4-101a-b69c-00aa00341d07 (0.0) -- IConnectionPoint
OLE bcd1de7e-2db1-418b-b047-4a74e101f8c1 (0.0) -- IEnumNetworkInterface
OLE 2a1c9eb2-df62-4154-b800-63278fcb8037 (0.0) -- INetworkInterface
OLE 8a40a45d-055c-4b62-abd7-6d613e2ceaec (0.0) -- INetwork
OLE 55272a00-42cb-11ce-8135-00aa004bb851 (0.0) -- IPropertyBag
Endpoints :
ncalrpc : OLE8BB424308424F763316FA2041545
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2704 at 0x5319940L>
64
['UserManager']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 155eb23b-242a-45e0-a2e9-3171fc6a7fdd (0.0) -- Windows.System.IUserStatics
OLE 252e7f79-acfa-4ea2-9a7e-fa27a8a4d3d9 (0.0) -- Windows.System.Internal.IUserManagerStatics
RPC b18fbab6-56f8-4702-84e0-41053293a869 (1.0) -- c:\windows\system32\usermgr.dll
0 -> svcQueryUserToken
1 -> svcGetConstrainedUserToken
2 -> svcIsAllowedToActivateAsUser
3 -> svcQueryDefaultAccountToken
4 -> svcQuerySessionVirtualAccountToken
5 -> svcLaunchShell
6 -> svcLaunchShellInfrastructureHost
7 -> svcSetShellInformation
8 -> svcInformUserLogon
9 -> svcInformUserLogoff
10 -> svcQueryUserContext
11 -> svcUMLogonUser
12 -> svcQuerySessionUserToken
13 -> svcGetConstrainedUserTokenFromAppcontainer
14 -> svcEnumerateSessionUsers
15 -> svcQueryUserTokenFromName
16 -> svcQueryUserContextFromName
17 -> svcQueryUserTokenFromSid
18 -> svcQueryUserContextFromSid
19 -> svcOpenProcessHandleForAccess
20 -> svcOpenProcessTokenForQuery
21 -> svcUMSetCachedCredentials
22 -> svcUMGetCachedCredentials
23 -> svcInformFlags
24 -> svcChangeSessionUserToken
25 -> svcConnectLocalUser
26 -> svcDisconnectLocalUser
27 -> svcGetImpersonationTokenForContext
28 -> svcGetDefaultSignInAccount
29 -> svcClearDefaultSignInAccount
30 -> svcGetSessionActiveShellUserToken
31 -> svcChangeSessionActiveShellUser
32 -> svcIsCandidateUser
33 -> svcIsEphemeralCandidateUser
34 -> svcGetCandidateAccountCredz
35 -> svcConnectCandidateUser
36 -> svcGetNonCandidateUserSessionIds
37 -> svcGetCandidateUserSessionIds
38 -> svcRefreshCandidateUser
39 -> svcCleanupDisardedCandidateAccounts
RPC 0d3c7f20-1c8d-4654-a1b3-51563b298bda (1.0) -- c:\windows\system32\usermgr.dll
0 -> svcGetUserMarshalData
OLE 100eb64b-b24c-4c38-8964-720d926d05a4 (0.0) -- Windows.System.Internal.ISignInStateManager
OLE 039a83e3-d5bd-491a-9e47-3feba3427a92 (0.0) -- Windows.System.Internal.IUserManagerStatics2
OLE 155eb23b-242a-45e0-a2e9-3171fc6a7fbb (0.0) -- Windows.System.IUserWatcher
OLE df9a26c6-e746-4bcd-b5d4-120103c4209b (0.0) -- Windows.System.IUser
OLE 086459dc-18c6-48db-bc99-724fb9203ccc (0.0) -- Windows.System.IUserChangedEventArgs
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE e44ea1df-bb85-5a8c-bddc-c8e960c355c9 (0.0) -- Windows.Foundation.IAsyncOperation[Windows.Foundation.Collections.IVectorView[Windows.System.User]]
OLE 8cbd762a-1222-5ee5-b745-489e7a42c6ec (0.0) -- Windows.Foundation.Collections.IVectorView[Windows.System.User]
OLE d1bacd1f-0376-5823-8c29-1d45b9f4c191 (0.0) -- Windows.Foundation.Collections.IIterable[Windows.System.User]
OLE 326fe162-582b-5659-b8a4-68ff0f525745 (0.0) -- Windows.Foundation.Collections.IIterator[Windows.System.User]
Endpoints :
ncalrpc : OLEA77733BCBA2363EA22EE88F88799
ncalrpc : LRPC-6aa8542cba4ba33921
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2752 at 0x5319518L>
64
['Winmgmt']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE f309ad18-d86a-11d0-a075-00c04fb68820 (0.0) -- IWbemLevel1Login
OLE d4781cd6-e5d3-44df-ad94-930efe48a887 (0.0) -- IWbemLoginClientID
OLE 9f6c78ef-fce5-42fa-abea-3e7df91921dc (0.0) -- IWbemLoginClientIDEx
OLE 9556dc99-828c-11cf-a37e-00aa003240c7 (0.0) -- IWbemServices
OLE 21cd80a2-b305-4f37-9d4c-4534a8d9b568 (0.0) -- _IWmiProviderFactory
OLE 027947e1-d731-11ce-a357-000000000001 (0.0) -- IEnumWbemClassObject
OLE 1c1c45ee-4395-11d2-b60b-00104b703efd (0.0) -- IWbemFetchSmartEnum
OLE 423ec01e-2e35-11d2-b604-00104b703efd (0.0) -- IWbemWCOSmartEnum
OLE eb658b8a-7a64-4ddc-9b8d-a92610db0206 (0.0) -- _IWmiProviderQuota
OLE 7c857801-7381-11cf-884d-00aa004b2e24 (0.0) -- IWbemObjectSink
OLE a359dec5-e813-4834-8a2a-ba7f1d777d76 (0.0) -- IWbemBackupRestoreEx
OLE 44aca675-e8fc-11d0-a07c-00c04fb68820 (0.0) -- IWbemCallResult
OLE 2c9273e0-1dc3-11d3-b364-00105a1f8177 (0.0) -- IWbemRefreshingServices
OLE e8107bdf-baaf-4c7c-bb5f-9d732e8d8f07 (0.0) -- _IWmiProvSS
OLE b7b31df9-d515-11d3-a11c-00105a1f515a (0.0) -- IWbemShutdown
Endpoints :
ncalrpc : OLE11083159669C9FB82CBA07C20342
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2764 at 0x5319a20L>
64
['WinHttpAutoProxySvc']
Interfaces :
RPC 3473dd4d-2e88-4006-9cba-22570909dd10 (5.1) -- c:\windows\system32\winhttp.dll
0 -> GetProxyForUrl
1 -> ResetAutoProxy
2 -> SaveProxyCredentials
3 -> StoreSavedProxyCredentialsForCurrentUser
4 -> DeleteSavedProxyCredentials
5 -> ReindicateAllProxies
6 -> ReadProxySettings
7 -> WriteProxySettings
8 -> ConnectionUpdateIfIndexTable
9 -> ConnectionSetPolicyEntries
10 -> ConnectionDeletePolicyEntries
RPC 824d8d77-a27f-4915-a536-36e9283dce29 (5.1) -- c:\windows\system32\winhttp.dll
0 -> s_PacWorkerCallbackInitSessionRpc
1 -> s_PacWorkerCallbackCloseSessionRpc
2 -> s_PacWorkerCallbackIsResolvableRpc
3 -> s_PacWorkerCallbackIsResolvableExRpc
4 -> s_PacWorkerCallbackIsInNetRpc
5 -> s_PacWorkerCallbackIsInNetExRpc
6 -> s_PacWorkerCallbackDnsResolveRpc
7 -> s_PacWorkerCallbackDnsResolveExRpc
8 -> s_PacWorkerCallbackMyIpAddressRpc
9 -> s_PacWorkerCallbackMyIpAddressExRpc
10 -> s_PacWorkerCallbackSortIpAddressListRpc
Endpoints :
ncalrpc : LRPC-1106d284665f4b3d5d
ncalrpc : a13b2b26-4e2b-4250-bff3-06ba3da81956
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2252 at 0x5319240L>
64
['Wcmsvc']
Interfaces :
RPC abfb6ca3-0c5e-4734-9285-0aee72fe8d1c (1.0) -- c:\windows\system32\wcmsvc.dll
0 -> RpcOpenHandle
1 -> RpcCloseHandle
2 -> RpcEnumInterfaces
3 -> RpcQueryParameter
4 -> RpcSetParameter
5 -> RpcQueryPublicParameter
6 -> RpcSetPublicParameter
7 -> RpcSetProfileList
8 -> RpcGetProfileList
9 -> RpcGetProfileListByPurpose
10 -> RpcGetTokens
11 -> RpcOrderConnection
12 -> RpcBeginIgnoreProfileList
13 -> RpcResetIgnoreProfileList
14 -> RpcEndIgnoreProfileList
15 -> RpcOpenOnDemandRequestHandle
16 -> RpcOpenOnDemandRequestHandleByWwanProfileName
17 -> RpcStartOnDemandRequest
18 -> RpcCancelOnDemandRequest
19 -> RpcCloseOnDemandRequestHandle
20 -> RpcQueryOnDemandRequestStateInfo
RPC b37f900a-eae4-4304-a2ab-12bb668c0188 (1.0) -- c:\windows\system32\wcmsvc.dll
0 -> RpcRegisterForNotifications
1 -> RpcGetPendingNotification
2 -> RpcCloseNotificationsHandle
3 -> RpcAcquireSelectableConnectionAsync
4 -> RpcReleaseSelectableConnection
5 -> RpcGetSelectableConnectionList
6 -> RpcGetInterfaceContextTable
7 -> RpcAddRoutePolicy
8 -> RpcRemoveRoutePolicy
9 -> RpcRemoveMatchingRoutePolicy
10 -> RpcGetRoutingHint
11 -> RpcCheckCapabilityStatus
RPC e7f76134-9ef5-4949-a2d6-3368cc0988f3 (1.0) -- c:\windows\system32\wcmsvc.dll
0 -> RpcEnterConnectedStandby
1 -> RpcExitConnectedStandby
2 -> RpcEnterNetQuiet
3 -> RpcExitNetQuiet
RPC 7aeb6705-3ae6-471a-882d-f39c109edc12 (1.0) -- c:\windows\system32\wcmsvc.dll
0 -> RpcSetOperatorDataplanStatus
1 -> RpcSetOperatorConnectionCost
2 -> RpcSetOperatorCycleData
RPC f44e62af-dab1-44c2-8013-049a9de417d6 (1.0) -- c:\windows\system32\wcmsvc.dll
0 -> RpcUpdateCapabilityAccess
1 -> RpcDeprovisionCapability
RPC c2d1b5dd-fa81-4460-9dd6-e7658b85454b (1.0) -- c:\windows\system32\wcmsvc.dll
0 -> RpcSetProxyInformation
1 -> RpcDeleteProxyInformation
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : LRPC-96b557c995f0059b6f
ncalrpc : OLE961E91843456DD6F0DD0A79DF5BB
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2464 at 0x5319978L>
64
['DusmSvc']
Interfaces :
RPC c27f3c08-92ba-478c-b446-b419c4cef0e2 (1.0) -- c:\windows\system32\dusmsvc.dll
0 -> DusmRpcEnumConnectionList
1 -> DusmRpcEnumProfileList
2 -> DusmRpcQueryConnectionProperties
3 -> DusmRpcQueryCost
4 -> DusmRpcQueryUserCost
5 -> DusmRpcQueryOperatorCost
6 -> DusmRpcSetUserCost
7 -> DusmRpcSetOperatorCost
8 -> DusmRpcQueryDataPlan
9 -> DusmRpcQueryUserDataPlan
10 -> DusmRpcQueryOperatorDataPlan
11 -> DusmRpcSetUserDataPlan
12 -> DusmRpcSetOperatorDataPlan
13 -> DusmRpcQuerySource
14 -> DusmRpcSetSource
15 -> DusmRpcQueryBackgroundRestriction
16 -> DusmRpcSetBackgroundRestriction
17 -> DusmRpcQueryGlobalDpuState
18 -> DusmRpcGetAttributedNetworkUsage
19 -> DusmRpcGetConnectionListNetworkUsage
20 -> DusmRpcGetNetworkUsage
21 -> DusmRpcGetProviderNetworkUsage
22 -> DusmRpcSetAttributionMapping
23 -> DusmRpcResetNetworkUsage
24 -> DusmRpcFlushCostCache
Endpoints :
ncalrpc : LRPC-fe377b929e997d74df
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2608 at 0x5319c88L>
64
['ShellHWDetection']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 3b0f86b5-8113-439d-b2a3-2766c839d073 (0.0) -- IHardwareDevices
OLE 1c0eb79b-2cde-44ec-bb35-fc471024c13c (0.0) -- IHardwareDevicesVolumesEnum
OLE ee93d145-9b4e-480c-8385-1e8119a6f7b2 (0.0) -- IHardwareDevicesMountPointsEnum
Endpoints :
ncalrpc : OLE28559BD9733DFB8A3F87F8481E47
--------------------------------------------------------------------------------
<WinProcess "spoolsv.exe" pid 3012 at 0x5319d68L>
64
['Spooler']
Interfaces :
RPC 12345678-1234-abcd-ef00-0123456789ab (1.0) -- C:\windows\System32\spoolsv.exe
0 -> RpcEnumPrinters
1 -> RpcOpenPrinter
2 -> RpcSetJob
3 -> RpcGetJob
4 -> RpcEnumJobs
5 -> RpcAddPrinter
6 -> RpcDeletePrinter
7 -> RpcSetPrinter
8 -> RpcGetPrinter
9 -> RpcAddPrinterDriver
10 -> RpcEnumPrinterDrivers
11 -> RpcGetPrinterDriver
12 -> RpcGetPrinterDriverDirectory
13 -> RpcDeletePrinterDriver
14 -> RpcAddPrintProcessor
15 -> RpcEnumPrintProcessors
16 -> RpcGetPrintProcessorDirectory
17 -> RpcStartDocPrinter
18 -> RpcStartPagePrinter
19 -> RpcWritePrinter
20 -> RpcEndPagePrinter
21 -> RpcAbortPrinter
22 -> RpcReadPrinter
23 -> RpcEndDocPrinter
24 -> RpcAddJob
25 -> RpcScheduleJob
26 -> RpcGetPrinterData
27 -> RpcSetPrinterData
28 -> RpcWaitForPrinterChange
29 -> RpcClosePrinter
30 -> RpcAddForm
31 -> RpcDeleteForm
32 -> RpcGetForm
33 -> RpcSetForm
34 -> RpcEnumForms
35 -> RpcEnumPorts
36 -> RpcEnumMonitors
37 -> RpcAddPort
38 -> RpcConfigurePort
39 -> RpcDeletePort
40 -> RpcCreatePrinterIC
41 -> RpcPlayGdiScriptOnPrinterIC
42 -> RpcDeletePrinterIC
43 -> RpcAddPrinterConnection
44 -> RpcDeletePrinterConnection
45 -> RpcPrinterMessageBox
46 -> RpcAddMonitor
47 -> RpcDeleteMonitor
48 -> RpcDeletePrintProcessor
49 -> RpcAddPrintProvidor
50 -> RpcDeletePrintProvidor
51 -> RpcEnumPrintProcessorDatatypes
52 -> RpcResetPrinter
53 -> RpcGetPrinterDriver2
54 -> RpcClientFindFirstPrinterChangeNotification
55 -> RpcFindNextPrinterChangeNotification
56 -> RpcFindClosePrinterChangeNotification
57 -> NThreadingLibrary::TWorkItem::NotifyCancel
58 -> RpcReplyOpenPrinter
59 -> RpcRouterReplyPrinter
60 -> RpcReplyClosePrinter
61 -> RpcAddPortEx
62 -> RpcRemoteFindFirstPrinterChangeNotification
63 -> RpcSetAllocFailCount
64 -> RpcResetPrinterEx
65 -> RpcRemoteFindFirstPrinterChangeNotificationEx
66 -> RpcRouterReplyPrinterEx
67 -> RpcRouterRefreshPrinterChangeNotification
68 -> RpcSetAllocFailCount
69 -> RpcOpenPrinterEx
70 -> RpcAddPrinterEx
71 -> RpcSetPort
72 -> RpcEnumPrinterData
73 -> RpcDeletePrinterData
74 -> NThreadingLibrary::TWorkItem::NotifyCancel
75 -> NThreadingLibrary::TWorkItem::NotifyCancel
76 -> NThreadingLibrary::TWorkItem::NotifyCancel
77 -> RpcSetPrinterDataEx
78 -> RpcGetPrinterDataEx
79 -> RpcEnumPrinterDataEx
80 -> RpcEnumPrinterKey
81 -> RpcDeletePrinterDataEx
82 -> RpcDeletePrinterKey
83 -> RpcSeekPrinter
84 -> RpcDeletePrinterDriverEx
85 -> RpcAddPerMachineConnection
86 -> RpcDeletePerMachineConnection
87 -> RpcEnumPerMachineConnections
88 -> RpcXcvData
89 -> RpcAddPrinterDriverEx
90 -> RpcSplOpenPrinter
91 -> RpcGetSpoolFileInfo
92 -> RpcCommitSpoolData
93 -> RpcGetSpoolFileInfo2
94 -> RpcCommitSpoolData2
95 -> RpcCloseSpoolFileHandle
96 -> RpcFlushPrinter
97 -> RpcSendRecvBidiData
98 -> RpcAddDriverCatalog
99 -> RpcAddPrinterConnection2
100 -> RpcInstallPrinterDriverFromPackage
101 -> RpcUploadPrinterDriverPackage
102 -> RpcGetCorePrinterDrivers
103 -> RpcCorePrinterDriverInstalled
104 -> RpcGetPrinterDriverPackagePath
105 -> RpcDeletePrinterDriverPackage
106 -> RpcFindCompatibleDriver
107 -> RpcReportJobProcessingProgress
108 -> RpcSetSpoolerPolicy
109 -> RpcInternalGetPrinterDriver
110 -> RpcGetJobNamedPropertyValue
111 -> RpcSetJobNamedProperty
112 -> RpcDeleteJobNamedProperty
113 -> RpcEnumJobNamedProperties
114 -> RpcCreateAppSandbox
115 -> RpcGetUserPropertyBag
116 -> RpcLogJobInfoForBranchOffice
RPC 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 (1.0) -- C:\windows\System32\spoolsv.exe
0 -> IRPCAsyncNotify_RegisterClient
1 -> IRPCAsyncNotify_UnregisterClient
2 -> IRPCAsyncNotify_GetServerRefferal
3 -> IRPCAsyncNotify_GetNewChannel
4 -> IRPCAsyncNotify_GetNotificationSendResponse
5 -> IRPCAsyncNotify_GetNotification
6 -> IRPCAsyncNotify_CloseChannel
RPC ae33069b-a2a8-46ee-a235-ddfd339be281 (1.0) -- C:\windows\System32\spoolsv.exe
0 -> IRPCRemoteObject_Create
1 -> IRPCRemoteObject_Delete
RPC 4a452661-8290-4b36-8fbe-7f4093a94978 (1.0) -- C:\windows\System32\spoolsv.exe
0 -> IRPCAsyncNotifyChannel_CreateChannel
1 -> IRPCAsyncNotifyChannel_SendNotification
2 -> IRPCAsyncNotifyChannel_SendNotificationGetResponse
3 -> IRPCAsyncNotifyChannel_CloseChannel
RPC 76f03f96-cdfd-44fc-a22c-64950a001209 (1.0) -- C:\windows\System32\spoolsv.exe
0 -> RpcAsyncOpenPrinter
1 -> RpcAsyncAddPrinter
2 -> RpcAsyncSetJob
3 -> RpcAsyncGetJob
4 -> RpcAsyncEnumJobs
5 -> RpcAsyncAddJob
6 -> RpcAsyncScheduleJob
7 -> RpcAsyncDeletePrinter
8 -> RpcAsyncSetPrinter
9 -> RpcAsyncGetPrinter
10 -> RpcAsyncStartDocPrinter
11 -> RpcAsyncStartPagePrinter
12 -> RpcAsyncWritePrinter
13 -> RpcAsyncEndPagePrinter
14 -> RpcAsyncEndDocPrinter
15 -> RpcAsyncAbortPrinter
16 -> RpcAsyncGetPrinterData
17 -> RpcAsyncGetPrinterDataEx
18 -> RpcAsyncSetPrinterData
19 -> RpcAsyncSetPrinterDataEx
20 -> RpcAsyncClosePrinter
21 -> RpcAsyncAddForm
22 -> RpcAsyncDeleteForm
23 -> RpcAsyncGetForm
24 -> RpcAsyncSetForm
25 -> RpcAsyncEnumForms
26 -> RpcAsyncGetPrinterDriver
27 -> RpcAsyncEnumPrinterData
28 -> RpcAsyncEnumPrinterDataEx
29 -> RpcAsyncEnumPrinterKey
30 -> RpcAsyncDeletePrinterData
31 -> RpcAsyncDeletePrinterDataEx
32 -> RpcAsyncDeletePrinterKey
33 -> RpcAsyncXcvData
34 -> RpcAsyncSendRecvBidiData
35 -> RpcAsyncCreatePrinterIC
36 -> RpcAsyncPlayGdiScriptOnPrinterIC
37 -> RpcAsyncDeletePrinterIC
38 -> RpcAsyncEnumPrinters
39 -> RpcAsyncAddPrinterDriver
40 -> RpcAsyncEnumPrinterDrivers
41 -> RpcAsyncGetPrinterDriverDirectory
42 -> RpcAsyncDeletePrinterDriver
43 -> RpcAsyncDeletePrinterDriverEx
44 -> RpcAsyncAddPrintProcessor
45 -> RpcAsyncEnumPrintProcessors
46 -> RpcAsyncGetPrintProcessorDirectory
47 -> RpcAsyncEnumPorts
48 -> RpcAsyncEnumMonitors
49 -> RpcAsyncAddPort
50 -> RpcAsyncSetPort
51 -> RpcAsyncAddMonitor
52 -> RpcAsyncDeleteMonitor
53 -> RpcAsyncDeletePrintProcessor
54 -> RpcAsyncEnumPrintProcessorDatatypes
55 -> RpcAsyncAddPerMachineConnection
56 -> RpcAsyncDeletePerMachineConnection
57 -> RpcAsyncEnumPerMachineConnections
58 -> RpcSyncRegisterForRemoteNotifications
59 -> RpcSyncUnRegisterForRemoteNotifications
60 -> RpcSyncRefreshRemoteNotifications
61 -> RpcAsyncGetRemoteNotifications
62 -> RpcAsyncInstallPrinterDriverFromPackage
63 -> RpcAsyncUploadPrinterDriverPackage
64 -> RpcAsyncGetCorePrinterDrivers
65 -> RpcAsyncCorePrinterDriverInstalled
66 -> RpcAsyncGetPrinterDriverPackagePath
67 -> RpcAsyncDeletePrinterDriverPackage
68 -> RpcAsyncReadPrinter
69 -> RpcAsyncResetPrinter
70 -> RpcAsyncGetJobNamedPropertyValue
71 -> RpcAsyncSetJobNamedProperty
72 -> RpcAsyncDeleteJobNamedProperty
73 -> RpcAsyncEnumJobNamedProperties
74 -> RpcAsyncLogJobInfoForBranchOffice
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : LRPC-a7109f2c2cdeefba97
ncacn_np : \pipe\spoolss
ncacn_ip_tcp : 49676
ncalrpc : OLE2D77958200DDBE189A720E9EED55
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3120 at 0x5319eb8L>
64
['BFE', 'mpssvc']
Interfaces :
RPC dd490425-5325-4565-b774-7e27d6c09c24 (1.0) -- c:\windows\system32\bfe.dll
0 -> BfeRpcGetNextNotificationBatch
1 -> BfeRpcNotifyComplete
2 -> BfeRpcEngineOpen
3 -> BfeRpcEngineClose
4 -> BfeRpcEngineGetOption
5 -> BfeRpcEngineSetOption
6 -> BfeRpcEngineGetSecurityInfo
7 -> BfeRpcEngineSetSecurityInfo
8 -> BfeRpcSessionCreateEnumHandle
9 -> BfeRpcAleEndpointEnum
10 -> BfeRpcAleEndpointDestroyEnumHandle
11 -> BfeRpcTransactionBegin
12 -> BfeRpcTransactionCommit
13 -> BfeRpcTransactionAbort
14 -> BfeRpcProviderAdd
15 -> BfeRpcProviderDeleteByKey
16 -> BfeRpcProviderGetByKey
17 -> BfeRpcProviderCreateEnumHandle
18 -> BfeRpcAleEndpointEnum
19 -> BfeRpcAleEndpointDestroyEnumHandle
20 -> BfeRpcProviderGetSecurityInfoByKey
21 -> BfeRpcProviderSetSecurityInfoByKey
22 -> BfeRpcProviderSubscribeChanges
23 -> BfeRpcProviderUnsubscribeChanges
24 -> BfeRpcProviderSubscriptionsGet
25 -> BfeRpcProviderContextAdd
26 -> BfeRpcProviderContextDeleteById
27 -> BfeRpcProviderContextDeleteByKey
28 -> BfeRpcProviderContextGetById
29 -> BfeRpcProviderContextGetByKey
30 -> BfeRpcProviderContextCreateEnumHandle
31 -> BfeRpcAleEndpointEnum
32 -> BfeRpcAleEndpointDestroyEnumHandle
33 -> BfeRpcProviderContextGetSecurityInfoByKey
34 -> BfeRpcProviderContextSetSecurityInfoByKey
35 -> BfeRpcProviderContextSubscribeChanges
36 -> BfeRpcProviderContextUnsubscribeChanges
37 -> BfeRpcProviderContextSubscriptionsGet
38 -> BfeRpcSubLayerAdd
39 -> BfeRpcSubLayerDeleteByKey
40 -> BfeRpcSubLayerGetByKey
41 -> BfeRpcSubLayerCreateEnumHandle
42 -> BfeRpcAleEndpointEnum
43 -> BfeRpcAleEndpointDestroyEnumHandle
44 -> BfeRpcSubLayerGetSecurityInfoByKey
45 -> BfeRpcSubLayerSetSecurityInfoByKey
46 -> BfeRpcSubLayerSubscribeChanges
47 -> BfeRpcSubLayerUnsubscribeChanges
48 -> BfeRpcSubLayerSubscriptionsGet
49 -> BfeRpcLayerGetById
50 -> BfeRpcLayerGetByKey
51 -> BfeRpcLayerCreateEnumHandle
52 -> BfeRpcAleEndpointEnum
53 -> BfeRpcAleEndpointDestroyEnumHandle
54 -> BfeRpcLayerGetSecurityInfoByKey
55 -> BfeRpcLayerSetSecurityInfoByKey
56 -> BfeRpcCalloutAdd
57 -> BfeRpcCalloutDeleteById
58 -> BfeRpcCalloutDeleteByKey
59 -> BfeRpcCalloutGetById
60 -> BfeRpcCalloutGetByKey
61 -> BfeRpcCalloutCreateEnumHandle
62 -> BfeRpcAleEndpointEnum
63 -> BfeRpcAleEndpointDestroyEnumHandle
64 -> BfeRpcCalloutGetSecurityInfoByKey
65 -> BfeRpcCalloutSetSecurityInfoByKey
66 -> BfeRpcCalloutSubscribeChanges
67 -> BfeRpcCalloutUnsubscribeChanges
68 -> BfeRpcCalloutSubscriptionsGet
69 -> BfeRpcFilterAdd
70 -> BfeRpcFilterDeleteById
71 -> BfeRpcFilterDeleteByKey
72 -> BfeRpcFilterGetById
73 -> BfeRpcFilterGetByKey
74 -> BfeRpcFilterCreateEnumHandle
75 -> BfeRpcAleEndpointEnum
76 -> BfeRpcAleEndpointDestroyEnumHandle
77 -> BfeRpcFilterGetSecurityInfoByKey
78 -> BfeRpcFilterSetSecurityInfoByKey
79 -> BfeRpcFilterSubscribeChanges
80 -> BfeRpcFilterUnsubscribeChanges
81 -> BfeRpcFilterSubscriptionsGet
82 -> BfeRpcBfeIPsecOffloadDone
83 -> BfeRpcBfeIPsecDosFWUsed
84 -> BfeRpcBfeIPsecGetStatistics
85 -> BfeRpcBfeIPsecSaContextCreate
86 -> BfeRpcBfeIPsecSaContextDeleteById
87 -> BfeRpcBfeIPsecSaContextGetById
88 -> BfeRpcBfeIPsecSaContextGetOrSetSpi
89 -> BfeRpcBfeIPsecSaContextAddInbound
90 -> BfeRpcBfeIPsecSaContextAddOutbound
91 -> BfeRpcBfeIPsecSaContextUpdate
92 -> BfeRpcBfeIPsecSaContextExpire
93 -> BfeRpcBfeIPsecSaContextCreateEnumHandle
94 -> BfeRpcAleEndpointEnum
95 -> BfeRpcAleEndpointDestroyEnumHandle
96 -> BfeRpcBfeIPsecSaContextSubscribe
97 -> BfeRpcBfeIPsecSaContextUnsubscribe
98 -> BfeRpcBfeIPsecSaContextSubscriptionsGet
99 -> BfeRpcBfeIPsecSaCreateEnumHandle
100 -> BfeRpcAleEndpointEnum
101 -> BfeRpcAleEndpointDestroyEnumHandle
102 -> BfeRpcBfeIPsecSaDbGetSecurityInfo
103 -> BfeRpcBfeIPsecSaDbSetSecurityInfo
104 -> BfeRpcBfeIPsecDospGetStatistics
105 -> BfeRpcBfeIPsecDospStateCreateEnumHandle
106 -> BfeRpcAleEndpointEnum
107 -> BfeRpcBfeIPsecDospStateDestroyEnumHandle
108 -> BfeRpcBfeIPsecDospGetSecurityInfo
109 -> BfeRpcBfeIPsecDospSetSecurityInfo
110 -> BfeRpcNetEventCreateEnumHandle
111 -> BfeRpcAleEndpointEnum
112 -> BfeRpcAleEndpointDestroyEnumHandle
113 -> BfeRpcNetEventsGetSecurityInfo
114 -> BfeRpcNetEventsSetSecurityInfo
115 -> BfeRpcNetEventSubscribe
116 -> BfeRpcNetEventUnsubscribe
117 -> BfeRpcNetEventSubscriptionsGet
118 -> BfeRpcNetEventsLost
119 -> BfeRpcConnectionGetById
120 -> BfeRpcConnectionGetByIPsecInfo
121 -> BfeRpcConnectionGetByS2STunnelId
122 -> BfeRpcConnectionCreateEnumHandle
123 -> BfeRpcAleEndpointEnum
124 -> BfeRpcAleEndpointDestroyEnumHandle
125 -> BfeRpcConnectionGetSecurityInfo
126 -> BfeRpcConnectionSetSecurityInfo
127 -> BfeRpcConnectionGetS2STunnelId
128 -> BfeRpcConnectionSubscribe
129 -> BfeRpcConnectionUnsubscribe
130 -> BfeRpcConnectionSubscriptionsGet
131 -> BfeRpcConnectionsLost
132 -> BfeRpcClassify
133 -> BfeRpcAddLayerReplica
134 -> BfeRpcDeleteLayerReplica
135 -> BfeRpcSecureSocketAdd
136 -> BfeRpcBfeIPsecTunnelDeleteByKey
137 -> BfeRpcBfeIPsecTunnelAdd
138 -> BfeRpcBfeIPsecTunnelAddConditions
139 -> BfeRpcBfeIPsecS2STunnelAddConditions
140 -> BfeRpcBfeIPsecS2STunnelRemoveConditions
141 -> BfeRpcBfeIPsecTunnelDeleteByKey
142 -> BfeRpcBfeIPsecS2STunnelAddInterfaceToCompartment
143 -> BfeRpcBfeIPsecS2STunnelGetInterfaceForCompartment
144 -> BfeRpcBfeIPsecS2STunnelRemoveInterfaceFromCompartment
145 -> BfeRpcBfeIPsecSaInitiateAsync
146 -> BfeRpcOpenToken
147 -> BfeRpcCloseToken
148 -> BfeRpcAleExplicitCredentialsQuery
149 -> BfeRpcAleEndpointGetById
150 -> BfeRpcAleEndpointCreateEnumHandle
151 -> BfeRpcAleEndpointEnum
152 -> BfeRpcAleEndpointDestroyEnumHandle
153 -> BfeRpcAleEndpointGetSecurityInfo
154 -> BfeRpcAleEndpointSetSecurityInfo
155 -> BfeRpcAleGetPortStatus
156 -> BfeRpcIsUserAuthConfigured
157 -> BfeRpcKeyModuleAdd
158 -> BfeRpcKeyModuleDeleteByKey
159 -> BfeRpcKeyModuleUpdateAcquire
160 -> BfeRpcKeyDictatorCheck
161 -> BfeRpcGetKeyFromDictator
162 -> BfeRpcNotifyKey
163 -> BfeRpcKeyManagerAdd
164 -> BfeRpcKeyManagerDeleteByKey
165 -> BfeRpcKeyManagersGet
166 -> BfeRpcKeyManagerGetSecurityInfoByKey
167 -> BfeRpcKeyManagerSetSecurityInfoByKey
168 -> BfeRpcvSwitchEventFire
169 -> BfeRpcvSwitchEventsGetSecurityInfo
170 -> BfeRpcvSwitchEventsSetSecurityInfo
171 -> BfeRpcvSwitchEventSubscribe
172 -> BfeRpcvSwitchEventUnsubscribe
173 -> BfeRpcvSwitchEventSubscriptionsGet
174 -> BfeRpcBfeIPsecDriverInitiateAcquire
175 -> BfeRpcBfeIPsecDriverExpire
176 -> BfeRpcBfeIPsecDriverSaOffloaded
177 -> BfeRpcBfeIPsecDriverProcessClearTextResponse
178 -> BfeRpcBfeProcessNameResolutionEvent
179 -> BfeRpcVpnTriggerEventFire
180 -> BfeRpcVpnTriggerEventSubscribe
181 -> BfeRpcVpnTriggerEventUnsubscribe
182 -> BfeRpcVpnTriggerAddAppSids
183 -> BfeRpcVpnTriggerRemoveAppSids
184 -> BfeRpcVpnTriggerAddFilePaths
185 -> BfeRpcVpnTriggerRemoveFilePaths
186 -> BfeRpcVpnTriggerAddSecurityDescriptor
187 -> BfeRpcVpnTriggerRemoveSecurityDescriptor
188 -> BfeRpcVpnTriggerSetStateDisconnected
189 -> BfeRpcVpnTriggerInitializeNrptTriggering
190 -> BfeRpcVpnTriggerUninitializeNrptTriggering
191 -> BfeRpcVpnTriggerResetNrptTriggering
192 -> BfeRpcVpnTriggerConfigureParameters
193 -> BfeRpcBitmapIndexGet
194 -> BfeRpcBitmapIndexFree
RPC 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 (1.0) -- c:\windows\system32\mpssvc.dll
0 -> RPC_FWIndicatePortInUse
1 -> RPC_FWGetIndicatedPortInUse
2 -> RPC_FWIndicateTupleInUse
3 -> RPC_FWResetIndicatedTupleInUse
4 -> RPC_FWIndicateProxyForUrl
5 -> CNetProfileEventSink::NetworkAdded
6 -> RPC_FWIsTargetAProxy
7 -> RPC_NetworkIsolationSetupAppContainerBinaries
8 -> RPC_NetworkIsolationRegisterForAppContainerChanges
9 -> Rpc_NetworkIsolationRegistrationGetLastEvent
10 -> RPC_NetworkIsolationUnregisterForAppContainerChanges
11 -> RPC_NetworkIsolationGetAppContainer
12 -> RPC_NetworkIsolationEnumAppContainers
13 -> RPC_NetworkIsolationAddAllowEnterpriseIdRule
14 -> RPC_NetworkIsolationCreateAllInterfacesContainer
15 -> RPC_NetworkIsolationCreateInterfaceContainer
16 -> RPC_NetworkIsolationDeleteAllInterfacesContainer
17 -> RPC_NetworkIsolationDeleteInterfaceContainer
RPC f47433c3-3e9d-4157-aad4-83aa1f5c2d4c (1.0) -- c:\windows\system32\mpssvc.dll
0 -> RPC_NetworkIsolationDiagnoseConnectFailure
1 -> RPC_NetworkIsolationGetEnterpriseIdAsync
