userenv.dll

  • File Path: C:\Windows\system32\userenv.dll
  • Description: Userenv

Hashes

Type Hash
MD5 FFAAFD22C44963E4D74B2848C5D7418E
SHA1 0355372165726B84560495084E533D9F84337998
SHA256 AA31B667D7D742060117C1B409CD7C76D65A4E94AA20E6488F3185082910E4AF
SHA384 63B6BAFE37F659FAB66513054207B13BAB2BC7BE1F15F0DA5A47C709FCDEC681A40F9E22E0E7FA1AAF1FE6951E466CE1
SHA512 F076C08AEC90AC8601E388812FE709728FE75D5047ADA6AA6D19D4CF8E23B184C6133623E241C5D831FEB91A7E84821726B2B96AD29DF65D679C8EC1D68ED11D
SSDEEP 1536:vEQQt0dxHfgc3f47i8esgdejsVDnCUwaahWZzgzO4hfa/vjMyq7r/9ZWR4x8r/hi:cQKIxHfgk+azuaCyWtygrVZQ44/wr
IMP E8A56FAFBEB48B7A01A08D84A69EF377
PESHA1 FDE688BF6E4BE1095CDB7EBBB9B32997A220AD23
PE256 A767DB3E87FE8883A3177CDF27DB3F1636020F6BD3A4C6A9CDF700E4B5C1CA97

DLL Exports:

Function Name Ordinal Type
HasPolicyForegroundProcessingCompleted 149 Exported Function
GetUserProfileDirectoryW 148 Exported Function
GetUserProfileDirectoryA 147 Exported Function
LeaveCriticalPolicySection 150 Exported Function
LoadUserProfileW 153 Exported Function
LoadUserProfileA 152 Exported Function
LoadProfileExtender 151 Exported Function
GetNextFgPolicyRefreshInfo 142 Exported Function
GetGPOListW 141 Exported Function
GetGPOListA 140 Exported Function
GetPreviousFgPolicyRefreshInfo 143 Exported Function
GetProfileType 144 Exported Function
GetProfilesDirectoryW 146 Exported Function
GetProfilesDirectoryA 145 Exported Function
ProcessGroupPolicyCompleted 154 Exported Function
UnloadProfileExtender 163 Exported Function
RsopSetPolicySettingStatus 162 Exported Function
RsopResetPolicySettingStatus 161 Exported Function
UnloadUserProfile 164 Exported Function
WaitForUserPolicyForegroundProcessing 167 Exported Function
WaitForMachinePolicyForegroundProcessing 166 Exported Function
UnregisterGPNotification 165 Exported Function
RefreshPolicyEx 157 Exported Function
RefreshPolicy 156 Exported Function
ProcessGroupPolicyCompletedEx 155 Exported Function
RegisterGPNotification 158 Exported Function
RsopLoggingEnabled 105 Exported Function
RsopFileAccessCheck 160 Exported Function
RsopAccessCheckByType 159 Exported Function
GetDefaultUserProfileDirectoryW 138 Exported Function
DeriveRestrictedAppContainerSidFromAppContainerSidAndRestrictedName 115 Exported Function
DeriveAppContainerSidFromAppContainerName 114 Exported Function
DeleteProfileW 113 Exported Function
DestroyEnvironmentBlock 116 Exported Function
DllRegisterServer 119 Exported Function
DllGetClassObject 118 Exported Function
DllCanUnloadNow 117 Exported Function
CreateAppContainerProfile 108 Exported Function
AreThereVisibleShutdownScripts 107 Exported Function
AreThereVisibleLogoffScripts 106 Exported Function
CreateEnvironmentBlock 109 Exported Function
DeleteProfileA 112 Exported Function
DeleteAppContainerProfile 111 Exported Function
CreateProfile 110 Exported Function
DllUnregisterServer 120 Exported Function
GetAppContainerFolderPath 131 Exported Function
GetAllUsersProfileDirectoryW 130 Exported Function
GetAllUsersProfileDirectoryA 129 Exported Function
GetAppContainerRegistryLocation 132 Exported Function
GetDefaultUserProfileDirectoryA 136 Exported Function
GetAppliedGPOListW 134 Exported Function
GetAppliedGPOListA 133 Exported Function
ExpandEnvironmentStringsForUserW 124 Exported Function
ExpandEnvironmentStringsForUserA 123 Exported Function
EnterCriticalPolicySection 121 Exported Function
ForceSyncFgPolicy 125 Exported Function
GenerateGPNotification 128 Exported Function
FreeGPOListW 127 Exported Function
FreeGPOListA 126 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: userenv.dll.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/aa31b667d7d742060117c1b409cd7c76d65a4e94aa20e6488f3185082910e4af/detection/

MIT License. Copyright (c) 2020-2021 Strontic.