2 -> RPC_NetworkIsolationCreateContainer
3 -> RPC_NetworkIsolationDeleteContainer
4 -> RPC_NetworkIsolationGetAppContainerConfig
5 -> RPC_NetworkIsolationSetAppContainerConfig
6 -> RPC_NetworkIsolationCreateAppContainer
7 -> RPC_NetworkIsolationDeleteAppContainer
8 -> RPC_NetworkIsolationCreateAppContainerLoopbackRules
9 -> RPC_NetworkIsolationDeleteAppContainerLoopbackRules
RPC 2fb92682-6599-42dc-ae13-bd2ca89bd11c (1.0) -- c:\windows\system32\mpssvc.dll
0 -> RPC_FWOpenPolicyStore
1 -> RPC_FWClosePolicyStore
2 -> RPC_FWRestoreDefaults
3 -> RPC_FWGetGlobalConfig
4 -> RPC_FWSetGlobalConfig
5 -> RPC_FWAddFirewallRule
6 -> RPC_FWSetFirewallRule
7 -> RPC_FWDeleteFirewallRule
8 -> RPC_FWDeleteAllFirewallRules
9 -> RPC_FWEnumFirewallRules
10 -> RPC_FWGetConfig
11 -> RPC_FWSetConfig
12 -> RPC_FWNotifyUnsupportedAttempt
13 -> RPC_FWAddConnectionSecurityRule
14 -> RPC_FWSetConnectionSecurityRule
15 -> RPC_FWDeleteConnectionSecurityRule
16 -> RPC_FWDeleteAllConnectionSecurityRules
17 -> RPC_FWEnumConnectionSecurityRules
18 -> RPC_FWAddAuthenticationSet
19 -> RPC_FWSetAuthenticationSet
20 -> RPC_FWDeleteAuthenticationSet
21 -> RPC_FWDeleteAllAuthenticationSets
22 -> RPC_FWEnumAuthenticationSets
23 -> RPC_FWAddCryptoSet
24 -> RPC_FWSetCryptoSet
25 -> RPC_FWDeleteCryptoSet
26 -> RPC_FWDeleteAllCryptoSets
27 -> RPC_FWEnumCryptoSets
28 -> RPC_FWEnumPhase1SAs
29 -> RPC_FWEnumPhase2SAs
30 -> RPC_FWDeletePhase1SAs
31 -> RPC_FWDeletePhase2SAs
32 -> RPC_FWRegisterProduct
33 -> RPC_FWUnregisterProduct
34 -> RPC_FWEnumProducts
35 -> RPC_FWAddMainModeRule
36 -> RPC_FWSetMainModeRule
37 -> RPC_FWDeleteMainModeRule
38 -> RPC_FWDeleteAllMainModeRules
39 -> RPC_FWEnumMainModeRules
40 -> RPC_FWQueryFirewallRules
41 -> RPC_FWQueryConnectionSecurityRules2_10
42 -> RPC_FWQueryMainModeRules
43 -> RPC_FWQueryAuthenticationSets
44 -> RPC_FWQueryCryptoSets
45 -> RPC_FWEnumNetworks
46 -> RPC_FWEnumAdapters
47 -> RPC_FWGetGlobalConfig2_10
48 -> RPC_FWGetConfig2_10
49 -> RPC_FWAddFirewallRule2_10
50 -> RPC_FWSetFirewallRule2_10
51 -> RPC_FWEnumFirewallRules2_10
52 -> RPC_FWAddConnectionSecurityRule2_10
53 -> RPC_FWSetConnectionSecurityRule2_10
54 -> RPC_FWEnumConnectionSecurityRules2_10
55 -> RPC_FWAddAuthenticationSet2_10
56 -> RPC_FWSetAuthenticationSet2_10
57 -> RPC_FWEnumAuthenticationSets2_10
58 -> RPC_FWAddCryptoSet2_10
59 -> RPC_FWSetCryptoSet2_10
60 -> RPC_FWEnumCryptoSets2_10
61 -> RPC_FWDiagGetAppList
62 -> RPC_FWAddConnectionSecurityRule2_20
63 -> RPC_FWSetConnectionSecurityRule2_20
64 -> RPC_FWEnumConnectionSecurityRules2_20
65 -> RPC_FWQueryConnectionSecurityRules2_20
66 -> RPC_FWAddAuthenticationSet2_20
67 -> RPC_FWSetAuthenticationSet2_20
68 -> RPC_FWEnumAuthenticationSets2_20
69 -> RPC_FWQueryAuthenticationSets2_20
70 -> RPC_FWAddFirewallRule2_20
71 -> RPC_FWSetFirewallRule2_20
72 -> RPC_FWEnumFirewallRules2_20
73 -> RPC_FWQueryFirewallRules2_20
74 -> RPC_FWQueryIsolationType
75 -> RPC_FWSelectConSecRule
76 -> RPC_FWAddFirewallRule2_24
77 -> RPC_FWSetFirewallRule2_24
78 -> RPC_FWEnumFirewallRules2_24
79 -> RPC_FWQueryFirewallRules2_24
80 -> RPC_FWAddFirewallRule2_25
81 -> RPC_FWSetFirewallRule2_25
82 -> RPC_FWEnumFirewallRules2_25
83 -> RPC_FWQueryFirewallRules2_25
84 -> RPC_FWAddFirewallRule2_26
85 -> RPC_FWSetFirewallRule2_26
86 -> RPC_FWEnumFirewallRules2_26
87 -> RPC_FWQueryFirewallRules2_26
88 -> RPC_FWAddFirewallRule2_27
89 -> RPC_FWSetFirewallRule2_27
90 -> RPC_FWEnumFirewallRules2_27
91 -> RPC_FWQueryFirewallRules2_27
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 1299cf18-c4f5-4b6a-bb0f-2299f0398e27 (0.0) -- INotifyNetworkListManagerEvents
OLE 22d2e146-1a68-40b8-949c-8fd848b415e6 (0.0) -- INotifyNetworkEvents
OLE 2abc0864-9677-42e5-882a-d415c556c284 (0.0) -- INotifyNetworkInterfaceEvents
OLE 733b7764-5c0c-4ad6-bb4b-d0585e993e0e (0.0) -- INotifyNetworkGlobalCostEvents
Endpoints :
ncalrpc : LRPC-ed9d7ac604d40c5ebd
ncalrpc : LRPC-f160739feac8ff62a5
ncalrpc : LRPC-ea0c57f873808f128d
ncalrpc : LRPC-f0d73120b1337b746d
ncalrpc : OLE1A85C7A80535A4E0EF0B2D03A60F
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3196 at 0x5319d30L>
64
['CryptSvc']
Interfaces :
RPC 0d72a7d4-6148-11d1-b4aa-00c04fb66ea0 (1.0) -- c:\windows\system32\cryptsvc.dll
0 -> s_SSCertProtectFunction
RPC 2579ff35-0ab0-4e5a-88fa-1d88c4e0cb92 (2.0) -- C:\Windows\System32\crypttpmeksvc.dll
0 -> s_SSTpmEndorsementKeyGetInfo
1 -> s_SSTpmEndorsementKeyDecryptChallenge
2 -> s_SSTpmAttestationCapable
3 -> s_SSTpmGetAttestationForAik
4 -> s_SSTpmGetManufacturerInfo
RPC f50aac00-c7f3-428e-a022-a6b71bfb9d43 (2.0) -- C:\Windows\System32\cryptcatsvc.dll
0 -> s_SSCatDBAddCatalog
1 -> s_SSCatDBDeleteCatalog
2 -> s_SSCatDBEnumCatalogs
3 -> s_SSCatDBPauseResumeService
4 -> s_SSCatDBRebuildDatabase
5 -> s_SSCatDBPrepareForCall
6 -> s_SSCatDBAddCatalog2
7 -> s_SSCatDBSmartlockerDefenderCheck
RPC 1495a2be-b7a8-4299-9d3b-8825e5bcbfb9 (1.0) -- C:\Windows\System32\webauthn.dll
0 -> s_SSCtapCommand
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : keysvc
ncalrpc : OLE037BD8768B2F1438658B1D7E91E0
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3208 at 0x5319fd0L>
64
['DiagTrack']
Interfaces :
RPC 4c9dbf19-d39e-4bb9-90ee-8f7179b20283 (1.0) -- c:\windows\system32\diagtrack.dll
0 -> UtcApi_IsScenarioActive
1 -> UtcApi_EscalateScenario
2 -> UtcApi_EscalateScenarioAsync
3 -> UtcApi_IsEscalationRunning
4 -> UtcApi_DownloadLatestSettingsForNamespace
5 -> UtcApi_DownloadLatestSettingsForNamespaceAsync
6 -> UtcApi_GetActiveScenarioList
7 -> UtcApi_ForceUpload
8 -> UtcApi_ResetUsageMetrics
9 -> UtcApi_IsTraceRunning
10 -> UtcApi_GetActiveTraceRuntime
11 -> UtcApi_GetKnownTraceList
12 -> UtcApi_DownloadLatestSettings
13 -> UtcApi_ReloadSettings
14 -> UtcApi_UpdateTimerConfiguration
15 -> UtcApi_ClearTimerConfiguration
16 -> UtcApi_GetNextScheduledFireTime
17 -> UtcApi_GetTimerConfiguration
18 -> UtcApi_GetCustomTraceList
19 -> UtcApi_StartCustomTrace
20 -> UtcApi_SnapCustomTrace
21 -> UtcApi_StopCustomTrace
22 -> UtcApi_EscalateScenario2
23 -> UtcApi_EscalateScenarioAsync2
24 -> UtcApi_GetActiveTraceInfo
25 -> UtcApi_EnableWERLocalReports
26 -> UtcApi_RestoreWERLocalReportsSettings
27 -> UtcApi_QueryWERLocalReportsEnabled
28 -> UtcApi_IsEscalationRunningEx
29 -> UtcApi_QueryDiagnosticCollectionState
RPC fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d (1.0) -- c:\windows\system32\diagtrack.dll
0 -> UtcApi_SendSyntheticTrigger
1 -> UtcApi_ChangeEtmPauseState
RPC 95095ec8-32ea-4eb0-a3e2-041f97b36168 (1.0) -- c:\windows\system32\diagtrack.dll
0 -> UtcTelemetryOptInApi_SetTelemetryOptIn
RPC e38f5360-8572-473e-b696-1b46873beeab (1.0) -- c:\windows\system32\diagtrack.dll
0 -> UtcTenantApi_RegisterTelemetryTenant
1 -> UtcTenantApi_UnregisterTelemetryTenant
2 -> UtcTenantApi_UpdateDailyUploadQuota
3 -> UtcTenantApi_ForceUpload
RPC d22895ef-aff4-42c5-a5b2-b14466d34ab4 (1.0) -- c:\windows\system32\diagtrack.dll
0 -> UtcEventTranscriptApi_FetchTranscriptStats
1 -> Microsoft::Diagnostics::FileWrapStream::Commit
2 -> UtcEventTranscriptApi_FetchTranscriptRecordPayload
3 -> UtcEventTranscriptApi_FetchKnownTags
4 -> UtcEventTranscriptApi_FetchEventTags
5 -> UtcEventTranscriptApi_IsSampledIn
6 -> UtcEventTranscriptApi_FetchTranscriptRecordsPage2
7 -> UtcEventTranscriptApi_CancelFetchOperations
RPC 98cd761e-e77d-41c8-a3c0-0fb756d90ec2 (1.0) -- c:\windows\system32\diagtrack.dll
0 -> UtcWerHelperApi_FetchReportCount
1 -> UtcWerHelperApi_FetchReportData
2 -> UtcWerHelperApi_EnableWerLocalReports
3 -> UtcWerHelperApi_RestoreWerLocalReportsSettings
4 -> UtcWerHelperApi_QueryWerLocalReportsEnabled
5 -> UtcWerHelperApi_FetchReportData2
6 -> UtcWerHelperApi_ExtractReport
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : LRPC-50e83a038203afe3bc
ncalrpc : OLEFE3287CB2905D0734C098267C24F
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3216 at 0x53198d0L>
64
['iphlpsvc']
Interfaces :
RPC 552d076a-cb29-4e44-8b6a-d15e59e2c0af (1.0) -- c:\windows\system32\iphlpsvc.dll
0 -> IpTransitionProtocolApplyConfigChanges
1 -> IpTransitionProtocolApplyConfigChangesEx
2 -> IpTransitionCreatev6Inv4Tunnel
3 -> IpTransitionDeletev6Inv4Tunnel
RPC ecbdb051-f208-46b9-8c8b-648d9d3f3944 (1.0) -- c:\windows\system32\iphlpsvc.dll
0 -> RefreshTeredoState
1 -> ResetDisabledComponentsForTeredo
RPC 1fff8faa-ec23-4e3f-a8ce-4b2f8707e636 (1.0) -- c:\windows\system32\iphlpsvc.dll
0 -> TeredoCreateConsumerHandle
1 -> TeredoCloseConsumerHandle
RPC 2e6035b2-e8f1-41a7-a044-656b439c4c34 (1.0) -- C:\windows\system32\httpprxm.dll
0 -> ProxyMgrProviderRegisterForEventNotification
1 -> ProxyMgrProviderUnregisterEventNotification
2 -> ProxyMgrProviderGetNotification
3 -> ProxyMgrGetProxyEventInformation
4 -> ProxyMgrSetProxyConfiguration
5 -> ProxyMgrSetProxyCredentials
RPC c36be077-e14b-4fe9-8abc-e856ef4f048b (1.0) -- C:\windows\system32\httpprxm.dll
0 -> RpcSrvProxyMgrClientRegisterForEventNotification
1 -> RpcSrvProxyMgrClientGetNotification
2 -> RpcSrvProxyMgrClientUnregisterEventNotification
3 -> RpcSrvProxyMgrClientGetProxyForUrl
4 -> RpcSrvProxyMgrClientGetProxyCredentials
5 -> RpcSrvProxyMgrClientGetAllProxiesForUrl
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
RPC c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 (1.0) -- C:\windows\system32\adhsvc.dll
0 -> Rpc_AdhEngineOpen
1 -> Rpc_AdhEngineClose
2 -> Rpc_AdhStatusEventSubscribe
3 -> Rpc_AdhStatusEventSubscriptionGetLastEvent
4 -> Rpc_AdhStatusEventUnsubscribe
5 -> Rpc_AdhGetConfig
6 -> Rpc_AdhGetEvidenceCollectorResult
OLE 1299cf18-c4f5-4b6a-bb0f-2299f0398e27 (0.0) -- INotifyNetworkListManagerEvents
OLE 22d2e146-1a68-40b8-949c-8fd848b415e6 (0.0) -- INotifyNetworkEvents
OLE 2abc0864-9677-42e5-882a-d415c556c284 (0.0) -- INotifyNetworkInterfaceEvents
OLE 733b7764-5c0c-4ad6-bb4b-d0585e993e0e (0.0) -- INotifyNetworkGlobalCostEvents
Endpoints :
ncalrpc : LRPC-3d9f14cbe3d5f73628
ncalrpc : TeredoDiagnostics
ncalrpc : TeredoControl
ncalrpc : OLE3960B3F4B2DDB5FB88EAA7555C75
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3228 at 0x5319080L>
64
['DPS']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 71a5ec7f-f325-4376-9d94-622c372e256f (0.0) -- ISrumServer
OLE bdffe8e0-729b-4bd6-a769-a296c15ee54e (0.0) -- IWpnSrumProvider
Endpoints :
ncalrpc : OLEFF149C01CCBEEB329A0BD4F9CD02
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3244 at 0x53193c8L>
64
['LanmanServer']
Interfaces :
RPC 98716d03-89ac-44c7-bb8c-285824e51c4a (1.0) -- c:\windows\system32\srvsvc.dll
0 -> XsOpenPrinter
1 -> XsClosePrinter
2 -> XsAddJob
3 -> XsScheduleJob
4 -> XsProcessPnp
5 -> XsProcDownLevelAPI
RPC 1a0d010f-1c33-432c-b0f5-8cf4e8053099 (1.0) -- c:\windows\system32\srvsvc.dll
0 -> IdSegRequestNextSequence
1 -> IdSegRequestNodeInvalidation
RPC 4b324fc8-1670-01d3-1278-5a47bf6ee188 (3.0) -- c:\windows\system32\srvsvc.dll
0 -> NetrCharDevControl
1 -> NetrCharDevControl
2 -> NetrCharDevControl
3 -> NetrCharDevControl
4 -> NetrCharDevControl
5 -> NetrCharDevControl
6 -> NetrCharDevControl
7 -> NetrCharDevControl
8 -> NetrConnectionEnum
9 -> NetrFileEnum
10 -> NetrFileGetInfo
11 -> NetrFileClose
12 -> NetrSessionEnum
13 -> NetrSessionDel
14 -> NetrShareAdd
15 -> NetrShareEnum
16 -> NetrShareGetInfo
17 -> NetrShareSetInfo
18 -> NetrShareDel
19 -> NetrShareDelSticky
20 -> NetrShareCheck
21 -> NetrServerGetInfo
22 -> NetrServerSetInfo
23 -> NetrServerDiskEnum
24 -> NetrServerStatisticsGet
25 -> NetrServerTransportAdd
26 -> NetrServerTransportEnum
27 -> NetrServerTransportDel
28 -> NetrRemoteTOD
29 -> I_NetrServerSetServiceBits
30 -> NetprPathType
31 -> NetprPathCanonicalize
32 -> NetprPathCompare
33 -> NetprNameValidate
34 -> NetprNameCanonicalize
35 -> NetprNameCompare
36 -> NetrShareEnumSticky
37 -> NetrShareDelStart
38 -> NetrShareDelCommit
39 -> NetrpGetFileSecurity
40 -> NetrpSetFileSecurity
41 -> NetrServerTransportAddEx
42 -> I_NetrServerSetServiceBitsEx
43 -> NetrDfsGetVersion
44 -> NetrCharDevControl
45 -> NetrCharDevControl
46 -> NetrCharDevControl
47 -> NetrCharDevControl
48 -> NetrCharDevControl
49 -> NetrCharDevControl
50 -> NetrCharDevControl
51 -> NetrCharDevControl
52 -> NetrCharDevControl
53 -> NetrServerTransportDelEx
54 -> NetrServerAliasAdd
55 -> NetrServerAliasEnum
56 -> NetrServerAliasDel
57 -> NetrShareDelEx
58 -> LocalrSessionEnum
59 -> LocalrSessionGetInfo
60 -> LocalrSessionDel
61 -> LocalrFileEnum
62 -> LocalrFileGetInfo
63 -> LocalrFileClose
64 -> LocalrShareEnum
65 -> LocalrShareGetInfo
66 -> LocalrShareSetInfo
67 -> LocalrShareAdd
68 -> LocalrShareDelEx
69 -> LocalrAliasGet
70 -> NetrServerTransportAddForInstance
71 -> NetrServerTransportDelForInstance
Endpoints :
ncalrpc : LRPC-4f1d5488ca14ed3f91
ncacn_np : \PIPE\srvsvc
--------------------------------------------------------------------------------
<WinProcess "WaAppAgent.exe" pid 3268 at 0x5319860L>
64
['RdAgent']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : OLE0FF495834C77D998EA4212C8C3B1
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3280 at 0x5319b70L>
64
['TrkWks']
Interfaces :
RPC 300f3532-38cc-11d0-a3f0-0020af6b0add (1.2) -- c:\windows\system32\trkwks.dll
0 -> Stubold_LnkMendLink
1 -> StubGetFileTrackingInformation
2 -> StubGetFileTrackingInformation
3 -> StubLnkSetVolumeId
4 -> StubGetFileTrackingInformation
5 -> StubGetFileTrackingInformation
6 -> StubGetFileTrackingInformation
7 -> StubGetFileTrackingInformation
8 -> StubLnkOnRestore
9 -> StubLnkMendLink
10 -> StubGetFileTrackingInformation
11 -> StubGetFileTrackingInformation
12 -> StubLnkSearchMachine
Endpoints :
ncacn_np : \pipe\trkwks
ncalrpc : trkwks
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3300 at 0x5319550L>
64
['W32Time']
Interfaces :
RPC 8fb6d884-2388-11d0-8c35-00c04fda2795 (4.1) -- c:\windows\system32\w32time.dll
0 -> s_W32TimeSync
1 -> s_W32TimeGetNetlogonServiceBits
2 -> s_W32TimeQueryProviderStatus
3 -> s_W32TimeQuerySource
4 -> s_W32TimeQueryProviderConfiguration
5 -> s_W32TimeQueryConfiguration
6 -> s_W32TimeQueryStatus
7 -> s_W32TimeLog
Endpoints :
ncalrpc : W32TIME_ALT
ncacn_np : \PIPE\W32TIME_ALT
--------------------------------------------------------------------------------
<WinProcess "MsMpEng.exe" pid 3328 at 0x53197b8L>
64
['WinDefend']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
RPC c503f532-443a-4c69-8300-ccd1fbdb3839 (2.0) -- C:\Program Files\Windows Defender\mpsvc.dll
0 -> ServerMpEnableFeature
1 -> ServerMpDisableFeature
2 -> ServerMpQueryStatus
3 -> ServerMpEventOpen
4 -> ServerMpEventClose
5 -> ServerMpEventQueryNotification
6 -> ServerMpOnDemandStartScan
7 -> ServerMpOnDemandQueryNotification
8 -> ServerMpOnDemandQueryScanResult
9 -> ServerMpOnDemandControlScan
10 -> ServerMpOnDemandControlSystemScan
11 -> ServerMpOnDemandPersistScan
12 -> ServerMpOnDemandCloseScan
13 -> ServerMpOnDemandThreatOpen
14 -> ServerMpOnDemandThreatEnum
15 -> ServerMpOnDemandThreatClose
16 -> ServerMpScanOpenThreatHistory
17 -> ServerMpScanEnumerateThreatHistory
18 -> ServerMpScanEnumerateDetectionHistory
19 -> ServerMpScanCloseThreatHistory
20 -> ServerMpScanDeleteThreatHistory
21 -> ServerMpRpcCleanOpen
22 -> ServerMpRpcScanCleanOpen
23 -> ServerMpRpcCleanStart
24 -> ServerMpRpcCleanControl
25 -> ServerMpRpcCleanThreatsNotification
26 -> ServerMpRpcPrecheckStart
27 -> ServerMpRpcPrecheckNotification
28 -> ServerMpRpcCleanQuery
29 -> ServerMpRpcCleanClose
30 -> MpService::CMpMapsLatencyDataIterator::Clone
31 -> MpService::CMpMapsLatencyDataIterator::Clone
32 -> MpService::CMpMapsLatencyDataIterator::Clone
33 -> MpService::CMpMapsLatencyDataIterator::Clone
34 -> ServerMpQuarantineEnumOpen
35 -> ServerMpQuarantineEnumerate
36 -> ServerMpQuarantineEnumClose
37 -> ServerMpQuarantineQueryInfo
38 -> ServerMpQuarantineRestoreThreat
39 -> ServerMpQuarantineDeleteThreat
40 -> ServerMpStateEnumOpen
41 -> ServerMpQueryEngineVersion
42 -> ServerMpUpdateEngineSignature
43 -> ServerMpRollbackEngineSignature
44 -> ServerMpThreatStaticInfo
45 -> ServerMpQuerySystemInfo
46 -> ServerMpRpcConfigSetValue
47 -> ServerMpRpcConfigDelValue
48 -> ServerMpRpcElevationHandleOpen
49 -> ServerMpRpcElevationHandleAttach
50 -> ServerMpRpcElevationHandleClose
51 -> ServerMpRpcElevateCleanHandle
52 -> ServerMpRpcSignatureThreatOpen
53 -> ServerMpRpcSignatureThreatEnum
54 -> ServerMpRpcSignatureThreatClose
55 -> ServerMpRpcGetSampleInfo
56 -> ServerMpRpcQueryScansWithSamples
57 -> ServerMpRpcDropScansWithSamples
58 -> ServerMpRpcSpynetQueueCreate
59 -> ServerMpRpcSpynetQueueQueryNotification
60 -> ServerMpRpcSpynetQueueClose
61 -> ServerMpRpcSpynetGenerateReport
62 -> ServerMpRpcSenseGenerateReport
63 -> ServerMpRpcSpynetOnResponse
64 -> ServerMpRpcSpynetGetStartTime
65 -> ServerMpRpcSpynetUpdateSpynetMetrics
66 -> ServerMpRpcSpynetClose
67 -> ServerMpRpcSigUpdServiceOpen
68 -> ServerMpRpcSigUpdServiceQueryNotification
69 -> ServerMpRpcSigUpdServiceSendProgressNotification
70 -> ServerMpRpcSigUpdServiceClose
71 -> ServerMpRpcSigUpdClientOpen
72 -> ServerMpRpcSigUpdClientQueryNotification
73 -> ServerMpRpcSigUpdClientClose
74 -> ServerMpRpcSigUpdControl
75 -> ServerMpRpcIdleNotificationOpen
76 -> ServerMpRpcIdleNotificationClose
77 -> ServerMpRpcNotifyIdle
78 -> ServerMpRpcIdleCheckTaskCompletion
79 -> ServerMpRpcThreatOpen
80 -> ServerMpRpcThreatEnumerate
81 -> ServerMpRpcThreatClose
82 -> ServerMpRpcDbgThreatViewAction
83 -> ServerMpRpcForcedReboot
84 -> ServerMpRpcProductGenuineCheckClient
85 -> ServerMpRpcAddFastPathSignatureFile
86 -> ServerMpRpcRemoveFastPathSignatureFile
87 -> ServerMpRpcDynamicSignatureOpen
88 -> ServerMpRpcDynamicSignatureEnumerate
89 -> ServerMpRpcDynamicSignatureClose
90 -> ServerMpRpcProductGenuineCheckOpen
91 -> ServerMpRpcProductGenuineCheckQueryNotification
92 -> ServerMpRpcProductGenuineCheckSendNotification
93 -> ServerMpRpcProduceGenuineCheckClose
94 -> ServerMpRpcMemoryScanStart
95 -> ServerMpRpcMemoryScanQueryNotification
96 -> ServerMpRpcMemoryScanClose
97 -> ServerMpRpcFastMemoryScanOpen
98 -> ServerMpRpcFastMemoryScan
99 -> ServerMpRpcFastMemoryScanClose
100 -> ServerMpRpcFastMemoryScanCacheInfo
101 -> ServerMpRpcAmsiCloseSession
102 -> ServerMpRpcTcgLogScan
103 -> ServerMpRpcTcgLogApplyExtResult
104 -> ServerMpRpcDbgSendCallbackNotification
105 -> ServerMpRpcThreatRollup
106 -> ServerMpDetectionQuery
107 -> ServerMpRpcRequestSnooze
108 -> ServerMpRpcOfflineScanInstall
109 -> ServerMpRpcOfflineScanStatusQuery
110 -> ServerMpRpcTriggerHeartbeatOnDefenderDisable
111 -> ServerMpRpcTriggerHeartbeatOnUninstall
112 -> ServerMpRpcTriggerErrorHeartbeatReport
113 -> ServerMpRpcTriggerHeartbeatReport
114 -> ServerMpRpcRemapCallistoDetections
115 -> ServerMpRpcGetCallistoDetections
116 -> ServerMpRpcIsAdlFallbackDue
117 -> ServerMpRpcIsRtpAutoEnable
118 -> ServerMpRpcEngineQueryConfigDword
119 -> ServerMpRpcSampleHeaderQueueCreate
120 -> ServerMpRpcSampleHeaderQueueQueryNotification
121 -> ServerMpRpcSampleHeaderQueueClose
122 -> ServerMpRpcSampleHeaderClose
123 -> ServerMpRpcSampleHeaderGetSampleDetails
124 -> ServerMpRpcGetSampleChunk
125 -> ServerMpRpcConveySampleSubmissionResult
126 -> ServerMpRpcGetSampleListRequiringConsent
127 -> ServerMpRpcConveyUserChoiceForSampleList
128 -> ServerMpRpcGetRunningMode
129 -> ServerMpRpcIsGivenRunningModeSupported
130 -> ServerMpDisableXBGM
131 -> ServerMpDisableXBGM
132 -> ServerMpXBGMUpdateIV
133 -> ServerMpXBGMGetData
134 -> ServerMpXBGMGetData
135 -> ServerMpOnDemandStartScan2
136 -> ServerMpQueryDefaultFolderGuardList
137 -> ServerMpRpcTriggerStatusRefreshNotification
138 -> ServerMpRpcGetHIPSRuleInfo
139 -> ServerMpEnableSmartLocker
140 -> ServerMpDisableSmartLocker
141 -> ServerMpXBGMUpdateIV
142 -> ServerMpFlushLowfiCache
143 -> ServerMpRpcGetAsrBlockedProcesses
144 -> ServerMpRpcGetAsrBlockedActions
145 -> ServerMpRpcDeleteAsrHistory
OLE b2cabfe4-fe04-42b1-a5df-08d483d4d125 (0.0) -- IAntimalwareUacProvider
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
OLE 3901a765-ab91-4ba9-a553-5b8538deb840 (0.0) -- IWscAVStatus
OLE 024e9756-ba6c-4ad1-8321-87bae78fd0e3 (0.0) -- IWscASStatus
Endpoints :
ncalrpc : OLE33D1558EB702153D9D21B74FB69B
ncalrpc : IMpService77BDAF73-B396-481F-9042-AD358843EC24
--------------------------------------------------------------------------------
<WinProcess "WindowsAzureTelemetryService.exe" pid 3360 at 0x5319c50L>
64
['WindowsAzureTelemetryService']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : OLEC08045C60FEAC3F73367C25AA82A
--------------------------------------------------------------------------------
<WinProcess "WindowsAzureGuestAgent.exe" pid 3368 at 0x53199e8L>
64
['WindowsAzureGuestAgent']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : OLEF4DDCEEF4C8F5CD297DD1F0A4B0C
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3400 at 0x5319f98L>
64
['WpnService']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE df8e9480-ca73-448e-b8f0-da000f581428 (0.0) -- IWpnPlatform
OLE a6311d38-813c-46c8-9929-89d3b6e14515 (0.0) -- IConnectionManagerFactory
OLE 549bd355-eb18-42d4-866b-c8ed31b46e50 (0.0) -- IWpnInternalConnectionManager
OLE f655b052-348b-4ab0-947b-a7dafa44d404 (0.0) -- IWpnRegistrationEndpoint
OLE 7d85494e-d99e-493a-bf51-80d2c9feab49 (0.0) -- IWpnSystemRegistrationEndpoint
OLE 43c6b434-c1be-4ad2-af03-c0deaccebd1f (0.0) -- IBackgroundAccessStateChangeHandler
OLE 2a45cbbe-93a2-4f76-8c01-b6c2a1720f20 (0.0) -- IConnectionManagerCallbacks2
OLE b755e6e0-b048-49cc-8911-11a041216f5f (0.0) -- IApplicationStateChangeHandler
OLE dcaee35a-508d-4419-9e56-50d658c2c812 (0.0) -- IWpnAppEndpoint
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
OLE 78f5febc-30ff-450e-a2bf-911ff25df1df (0.0) -- IConnectionProvider
OLE b196b284-bab4-101a-b69c-00aa00341d07 (0.0) -- IConnectionPointContainer
OLE b196b286-bab4-101a-b69c-00aa00341d07 (0.0) -- IConnectionPoint
OLE ae363a51-a0de-5827-80f4-961b407b40c2 (0.0) -- __FIAsyncOperationCompletedHandler_1_Windows__CInternal__CSecurity__CWebAuthentication__CUserHostIdentity
OLE 1299cf18-c4f5-4b6a-bb0f-2299f0398e27 (0.0) -- INotifyNetworkListManagerEvents
OLE 22d2e146-1a68-40b8-949c-8fd848b415e6 (0.0) -- INotifyNetworkEvents
OLE 2abc0864-9677-42e5-882a-d415c556c284 (0.0) -- INotifyNetworkInterfaceEvents
OLE 733b7764-5c0c-4ad6-bb4b-d0585e993e0e (0.0) -- INotifyNetworkGlobalCostEvents
Endpoints :
ncalrpc : OLE7C0BB271D515C956A237F21CC142
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3548 at 0x53196d8L>
64
['WdiServiceHost']
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 4008 at 0x53199b0L>
64
['wuauserv']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 9fc14b6b-ec4b-427c-8aaf-a128d33ee310 (0.0) --
OLE 97ea99c7-0186-4ad4-8df9-c5b4e0ed6b22 (0.0) -- IBackgroundCopyCallback
OLE c8264914-c0d2-48da-a5cd-f47d74fda7f6 (0.0) -- IWUInternalDeploymentInformationFactory
OLE 4e46ebe0-dcd6-40da-9fab-abb7b2c613b5 (0.0) -- IDeploymentInformationFactory
OLE 1726f52d-2b8c-524a-98c6-f2cf0893c0f2 (0.0) -- __FITypedEventHandler_2_Windows__CApplicationModel__CPackageCatalog_Windows__CApplicationModel__CPackageStagingEventArgs
OLE a575c2d8-ad34-456f-810b-f6c67795014d (0.0) -- IAppxStreamingDataSourceFactory
OLE 3cc7f52c-5d10-4686-8944-713e716ea8da (0.0) -- IAppxStreamingDataSource
OLE 33311ed3-9e5c-49ad-8227-7943c59820b4 (0.0) -- IAppxRangeRequestJob
Endpoints :
ncalrpc : OLED2450374AB826C055D2F235EEF57
--------------------------------------------------------------------------------
<WinProcess "taskhostw.exe" pid 4736 at 0x5319b00L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
OLE 839d7762-5121-4009-9234-4f0d19394f04 (0.0) -- ITaskHandler
OLE 0d512bc7-d05f-55c5-b40a-b1e269c5114d (0.0) -- __FITypedEventHandler_2_WindowsUpdate__CInternal__CIInstallControl_WindowsUpdate__CInternal__CIInstallItem
OLE afce43e5-977b-4b8a-b7b6-e26ecec26ddf (0.0) -- ISusNotify
OLE beef4698-9382-44ce-99a0-ece4e9c0916e (0.0) --
OLE c3478f3e-9fa6-5426-a74f-1542118ff5d7 (0.0) -- __FIVectorView_1_WindowsUpdate__CInternal__CIFulfillmentDataInfo
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 11c6562f-d6dc-4246-aee4-1867b030b0e0 (0.0) -- __x_WindowsUpdate_CInternal_CIFulfillmentDataInfo
Endpoints :
ncalrpc : OLE79844BE10585AD7209FE44AB0A12
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 4800 at 0x5319908L>
64
['lmhosts']
Interfaces :
RPC 30adc50c-5cbc-46ce-9a0e-91914789e23c (1.0) -- c:\windows\system32\nrpsrv.DLL
0 -> RpcNrpGetAddrInfo
1 -> RpcNrpGetNameInfo
Endpoints :
ncalrpc : LRPC-f6938ea0eb3f3baa4e
--------------------------------------------------------------------------------
<WinProcess "NisSrv.exe" pid 5104 at 0x5319320L>
64
['WdNisSvc']
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 4488 at 0x5319be0L>
64
['pla']
Interfaces :
RPC 647d4452-9f33-4a18-b2be-c5c0e920e94e (1.0) -- c:\windows\system32\pla.dll
0 -> PlaiSrvControl
1 -> PlaiSrvQuerySession
2 -> PlaiSrvGetStatus
3 -> PlaiSrvRegisterCollectorSet
4 -> PlaiSrvUpdateMetadata
5 -> PlaiSrvSwitchToCompiling
6 -> PlaiSrvCloseCollectorSet
Endpoints :
ncalrpc : {F14A3514-198A-4DF9-88B3-EEA099B470F4}
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 5672 at 0x5319198L>
64
['SSDPSRV']
Interfaces :
RPC 4b112204-0e19-11d3-b42b-0000f81feb9f (1.0) -- c:\windows\system32\ssdpsrv.dll
0 -> _SSDPOpenRpc
1 -> _SSDPCloseRpc
2 -> RegisterServiceExRpc
3 -> _DeregisterServiceRpc
4 -> CleanupCacheRpc
5 -> BeginSearchRpc
6 -> GetSearchNotificationRpc
7 -> CancelSearchRpc
8 -> CloseSearchRpc
9 -> EnableNotificationRpc
10 -> _InitializeSyncHandle
11 -> _RemoveSyncHandle
12 -> RegisterNotificationRpc
13 -> RegisterNotificationAsyncRpc
14 -> _GetNotificationRpc
15 -> _WakeupGetNotificationRpc
16 -> DeregisterNotificationRpc
17 -> SetICSInterfaces
18 -> SetICSOff
19 -> EnableFirewallRuleRpc
20 -> DisableFirewallRuleRpc
Endpoints :
ncalrpc : LRPC-7739fe9ede05529e24
--------------------------------------------------------------------------------
<WinProcess "csrss.exe" pid 4128 at 0x5319438L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "winlogon.exe" pid 956 at 0x5319668L>
64
Interfaces :
RPC 76f226c3-ec14-4325-8a99-6a46348418ae (1.0) -- C:\windows\system32\winlogon.exe
0 -> I_WMsgkSendMessage
1 -> I_WMsgkSendPSPMessage
RPC 76f226c3-ec14-4325-8a99-6a46348418af (1.0) -- C:\windows\system32\winlogon.exe
0 -> I_WMsgSendMessage
1 -> I_WMsgSendPSPMessage
2 -> I_WMsgSendNotifyMessage
3 -> I_WMsgSendReconnectionUpdateMessage
RPC 12e65dd8-887f-41ef-91bf-8d816c42c2e7 (1.0) -- C:\windows\system32\winlogon.exe
0 -> WlSecureDesktoprPromptingRequest
1 -> WlSecureDesktoprConfirmationRequest
2 -> WlSecureDesktoprCredmanBackupRequest
3 -> WlSecureDesktoprCredmanRestoreRequest
4 -> WlSecureDesktoprSimulateSAS
Endpoints :
ncalrpc : WMsgKRpc0920722
--------------------------------------------------------------------------------
<WinProcess "fontdrvhost.exe" pid 3992 at 0x5319e48L>
64
[!!] Invalid rpcrt4 base: 0x0 vs 0x7ffec24f0000
--------------------------------------------------------------------------------
<WinProcess "dwm.exe" pid 4176 at 0x5319b38L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00621c22-42e8-529f-9270-836b32931d72 (0.0) -- __FIEventHandler_1_Windows__CGaming__CInput__CRawGameController
Endpoints :
ncalrpc : OLE2F439ADE4BD991EE6E15BD5FFE5E
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 5268 at 0x5319ef0L>
64
['ScDeviceEnum']
Interfaces :
RPC 169c453b-5955-4672-be44-21f61e9ef18f (1.0) -- c:\windows\system32\scdeviceenum.dll
0 -> s_NgcCtnrEnumCreateNode
1 -> s_NgcCtnrEnumDeleteNode
Endpoints :
ncalrpc : LRPC-d51e953fcdc5765dda
--------------------------------------------------------------------------------
<WinProcess "rdpclip.exe" pid 820 at 0x53192e8L>
64
Interfaces :
RPC 10bd2718-13bd-4b84-8e7d-8b5c83770a86 (1.0) -- C:\windows\System32\rdpclip.exe
0 -> RpcSetRenderHint
1 -> RpcGetStartMenuRect
RPC de79fc6c-dc6f-43c7-a48e-63bbc8d4009d (1.0) -- C:\windows\System32\rdpclip.exe
0 -> UMRDP_SHChangeNotify
1 -> UMRDP_WNetAddConnection2
2 -> UMRDP_WNetCancelConnection2
3 -> UMRDP_StorePrinterConfig
4 -> UMRDP_StoreDefaultPrinter
5 -> UMRDP_RestoreDefaultPrinter
6 -> UMRDP_SetDefaultPrinter
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000135-0000-0000-c000-000000000046 (0.0) -- IInterfaceFromWindowProp
OLE 0000010e-0000-0000-c000-000000000046 (0.0) -- IDataObject
OLE 0000000c-0000-0000-c000-000000000046 (0.0) -- IStream
Endpoints :
ncalrpc : HintApiRPCEntry#2
ncalrpc : UMRdpEndpoint_2
ncalrpc : OLED61FC11976D6B4EE1BE5E9B46B15
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1004 at 0x5319e10L>
64
['CDPUserSvc_9c09e']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE c092cc2f-5eca-5a5d-9c9c-f050e892dd97 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CSecurity__CAuthentication__CWeb__CTokenBrokerInternal_Windows__CInternal__CSecurity__CAuthentication__CWeb__CWebAccountAddedEventArgs
OLE df3657fc-19c8-5e99-b48f-4a59b98d4e8a (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CSecurity__CAuthentication__CWeb__CTokenBrokerInternal_Windows__CInternal__CSecurity__CAuthentication__CWeb__CWebAccountDeletedEventArgs
OLE dc8b9f35-216c-54ff-99db-cd7e04c6a074 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CSecurity__CAuthentication__CWeb__CTokenBrokerInternal_Windows__CInternal__CSecurity__CAuthentication__CWeb__CWebAccountChangedEventArgs
OLE 51aa6c40-b054-5c68-801e-03b75f43e2a1 (0.0) -- __FIAsyncOperationCompletedHandler_1_Windows__CInternal__CSecurity__CAuthentication__CWeb__CGetDefaultSignInAccountResult
OLE 00000001-0000-0000-c000-000000000046 (0.0) -- IClassFactory
OLE 84cc931f-cb8f-4923-9120-c79968ef745f (0.0) -- ICDPComAccountProvider
OLE c2090d8c-37d8-5c47-9581-0f17b91a0cd3 (0.0) -- __FIAsyncOperationCompletedHandler_1___FIVectorView_1_Windows__CSecurity__CCredentials__CWebAccount
OLE 8cb134c6-72c3-4c94-859f-c1f2d40ddd13 (0.0) -- ICDPComUserSettingsProvider
OLE 50ce6ccb-94b2-5a0b-8841-3639c33d1467 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CSecurity__CAuthentication__CWeb__CTokenBrokerInternal_Windows__CInternal__CSecurity__CAuthentication__CWeb__CWebAccountProviderChangedEventArgs
OLE 9477622b-1340-5574-81fc-5013581f57c9 (0.0) -- __FIAsyncOperationCompletedHandler_1_Windows__CSecurity__CCredentials__CWebAccountProvider
OLE ac566344-eadd-4f1a-a84a-7ed279176ba9 (0.0) -- ICDPComActivityStore
OLE 4199de60-6b64-47b8-9f9b-a9e78cb48c16 (0.0) -- ICDPComActivityStoreManagementControl
OLE 8255a6da-c295-48c3-a4da-dae510b5c193 (0.0) -- ICDPComUserActivitySettings
OLE 6f4670bb-cdf1-4fb7-8d5c-46c9200dfbf3 (0.0) -- ICDPComActivityStoreInfoWatcher
OLE 8fb35720-6c33-4a7f-81ea-f0c6b9874d07 (0.0) -- ICDPComActivityStoreReader
Endpoints :
ncalrpc : OLE241FDD36AD53B3BAA5CDC73B0D3F
--------------------------------------------------------------------------------
<WinProcess "sihost.exe" pid 1792 at 0x53194a8L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE cb728b20-f786-11ce-92ad-00aa00a74cd0 (0.0) -- IProfferService
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
OLE 00000001-0000-0000-c000-000000000046 (0.0) -- IClassFactory
OLE 6d5140c1-7436-11ce-8034-00aa006009fa (0.0) -- IServiceProvider
OLE e7fb793d-3581-4b54-a798-ab8e9d69c963 (0.0) -- IBackgroundActivationSessionManagerEvents
OLE e12fe107-2d78-46a1-bca8-d93e4c2ab2bc (0.0) -- IPlmStateChangeNotifications
OLE 428d4ddd-3462-43df-9395-1eff13ae7a4b (0.0) -- IBackgroundAccessManagerService
OLE fc99c60d-d59b-4b2b-b73d-3a1cc9f2aafa (0.0) -- ILifetimeManagerRemote
OLE d7a5d1cc-fcbc-4e54-9deb-45ef67293cf8 (0.0) -- IHostIdStore
OLE 69c083b1-7f6f-490d-9d77-c0219a95b25d (0.0) -- IProcessLifetimeManagerControl
OLE 7656cfa4-b63a-4542-a8de-ef402bac895d (0.0) -- IUserApplicationStateChangeHandler
RPC 8ec21e98-b5ce-4916-a3d6-449fa428a007 (0.0) -- C:\Windows\System32\modernexecserver.dll
0 -> FmMuxSrvRegisterCoreUIEndpoints
1 -> FmMuxSrvGenerateTaskInstanceId
2 -> FmMuxSrvLaunchTask
3 -> FmMuxSrvResumeTask
4 -> FmMuxSrvPauseTask
5 -> FmMuxSrvCancelTask
6 -> FmMuxSrvAbortTask
7 -> FmMuxSrvGetTaskPid
8 -> FmMuxSrvSetTaskDehydrationEligibility
9 -> FmMuxSrvSetTaskProperty
10 -> FmMuxSrvResolveApplicationUri
11 -> FmMuxSrvGetActivationPolicy
12 -> FmMuxSrvLogoffUser
13 -> FmMuxSrvShutdown
14 -> FmMuxSrvSetForegroundTaskInstanceId
15 -> FmMuxSrvGenerateActivationInstanceId
16 -> FmMuxSrvActivationPrerequisitePhase
17 -> FmMuxSrvIsCBETask
18 -> FmMuxSrvIsValidTaskPid
19 -> FmMuxSrvResumePrerequisitePhase
20 -> FmMuxSrvGetForegroundTaskInstanceId
21 -> FmMuxSrvActivationBypass
22 -> FmMuxSrvIsActivationDehydrated
23 -> FmMuxSrvRequestResourceSet
RPC 0fc77b1a-95d8-4a2e-a0c0-cff54237462b (0.0) -- C:\Windows\System32\modernexecserver.dll
0 -> FmMuxSrvRegisterFGNotificationCoreUIEndpoint
1 -> FmMuxSrvUnRegisterFGNotificationCoreUIEndpoint
2 -> FmMuxSrvGetForegroundProductId
3 -> FmMuxSrvIsForegroundProductId
4 -> FmMuxSrvGetProductIdFromProcessId
5 -> FmMuxSrvGenerateWatsonReport
6 -> FmMuxSrvGetProcessProductId
7 -> FmMuxSrvDehydrateHost
8 -> FmMuxSrvIsCallingProcessForeground
RPC b1ef227e-dfa5-421e-82bb-67a6a129c496 (0.0) -- C:\Windows\System32\modernexecserver.dll
0 -> FmMuxSrvIsActivationBeingDebugged
1 -> FmMuxSrvIsForegroundActivation
2 -> FmMuxSrvGetForegroundActivationInstanceId
3 -> FmMuxSrvGetApplicationId
4 -> FmMuxSrvGetPackageFamilyName
5 -> FmMuxSrvGetPackageFullName
6 -> FmMuxSrvGetPSMKey
7 -> FmMuxSrvDehydrateApplication
8 -> FmMuxSrvSetAutoDehydrateFlag
9 -> FmMuxSrvGetAutoDehydrateFlag
10 -> FmMuxSrvReloadSettings
OLE eb9d0454-25db-5620-98b8-be4c5d0dbc67 (0.0) -- Windows.Foundation.TypedEventHandler[Windows.System.UserWatcher, Windows.System.UserChangedEventArgs]
OLE 9ec3d9d5-b413-51df-8c64-640e3356e351 (0.0) -- Windows.Foundation.TypedEventHandler[Windows.System.UserWatcher, Windows.System.UserAuthenticationStatusChangingEventArgs]
OLE a478f456-5d69-41d4-8fd5-a414c516c781 (0.0) -- IUserPackageStateChangeHandler
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 5e75aba7-c424-4076-9d47-409a1eda087f (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIWindowStatics
OLE 882d9981-e3b3-4275-a857-00c3910fb5c3 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewStatics
OLE c5230dad-4d49-4c07-aafa-7bafbbff72b0 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIWindowWatcher
OLE 3169ab14-dd32-4d2f-b943-0e53446f5085 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewWatcher
OLE 998d66a2-4a54-496c-9e18-268890860004 (0.0) -- IApplicationActivationManagerPriv
OLE e7a5f14e-0650-44f2-9168-35cd1d04fe20 (0.0) -- IApplicationActivationPhonePriv
OLE a5447aa8-063b-4ddc-8b81-021591a43bf1 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewChangedEventArgs
OLE dac0a812-87a6-4f5a-8493-b80e07a89344 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewActivationRequestedEventArgs
OLE 5c19477e-81ef-4d21-baa4-c3040ad2ea6b (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewRequestEventArgs
OLE add68ce2-bfd3-4208-a2c8-d48fb2e32c41 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppView
OLE 90ea19c8-8014-484d-a9f3-c1aecb25e39b (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppModel
OLE 43c44496-73a7-4b25-b876-1df2708e3e45 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIUniversalAppModel
OLE ecc8094d-d468-4860-9d61-260400aa9829 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CISplashScreen
OLE 402af51f-a72c-45b8-8fe3-cff04ed914f1 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIUniversalTitleBar
OLE 05f3eb97-d7d7-4f49-919d-368bc0323fb4 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewBehaviorStatics
OLE 266d6f6f-822f-4304-b3b6-9dc7fec054a5 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewActivationRequestedEventArgsPreview
OLE cdb5efb3-5788-509d-9be1-71ccb8a3362a (0.0) -- IAsyncOperation<boolean>
OLE 9345de75-e838-4721-9f20-7b09ac8be053 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewExecutionStateChangedEventArgs
OLE 57e9a04f-e685-491c-b433-f71b7b334bd3 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewUniversalPropertyChangedEventArgs
OLE 0f4accb1-d8f9-4011-ba37-2557925a78cf (0.0) -- IServiceHostBrokerProvider
OLE d98fd14a-522a-4d59-b875-811e83919a9e (0.0) -- IApplicationActivationBroker
OLE cd292360-2763-4085-8a9f-74b224a29175 (0.0) -- __x_Windows_CUI_CCore_CICoreWindowFactory
OLE 83140d1c-7e82-4cfb-96e4-f997cede7e10 (0.0) -- IUiaManagerWindowRegistration
OLE 6dc8c1be-86e5-4eef-8335-72cab53f06c8 (0.0) -- IUiaWindowRegistrationToken
OLE 317be656-a8be-48a0-95c9-cd02915bc9de (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIWindowChangedEventArgs
OLE 4f6719dc-762f-41da-b4e8-d3a037bca583 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIWindow
OLE 087ca5a4-8cfc-4264-b39d-da2bb2583a11 (0.0) -- ICoreWindowFactoryPriv
OLE d928b176-b291-4bd6-9f6f-2e21e3ef6cbc (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIWindowBehaviorStatics
OLE b6652262-46bb-521f-89f6-e890430bff3e (0.0) -- __FIReference_1_Windows__CInternal__CApplicationModel__CWindowManagement__CAppModelFrameworkKind
OLE 7fb024b8-0c52-44f0-aa7b-442557825557 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIUniversalBatch
OLE a768d72d-edbd-4f38-b426-72f9f42ec757 (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewVisibilityChangedEventArgs
OLE 445289d9-2bba-4b3d-9f41-09683cc27200 (0.0) -- IBackgroundTaskCapabilityInternal
OLE cf651713-cd08-4fd8-b697-a281b6544e2e (0.0) -- __x_Windows_CApplicationModel_CActivation_CIActivatedEventArgs
OLE a2add09a-fb9b-4e6e-bc69-0b810eeb0ab4 (0.0) -- IBackgroundActivationContext
OLE 601d51e3-801e-49c9-bbfa-fe29a662aead (0.0) -- IConfigureWindowFactory
OLE 0e0da070-2224-4934-8090-041f7ff223eb (0.0) -- ISplashScreen
OLE ca4d975c-d4d6-43f0-97c0-0833c6391c24 (0.0) -- __x_Windows_CApplicationModel_CActivation_CISplashScreen
OLE 0e8c8da1-11b5-4fad-975a-14f51015e07a (0.0) -- ISplashScreenPriv
OLE fc4801a3-2ba9-11cf-a229-00aa003d7352 (0.0) -- IObjectWithSite
OLE 8690f4ac-60ec-4d4b-93b3-ab71fbbecf80 (0.0) -- IApplicationActivationImpl
OLE 98057f1b-132b-473d-ac4b-aee7ac87887a (0.0) -- __x_Windows_CInternal_CApplicationModel_CWindowManagement_CIAppViewPreview
OLE 1f79f7de-20bf-4591-930a-d490b78fb09f (0.0) -- __x_Windows_CInternal_COneCore_CViewEventHandlers_CICoreCUIBroker
OLE 62a9407f-345a-4300-8cdd-4847dee60f48 (0.0) -- IApplicationInstanceManager
OLE 2f3eca0f-a0a7-445b-8f88-f6260a7dac04 (0.0) -- IPlmDataQuery
OLE 36c8be08-bca4-4431-b5c0-b07bc0baf3c8 (0.0) -- IPlmPackageServicing
OLE 85a098aa-ef5a-451b-b332-c1b795431bc3 (0.0) -- IContractActivation
OLE 2931fe47-4c9a-4e70-8de4-b80394ff42c1 (0.0) -- __x_Windows_CApplicationModel_CContracts_CInternal_CIContractBrokerPartialTrustStatics
OLE 98fba1b6-2909-418d-9ecf-c21600fa7822 (0.0) -- __x_Windows_CApplicationModel_CContracts_CInternal_CIContractBrokerBaseTrustAccessibleServer
OLE c218afae-7884-4151-873f-631e82388d0d (0.0) -- IContractBrokerGetStreamReadyEvent
OLE 4bb67095-515f-4e53-b6bb-ddeb70df3cc4 (0.0) -- IContractBrokerGetStream
OLE 9eb0164f-16c5-45a6-9d11-6ba6b20d9635 (0.0) -- __x_Windows_CSystem_CInternal_CLaunch_CILauncherQueryInfoStatics
OLE 8246ed12-33e8-52b3-a5c5-19779de9999e (0.0) -- __FIVectorView_1_Windows__CApplicationModel__CAppInfo
OLE cf7f59b3-6a09-4de8-a6c0-5792d56880d1 (0.0) -- __x_Windows_CApplicationModel_CIAppInfo
OLE fed95700-f716-4950-bcac-8e2e1ca1b307 (0.0) -- IClipboardProtectionServices
OLE 48f4e2d1-eeba-461e-8f8f-6353da1a3aca (0.0) -- IApplicationStateChangeOutOfProcNotificationService
OLE ee046ed5-6eaf-4fba-bdf6-0965545fedb8 (0.0) -- IUiaManagerEndpointStateNotifierSinkRegistration
OLE fcbc010e-a314-43e9-b40a-49690a0c8b78 (0.0) -- IUiaManagerEndpointStateNotifierSinkRegistrationToken
Endpoints :
ncalrpc : OLE560FA880F9111C2398064EEE6CEA
ncalrpc : LRPC-dfe947b7652251660a
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 5556 at 0x5319128L>
64
['WpnUserService_9c09e']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE df8e9480-ca73-448e-b8f0-da000f581428 (0.0) -- IWpnPlatform
OLE 43c6b434-c1be-4ad2-af03-c0deaccebd1f (0.0) -- IBackgroundAccessStateChangeHandler
OLE 2a45cbbe-93a2-4f76-8c01-b6c2a1720f20 (0.0) -- IConnectionManagerCallbacks2
OLE b755e6e0-b048-49cc-8911-11a041216f5f (0.0) -- IApplicationStateChangeHandler
OLE dcaee35a-508d-4419-9e56-50d658c2c812 (0.0) -- IWpnAppEndpoint
OLE a5322dff-9ebc-5df1-953d-0237cea8614b (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CStateRepository__CPrimaryTileUserNotifier_Windows__CInternal__CStateRepository__CPrimaryTileUserChangedEventArgs
OLE ccb96d97-791c-5741-8f33-fb7266d6ea33 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CStateRepository__CSecondaryTileUserNotifier_Windows__CInternal__CStateRepository__CSecondaryTileUserChangedEventArgs
OLE 2537d644-8c2f-4449-b8b6-10928822630c (0.0) -- INotificationController
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE f655b052-348b-4ab0-947b-a7dafa44d404 (0.0) -- IWpnRegistrationEndpoint
OLE 7d85494e-d99e-493a-bf51-80d2c9feab49 (0.0) -- IWpnSystemRegistrationEndpoint
OLE 443b1739-3779-4aba-953b-9e4ff84dd4b6 (0.0) -- INotificationSettings
OLE 6bff4732-81ec-4ffb-ae67-b6c1bc29631f (0.0) -- IQuietHoursSettings
OLE 0e467ac1-65f2-48d6-8bf2-375430548a87 (0.0) -- IWpnPresentationEndpoint
OLE ff94ea7e-7d6c-406e-826e-0ad128677b50 (0.0) -- IWpnSettingsEndpoint
OLE b196b286-bab4-101a-b69c-00aa00341d07 (0.0) -- IConnectionPoint
OLE cd6bb9b5-0cff-41d5-a3c4-7d23a91019bf (0.0) -- IWpnPlatformInternal
OLE d33574ce-09a0-4860-891d-1cfba99e1928 (0.0) -- IWpnMirroringAccountSwitcher
OLE 9284bfd3-db93-4c45-bd93-98519139fdff (0.0) -- IWpnSettingsEndpoint2
OLE 415fdd0d-b21d-4f53-bbf5-ea05bee0793f (0.0) -- INotificationHandlerSettings
OLE b2662ce9-d8b3-4cc9-89e2-40a97af0211e (0.0) -- IWpnPresentationEndpoint2
OLE 00000001-0000-0000-c000-000000000046 (0.0) -- IClassFactory
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 926516e8-d891-45bc-9de5-6959fb8ecac5 (0.0) -- IWpnAppEndpoint3
OLE d782ccba-afb0-43f1-94db-fda3779eaccb (0.0) -- INotificationCB
OLE 71ba143f-598e-49d0-84eb-8febaedcc195 (0.0) -- INetworkStatusChangedEventHandler
OLE 71d10a03-f4b1-4603-b214-e79834d10082 (0.0) -- IAumidNotificationSettings
OLE 34d6f23a-65b8-4afb-a2b8-ba3cd3f7f1f9 (0.0) -- IWpnMrtHelper
OLE 97ea99c7-0186-4ad4-8df9-c5b4e0ed6b22 (0.0) -- IBackgroundCopyCallback
Endpoints :
ncalrpc : OLEA671885ABA0FD3FFABBDBCF169FF
--------------------------------------------------------------------------------
<WinProcess "taskhostw.exe" pid 5812 at 0x5319208L>
64
Interfaces :
RPC cad784cb-4c1b-4d96-b8f7-4716b568b13c (1.0) -- C:\windows\system32\wininet.dll
0 -> s_UrlCacheGetManagerInterface
1 -> StaticProxyResolver::CancelAll
2 -> s_UrlCacheOpenContainer
3 -> s_UrlCacheCloseContainer
4 -> s_UrlCacheSetContainerEntryMaximumAge
5 -> s_UrlCacheAddUrl
6 -> s_UrlCacheLookupUrl
7 -> s_UrlCacheCheckUrlsExist
8 -> s_UrlCacheGetUrlBinaryBlob
9 -> s_UrlCacheAddUrlBinaryBlob
10 -> s_UrlCacheDeleteUrl
11 -> s_UrlCacheUnlockUrl
12 -> s_UrlCacheUpdateUrl
13 -> s_UrlCacheEntryEnum
14 -> s_UrlCacheEntryEnumClose
15 -> s_UrlCacheEntryEnumNext
16 -> s_UrlCacheCleanupUrls
17 -> s_UrlCacheCleanupHttpsUrls
18 -> s_UrlCacheGetSize
19 -> s_UrlCacheGetLimit
20 -> s_UrlCacheSetLimit
21 -> s_UrlCacheGetCrossContainerContentTotalSizeAndLimit
22 -> s_UrlCacheCleanupCrossContainers
23 -> s_UrlCacheGetBloomFilter
24 -> s_UrlCacheReleaseBloomFilter
25 -> s_UrlCacheGetNextDirectory
26 -> s_UrlCacheAddLeakFile
27 -> s_UrlCacheCreateGroup
28 -> s_UrlCacheDeleteGroup
29 -> s_UrlCacheGetGroupIds
30 -> s_UrlCacheGetGroup
31 -> s_UrlCacheUpdateGroup
32 -> s_UrlCacheSetUrlGroup
33 -> s_UrlCacheGetContentContainerDirectories
34 -> s_UrlCacheCreateExtensibleContainer
35 -> s_UrlCacheDeleteExtensibleContainer
36 -> s_UrlCacheGetExtensibleContainersList
37 -> s_UrlCacheRpcSetGlobalLimit
38 -> s_UrlCacheRpcGetGlobalLimit
39 -> s_UrlCacheRpcReloadSettings
40 -> s_UrlCacheGetGlobalCounters
41 -> s_AppCacheOpenContainer
42 -> s_AppCacheCloseContainer
43 -> s_AppCacheRpcCheckManifest
44 -> s_AppCacheRpcLookup
45 -> s_AppCacheRpcDeleteGroup
46 -> s_AppCacheRpcDeleteIeGroup
47 -> s_AppCacheRpcGetFallbackUrl
48 -> s_AppCacheRpcGetDownloadList
49 -> s_AppCacheRpcCloseHandle
50 -> s_AppCacheRpcInvalidate
51 -> s_AppCacheRpcGetInfo
52 -> s_AppCacheRpcGetGroupsList
53 -> s_AppCacheRpcFreeSpace
54 -> s_AppCacheRpcGetIeGroupList
55 -> s_AppCacheRpcFreeIeSpace
56 -> s_AppCacheRpcRetrieveUrl
57 -> s_AppCacheRpcCommitUrl
58 -> s_AppCacheRpcUpdateExtraData
59 -> s_AppCacheRpcFinalize
60 -> s_DependencyStoreOpenContainer
61 -> s_DependencyStoreCloseContainer
62 -> s_DependencyStoreUpdateUrl
63 -> s_DependencyStoreRetrieveUrl
64 -> s_DependencyStoreDeleteContainer
65 -> s_HstsOpenContainer
66 -> s_HstsCloseContainer
67 -> s_HstsGetHstsEntries
68 -> s_HstsSetHstsEntries
69 -> s_HstsPurgeContainer
70 -> s_CookieOpenContainer
71 -> s_CookieCloseContainer
72 -> s_CookieGetCookies
73 -> s_CookieGetAllCookies
74 -> s_CookieUpdateCookies
75 -> s_CookiePurgeContainer
76 -> s_BlobOpenContainer
77 -> s_BlobCloseContainer
78 -> s_BlobGetEntries
79 -> s_BlobGetEntry
80 -> s_BlobSetEntry
81 -> s_BlobDeleteEntry
82 -> s_BlobPurgeContainer
RPC 9d420415-b8fb-4f4a-8c53-4502ead30ca9 (1.0) -- C:\windows\System32\PlaySndSrv.dll
0 -> I_PlaySoundkPostMessage
Endpoints :
ncalrpc : webcache_{031b98cf-4a69-4c31-ab42-fd9b3c199407}_S-1-5-21-4197069449-1782053943-1514089459-500
ncalrpc : PlaySoundKRpc2
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 5776 at 0x5319e80L>
64
['TokenBroker']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 07650a66-66ea-489d-aa90-0dabc75f3567 (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CITokenBrokerInternalStatics
OLE a8a900c6-da0b-5bcc-a71a-be0b9265d87a (0.0) -- __FITypedEventHandler_2_Windows__CApplicationModel__CPackageCatalog_Windows__CApplicationModel__CPackageInstallingEventArgs
OLE cc51f0fc-48d9-4e33-a38c-85546b542fe7 (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CITokenBrokerListenerInternal
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE b5a6f1bc-1641-5f4c-b946-79084e41ee35 (0.0) -- __FIAsyncOperation_1_Windows__CInternal__CSecurity__CAuthentication__CWeb__CGetDefaultSignInAccountResult
OLE 9e8e4bd8-bfc5-4785-94c2-b210db698776 (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CIGetDefaultSignInAccountResult
OLE 66b59040-7c93-5f96-b52f-2c098d1557d0 (0.0) -- __FIAsyncOperation_1___FIVectorView_1_Windows__CSecurity__CCredentials__CWebAccount
OLE bd636cf1-541f-53ea-8efc-e1604a395b1a (0.0) -- __FITypedEventHandler_2_Windows__CApplicationModel__CPackageCatalog_Windows__CApplicationModel__CPackageUninstallingEventArgs
OLE c23e15f6-c618-522a-82ab-4fab36665ce5 (0.0) -- __FITypedEventHandler_2_Windows__CApplicationModel__CPackageCatalog_Windows__CApplicationModel__CPackageUpdatingEventArgs
OLE 4631f6e7-ffcd-4b75-8fc6-160350fa89ab (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CIWamObjectStoreManagerStatics
OLE e0798d3d-2b4a-589a-ab12-02dccc158afc (0.0) -- __FIVectorView_1_Windows__CSecurity__CCredentials__CWebAccount
OLE e60e20a2-87a0-4b34-8502-ee3b8fb4ec16 (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CIWamProviderRegistrationStatics
OLE 63a0a1e5-f8fe-4ba6-8508-caef1277dd35 (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CIWamProviderRegistrationInformation
OLE b53a11bd-746a-45ee-80e6-aa5b7faa597c (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CITokenBrokerInternalStatics4
OLE 57d369ee-7364-4ab0-a307-bdd25bce408c (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CITokenBrokerInternalStatics5
OLE 067cd3b2-1f07-4710-8ae5-5cd2e71efc11 (0.0) -- IWebAccountInternalFactory
OLE 878f3f2a-34db-42ce-a02b-d637b10a89ff (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CITokenBrokerInternalStatics8
OLE 00000037-0000-0000-c000-000000000046 (0.0) -- IWeakReference
OLE 9b8d6623-c542-4f9d-bca6-b10c8d2bcd8d (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CITokenBrokerInternalContractBrokerHelper
OLE 578d4e6f-d752-472b-b527-33570cb4c2be (0.0) -- __x_Windows_CInternal_CSecurity_CAuthentication_CWeb_CITokenBrokerProviderInternal
OLE 98fba1b6-2909-418d-9ecf-c21600fa7822 (0.0) -- __x_Windows_CApplicationModel_CContracts_CInternal_CIContractBrokerBaseTrustAccessibleServer
OLE 33ee3134-1dd6-4e3a-8067-d1c162e8642b (0.0) -- __x_Windows_CStorage_CStreams_CIRandomAccessStreamReference
OLE 905a0fe1-bc53-11df-8c49-001e4fc686da (0.0) -- __x_Windows_CFoundation_CIByteSeeker
OLE 0000000c-0000-0000-c000-000000000046 (0.0) -- IStream
OLE 4f81bfe6-fdb4-4dc4-86b9-4af32d514b78 (0.0) -- IWebAccountProviderInternalFactory
OLE 00000036-0000-0000-c000-000000000046 (0.0) -- IAsyncInfo
Endpoints :
ncalrpc : OLE4BC2744F712E687838D63AEB030E
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 544 at 0x5319278L>
64
['StateRepository']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE b07904dd-31f6-452c-a738-fa5a2fda337b (0.0) -- __x_Windows_CInternal_CStateRepository_CIUserStatics
OLE bb7966ba-e363-4f5d-b1bf-901fabfb603b (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackageStatics
OLE 5232f8ea-49c7-4840-bfbb-66e785689e88 (0.0) -- __x_Windows_CInternal_CStateRepository_CIUser
OLE d239aef3-1f67-43ec-be5e-8fbc2cb72000 (0.0) -- __x_Windows_CInternal_CStateRepository_CITileViewStatics
OLE 78662bbb-1464-4279-b5ff-ffccb2bc6529 (0.0) -- __x_Windows_CInternal_CStateRepository_CIApplicationExtensionStatics
OLE 35215f68-9b34-5676-b602-3814bf0e57f6 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CPackage
OLE ab19c2c5-9694-5644-a825-7976f20063b1 (0.0) -- __FIIterable_1_Windows__CInternal__CStateRepository__CPackage
OLE e09b3138-ae27-5c5f-a744-0ddf9881cee6 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CApplicationExtension
OLE 7d4d0de5-3dc0-58c1-a31e-572e2eba5228 (0.0) -- __FIIterator_1_Windows__CInternal__CStateRepository__CPackage
OLE 81aba04c-0d4b-422d-b790-3de217afde4d (0.0) -- __x_Windows_CInternal_CStateRepository_CIApplicationExtension
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 8e69aa27-aa66-456a-8ca9-6ce89f1bf043 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackage
OLE b17fc34b-d906-4cd1-ad70-c16d125d1686 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPrimaryTileUserNotificationChannelStatics
OLE 8a43ed9f-f4e6-4421-acf9-1dab2986820c (0.0) -- IPropertySet
OLE 1b0d3570-0877-5ec2-8a2c-3b9539506aca (0.0) -- IMap<HSTRING,IInspectable>
OLE 366a9874-5ea2-436a-828f-0145bd6cf463 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPrimaryTileUserNotificationChannel
OLE fe39030f-8455-4bf4-af4a-a34c336e4c13 (0.0) -- __x_Windows_CInternal_CStateRepository_CISecondaryTileUserNotificationChannelStatics
OLE b15abd7e-4d7e-49e4-9cda-d564220fef0c (0.0) -- __x_Windows_CInternal_CStateRepository_CIApplication
OLE 100e0fe5-f8e6-4211-b7ad-21085e53a12e (0.0) -- __x_Windows_CInternal_CStateRepository_CISecondaryTileUserNotificationChannel
OLE f7e80409-27e5-4514-805f-a431c4ce3b96 (0.0) -- __x_Windows_CInternal_CStateRepository_CIMrtApplicationStatics
OLE 8afe010a-b611-484e-944d-5ea6e4a23569 (0.0) -- __x_Windows_CInternal_CStateRepository_CIMrtApplication
OLE ede4711a-0c90-4d5b-acf3-58af696d9425 (0.0) -- __x_Windows_CInternal_CStateRepository_CIMrtPackageStatics
OLE e15958e5-d7fd-435b-a075-0b959b6788d5 (0.0) -- __x_Windows_CInternal_CStateRepository_CIMrtPackage
OLE d81e96f1-a89c-417e-9335-59531026309d (0.0) -- __x_Windows_CInternal_CStateRepository_CIApplicationStatics
OLE 4fe0a6ff-aa6b-4cb3-9241-dd477a7abb84 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackageFamily
OLE 3f593a63-8c13-4aaf-b4c6-840d3dda9e89 (0.0) -- __x_Windows_CInternal_CStateRepository_CISecondaryTileUserStatics
OLE a859fc78-67cd-447a-9e17-5d0e14176a71 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackageUserStatics
OLE 306b5ee3-4a11-5d18-8d6a-c5a60b606905 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CPackageUser
OLE 05088a81-8af6-41e9-a3af-77321cc3c6ea (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackageUser
OLE 02f69653-707a-4bce-a0ae-b6053e3b17cd (0.0) -- __x_Windows_CInternal_CStateRepository_CManagement_CIRepositoryManager
OLE 8645456f-d9a2-4b82-afec-58f0e8df0acf (0.0) -- __x_Windows_CInternal_CStateRepository_CIFileTypeAssociationStatics
OLE 89bc3f49-f8d9-5103-ba13-de497e609167 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CFileTypeAssociation
OLE 1bb373e7-f9b5-5c96-a392-cb957cb3ee66 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CApplication
OLE 9519f1d6-cf33-4920-8419-688881b44f79 (0.0) -- __x_Windows_CInternal_CStateRepository_CITileViewQueryFilter
OLE 5b80a794-e1ba-5917-9ed5-63e7cde8ee9a (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CTileView
OLE db5abad9-b595-50ca-9ae4-28e796601256 (0.0) -- __FIIterable_1_Windows__CInternal__CStateRepository__CTileView
OLE 0d2a8ed4-fa32-5dfa-a177-3898968b4290 (0.0) -- __FIIterator_1_Windows__CInternal__CStateRepository__CTileView
OLE 314e4199-1c0b-40d1-b47e-163300700e4c (0.0) -- __x_Windows_CInternal_CStateRepository_CITileView
OLE 4cc8fe6a-5976-4ece-ac32-62e2a5497f46 (0.0) -- __x_Windows_CInternal_CStateRepository_CIFileTypeAssociation
OLE 0f2f217e-7957-4262-a74c-df03d9e9e9c1 (0.0) -- __x_Windows_CInternal_CStateRepository_CIProtocolStatics
OLE 63624def-cd42-5bcf-96e6-e27614e5d807 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CProtocol
OLE fdd7e51e-d1cc-41d9-ae36-a5fac6fe5216 (0.0) -- __x_Windows_CInternal_CStateRepository_CIProtocol
OLE dd4cd077-46ac-4e8f-9afb-f0055ae35b32 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackageLocationStatics
OLE 86f5b0ee-9560-4d76-a06a-ca4c8bfe4426 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackageFamilyStatics
OLE a39a796c-2c0e-4530-bf70-d633ee369785 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackageLocation
OLE 7fe36c7d-c0d2-4ed2-970c-95f671367f20 (0.0) -- __x_Windows_CInternal_CStateRepository_CIApplicationPropertyStatics
OLE f7a88ec3-6f33-46bf-83b8-78aaf94ac396 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackagePolicyStatics
OLE 500f5564-558d-5886-ba4a-b41ffeb39322 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CPackagePolicy
OLE 7619d03f-b9b1-446c-aeb9-f126825fd333 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackagePolicy
OLE 76b8f79f-34a1-4d59-bfaa-1472aba872e5 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPrimaryTileUserStatics
OLE 6dd00567-b07e-59ee-ad82-d9d8ec4c2914 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CPrimaryTileUserDataChange
OLE da069297-d440-588a-8550-8302e7e879b8 (0.0) -- __FIIterable_1_Windows__CInternal__CStateRepository__CPrimaryTileUserDataChange
OLE 15b2bc91-0a52-5ba5-8f3a-9302adfa28a6 (0.0) -- __FIIterator_1_Windows__CInternal__CStateRepository__CPrimaryTileUserDataChange
OLE 16462b61-3298-441c-af1b-1c0995748cf7 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPrimaryTileUserDataChange
OLE c9e5352e-a07a-4e91-8309-46904e20888c (0.0) -- __x_Windows_CInternal_CStateRepository_CIDependencyGraphStatics
OLE 66d2ce49-2ebb-5cb4-8f27-ddbd019099a5 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CDependencyGraph
OLE 6a94ad8a-dd00-5816-a025-016d0ba262b6 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CSecondaryTileUserDataChange
OLE d54e91cc-2033-5964-b69d-bd0f2459c396 (0.0) -- __FIIterable_1_Windows__CInternal__CStateRepository__CSecondaryTileUserDataChange
OLE 3c310f81-daa9-5425-baa9-7e7958c75b5f (0.0) -- __FIIterator_1_Windows__CInternal__CStateRepository__CSecondaryTileUserDataChange
OLE cb3a2a28-41c0-4687-9ea6-c248191321de (0.0) -- __x_Windows_CInternal_CStateRepository_CITargetDeviceFamilyStatics
OLE e5dbfeae-3a40-4926-920c-a1ad8882663e (0.0) -- __x_Windows_CInternal_CStateRepository_CITargetDeviceFamily
OLE 804eb537-d7e6-4945-bba0-e6137d421ae4 (0.0) -- __x_Windows_CInternal_CStateRepository_CIAppUriHandlerStatics
OLE be14c746-e9c8-5ef4-8811-68272ca94e59 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CAppUriHandler
OLE 21f54ca7-3fe6-447a-a4dc-a9afc49c4999 (0.0) -- __x_Windows_CInternal_CStateRepository_CIAppUriHandler
OLE 2f2cd542-df5a-4f71-a46d-6d694f32fa97 (0.0) -- __x_Windows_CInternal_CStateRepository_CIXapStatics
OLE 04222ebf-3c08-5a6f-b227-d886a2b52873 (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CProtocolLauncherInfo
OLE 219c82b0-40f6-4f7e-a532-4373bb075ed7 (0.0) -- __x_Windows_CInternal_CStateRepository_CIProtocolLauncherInfo
OLE 01e6e15a-7659-4e66-8f82-223e1831afc8 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPackageFamilyPolicyStatics
OLE 96362321-f8c2-591f-b3ef-32979d06a8bb (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CPackageFamilyPolicy
OLE d88678cf-e543-4953-b04d-bc5da7b90592 (0.0) -- __x_Windows_CInternal_CStateRepository_CISecondaryTileViewStatics
OLE 15f99879-aa48-571f-845d-144893440cfd (0.0) -- __FIVectorView_1_Windows__CInternal__CStateRepository__CFileTypeAssociationLauncherInfo
OLE 79f51b1c-f79f-4c22-8bc2-a5b3875f4a63 (0.0) -- __x_Windows_CInternal_CStateRepository_CIDependencyGraph
OLE 82122bea-b05d-4ca4-9607-7c215e0435f5 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPrimaryTileViewStatics
OLE e9d7d323-3b8c-472f-bf0c-97b8da53abf6 (0.0) -- __x_Windows_CInternal_CStateRepository_CIPrimaryTileView
Endpoints :
ncalrpc : OLEA2BB2B5D88474E7280BE090CB33D
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1416 at 0x5319ac8L>
64
['TabletInputService']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\Windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : OLEFA34384CA904946998B5C9D43B32
--------------------------------------------------------------------------------
<WinProcess "ctfmon.exe" pid 1716 at 0x53195c0L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1840 at 0x5319710L>
64
['CDPSvc']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE a35b686f-455f-4848-b54c-056df7756c59 (0.0) -- ICDPComAccountProviderCallback
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE b80e6a0c-f02b-40fc-ac78-fa69f871f71c (0.0) -- ICDPComSettingsInterop
OLE 683d7fc9-8697-4309-994e-e8a2c5628884 (0.0) -- ICDPComAFSUserSettings
OLE 8b482f52-f12d-4bfb-a185-1c5f7774ff37 (0.0) -- ICDPComDeviceQuery
OLE 4389de91-3314-4fe7-bff1-73fbc7ef1f32 (0.0) -- ICDPComDevice
OLE dcb00002-570f-4a9b-8d69-199fdba5723b (0.0) -- INetwork
Endpoints :
ncalrpc : OLE09BCAED823942481F1A97FFD4F1B
--------------------------------------------------------------------------------
<WinProcess "explorer.exe" pid 5880 at 0x5319400L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE de8ed432-fd92-47a6-9c73-738c7b466c69 (0.0) -- IAppReadinessTaskCallback
OLE 76c0dbbb-15e0-4e7b-b61b-20eeea2001e0 (0.0) -- IAccPropServer
OLE 00000160-0000-0000-c000-000000000046 (0.0) -- IPrivDragDrop
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 8b14e88b-5663-4caf-b196-c31479262831 (0.0) -- IImmersiveApplication
OLE cb728b20-f786-11ce-92ad-00aa00a74cd0 (0.0) -- IProfferService
OLE 6d5140c1-7436-11ce-8034-00aa006009fa (0.0) -- IServiceProvider
OLE fbeba321-f5c5-58c2-aaf8-c028231b2f47 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CWindowWatcher_IInspectable
OLE 07897eb6-ef65-59dc-b8b5-d91cfed1f0c7 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CWindowWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CWindowChangedEventArgs
OLE 398df093-712d-5869-bf0e-ea6079727a7c (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_IInspectable
OLE 5ce6216a-8add-5b73-82b5-9fa6feddcddb (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewChangedEventArgs
OLE 6a934e9b-430b-5f39-8e97-67281084bdd6 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewActivationRequestedEventArgs
OLE 5a69146b-9b1a-5091-8e57-1580fdfc958b (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewActivationShowRequestedEventArgs
OLE 4f82e701-1352-5464-9e9d-6861d1b021a7 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewExecutionStateChangedEventArgs
OLE 030b3fc6-a1af-515b-bd66-5efdbb526f92 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewShowRequestedEventArgs
OLE 3dd54791-5ae7-5686-a7b8-3bd3221ca892 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewSwitchRequestedEventArgs
OLE dc73ab32-c518-58f2-a6aa-4af67a7479aa (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewUniversalPropertyChangedEventArgs
OLE c8596c50-6cae-5d90-b7f5-c624355a678c (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewVisibilityChangedEventArgs
OLE 043e8c9e-5e8e-5560-8b5b-7df0c013f027 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewApplyWindowingEnvironmentSettingsRequestedEventArgs
OLE 1c5ff5d1-e1eb-5aed-b6b0-09bde1bd1e53 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewWatcher_Windows__CInternal__CApplicationModel__CWindowManagement__CAppViewConsolidateRequestedEventArgs
OLE 7702e77c-66f6-479b-af2b-e316cff5f814 (0.0) -- IAsyncCallbackDispatcher
OLE 000214e3-0000-0000-c000-000000000046 (0.0) -- IShellView
OLE 00000114-0000-0000-c000-000000000046 (0.0) -- IOleWindow
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE af581601-f71a-4a31-8f8d-91f7df79371f (0.0) -- __x_SharedStartModel_CIStartLayoutInitializationStatics
OLE 485d880d-3bd2-519f-b754-8b2e73798d3e (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CShell__CViewManagerInterop__CIViewWrapper_Windows__CInternal__CShell__CViewManagerInterop__CIViewEventArgs
OLE 940c223d-5bdc-49db-968c-e4f3ef9b9270 (0.0) -- IImmersiveMonitorNotification
OLE b755e6e0-b048-49cc-8911-11a041216f5f (0.0) -- IApplicationStateChangeHandler
OLE 727f9e97-76ee-497b-a942-b6371328485c (0.0) -- IApplicationViewChangeListener
OLE ea8a389b-437d-4791-aa14-5dca004bc92a (0.0) -- IAsyncCallback
OLE 6592b66a-4a51-5ccc-82c5-9042acf93a44 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CShell__CExperience__CShellExperienceDispatcher_Windows__CInternal__CShell__CExperience__CIShellExperienceViewStateChangedEventArgs
OLE 1b7781cd-1b97-4728-8b6e-67a7e55cc53c (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIPeopleBarFlyoutExperienceManager
OLE ab65b025-ff88-470a-9513-b62bcd7ce879 (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIPeopleBarJumpViewExperienceManager
OLE 8667db0d-6960-465f-b9a4-c461863efa91 (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIShoulderTapExperienceManager
OLE 6ea71ff9-100d-54c3-bb4a-6922523cf9a9 (0.0) -- Windows.Foundation.IEventHandler<boolean>
OLE df65db57-d504-456e-8bd7-004ce308d8d9 (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIActionCenterExperienceManager
OLE 87324ffd-bd0a-4de8-840a-b60e345a336f (0.0) -- ISettingsFlowController
OLE 90adbab9-cdb8-43dd-8daa-ba1180be5215 (0.0) -- IMultitaskingViewServiceProvider
OLE 103231ae-04cb-4e5e-b63d-e3ce47cd0f0a (0.0) -- IImmersiveAppCrusher
OLE 373e56cf-0a1b-4b4a-a1a4-a46b25ffd7e3 (0.0) -- ITabletModeViewManager
OLE fff59320-db70-4865-8fed-8b502d692f12 (0.0) -- ISnapServiceProvider
OLE 6a5e657d-223a-4875-838b-c311ed73523b (0.0) -- IImmersiveLayoutChanges
OLE 6584ce6b-7d82-49c2-89c9-c6bc02ba8c38 (0.0) -- IAppVisibilityEvents
OLE 537b455d-1240-433b-82af-10929138b8be (0.0) -- IMultitaskingViewManager
OLE 6e6c3c52-5a5e-4b4b-a0f8-7fe12621a93e (0.0) -- IEdgeUiManager
OLE bcf1f74f-2413-46b3-8707-ec2fca11965d (0.0) -- IImmersiveLauncherTrayNotify
OLE 5090de35-ed23-43be-9714-586c5041026a (0.0) -- IHolographicViewTransitionNotificationService
OLE d8d60399-a0f1-f987-5551-321fd1b49864 (0.0) -- IImmersiveLauncher
OLE c50898f6-c536-5f47-8583-8b2c2438a13b (0.0) -- Windows.Foundation.IEventHandler<IInspectable>
OLE 5ef7890f-319b-4259-8d0f-36e5ff0916ce (0.0) -- IImmersiveLauncherCortana
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE ebe02ad8-a830-5451-b09a-7856d49cbbec (0.0) -- __FIVectorView_1_Windows__CInternal__CApplicationModel__CWindowingEnvironment__CDisplayRegionId
OLE 9767060c-9476-42e2-8f7b-2f10fd13765c (0.0) -- IImmersiveShellBroker
OLE fec0a504-8e6c-40ff-8a92-f7d693afdcf0 (0.0) -- IShellExperienceBroker
OLE 99e01be7-d840-6dfb-694f-8814c2ec727e (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIStartExperienceBroker
OLE 988881d6-4fa0-4554-86b0-25911104973a (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIStartUserInfoBroker
OLE a16f3786-6cb0-4258-a21e-d949edaa7a18 (0.0) -- IApplicationGlomBroker
OLE 905a0fe1-bc53-11df-8c49-001e4fc686da (0.0) -- __x_Windows_CFoundation_CIByteSeeker
OLE bb94daad-7836-4d62-9557-2a7b83839b7b (0.0) -- ISafeSaveHandleManager
OLE f4ee3175-aba2-4df7-b53c-93c4e4e2b0a3 (0.0) -- IRefCountedClosable
OLE 5e0ebc87-bece-4f2a-8d36-3673758f6c55 (0.0) -- IFileHandle
OLE fa9812c4-0b34-47d0-9b0b-157fb5b5fdf2 (0.0) -- IDuplicateHandleProvider
OLE 04c2542d-3c28-4510-a0c0-8db0e0a3a526 (0.0) -- IDuplicateHandleProvider2
OLE 68766f36-3808-42f9-a18f-0abde6391172 (0.0) -- IAdviseOplockCallback
OLE d14ba3f9-b24e-442f-967f-32f973d9e870 (0.0) -- IPeopleExperienceHostManager
OLE 2e8fcb18-a0ee-41ad-8ef8-77fb3a370ca5 (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIShellExperienceManagerFactory
OLE 9f3d053f-b33d-4d90-8feb-a45150a259fd (0.0) -- IMyPeopleSettingsBroker
OLE 599db028-e1d3-433d-9f90-32468634d59e (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIInputDialExperienceManager
OLE 12025c48-e604-4af0-aa8b-dc449ec7a9d3 (0.0) -- IMyPeopleSettingsListener
OLE ea5d0de4-770d-4da0-a9f8-d7f9a140ff79 (0.0) -- IApplicationFrameEventHandler
OLE e23730be-13f1-4f0b-88ab-76d5e3beb5b7 (0.0) -- IImmersiveApplicationNotification
OLE f9b8d4b3-64da-447c-b1ba-68861510eed6 (0.0) -- IApplicationViewPosition
OLE 93a0eed6-efe7-4b0d-81d0-aa5ee7712fe2 (0.0) -- IWindowSizingBroker
OLE 71538e01-5877-4d2d-ac1a-ff42b6da910d (0.0) -- IWpnSettingCallback
OLE d133ce13-3537-48ba-93a7-afcd5d2053b4 (0.0) -- ITrayNotify
OLE 85cb6900-4d95-11cf-960c-0080c7f4ee85 (0.0) -- IShellWindows
OLE 1ec5d3ef-a8bf-4311-9eeb-33ba50f461fe (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIBaseExperienceManager
OLE 3c4367fa-99ac-52c0-964d-0dcd1a9ba729 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CShell__CExperience__CIBaseExperienceManager_Windows__CInternal__CShell__CExperience__CIVisibilityChangedEventArgs
OLE 00020400-0000-0000-c000-000000000046 (0.0) -- IDispatch
OLE 1bf3dc4c-07a0-4f3f-87f8-5a625cd2e7ad (0.0) -- IImmersiveAppCrusherNotification
OLE 76bb2cfb-c246-41ec-b9c3-671e5347cf51 (0.0) -- IHolographicViewTransitionNotification
OLE dbea162d-04e8-460f-8a0b-4a431715d9a3 (0.0) -- IImmersiveBackstackManager
OLE 71ba143f-598e-49d0-84eb-8febaedcc195 (0.0) -- INetworkStatusChangedEventHandler
OLE 92ca9dcd-5622-4bba-a805-5e9f541bd8c9 (0.0) -- IObjectArray
OLE de7191d5-dd43-43d3-a47b-db4d68f42479 (0.0) -- ITitleBarAppearanceBroker
OLE 796be4b3-0fb1-415d-9984-0bc8b72e5fa2 (0.0) -- IFullScreenBroker
OLE e716b283-6be7-4e6f-a88f-1cde47d5e355 (0.0) -- IWpnPresentationTileSink
OLE c092cc2f-5eca-5a5d-9c9c-f050e892dd97 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CSecurity__CAuthentication__CWeb__CTokenBrokerInternal_Windows__CInternal__CSecurity__CAuthentication__CWeb__CWebAccountAddedEventArgs
OLE dc8b9f35-216c-54ff-99db-cd7e04c6a074 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CSecurity__CAuthentication__CWeb__CTokenBrokerInternal_Windows__CInternal__CSecurity__CAuthentication__CWeb__CWebAccountChangedEventArgs
OLE 104e5d12-179f-597c-80ce-18627ceeb8b6 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CSecurity__CAuthentication__CWeb__CTokenBrokerInternal_Windows__CInternal__CSecurity__CAuthentication__CWeb__CWebAccountDeletePendingEventArgs
OLE 78c8b458-dd5a-4f32-9d8b-d45a19ae9e1f (0.0) -- IActiveZBandNotificationForMonitor
OLE 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
OLE 27354133-7f64-5b0f-8f00-5d77afbe261e (0.0) -- IDiscRecorder2
OLE 27354132-7f64-5b0f-8f00-5d77afbe261e (0.0) -- IDiscRecorder2Ex
OLE 27354153-9f64-5b0f-8f00-5d77afbe261e (0.0) -- IDiscFormat2Data
OLE 1299cf18-c4f5-4b6a-bb0f-2299f0398e27 (0.0) -- INotifyNetworkListManagerEvents
OLE 22d2e146-1a68-40b8-949c-8fd848b415e6 (0.0) -- INotifyNetworkEvents
OLE 2abc0864-9677-42e5-882a-d415c556c284 (0.0) -- INotifyNetworkInterfaceEvents
OLE 733b7764-5c0c-4ad6-bb4b-d0585e993e0e (0.0) -- INotifyNetworkGlobalCostEvents
OLE 8cecdf70-ced8-5bc7-84a7-d80615fedcdd (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CShell__CViewManagerInterop__CIClientWindowState_Windows__CInternal__CShell__CViewManagerInterop__CIClientWindowReadyForPresentationChangedEventArgs
OLE 2166ee67-71df-4476-8394-0ced2ed05274 (0.0) -- IInputHostManagerBroker
OLE 0c40987c-7026-499e-adad-c164c0ffee84 (0.0) -- IActiveZBandNotification
OLE 2c1448e1-7540-41b2-9b0d-188c012da2f1 (0.0) -- IShellTargetingChangeNotification
OLE 2754a354-56cd-4a4a-a0ed-ec256a88d6b7 (0.0) -- IShellTargetingContractNotification
OLE 1a91faba-b93c-456b-a10d-0036d2a68be6 (0.0) -- IApplicationTileActivationBroker2
OLE c179334c-4295-40d3-bea1-c654d965605a (0.0) -- IVirtualDesktopNotification
OLE e014d578-d95e-4757-bffb-3bda010fe68a (0.0) -- IAutomaticDestinationList2
OLE 5632b1a4-e38a-400a-928a-d4cd63230295 (0.0) -- IObjectCollection
OLE 000214e6-0000-0000-c000-000000000046 (0.0) -- IShellFolder
OLE 000214ea-0000-0000-c000-000000000046 (0.0) -- IPersistFolder
OLE 0000010c-0000-0000-c000-000000000046 (0.0) -- IPersist
OLE 321a6a6a-d61f-4bf3-97ae-14be2986bb36 (0.0) -- IObjectWithBackReferences
OLE 1ac3d9f0-175c-11d1-95be-00609797ea4f (0.0) -- IPersistFolder2
OLE 49a07732-e7b8-5c5b-9de7-22e33cb97004 (0.0) -- __FIEventHandler_1_Windows__CApplicationModel__CActivation__CBackgroundActivatedEventArgs
OLE 4f9c5cec-0197-49fe-b800-0d5a72a6c505 (0.0) -- IUiaWindowNotifierCallback
OLE 2dbdba9d-20da-519d-9078-09f835bc5bc7 (0.0) -- ITypedEventHandler<UISettings,IInspectable>
OLE d4351e8c-208e-4c24-88ac-6e2add5f4bb1 (0.0) -- IApplicationViewBroker
OLE 538317c5-5bad-4847-962d-42da294f5e0a (0.0) -- IHolographicViewManager
OLE cc316ad0-3e56-4dcb-bf02-8c10ea8bfbbe (0.0) -- __x_Windows_CInternal_CShell_CExperience_CICortanaExperienceManager
OLE bf63999f-7411-40da-861c-df72c0ffee84 (0.0) -- IImmersiveApplicationManager
OLE 82467e7f-e743-4e2f-bf0b-20adcadf3217 (0.0) -- IBroadcastDVRComponent
OLE 016f611a-b360-4768-8b28-6779ddfde2e0 (0.0) --
OLE a4ed5c81-76c9-40bd-8be6-b1d90fb20ae7 (0.0) -- IAsyncActionCompletedHandler
OLE 95fc070d-cc20-44e5-8c0d-75ed8f7100b0 (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIJumpViewExperienceManager
OLE 71f24e46-f343-5d6a-a3dc-d1f8a4056b03 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CShell__CExperience__CJumpViewExperienceManager_Windows__CInternal__CShell__CExperience__CJumpViewExperienceEventArgs
OLE 24677459-c19e-43f9-8ea8-984d017abafa (0.0) -- IAppSwitcherNotificationService
OLE d0d73345-806e-4526-8ad6-3b3bb2ec2895 (0.0) -- ITaskbarThumbnailHandler
OLE 0f4521be-a0b8-4116-b3b1-bfecebaeebe6 (0.0) -- IMediaPlaybackDataSource
OLE 886d8eeb-8cf2-4446-8d02-cdba1dbdcf99 (0.0) -- IPropertyStore
OLE 2faff0c1-f38f-43dc-b5f8-8d00829024a1 (0.0) -- IImmersiveApplication2
OLE b424c6f2-89a8-4bf1-8946-41454468d78c (0.0) -- IPeoplePaneViewManager
OLE b722bccb-4e68-101b-a2bc-00aa00404770 (0.0) -- IOleCommandTarget
OLE 50ac103f-d235-4598-bbef-98fe4d1a3ad4 (0.0) -- IToastNotificationManagerStatics
OLE 75927b93-03f3-41ec-91d3-6e5bac1b38e7 (0.0) -- IToastNotificationManager
OLE 04124b20-82c6-4229-b109-fd9ed4662b53 (0.0) -- IToastNotificationFactory
OLE 7ab93c52-0e48-4750-ba9d-1a4113981847 (0.0) -- IToastNotificationManagerStatics2
OLE 5caddc63-01d3-4c97-986f-0533483fee14 (0.0) -- IToastNotificationHistory
OLE a3fa4101-4713-4f91-a8f1-93a4573ec5a7 (0.0) -- IWpnNotification
OLE d3e054c8-ba97-4c66-91a3-5a3ab6a9b1b7 (0.0) -- ITransientNotificationDetails
OLE 4f38fd3e-2c10-4c00-9ec1-62bd536a1feb (0.0) -- IWpnToastFeedback
OLE 0000000c-0000-0000-c000-000000000046 (0.0) -- IStream
OLE 63672622-6d18-42ce-9cef-7a0118cd4dfe (0.0) -- ITrayAppIdentityResolver
OLE 3f89d935-d9cb-4538-a0f0-ffe7659938f8 (0.0) -- IToastDismissedEventArgs
OLE 61c2402f-0ed0-5a18-ab69-59f4aa99a368 (0.0) -- ITypedEventHandler_2_Windows__CUI__CNotifications__CToastNotification_Windows__CUI__CNotifications__CToastDismissedEventArgs
OLE ef1669a1-d284-4068-ab56-7c82915861bd (0.0) -- __x_Windows_CApplicationModel_CInternal_CDataTransfer_CIClipboardViewLauncher
OLE cdae3790-e890-4803-b2cf-0baeeedbfaf5 (0.0) -- IWindowServiceProxy
OLE 08f327ff-85d5-48b9-aee9-28511e339f9f (0.0) -- __x_Windows_CStorage_CIStorageFolderStatics
OLE 5642c893-802f-45da-bba2-f0d77b81bd42 (0.0) -- IStorageFolderStaticsPrivate
OLE cb43ccc9-446b-4a4f-be97-757771be5203 (0.0) -- __x_Windows_CStorage_CSearch_CIStorageFolderQueryOperations
OLE 44f2c7e9-a2ca-4cbd-aa65-61ac09315e2c (0.0) -- IStorageFolderInternalAvailableCrossProcess
OLE 7bf2957b-68e4-4528-915a-7ab28983dd46 (0.0) -- IThreadAffineStorageQueryServer
OLE ac736759-22c6-4dba-b09e-04fd1889348f (0.0) -- IStorageQueryItemArray
OLE 72d1cb78-b3ef-4f75-a80b-6fd9dae2944b (0.0) -- __x_Windows_CStorage_CIStorageFolder
OLE fa3f6186-4214-428c-a64c-14c9ac7315ea (0.0) -- __x_Windows_CStorage_CIStorageFile
OLE 24a0bf18-6849-4d99-9fc8-48bcabace467 (0.0) -- IHandleDuplicator
OLE 43929d18-5ec9-4b5a-919c-4205b0c804b6 (0.0) -- __x_Windows_CStorage_CStreams_CIInputStreamReference
OLE a5322dff-9ebc-5df1-953d-0237cea8614b (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CStateRepository__CPrimaryTileUserNotifier_Windows__CInternal__CStateRepository__CPrimaryTileUserChangedEventArgs
OLE ccb96d97-791c-5741-8f33-fb7266d6ea33 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CStateRepository__CSecondaryTileUserNotifier_Windows__CInternal__CStateRepository__CSecondaryTileUserChangedEventArgs
OLE 12127662-a088-41c6-afc7-4cbf014a4c7e (0.0) -- IUiaManagerEndpointStateNotifierSink
OLE 88323784-87d3-4a39-82d5-751529f76581 (0.0) -- IUiaManagerLifetimeNotifier
OLE 53b23e1b-25e2-4886-9fb6-744b8f15571c (0.0) -- ISwitchController
OLE fc4801a3-2ba9-11cf-a229-00aa003d7352 (0.0) -- IObjectWithSite
OLE e1380b20-f578-40aa-bb7d-a22bd11b0836 (0.0) -- IUpdateViewValueSet
OLE 9c4960d4-7626-4e13-beec-1adad82ff5a0 (0.0) -- IThreadUndoManager
OLE d001f200-ef97-11ce-9bc9-00aa00608e01 (0.0) -- IOleUndoManager
OLE b92b56a9-8b55-4e14-9a89-0199bbb6f93b (0.0) -- IDesktopWallpaper
OLE bfb02fed-4c71-40e1-b4f3-ce99c2ff0542 (0.0) -- IObjectWithFileHandle
OLE fc992f1f-debb-4596-b355-50c7a6dd1222 (0.0) -- IWaitCursorManager
OLE 000214e2-0000-0000-c000-000000000046 (0.0) -- IShellBrowser
OLE 831d1dff-7f57-4720-87e4-cb57d6214428 (0.0) -- IInvocationLocation
OLE 9536ca39-1acb-4ae6-ad27-2403d04ca28f (0.0) -- IShellItemBrowser
OLE 70eabf46-f836-4c5d-95fa-13005e467f81 (0.0) -- IExplorerHost
OLE 618736e0-3c3d-11cf-810c-00aa00389b71 (0.0) -- IAccessible
OLE 35bd3360-1b35-4927-bae4-b10e70d99eff (0.0) -- IFrameTaskManager
OLE f66724ea-ae8f-41a2-b3f3-3d6581ea891c (0.0) -- IRibbonTabsetCallBack
OLE b3a4b685-b685-4805-99d9-5dead2873236 (0.0) -- IParentAndItem
OLE ef01eb89-5a19-42cb-bc8c-f10ed6c6791b (0.0) -- ISyncIntegrationManager
OLE 1aba2312-77b6-44d7-b975-cce3f3d3fb2f (0.0) -- ISyncStatusProvider
OLE f2153260-232e-4474-9d0a-9f2ab153441d (0.0) -- IVerbStateTaskCallBack
OLE 31e4fa78-02b4-419f-9430-7b7585237c77 (0.0) -- IFrameManager
OLE b3e7c340-ef97-11ce-9bc9-00aa00608e01 (0.0) -- IEnumOleUndoUnits
OLE cde725b0-ccc9-4519-917e-325d72fab4ce (0.0) -- IFolderView
OLE 00000135-0000-0000-c000-000000000046 (0.0) -- IInterfaceFromWindowProp
OLE 0000010e-0000-0000-c000-000000000046 (0.0) -- IDataObject
OLE 93f2f68c-1d1b-11d3-a30e-00c04f79abd1 (0.0) -- IShellFolder2
OLE 1af3a467-214f-4298-908e-06b03e0b39f9 (0.0) -- IFolderView2
OLE cef04fdf-fe72-11d2-87a5-00c04f6837cf (0.0) -- IPersistFolder3
OLE 6d5174ec-f425-4cd9-8643-cf36042987f1 (0.0) -- IOperationStatusService
OLE 4ae7498c-e1c0-475f-8573-41c26127c5d8 (0.0) -- IOperationStatusTile
OLE 0000000e-0000-0000-c000-000000000046 (0.0) -- IBindCtx
OLE 00000103-0000-0000-c000-000000000046 (0.0) -- IEnumFORMATETC
OLE 2ad63a67-f12f-4bd7-b1bf-6213290a552a (0.0) -- IUIAutomationCrossThreadRelease
OLE 46dbf318-d92f-4c38-a6bd-fbd8813e210f (0.0) -- ISdGITManager
OLE d597bab3-5b9f-11d1-8dd2-00aa004abd5e (0.0) -- ISensLogon
OLE 6ee8a11f-f5f0-4feb-8b78-a69aaa8a2a6a (0.0) -- IUpFrontConfirmation
OLE 7724f749-b79e-42a0-aa9e-878b498f26ec (0.0) -- IWsDocumentUpdate
Endpoints :
ncalrpc : OLED3F64EC5610C313F619626545723
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 1184 at 0x53191d0L>
64
['WdiSystemHost']
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 5644 at 0x53190b8L>
64
['PcaSvc']
Interfaces :
RPC 0767a036-0d22-48aa-ba69-b619480f38cb (1.0) -- c:\windows\system32\pcasvc.dll
0 -> RAiMonitorProcess
1 -> RAiSendToService
2 -> RAiNotifyMsiInstall
3 -> RAiLinkChildToParent
4 -> RAiGetFileInfoFromPath
Endpoints :
ncalrpc : LRPC-daab6360023214c40d
--------------------------------------------------------------------------------
<WinProcess "smartscreen.exe" pid 4364 at 0x5319828L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 00000001-0000-0000-c000-000000000046 (0.0) -- IClassFactory
OLE d9dc3975-1062-470a-994c-409151ff8f54 (0.0) -- IAppReputationService
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 29a3ab33-0fd7-44f5-9bff-c0b6c081fbfb (0.0) -- IUriReputationServiceStatics
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 3474d734-3408-4471-a344-a3439343634a (0.0) -- IUriReputationSettings
OLE 377f919e-1b1a-5ca1-9ac0-70f57dcf5f61 (0.0) -- IAsyncOperation<AppReputationResult>
OLE 7800b2a3-bbbc-5a11-8c35-d2bde5489e81 (0.0) -- __FIAsyncOperationCompletedHandler_1_Windows__CServices__CStore__CStoreSendRequestResult
OLE afce43e5-977b-4b8a-b7b6-e26ecec26ddf (0.0) -- ISusNotify
OLE beef4698-9382-44ce-99a0-ece4e9c0916e (0.0) --
Endpoints :
ncalrpc : OLE229F747B3912B63B27E7987C17B5
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 4932 at 0x5319ba8L>
64
['cbdhsvc_9c09e']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE c50898f6-c536-5f47-8583-8b2c2438a13b (0.0) -- Windows.Foundation.IEventHandler<IInspectable>
OLE c627e291-34e2-4963-8eed-93cbb0ea3d70 (0.0) -- __x_Windows_CApplicationModel_CDataTransfer_CIClipboardStatics
OLE 0000010e-0000-0000-c000-000000000046 (0.0) -- IDataObject
OLE 00000103-0000-0000-c000-000000000046 (0.0) -- IEnumFORMATETC
Endpoints :
ncalrpc : OLE983B048DC8EACB0ADF244733A028
--------------------------------------------------------------------------------
<WinProcess "ShellExperienceHost.exe" pid 5420 at 0x5319c18L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 92696c00-7578-48e1-ac1a-2ca909e2c8cf (0.0) -- __x_Windows_CApplicationModel_CCore_CIActivatableApplication
OLE 638bb2db-451d-4661-b099-414f34ffb9f1 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationView
OLE 49a07732-e7b8-5c5b-9de7-22e33cb97004 (0.0) -- __FIEventHandler_1_Windows__CApplicationModel__CActivation__CBackgroundActivatedEventArgs
OLE 2e5500b6-66ad-467f-abb5-022a64283d88 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationViewInternal
OLE 4f9c5cec-0197-49fe-b800-0d5a72a6c505 (0.0) -- IUiaWindowNotifierCallback
OLE abadfe7f-04c1-4a9f-9b3c-a323f1c80178 (0.0) -- IScaleChangeSink
OLE c50898f6-c536-5f47-8583-8b2c2438a13b (0.0) -- Windows.Foundation.IEventHandler<IInspectable>
OLE 2dbdba9d-20da-519d-9078-09f835bc5bc7 (0.0) -- ITypedEventHandler<UISettings,IInspectable>
OLE 7d56d344-8464-4faf-aa49-37ea6e2d7bd1 (0.0) -- __x_Windows_CApplicationModel_CDataTransfer_CDragDrop_CCore_CICoreDragDropManager
OLE cd292360-2763-4085-8a9f-74b224a29175 (0.0) -- __x_Windows_CUI_CCore_CICoreWindowFactory
OLE 087ca5a4-8cfc-4264-b39d-da2bb2583a11 (0.0) -- ICoreWindowFactoryPriv
OLE 92cee296-66e6-4678-984a-579e02c88be6 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationViewForceMarshal
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 350e1244-4575-45ee-8595-0aa8c6506fc7 (0.0) -- __x_Windows_CApplicationModel_CBackground_CIBackgroundWorkManagerInternal
OLE 01cf8bd4-e3d6-413d-8339-36d46e78d12c (0.0) -- __x_Windows_CApplicationModel_CBackground_CIBackgroundWorkManagerInternal2
OLE 78c880f6-a7dc-5172-89da-7749fc82aa82 (0.0) -- __FIMapView_2_GUID_Windows__CApplicationModel__CBackground__CIBackgroundTaskRegistration
OLE 80fb0327-5a00-55cc-85db-a852719981b9 (0.0) -- __FIIterable_1___FIKeyValuePair_2_GUID_Windows__CApplicationModel__CBackground__CIBackgroundTaskRegistration
OLE 2001aea5-1a86-517e-8be5-11d7fb5935b2 (0.0) -- __FIIterator_1___FIKeyValuePair_2_GUID_Windows__CApplicationModel__CBackground__CIBackgroundTaskRegistration
OLE 5a1f6d75-8678-547c-8fd7-fbceb6ebf968 (0.0) -- __FIKeyValuePair_2_GUID_Windows__CApplicationModel__CBackground__CIBackgroundTaskRegistration
OLE f5917e6f-5abf-5e65-b5b4-1b9c8d94e788 (0.0) -- ITypedEventHandler<AccessibilitySettings,IInspectable>
OLE fcaeac67-4e77-49c7-b856-dde934fc735b (0.0) -- ILanguageFontGroupFactory
OLE 00000037-0000-0000-c000-000000000046 (0.0) -- IWeakReference
OLE a5322dff-9ebc-5df1-953d-0237cea8614b (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CStateRepository__CPrimaryTileUserNotifier_Windows__CInternal__CStateRepository__CPrimaryTileUserChangedEventArgs
OLE 9d4966fa-dbd1-4799-a07f-6a5e1991bda4 (0.0) -- IOplockCallbackEventHandler
OLE ccb96d97-791c-5741-8f33-fb7266d6ea33 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CStateRepository__CSecondaryTileUserNotifier_Windows__CInternal__CStateRepository__CSecondaryTileUserChangedEventArgs
OLE f9e87849-b323-eefa-3204-8a2d2d2b4432 (0.0) -- IImageQueueManager
OLE a2cd1ad4-df0a-4566-9407-de425b84cc21 (0.0) -- IAsyncWPNInit
OLE 06386a7a-e009-5b0b-ab68-a8e48b516647 (0.0) -- __FIAsyncOperationWithProgressCompletedHandler_2_Windows__CStorage__CStreams__CIBuffer_UINT32
OLE 6030e7c3-f93f-5e9c-9ba2-9a018d2b09c0 (0.0) -- __FIEventHandler_1_Windows__CSystem__CAppMemoryUsageLimitChangingEventArgs
OLE 118ec4a0-443d-467d-b568-de895db52e7b (0.0) -- __x_Windows_CServices_CTargetedContent_CInternal_CINotifySubscription
OLE 00000038-0000-0000-c000-000000000046 (0.0) -- IWeakReferenceSource
OLE 24a0bf18-6849-4d99-9fc8-48bcabace467 (0.0) -- IHandleDuplicator
OLE e716b283-6be7-4e6f-a88f-1cde47d5e355 (0.0) -- IWpnPresentationTileSink
OLE 1726f52d-2b8c-524a-98c6-f2cf0893c0f2 (0.0) -- __FITypedEventHandler_2_Windows__CApplicationModel__CPackageCatalog_Windows__CApplicationModel__CPackageStagingEventArgs
OLE a8a900c6-da0b-5bcc-a71a-be0b9265d87a (0.0) -- __FITypedEventHandler_2_Windows__CApplicationModel__CPackageCatalog_Windows__CApplicationModel__CPackageInstallingEventArgs
OLE c23e15f6-c618-522a-82ab-4fab36665ce5 (0.0) -- __FITypedEventHandler_2_Windows__CApplicationModel__CPackageCatalog_Windows__CApplicationModel__CPackageUpdatingEventArgs
OLE b32d7d63-cd0e-5c2e-a251-fb8d290824e4 (0.0) -- __FITypedEventHandler_2_Windows__CApplicationModel__CPackageCatalog_Windows__CApplicationModel__CPackageStatusChangedEventArgs
OLE 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
OLE 5632b1a4-e38a-400a-928a-d4cd63230295 (0.0) -- IObjectCollection
OLE cf7a6ffc-5a5d-4153-9d9d-9946b57e45fa (0.0) -- IRefreshTileNotifications
OLE c1635471-1417-4750-811f-a6122953c5a3 (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIShellExperiencePrivate
OLE ac7f26f2-feb7-5b2a-8ac4-345bc62caede (0.0) -- IMapView<HSTRING,HSTRING>
OLE e9bdaaf0-cbf6-5c72-be90-29cbf3a1319b (0.0) -- IIterable<IKeyValuePair<HSTRING,HSTRING> >
OLE 05eb86f1-7140-5517-b88d-cbaebe57e6b1 (0.0) -- IIterator<IKeyValuePair<HSTRING,HSTRING> >
OLE 60310303-49c5-52e6-abc6-a9b36eccc716 (0.0) -- IKeyValuePair<HSTRING,HSTRING>
OLE 338579bf-1a35-5cc4-a622-a6f384fd892c (0.0) -- __FIEventHandler_1_Windows__CApplicationModel__CSuspendingEventArgs
OLE 9b6171c2-abb2-5194-afc0-cef167c424eb (0.0) -- __FIEventHandler_1_Windows__CApplicationModel__CLeavingBackgroundEventArgs
OLE e0739c32-fc14-5361-a8b3-0809699fbcbd (0.0) -- __FIEventHandler_1_Windows__CApplicationModel__CEnteredBackgroundEventArgs
OLE 398c4183-793d-5b00-819b-4aef92485e94 (0.0) -- IAsyncOperationCompletedHandler<Windows.Storage.Streams.IRandomAccessStream>
OLE e2663f37-2e1b-500c-ad68-c3ed7a8f74c8 (0.0) -- MapChangedEventHandler<HSTRING,HSTRING>
OLE 60141efb-f2f9-5377-96fd-f8c60d9558b5 (0.0) -- IMapChangedEventArgs<HSTRING>
OLE 78d3e6f2-0c4f-45a5-bca6-59ec8a03e08f (0.0) -- IWpnPresentationTileSink2
OLE 4a338128-9c2f-4567-9102-06c889e19c1d (0.0) -- INotificationControllerToastSink
OLE c9c87c56-0624-5c39-b08d-568959968f8e (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CUI__CShutdown__CShutdownUXViewModel_Windows__CInternal__CUI__CShutdown__CShutdownView
Endpoints :
ncalrpc : OLE9BF3247167EF8785B7A02D6B2B64
--------------------------------------------------------------------------------
<WinProcess "SearchUI.exe" pid 6156 at 0x5319f28L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 92696c00-7578-48e1-ac1a-2ca909e2c8cf (0.0) -- __x_Windows_CApplicationModel_CCore_CIActivatableApplication
OLE 638bb2db-451d-4661-b099-414f34ffb9f1 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationView
OLE 49a07732-e7b8-5c5b-9de7-22e33cb97004 (0.0) -- __FIEventHandler_1_Windows__CApplicationModel__CActivation__CBackgroundActivatedEventArgs
OLE 2e5500b6-66ad-467f-abb5-022a64283d88 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationViewInternal
OLE 4f9c5cec-0197-49fe-b800-0d5a72a6c505 (0.0) -- IUiaWindowNotifierCallback
OLE abadfe7f-04c1-4a9f-9b3c-a323f1c80178 (0.0) -- IScaleChangeSink
OLE c50898f6-c536-5f47-8583-8b2c2438a13b (0.0) -- Windows.Foundation.IEventHandler<IInspectable>
OLE 2dbdba9d-20da-519d-9078-09f835bc5bc7 (0.0) -- ITypedEventHandler<UISettings,IInspectable>
OLE 7d56d344-8464-4faf-aa49-37ea6e2d7bd1 (0.0) -- __x_Windows_CApplicationModel_CDataTransfer_CDragDrop_CCore_CICoreDragDropManager
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 350e1244-4575-45ee-8595-0aa8c6506fc7 (0.0) -- __x_Windows_CApplicationModel_CBackground_CIBackgroundWorkManagerInternal
OLE 297445d3-fb63-4135-8909-4e354c061466 (0.0) -- __x_Windows_CSecurity_CAuthentication_COnlineId_CIOnlineIdServiceTicketRequest
OLE e2663f37-2e1b-500c-ad68-c3ed7a8f74c8 (0.0) -- MapChangedEventHandler<HSTRING,HSTRING>
OLE 60141efb-f2f9-5377-96fd-f8c60d9558b5 (0.0) -- IMapChangedEventArgs<HSTRING>
OLE c1635471-1417-4750-811f-a6122953c5a3 (0.0) -- __x_Windows_CInternal_CShell_CExperience_CIShellExperiencePrivate
OLE cd9a9c56-e8ae-50b3-b094-6de873b0c25c (0.0) --
OLE fc8f5d3d-998b-5d32-9578-4d5ebc38a22e (0.0) --
OLE 786d1a9d-c84e-5d59-9b2b-a4d508f3ac17 (0.0) --
OLE 93ec8973-aa21-5ee2-9d54-e17b3ac9e344 (0.0) --
OLE c21a025f-497a-47ce-abb5-dd7cf34d04cb (0.0) -- IBackgroundWorkItemInstanceEvents
OLE a9d9c0b6-c84b-4010-8202-7c23b17dc148 (0.0) -- __x_WindowsInternal_CShell_CUnifiedTile_CIVerbEnumerationArgs
OLE a5322dff-9ebc-5df1-953d-0237cea8614b (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CStateRepository__CPrimaryTileUserNotifier_Windows__CInternal__CStateRepository__CPrimaryTileUserChangedEventArgs
OLE ccb96d97-791c-5741-8f33-fb7266d6ea33 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CStateRepository__CSecondaryTileUserNotifier_Windows__CInternal__CStateRepository__CSecondaryTileUserChangedEventArgs
OLE 2f13c006-a03a-5f69-b090-75a43e33423e (0.0) -- IVectorView<HSTRING>
OLE 8a43ed9f-f4e6-4421-acf9-1dab2986820c (0.0) -- IPropertySet
OLE 1b0d3570-0877-5ec2-8a2c-3b9539506aca (0.0) -- IMap<HSTRING,IInspectable>
OLE 14da7de7-40df-5d4c-823f-cf310625ad39 (0.0) -- IAsyncOperationProgressHandler<HSTRING,UINT64>
OLE bd75eebe-e7b5-5af6-8415-a4b9c9045202 (0.0) -- IAsyncOperationWithProgressCompletedHandler<HSTRING,UINT64>
OLE 24a0bf18-6849-4d99-9fc8-48bcabace467 (0.0) -- IHandleDuplicator
OLE 93cc156d-af27-4dd3-846e-24ee40cadd25 (0.0) -- __x_Windows_CApplicationModel_CBackground_CIBackgroundTaskDeferral
OLE 6030e7c3-f93f-5e9c-9ba2-9a018d2b09c0 (0.0) -- __FIEventHandler_1_Windows__CSystem__CAppMemoryUsageLimitChangingEventArgs
OLE 1ada0e3e-e4a2-4123-b451-dc96bf800419 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreImmersiveApplication
OLE 4207a996-ca2f-42f7-bde8-8b10457a7f30 (0.0) -- __x_Windows_CStorage_CIStorageItem
OLE 3b8c9be7-fc8c-42e2-a6b5-7005aa719c35 (0.0) -- __x_WindowsInternal_CShell_CUnifiedTile_CPrivate_CIVerbEnumerationArgsPrivate
OLE fe2f3d47-5d47-5499-8374-430c7cda0204 (0.0) -- IIterable<IKeyValuePair<HSTRING,IInspectable> >
OLE 5db5fa32-707c-5849-a06b-91c8eb9d10e8 (0.0) -- IIterator<IKeyValuePair<HSTRING,IInspectable> >
OLE 09335560-6c6b-5a26-9348-97b781132b20 (0.0) -- IKeyValuePair<HSTRING,IInspectable>
Endpoints :
ncalrpc : OLE5F05EDD2D45DD70CAA553353EC6A
--------------------------------------------------------------------------------
<WinProcess "RuntimeBroker.exe" pid 6316 at 0x5319630L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 6040ec14-6557-41f9-a3f7-b1cab7b42120 (0.0) -- IRuntimeBroker
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE a67b287f-cfe4-43e4-ac63-f74ae08662b9 (0.0) -- __x_Windows_CCortana_CIMSAManagerStatics
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE e826ea58-66a9-4d41-83d4-b4c18c87b846 (0.0) -- __x_Windows_CApplicationModel_CBackground_CIBackgroundExecutionManagerStatics
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE eb2c0c45-76f9-4a0a-bb73-fcf47d73a4eb (0.0) -- __x_Windows_CInternal_CSecurity_CWebAuthentication_CIAuthenticationManager
OLE cd6f56ba-a90a-5556-a48f-36a097b3ce5c (0.0) -- __FIAsyncOperation_1_Windows__CInternal__CSecurity__CWebAuthentication__CUserHostIdentity
OLE 79882e54-c2ae-4f76-9577-9fe028b48255 (0.0) -- __x_Windows_CInternal_CSecurity_CWebAuthentication_CIUserHostIdentity
OLE 45f03233-e7a8-5ade-9ff3-0b8a1c6ba76b (0.0) -- __FIVectorView_1_Windows__CSecurity__CAuthentication__COnlineId__COnlineIdServiceTicket
OLE c95c547f-d781-4a94-acb8-c59874238c26 (0.0) -- __x_Windows_CSecurity_CAuthentication_COnlineId_CIOnlineIdServiceTicket
OLE c31da254-9063-4b7a-b1a0-4e7968ba7eae (0.0) -- __x_Windows_CCortana_CICortanaSettingsStatics
OLE 8ca8efcc-f4ac-4987-984b-0b92f11c1cd3 (0.0) -- __x_Windows_CCortana_CISearchFoldersStatics
OLE f898ee67-61c0-4963-9fc4-72c45a4c9ca4 (0.0) -- __x_Windows_CCortana_CIPathCommandingStatics
OLE 84e30b9c-351d-5fcb-8b0a-bc145407f915 (0.0) -- IAsyncOperation<IMap<HSTRING,HSTRING> >
OLE acbe964b-0eed-4d11-9ca9-fdeb63598d2e (0.0) -- SystemSettings.DataModel.ISettingsEnvironmentDatabase
OLE 32b5f566-4c01-4a18-a5f1-41d6d38fbccd (0.0) -- __x_WindowsInternal_CShell_CUnifiedTile_CPrivate_CITileVerbProviderDesktopBrokerStatics
OLE f9ad7985-244a-4e61-8ba2-55a3f5e1c665 (0.0) -- __x_WindowsInternal_CShell_CUnifiedTile_CITileVerb
OLE b448c9be-687b-481f-ae8b-7caef2fd0abf (0.0) -- __x_Windows_CCortana_CIAppsInfoStatics
OLE 2f13c006-a03a-5f69-b090-75a43e33423e (0.0) -- IVectorView<HSTRING>
OLE 08f327ff-85d5-48b9-aee9-28511e339f9f (0.0) -- __x_Windows_CStorage_CIStorageFolderStatics
OLE 5642c893-802f-45da-bba2-f0d77b81bd42 (0.0) -- IStorageFolderStaticsPrivate
OLE cb43ccc9-446b-4a4f-be97-757771be5203 (0.0) -- __x_Windows_CStorage_CSearch_CIStorageFolderQueryOperations
OLE 44f2c7e9-a2ca-4cbd-aa65-61ac09315e2c (0.0) -- IStorageFolderInternalAvailableCrossProcess
OLE 7bf2957b-68e4-4528-915a-7ab28983dd46 (0.0) -- IThreadAffineStorageQueryServer
OLE d79df790-8b00-4420-8f46-30c61e5ff610 (0.0) -- IStorageQueryServer
OLE ac736759-22c6-4dba-b09e-04fd1889348f (0.0) -- IStorageQueryItemArray
OLE 0000000c-0000-0000-c000-000000000046 (0.0) -- IStream
OLE fa9812c4-0b34-47d0-9b0b-157fb5b5fdf2 (0.0) -- IDuplicateHandleProvider
OLE bfb02fed-4c71-40e1-b4f3-ce99c2ff0542 (0.0) -- IObjectWithFileHandle
OLE 4207a996-ca2f-42f7-bde8-8b10457a7f30 (0.0) -- __x_Windows_CStorage_CIStorageItem
OLE 5a648006-843a-4da9-865b-9d26e5dfad7b (0.0) -- IAsyncAction
OLE 574bd3d3-5f30-45cd-8a94-724fe5973084 (0.0) -- IDeviceAccessInformationStatics
OLE 0baa9a73-6de5-4915-8ddd-9a0554a6f545 (0.0) -- IDeviceAccessInformation
OLE 552b1888-ef6b-4b24-83b2-350ebcd2d7f1 (0.0) -- __x_Windows_CCortana_CIDeviceAccessHelperStatics
OLE c01d2385-eae8-42b0-abac-85a30f2ea27f (0.0) -- __x_Windows_CInternal_CBackupRestore_CSettingsProviders_CIOneBackupHandlerStatics
OLE f6d1f700-49c2-52ae-8154-826f9908773c (0.0) -- IMap<HSTRING,HSTRING>
OLE 11c7cc5e-c04e-50e7-a65e-6f6903690c16 (0.0) -- __FIAsyncOperation_1_Windows__CStorage__CFileProperties__CStorageItemThumbnail
OLE 6ed346a8-5f94-4ad9-8948-c16a2a7c077c (0.0) -- __x_Windows_CCortana_CIContextMenuManagerStatics
OLE 93cd7e63-061d-4abd-9756-de54a171dacf (0.0) -- __x_WindowsInternal_CShell_CUnifiedTile_CPrivate_CITileVerbProviderCommonBrokerStatics
OLE cc254827-4b3d-438f-9232-10c76bc7e038 (0.0) -- __x_Windows_CStorage_CStreams_CIRandomAccessStreamWithContentType
OLE 905a0fe1-bc53-11df-8c49-001e4fc686da (0.0) -- __x_Windows_CFoundation_CIByteSeeker
OLE 11ddba60-bddf-5fe6-a694-983f146cf3a7 (0.0) -- __FIVectorView_1_WindowsInternal__CShell__CUnifiedTile__CTileVerb
OLE 1edd22f1-7f8b-419a-a6dc-fa1cae62a5ee (0.0) -- __x_Windows_CCortana_CIDesktopLaunchersStatics
OLE 30d5a829-7fa4-4026-83bb-d75bae4ea99e (0.0) -- IClosable
OLE d75c13bb-3883-4bd2-9b7a-334ff6d83066 (0.0) -- IStorageItemInternalAvailableCrossProcess
OLE f865b84b-9c4a-444a-88e6-4b66ed8fcd99 (0.0) -- IVoiceActivationController
OLE 49f572e9-f524-4d67-b674-3d342d007adf (0.0) -- Windows.System.Profile.IHardwareInformationInternal
OLE 4e5e4f04-2c92-4a6a-80e1-571e0e670a30 (0.0) -- __x_Windows_CCortana_CIDesktopItemStatics
OLE 68766f36-3808-42f9-a18f-0abde6391172 (0.0) -- IAdviseOplockCallback
OLE 04c2542d-3c28-4510-a0c0-8db0e0a3a526 (0.0) -- IDuplicateHandleProvider2
Endpoints :
ncalrpc : OLEF9D0B214AEA7A9D6A34F50515732
--------------------------------------------------------------------------------
<WinProcess "RuntimeBroker.exe" pid 6376 at 0x5319358L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 6040ec14-6557-41f9-a3f7-b1cab7b42120 (0.0) -- IRuntimeBroker
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 50a5378f-a64e-4d5a-a911-6342b5ff64c0 (0.0) -- __x_Windows_CServices_CTargetedContent_CInternal_CISubscriptionManager
OLE fafd0ef2-a207-43c0-8134-23e35b2b9099 (0.0) -- __x_Windows_CInternal_CShell_CStartUI_CITileImageHelperStatics
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 430ecece-1418-5d19-81b2-5ddb381603cc (0.0) -- IAsyncOperation<Windows.Storage.Streams.IRandomAccessStream>
OLE 905a0fe1-bc53-11df-8c49-001e4fc686da (0.0) -- __x_Windows_CFoundation_CIByteSeeker
OLE 0000000c-0000-0000-c000-000000000046 (0.0) -- IStream
OLE fa9812c4-0b34-47d0-9b0b-157fb5b5fdf2 (0.0) -- IDuplicateHandleProvider
OLE bfb02fed-4c71-40e1-b4f3-ce99c2ff0542 (0.0) -- IObjectWithFileHandle
OLE ca2f34cf-283f-453e-b2d2-841b8c2f5c34 (0.0) -- __x_Windows_CServices_CTargetedContent_CInternal_CITargetedContentCacheReader
OLE 2f92b529-119b-575a-a419-3904b4e41af2 (0.0) -- IAsyncOperation<IVectorView<HSTRING> >
OLE 5cc754cf-f82f-471b-ba04-1783588b7144 (0.0) -- __x_Windows_CApplicationModel_CInternal_CIPackageCatalogInternalStatics
OLE 2f13c006-a03a-5f69-b090-75a43e33423e (0.0) -- IVectorView<HSTRING>
OLE 230a3751-9de3-4445-be74-91fb325abefe (0.0) -- __x_Windows_CApplicationModel_CIPackageCatalog
OLE 96a60c36-8ff7-4344-b6bf-ee64c2207ed2 (0.0) -- __x_Windows_CApplicationModel_CIPackageCatalog2
OLE 96dd5c88-8837-43f9-9015-033434ba14f3 (0.0) -- __x_Windows_CApplicationModel_CIPackageCatalog3
OLE c37c399b-44cc-4b7b-8baf-796c04ead3b9 (0.0) --
OLE 08f327ff-85d5-48b9-aee9-28511e339f9f (0.0) -- __x_Windows_CStorage_CIStorageFolderStatics
OLE 5642c893-802f-45da-bba2-f0d77b81bd42 (0.0) -- IStorageFolderStaticsPrivate
OLE cb43ccc9-446b-4a4f-be97-757771be5203 (0.0) -- __x_Windows_CStorage_CSearch_CIStorageFolderQueryOperations
OLE 44f2c7e9-a2ca-4cbd-aa65-61ac09315e2c (0.0) -- IStorageFolderInternalAvailableCrossProcess
OLE 7bf2957b-68e4-4528-915a-7ab28983dd46 (0.0) -- IThreadAffineStorageQueryServer
OLE ac736759-22c6-4dba-b09e-04fd1889348f (0.0) -- IStorageQueryItemArray
OLE fa3f6186-4214-428c-a64c-14c9ac7315ea (0.0) -- __x_Windows_CStorage_CIStorageFile
OLE 3e1fe603-f897-5263-b328-0806426b8a79 (0.0) -- IAsyncOperation<HSTRING>
OLE 72d1cb78-b3ef-4f75-a80b-6fd9dae2944b (0.0) -- __x_Windows_CStorage_CIStorageFolder
OLE 43929d18-5ec9-4b5a-919c-4205b0c804b6 (0.0) -- __x_Windows_CStorage_CStreams_CIInputStreamReference
OLE 437d714d-bd80-4a70-bc50-f6e796509575 (0.0) -- __x_Windows_CApplicationModel_CIPackageStatusChangedEventArgs
OLE 163c792f-bd75-413c-bf23-b1fe7b95d825 (0.0) -- __x_Windows_CApplicationModel_CIPackage
OLE a6612fb6-7688-4ace-95fb-359538e7aa01 (0.0) -- __x_Windows_CApplicationModel_CIPackage2
OLE 1adb665e-37c7-4790-9980-dd7ae74e8bb2 (0.0) -- __x_Windows_CApplicationModel_CIPackageId
OLE 97741eb7-ab7a-401a-8b61-eb0e7faff237 (0.0) -- __x_Windows_CApplicationModel_CIPackageInstallingEventArgs
OLE 65aed1ae-b95b-450c-882b-6255187f397e (0.0) -- __x_Windows_CApplicationModel_CIPackage4
OLE 5095e466-bb07-4fb0-a18b-88f3bf86b2bd (0.0) -- __x_Windows_CServices_CTargetedContent_CInternal_CITargetedContentActionStaticsInternal
OLE ece5d2be-4f13-4acf-9adf-9fc310271ac1 (0.0) -- __x_Windows_CInternal_CStorage_CIStorageFileStartExperienceStatic
OLE 5e52f8ce-aced-5a42-95b4-f674dd84885e (0.0) -- __FIAsyncOperation_1_Windows__CStorage__CStorageFile
OLE 954e4bcf-0a77-42fb-b777-c2ed58a52e44 (0.0) -- __x_Windows_CStorage_CIStorageFile2
OLE bb94daad-7836-4d62-9557-2a7b83839b7b (0.0) -- ISafeSaveHandleManager
OLE f4ee3175-aba2-4df7-b53c-93c4e4e2b0a3 (0.0) -- IRefCountedClosable
OLE 5e0ebc87-bece-4f2a-8d36-3673758f6c55 (0.0) -- IFileHandle
OLE 04c2542d-3c28-4510-a0c0-8db0e0a3a526 (0.0) -- IDuplicateHandleProvider2
OLE 68766f36-3808-42f9-a18f-0abde6391172 (0.0) -- IAdviseOplockCallback
OLE 4aef67fd-5aaa-4059-a712-3f0cddadd143 (0.0) -- __x_WindowsInternal_CShell_CUnifiedTile_CCuratedTileCollections_CIAppInstallBroker
OLE 0d512bc7-d05f-55c5-b40a-b1e269c5114d (0.0) -- __FITypedEventHandler_2_WindowsUpdate__CInternal__CIInstallControl_WindowsUpdate__CInternal__CIInstallItem
OLE afce43e5-977b-4b8a-b7b6-e26ecec26ddf (0.0) -- ISusNotify
OLE beef4698-9382-44ce-99a0-ece4e9c0916e (0.0) --
OLE 90c24b33-ca5c-564c-8cc2-baf152127234 (0.0) -- __FIVectorView_1_Windows__CApplicationModel__CStore__CPreview__CInstallControl__CInternal__CAppData
OLE 30ee2287-5993-4a25-b150-96d09a53e851 (0.0) -- __x_Windows_CApplicationModel_CStore_CPreview_CInstallControl_CInternal_CIAppData
OLE e762b6be-f3b7-4977-bc20-4388a551b5b4 (0.0) -- __x_Windows_CServices_CTargetedContent_CInternal_CITargetedContentActionInternal
OLE 5a648006-843a-4da9-865b-9d26e5dfad7b (0.0) -- IAsyncAction
OLE 1cc9d633-5180-4f2a-8fee-89e30086b023 (0.0) -- __x_Windows_CInternal_CUI_CShutdown_CIShutdownUXViewModelFactory
OLE 3d0980d5-1d41-46a3-a0d5-637f10c6e301 (0.0) -- __x_Windows_CInternal_CUI_CShutdown_CIShutdownUXViewModel
OLE e449cd09-7b95-4075-96b4-e72a473db36c (0.0) -- __x_Windows_CInternal_CUI_CShutdown_CIShutdownChoicesViewModel
OLE fab1a66e-7a0c-55bd-b138-fb09398869d2 (0.0) -- __FIVectorView_1_Windows__CInternal__CUI__CShutdown__CShutdownUXOption
OLE e64aecc1-d683-419d-87e7-3c6261c64d0d (0.0) -- __x_Windows_CInternal_CUI_CShutdown_CIShutdownUXOption
OLE 23d156c7-7ef9-5096-aaba-1e6c9ab5ceb4 (0.0) --
OLE e2fcc7c1-3bfc-5a0b-b2b0-72e769d1cb7e (0.0) -- IIterable<HSTRING>
OLE e3e5794e-6220-5c66-bd02-60ce159d9506 (0.0) -- __FIVectorView_1_ContentManagement__CAppInstallInfoRecord
OLE 82929d2b-e4ba-49a3-af91-dadf7766d476 (0.0) -- __x_ContentManagement_CIAppInstallInfoRecord
OLE 1041682d-54e2-4f51-b828-9ef7046c210f (0.0) -- __x_Windows_CApplicationModel_CIPackageStagingEventArgs
Endpoints :
ncalrpc : OLE12940275539CC9278F9E17762523
--------------------------------------------------------------------------------
<WinProcess "ApplicationFrameHost.exe" pid 6672 at 0x5319780L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE d6defab3-dbb9-4413-8af9-554586fdff94 (0.0) -- IApplicationFrameManager
OLE 7702e77c-66f6-479b-af2b-e316cff5f814 (0.0) -- IAsyncCallbackDispatcher
OLE 143715d9-a015-40ea-b695-d5cc267e36ee (0.0) -- IApplicationFrame
OLE eca141eb-9f2a-47a8-9b92-a565d79d8d22 (0.0) -- IApplicationFrameTitleBar
OLE cdae3790-e890-4803-b2cf-0baeeedbfaf5 (0.0) -- IWindowServiceProxy
Endpoints :
ncalrpc : OLE7D41C3D5633AD711907A1AE46A9E
--------------------------------------------------------------------------------
<WinProcess "MicrosoftEdge.exe" pid 6684 at 0x53197f0L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 92696c00-7578-48e1-ac1a-2ca909e2c8cf (0.0) -- __x_Windows_CApplicationModel_CCore_CIActivatableApplication
OLE 1ac7516e-e6bb-4a69-b63f-e841904dc5a6 (0.0) -- IEUserBroker
OLE 638bb2db-451d-4661-b099-414f34ffb9f1 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationView
OLE 49a07732-e7b8-5c5b-9de7-22e33cb97004 (0.0) -- __FIEventHandler_1_Windows__CApplicationModel__CActivation__CBackgroundActivatedEventArgs
OLE 2e5500b6-66ad-467f-abb5-022a64283d88 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationViewInternal
OLE 4f9c5cec-0197-49fe-b800-0d5a72a6c505 (0.0) -- IUiaWindowNotifierCallback
OLE abadfe7f-04c1-4a9f-9b3c-a323f1c80178 (0.0) -- IScaleChangeSink
OLE c50898f6-c536-5f47-8583-8b2c2438a13b (0.0) -- Windows.Foundation.IEventHandler<IInspectable>
OLE 2dbdba9d-20da-519d-9078-09f835bc5bc7 (0.0) -- ITypedEventHandler<UISettings,IInspectable>
OLE 7d56d344-8464-4faf-aa49-37ea6e2d7bd1 (0.0) -- __x_Windows_CApplicationModel_CDataTransfer_CDragDrop_CCore_CICoreDragDropManager
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 7673b35e-907a-449d-a49f-e5ce47f0b0b2 (0.0) -- IEBrokerAttach
OLE fcaeac67-4e77-49c7-b856-dde934fc735b (0.0) -- ILanguageFontGroupFactory
OLE 7c8e621b-e4e3-4d96-aaf1-29726476b1f6 (0.0) -- __x_Windows_CApplicationModel_CCore_CIRestrictedAppContainer
OLE f6af8340-b662-4740-9794-9f2be0eac9bb (0.0) -- IRestrictedAppContainerComPrivate
OLE 1a054188-308f-4142-8657-e8f573d904bd (0.0) -- IEnumCookieSessionData
OLE 6c9e6e89-fb93-4148-a48a-453686cc2943 (0.0) -- IEnumCredentialSessionData
OLE 6030e7c3-f93f-5e9c-9ba2-9a018d2b09c0 (0.0) -- __FIEventHandler_1_Windows__CSystem__CAppMemoryUsageLimitChangingEventArgs
Endpoints :
ncalrpc : OLE3FACC1F4D1FDCF09EA15FA2A0188
--------------------------------------------------------------------------------
<WinProcess "browser_broker.exe" pid 6844 at 0x53190f0L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 7179e7f6-4fe0-48b3-8b6a-bb413bf6ea0d (0.0) -- IBrowserBrokerFactory
Endpoints :
ncalrpc : OLED1A63643E8FD6A4441ED71819AED
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 6872 at 0x5319748L>
64
['WarpJITSvc']
Interfaces :
RPC 5a0ce74d-f9cf-4dea-a4c1-2d5fe4c89d51 (1.0) -- C:\windows\System32\d3d10warp.dll
0 -> WARPJITOOPServerConnect
1 -> WARPJITOOPServerPassMessage
2 -> WARPJITOOPServerGetConnectionUUID
3 -> WARPJITOOPServerGetConnectionUUID2
Endpoints :
ncalrpc : LRPC-8995e2832e893089b4
--------------------------------------------------------------------------------
<WinProcess "Windows.WARP.JITService.exe" pid 6944 at 0x53195f8L>
64
Interfaces :
RPC 5a0ce74d-f9cf-4dea-a4c1-2d5fe4c89d51 (1.0) -- C:\windows\system32\d3d10warp.dll
0 -> WARPJITOOPServerConnect
1 -> WARPJITOOPServerPassMessage
2 -> WARPJITOOPServerGetConnectionUUID
3 -> WARPJITOOPServerGetConnectionUUID2
Endpoints :
ncalrpc : LRPC-a30ff6f7f73d1bf3ea
--------------------------------------------------------------------------------
<WinProcess "RuntimeBroker.exe" pid 7080 at 0x5319048L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 6040ec14-6557-41f9-a3f7-b1cab7b42120 (0.0) -- IRuntimeBroker
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 755f04da-5a35-442c-8d55-f80d072cc5a6 (0.0) -- ____x_Windows_CApplicationModel_CCore_CIRestrictedAppContainerInternalStatics
Endpoints :
ncalrpc : OLEE119F035FE58D0D72D773F49A8A3
--------------------------------------------------------------------------------
<WinProcess "MicrosoftEdgeCP.exe" pid 6996 at 0x5319588L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE d4ca8951-1981-4813-b663-4df5afd111fd (0.0) --
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 638bb2db-451d-4661-b099-414f34ffb9f1 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationView
OLE 2e5500b6-66ad-467f-abb5-022a64283d88 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationViewInternal
OLE 92696c00-7578-48e1-ac1a-2ca909e2c8cf (0.0) -- __x_Windows_CApplicationModel_CCore_CIActivatableApplication
OLE 4f9c5cec-0197-49fe-b800-0d5a72a6c505 (0.0) -- IUiaWindowNotifierCallback
OLE abadfe7f-04c1-4a9f-9b3c-a323f1c80178 (0.0) -- IScaleChangeSink
OLE c50898f6-c536-5f47-8583-8b2c2438a13b (0.0) -- Windows.Foundation.IEventHandler<IInspectable>
OLE 9862ca9f-91c6-4d9f-9533-1f4dff2516f8 (0.0) -- __x_Windows_CApplicationModel_CCore_CIComponentPrivate
OLE 9ebd287a-8a6b-4191-915f-01b8da7dc177 (0.0) -- __x_Windows_CFoundation_CPrivate_CICoreApplicationViewInternal2
Endpoints :
ncalrpc : OLE82E54614A630D1CEC6DA98B15721
--------------------------------------------------------------------------------
<WinProcess "MicrosoftEdgeSH.exe" pid 4440 at 0x53192b0L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
RPC ead694ed-2243-44cb-a9dc-85d3ba934dab (0.0) -- C:\windows\System32\chakra.dll
0 -> ServerShutdown
1 -> ServerConnectProcess
2 -> ServerInitializeThreadContext
3 -> ServerCleanupThreadContext
4 -> ServerUpdatePropertyRecordMap
5 -> ServerAddDOMFastPathHelper
6 -> ServerAddModuleRecordInfo
7 -> ServerSetWellKnownHostTypeId
8 -> ServerInitializeScriptContext
9 -> ServerCloseScriptContext
10 -> ServerCleanupScriptContext
11 -> ServerFreeAllocation
12 -> ServerNewInterpreterThunkBlock
13 -> ServerDecommitInterpreterBufferManager
14 -> ServerIsNativeAddr
15 -> ServerSetIsPRNGSeeded
16 -> ServerRemoteCodeGen
Endpoints :
ncalrpc : OLE6F356333118AE47F25F40365D868
ncalrpc : LRPC-6913cf7fdc16e338fb
--------------------------------------------------------------------------------
<WinProcess "SearchIndexer.exe" pid 7432 at 0x53204a8L>
64
['WSearch']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 0875169b-1407-44ea-9298-20a337646785 (0.0) -- IFileChangeTracker
OLE 7f2be360-2a95-4574-a16e-b8ec025083ce (0.0) -- IFileChangeTrackerForStoreApp
OLE b77d0bb4-256d-4218-8a17-52bc66b19f4b (0.0) -- IFileChangeTrackerInternal
OLE ab310581-ac80-11d1-8df3-00c04fb6ef69 (0.0) -- ISearchManager
OLE ab310581-ac80-11d1-8df3-00c04fb6ef50 (0.0) -- ISearchCatalogManager
OLE ab310581-ac80-11d1-8df3-00c04fb6ef55 (0.0) -- ISearchCrawlScopeManager
OLE ab310581-ac80-11d1-8df3-00c04fb6ef52 (0.0) -- IEnumSearchRoots
OLE 04c18ccf-1f57-4cbd-88cc-3900f5195ce3 (0.0) -- ISearchRoot
OLE b05651f9-9b10-425e-b616-1fcd828db3b1 (0.0) -- IGatherNotify
OLE a5eba07a-dae8-4d15-b12f-728efd8a9866 (0.0) -- IGatherNotify2
OLE 993eceb0-6f1b-49fe-8ba2-21b6a5317de1 (0.0) -- IWsPlatform
OLE 1bb12744-3e9b-4959-9226-54751dedba5a (0.0) -- IWsStoreRegistrationEndpoint
OLE 6a4eb77f-114c-4ff0-9aa8-9e159df6c137 (0.0) -- IWsStoreAppServicingEndpoint
OLE 7e5e602d-98c3-4dc3-a624-610e430b3c5f (0.0) -- IGatherManagerAdmin4
OLE 2bab5a77-7751-4955-ad37-4a27a3c3046d (0.0) -- IGatherStoreAppCleanup
OLE 6eedf548-1c00-4415-bd0a-b122a3cbdb2a (0.0) -- IWsStoreAppData
OLE b80dfda4-1915-4a94-ad31-c08fc2c1eb91 (0.0) -- IWsStoreAppEndpoint
OLE b05651e6-9b10-425e-b616-1fcd828db3b1 (0.0) -- IGatherManagerAdmin
OLE b05651e4-9b10-425e-b616-1fcd828db3b1 (0.0) -- IGatherApplications
OLE b05651e2-9b10-425e-b616-1fcd828db3b1 (0.0) -- IGatherApplication
OLE b05651c1-9b10-425e-b616-1fcd828db3b1 (0.0) -- IApplicationPlugins
OLE b05651c2-9b10-425e-b616-1fcd828db3b1 (0.0) -- IApplicationPlugin
OLE b05651e9-9b10-425e-b616-1fcd828db3b1 (0.0) -- IProjects
OLE b05651df-9b10-425e-b616-1fcd828db3b1 (0.0) -- IGatherProjectAdmin
OLE b05651c3-9b10-425e-b616-1fcd828db3b1 (0.0) -- IPlugins
OLE 6292f7ad-4e19-4717-a534-8fc22bcd5ccd (0.0) -- ISearchCrawlScopeManager2
OLE 0000000c-0000-0000-c000-000000000046 (0.0) -- IStream
OLE fa9812c4-0b34-47d0-9b0b-157fb5b5fdf2 (0.0) -- IDuplicateHandleProvider
OLE bfb02fed-4c71-40e1-b4f3-ce99c2ff0542 (0.0) -- IObjectWithFileHandle
OLE b05651e8-9b10-425e-b616-1fcd828db3b1 (0.0) -- IGatherManagerAdmin3
OLE c886b1d4-dc18-48d6-8a8f-e66046fcd0cd (0.0) -- IGatherApplication2
OLE b05651ea-9b10-425e-b616-1fcd828db3b1 (0.0) -- IProjects2
OLE b05651e0-9b10-425e-b616-1fcd828db3b1 (0.0) -- IGatherProjectAdmin2
OLE b05651f6-9b10-425e-b616-1fcd828db3b1 (0.0) -- IGatherAdmin
OLE fce7ec00-38e9-4837-9f8c-a0313215b86f (0.0) -- IGatherAdmin3
OLE 9d0876ca-02dc-453a-95d9-f2194a656442 (0.0) -- IExtensions
OLE b05651ce-9b10-425e-b616-1fcd828db3b1 (0.0) -- IStartAddresses
OLE 00020404-0000-0000-c000-000000000046 (0.0) -- IEnumVARIANT
OLE 00020400-0000-0000-c000-000000000046 (0.0) -- IDispatch
OLE b05651d0-9b10-425e-b616-1fcd828db3b1 (0.0) -- IStartAddress
OLE b05651c6-9b10-425e-b616-1fcd828db3b1 (0.0) -- ISiteRestrictions
OLE b05651c7-9b10-425e-b616-1fcd828db3b1 (0.0) -- ISiteRestriction
OLE b05651c9-9b10-425e-b616-1fcd828db3b1 (0.0) -- ISitePaths
OLE b05651ca-9b10-425e-b616-1fcd828db3b1 (0.0) -- ISitePath
Endpoints :
ncalrpc : OLE01E7850096B733F2550D3207F849
--------------------------------------------------------------------------------
<WinProcess "dllhost.exe" pid 7516 at 0x5320a20L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 0d67d0a5-4736-4a43-b642-e77f2105b3e2 (0.0) -- IWebPlatStorageCom
RPC 0820a0d0-1aae-49f9-acf9-3e3d3fe303cb (2.0) -- C:\windows\system32\webplatstorageserver.dll
0 -> s_CreateIDBFactory
1 -> s_IDBFactory_openDatabase
2 -> s_IDBFactory_deleteDatabase
3 -> s_IDBFactory_getDatabaseNames
4 -> s_IDBFactory_setClientOriginAttributes
5 -> s_IDBFactory_close
6 -> s_IDBDatabase_createObjectStore
7 -> s_IDBDatabase_deleteObjectStore
8 -> s_IDBDatabase_transaction
9 -> s_IDBDatabase_close
10 -> s_IDBTransaction_objectStore
11 -> s_IDBTransaction_abortAndClose
12 -> s_IDBTransaction_commitAndClose
13 -> s_IDBObjectStore_put
14 -> s_IDBObjectStore_add
15 -> s_IDBObjectStore_get
16 -> s_IDBObjectStore_getFromKeyRange
17 -> s_IDBObjectStore_delete
18 -> s_IDBObjectStore_deleteFromKeyRange
19 -> s_IDBObjectStore_clear
20 -> s_IDBObjectStore_openCursor
21 -> s_IDBObjectStore_count
22 -> s_IDBObjectStore_createIndex
23 -> s_IDBObjectStore_openIndex
24 -> s_IDBObjectStore_deleteIndex
25 -> s_IDBObjectStore_close
26 -> s_IDBIndex_openCursor
27 -> s_IDBIndex_count
28 -> s_IDBIndex_get
29 -> s_IDBIndex_getFromKeyRange
30 -> s_IDBIndex_getKey
31 -> s_IDBIndex_getKeyFromKeyRange
32 -> s_IDBIndex_close
33 -> s_IDBCursor_update
34 -> s_IDBCursor_continue
35 -> s_IDBCursor_advance
36 -> s_IDBCursor_delete
37 -> s_IDBCursor_close
38 -> s_IDB_AppQuota_Uninstall
39 -> s_HaveDataInSharedDatabase
RPC b754ffa1-7b7b-4fb1-9d0c-f12bbda17593 (1.0) -- C:\windows\system32\webplatstorageserver.dll
0 -> s_Legacy_IDBFactory_openDatabase
1 -> s_Legacy_IDBFactory_Handle_openDatabase_Blocked
2 -> s_Legacy_IDBFactory_deleteDatabase
3 -> s_Legacy_IDBFactory_setClientOriginAttributes
4 -> s_Legacy_IDBDatabase_createObjectStore
5 -> s_Legacy_IDBDatabase_deleteObjectStore
6 -> s_Legacy_IDBDatabase_transaction
7 -> s_Legacy_IDBDatabase_close
8 -> s_Legacy_IDBDatabaseBlocked_close
9 -> s_Legacy_IDBTransaction_openObjectStore
10 -> s_Legacy_IDBTransaction_abortAndClose
11 -> s_Legacy_IDBTransaction_commitAndClose
12 -> s_Legacy_IDBObjectStore_put
13 -> s_Legacy_IDBObjectStore_add
14 -> s_Legacy_IDBObjectStore_get
15 -> s_Legacy_IDBObjectStore_getFromKeyRange
16 -> s_Legacy_IDBObjectStore_delete
17 -> s_Legacy_IDBObjectStore_deleteFromKeyRange
18 -> s_Legacy_IDBObjectStore_clear
19 -> s_Legacy_IDBObjectStore_openCursor
20 -> s_Legacy_IDBObjectStore_count
21 -> s_Legacy_IDBObjectStore_createIndex
22 -> s_Legacy_IDBObjectStore_openIndex
23 -> s_Legacy_IDBObjectStore_deleteIndex
24 -> s_Legacy_IDBObjectStore_close
25 -> s_Legacy_IDBIndex_openCursor
26 -> s_Legacy_IDBIndex_count
27 -> s_Legacy_IDBIndex_get
28 -> s_Legacy_IDBIndex_getFromKeyRange
29 -> s_Legacy_IDBIndex_getKey
30 -> s_Legacy_IDBIndex_getKeyFromKeyRange
31 -> s_Legacy_IDBIndex_close
32 -> s_Legacy_IDBCursor_update
33 -> s_Legacy_IDBCursor_continue
34 -> s_Legacy_IDBCursor_advance
35 -> s_Legacy_IDBCursor_delete
36 -> s_Legacy_IDBCursor_close
37 -> s_Legacy_IDB_BrowserQuota_DeleteWebSiteDatabases
38 -> s_Legacy_IDB_SpartanQuota_DeleteWebSiteDatabases
39 -> s_Legacy_IDB_BrowserQuota_DeleteAllDatabases
40 -> s_Legacy_IDB_Spartan_DeleteAllDatabases
41 -> s_Legacy_IDB_BrowserQuota_GetSpaceConsumption
42 -> s_Legacy_IDB_SpartanQuota_GetSpaceConsumption
43 -> s_Legacy_IDB_AppQuota_Uninstall
44 -> s_Legacy_IDB_App_CheckIfIDBDataPresent
45 -> s_Legacy_IDB_App_ForceShutdownIndexedDBDatabase
RPC ade78933-5718-4476-9ce3-6be8cc4d1cc8 (1.0) -- C:\windows\system32\webplatstorageserver.dll
0 -> s_CreateCacheStorage
1 -> s_CacheStorage_open
2 -> s_CacheStorage_has
3 -> s_CacheStorage_delete
4 -> s_CacheStorage_match
5 -> s_CacheStorage_keys
6 -> s_CacheStorage_close
7 -> s_Cache_put
8 -> s_Cache_put_complete
9 -> s_Cache_match
10 -> s_Cache_matchAll
11 -> s_Cache_delete
12 -> s_Cache_keys
13 -> s_Cache_close
RPC 46f91c6b-1f95-4bff-8490-eb648ca0a9b9 (1.0) -- C:\windows\system32\webplatstorageserver.dll
0 -> s_ServiceWorkerSession_Open
1 -> s_ServiceWorkerSession_Close
2 -> s_ServiceWorkerSession_EnumerateAllSessions
3 -> s_ServiceWorkerSession_CreateNewRegistration
4 -> s_ServiceWorkerSession_GetRegistrationWithScopeUrl
5 -> s_ServiceWorkerSession_GetRegistrationWithUniqueId
6 -> s_ServiceWorkerSession_FindActiveMatchingRegistration
7 -> s_ServiceWorkerSession_FindAllRegistrationsForOrigin
8 -> s_ServiceWorkerSession_FindAllRegistrationsWithPendingTaskTypes
9 -> s_ServiceWorkerRegistration_Close
10 -> s_ServiceWorkerRegistration_SetInstallingWorker
11 -> s_ServiceWorkerRegistration_UpdateState
12 -> s_ServiceWorkerRegistration_Unregister
13 -> s_ServiceWorkerRegistration_ClearWorkerUninstallingFlag
14 -> s_ServiceWorkerRegistration_Delete
15 -> s_ServiceWorkerRegistration_SetLastUpdateCheckTime
16 -> s_ServiceWorkerRegistration_SetHasRequestedUpdate
17 -> s_ServiceWorkerRegistration_SetUpdateViaCache
18 -> s_ServiceWorkerRegistration_HasPushSubscriptionPolicyViolation
19 -> s_ServiceWorkerRegistration_GetPolicyViolations
20 -> s_ServiceWorkerRegistration_IncrementPolicyViolations
21 -> s_ServiceWorkerRegistration_ResetPolicyViolations
22 -> s_ServiceWorkerRegistration_SetIsNavigationPreloadEnabled
23 -> s_ServiceWorkerRegistration_SetNavigationPreloadHeader
24 -> s_ServiceWorkerRegistration_GetNavigationPreloadState
25 -> s_ServiceWorkerRegistration_GetPushSubscription
26 -> s_ServiceWorkerRegistration_SetPushSubscription
27 -> s_ServiceWorkerRegistration_DeletePushSubscription
RPC 1be3206b-2e03-4ea1-9321-12f4dfcd41d0 (1.0) -- C:\windows\system32\webplatstorageserver.dll
0 -> s_DeleteAllStorages
1 -> s_DeleteAllStoragesForOrigin
2 -> s_DetachAllDatabasesForAppPackage
RPC c59c3bf4-7812-43e9-bc34-d369f1cf8416 (1.0) -- C:\windows\system32\webplatstorageserver.dll
0 -> s_WebPlatStorageEvents_CreateChannel
1 -> s_WebPlatStorageEvents_WaitForEvents
2 -> s_WebPlatStorageEvents_CloseChannel
3 -> s_WebPlatStorageEvents_Shutdown
Endpoints :
ncalrpc : OLE8255FE10D0D5D64F6538C8B16489
ncalrpc : webplatstorage_{7329ea82-0845-4e4c-bd18-02b67ac065cc}_S-1-5-21-4197069449-1782053943-1514089459-500
--------------------------------------------------------------------------------
<WinProcess "RuntimeBroker.exe" pid 7772 at 0x5320710L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 6040ec14-6557-41f9-a3f7-b1cab7b42120 (0.0) -- IRuntimeBroker
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 2f6a0f43-0153-4290-91a6-f0f9d64d7afc (0.0) -- __x_Windows_CInternal_CShell_CJumpView_CIJumpViewBrokerStatics
OLE 17d43e1a-4a72-542d-8013-d1fd940b1e89 (0.0) -- __FIMapView_2_HSTRING___FIVectorView_1_Windows__CInternal__CShell__CJumpView__CJumpViewCategoryInfo
OLE eb3032aa-eeb0-50b7-8530-0efd7970fe7d (0.0) -- __FIIterable_1___FIKeyValuePair_2_HSTRING___FIVectorView_1_Windows__CInternal__CShell__CJumpView__CJumpViewCategoryInfo
OLE 01b8cd94-e0fe-5ed9-b72a-61da1e2d5f6f (0.0) -- __FIIterator_1___FIKeyValuePair_2_HSTRING___FIVectorView_1_Windows__CInternal__CShell__CJumpView__CJumpViewCategoryInfo
OLE ff989388-e4e2-59d9-8189-759705ad28ae (0.0) -- __FIKeyValuePair_2_HSTRING___FIVectorView_1_Windows__CInternal__CShell__CJumpView__CJumpViewCategoryInfo
OLE f91611c7-1a15-573c-94da-9c2e939e7fd7 (0.0) -- __FIVectorView_1_Windows__CInternal__CShell__CJumpView__CJumpViewCategoryInfo
OLE 6c52ee51-55f0-4c40-825d-ccde152ad439 (0.0) -- __x_Windows_CInternal_CShell_CJumpView_CIJumpViewCategoryInfo
OLE 56e27030-adfb-53d6-8e60-7afeb951f03e (0.0) -- __FIVectorView_1_Windows__CInternal__CShell__CJumpView__CJumpViewItemInfo
OLE 2d0ad4f6-4048-4da8-b86a-59c079758a10 (0.0) -- __x_Windows_CInternal_CShell_CJumpView_CIJumpViewItemInfo
OLE 430ecece-1418-5d19-81b2-5ddb381603cc (0.0) -- IAsyncOperation<Windows.Storage.Streams.IRandomAccessStream>
OLE 0000000c-0000-0000-c000-000000000046 (0.0) -- IStream
OLE fa9812c4-0b34-47d0-9b0b-157fb5b5fdf2 (0.0) -- IDuplicateHandleProvider
OLE bfb02fed-4c71-40e1-b4f3-ce99c2ff0542 (0.0) -- IObjectWithFileHandle
OLE 68766f36-3808-42f9-a18f-0abde6391172 (0.0) -- IAdviseOplockCallback
OLE 04c2542d-3c28-4510-a0c0-8db0e0a3a526 (0.0) -- IDuplicateHandleProvider2
OLE 905a0fe1-bc53-11df-8c49-001e4fc686da (0.0) -- __x_Windows_CFoundation_CIByteSeeker
Endpoints :
ncalrpc : OLE4A86D1A0EDBBDAEDA839E096194E
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 7828 at 0x5320e80L>
64
['Appinfo']
Interfaces :
RPC 0497b57d-2e66-424f-a0c6-157cd5d41700 (1.0) -- c:\windows\system32\appinfo.dll
0 -> RAiLaunchProcessWithIdentity
1 -> RAiGetPackageActivationToken
2 -> RAiFinishPackageActivation
3 -> RAiEnsurePackageShutdown
RPC 201ef99a-7fa0-444c-9399-19ba84f12a1a (1.0) -- c:\windows\system32\appinfo.dll
0 -> RAiLaunchAdminProcess
1 -> RAiProcessRunOnce
2 -> RAiLogonWithSmartCardCreds
3 -> RAiOverrideDesktopPromptPolicy
4 -> RAiDisableElevationForSession
5 -> RAiEnableElevationForSession
6 -> RAiForceElevationPromptForCOM
RPC 5f54ce7d-5b79-4175-8584-cb65313a0e98 (1.0) -- c:\windows\system32\appinfo.dll
0 -> RAiGetTokenForCOM
RPC fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 (1.0) -- c:\windows\system32\appinfo.dll
0 -> RAiGetTokenForMSI
RPC 58e604e8-9adb-4d2e-a464-3b0683fb1480 (1.0) -- c:\windows\system32\appinfo.dll
0 -> RAiGetTokenForAxIS
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : LRPC-c728c48083ab0c81e5
ncalrpc : OLE65857792A3044535AB786BE4BFFD
--------------------------------------------------------------------------------
<WinProcess "SecurityHealthSystray.exe" pid 8176 at 0x5320940L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 178c7d3b-70b5-4502-871d-d980ae91a95d (0.0) -- IDashboardSink
OLE c048d3cb-9878-4c96-8a06-d08cf8b5d6cc (0.0) -- IManagementStatusSink
Endpoints :
ncalrpc : OLED65CB0935D967B98F0616984AE05
--------------------------------------------------------------------------------
<WinProcess "SecurityHealthService.exe" pid 7200 at 0x53204e0L>
64
['SecurityHealthService']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 06f64788-2882-425b-b5da-0f8d773ff9d8 (0.0) -- IDefenderShield
OLE 92cbb2de-4b91-4e74-8020-49d6e52f5860 (0.0) -- IThreatProtectionShield
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
OLE 722a338c-6e8e-4e72-ac27-1417fb0c81c2 (0.0) -- IWSCProductList
OLE 536fca99-3e74-4d9e-9251-714917e6dac1 (0.0) -- INetworkProtectionShield
OLE f6e33e03-133b-490b-b93a-2130c6b5091d (0.0) -- IHardwareShield
OLE 02e11ab8-8308-4c55-9fbf-b0749cc5073e (0.0) -- IAppAndBrowserShield
OLE bb2c77c9-136b-424a-b75b-aa8b62088741 (0.0) -- IAccountProtectionShield
OLE 6fc78c64-0aa1-4c1f-bca8-b6cbe0b531eb (0.0) -- IOSProtectionShield
OLE 6ee9fd33-75be-4cf0-bf70-3bb7b70cec6b (0.0) -- IDataProtectionShield
OLE 42592bc5-8e70-422d-99df-a9e5a465782c (0.0) -- IForceFieldShield
OLE 431dec75-5f97-4526-bf84-fc0f86e5dc38 (0.0) -- IManagementShield
OLE d71bece8-17b8-4636-832c-d010d4f847f7 (0.0) -- IDashboard
OLE c2090d8c-37d8-5c47-9581-0f17b91a0cd3 (0.0) -- __FIAsyncOperationCompletedHandler_1___FIVectorView_1_Windows__CSecurity__CCredentials__CWebAccount
OLE 0a4b1bed-fd27-4932-9094-f0738284deb4 (0.0) -- __x_Windows_CSecurityCenter_CISecurityAppBrokerSink
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 2a23ae77-9bfc-4b7b-8520-2d7b3e4a40b6 (0.0) -- __x_Windows_CSecurityCenter_CIWscBrokerManagerSink
OLE 2117b672-bf55-43a9-b577-7fd30da3b86c (0.0) -- IShieldProcessLauncher
OLE 8c38232e-3a45-4a27-92b0-1a16a975f669 (0.0) -- IWscProduct
OLE f896ca54-fe09-4403-86d4-23cb488d81d8 (0.0) -- IWscProduct2
OLE 55536524-d1d1-4726-8c7c-04996a1904e7 (0.0) -- IWscProduct3
OLE dbdb628f-aeee-4630-9fec-4256620cdb8d (0.0) -- IShieldProviderToast
OLE 18e4f715-debb-4a21-abc9-ff7b6f434703 (0.0) -- IHealthAdvisorShield
Endpoints :
ncalrpc : OLEA73D73A6071D0A703E8247BAD4AB
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 7268 at 0x53207b8L>
64
['DoSvc']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 90970731-fd64-4e53-9960-fe11b8fb8a2f (0.0) -- IDeliveryOptimizationUserToken
OLE 5ce34c0d-0dc9-4c1f-897c-daa1b78cee7c (0.0) -- IBackgroundCopyManager
OLE 37668d37-507e-4160-9316-26306d150b12 (0.0) -- IBackgroundCopyJob
OLE e847030c-bbba-4657-af6d-484aa42bf1fe (0.0) -- IBackgroundCopyJob5
OLE 659cdeae-489e-11d9-a9cd-000d56965251 (0.0) -- IBackgroundCopyJob4
OLE 443c8934-90ff-48ed-bcde-26f5c7450042 (0.0) -- IBackgroundCopyJob3
OLE 54b50739-686f-45eb-9dff-d6a9a0faa9af (0.0) -- IBackgroundCopyJob2
OLE ee2584cf-a69c-4848-b633-2649962b3ef7 (0.0) -- IDeliveryOptimizationJob
OLE 18995a26-bf59-4abe-9f8b-d5092d5a2405 (0.0) -- IDeliveryOptimizationJob2
OLE 3a87296f-6ec2-4126-ab29-e3f8dc4cc390 (0.0) -- IDeliveryOptimizationFile2
OLE ca51e165-c365-424c-8d41-24aaa4ff3c40 (0.0) -- IEnumBackgroundCopyFiles
OLE 01b7bd23-fb88-4a77-8490-5891d3e4653a (0.0) -- IBackgroundCopyFile
OLE 83e81b93-0873-474d-8a8c-f2018b1a939c (0.0) -- IBackgroundCopyFile2
OLE 85c1657f-dafc-40e8-8834-df18ea25717e (0.0) -- IBackgroundCopyFile5
OLE ef7e0655-7888-4960-b0e5-730846e03492 (0.0) -- IBackgroundCopyFile4
OLE 659cdeaa-489e-11d9-a9cd-000d56965251 (0.0) -- IBackgroundCopyFile3
OLE b76b9699-e99e-4101-803f-a20e325d93e2 (0.0) -- IDeliveryOptimizationFile
OLE 19c613a0-fcb8-4f28-81ae-897c3d078f81 (0.0) -- IBackgroundCopyError
Endpoints :
ncalrpc : OLEEB7432F3547717AB6B06A4AF03D4
--------------------------------------------------------------------------------
<WinProcess "OneDrive.exe" pid 6404 at 0x5320668L>
32
[!!] Invalid bitness
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2700 at 0x5320588L>
64
['StorSvc']
Interfaces :
RPC be7f785e-0e3a-4ab7-91de-7e46e443be29 (0.0) -- c:\windows\system32\storsvc.dll
0 -> SvcMountVolume
1 -> SvcDismountVolume
2 -> SvcFormatVolume
3 -> SvcGetStorageInstanceCount
4 -> SvcGetStorageDeviceInfo
5 -> CCleanupPolicy::CleanupItem
6 -> SvcRebootToFlashingMode
7 -> SvcRebootToUosFlashing
8 -> SvcFinalizeVolume
9 -> SvcGetStorageSettings
10 -> SvcResetStoragePolicySettings
11 -> SvcSetStorageSettings
12 -> SvcTriggerStorageCleanup
13 -> SvcTriggerLowStorageNotification
14 -> SvcMoveFileInheritSecurity
15 -> SvcScanVolume
16 -> SvcProcessStorageCardChange
17 -> SvcProvisionForAppInstall
18 -> SvcGetStorageInstanceCountForMaps
19 -> SvcGetStoragePolicySettings
20 -> SvcSetStoragePolicySettings
21 -> SvcTriggerStoragePolicies
22 -> SvcPredictStorageHealth
RPC 54b4c689-969a-476f-8dc2-990885e9f562 (0.0) -- c:\windows\system32\storsvc.dll
0 -> SvcOpenStorageType
1 -> SvcSelectStorageVolumeEx
2 -> SvcSelectStorageVolume
3 -> SvcFindNextStorageType
4 -> SvcFindNextStorageTypeEx
5 -> SvcCloseFindStorage
6 -> SvcGetStorageDebugInfo
7 -> SvcGetStorageExecutionInfo
8 -> SvcGetTopFolders
9 -> SvcFindNextStorageTypeExAsync
Endpoints :
ncalrpc : LRPC-fd57d30e07fb587be3
--------------------------------------------------------------------------------
<WinProcess "SgrmBroker.exe" pid 7760 at 0x5320320L>
64
['SgrmBroker']
Interfaces :
RPC 7a20fcec-dec4-4c59-be57-212e8f65d3de (1.0) -- C:\windows\system32\SgrmBroker.exe
0 -> s_SgrmGetReport
1 -> s_SgrmRegisterSense
2 -> s_SgrmUnregisterSense
3 -> s_SgrmCreateSession
4 -> s_SgrmEndSession
5 -> s_GetSessionReport
6 -> s_GetRuntimeReport
7 -> s_GetSessionCertificate
Endpoints :
ncalrpc : SgrmRpc
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 3452 at 0x5320cc0L>
64
['UsoSvc']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
Endpoints :
ncalrpc : OLE02F692D01CDDB89EA7FE21C95C1B
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 6276 at 0x5320f98L>
64
['wscsvc']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 7c857801-7381-11cf-884d-00aa004b2e24 (0.0) -- IWbemObjectSink
RPC 06bba54a-be05-49f9-b0a0-30f790261023 (1.0) -- c:\windows\system32\wscsvc.dll
0 -> CWindowsFirewallDetectoid::OnResetWaitHandle
1 -> s_wscRegisterChangeNotification
2 -> s_wscUnRegisterChangeNotification
3 -> s_wscGetAlertStatus
4 -> s_wscAntiVirusExpiredBeyondThreshold
5 -> s_wscAntiVirusExpiredBeyondThreshold
6 -> s_wscAntiVirusExpiredBeyondThreshold
7 -> s_wscFirewallGetStatus
8 -> s_wscIcfEnable
9 -> s_wscAntiVirusGetStatus
10 -> s_wscAntiSpywareGetStatus
11 -> s_wscGeneralSecurityGetStatus
12 -> s_wscLuaSettingsFix
13 -> s_wscRegisterSecurityProduct
14 -> s_wscUnregisterSecurityProduct
15 -> s_wscUpdateProductStatus
16 -> s_wscAntiVirusExpiredBeyondThreshold
17 -> s_wscIsDefenderAntivirusSupported
18 -> s_wscUserNotificationRequired
19 -> s_wscInitiateOfflineCleaning
20 -> s_wscAbortOfflineCleaning
21 -> s_wscNotifyUserForNearExpiration
22 -> s_wscAntiVirusGetUpgradableProducts
23 -> s_wscAntiVirusRemoveUpgradableProduct
24 -> s_wscAntiVirusGetRemovedButNotUpgradableProducts
25 -> s_wscMakeDefaultProductRequest
26 -> s_wscSetDefaultProduct
27 -> s_wscUpdateProductSubStatus
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE e8ce0994-d686-46f8-a719-9eb1436ec690 (0.0) -- __x_Windows_CSecurityCenter_CISecurityAppBroker
OLE b529b7f5-76aa-431f-ad7f-1272feedff07 (0.0) -- __x_Windows_CSecurityCenter_CIWscBrokerManager
Endpoints :
ncalrpc : OLEBE9B95359F3BD6AA23A65FC44195
ncalrpc : LRPC-e015e2db0cfe0f10fc
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 7824 at 0x5320908L>
64
['OneSyncSvc_9c09e', 'PimIndexMaintenanceSvc_9c09e', 'UnistoreSvc_9c09e', 'UserDataSvc_9c09e']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
RPC d2716e94-25cb-4820-bc15-537866578562 (1.0) -- c:\windows\system32\aphostservice.dll
0 -> ServerRPC_SubmitJob
1 -> ServerRPC_GetPendingJobs
2 -> ServerRPC_RetryJobById
3 -> ServerRPC_CancelJobById
4 -> ServerRPC_AdviseNotifications
5 -> ServerRPC_SubscribeNextNotification
6 -> ServerRPC_RegisterAppId
7 -> ServerRPC_UnadviseNotifications
RPC 0c53aa2e-fb1c-49c5-bfb6-c54f8e5857cd (1.0) -- C:\Windows\System32\SyncController.dll
0 -> ActiveSyncServer_QuerySyncStatusProps
1 -> ActiveSyncServer_QueryLastSyncResult
2 -> ActiveSyncServer_SetPassword
3 -> ActiveSyncServer_CopyCredentials
4 -> ActiveSyncServer_DeletePassword
5 -> ActiveSyncServer_IsPasswordSet
6 -> ActiveSyncServer_CreateDataStoreLock
7 -> ActiveSyncServer_CloseDataStoreLock
8 -> ActiveSyncServer_SetConversationSyncEnabled
9 -> ActiveSyncServer_GetConversationSyncEnabled
10 -> ActiveSyncServer_SetUnifiedInboxEnabled
11 -> ActiveSyncServer_GetUnifiedInboxEnabled
12 -> ActiveSyncServer_GetUnifiedInboxServerValue
13 -> ActiveSyncServer_GetUserInfoForUnconfiguredAccount
RPC 923c9623-db7f-4b34-9e6d-e86580f8ca2a (1.0) -- C:\Windows\System32\SyncController.dll
0 -> AccountsMgmtRpcCreateAccount
1 -> AccountsMgmtRpcDeleteAccount
2 -> AccountsMgmtRpcConvertWebAccountIdFromAppSpecificId
3 -> AccountsMgmtRpcConvertWebAccountIdToAppSpecificId
4 -> AccountsMgmtRpcSyncAccount
5 -> AccountsMgmtRpcSyncAccountAndWaitForCompletion
6 -> AccountsMgmtRpcQueryAccountProperties
7 -> AccountsMgmtRpcSaveAccountProperties
8 -> AccountsMgmtRpcEnumAccounts
9 -> AccountsMgmtRpcAdviseAccount
10 -> AccountsMgmtRpcUnadviseAccount
11 -> AccountsMgmtRpcGetNotifications
12 -> AccountsMgmtRpcDiscoverExchangeServerConfig
13 -> AccountsMgmtRpcDiscoverExchangeServerAuthType
14 -> AccountsMgmtRpcVerifyExchangeMailBoxTokenAuth
15 -> AccountsMgmtRpcDiscoverInternetMailServerConfig
16 -> AccountsMgmtRpcCancelDiscoverInternetMailServerConfig
17 -> AccountsMgmtRpcMayIgnoreInvalidServerCertificate
OLE c092cc2f-5eca-5a5d-9c9c-f050e892dd97 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CSecurity__CAuthentication__CWeb__CTokenBrokerInternal_Windows__CInternal__CSecurity__CAuthentication__CWeb__CWebAccountAddedEventArgs
OLE dc8b9f35-216c-54ff-99db-cd7e04c6a074 (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CSecurity__CAuthentication__CWeb__CTokenBrokerInternal_Windows__CInternal__CSecurity__CAuthentication__CWeb__CWebAccountChangedEventArgs
OLE df3657fc-19c8-5e99-b48f-4a59b98d4e8a (0.0) -- __FITypedEventHandler_2_Windows__CInternal__CSecurity__CAuthentication__CWeb__CTokenBrokerInternal_Windows__CInternal__CSecurity__CAuthentication__CWeb__CWebAccountDeletedEventArgs
OLE 51aa6c40-b054-5c68-801e-03b75f43e2a1 (0.0) -- __FIAsyncOperationCompletedHandler_1_Windows__CInternal__CSecurity__CAuthentication__CWeb__CGetDefaultSignInAccountResult
RPC e8748f69-a2a4-40df-9366-62dbeb696e26 (0.0) -- c:\windows\system32\unistore.dll
0 -> USSvcImpl_Object_Close
1 -> USSvcImpl_RegisterRundownProtection
2 -> USSvcImpl_ConvertToOtherObject
3 -> USSvcImpl_Manager_Create
4 -> USSvcImpl_Manager_CreateStoreGrouping
5 -> USSvcImpl_Manager_CreateStore
6 -> USSvcImpl_Manager_GetDeviceStore
7 -> USSvcImpl_Manager_GetDeviceStoreOid
8 -> USSvcImpl_Manager_GetHighestStoreBitPosition
9 -> USSvcImpl_Manager_GetStore
10 -> USSvcImpl_Manager_GetStoreCollection
11 -> USSvcImpl_Manager_Notify
12 -> USSvcImpl_Manager_CustomNotify
13 -> USSvcImpl_Manager_GetObjectByOid
14 -> USSvcImpl_Manager_GetAllEmbeddedObjects
15 -> USSvcImpl_Manager_GetAllItems
16 -> USSvcImpl_Manager_GetTypeManager
17 -> USSvcImpl_Manager_StartTransaction
18 -> USSvcImpl_Manager_EndTransaction
19 -> USSvcImpl_Manager_CleanupTombstones
20 -> USSvcImpl_Manager_GetStreamFilePath
21 -> USSvcImpl_Manager_CleanupTemporaryFolders
22 -> USSvcImpl_Manager_GetAllAggregateObjects
23 -> USSvcImpl_Manager_GetAllObjects
24 -> USSvcImpl_Manager_GetBatchedPropValsFromIdsBlob
25 -> USSvcImpl_Manager_GetPropValsFromIdBlob
26 -> USSvcImpl_Manager_MapNamedProps
27 -> USSvcImpl_Manager_GetDefaultPIMStoreId
28 -> USSvcImpl_Manager_SetDefaultPIMStoreId
29 -> USSvcImpl_Manager_GetUnistoreDatabaseRefreshTime
30 -> USSvcImpl_ManagerPriv_put_DeviceStoreId
31 -> USSvcImpl_ManagerPriv_GetNotificationsManager
32 -> USSvcImpl_ManagerPriv_UnmapNamedProps
33 -> USSvcImpl_ManagerPriv_GetPerfStats
34 -> USSvcImpl_ManagerPriv_ResetPerfStats
35 -> USSvcImpl_ManagerPriv_ToggleRecordingPerfStats
36 -> USSvcImpl_ManagerPriv_BackupStoreVolume
37 -> USSvcImpl_ManagerPriv_SetToSuspending
38 -> USSvcImpl_ManagerPriv_SetToResumed
39 -> USSvcImpl_NotificationManager_Advise
40 -> USSvcImpl_NotificationManager_Unadvise
41 -> USSvcImpl_NotificationManager_Notify
42 -> USSvcImpl_NotificationManager_SuspendNotifications
43 -> USSvcImpl_NotificationManager_ResumeNotifications
44 -> USSvcImpl_NotificationManager_FilterProcessEventsForTests
45 -> USSvcImpl_NotificationManager_GetAdviseContent
46 -> USSvcImpl_Object_GetOid
47 -> USSvcImpl_Object_Delete
48 -> USSvcImpl_Object_GetPropValsBlob
49 -> USSvcImpl_Object_GetAllPropValsBlob
50 -> USSvcImpl_Object_SetPropVals
51 -> USSvcImpl_Object_SetPropValsEx
52 -> USSvcImpl_Object_SetStreamProperty
53 -> USSvcImpl_Object_GetStreamProp
54 -> USSvcImpl_Object_GetStore
55 -> USSvcImpl_Object_GetStreamFilePath
56 -> USSvcImpl_Object_GetAssociatedItems
57 -> USSvcImpl_Object_CreateEmbeddedObject
58 -> USSvcImpl_Object_DeleteEmbeddedObjects
59 -> USSvcImpl_Object_GetEmbeddedObjects
60 -> USSvcImpl_Object_IncrementRevision
61 -> USSvcImpl_Store_GetRootFolder
62 -> USSvcImpl_Store_GetObjectByOid
63 -> USSvcImpl_Store_CreateAssociateObject
64 -> USSvcImpl_Store_GetAssociateObjects
65 -> USSvcImpl_Store_GetEmbeddedObjects
66 -> USSvcImpl_Store_GetTypeManager
67 -> USSvcImpl_Store_Flush
68 -> USSvcImpl_Store_AddSyncPartner
69 -> USSvcImpl_Store_GetSyncPartner
70 -> USSvcImpl_Store_GetSyncPartners
71 -> USSvcImpl_Store_StartFetchSession
72 -> USSvcImpl_Store_EndFetchSession
73 -> USSvcImpl_Store_ThreadInFetchSession
74 -> USSvcImpl_Store_CreateAggregateObject
75 -> USSvcImpl_Store_GetAggregateObjects
76 -> USSvcImpl_Store_GetDeletedRevisionItems
77 -> USSvcImpl_Store_GetLongDeletedRevisionItems
78 -> USSvcImpl_Store_ResetLongRevisionChangeTracking
79 -> USSvcImpl_Store_UpdateLongRevisionChangeTracking
80 -> USSvcImpl_Store_GetLongRevision
81 -> USSvcImpl_Store_IsObjectRevisionTracked
82 -> USSvcImpl_Store_GetFolders
83 -> USSvcImpl_Store_GetStoreGrouping
84 -> USSvcImpl_Folder_CreateFolder
85 -> USSvcImpl_Folder_CreateItem
86 -> USSvcImpl_Folder_DeleteItems
87 -> USSvcImpl_Folder_GetChildFolders
88 -> USSvcImpl_Folder_GetItems
89 -> USSvcImpl_Folder_GetAllItems
90 -> USSvcImpl_Folder_GetParent
91 -> USSvcImpl_Folder_IsEmpty
92 -> USSvcImpl_Folder_CopyToFolder
93 -> USSvcImpl_Folder_MoveToFolder
94 -> USSvcImpl_Item_DeleteWithFlags
95 -> USSvcImpl_Item_GetParent
96 -> USSvcImpl_Item_CopyToFolder
97 -> USSvcImpl_Item_MoveToFolder
98 -> USSvcImpl_Item_AssociateObject
99 -> USSvcImpl_Item_DeleteAssociations
100 -> USSvcImpl_Item_DeleteAllAssociations
101 -> USSvcImpl_Item_GetAssociateObjects
102 -> USSvcImpl_Item_GetAggregateObject
103 -> USSvcImpl_Item_AggregateObject
104 -> USSvcImpl_Item_DeleteAggregation
105 -> USSvcImpl_EmbeddeObject_GetItem
106 -> USSvcImpl_EmbeddedObject_GetObject
107 -> USSvcImpl_AssociatedObject_HasItems
108 -> USSvcImpl_AggregateObject_GetAggregatedObjects
109 -> USSvcImpl_ObjectCollection_GetCount
110 -> USSvcImpl_ObjectCollection_GetCurrentIndex
111 -> USSvcImpl_ObjectCollection_GetObject
112 -> USSvcImpl_ObjectCollection_GetPropValsBlob
113 -> USSvcImpl_ObjectCollection_GetBatchedPropValsBlob
114 -> USSvcImpl_ObjectCollection_SetPropValsOnAll
115 -> USSvcImpl_ObjectCollection_GetAllPropValsBlob
116 -> USSvcImpl_ObjectCollection_Oid
117 -> USSvcImpl_ObjectCollection_GetBookmark
118 -> USSvcImpl_ObjectCollection_Move
119 -> USSvcImpl_ObjectCollection_DeleteAllObjects
120 -> USSvcImpl_SyncPartnerEnum_Next
121 -> USSvcImpl_SyncPartnerEnum_Skip
122 -> USSvcImpl_SyncPartnerEnum_Reset
123 -> USSvcImpl_SyncPartnerEnum_Clone
124 -> USSvcImpl_TypeManager_MapNamedProps
125 -> USSvcImpl_TypeManager_GetSchemaPropertiesFromObjectType
126 -> USSvcImpl_Stream_Seek
127 -> USSvcImpl_Stream_SetSize
128 -> USSvcImpl_Stream_Commit
129 -> USSvcImpl_Stream_Revert
130 -> USSvcImpl_Stream_LockRegion
131 -> USSvcImpl_Stream_UnlockRegion
132 -> USSvcImpl_Stream_Stat
133 -> USSvcImpl_Stream_Clone
134 -> USSvcImpl_Stream_Read
135 -> USSvcImpl_Stream_Write
136 -> USSvcImpl_SyncPartner_GetPropsBlob
137 -> USSvcImpl_SyncPartner_SetProps
138 -> USSvcImpl_SyncPartner_GetName
139 -> USSvcImpl_SyncPartner_GetGuid
140 -> USSvcImpl_SyncPartner_GetStoreId
141 -> USSvcImpl_SyncPartner_GetPartnerId
142 -> USSvcImpl_SyncPartner_EnableFolderForSync
143 -> USSvcImpl_SyncPartner_IsFolderEnabledForSync
144 -> USSvcImpl_SyncPartner_HasChanges
145 -> USSvcImpl_SyncPartner_GetChangeCount
146 -> USSvcImpl_SyncPartner_StartSyncSession
147 -> USSvcImpl_SyncPartner_StartSyncSessionNoContext
148 -> USSvcImpl_SyncPartner_GetNextChange
149 -> USSvcImpl_SyncPartner_GetChangeForObject
150 -> USSvcImpl_SyncPartner_SetExceptionOnChange
151 -> USSvcImpl_SyncPartner_SetExceptionOnChangeUnits
152 -> USSvcImpl_SyncPartner_ResetChangeEnumeration
153 -> USSvcImpl_SyncPartner_EndSyncSession
154 -> USSvcImpl_SyncPartner_GetRootFolder
155 -> USSvcImpl_SyncPartner_LookupFolderObjectId
156 -> USSvcImpl_SyncPartner_LookupFolderRemoteId
157 -> USSvcImpl_SyncPartner_GetFolders
158 -> USSvcImpl_SyncPartner_LookupItemObjectId
159 -> USSvcImpl_SyncPartner_UpdateSyncPartnerSchema
160 -> USSvcImpl_SyncPartner_Delete
161 -> USSvcImpl_SyncPartner_SetMeetingResponse
162 -> USSvcImpl_SyncPartner_GetAllMeetingResponses
163 -> USSvcImpl_SyncPartner_DefragmentKnowledge
164 -> USSvcImpl_ObjectMetadata_GetPropsBlob
165 -> USSvcImpl_ObjectMetadata_SetProps
166 -> USSvcImpl_ObjectMetadata_GetObjectId
167 -> USSvcImpl_ObjectMetadata_GetPartner
168 -> USSvcImpl_ObjectMetadata_GetRemoteId
169 -> USSvcImpl_ObjectMetadata_SetRemoteId
170 -> USSvcImpl_ObjectMetadata_GetParent
171 -> USSvcImpl_ObjectMetadata_SetParent
172 -> USSvcImpl_ItemMetadata_Move
173 -> USSvcImpl_ItemMetadata_SetMeetingResponse
174 -> USSvcImpl_ItemMetadata_GetMeetingResponses
175 -> USSvcImpl_ItemMetadata_Delete
176 -> USSvcImpl_FolderMetadata_GetFolderName
177 -> USSvcImpl_FolderMetadata_GetFolderType
178 -> USSvcImpl_FolderMetadata_GetRemoteKnowledge
179 -> USSvcImpl_FolderMetadata_SetRemoteKnowledge
180 -> USSvcImpl_FolderMetadata_AddItem
181 -> USSvcImpl_FolderMetadata_LookupItemObjectId
182 -> USSvcImpl_FolderMetadata_LookupItemRemoteId
183 -> USSvcImpl_FolderMetadata_GetItems
184 -> USSvcImpl_FolderMetadata_AddFolder
185 -> USSvcImpl_FolderMetadata_LookupFolderObjectId
186 -> USSvcImpl_FolderMetadata_LookupFolderRemoteId
187 -> USSvcImpl_FolderMetadata_GetChildFolders
188 -> USSvcImpl_FolderMetadata_Delete
189 -> USSvcImpl_FolderMetadata_DeleteInBatches
190 -> USSvcImpl_MeetingResponse_GetResponseId
191 -> USSvcImpl_MeetingResponse_GetMeetingMetadata
192 -> USSvcImpl_MeetingResponse_GetMeetingPermanentId
193 -> USSvcImpl_MeetingResponse_GetMeetingInstanceId
194 -> USSvcImpl_MeetingResponse_GetResponseType
195 -> USSvcImpl_MeetingResponse_GetMeetingUserComments
196 -> USSvcImpl_MeetingResponse_GetPlaceholderMeetingObjectId
197 -> USSvcImpl_MeetingResponse_GetPropsBlob
198 -> USSvcImpl_MeetingResponse_SetProps
199 -> USSvcImpl_MeetingResponse_Delete
200 -> USSvcImpl_ItemMetadataEnum_Next
201 -> USSvcImpl_ItemMetadataEnum_Skip
202 -> USSvcImpl_ItemMetadataEnum_Reset
203 -> USSvcImpl_ItemMetadataEnum_Clone
204 -> USSvcImpl_FolderMetadataEnum_Next
205 -> USSvcImpl_FolderMetadataEnum_Skip
206 -> USSvcImpl_FolderMetadataEnum_Reset
207 -> USSvcImpl_FolderMetadataEnum_Clone
208 -> USSvcImpl_EnumMeetingResponses_Next
209 -> USSvcImpl_EnumMeetingResponses_Skip
210 -> USSvcImpl_EnumMeetingResponses_Reset
211 -> USSvcImpl_EnumMeetingResponses_Clone
RPC c8ba73d2-3d55-429c-8e9a-c44f006f69fc (0.0) -- c:\windows\system32\userdataservice.dll
0 -> UdmSvcImpl_CloseEnumHandle
1 -> UdmSvcImpl_CloseSessionHandle
2 -> UdmSvcImpl_OpenSession
3 -> UdmSvcImpl_CreateSessionWithSameSecurityContext
4 -> UdmSvcImpl_OpenCallHistorySession
5 -> UdmSvcImpl_EnableProcessForTesting
6 -> UdmSvcImpl_EnableUserDataServiceBackgroundNotification
7 -> UdmSvcImpl_CheckObjectExistence
8 -> UdmSvcImpl_GetObjectProperties
9 -> UdmSvcImpl_GetObjectPropertiesWithScope
10 -> UdmSvcImpl_GetAppointmentProperties
11 -> UdmSvcImpl_GetCallHistoryEnum
12 -> UdmSvcImpl_DeleteCallHistory
13 -> UdmSvcImpl_MarkCallHistorySeen
14 -> UdmSvcImpl_CreateCallHistoryItem
15 -> UdmSvcImpl_GetUnseenCallCount
16 -> UdmSvcImpl_UpdateCallDetails
17 -> UdmSvcImpl_ResolveCalls
18 -> UdmSvcImpl_GetCallHistoryEntryEnum
19 -> UdmSvcImpl_UpdateEnumPropertySet
20 -> UdmSvcImpl_EnumFetchObjects
21 -> UdmSvcImpl_EnumFetchMatchingObjects
22 -> UdmSvcImpl_EnumGetCount
23 -> UdmSvcImpl_EnumGetState
24 -> UdmSvcImpl_EnumMoveFirst
25 -> UdmSvcImpl_EnumMoveLast
26 -> UdmSvcImpl_CreateCallFavoriteItem
27 -> UdmSvcImpl_DeleteCallFavorite
28 -> UdmSvcImpl_MoveCallFavoriteItem
29 -> UdmSvcImpl_ReorderGroups
30 -> UdmSvcImpl_ResolveFavorites
31 -> UdmSvcImpl_GetCallFavoriteEnum
32 -> UdmSvcImpl_ControlSessionNotifies
33 -> UdmSvcImpl_Advise
34 -> UdmSvcImpl_Unadvise
35 -> UdmSvcImpl_HasNotifications
36 -> UdmSvcImpl_GetNotifyMessage
37 -> UdmSvcImpl_GetFilePropertyStream
38 -> UdmSvcImpl_UpdateCallHistoryObjects
39 -> UdmSvcImpl_UpdateCalendarObjects
40 -> UdmSvcImpl_GetUnexpandedAppointmentEnum
41 -> UdmSvcImpl_GetCalendarEnum
42 -> UdmSvcImpl_GetAppointmentEnum
43 -> UdmSvcImpl_GetSingleAppointmentEnum
44 -> UdmSvcImpl_GetAppointmentSearchEnum
45 -> UdmSvcImpl_GetAppointmentExceptionEnum
46 -> UdmSvcImpl_GetAppointmentRevisionEnum
47 -> UdmSvcImpl_GetConflictInfoById
48 -> UdmSvcImpl_GetConflictInfoByProperties
49 -> UdmSvcImpl_GetAppointmentAppInfo
50 -> UdmSvcImpl_GetLocalIdArrayFromAppointmentRemoteObjectId
51 -> UdmSvcImpl_SetAutoReplySettings
52 -> UdmSvcImpl_GetAutoReplySettings
53 -> UdmSvcImpl_StartOrResetChangeTracking
54 -> UdmSvcImpl_ValidateCallerAccess
55 -> UdmSvcImpl_GenerateValidationToken
56 -> UdmSvcImpl_RedeemValidationToken
57 -> UdmSvcImpl_DeleteAllPackageData
58 -> UdmSvcImpl_CleanupStaleAppData
59 -> UdmSvcImpl_UpdateChatObjects
60 -> UdmSvcImpl_UpdateChangeTracking
61 -> UdmSvcImpl_ValidateChatMessage
62 -> UdmSvcImpl_GetChatObjectProperties
63 -> UdmSvcImpl_GetChatMessageEnum
64 -> UdmSvcImpl_GetChatRevisionMessageEnum
65 -> UdmSvcImpl_EnumFetchChatMessages
66 -> UdmSvcImpl_GetChatConversationEnum
67 -> UdmSvcImpl_GetChatSearchEnum
68 -> UdmSvcImpl_GetChatConversationIdFromThreadingInfo
69 -> UdmSvcImpl_GetChatTransports
70 -> UdmSvcImpl_RegisterChatTransport
71 -> UdmSvcImpl_GetChatApps
72 -> UdmSvcImpl_GetDefaultChatApp
73 -> UdmSvcImpl_SetDefaultChatApp
74 -> UdmSvcImpl_NotifyChatApp
75 -> UdmSvcImpl_UpdateAnnotationObjects
76 -> UdmSvcImpl_GetContactMatchSuggestions
77 -> UdmSvcImpl_UpdateContactObjects
78 -> UdmSvcImpl_ContactLinking
79 -> UdmSvcImpl_SetContactPreference
80 -> UdmSvcImpl_SetRemoteIdentificationInformation
81 -> UdmSvcImpl_GetMeContactId
82 -> UdmSvcImpl_VCardToContact
83 -> UdmSvcImpl_ContactToVCard
84 -> UdmSvcImpl_SetContactNameOrder
85 -> UdmSvcImpl_SetContactNameIncludeMiddle
86 -> UdmSvcImpl_ToggleContactMaintenance
87 -> UdmSvcImpl_GetObjectByRemoteId
88 -> UdmSvcImpl_GetAnnotationListEnum
89 -> UdmSvcImpl_GetContactListEnum
90 -> UdmSvcImpl_GetContactEnum
91 -> UdmSvcImpl_GetAnnotationEnum
92 -> UdmSvcImpl_GetContactRevisionEnum
93 -> UdmSvcImpl_UpdateEmailObjects
94 -> UdmSvcImpl_GetEmailFolderMessageCounts
95 -> UdmSvcImpl_GetEmailMailboxEnum
96 -> UdmSvcImpl_GetEmailFolderEnum
97 -> UdmSvcImpl_GetEmailRevisionEnum
98 -> UdmSvcImpl_GetEmailMessageEnum
99 -> UdmSvcImpl_GetEmailConversationEnum
100 -> UdmSvcImpl_IsChangeTrackingEnabled
101 -> UdmSvcImpl_EmptyEmailFolder
102 -> UdmSvcImpl_CreateResponseMessage
103 -> UdmSvcImpl_MoveFolder
104 -> UdmSvcImpl_CreateFolder
105 -> UdmSvcImpl_RespondToMeeting
106 -> UdmSvcImpl_ForwardMeeting
107 -> UdmSvcImpl_ProposeNewTimeForMeeting
108 -> UdmSvcImpl_ResolveRecipients
109 -> UdmSvcImpl_ValidateCertificates
110 -> UdmSvcImpl_GetMessageIdFromAttachmentId
111 -> UdmSvcImpl_RegisterSyncManager
112 -> UdmSvcImpl_SyncObject
113 -> UdmSvcImpl_GetUserDataAccountEnum
114 -> UdmSvcImpl_UpdateUserDataAccountObjects
115 -> UdmSvcImpl_MakeDefaultAccount
116 -> UdmSvcImpl_GetCachedChatCapabilities
117 -> UdmSvcImpl_GetChatCapabilitiesFromNetwork
118 -> UdmSvcImpl_GetRcsServiceStatus
119 -> UdmSvcImpl_SendLocalParticipantComposing
120 -> UdmSvcImpl_RaiseRemoteParticipantComposing
121 -> UdmSvcImpl_AdviseForConversationComposingStatusChanges
122 -> UdmSvcImpl_UnadviseFromConversationComposingStatusChanges
123 -> UdmSvcImpl_GetChatCloudServiceSettings
124 -> UdmSvcImpl_SetChatCloudServiceSettings
125 -> UdmSvcImpl_UpdateRcsEndUserMessage
126 -> UdmSvcImpl_StartCloudServiceSync
127 -> UdmSvcImpl_UpdateTaskObjects
128 -> UdmSvcImpl_GetTaskListEnum
129 -> UdmSvcImpl_GetTaskEnum
130 -> UdmSvcImpl_UpdateContactGroupObjects
131 -> UdmSvcImpl_GetContactGroupEnum
132 -> UdmSvcImpl_GetContactGroupMemberEnum
RPC 43890c94-bfd7-4655-ad6a-b4a68397cdcb (0.0) -- c:\windows\system32\pimindexmaintenance.dll
0 -> PimIMService_UpdateStores
1 -> PimIMService_UpdateItems
2 -> PimIMService_RebuildAggregateCache
3 -> PimIMService_Suspend
4 -> PimIMService_Resume
5 -> PimIMService_CacheAggregateCacheFileMapping
6 -> PimIMService_LoadAggregateCache
7 -> PimIMService_CreateIndexedFilter
8 -> PimIMService_SetStaticFilter
9 -> PimIMService_GetIndexedProperties
10 -> PimIMService_FindNextServerMatch
11 -> PimIMService_SetFilter
12 -> PimIMService_Reset
13 -> PimIMService_CloseIndexedFilter
Endpoints :
ncalrpc : OLE21C560CC386C5ADBD00A7BAF6359
ncalrpc : LRPC-b36a1e4ed36af63906
--------------------------------------------------------------------------------
<WinProcess "WaSecAgentProv.exe" pid 7372 at 0x5320240L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "conhost.exe" pid 4244 at 0x5320d30L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "dllhost.exe" pid 1728 at 0x53202b0L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\Windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
OLE 75121952-e0d0-43e5-9380-1d80483acf72 (0.0) -- ICreateObject
OLE e357fccd-a995-4576-b01f-234630154e96 (0.0) -- IThumbnailProvider
OLE b824b49d-22ac-4161-ac8a-9916e8fa3f7f (0.0) -- IInitializeWithStream
OLE 9d4966fa-dbd1-4799-a07f-6a5e1991bda4 (0.0) -- IOplockCallbackEventHandler
OLE 24a0bf18-6849-4d99-9fc8-48bcabace467 (0.0) -- IHandleDuplicator
Endpoints :
ncalrpc : OLEA35CAE47F3CB448262C486737259
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 2692 at 0x5320f28L>
64
['BthAvctpSvc']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 5ff37438-0fba-4480-a202-e1804f2d05bb (0.0) -- IBthAvrcpMediaBridge
OLE d22f448d-39dc-415f-8325-91eddf0d5264 (0.0) -- IMediaPlaybackDataChangedEventHandler
Endpoints :
ncalrpc : OLEAE719FEC3F144BC915DCB07EE8D3
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 7780 at 0x5320dd8L>
64
['swprv']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 609e123e-2c5a-44d3-8f01-0b1d9a47d1ff (0.0) -- IVssSoftwareSnapshotProvider
OLE 5f894e5b-1e39-4778-8e23-9abad9f0e08c (0.0) -- IVssProviderCreateSnapshotSet
OLE e561901f-03a5-4afe-86d0-72baeece7004 (0.0) -- IVssProviderNotifications
OLE fa7df749-66e7-4986-a27f-e2f04ae53772 (0.0) -- IVssSnapshotMgmt
OLE 214a0f28-b737-4026-b847-4f9e37d79529 (0.0) -- IVssDifferentialSoftwareSnapshotMgmt
OLE 949d7353-675f-4275-8969-f044c6277815 (0.0) -- IVssDifferentialSoftwareSnapshotMgmt2
OLE 01954e6b-9254-4e6e-808c-c9e05d007696 (0.0) -- IVssEnumMgmtObject
Endpoints :
ncalrpc : OLE360CFE6B9B751EB92BBB4AD7E3C3
--------------------------------------------------------------------------------
<WinProcess "WindowsAzureNetAgent.exe" pid 3680 at 0x5320ac8L>
64
['WindowsAzureNetAgentSvc']
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "VFPlugin.exe" pid 6084 at 0x53201d0L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "conhost.exe" pid 4316 at 0x5320438L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 6960 at 0x53209e8L>
64
['SEMgrSvc']
Interfaces :
RPC d09bdeb5-6171-4a34-bfe2-06fa82652568 (1.0) -- c:\windows\system32\BrokerLib.dll
0 -> _BriCreateEvent
1 -> _BriDeleteEvent
2 -> BriDisableEvent
3 -> BriEnableEvent
4 -> BriSignalEvent
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE eeb6db15-8672-4666-8cb9-e8ffee1d7166 (0.0) -- IPaymentMediatorServiceWallet
Endpoints :
ncalrpc : LRPC-9b6e9ac6726b0318fc
ncalrpc : OLEE3ABD67B7C371D13FD3A11472E67
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 7652 at 0x53207f0L>
64
['LicenseManager']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
RPC a4b8d482-80ce-40d6-934d-b22a01a44fe7 (1.0) -- c:\windows\system32\licensemanagersvc.dll
0 -> BeginAcquireLicense
1 -> PrecacheLicenseForPackageResume
2 -> EnsureLicenseForPackageActivation
3 -> EnsureLicenseForOptionalPackageUsage
4 -> PackageSuspendedNotification
5 -> PackageRundownNotification
6 -> OptionalPackageRundownNotification
7 -> Reset
OLE 71ba143f-598e-49d0-84eb-8febaedcc195 (0.0) -- INetworkStatusChangedEventHandler
OLE 90e2000c-b946-42fa-892f-94506f30ca4f (0.0) -- IApplicationLicenseManager
OLE 54d34ad6-0013-417b-9bb9-1dca63cab256 (0.0) -- ILicenseInstance
OLE cb5b47a9-6537-451f-8dd7-d305ae3dea57 (0.0) -- IApplicationContentInfo2
OLE afce43e5-977b-4b8a-b7b6-e26ecec26ddf (0.0) -- ISusNotify
OLE beef4698-9382-44ce-99a0-ece4e9c0916e (0.0) --
OLE 2f6b16bf-23b2-4e78-988f-7bdd0c3358b0 (0.0) -- IApplicationLicenseManager3
OLE 4d4933d6-8540-407a-8a7a-e712fb7096d5 (0.0) -- IApplicationContentInfo3
Endpoints :
ncalrpc : OLE3070FC16028567F2B8C7A01C4ECF
ncalrpc : LicenseServiceEndpoint
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 5780 at 0x5320160L>
64
['PhoneSvc']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
RPC a3bae3f7-bf97-49fb-b48d-2a5e8657b436 (0.0) -- C:\Windows\System32\PhoneProviders.dll
0 -> InitializeConnectionToAppHost
1 -> NewIncomingCall
2 -> NewIncomingUpgradeCall
3 -> NewOutgoingCall
4 -> NewAcceptedCall
5 -> NewAppInitiatedCall
6 -> ShowAppUI
7 -> NewOutgoingUpgradeCall
8 -> CallAccepted
9 -> CallActive
10 -> CallReady
11 -> CallHeld
12 -> CallEnded
13 -> SetMuteState
14 -> UpdateCallContactName
15 -> UpdateCallStartTime
16 -> GetCallStartTime
17 -> UpdateCallAttributes
18 -> GetNextVoipAppOperation
19 -> VoipAppOperationComplete
20 -> ConfirmVoipNonSeamlessUpgrade
21 -> CancelVoipUpgrade
22 -> ReserveVoipCallResources
23 -> ReserveVoipCallResourcesForOneProcessVoIP
24 -> CancelVoipCallResourceReservation
RPC 8be456ec-9244-4d10-88e8-1ddf1baa9ade (1.0) -- c:\windows\system32\phoneservice.dll
0 -> PhoneSvcImpl_PhoneRpcDial
1 -> PhoneSvcImpl_PhoneRpcEnd
2 -> PhoneSvcImpl_PhoneRpcSwap
3 -> PhoneSvcImpl_PhoneRpcHold
4 -> PhoneSvcImpl_PhoneRpcFlash
5 -> PhoneSvcImpl_PhoneRpcConference
6 -> PhoneSvcImpl_PhoneRpcPrivate
7 -> PhoneSvcImpl_PhoneRpcSendDtmf
8 -> PhoneSvcImpl_PhoneRpcSendDtmfStart
9 -> PhoneSvcImpl_PhoneRpcSendDtmfStop
10 -> PhoneSvcImpl_PhoneRpcAcceptIncoming
11 -> PhoneSvcImpl_PhoneRpcRejectIncoming
12 -> PhoneSvcImpl_PhoneRpcDropAccept
13 -> PhoneSvcImpl_PhoneRpcGetCallInfo
14 -> PhoneSvcImpl_PhoneRpcGetState
15 -> PhoneSvcImpl_PhoneRpcGetCallCounts
16 -> PhoneSvcImpl_PhoneRpcGetProviderLineInfo
17 -> PhoneSvcImpl_PhoneRpcGetProviderLineServiceInfo
18 -> PhoneSvcImpl_PhoneRpcGetProviderLineLockInfo
19 -> PhoneSvcImpl_PhoneRpcModifyLineSetting
20 -> PhoneSvcImpl_PhoneRpcSendRealTimeTextData
21 -> PhoneSvcImpl_PhoneRpcAcceptUpgradingRealTimeTextCall
22 -> PhoneSvcImpl_PhoneRpcUpgradeToRealTimeTextCall
23 -> PhoneSvcImpl_PhoneRpcDowngradeFromRealTimeTextCall
24 -> PhoneSvcImpl_PhoneRpcGetAudioRouting
25 -> PhoneSvcImpl_PhoneRpcSetAudioRouting
26 -> PhoneSvcImpl_PhoneRpcSetMute
27 -> PhoneSvcImpl_PhoneRpcClearIdleCallsFromController
28 -> PhoneSvcImpl_PhoneRpcIsDtmfWaitPending
29 -> PhoneSvcImpl_PhoneRpcExitEmergencyMode
30 -> PhoneSvcImpl_PhoneRpcGetCellularApiComponentInfo
31 -> PhoneSvcImpl_PhoneRpcGetVoicemailNumberAndOverrideInfo
32 -> PhoneSvcImpl_PhoneRpcInitiateRetrievalOfCIDRestrictionSupport
33 -> PhoneSvcImpl_PhoneRpcRefreshCallForwardingState
34 -> PhoneSvcImpl_PhoneRpcGetServiceProcessId
35 -> PhoneSvcImpl_PhoneRpcStartVoicemailSync
36 -> PhoneSvcImpl_PhoneRpcSaveVvmPassword
37 -> PhoneSvcImpl_PhoneRpcGetSupportsLocalVvmConfig
38 -> PhoneSvcImpl_PhoneRpcActivateVisualVoicemail
39 -> PhoneSvcImpl_PhoneRpcDeactivateVisualVoicemail
40 -> PhoneSvcImpl_PhoneRpcGetVisualVoicemailAccessorInfo
41 -> PhoneSvcImpl_PhoneRpcGetVisualVoicemailBranding
42 -> PhoneSvcImpl_PhoneRpcMapIddPrefixToPlus
43 -> PhoneSvcImpl_PhoneRpcGetAssistedDialNumber
44 -> PhoneSvcImpl_PhoneRpcGetAssistedDialSetting
45 -> PhoneSvcImpl_PhoneRpcGetGlobalAvailableVerbs
46 -> PhoneSvcImpl_PhoneRpcGetNetworkAlertText
47 -> PhoneSvcImpl_PhoneRpcIsVvmSetupComplete
48 -> PhoneSvcImpl_PhoneRpcMarkVvmSetupComplete
49 -> PhoneSvcImpl_PhoneRpcReinitiateCallerIdLookup
50 -> PhoneSvcImpl_PhoneRpcGetPreferredCallUpgradeLine
51 -> PhoneSvcImpl_PhoneRpcSetPreferredCallUpgradeLine
52 -> PhoneSvcImpl_PhoneRpcInitiateCallUpgrade
53 -> PhoneSvcImpl_PhoneRpcIsVoiceRoamingRestrictionActive
54 -> PhoneSvcImpl_PhoneRpcSetForegroundLine
55 -> PhoneSvcImpl_PhoneRpcGetAggregateBranding
56 -> PhoneSvcImpl_PhoneRpcGetBrandingText
57 -> PhoneSvcImpl_PhoneRpcSetReminderInfo
58 -> PhoneSvcImpl_PhoneRpcConfirmNonSeamlessUpgrade
59 -> PhoneSvcImpl_PhoneRpcCancelNonSeamlessUpgrade
60 -> PhoneSvcImpl_PhoneRpcSetLocalVideo
61 -> PhoneSvcImpl_PhoneRpcAddVideo
62 -> PhoneSvcImpl_PhoneRpcDropVideo
63 -> PhoneSvcImpl_PhoneRpcAcceptVideo
64 -> PhoneSvcImpl_PhoneRpcRejectVideo
65 -> PhoneSvcImpl_PhoneRpcSetVideoPaused
66 -> PhoneSvcImpl_PhoneRpcRefreshVideoCallingSetting
67 -> PhoneSvcImpl_PhoneRpcIsVideoCallingSwitchActionable
68 -> PhoneSvcImpl_PhoneRpcSetActiveAppByType
69 -> PhoneSvcImpl_PhoneRpcGetAppListByType
70 -> PhoneSvcImpl_PhoneRpcSetActiveSpamFilterApp
71 -> PhoneSvcImpl_PhoneRpcHandleAppUninstallByType
72 -> PhoneSvcImpl_PhoneRpcGetRecordingState
73 -> PhoneSvcImpl_PhoneRpcStartRecording
74 -> PhoneSvcImpl_PhoneRpcPauseRecording
75 -> PhoneSvcImpl_PhoneRpcFinishRecording
76 -> PhoneSvcImpl_PhoneRpcRefreshEcbmState
77 -> PhoneSvcImpl_PhoneRpcGetVideoCapabilitySharingSettings
78 -> PhoneSvcImpl_PhoneRpcSetVideoCapabilitySharingSettings
79 -> PhoneSvcImpl_PhoneRpcExplicitCallTransfer
80 -> PhoneSvcImpl_PhoneRpcMarkDataAffinityNotificationSeen
81 -> PhoneSvcImpl_ReceivedSystemNotificationCallbackPayload
82 -> PhoneSvcImpl_RpcRetrieveSystemNotificationCallbackPayload
RPC 68227ae7-9a32-45b0-8472-bf9619965838 (1.0) -- c:\windows\system32\phoneservice.dll
0 -> PhoneSvcImpl_PhoneRpcDialExternal
1 -> PhoneSvcImpl_PhoneRpcClearMissedCallCount
RPC ae58b386-c914-4a73-ba5c-2c3e2749e478 (1.0) -- c:\windows\system32\phoneservice.dll
0 -> PhoneSvcImpl_RpcClearNewVoicemailCount
RPC 3573e5f2-cfe7-4a79-845f-fe7c68823738 (1.0) -- c:\windows\system32\phoneservice.dll
0 -> PhoneSvcImpl_PhoneRpcInitializeConnectionToOBA
1 -> PhoneSvcImpl_PhoneRpcEnableFiltering
2 -> PhoneSvcImpl_PhoneRpcSetCallBlockingPreferences
RPC f26e2372-d601-44f0-84b8-2591d2af2f82 (1.0) -- c:\windows\system32\phoneservice.dll
0 -> PhoneSvcImpl_PhoneRpcCallVoicemail
1 -> PhoneSvcImpl_PhoneRpcPublicDial
2 -> PhoneSvcImpl_PhoneRpcCallCapabilityAccessCheck
3 -> PhoneSvcImpl_PhoneRpcGetLinePublicInfo
4 -> PhoneSvcImpl_PhoneRpcGetLinePublicInfoExtended
5 -> PhoneSvcImpl_PhoneRpcGetLinePublicSettings
6 -> PhoneSvcImpl_PhoneRpcGetDefaultOutgoingLine
7 -> PhoneSvcImpl_PhoneRpcGetCallFilteringEnabled
8 -> PhoneSvcImpl_PhoneRpcIsEmergencyNumber
9 -> PhoneSvcImpl_PhoneRpcIsImmediateDialString
10 -> PhoneSvcImpl_PhoneRpcGetLines
11 -> PhoneSvcImpl_PhoneRpcAdvise
12 -> PhoneSvcImpl_PhoneRpcUnadvise
13 -> PhoneSvcImpl_PhoneRpcGetNotifyData
14 -> PhoneSvcImpl_PhoneRpcIsPhoneNumberInBlockList
15 -> PhoneSvcImpl_PhoneRpcGetActiveSpamFilterApp
16 -> PhoneSvcImpl_PhoneRpcSetBlockPrivateNumbersSetting
17 -> PhoneSvcImpl_PhoneRpcGetBlockPrivateNumbersSetting
18 -> PhoneSvcImpl_PhoneRpcSetBlockUnknownNumbersSetting
19 -> PhoneSvcImpl_PhoneRpcGetBlockUnknownNumbersSetting
20 -> PhoneSvcImpl_PhoneRpcSetFilterAppBlockList
21 -> PhoneSvcImpl_PhoneRpcSetCallOriginInfo
22 -> PhoneSvcImpl_PhoneRpcSetCallerAsActiveAppByType
23 -> PhoneSvcImpl_PhoneRpcGetActiveAppByType
24 -> PhoneSvcImpl_PhoneRpcGetDeviceSupportsVideoCalling
25 -> PhoneSvcImpl_PhoneRpcGetDeviceRealTimeTextEnabled
26 -> PhoneSvcImpl_PhoneRpcGetDeviceRealTimeTextAutomaticEnabled
27 -> PhoneSvcImpl_PhoneRpcGetRecordingApplications
28 -> PhoneSvcImpl_PhoneRpcSetRecordingApplication
29 -> PhoneSvcImpl_PhoneRpcGetVideoCapabilities
30 -> PhoneSvcImpl_PhoneRpcGetShouldMuteKeypad
31 -> PhoneSvcImpl_PhoneRpcIsVideoCallingEnabled
Endpoints :
ncalrpc : OLE89DEFE7A0D87EBDD1BEB4C0737E0
ncalrpc : LRPC-41b4ecb61e57e8cc1f
ncalrpc : LRPC-f485ff02051cfc8393
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 4836 at 0x53200f0L>
64
['lfsvc']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 3d0423b1-bbd4-4c4a-8f20-da15228e0f3d (0.0) -- ILocationManager
RPC d09bdeb5-6171-4a34-bfe2-06fa82652568 (1.0) -- c:\windows\system32\BrokerLib.dll
0 -> _BriCreateEvent
1 -> _BriDeleteEvent
2 -> BriDisableEvent
3 -> BriEnableEvent
4 -> BriSignalEvent
Endpoints :
ncalrpc : OLE0701F69C5DB819941ADAF201E932
ncalrpc : LRPC-acfe7a614f526bc7b2
--------------------------------------------------------------------------------
<WinProcess "WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" pid 7384 at 0x5320ba8L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 638bb2db-451d-4661-b099-414f34ffb9f1 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationView
OLE 49a07732-e7b8-5c5b-9de7-22e33cb97004 (0.0) -- __FIEventHandler_1_Windows__CApplicationModel__CActivation__CBackgroundActivatedEventArgs
OLE 92696c00-7578-48e1-ac1a-2ca909e2c8cf (0.0) -- __x_Windows_CApplicationModel_CCore_CIActivatableApplication
OLE 2e5500b6-66ad-467f-abb5-022a64283d88 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationViewInternal
OLE 4f9c5cec-0197-49fe-b800-0d5a72a6c505 (0.0) -- IUiaWindowNotifierCallback
OLE abadfe7f-04c1-4a9f-9b3c-a323f1c80178 (0.0) -- IScaleChangeSink
OLE c50898f6-c536-5f47-8583-8b2c2438a13b (0.0) -- Windows.Foundation.IEventHandler<IInspectable>
OLE 2dbdba9d-20da-519d-9078-09f835bc5bc7 (0.0) -- ITypedEventHandler<UISettings,IInspectable>
OLE 7d56d344-8464-4faf-aa49-37ea6e2d7bd1 (0.0) -- __x_Windows_CApplicationModel_CDataTransfer_CDragDrop_CCore_CICoreDragDropManager
OLE cd292360-2763-4085-8a9f-74b224a29175 (0.0) -- __x_Windows_CUI_CCore_CICoreWindowFactory
OLE 087ca5a4-8cfc-4264-b39d-da2bb2583a11 (0.0) -- ICoreWindowFactoryPriv
OLE 92cee296-66e6-4678-984a-579e02c88be6 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationViewForceMarshal
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 6030e7c3-f93f-5e9c-9ba2-9a018d2b09c0 (0.0) -- __FIEventHandler_1_Windows__CSystem__CAppMemoryUsageLimitChangingEventArgs
Endpoints :
ncalrpc : OLED375DAF03115855CA4C9020AA55E
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 7876 at 0x5320b70L>
64
['BITS']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 1299cf18-c4f5-4b6a-bb0f-2299f0398e27 (0.0) -- INotifyNetworkListManagerEvents
OLE 22d2e146-1a68-40b8-949c-8fd848b415e6 (0.0) -- INotifyNetworkEvents
OLE 2abc0864-9677-42e5-882a-d415c556c284 (0.0) -- INotifyNetworkInterfaceEvents
OLE 733b7764-5c0c-4ad6-bb4b-d0585e993e0e (0.0) -- INotifyNetworkGlobalCostEvents
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 000001a0-0000-0000-c000-000000000046 (0.0) -- ISystemActivator
OLE adda3d55-6f72-4319-bff9-18600a539b10 (0.0) -- IUPnPDeviceFinder
OLE 43c6b434-c1be-4ad2-af03-c0deaccebd1f (0.0) -- IBackgroundAccessStateChangeHandler
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 5ce34c0d-0dc9-4c1f-897c-daa1b78cee7c (0.0) -- IBackgroundCopyManager
OLE 37668d37-507e-4160-9316-26306d150b12 (0.0) -- IBackgroundCopyJob
OLE 54b50739-686f-45eb-9dff-d6a9a0faa9af (0.0) -- IBackgroundCopyJob2
OLE e847030c-bbba-4657-af6d-484aa42bf1fe (0.0) -- IBackgroundCopyJob5
OLE 659cdeae-489e-11d9-a9cd-000d56965251 (0.0) -- IBackgroundCopyJob4
OLE 443c8934-90ff-48ed-bcde-26f5c7450042 (0.0) -- IBackgroundCopyJob3
OLE ca51e165-c365-424c-8d41-24aaa4ff3c40 (0.0) -- IEnumBackgroundCopyFiles
OLE 01b7bd23-fb88-4a77-8490-5891d3e4653a (0.0) -- IBackgroundCopyFile
OLE 85c1657f-dafc-40e8-8834-df18ea25717e (0.0) -- IBackgroundCopyFile5
OLE ef7e0655-7888-4960-b0e5-730846e03492 (0.0) -- IBackgroundCopyFile4
OLE 659cdeaa-489e-11d9-a9cd-000d56965251 (0.0) -- IBackgroundCopyFile3
OLE 83e81b93-0873-474d-8a8c-f2018b1a939c (0.0) -- IBackgroundCopyFile2
OLE 8dcc8327-dbe9-48e6-846c-33725865d50c (0.0) -- IUPnPPrivateCallbackHelper
OLE 415a984a-88b3-49f3-92af-0508bedf0d6c (0.0) -- IUPnPDeviceFinderCallback
OLE 1af4f612-3b71-466f-8f58-7b6f73ac57ad (0.0) -- IEnumBackgroundCopyJobs
Endpoints :
ncalrpc : OLEFF541DCCA14127403490802B8134
--------------------------------------------------------------------------------
<WinProcess "chrome.exe" pid 2920 at 0x5320048L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 2dbdba9d-20da-519d-9078-09f835bc5bc7 (0.0) -- ITypedEventHandler<UISettings,IInspectable>
OLE 00000160-0000-0000-c000-000000000046 (0.0) -- IPrivDragDrop
OLE ad6db2cf-0c8d-438b-b25d-9a9a82903b2b (0.0) -- IWindow
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 1b988c32-1bc7-52fa-83ba-0b97e79c878b (0.0) -- IAsyncOperationCompletedHandler<AppReputationResult>
Endpoints :
ncalrpc : OLE5DD4B044A9CC48E26E51631E5710
--------------------------------------------------------------------------------
<WinProcess "chrome.exe" pid 5620 at 0x53206a0L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "chrome.exe" pid 852 at 0x5320be0L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "chrome.exe" pid 5456 at 0x53205f8L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : OLE9E4AB92EB13923188C0F4561794C
--------------------------------------------------------------------------------
<WinProcess "svchost.exe" pid 4072 at 0x5320828L>
64
['SDRSVC']
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 2af1fe1b-1ec5-4190-bd89-04dfa7ede9ea (0.0) -- ISdrRestoreService
Endpoints :
ncalrpc : OLE655B617BB91E36AAD345F8E389CC
--------------------------------------------------------------------------------
<WinProcess "cmd.exe" pid 3952 at 0x5320ef0L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "conhost.exe" pid 7848 at 0x53208d0L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "chrome.exe" pid 7496 at 0x5320a58L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "chrome.exe" pid 6124 at 0x5320c18L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "ProcessHacker.exe" pid 5324 at 0x5320860L>
64
Interfaces :
Endpoints :
--------------------------------------------------------------------------------
<WinProcess "Microsoft.Photos.exe" pid 8660 at 0x5320400L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 92696c00-7578-48e1-ac1a-2ca909e2c8cf (0.0) -- __x_Windows_CApplicationModel_CCore_CIActivatableApplication
OLE 638bb2db-451d-4661-b099-414f34ffb9f1 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationView
OLE 49a07732-e7b8-5c5b-9de7-22e33cb97004 (0.0) -- __FIEventHandler_1_Windows__CApplicationModel__CActivation__CBackgroundActivatedEventArgs
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 2e5500b6-66ad-467f-abb5-022a64283d88 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationViewInternal
OLE c21a025f-497a-47ce-abb5-dd7cf34d04cb (0.0) -- IBackgroundWorkItemInstanceEvents
OLE 350e1244-4575-45ee-8595-0aa8c6506fc7 (0.0) -- __x_Windows_CApplicationModel_CBackground_CIBackgroundWorkManagerInternal
OLE 6030e7c3-f93f-5e9c-9ba2-9a018d2b09c0 (0.0) -- __FIEventHandler_1_Windows__CSystem__CAppMemoryUsageLimitChangingEventArgs
OLE c50898f6-c536-5f47-8583-8b2c2438a13b (0.0) -- Windows.Foundation.IEventHandler<IInspectable>
Endpoints :
ncalrpc : OLE9511832B2BA7482430D2672A1FC4
--------------------------------------------------------------------------------
<WinProcess "RuntimeBroker.exe" pid 5024 at 0x5320518L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 6040ec14-6557-41f9-a3f7-b1cab7b42120 (0.0) -- IRuntimeBroker
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 5d115e66-27e8-492f-b8e5-2f90896cd4cd (0.0) -- __x_Windows_CStorage_CIKnownFoldersCameraRollStatics
OLE 72d1cb78-b3ef-4f75-a80b-6fd9dae2944b (0.0) -- __x_Windows_CStorage_CIStorageFolder
Endpoints :
ncalrpc : OLE54AC2DD8D657D5D27F287371CE08
--------------------------------------------------------------------------------
<WinProcess "SkypeApp.exe" pid 8040 at 0x53209b0L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 92696c00-7578-48e1-ac1a-2ca909e2c8cf (0.0) -- __x_Windows_CApplicationModel_CCore_CIActivatableApplication
OLE 638bb2db-451d-4661-b099-414f34ffb9f1 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationView
OLE 49a07732-e7b8-5c5b-9de7-22e33cb97004 (0.0) -- __FIEventHandler_1_Windows__CApplicationModel__CActivation__CBackgroundActivatedEventArgs
OLE 2e5500b6-66ad-467f-abb5-022a64283d88 (0.0) -- __x_Windows_CApplicationModel_CCore_CICoreApplicationViewInternal
OLE c21a025f-497a-47ce-abb5-dd7cf34d04cb (0.0) -- IBackgroundWorkItemInstanceEvents
OLE 350e1244-4575-45ee-8595-0aa8c6506fc7 (0.0) -- __x_Windows_CApplicationModel_CBackground_CIBackgroundWorkManagerInternal
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 2f63a9d3-e71c-4198-92af-a3aa949baabb (0.0) -- IStoreContextLicensesChangedCallback
OLE 54dfd981-1968-4ca3-b958-e595d16505eb (0.0) -- IEasClientDeviceInformation
OLE 71ba143f-598e-49d0-84eb-8febaedcc195 (0.0) -- INetworkStatusChangedEventHandler
OLE 92902a07-2f18-56e9-87fb-24fe19f70688 (0.0) -- IAsyncOperationCompletedHandler_1___FIVectorView_1_Windows__CDevices__CWiFi__CWiFiAdapter
OLE a4ed5c81-76c9-40bd-8be6-b1d90fb20ae7 (0.0) -- IAsyncActionCompletedHandler
OLE 06386a7a-e009-5b0b-ab68-a8e48b516647 (0.0) -- __FIAsyncOperationWithProgressCompletedHandler_2_Windows__CStorage__CStreams__CIBuffer_UINT32
OLE 1e466dc5-840f-54f9-b877-5e3a9f4b6c74 (0.0) -- IAsyncOperationWithProgressCompletedHandler<UINT32,UINT32>
OLE 93cc156d-af27-4dd3-846e-24ee40cadd25 (0.0) -- __x_Windows_CApplicationModel_CBackground_CIBackgroundTaskDeferral
OLE 6030e7c3-f93f-5e9c-9ba2-9a018d2b09c0 (0.0) -- __FIEventHandler_1_Windows__CSystem__CAppMemoryUsageLimitChangingEventArgs
OLE c50898f6-c536-5f47-8583-8b2c2438a13b (0.0) -- Windows.Foundation.IEventHandler<IInspectable>
Endpoints :
ncalrpc : OLEF1C434507B9BCC03D87AF3D8F34D
--------------------------------------------------------------------------------
<WinProcess "RuntimeBroker.exe" pid 7656 at 0x5320cf8L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 6040ec14-6557-41f9-a3f7-b1cab7b42120 (0.0) -- IRuntimeBroker
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE 5984c710-daf2-43c8-8bb4-a4d3eacfd03f (0.0) -- __x_Windows_CStorage_CIStorageFileStatics
OLE 9d3f339e-bdf7-4ef1-ba08-8b2f519e3d4a (0.0) -- IStorageFileStaticsPrivate
OLE 4207a996-ca2f-42f7-bde8-8b10457a7f30 (0.0) -- __x_Windows_CStorage_CIStorageItem
OLE 714862e5-50aa-406e-917a-bc894277d255 (0.0) -- IStorageItemInternal
OLE 4dac8671-4d47-42df-a831-54e268dd0da1 (0.0) -- ICreateStorageFile
OLE 5186131a-4467-504b-977a-0785a8230485 (0.0) -- __FIAsyncOperation_1_Windows__CStorage__CFileProperties__CBasicProperties
OLE d05d55db-785e-4a66-be02-9beec58aea81 (0.0) -- __x_Windows_CStorage_CFileProperties_CIBasicProperties
OLE 7c9d26b6-c493-49b3-b66a-80bef106286b (0.0) -- IObjectWithPropertyStore
OLE 886d8eeb-8cf2-4446-8d02-cdba1dbdcf99 (0.0) -- IPropertyStore
OLE a561605d-67b1-4f0c-a5f7-639daac362ce (0.0) -- IStoreContextServer
OLE e826ea58-66a9-4d41-83d4-b4c18c87b846 (0.0) -- __x_Windows_CApplicationModel_CBackground_CIBackgroundExecutionManagerStatics
OLE 7b44e581-cfa9-5763-bed7-6a65739f0dbf (0.0) -- __FIAsyncOperation_1_Windows__CApplicationModel__CBackground__CBackgroundAccessStatus
OLE 49f572e9-f524-4d67-b674-3d342d007adf (0.0) -- Windows.System.Profile.IHardwareInformationInternal
OLE 6d4b31c4-8adb-4f45-88c9-58e7b38cbdcf (0.0) -- INetworkInformationPrivate
OLE b4955b97-e1b7-4a54-a137-31bc7b5be589 (0.0) -- INetworkAdapterHelperPrivate
OLE dcb00002-570f-4a9b-8d69-199fdba5723b (0.0) -- INetwork
OLE 01bc4d39-f5e0-4567-a28c-42080c831b2b (0.0) -- INetworkItem
OLE 6cf5b075-a9ca-44b3-999b-994304844d46 (0.0) -- IDeviceEnumerationHelper
OLE da25fddd-d24c-43e3-aabd-c4659f730f99 (0.0) -- IWiFiAdapterStatics
OLE 00000141-0000-0000-c000-000000000046 (0.0) -- IDLLHost
OLE 6db1b492-3852-5df8-a29d-6944002f58d4 (0.0) -- IVectorView_1_Windows__CNetworking__CConnectivity__CConnectionProfile
OLE 3140802b-987c-5c56-a430-90fbc1898dda (0.0) -- IAsyncOperation_1___FIVectorView_1_Windows__CDevices__CWiFi__CWiFiAdapter
OLE 670a3c41-ecc8-55c2-84d4-51864496a328 (0.0) -- IVectorView_1_Windows__CDevices__CWiFi__CWiFiAdapter
OLE 71ba143c-598e-49d0-84eb-8febaedcc195 (0.0) -- IConnectionProfile
OLE 3b542e03-5388-496c-a8a3-affd39aec2e6 (0.0) -- INetworkAdapter
OLE e2045145-4c9f-400c-9150-7ec7d6e2888a (0.0) -- IConnectionProfile2
OLE bad7d829-3416-4b10-a202-bac0b075bdae (0.0) -- IConnectionCost
OLE 41286159-b91d-5736-ad8b-e16fcf8aced0 (0.0) -- IVectorView_1_Windows__CNetworking__CConnectivity__CLanIdentifier
Endpoints :
ncalrpc : OLED8C8DB5C12478B972F8B7F536C25
--------------------------------------------------------------------------------
<WinProcess "SkypeBackgroundHost.exe" pid 4332 at 0x5320128L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 00000035-0000-0000-c000-000000000046 (0.0) -- IActivationFactory
OLE af86e2e0-b12d-4c6a-9c5a-d7aa65101e90 (0.0) -- IInspectable
OLE f8154503-81ca-4652-9b22-607f59154908 (0.0) --
Endpoints :
ncalrpc : OLE9E576941A7E7B23D13DCEE580E43
--------------------------------------------------------------------------------
<WinProcess "audiodg.exe" pid 6020 at 0x53202e8L>
64
Interfaces :
RPC 1f53838b-693a-4bbb-99c9-b154f749b8a3 (1.0) -- C:\windows\system32\AUDIODG.EXE
0 -> AudioDGGetStartupStatus
1 -> AudioDGChallenge
2 -> AudioDGGetStreamVpoDescription
3 -> AudioDGSetStreamVpoPolicySchemas
4 -> AudioDGCloseStreamVpo
5 -> AudioDGGetDeviceGraphWnfStateName
6 -> AudioDGGetVpoFromVpoContext
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 00000132-0000-0000-c000-000000000046 (0.0) -- ILocalSystemActivator
OLE 816e5b3e-5523-4efc-9223-98ec4214c3a0 (0.0) -- IStreamGroup
OLE 5d857e80-f074-4ad8-a9ce-0ddca68d8212 (0.0) -- IProcessSubmix
OLE fd7f2b29-24d0-4b5c-b177-592c39f9ca10 (0.0) -- iaudioprocessingobject
OLE d81229b1-5a43-480c-92f7-be0f7f4eab60 (0.0) -- iaudiovolume
OLE 885c7b80-3fa2-4e5a-be07-cf01e1d6e2cd (0.0) -- iaudiomuteapo
OLE 419b26e3-fa99-4408-83de-cc1276efa489 (0.0) -- iaudiometer
OLE 788f7be2-9c40-41c0-af05-4393fbf409f9 (0.0) -- iaudiorateconvert
OLE 69fed9b6-5405-48b8-3db0-4ca492fc3677 (0.0) -- IAPOWrapperSrv
OLE 69e1f79f-6eae-4517-be9f-13aa90e30014 (0.0) -- iaudioprocessingobjectinternal
OLE 3c169ff7-37b2-484c-b199-c3155590f316 (0.0) -- iaudiodevicegraph
Endpoints :
ncalrpc : AudioDeviceGraph
ncalrpc : OLE6AA5CC8D6401B0DB9C8CC673BD4E
--------------------------------------------------------------------------------
<WinProcess "SearchProtocolHost.exe" pid 3836 at 0x5320550L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
Endpoints :
ncalrpc : OLEFEC50B84D0D12D736784314FBBC5
--------------------------------------------------------------------------------
<WinProcess "SearchFilterHost.exe" pid 8424 at 0x5320e10L>
64
Interfaces :
OLE 00000134-0000-0000-c000-000000000046 (0.0) -- IRundown
RPC 18f70770-8e64-11cf-9af1-0020af6e72f4 (0.0) -- C:\windows\System32\combase.dll
0 -> _UseProtseq
1 -> _GetCustomProtseqInfo
2 -> _UpdateResolverBindings
3 -> _NotifyFDT
4 -> _ControlTracing
OLE 00000131-0000-0000-c000-000000000046 (0.0) -- IRemUnknown
OLE 00000143-0000-0000-c000-000000000046 (0.0) -- IRemUnknown2
OLE 4f5385f1-f9a8-4536-9920-93e8d144dbd0 (0.0) -- IFilterHost
Endpoints :
ncalrpc : OLEA69FF588E4D4F38EAA026202F36A
--------------------------------------------------------------------------------
<WinProcess "python.exe" pid 8572 at 0x5320da0L>
64
Interfaces :
Endpoints :
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment