Analysis Overview
SHA256
f9e5e1df07eb55a62dbee2ac0188c4b0497f3878219059b2a65c13701529c744
Threat Level: Shows suspicious behavior
The file q.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped DLL
Modifies file permissions
Detects Pyinstaller
Unsigned PE
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-04 13:52
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-04 13:52
Reported
2024-06-04 13:55
Platform
win10-20240404-en
Max time kernel
3s
Max time network
151s
Command Line
Signatures
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\q.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\q.exe | N/A |
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Common Files\microsoft shared\ink\FlickLearningWizard.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\q.exe
"C:\Users\Admin\AppData\Local\Temp\q.exe"
C:\Users\Admin\AppData\Local\Temp\q.exe
"C:\Users\Admin\AppData\Local\Temp\q.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\7-Zip\7z.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\7-Zip\7zFM.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\7-Zip\7zG.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\7-Zip\Uninstall.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ink\FlickLearningWizard.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ink\mip.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe"
C:\Program Files\Common Files\microsoft shared\ink\FlickLearningWizard.exe
"C:\Program Files\Common Files\microsoft shared\ink\FlickLearningWizard.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\chrome_proxy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Internet Explorer\ExtExport.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Internet Explorer\iediagcmd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Internet Explorer\ieinstal.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Internet Explorer\ielowutil.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Internet Explorer\iexplore.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\extcheck.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\idlj.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jabswitch.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jar.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jarsigner.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\java-rmi.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe"
C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe
"C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\java.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javac.exe"
C:\Program Files\Java\jdk-1.8\bin\jabswitch.exe
"C:\Program Files\Java\jdk-1.8\bin\jabswitch.exe"
C:\Program Files\Java\jdk-1.8\bin\idlj.exe
"C:\Program Files\Java\jdk-1.8\bin\idlj.exe"
C:\Program Files\Java\jdk-1.8\bin\jar.exe
"C:\Program Files\Java\jdk-1.8\bin\jar.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javadoc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javafxpackager.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javah.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javap.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javapackager.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javaw.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javaws.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jcmd.exe"
C:\Program Files\Java\jdk-1.8\bin\java-rmi.exe
"C:\Program Files\Java\jdk-1.8\bin\java-rmi.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jconsole.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jdb.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jdeps.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jhat.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jinfo.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jjs.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jmap.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jps.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jrunscript.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jsadebugd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jstack.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jstat.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jstatd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\keytool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\kinit.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\klist.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\ktab.exe"
C:\Program Files\Java\jdk-1.8\bin\java.exe
"C:\Program Files\Java\jdk-1.8\bin\java.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\native2ascii.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\orbd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\pack200.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\policytool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\rmic.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\rmid.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\rmiregistry.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\schemagen.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\serialver.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\servertool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\tnameserv.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\unpack200.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\wsgen.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\wsimport.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\xjc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\jabswitch.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\java-rmi.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\java.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\javacpl.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\javaw.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\javaws.exe"
C:\Program Files\Java\jdk-1.8\bin\javac.exe
"C:\Program Files\Java\jdk-1.8\bin\javac.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\jjs.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\jp2launcher.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\keytool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\kinit.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\klist.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\ktab.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\orbd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\pack200.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\policytool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\rmid.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\rmiregistry.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\servertool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\ssvagent.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\tnameserv.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\unpack200.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\jabswitch.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\java-rmi.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\java.exe"
C:\Program Files\Java\jdk-1.8\bin\javadoc.exe
"C:\Program Files\Java\jdk-1.8\bin\javadoc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\javacpl.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\javaw.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\javaws.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\jjs.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\keytool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\kinit.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\klist.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\ktab.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\orbd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\pack200.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\policytool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\rmid.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\rmiregistry.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\servertool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\ssvagent.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\tnameserv.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jre-1.8\bin\unpack200.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Client\AppVDllSurrogate32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Client\AppVDllSurrogate64.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Client\AppVLP.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Integration\Integrator.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Integration\Addons\OneDriveSetup.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\excelcnv.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\IEContentService.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\misc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\msoadfsb.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\msoasb.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\msoev.exe"
C:\Program Files\Java\jdk-1.8\bin\javafxpackager.exe
"C:\Program Files\Java\jdk-1.8\bin\javafxpackager.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\msoia.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\msotd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\officeappguardwin32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\PerfBoost.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\protocolhandler.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\SDXHelperBgt.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\Wordconv.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.Loader.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX40.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX45.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\SmartTagInstall.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\EQUATION\eqnedt32.exe"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\SQLDumper.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\SQLDumper.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\AppSharingHookController.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.DBConnection.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.DBConnection64.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.ShowHelp.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\filecompare.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\accicons.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\dbcicons.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\grv_icons.exe"
C:\Program Files\Java\jdk-1.8\bin\javah.exe
"C:\Program Files\Java\jdk-1.8\bin\javah.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\joticon.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\lyncicon.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\misc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\msouc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\ohub32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\osmadminicon.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\osmclienticon.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\outicon.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\pj11icon.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\pptico.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\pubs.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\sscicons.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\visicon.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\wordicon.exe"
C:\Program Files\Java\jdk-1.8\bin\javapackager.exe
"C:\Program Files\Java\jdk-1.8\bin\javapackager.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\xlicons.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-001F-0409-1000-0000000FF1CE}\misc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-001F-040C-1000-0000000FF1CE}\misc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-001F-0C0A-1000-0000000FF1CE}\misc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-006E-0409-1000-0000000FF1CE}\misc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office 15\ClientX64\IntegratedOffice.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\crashreporter.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\default-browser-agent.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\maintenanceservice.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\minidump-analyzer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\pingsender.exe"
C:\Program Files\Java\jdk-1.8\bin\javap.exe
"C:\Program Files\Java\jdk-1.8\bin\javap.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\plugin-container.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\private_browsing.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\updater.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\VideoLAN\VLC\uninstall.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\VideoLAN\VLC\vlc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender\ConfigSecurityPolicy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender\MpCmdRun.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender\MpUXSrv.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender\MSASCui.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender\MSASCuiL.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender\MsMpEng.exe"
C:\Program Files\Java\jdk-1.8\bin\javaw.exe
"C:\Program Files\Java\jdk-1.8\bin\javaw.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender\NisSrv.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender\Offline\OfflineScannerShell.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender Advanced Threat Protection\SenseCncProxy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Defender Advanced Threat Protection\SenseSampleUploader.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Mail\wab.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Mail\wabmig.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Mail\WinMail.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Media Player\setup_wm.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Media Player\wmlaunch.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Media Player\wmpconfig.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Media Player\wmplayer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Media Player\wmprph.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Media Player\wmpshare.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows NT\Accessories\wordpad.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Photo Viewer\ImagingDevices.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Windows Security\BrowserCore\BrowserCore.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Builder3D.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\AppxClickHandler.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe\MessagingApplication.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_x64__8wekyb3d8bbwe\3DViewer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_1.1702.21039.0_x64__8wekyb3d8bbwe\3DViewer.ResourceResolver.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8010.5926.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8010.5926.0_x64__8wekyb3d8bbwe\Office16\OfficeHubWin32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Solitaire.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.4.101.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe"
C:\Program Files\Java\jdk-1.8\bin\jcmd.exe
"C:\Program Files\Java\jdk-1.8\bin\jcmd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.58071.0_x64__8wekyb3d8bbwe\onenoteim.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.58071.0_x64__8wekyb3d8bbwe\onenoteshare.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.OneConnect_2.1701.277.0_x64__8wekyb3d8bbwe\OneConnect.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.People_10.1.10531.0_x64__8wekyb3d8bbwe\PeopleApp.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeHost.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.StorePurchaseApp_1.0.45.0_x64__8wekyb3d8bbwe\PurchaseApp.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.Wallet_1.0.16328.0_x64__8wekyb3d8bbwe\Microsoft.Wallet.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1702.333.0_x64__8wekyb3d8bbwe\Time.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.WindowsCamera_2017.125.40.0_x64__8wekyb3d8bbwe\WindowsCamera.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\HxAccounts.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\HxMail.exe"
C:\Program Files\Java\jdk-1.8\bin\jconsole.exe
"C:\Program Files\Java\jdk-1.8\bin\jconsole.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\HxTsr.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1612.10312.0_x64__8wekyb3d8bbwe\PilotshubApp.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe\Maps.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_10.1702.301.0_x64__8wekyb3d8bbwe\SoundRec.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.87.0_x64__8wekyb3d8bbwe\WinStore.App.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.XboxApp_25.25.13009.0_x64__8wekyb3d8bbwe\XboxApp.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.XboxGameOverlay_1.15.2003.0_x64__8wekyb3d8bbwe\GameBar.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe\XboxIdp.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.XboxSpeechToTextOverlay_1.14.2002.0_x64__8wekyb3d8bbwe\SpeechToTextOverlay64-Retail.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16112.11621.0_x64__8wekyb3d8bbwe\Music.UI.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16112.11601.0_x64__8wekyb3d8bbwe\Video.UI.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroBroker.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32Info.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroTextExtractor.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ADelRCP.exe"
C:\Program Files\Java\jdk-1.8\bin\jdb.exe
"C:\Program Files\Java\jdk-1.8\bin\jdb.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\arh.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Eula.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\FullTrustNotifier.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\LogTransport2.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\wow_helper.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroLayoutRecognizer\AcroLayoutRecognizer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\32BitMAPIBroker.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\64BitMAPIBroker.exe"
C:\Program Files\Java\jdk-1.8\bin\jhat.exe
"C:\Program Files\Java\jdk-1.8\bin\jhat.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Program Files\Java\jdk-1.8\bin\jdeps.exe
"C:\Program Files\Java\jdk-1.8\bin\jdeps.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\pipanel.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaws.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_76921\java.exe"
C:\Program Files\Java\jdk-1.8\bin\jjs.exe
"C:\Program Files\Java\jdk-1.8\bin\jjs.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_76921\javaw.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_76921\javaws.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler64.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdate.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateBroker.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateComRegisterShell64.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateCore.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateOnDemand.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateSetup.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\chrome_installer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Update\Install\{16192F7A-F8D4-4DCE-BE88-BF122FCFADB8}\chrome_installer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Internet Explorer\ExtExport.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Internet Explorer\ieinstal.exe"
C:\Program Files\Java\jdk-1.8\bin\jmap.exe
"C:\Program Files\Java\jdk-1.8\bin\jmap.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Internet Explorer\ielowutil.exe"
C:\Program Files\Java\jdk-1.8\bin\jinfo.exe
"C:\Program Files\Java\jdk-1.8\bin\jinfo.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
C:\Program Files\Java\jdk-1.8\bin\jrunscript.exe
"C:\Program Files\Java\jdk-1.8\bin\jrunscript.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows Mail\wab.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows Mail\wabmig.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows Mail\WinMail.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows Media Player\setup_wm.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows Media Player\wmlaunch.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows Media Player\wmpconfig.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows Media Player\wmplayer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows Media Player\wmprph.exe"
C:\Program Files\Java\jdk-1.8\bin\jps.exe
"C:\Program Files\Java\jdk-1.8\bin\jps.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows Media Player\wmpshare.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk"
C:\Program Files\Java\jdk-1.8\bin\jstat.exe
"C:\Program Files\Java\jdk-1.8\bin\jstat.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk"
C:\Program Files\Java\jdk-1.8\bin\jsadebugd.exe
"C:\Program Files\Java\jdk-1.8\bin\jsadebugd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk"
C:\Program Files\Java\jdk-1.8\bin\keytool.exe
"C:\Program Files\Java\jdk-1.8\bin\keytool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk"
C:\Program Files\Java\jdk-1.8\bin\jstatd.exe
"C:\Program Files\Java\jdk-1.8\bin\jstatd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk"
C:\Program Files\Java\jdk-1.8\bin\kinit.exe
"C:\Program Files\Java\jdk-1.8\bin\kinit.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk"
C:\Program Files\Java\jdk-1.8\bin\ktab.exe
"C:\Program Files\Java\jdk-1.8\bin\ktab.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Language Preferences.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Upload Center.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetry Dashboard for Office.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetry Log for Office.lnk"
C:\Program Files\Java\jdk-1.8\bin\klist.exe
"C:\Program Files\Java\jdk-1.8\bin\klist.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Java\jdk-1.8\bin\orbd.exe
"C:\Program Files\Java\jdk-1.8\bin\orbd.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Java\jdk-1.8\bin\native2ascii.exe
"C:\Program Files\Java\jdk-1.8\bin\native2ascii.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Java\jdk-1.8\bin\pack200.exe
"C:\Program Files\Java\jdk-1.8\bin\pack200.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Java\jdk-1.8\bin\rmid.exe
"C:\Program Files\Java\jdk-1.8\bin\rmid.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Java\jdk-1.8\bin\rmiregistry.exe
"C:\Program Files\Java\jdk-1.8\bin\rmiregistry.exe"
C:\Program Files\Java\jdk-1.8\bin\policytool.exe
"C:\Program Files\Java\jdk-1.8\bin\policytool.exe"
C:\Program Files\Java\jdk-1.8\bin\schemagen.exe
"C:\Program Files\Java\jdk-1.8\bin\schemagen.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\ssvagent.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\ssvagent.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\tnameserv.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\tnameserv.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\unpack200.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\unpack200.exe"
C:\Program Files\Java\jre-1.8\bin\jabswitch.exe
"C:\Program Files\Java\jre-1.8\bin\jabswitch.exe"
C:\Program Files\Java\jre-1.8\bin\java-rmi.exe
"C:\Program Files\Java\jre-1.8\bin\java-rmi.exe"
C:\Program Files\Java\jre-1.8\bin\java.exe
"C:\Program Files\Java\jre-1.8\bin\java.exe"
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe"
C:\Program Files\Java\jre-1.8\bin\jjs.exe
"C:\Program Files\Java\jre-1.8\bin\jjs.exe"
C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe
"C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe"
C:\Program Files\Java\jre-1.8\bin\policytool.exe
"C:\Program Files\Java\jre-1.8\bin\policytool.exe"
C:\Program Files\Java\jre-1.8\bin\klist.exe
"C:\Program Files\Java\jre-1.8\bin\klist.exe"
C:\Program Files\Java\jre-1.8\bin\rmiregistry.exe
"C:\Program Files\Java\jre-1.8\bin\rmiregistry.exe"
C:\Program Files\Java\jre-1.8\bin\servertool.exe
"C:\Program Files\Java\jre-1.8\bin\servertool.exe"
C:\Program Files\Java\jre-1.8\bin\rmid.exe
"C:\Program Files\Java\jre-1.8\bin\rmid.exe"
C:\Program Files\Java\jre-1.8\bin\unpack200.exe
"C:\Program Files\Java\jre-1.8\bin\unpack200.exe"
C:\Program Files\Microsoft Office\root\Client\AppVDllSurrogate32.exe
"C:\Program Files\Microsoft Office\root\Client\AppVDllSurrogate32.exe"
C:\Program Files\Microsoft Office\root\Client\AppVLP.exe
"C:\Program Files\Microsoft Office\root\Client\AppVLP.exe"
C:\Program Files\Microsoft Office\root\Integration\Integrator.exe
"C:\Program Files\Microsoft Office\root\Integration\Integrator.exe"
C:\Program Files\Microsoft Office\root\Integration\Addons\OneDriveSetup.exe
"C:\Program Files\Microsoft Office\root\Integration\Addons\OneDriveSetup.exe"
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe"
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
"C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe"
C:\Program Files\Microsoft Office\root\Office16\excelcnv.exe
"C:\Program Files\Microsoft Office\root\Office16\excelcnv.exe"
C:\Program Files\Microsoft Office\root\Office16\msoadfsb.exe
"C:\Program Files\Microsoft Office\root\Office16\msoadfsb.exe"
C:\Program Files\Microsoft Office\root\Office16\msoev.exe
"C:\Program Files\Microsoft Office\root\Office16\msoev.exe"
C:\Program Files\Microsoft Office\root\Office16\msotd.exe
"C:\Program Files\Microsoft Office\root\Office16\msotd.exe"
C:\Program Files\Microsoft Office\root\Office16\msoia.exe
"C:\Program Files\Microsoft Office\root\Office16\msoia.exe"
C:\Program Files\Java\jdk-1.8\bin\java.exe
"C:\Program Files\Java\jdk-1.8\bin\java.exe" -Xmx256M "-Djavafx.home=C:\Program Files\Java\jdk-1.8\bin" -classpath "C:\Program Files\Java\jdk-1.8\bin\..\lib\ant-javafx.jar;" com.sun.javafx.tools.packager.Main
C:\Program Files\Java\jdk-1.8\bin\java.exe
"C:\Program Files\Java\jdk-1.8\bin\java.exe" -Xmx256M "-Djavafx.home=C:\Program Files\Java\jdk-1.8\bin" -classpath "C:\Program Files\Java\jdk-1.8\bin\..\lib\ant-javafx.jar;" com.sun.javafx.tools.packager.Main
C:\Windows\system32\icacls.exe
C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\7-Zip\7z.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\7-Zip\Uninstall.exe
"C:\Program Files\7-Zip\Uninstall.exe"
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe"
C:\Program Files\Common Files\microsoft shared\ink\mip.exe
"C:\Program Files\Common Files\microsoft shared\ink\mip.exe"
C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe
"C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\7-Zip\7zFM.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"
C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe
"C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe"
C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe
"C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\7-Zip\7zG.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe"
C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
"C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Java\jdk-1.8\bin\jarsigner.exe
"C:\Program Files\Java\jdk-1.8\bin\jarsigner.exe"
C:\Program Files\Internet Explorer\ExtExport.exe
"C:\Program Files\Internet Explorer\ExtExport.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe"
C:\Program Files\Java\jdk-1.8\bin\extcheck.exe
"C:\Program Files\Java\jdk-1.8\bin\extcheck.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\7-Zip\Uninstall.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe"
C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateCore.exe
"C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateCore.exe"
C:\Program Files\Windows Defender\MSASCui.exe
"C:\Program Files\Windows Defender\MSASCui.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\jjs.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\jjs.exe"
C:\Program Files (x86)\Windows Mail\wabmig.exe
"C:\Program Files (x86)\Windows Mail\wabmig.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32Info.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32Info.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\arh.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\arh.exe"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe"
C:\Program Files\Windows Media Player\setup_wm.exe
"C:\Program Files\Windows Media Player\setup_wm.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Internet Explorer\ielowutil.exe
"C:\Program Files\Internet Explorer\ielowutil.exe"
C:\Program Files\Internet Explorer\iediagcmd.exe
"C:\Program Files\Internet Explorer\iediagcmd.exe"
C:\Program Files\Google\Chrome\Application\chrome_proxy.exe
"C:\Program Files\Google\Chrome\Application\chrome_proxy.exe"
C:\Program Files\Internet Explorer\ieinstal.exe
"C:\Program Files\Internet Explorer\ieinstal.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe"
C:\Program Files\Java\jre-1.8\bin\pack200.exe
"C:\Program Files\Java\jre-1.8\bin\pack200.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\kinit.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\kinit.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroTextExtractor.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroTextExtractor.exe"
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\pipanel.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\pipanel.exe"
C:\Program Files\Mozilla Firefox\plugin-container.exe
"C:\Program Files\Mozilla Firefox\plugin-container.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\klist.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\klist.exe"
C:\Program Files\Mozilla Firefox\pingsender.exe
"C:\Program Files\Mozilla Firefox\pingsender.exe"
C:\Program Files (x86)\Google\Update\Install\{16192F7A-F8D4-4DCE-BE88-BF122FCFADB8}\chrome_installer.exe
"C:\Program Files (x86)\Google\Update\Install\{16192F7A-F8D4-4DCE-BE88-BF122FCFADB8}\chrome_installer.exe"
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
OfficeC2RClient.exe /blockinstall
C:\Program Files\Java\jdk-1.8\jre\bin\jp2launcher.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\jp2launcher.exe"
C:\Program Files\Java\jdk-1.8\bin\javaws.exe
"C:\Program Files\Java\jdk-1.8\bin\javaws.exe"
C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
"C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe"
C:\Program Files\Java\jre-1.8\bin\javacpl.exe
"C:\Program Files\Java\jre-1.8\bin\javacpl.exe"
C:\Program Files\Java\jdk-1.8\bin\wsimport.exe
"C:\Program Files\Java\jdk-1.8\bin\wsimport.exe"
C:\Program Files\Microsoft Office\root\Office16\protocolhandler.exe
"C:\Program Files\Microsoft Office\root\Office16\protocolhandler.exe"
C:\Program Files\Microsoft Office\root\Client\AppVDllSurrogate64.exe
"C:\Program Files\Microsoft Office\root\Client\AppVDllSurrogate64.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\rmid.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\rmid.exe"
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe"
C:\Program Files\Java\jdk-1.8\bin\tnameserv.exe
"C:\Program Files\Java\jdk-1.8\bin\tnameserv.exe"
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\FullTrustNotifier.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\FullTrustNotifier.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\pack200.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\pack200.exe"
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Program Files (x86)\Internet Explorer\ielowutil.exe
"C:\Program Files (x86)\Internet Explorer\ielowutil.exe"
C:\Program Files\Java\jdk-1.8\bin\rmic.exe
"C:\Program Files\Java\jdk-1.8\bin\rmic.exe"
C:\Program Files\Java\jre-1.8\bin\javaws.exe
"C:\Program Files\Java\jre-1.8\bin\javaws.exe"
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.exe
"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.exe"
C:\Program Files\Mozilla Firefox\minidump-analyzer.exe
"C:\Program Files\Mozilla Firefox\minidump-analyzer.exe"
C:\Program Files\Microsoft Office\root\Office16\Wordconv.exe
"C:\Program Files\Microsoft Office\root\Office16\Wordconv.exe"
C:\Program Files\Java\jre-1.8\bin\tnameserv.exe
"C:\Program Files\Java\jre-1.8\bin\tnameserv.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe"
C:\Program Files\Microsoft Office\root\Office16\officeappguardwin32.exe
"C:\Program Files\Microsoft Office\root\Office16\officeappguardwin32.exe"
C:\Program Files\Microsoft Office\root\Office16\msoasb.exe
"C:\Program Files\Microsoft Office\root\Office16\msoasb.exe"
C:\Program Files\Windows Media Player\wmlaunch.exe
"C:\Program Files\Windows Media Player\wmlaunch.exe"
C:\Program Files\Microsoft Office\root\Office16\IEContentService.exe
"C:\Program Files\Microsoft Office\root\Office16\IEContentService.exe"
C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateBroker.exe
"C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateBroker.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ADelRCP.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ADelRCP.exe"
C:\Program Files\Java\jre-1.8\bin\kinit.exe
"C:\Program Files\Java\jre-1.8\bin\kinit.exe"
C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateOnDemand.exe
"C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateOnDemand.exe"
C:\Program Files\Windows Defender\NisSrv.exe
"C:\Program Files\Windows Defender\NisSrv.exe"
C:\Program Files\Java\jdk-1.8\bin\servertool.exe
"C:\Program Files\Java\jdk-1.8\bin\servertool.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\servertool.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\servertool.exe"
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe"
C:\Program Files\Java\jre-1.8\bin\keytool.exe
"C:\Program Files\Java\jre-1.8\bin\keytool.exe"
C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_76921\javaw.exe
"C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_76921\javaw.exe"
C:\Program Files\Mozilla Firefox\private_browsing.exe
"C:\Program Files\Mozilla Firefox\private_browsing.exe"
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.DBConnection64.exe
"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.DBConnection64.exe"
C:\Program Files\Java\jre-1.8\bin\orbd.exe
"C:\Program Files\Java\jre-1.8\bin\orbd.exe"
C:\Program Files (x86)\Windows Mail\WinMail.exe
"C:\Program Files (x86)\Windows Mail\WinMail.exe"
C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe
"C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe"
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.ShowHelp.exe
"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.ShowHelp.exe"
C:\Program Files\Windows Media Player\wmpnetwk.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\SQLDumper.exe
"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Analysis Services\AS OLEDB\140\SQLDumper.exe"
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\AppSharingHookController.exe
"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\AppSharingHookController.exe"
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.DBConnection.exe
"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Common.DBConnection.exe"
C:\Program Files\Windows Media Player\wmpnscfg.exe
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
C:\Program Files\Microsoft Office\root\Office16\PerfBoost.exe
"C:\Program Files\Microsoft Office\root\Office16\PerfBoost.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\policytool.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\policytool.exe"
C:\Program Files\Mozilla Firefox\uninstall\helper.exe
"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroBroker.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroBroker.exe"
C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler64.exe
"C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler64.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\keytool.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\keytool.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\jabswitch.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\jabswitch.exe"
C:\Program Files\Java\jre-1.8\bin\ktab.exe
"C:\Program Files\Java\jre-1.8\bin\ktab.exe"
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX40.exe
"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX40.exe"
C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe
"C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe"
C:\Program Files (x86)\Windows Media Player\wmpshare.exe
"C:\Program Files (x86)\Windows Media Player\wmpshare.exe"
C:\Program Files\Mozilla Firefox\maintenanceservice.exe
"C:\Program Files\Mozilla Firefox\maintenanceservice.exe"
C:\Program Files\Windows Defender Advanced Threat Protection\SenseCncProxy.exe
"C:\Program Files\Windows Defender Advanced Threat Protection\SenseCncProxy.exe"
C:\Program Files\Java\jre-1.8\bin\ssvagent.exe
"C:\Program Files\Java\jre-1.8\bin\ssvagent.exe"
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\wow_helper.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\wow_helper.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\ktab.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\ktab.exe"
C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler.exe
"C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler.exe"
C:\Program Files (x86)\Windows Media Player\wmprph.exe
"C:\Program Files (x86)\Windows Media Player\wmprph.exe"
C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
"C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe"
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Windows Defender\MpUXSrv.exe
"C:\Program Files\Windows Defender\MpUXSrv.exe"
C:\Program Files\Windows Defender\MSASCuiL.exe
"C:\Program Files\Windows Defender\MSASCuiL.exe"
C:\Program Files\Windows Defender\ConfigSecurityPolicy.exe
"C:\Program Files\Windows Defender\ConfigSecurityPolicy.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe"
C:\Program Files\Java\jdk-1.8\bin\jstack.exe
"C:\Program Files\Java\jdk-1.8\bin\jstack.exe"
C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\chrome_installer.exe
"C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\106.0.5249.119\chrome_installer.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Eula.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Eula.exe"
C:\Program Files\Windows Security\BrowserCore\BrowserCore.exe
"C:\Program Files\Windows Security\BrowserCore\BrowserCore.exe"
C:\Program Files\Java\jdk-1.8\bin\serialver.exe
"C:\Program Files\Java\jdk-1.8\bin\serialver.exe"
C:\Program Files (x86)\Internet Explorer\ExtExport.exe
"C:\Program Files (x86)\Internet Explorer\ExtExport.exe"
C:\Program Files (x86)\Internet Explorer\iexplore.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\rmiregistry.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\rmiregistry.exe"
C:\Program Files\Windows Defender Advanced Threat Protection\SenseSampleUploader.exe
"C:\Program Files\Windows Defender Advanced Threat Protection\SenseSampleUploader.exe"
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\SmartTagInstall.exe
"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Smart Tag\SmartTagInstall.exe"
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.Loader.exe
"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.Loader.exe"
C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX45.exe
"C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX45.exe"
C:\Program Files\Windows Media Player\wmprph.exe
"C:\Program Files\Windows Media Player\wmprph.exe"
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc8,0xcc,0xd0,0xa4,0xd4,0x7ffbcbb59758,0x7ffbcbb59768,0x7ffbcbb59778
C:\Program Files\Windows Mail\WinMail.exe
"C:\Program Files\Windows Mail\WinMail"
C:\Program Files (x86)\Windows Mail\wab.exe
"C:\Program Files (x86)\Windows Mail\wab.exe"
C:\Program Files\Windows Mail\WinMail.exe
"C:\Program Files\Windows Mail\WinMail.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe"
C:\Program Files\Java\jdk-1.8\bin\wsgen.exe
"C:\Program Files\Java\jdk-1.8\bin\wsgen.exe"
C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe
"C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe"
C:\Program Files\Windows Mail\wab.exe
"C:\Program Files\Windows Mail\wab.exe"
C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_76921\java.exe
"C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_76921\java.exe"
C:\Program Files\Windows Media Player\wmpshare.exe
"C:\Program Files\Windows Media Player\wmpshare.exe"
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
C:\Program Files\Windows Media Player\wmplayer.exe
"C:\Program Files\Windows Media Player\wmplayer.exe"
C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
"C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\LogTransport2.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\LogTransport2.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\32BitMAPIBroker.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\32BitMAPIBroker.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe"
C:\Program Files\Microsoft Office 15\ClientX64\IntegratedOffice.exe
"C:\Program Files\Microsoft Office 15\ClientX64\IntegratedOffice.exe"
C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe
"C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe"
C:\Program Files\Windows Defender\MpCmdRun.exe
"C:\Program Files\Windows Defender\MpCmdRun.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\java-rmi.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\java-rmi.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\javacpl.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\javacpl.exe"
C:\Program Files\Java\jdk-1.8\bin\xjc.exe
"C:\Program Files\Java\jdk-1.8\bin\xjc.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\orbd.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\orbd.exe"
C:\Program Files\Mozilla Firefox\crashreporter.exe
"C:\Program Files\Mozilla Firefox\crashreporter.exe"
C:\Program Files\Mozilla Firefox\updater.exe
"C:\Program Files\Mozilla Firefox\updater.exe"
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe"
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\filecompare.exe
"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\filecompare.exe"
C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe"
C:\Program Files\Windows Media Player\wmpconfig.exe
"C:\Program Files\Windows Media Player\wmpconfig.exe"
C:\Program Files\Windows Photo Viewer\ImagingDevices.exe
"C:\Program Files\Windows Photo Viewer\ImagingDevices.exe"
C:\Program Files\Java\jdk-1.8\bin\unpack200.exe
"C:\Program Files\Java\jdk-1.8\bin\unpack200.exe"
C:\Program Files (x86)\Windows Media Player\wmlaunch.exe
"C:\Program Files (x86)\Windows Media Player\wmlaunch.exe"
C:\Program Files (x86)\Windows Media Player\setup_wm.exe
"C:\Program Files (x86)\Windows Media Player\setup_wm.exe"
C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateSetup.exe
"C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateSetup.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\javaws.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\javaws.exe"
C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\ohub32.exe
"C:\Program Files\Microsoft Office\root\vfs\Windows\Installer\{90160000-000F-0000-1000-0000000FF1CE}\ohub32.exe"
C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_76921\javaws.exe
"C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_76921\javaws.exe"
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaws.exe
"C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaws.exe"
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe"
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe"
C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
"C:\Program Files (x86)\Windows Media Player\wmpconfig.exe"
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
"C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\SQLDumper.exe
"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\140\SQLDumper.exe"
C:\Program Files\Mozilla Firefox\default-browser-agent.exe
"C:\Program Files\Mozilla Firefox\default-browser-agent.exe"
C:\Program Files\Windows NT\Accessories\wordpad.exe
"C:\Program Files\Windows NT\Accessories\wordpad.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\java.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\java.exe"
C:\Program Files\Windows Defender\Offline\OfflineScannerShell.exe
"C:\Program Files\Windows Defender\Offline\OfflineScannerShell.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\javaw.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\javaw.exe"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\64BitMAPIBroker.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\64BitMAPIBroker.exe"
C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe"
C:\Program Files\Windows Defender\MsMpEng.exe
"C:\Program Files\Windows Defender\MsMpEng.exe"
C:\Program Files\VideoLAN\VLC\uninstall.exe
"C:\Program Files\VideoLAN\VLC\uninstall.exe"
C:\Program Files\Windows Mail\wabmig.exe
"C:\Program Files\Windows Mail\wabmig.exe"
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
"C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x268,0x26c,0x270,0x244,0x274,0x7ff660147688,0x7ff660147698,0x7ff6601476a8
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe
"C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe"
C:\Program Files\7-Zip\Uninstall.exe
"C:\Program Files\7-Zip\Uninstall.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --force-first-run
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc8,0xcc,0xd0,0xa4,0xd4,0x7ffbcbb59758,0x7ffbcbb59768,0x7ffbcbb59778
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -private-window
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -private-window
C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe
"C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=C:\Program Files (x86)\Mozilla Maintenance Service\
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
OfficeClickToRun.exe platform=
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ink\FlickLearningWizard.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ink\mip.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\chrome_proxy.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Internet Explorer\ExtExport.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Internet Explorer\iediagcmd.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"
C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
"C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe"
C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe
"C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe"
C:\Program Files\Common Files\microsoft shared\ink\mip.exe
"C:\Program Files\Common Files\microsoft shared\ink\mip.exe"
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
"C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe"
C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe
"C:\Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe"
C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe
"C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome_proxy.exe
"C:\Program Files\Google\Chrome\Application\chrome_proxy.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe"
C:\Program Files\Internet Explorer\ExtExport.exe
"C:\Program Files\Internet Explorer\ExtExport.exe"
C:\Program Files\Internet Explorer\iediagcmd.exe
"C:\Program Files\Internet Explorer\iediagcmd.exe"
C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
"C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"
C:\Program Files\Common Files\microsoft shared\ink\FlickLearningWizard.exe
"C:\Program Files\Common Files\microsoft shared\ink\FlickLearningWizard.exe"
C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe
"C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe"
C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe
"C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe" _?=C:\Program Files\Mozilla Firefox\uninstall\
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -Xbootclasspath/a:"C:\Program Files\Java\jre-1.8\bin\..\lib\deploy.jar" -Djava.locale.providers=HOST,JRE,SPI -Djdk.disableLastUsageTracking -Dsun.java2d.dpiaware=true -Duser.home="C:\Users\Admin" com.sun.deploy.panel.ControlPanel
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x25c,0x260,0x264,0x238,0x268,0x7ff76ae97688,0x7ff76ae97698,0x7ff76ae976a8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --force-first-run
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc8,0xcc,0xd0,0xa4,0xd4,0x7ffbcbb59758,0x7ffbcbb59768,0x7ffbcbb59778
C:\Users\Admin\AppData\Local\Temp\7z739F74F4\Uninst.exe
C:\Users\Admin\AppData\Local\Temp\7z739F74F4\Uninst.exe /N /D="C:\Program Files\7-Zip\"
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --reset-config --reset-plugins-cache vlc://quit
C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE
"C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE"
C:\Windows\PrintDialog\PrintDialog.exe
"C:\Windows\PrintDialog\PrintDialog.exe"
C:\Windows\System32\Control.exe
"C:\Windows\System32\Control.exe"
C:\Windows\MiracastView\MiracastView.exe
"C:\Windows\MiracastView\MiracastView.exe"
C:\Windows\system32\cleanmgr.exe
"C:\Windows\system32\cleanmgr.exe"
C:\Windows\system32\dxdiag.exe
"C:\Windows\system32\dxdiag.exe" /x C:\Users\Admin\AppData\Local\Temp\dxdiag.xml
C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE
"C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffbcbb59758,0x7ffbcbb59768,0x7ffbcbb59778
C:\Program Files\Java\jre-1.8\bin\javacpl.exe
"C:\Program Files\Java\jre-1.8\bin\javacpl.exe" -tab about
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -getconfig=1
C:\Windows\hh.exe
"C:\Windows\hh.exe" C:\Program Files\7-Zip\7-zip.chm
C:\Windows\system32\MdSched.exe
"C:\Windows\system32\MdSched.exe"
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\secpol.msc" /s
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" -Iskins
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Internet Explorer\ieinstal.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Internet Explorer\ielowutil.exe"
C:\Program Files\Internet Explorer\ieinstal.exe
"C:\Program Files\Internet Explorer\ieinstal.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Internet Explorer\iexplore.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\extcheck.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\idlj.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jabswitch.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jar.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jarsigner.exe"
C:\Program Files\Internet Explorer\ielowutil.exe
"C:\Program Files\Internet Explorer\ielowutil.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\java-rmi.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\java.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javac.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javadoc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javafxpackager.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javah.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javap.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javapackager.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javaw.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\javaws.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jcmd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jconsole.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jdb.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jdeps.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jhat.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jinfo.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jjs.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jmap.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jps.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jrunscript.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jsadebugd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jstack.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jstat.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\jstatd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\keytool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\kinit.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\klist.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\ktab.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\native2ascii.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\orbd.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\pack200.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\policytool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\rmic.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\rmid.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\rmiregistry.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\schemagen.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\serialver.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\servertool.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\tnameserv.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\unpack200.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\wsgen.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\wsimport.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\bin\xjc.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\jabswitch.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files\Java\jdk-1.8\jre\bin\java-rmi.exe"
C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe
"C:\Program Files\Java\jdk-1.8\bin\appletviewer.exe"
C:\Program Files\Java\jdk-1.8\bin\pack200.exe
"C:\Program Files\Java\jdk-1.8\bin\pack200.exe"
C:\Program Files\Java\jdk-1.8\bin\policytool.exe
"C:\Program Files\Java\jdk-1.8\bin\policytool.exe"
C:\Program Files\Java\jdk-1.8\bin\kinit.exe
"C:\Program Files\Java\jdk-1.8\bin\kinit.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\jabswitch.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\jabswitch.exe"
C:\Program Files\Java\jdk-1.8\bin\xjc.exe
"C:\Program Files\Java\jdk-1.8\bin\xjc.exe"
C:\Program Files\Java\jdk-1.8\bin\rmid.exe
"C:\Program Files\Java\jdk-1.8\bin\rmid.exe"
C:\Program Files\Java\jdk-1.8\bin\schemagen.exe
"C:\Program Files\Java\jdk-1.8\bin\schemagen.exe"
C:\Program Files\Java\jdk-1.8\bin\rmic.exe
"C:\Program Files\Java\jdk-1.8\bin\rmic.exe"
C:\Program Files\Java\jdk-1.8\jre\bin\java-rmi.exe
"C:\Program Files\Java\jdk-1.8\jre\bin\java-rmi.exe"
C:\Program Files\Java\jdk-1.8\bin\unpack200.exe
"C:\Program Files\Java\jdk-1.8\bin\unpack200.exe"
C:\Program Files\Java\jdk-1.8\bin\wsgen.exe
"C:\Program Files\Java\jdk-1.8\bin\wsgen.exe"
C:\Program Files\Java\jdk-1.8\bin\wsimport.exe
"C:\Program Files\Java\jdk-1.8\bin\wsimport.exe"
C:\Program Files\Java\jdk-1.8\bin\serialver.exe
"C:\Program Files\Java\jdk-1.8\bin\serialver.exe"
C:\Program Files\Java\jdk-1.8\bin\tnameserv.exe
"C:\Program Files\Java\jdk-1.8\bin\tnameserv.exe"
C:\Program Files\Java\jdk-1.8\bin\rmiregistry.exe
"C:\Program Files\Java\jdk-1.8\bin\rmiregistry.exe"
C:\Program Files\Java\jdk-1.8\bin\native2ascii.exe
"C:\Program Files\Java\jdk-1.8\bin\native2ascii.exe"
C:\Program Files\Java\jdk-1.8\bin\klist.exe
"C:\Program Files\Java\jdk-1.8\bin\klist.exe"
C:\Program Files\Java\jdk-1.8\bin\ktab.exe
"C:\Program Files\Java\jdk-1.8\bin\ktab.exe"
C:\Program Files\Java\jdk-1.8\bin\orbd.exe
"C:\Program Files\Java\jdk-1.8\bin\orbd.exe"
C:\Program Files\Java\jdk-1.8\bin\extcheck.exe
"C:\Program Files\Java\jdk-1.8\bin\extcheck.exe"
C:\Program Files\Java\jdk-1.8\bin\idlj.exe
"C:\Program Files\Java\jdk-1.8\bin\idlj.exe"
C:\Program Files\Java\jdk-1.8\bin\jar.exe
"C:\Program Files\Java\jdk-1.8\bin\jar.exe"
C:\Program Files\Java\jdk-1.8\bin\jabswitch.exe
"C:\Program Files\Java\jdk-1.8\bin\jabswitch.exe"
C:\Program Files\Java\jdk-1.8\bin\jarsigner.exe
"C:\Program Files\Java\jdk-1.8\bin\jarsigner.exe"
C:\Program Files\Java\jdk-1.8\bin\java.exe
"C:\Program Files\Java\jdk-1.8\bin\java.exe"
C:\Program Files\Java\jdk-1.8\bin\java-rmi.exe
"C:\Program Files\Java\jdk-1.8\bin\java-rmi.exe"
C:\Program Files\Java\jdk-1.8\bin\javafxpackager.exe
"C:\Program Files\Java\jdk-1.8\bin\javafxpackager.exe"
C:\Program Files\Java\jdk-1.8\bin\javac.exe
"C:\Program Files\Java\jdk-1.8\bin\javac.exe"
C:\Program Files\Java\jdk-1.8\bin\javadoc.exe
"C:\Program Files\Java\jdk-1.8\bin\javadoc.exe"
C:\Program Files\Java\jdk-1.8\bin\javah.exe
"C:\Program Files\Java\jdk-1.8\bin\javah.exe"
C:\Program Files\Java\jdk-1.8\bin\javap.exe
"C:\Program Files\Java\jdk-1.8\bin\javap.exe"
C:\Program Files\Java\jdk-1.8\bin\javapackager.exe
"C:\Program Files\Java\jdk-1.8\bin\javapackager.exe"
C:\Program Files\Java\jdk-1.8\bin\jstatd.exe
"C:\Program Files\Java\jdk-1.8\bin\jstatd.exe"
C:\Program Files\Java\jdk-1.8\bin\keytool.exe
"C:\Program Files\Java\jdk-1.8\bin\keytool.exe"
C:\Program Files\Java\jdk-1.8\bin\servertool.exe
"C:\Program Files\Java\jdk-1.8\bin\servertool.exe"
C:\Program Files\Java\jdk-1.8\bin\javaw.exe
"C:\Program Files\Java\jdk-1.8\bin\javaw.exe"
C:\Program Files\Java\jdk-1.8\bin\jdb.exe
"C:\Program Files\Java\jdk-1.8\bin\jdb.exe"
C:\Program Files\Java\jdk-1.8\bin\javaws.exe
"C:\Program Files\Java\jdk-1.8\bin\javaws.exe"
C:\Program Files\Java\jdk-1.8\bin\jcmd.exe
"C:\Program Files\Java\jdk-1.8\bin\jcmd.exe"
C:\Program Files\Java\jdk-1.8\bin\jdeps.exe
"C:\Program Files\Java\jdk-1.8\bin\jdeps.exe"
C:\Program Files\Java\jdk-1.8\bin\jhat.exe
"C:\Program Files\Java\jdk-1.8\bin\jhat.exe"
C:\Program Files\Java\jdk-1.8\bin\jconsole.exe
"C:\Program Files\Java\jdk-1.8\bin\jconsole.exe"
C:\Program Files\Java\jdk-1.8\bin\java.exe
"C:\Program Files\Java\jdk-1.8\bin\java.exe" -Xmx256M "-Djavafx.home=C:\Program Files\Java\jdk-1.8\bin" -classpath "C:\Program Files\Java\jdk-1.8\bin\..\lib\ant-javafx.jar;" com.sun.javafx.tools.packager.Main
C:\Program Files\Java\jdk-1.8\bin\jinfo.exe
"C:\Program Files\Java\jdk-1.8\bin\jinfo.exe"
C:\Program Files\Java\jdk-1.8\bin\jstack.exe
"C:\Program Files\Java\jdk-1.8\bin\jstack.exe"
C:\Program Files\Java\jdk-1.8\bin\jstat.exe
"C:\Program Files\Java\jdk-1.8\bin\jstat.exe"
C:\Program Files\Java\jdk-1.8\bin\jjs.exe
"C:\Program Files\Java\jdk-1.8\bin\jjs.exe"
C:\Program Files\Java\jdk-1.8\bin\jmap.exe
"C:\Program Files\Java\jdk-1.8\bin\jmap.exe"
C:\Program Files\Java\jdk-1.8\bin\jps.exe
"C:\Program Files\Java\jdk-1.8\bin\jps.exe"
C:\Program Files\Java\jdk-1.8\bin\jrunscript.exe
"C:\Program Files\Java\jdk-1.8\bin\jrunscript.exe"
C:\Program Files\Java\jdk-1.8\bin\jsadebugd.exe
"C:\Program Files\Java\jdk-1.8\bin\jsadebugd.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11404.0.1169540198\614822128" -parentBuildID 20221007134813 -prefsHandle 1656 -prefMapHandle 1644 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {581863ed-0637-4c1e-8e34-79c5c6485560} 11404 "\\.\pipe\gecko-crash-server-pipe.11404" 1736 1de0add6a58 gpu
C:\Program Files\Java\jre-1.8\bin\javacpl.exe
"C:\Program Files\Java\jre-1.8\bin\javacpl.exe"
C:\Windows\system32\msinfo32.exe
"C:\Windows\system32\msinfo32.exe"
C:\Program Files\Microsoft Office\root\Client\AppVLP.exe
"C:\Program Files\Microsoft Office\root\Client\AppVLP.exe" "C:\Program Files (x86)\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE"
C:\Windows\system32\quickassist.exe
"C:\Windows\system32\quickassist.exe"
C:\Windows\system32\odbcad32.exe
"C:\Windows\system32\odbcad32.exe"
C:\Program Files\Microsoft Office\root\Client\AppVLP.exe
"C:\Program Files\Microsoft Office\root\Client\AppVLP.exe" "C:\Program Files (x86)\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE"
C:\Program Files\Java\jre-1.8\bin\javacpl.exe
"C:\Program Files\Java\jre-1.8\bin\javacpl.exe" -tab update
C:\Windows\system32\msconfig.exe
"C:\Windows\system32\msconfig.exe"
C:\Program Files\Microsoft Office\root\Office16\msoev.exe
"C:\Program Files\Microsoft Office\root\Office16\msoev.exe"
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\services.msc"
C:\Program Files\Microsoft Office\root\Office16\msotd.exe
"C:\Program Files\Microsoft Office\root\Office16\msotd.exe"
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\taskschd.msc" /s
C:\Windows\system32\psr.exe
"C:\Windows\system32\psr.exe"
C:\Windows\system32\xpsrchvw.exe
"C:\Windows\system32\xpsrchvw.exe"
C:\Windows\system32\iscsicpl.exe
"C:\Windows\system32\iscsicpl.exe"
C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
"C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE"
C:\Windows\system32\SnippingTool.exe
"C:\Windows\system32\SnippingTool.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11404.1.679283393\39726111" -parentBuildID 20221007134813 -prefsHandle 2076 -prefMapHandle 2072 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8b0a91e2-8eea-4814-b3e2-1e387b3c316a} 11404 "\\.\pipe\gecko-crash-server-pipe.11404" 2112 1de0a53ee58 socket
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\perfmon.msc" /s
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11092.0.1824645030\1854155088" -parentBuildID 20221007134813 -prefsHandle 1568 -prefMapHandle 1564 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {93289ea3-05f2-480e-94b2-140d5820ed6a} 11092 "\\.\pipe\gecko-crash-server-pipe.11092" 1660 2b12b4d8f58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11092.1.1020592828\1313633521" -parentBuildID 20221007134813 -prefsHandle 1828 -prefMapHandle 1824 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7904390f-fae0-41a2-9030-52c75b7d678c} 11092 "\\.\pipe\gecko-crash-server-pipe.11092" 1844 2b12b945858 socket
C:\Program Files\Common Files\Microsoft Shared\Ink\ShapeCollector.exe
"C:\Program Files\Common Files\Microsoft Shared\Ink\ShapeCollector.exe" -Embedding
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="8564.0.233585041\1334335220" -parentBuildID 20221007134813 -prefsHandle 1568 -prefMapHandle 1552 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eeeb4311-ce40-4bf5-adce-58353c11081a} 8564 "\\.\pipe\gecko-crash-server-pipe.8564" 1664 266ff9d6558 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9120.0.457349199\112127400" -parentBuildID 20221007134813 -prefsHandle 1580 -prefMapHandle 1568 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2163a1c5-b283-478a-b638-94cbf0f543f2} 9120 "\\.\pipe\gecko-crash-server-pipe.9120" 1660 1559f9d7a58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11484.0.1712151185\1859443156" -parentBuildID 20221007134813 -prefsHandle 1572 -prefMapHandle 1560 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {62994a1a-b285-4d3f-aa5b-9c3d6e90a4bb} 11484 "\\.\pipe\gecko-crash-server-pipe.11484" 1664 2098b6d7758 gpu
C:\Program Files\Microsoft Office\root\Integration\Addons\OneDriveSetup.exe
C:\Program Files\Microsoft Office\root\Integration\Addons\OneDriveSetup.exe /peruser /childprocess
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9008.0.30342269\1245351009" -parentBuildID 20221007134813 -prefsHandle 1572 -prefMapHandle 1560 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8ea4f335-157b-4b75-82da-836b371577e8} 9008 "\\.\pipe\gecko-crash-server-pipe.9008" 1664 2402e3d9e58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11452.0.1514265213\407016924" -parentBuildID 20221007134813 -prefsHandle 1564 -prefMapHandle 1560 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5aa0bb25-a674-471c-b5d0-eef9e28deedc} 11452 "\\.\pipe\gecko-crash-server-pipe.11452" 1664 227fb7d8c58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11420.0.2110290712\1732532950" -parentBuildID 20221007134813 -prefsHandle 1580 -prefMapHandle 1576 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {336d0ac9-70d4-4dc7-9533-03bf6c6ef257} 11420 "\\.\pipe\gecko-crash-server-pipe.11420" 1660 1614c8d9e58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11436.0.1941447061\1308165250" -parentBuildID 20221007134813 -prefsHandle 1584 -prefMapHandle 1572 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1312234a-1a8a-4b70-b83e-d9f6fbac8902} 11436 "\\.\pipe\gecko-crash-server-pipe.11436" 1668 25438bd8958 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11476.0.2113803078\1805802598" -parentBuildID 20221007134813 -prefsHandle 1584 -prefMapHandle 1572 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7aea9db1-f645-4293-99f8-8a061fe80ad5} 11476 "\\.\pipe\gecko-crash-server-pipe.11476" 1664 1c06f3d9858 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11364.0.623963590\1277008348" -parentBuildID 20221007134813 -prefsHandle 1572 -prefMapHandle 1560 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {08a757d1-b54f-4334-bab5-e5e799502de1} 11364 "\\.\pipe\gecko-crash-server-pipe.11364" 1664 194974d8c58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="8564.1.818245985\672215864" -parentBuildID 20221007134813 -prefsHandle 1816 -prefMapHandle 1788 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4e405c86-6aa2-48e2-830b-a5e428b1353a} 8564 "\\.\pipe\gecko-crash-server-pipe.8564" 1836 266ffe48658 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11484.1.583537922\205739075" -parentBuildID 20221007134813 -prefsHandle 1768 -prefMapHandle 1772 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0bbad60-91ae-4d94-8049-ea89e6225d11} 11484 "\\.\pipe\gecko-crash-server-pipe.11484" 1836 2098bb46158 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11444.0.430887841\1306149360" -parentBuildID 20221007134813 -prefsHandle 1568 -prefMapHandle 1564 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0990b5a8-0e9a-4076-b059-5712befbe341} 11444 "\\.\pipe\gecko-crash-server-pipe.11444" 1660 2aaf59d8658 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9120.1.1228483759\1738584130" -parentBuildID 20221007134813 -prefsHandle 1832 -prefMapHandle 1828 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {45b5aba6-ae8b-4dcb-a412-8971761f0862} 9120 "\\.\pipe\gecko-crash-server-pipe.9120" 1780 1559f849858 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11420.1.507025192\1695493442" -parentBuildID 20221007134813 -prefsHandle 1820 -prefMapHandle 1816 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e84d83fa-7cb1-44ea-b12b-d172a4a8df7d} 11420 "\\.\pipe\gecko-crash-server-pipe.11420" 1840 1614cd46358 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11452.1.921980141\1671367083" -parentBuildID 20221007134813 -prefsHandle 1824 -prefMapHandle 1820 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {996a2fe5-9243-460f-86cc-96e400cd2a22} 11452 "\\.\pipe\gecko-crash-server-pipe.11452" 1836 227fb646658 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9008.1.1451475230\1638474674" -parentBuildID 20221007134813 -prefsHandle 1816 -prefMapHandle 1812 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3d9bb3b8-cb2b-46ab-913d-a8dac552919a} 9008 "\\.\pipe\gecko-crash-server-pipe.9008" 1836 2402e847558 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11316.0.651789674\1233926857" -parentBuildID 20221007134813 -prefsHandle 1572 -prefMapHandle 1560 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c3a8fb61-9bea-41ae-bb09-80f0da17ba78} 11316 "\\.\pipe\gecko-crash-server-pipe.11316" 1664 1527fed8358 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11436.1.835723869\1563109005" -parentBuildID 20221007134813 -prefsHandle 1840 -prefMapHandle 1836 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c84daaea-5ef6-49d1-8f13-eec72a181afb} 11436 "\\.\pipe\gecko-crash-server-pipe.11436" 1860 2543904c558 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11004.0.404312754\724068161" -parentBuildID 20221007134813 -prefsHandle 1568 -prefMapHandle 1544 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ede29384-1355-46de-be72-8a4848a4de7e} 11004 "\\.\pipe\gecko-crash-server-pipe.11004" 1660 1b5228d8658 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11476.1.2116700809\1795802637" -parentBuildID 20221007134813 -prefsHandle 1816 -prefMapHandle 1812 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dd18bd6a-5fce-422e-ba4b-71e54bbcfdd7} 11476 "\\.\pipe\gecko-crash-server-pipe.11476" 1836 1c06f246b58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11372.0.656172110\1308513480" -parentBuildID 20221007134813 -prefsHandle 1572 -prefMapHandle 1564 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f7c9ebd2-f430-4190-a490-a2a8de5f2f0b} 11372 "\\.\pipe\gecko-crash-server-pipe.11372" 1664 27e90bd7758 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11444.1.1678805586\418117223" -parentBuildID 20221007134813 -prefsHandle 1828 -prefMapHandle 1824 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f1db7826-1255-4677-9849-de777a233a2f} 11444 "\\.\pipe\gecko-crash-server-pipe.11444" 1840 2aaf5844858 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11396.0.790041030\169064020" -parentBuildID 20221007134813 -prefsHandle 1572 -prefMapHandle 1568 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9bd31b3d-638d-47f3-b455-34c4f55aec7d} 11396 "\\.\pipe\gecko-crash-server-pipe.11396" 1660 2aefd2d8f58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11364.1.483223572\262259343" -parentBuildID 20221007134813 -prefsHandle 1820 -prefMapHandle 1816 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7a08470e-db66-428b-b05f-816c5f1e2f95} 11364 "\\.\pipe\gecko-crash-server-pipe.11364" 1832 19497946858 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11468.0.882186688\404238852" -parentBuildID 20221007134813 -prefsHandle 1568 -prefMapHandle 1556 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2c670fd3-6061-418c-a682-812ead71c925} 11468 "\\.\pipe\gecko-crash-server-pipe.11468" 1660 1f066fd6458 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11316.1.1343047075\778972587" -parentBuildID 20221007134813 -prefsHandle 1816 -prefMapHandle 1812 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8730a9e6-b969-4911-bedc-b14c8eb56870} 11316 "\\.\pipe\gecko-crash-server-pipe.11316" 1836 1527fd49b58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11004.1.563849402\1639936709" -parentBuildID 20221007134813 -prefsHandle 1820 -prefMapHandle 1816 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b52d1125-447e-45b0-995b-bf3d69ebaedf} 11004 "\\.\pipe\gecko-crash-server-pipe.11004" 1832 1b522d4c558 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11396.1.105137633\939164912" -parentBuildID 20221007134813 -prefsHandle 1844 -prefMapHandle 1828 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b0b2115c-ce75-4961-b83e-f014f95072bc} 11396 "\\.\pipe\gecko-crash-server-pipe.11396" 1856 2aefd146b58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11372.1.541590973\52756736" -parentBuildID 20221007134813 -prefsHandle 1824 -prefMapHandle 1820 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {82af51f4-fd55-4c2b-81bb-03149546433a} 11372 "\\.\pipe\gecko-crash-server-pipe.11372" 1836 27e91045a58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11552.0.652502483\1311008840" -parentBuildID 20221007134813 -prefsHandle 1588 -prefMapHandle 1576 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2eea8f3-2c76-4abc-855b-3f9a857b7c69} 11552 "\\.\pipe\gecko-crash-server-pipe.11552" 1660 2d79e8d9858 gpu
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -Xbootclasspath/a:"C:\Program Files\Java\jre-1.8\bin\..\lib\deploy.jar" -Djava.locale.providers=HOST,JRE,SPI -Djdk.disableLastUsageTracking -Dsun.java2d.dpiaware=true -Duser.home="C:\Users\Admin" com.sun.deploy.panel.ControlPanel -tab about
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11468.1.783264922\1846334136" -parentBuildID 20221007134813 -prefsHandle 1824 -prefMapHandle 1820 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3e939369-334c-4d37-97a8-a49d97a530e0} 11468 "\\.\pipe\gecko-crash-server-pipe.11468" 1836 1f067446b58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11552.1.2034595232\676979339" -parentBuildID 20221007134813 -prefsHandle 1832 -prefMapHandle 1828 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {da34a7a4-85c4-4e9d-a97a-4fc8eca8eff5} 11552 "\\.\pipe\gecko-crash-server-pipe.11552" 1780 2d79ed47858 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11176.0.1770997130\184005712" -parentBuildID 20221007134813 -prefsHandle 1568 -prefMapHandle 1556 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ce640afd-43f7-4637-914c-e8eeedfae5d8} 11176 "\\.\pipe\gecko-crash-server-pipe.11176" 1696 203ae2d6758 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11176.1.1950437284\1552719349" -parentBuildID 20221007134813 -prefsHandle 1820 -prefMapHandle 1816 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5393f66a-a770-4111-a6ac-b44e37c79f9e} 11176 "\\.\pipe\gecko-crash-server-pipe.11176" 1832 203ae749558 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11460.0.1926238970\1233449759" -parentBuildID 20221007134813 -prefsHandle 1576 -prefMapHandle 1556 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5188e0ce-afa4-4409-8000-8f4d9d1462da} 11460 "\\.\pipe\gecko-crash-server-pipe.11460" 1668 20b944d7a58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11460.1.140277815\271965797" -parentBuildID 20221007134813 -prefsHandle 1828 -prefMapHandle 1824 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9dbfc265-d70c-4597-8b44-da3f9d8c1cc9} 11460 "\\.\pipe\gecko-crash-server-pipe.11460" 1840 20b94945858 socket
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -Xbootclasspath/a:"C:\Program Files\Java\jre-1.8\bin\..\lib\deploy.jar" -Djava.locale.providers=HOST,JRE,SPI -Djdk.disableLastUsageTracking -Dsun.java2d.dpiaware=true -Duser.home="C:\Users\Admin" com.sun.deploy.panel.ControlPanel -tab update
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -Xbootclasspath/a:"C:\Program Files\Java\jre-1.8\bin\..\lib\deploy.jar" -Djava.locale.providers=HOST,JRE,SPI -Djdk.disableLastUsageTracking -Dsun.java2d.dpiaware=true -Duser.home="C:\Users\Admin" com.sun.deploy.panel.ControlPanel
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11348.0.1900397327\211704250" -parentBuildID 20221007134813 -prefsHandle 1572 -prefMapHandle 1564 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c02a0be4-9ae5-4394-87de-c02c26fded85} 11348 "\\.\pipe\gecko-crash-server-pipe.11348" 1660 183feed8958 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11816.0.1473749367\1048141786" -parentBuildID 20221007134813 -prefsHandle 1588 -prefMapHandle 1576 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {15bbe6d2-a877-4b27-bab5-6c962e6cce2b} 11816 "\\.\pipe\gecko-crash-server-pipe.11816" 1544 26d3a1d8958 gpu
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE
"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE"
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe" 7792 "C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems32.dll" 1
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE
"C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE"
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe" 25104 "C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems32.dll" 1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11348.1.473800961\1762295055" -parentBuildID 20221007134813 -prefsHandle 1832 -prefMapHandle 1828 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {373088ff-3919-401e-8561-ff59b1e95b1b} 11348 "\\.\pipe\gecko-crash-server-pipe.11348" 1844 183ff34a458 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11816.1.1425982730\32152734" -parentBuildID 20221007134813 -prefsHandle 1844 -prefMapHandle 1840 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {82b0f9b6-e747-4fc8-9cc0-a1405e7a1e49} 11816 "\\.\pipe\gecko-crash-server-pipe.11816" 1856 26d3a644258 socket
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe" 7792 "C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems32.dll" 1
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe" 25104 "C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems32.dll" 1
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\comexp.msc"
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\compmgmt.msc" /s
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" /t "C:\Program Files\Microsoft Office\Root\Office16\1033\TelemetryDashboard.xltx" /x
C:\Windows\system32\perfmon.exe
"C:\Windows\system32\perfmon.exe" /res
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" /t "C:\Program Files\Microsoft Office\Root\Office16\1033\TelemetryLog.xltx" /x
C:\Windows\Speech\Common\sapisvr.exe
"C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\WF.msc"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11536.0.970058898\359950419" -parentBuildID 20221007134813 -prefsHandle 1556 -prefMapHandle 1576 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ad7f0228-fd97-451d-a8db-a09b5900df91} 11536 "\\.\pipe\gecko-crash-server-pipe.11536" 1668 157aaed6d58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11536.1.255864267\653374640" -parentBuildID 20221007134813 -prefsHandle 1756 -prefMapHandle 1760 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2920bf8b-ef8e-43db-8c96-70dce0ad86f7} 11536 "\\.\pipe\gecko-crash-server-pipe.11536" 1844 157aad46058 socket
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\fc29075d2ea84af2a48078dbae1c3b33 /t 3456 /p 3332
C:\Windows\system32\dxdiag.exe
"C:\Windows\system32\dxdiag.exe" /x C:\Users\Admin\AppData\Local\Temp\dxdiag.xml
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11012.0.1541022805\1210387871" -parentBuildID 20221007134813 -prefsHandle 1584 -prefMapHandle 1576 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8e1c0e7f-9f0f-4633-99e4-ea72ef7e8fd4} 11012 "\\.\pipe\gecko-crash-server-pipe.11012" 1664 214286d7a58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="10972.0.993340632\2145151674" -parentBuildID 20221007134813 -prefsHandle 1576 -prefMapHandle 1568 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bdd00e4a-4a30-43f3-b32e-b92086e6e44e} 10972 "\\.\pipe\gecko-crash-server-pipe.10972" 1664 250497d8c58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11012.1.632429812\1745176199" -parentBuildID 20221007134813 -prefsHandle 1824 -prefMapHandle 1820 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c3c7ef47-2d65-486e-b3fc-7aaca0f03613} 11012 "\\.\pipe\gecko-crash-server-pipe.11012" 1836 21428546958 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="10972.1.1843122908\89907923" -parentBuildID 20221007134813 -prefsHandle 1816 -prefMapHandle 1812 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {41aae28b-129a-4814-9082-e728ef742f8a} 10972 "\\.\pipe\gecko-crash-server-pipe.10972" 1836 25049647558 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="10980.0.1341074609\1359064411" -parentBuildID 20221007134813 -prefsHandle 1572 -prefMapHandle 1560 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd036690-0cd5-498d-a1d2-0b18840f7069} 10980 "\\.\pipe\gecko-crash-server-pipe.10980" 1664 1feccdd8658 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11528.0.806294893\1208535574" -parentBuildID 20221007134813 -prefsHandle 1560 -prefMapHandle 1564 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8770e940-2c92-480c-a069-a91a3d6ae8c3} 11528 "\\.\pipe\gecko-crash-server-pipe.11528" 1664 1d820ad7758 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11808.0.1642097831\1127419238" -parentBuildID 20221007134813 -prefsHandle 1552 -prefMapHandle 1560 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {55c35c47-cfb9-403e-91d7-b254f930f5dd} 11808 "\\.\pipe\gecko-crash-server-pipe.11808" 1656 1dd563d8958 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="10980.1.412342255\109123069" -parentBuildID 20221007134813 -prefsHandle 1816 -prefMapHandle 1812 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f0237f4-fa91-4527-8d4c-58b9f8e40b74} 10980 "\\.\pipe\gecko-crash-server-pipe.10980" 1836 1feccc47258 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11020.0.221633566\85723719" -parentBuildID 20221007134813 -prefsHandle 1564 -prefMapHandle 1552 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {39450362-9649-4065-9d12-56dadb82c7b8} 11020 "\\.\pipe\gecko-crash-server-pipe.11020" 1656 272f5ed6458 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11528.1.529012519\378734285" -parentBuildID 20221007134813 -prefsHandle 1816 -prefMapHandle 1752 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {86d7b356-f4aa-42a1-af0a-0a47d559c304} 11528 "\\.\pipe\gecko-crash-server-pipe.11528" 1836 1d820f42c58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11168.0.1881426440\208465745" -parentBuildID 20221007134813 -prefsHandle 1540 -prefMapHandle 524 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e32ef6d4-3cf3-4651-8c20-339b716290a2} 11168 "\\.\pipe\gecko-crash-server-pipe.11168" 1660 1b9fffd9558 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="11808.1.483214982\1482745036" -parentBuildID 20221007134813 -prefsHandle 1812 -prefMapHandle 1808 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b366c4ce-5f78-48e2-9952-be56efb97708} 11808 "\\.\pipe\gecko-crash-server-pipe.11808" 1828 1dd56246b58 socket
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 240.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.28.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | javadl-esd-secure.oracle.com | udp |
| US | 8.8.8.8:53 | 255.255.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.28.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.0.0.0.1.0.f.9.8.c.5.1.9.d.0.0.0.0.0.0.0.0.1.0.c.f.0.0.0.0.0.e.ip6.arpa | udp |
| US | 8.8.8.8:53 | 3.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa | udp |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 52.111.227.14:443 | tcp | |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| GB | 2.22.96.153:443 | javadl-esd-secure.oracle.com | tcp |
| US | 8.8.8.8:53 | 16.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.5.0.0.0.0.0.1.0.f.9.9.9.0.6.6.1.2.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 153.96.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.5.d.d.5.e.0.c.ip6.arpa | udp |
| US | 8.8.8.8:53 | 105.246.116.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | detectportal.firefox.com | udp |
| US | 8.8.8.8:53 | hl2rcv.adobe.com | udp |
| US | 8.8.8.8:53 | 97.32.109.52.in-addr.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 8.8.8.8:53 | prod.detectportal.prod.cloudops.mozgcp.net | udp |
| US | 34.107.221.82:80 | prod.detectportal.prod.cloudops.mozgcp.net | tcp |
| US | 34.107.221.82:80 | prod.detectportal.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.detectportal.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | 82.221.107.34.in-addr.arpa | udp |
| US | 34.107.221.82:80 | prod.detectportal.prod.cloudops.mozgcp.net | tcp |
| US | 34.107.221.82:80 | prod.detectportal.prod.cloudops.mozgcp.net | tcp |
| US | 192.147.130.244:443 | hl2rcv.adobe.com | tcp |
| US | 34.107.221.82:80 | prod.detectportal.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | 244.130.147.192.in-addr.arpa | udp |
| US | 34.107.221.82:80 | prod.detectportal.prod.cloudops.mozgcp.net | tcp |
| US | 34.107.221.82:80 | prod.detectportal.prod.cloudops.mozgcp.net | tcp |
| US | 34.107.221.82:80 | prod.detectportal.prod.cloudops.mozgcp.net | tcp |
| US | 34.107.221.82:80 | prod.detectportal.prod.cloudops.mozgcp.net | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI43842\python312.dll
| MD5 | 3c388ce47c0d9117d2a50b3fa5ac981d |
| SHA1 | 038484ff7460d03d1d36c23f0de4874cbaea2c48 |
| SHA256 | c98ba3354a7d1f69bdca42560feec933ccba93afcc707391049a065e1079cddb |
| SHA512 | e529c5c1c028be01e44a156cd0e7cad0a24b5f91e5d34697fafc395b63e37780dc0fac8f4c5d075ad8fe4bd15d62a250b818ff3d4ead1e281530a4c7e3ce6d35 |
C:\Users\Admin\AppData\Local\Temp\_MEI43842\VCRUNTIME140.dll
| MD5 | be8dbe2dc77ebe7f88f910c61aec691a |
| SHA1 | a19f08bb2b1c1de5bb61daf9f2304531321e0e40 |
| SHA256 | 4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83 |
| SHA512 | 0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655 |
C:\Users\Admin\AppData\Local\Temp\_MEI43842\base_library.zip
| MD5 | 8dad91add129dca41dd17a332a64d593 |
| SHA1 | 70a4ec5a17ed63caf2407bd76dc116aca7765c0d |
| SHA256 | 8de4f013bfecb9431aabaa97bb084fb7de127b365b9478d6f7610959bf0d2783 |
| SHA512 | 2163414bc01fc30d47d1de763a8332afe96ea7b296665b1a0840d5197b7e56f4963938e69de35cd2bf89158e5e2240a1650d00d86634ac2a5e2ad825455a2d50 |
C:\Users\Admin\AppData\Local\Temp\_MEI43842\libcrypto-3.dll
| MD5 | e547cf6d296a88f5b1c352c116df7c0c |
| SHA1 | cafa14e0367f7c13ad140fd556f10f320a039783 |
| SHA256 | 05fe080eab7fc535c51e10c1bd76a2f3e6217f9c91a25034774588881c3f99de |
| SHA512 | 9f42edf04c7af350a00fa4fdf92b8e2e6f47ab9d2d41491985b20cd0adde4f694253399f6a88f4bdd765c4f49792f25fb01e84ec03fd5d0be8bb61773d77d74d |
C:\Users\Admin\AppData\Local\Temp\_MEI43842\_socket.pyd
| MD5 | dc06f8d5508be059eae9e29d5ba7e9ec |
| SHA1 | d666c88979075d3b0c6fd3be7c595e83e0cb4e82 |
| SHA256 | 7daff6aa3851a913ed97995702a5dfb8a27cb7cf00fb496597be777228d7564a |
| SHA512 | 57eb36bc1e9be20c85c34b0a535b2349cb13405d60e752016e23603c4648939f1150e4dbebc01ec7b43eb1a6947c182ccb8a806e7e72167ad2e9d98d1fd94ab3 |
C:\Users\Admin\AppData\Local\Temp\_MEI43842\_lzma.pyd
| MD5 | 05e8b2c429aff98b3ae6adc842fb56a3 |
| SHA1 | 834ddbced68db4fe17c283ab63b2faa2e4163824 |
| SHA256 | a6e2a5bb7a33ad9054f178786a031a46ea560faeef1fb96259331500aae9154c |
| SHA512 | badeb99795b89bc7c1f0c36becc7a0b2ce99ecfd6f6bb493bda24b8e57e6712e23f4c509c96a28bc05200910beddc9f1536416bbc922331cae698e813cbb50b3 |
C:\Users\Admin\AppData\Local\Temp\_MEI43842\_hashlib.pyd
| MD5 | eedb6d834d96a3dffffb1f65b5f7e5be |
| SHA1 | ed6735cfdd0d1ec21c7568a9923eb377e54b308d |
| SHA256 | 79c4cde23397b9a35b54a3c2298b3c7a844454f4387cb0693f15e4facd227dd2 |
| SHA512 | 527bd7bb2f4031416762595f4ce24cbc6254a50eaf2cc160b930950c4f2b3f5e245a486972148c535f8cd80c78ec6fa8c9a062085d60db8f23d4b21e8ae4c0ad |
C:\Users\Admin\AppData\Local\Temp\_MEI43842\_decimal.pyd
| MD5 | 3055edf761508190b576e9bf904003aa |
| SHA1 | f0dc8d882b5cd7955cc6dfc8f9834f70a83c7890 |
| SHA256 | e4104e47399d3f635a14d649f61250e9fd37f7e65c81ffe11f099923f8532577 |
| SHA512 | 87538fe20bd2c1150a8fefd0478ffd32e2a9c59d22290464bf5dfb917f6ac7ec874f8b1c70d643a4dc3dd32cbe17e7ea40c0be3ea9dd07039d94ab316f752248 |
C:\Users\Admin\AppData\Local\Temp\_MEI43842\_bz2.pyd
| MD5 | 223fd6748cae86e8c2d5618085c768ac |
| SHA1 | dcb589f2265728fe97156814cbe6ff3303cd05d3 |
| SHA256 | f81dc49eac5ecc528e628175add2ff6bda695a93ea76671d7187155aa6326abb |
| SHA512 | 9c22c178417b82e68f71e5b7fe7c0c0a77184ee12bd0dc049373eace7fa66c89458164d124a9167ae760ff9d384b78ca91001e5c151a51ad80c824066b8ecce6 |
C:\Users\Admin\AppData\Local\Temp\_MEI43842\unicodedata.pyd
| MD5 | 16be9a6f941f1a2cb6b5fca766309b2c |
| SHA1 | 17b23ae0e6a11d5b8159c748073e36a936f3316a |
| SHA256 | 10ffd5207eeff5a836b330b237d766365d746c30e01abf0fd01f78548d1f1b04 |
| SHA512 | 64b7ecc58ae7cf128f03a0d5d5428aaa0d4ad4ae7e7d19be0ea819bbbf99503836bfe4946df8ee3ab8a92331fdd002ab9a9de5146af3e86fef789ce46810796b |
C:\Users\Admin\AppData\Local\Temp\_MEI43842\select.pyd
| MD5 | 92b440ca45447ec33e884752e4c65b07 |
| SHA1 | 5477e21bb511cc33c988140521a4f8c11a427bcc |
| SHA256 | 680df34fb908c49410ac5f68a8c05d92858acd111e62d1194d15bdce520bd6c3 |
| SHA512 | 40e60e1d1445592c5e8eb352a4052db28b1739a29e16b884b0ba15917b058e66196988214ce473ba158704837b101a13195d5e48cb1dc2f07262dfecfe8d8191 |
memory/8024-57-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
memory/5556-79-0x0000015A1DBD0000-0x0000015A1DBD1000-memory.dmp
memory/8024-75-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
memory/8024-81-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
memory/8024-65-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
memory/7768-84-0x000001347C620000-0x000001347C621000-memory.dmp
memory/5952-85-0x00000299C06B0000-0x00000299C06B1000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 0557616148dec595d1f7addebc9f086e |
| SHA1 | 403b983149ec98e6a5650479995364ae05a2b339 |
| SHA256 | 7c9c9691ee4a1c65e28fb8ea64eb58d4503e20cebf1c83bd6ef51204d7744cd3 |
| SHA512 | c87296afe89f3c59f2c2e4dd65902ba84492c73f99fca09ac3bc87415b94ac5b0609a4d5ec316a436ab1e977dfe6250d3315388b5093dec0aab8f9541aa62c20 |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
| MD5 | 0bce928d11d38b364602b6797d9cee04 |
| SHA1 | 5d546b897653f7ada5c1537a75d4e1528e38c0f9 |
| SHA256 | 3bc674bc39fb7507507a2c8e30c791292f82f796e186cd527f793077dcb72a0c |
| SHA512 | 9cdbe991b3a2cf6a0780ccafde1c9ceb2423331dfb3af5eaa47ad5d269f327b541b45c8dd472e9797c18d18c9cd9ed7e6987d7d28030eb07eaa60707c180a7aa |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | a774433da923673bc7a7e59111c09c24 |
| SHA1 | c5aac0367c17607173567d62ee2d87e88c532bf2 |
| SHA256 | cb46e559df16b7786296cf1aa21304e2c6b14418f07c53048ef8706e14795e23 |
| SHA512 | fa3ed8d1d6398b67ec9011a1ce7bc7628719d2dd51e479a052b5cc5326f28e54476eab361d715df075127999995ca5810f4599a60a91a9a0af47a5c8ac3548f3 |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 1298691d7759f5344cfac5c81ec90e14 |
| SHA1 | 96b46723856b5dbbf8e0e36330a0b2d5ba29e366 |
| SHA256 | 3580bcedc5a8ce3456d4003b33e67c4738a3252d93c5165b8ad81e0b0d2007fe |
| SHA512 | c7a51e416a67775656551821106a84c15e3e0667f25b78a1cb67fcde695d1a9076299f6e9f2ee5d80dd277eefeffe6c08e19621a687ca797820a27fd11117684 |
memory/5952-141-0x00000299C06B0000-0x00000299C06B1000-memory.dmp
memory/436-302-0x000001B1557F0000-0x000001B1557F1000-memory.dmp
memory/5440-329-0x000002EFD38C0000-0x000002EFD38C1000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
| MD5 | 72811158f2f24514d65477cf327bda39 |
| SHA1 | a5ee43654d84d430c3a90f16ab50fe8b25af2d93 |
| SHA256 | a930491f29070e7a84f2b7c07cc32ebcf6a4e96e115eb353bff20598d419d799 |
| SHA512 | ecd9b072f5be2108cabb3cd4e26b2acc237eb61cf0b38bf1fbac7503cae3d8baed7fc9092b5fc6f7c59a891649d37151653ca587f233db6b650026b2ee1622da |
memory/8056-416-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
memory/628-388-0x000001EBE9170000-0x000001EBE9171000-memory.dmp
memory/5184-449-0x000001F58EF50000-0x000001F58EF51000-memory.dmp
memory/7784-447-0x000002A89C260000-0x000002A89C261000-memory.dmp
memory/8812-414-0x0000000000030000-0x000000000003E000-memory.dmp
memory/7784-413-0x000002A89C260000-0x000002A89C261000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | b26b38f1c798c889eac6fa11cbd4d35c |
| SHA1 | f9545afd920e12948c834b583676c7179c1855a8 |
| SHA256 | 54a27d0536f8651ec8905a24b9e7215e88a1dbe936fafc5432f4c03f22273540 |
| SHA512 | 94dd89877633e557258e488c473f14c4287c764dc748290137a5b514f21b81c6f2bbef92a04965ed19628eb7b8336670c05c094ce68786e952009fa6a86d9b21 |
memory/7052-355-0x000001C0C69F0000-0x000001C0C69F1000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 535b25c6454c52efb26248559b3270cd |
| SHA1 | 219a79e66cf653ff732e259d09aee8b55fb6ce72 |
| SHA256 | 4a4951e1529ba2560c2548f3b31f3900d34ecd6f388275873537bf04947f4bc8 |
| SHA512 | 0dfba86e6a30541299c4a8d4bff82ebbfca130e8dafd0d79b43fd7228dd688bf64701b07f912e3fa0502d19e985eca8eb891d4e6ad23c45429cf298a21737ff4 |
memory/8056-481-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 9d42a178166bdccea9a1851cdd282bd8 |
| SHA1 | 2b942764ac2cfc882ba9d2b090a10af8cf5b71a1 |
| SHA256 | 34fb79eccf07cc90dd74a428434d75a12ea4c4fbee0a81670c9b380d2ae3d7fd |
| SHA512 | 9f7b0b5c6b67ca33ad63948b745de1a382a5bab16844a8edee159949af9d0999d01c4b9fa91c34d0a46759cd3b1e64dc1f4f811508962a1ccffc15a66b45d071 |
memory/7896-563-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 7c4b00d991312a7bbb13554577aebcf5 |
| SHA1 | 5a98800812e85c8de3eb49ce47b3f04efd96bbe0 |
| SHA256 | 85bbb52c3c95d710a0a8be39ba3b98f94075c598ea8a541ca429e6253ee5549b |
| SHA512 | 03d25c0a13e0912aca84be744794da14ede533c659f52daee8732df1c180da3944225a907eeaed79ef44af15e8eee918a3bd3276d800d46e017ecba8db9b9fc8 |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
| MD5 | 326bc670d3fd9b242753980e8d242817 |
| SHA1 | 959b58c8a00502592438ce5a6052e0fe96401825 |
| SHA256 | 9f32c49c09bd66ca1066583905dbd0425be1e39169f2b644c1527648f8b84b9c |
| SHA512 | 7db44c5d9be8d3353afa88ec3e0ec6d1217a7431c18d144ba438138a4f7f4d34dd905ba90cd3ddd5b100f0ab25069de7ebe6240d3009c922ef768237cc574adc |
memory/7896-562-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
memory/7896-561-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
memory/7896-560-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 34b99eb571a8725eda5cf0c70c2833c0 |
| SHA1 | 459ef801b75d874066cdf07590734d781ccb221d |
| SHA256 | a582842ec5f4f94d1663db82797acfa138a43008c59c57e5f79b9cca447c7b2d |
| SHA512 | 92915fdff3021ebb2498955385a5855932370f071ed6cc0c6d8ed48a092caa25ec7593225674b63c7214f4fded5ca79f0b8349fdb1108cd9b9d7d3c0dfee97f5 |
memory/6348-547-0x000001885FF70000-0x000001885FF71000-memory.dmp
memory/7784-546-0x000002A89C260000-0x000002A89C261000-memory.dmp
memory/32-545-0x00000148B06E0000-0x00000148B06E1000-memory.dmp
memory/5184-544-0x000001F58EF50000-0x000001F58EF51000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
| MD5 | 13d6a2e078e53331412169e6639f34b8 |
| SHA1 | 57c8c4955b3c6dd9f95c0c1938920761fe8fc95c |
| SHA256 | 3c2f2396a3a4b82c68fa2ac15f68f6508b1800b1941ac9a340988b0e7f4f3b5a |
| SHA512 | 34a968e0f3c9e30d5486060a5a1449b8bf2e87e00d39156b18b4ab7c25b05a29a76d0fb6168cd7f3f1698653b68c57a7d0aca748b9404c0242154e5e90b33a3e |
memory/6840-523-0x00000149FFA50000-0x00000149FFA51000-memory.dmp
memory/12096-466-0x00007FF77ABB0000-0x00007FF77AC33000-memory.dmp
memory/6612-490-0x000001ABE33F0000-0x000001ABE33F1000-memory.dmp
memory/8056-455-0x00007FFBAEA80000-0x00007FFBAEA90000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-4106386276-4127174233-3637007343-1000\83aa4cc77f591dfc2374580bbd95f6ba_ebaa0802-254d-4be1-a642-a8a5c0b06224
| MD5 | c8366ae350e7019aefc9d1e6e6a498c6 |
| SHA1 | 5731d8a3e6568a5f2dfbbc87e3db9637df280b61 |
| SHA256 | 11e6aca8e682c046c83b721eeb5c72c5ef03cb5936c60df6f4993511ddc61238 |
| SHA512 | 33c980d5a638bfc791de291ebf4b6d263b384247ab27f261a54025108f2f85374b579a026e545f81395736dd40fa4696f2163ca17640dd47f1c42bc9971b18cd |
memory/7668-421-0x00000269BDA70000-0x00000269BDA71000-memory.dmp
memory/5816-460-0x000001E0132A0000-0x000001E0132A1000-memory.dmp
memory/6528-459-0x000001BB68F60000-0x000001BB68F61000-memory.dmp
memory/5816-458-0x000001E0132A0000-0x000001E0132A1000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 1308148c99572d70b961e83462fcd7a9 |
| SHA1 | 2d7f6846ac899f2d250bbd1b57b78c19551afca5 |
| SHA256 | bce20a86912bc9bd4fa0462347a2be175af924482c718877ed2b809667861a72 |
| SHA512 | 37ec966dc44ef5766ff23c729fcac23da83ec9ab1352129d14a0c6b307d5a61b26bf9c901d920fb550817813694dab54ca5aa04a67afd0849ee57b126be2818b |
memory/5952-310-0x00000299C06B0000-0x00000299C06B1000-memory.dmp
memory/6528-309-0x000001BB68F60000-0x000001BB68F61000-memory.dmp
memory/344-300-0x000002B8ED200000-0x000002B8ED201000-memory.dmp
memory/628-264-0x000001EBE9170000-0x000001EBE9171000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 911f7102d2b875afe77060ca05397a4d |
| SHA1 | a17376c18ba8de90cf90810470f62b41850d8706 |
| SHA256 | a076bbe18b11e1882278c62e3cb6f21c587ef9a1e2cae5debe7f019efbd158c9 |
| SHA512 | 8231d1611acbb9f3f6a04f39eafc9be055c29c7b31da5c40c6617457d5660d43b1db2b6bbf870b5cc7d2669a6874175402e67846b5f8227a327332c06a7207f7 |
memory/7052-221-0x000001C0C69F0000-0x000001C0C69F1000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | d77466be7ee2d35fd213070255784767 |
| SHA1 | 73b2e15f1366f77db4d9b184811c0dedbbd9803f |
| SHA256 | 1d3efa4a5c13ea2539748bf9fc626982452359f8781d4d209c17a3cadb95af7a |
| SHA512 | 5c16c8c3a3ac6104564c4fc61539c02c47af6a320f8ba259890e9dcb4e328e3ace7748e135762e4f2216ad3adeba1993d84619cf52be38d8e178ac6104321299 |
memory/13396-957-0x00000232EB400000-0x00000232EC190000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 47c27fb17dcb27810aa66dcfb453dab1 |
| SHA1 | a0aa3cf8c7739e2f23422886517755ba5f35b946 |
| SHA256 | 8805a20e127a828921d9901dfa80fd507296bc844df99c4eb8862231453879b3 |
| SHA512 | 1776f488e4cff697092d5f7e09d4044f7c3dfa179160f026cdd94cddcd30f0b5d624e010a4290eba76e0834cd6a39029af35c932bc2f046dc4009cd295190748 |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | e45f616880ef22c0c4a834214d846bb9 |
| SHA1 | a113a78a6ddedd4f80b9ea12fe5b9c17cfd51fea |
| SHA256 | d2ca6dfabc9d26b261ee57b0ef5fd684a264fba340d10794a46c219ecec785c7 |
| SHA512 | 976ecd2462369a06738461e784778dd2f378bf83270623f2cf1a30ea6580661c0feba93fca9ac6e9a918f8f3ba9e061bd3ac30b9ace3d0088b0dfb50691b6ed6 |
memory/13396-851-0x00000232D0240000-0x00000232D0248000-memory.dmp
memory/11864-796-0x00000000003A0000-0x00000000003AC000-memory.dmp
memory/11076-1391-0x00000000023D0000-0x0000000002406000-memory.dmp
memory/11076-1392-0x0000000002410000-0x0000000002444000-memory.dmp
memory/11076-1390-0x0000000002480000-0x00000000024E6000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nslAE04.tmp\System.dll
| MD5 | b361682fa5e6a1906e754cfa08aa8d90 |
| SHA1 | c6701aee0c866565de1b7c1f81fd88da56b395d3 |
| SHA256 | b711c4f17690421c9dc8ddb9ed5a9ddc539b3a28f11e19c851e25dcfc7701c04 |
| SHA512 | 2778f91c9bcf83277d26c71118a1ccb0fb3ce50e89729f14f4915bc65dd48503a77b1e5118ce774dea72f5ce3cc8681eb9ca3c55cf90e9f61a177101ba192ae9 |
memory/17556-1430-0x00007FF77ABB0000-0x00007FF77AC33000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe
| MD5 | 856f6ba813d0bd232817be42d277fe0c |
| SHA1 | a9f8be1ce91f9b8fa7e967ad30dc5c50cd6b9b5e |
| SHA256 | f4fced4fbba70a23e261cba1b765d734de2cbed3c8996095117375906f6b8a23 |
| SHA512 | f5f88a23541f25ad880b30758fe835001a2f2fa1668ff524eb7e7d6c8c4e03b6c319101d5cd7e7a0117bbb648b7e2543d75c823814492b5d655adade4bd178df |
C:\Users\Admin\AppData\Local\Temp\nscB259.tmp\CityHash.dll
| MD5 | 2021acc65fa998daa98131e20c4605be |
| SHA1 | 2e8407cfe3b1a9d839ea391cfc423e8df8d8a390 |
| SHA256 | c299a0a71bf57eb241868158b4fcfe839d15d5ba607e1bdc5499fdf67b334a14 |
| SHA512 | cb96d3547bab778cbe94076be6765ed2ae07e183e4888d6c380f240b8c6708662a3b2b6b2294e38c48bc91bf2cc5fc7cfcd3afe63775151ba2fe34b06ce38948 |
C:\Users\Admin\AppData\Local\Temp\nscB259.tmp\ioSpecial.ini
| MD5 | 7ec2527a5888808d4212189dd499fd49 |
| SHA1 | 64143b0ebf676e77e6ee157bd151e50cf88225b2 |
| SHA256 | fb93d2de45054bb29bd526906e8ba3a2777996446c654c1fac38de3d0567a856 |
| SHA512 | a501cec769824e7b37252780887d15d0b67f4b648d6d22e0bd78fc2abee08b573df26c6e7f27f17781968c170e5457b97b2b24afe510c68000fa25d68b7a0193 |
C:\Users\Admin\AppData\Local\Temp\nscB259.tmp\InstallOptions.dll
| MD5 | fd249bc508706f04a18e0bc0afddec82 |
| SHA1 | b94efda9f41c89fc6120ed385867125d03f28bea |
| SHA256 | c34f095e200db420ce9af5489c3e392be285e43c3f4c9fbe34686b1f0a1531ad |
| SHA512 | c820c06ad5ae21101602d9e7864fed9b470b25fa9a0ee025d05e72697d88c7e03cbee7ad476f4e3d5b6e467248b8ad1fefa2710c76011e2156b85068961404ba |
C:\Users\Admin\AppData\Local\Temp\nscB259.tmp\modern-wizard.bmp
| MD5 | 49ff8ad8f51875597f3e919e8770c24c |
| SHA1 | 1e840ce0f68281e312317bcbdbc10fdfcd3959c3 |
| SHA256 | 76da716588b8e51e36ee7a674cd873a8069e27fef73851d1e190face5a67fc66 |
| SHA512 | dcf29bbef46b1bd8d9f6c6221955ab06da23bc6661c603c188ce34fed80984a3b6d2006ab38b49aa9d1908d714cc0f40e63b6230244e4d4a0c9baebbbda1ddb1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 8f3843a9da63a7c396a894b5865b2f67 |
| SHA1 | 2e7f9776d1ba8b15aea00d84eff977929ed70022 |
| SHA256 | 76841dc7ebcb954ee1442bff5ef2356159574207e77f9b74b5303d298980b26a |
| SHA512 | 06c417f3f8a5010105ced178e9d478c82253cc2ffb08135827ea8a5b905101b684d532d7f6cd776adce49200d4e719242bf44b88311c5d3f7ccdb6bbcba200ba |
memory/11976-1656-0x00000198EDB10000-0x00000198EDB1A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\tmpB6BD.tmp
| MD5 | 9e936c2078b286132cd6b9c8602fd17a |
| SHA1 | f638b8a7448daa6da754c9bb2fbf2cf4ee1b007e |
| SHA256 | fa994badb1e90b2629e0d955572ca57efe97169d20d6b4957e2f830e3680da9e |
| SHA512 | 6973f1eef2a2baccf2b0bccf5047f6db434698cd483c0b0dfbfcc2230c45bc1ce4a23e67b5ab7ec8767d4cc8d75dcc76eeb347038eabdf5ec99bc12e3a3bb946 |
memory/12096-1736-0x0000027AD7CA0000-0x0000027AD7E62000-memory.dmp
memory/5940-1748-0x000001B8274C0000-0x000001B828250000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\jusched.log
| MD5 | e484afdebe820302b4e3060fa2ac4a4d |
| SHA1 | 9914928292b5b5c767e37a4a6096f3752a4af1f6 |
| SHA256 | 73f01c78db79de43f18c11e8d375604f522c2a207bd58b2d46d902ad96979fb9 |
| SHA512 | b5b2032af4bee32d1f1611fbb67564f2ed67afbf791aa75dd52aa4488c1c3eb43f60b5f3324ad2b8ef0e43c4c0b3636ce91a847193d3054b392654d1f77f325e |
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\deployment.properties
| MD5 | 26174a759475159d4bdd99837838454a |
| SHA1 | 7cc50b856ef764e3984dae66046bb1c0591cb4c1 |
| SHA256 | 5718e132bd6009ab4433d2accba9adbc1cd8332719ed303ae7e76f0e786b5c8e |
| SHA512 | 367e017b4096ecd2edd30cc126ffbb0c6a553d66713c3f181e933c80cd9bd0d83dc4fba8998f6bffbc85b8ec28c53963cc99784443444e7ddb7e9a7f5258c279 |
memory/13396-1842-0x00000232D1F30000-0x00000232D1F58000-memory.dmp
memory/13396-1840-0x00000232D05E0000-0x00000232D05EA000-memory.dmp
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | c7bda85794fea979fd3707225e43f289 |
| SHA1 | 36affeb87db9e0e52530645b240b16774417c24d |
| SHA256 | 4d9fa3349d6a57f78093eb3c12d5f5a7f4012f1e2b518c10c4447ab376ccd176 |
| SHA512 | 3d39886320a32f277c5b2e0647b8062f1517a86985e2ed7b4c2499ad2616de8ae73149a5de9caeee548ee128261fc86bed5e8cf195fef39520b0f94df65cf539 |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 3dda6273424bb740dee2c695df61752d |
| SHA1 | 7efa199a8abfc56507fd342ae442d886f3e191de |
| SHA256 | 7e2a6ca1613c5c9801b33629c1ed4dbecdb3b13a993393a40f67e59f87d8f574 |
| SHA512 | f2d65cf877f55858af159d17c6b8f9c9b37ee4aa1030997724cc4ad50db4f8e17e672045fb94f1a83726f01f473862396d8cb9fc4b5885814214cce09bb37f2d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\Telemetry.FailedProfileLocks.txt
| MD5 | a1d0c6e83f027327d8461063f4ac58a6 |
| SHA1 | 92cfceb39d57d914ed8b14d0e37643de0797ae56 |
| SHA256 | 73475cb40a568e8da8a045ced110137e159f890ac4da883b6b17dc651b3a8049 |
| SHA512 | 39ca7ce9ecc69f696bf7d20bb23dd1521b641f806cc7a6b724aaa6cdbffb3a023ff98ae73225156b2c6c9ceddbfc16f5453e8fa49fc10e5d96a3885546a46ef4 |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 012dcae351715b18f6b669c44ed52471 |
| SHA1 | 6209cf1723abf65761e695f1f5757978e94541eb |
| SHA256 | c49f3587443e58976313d1443ada915318011c0fe8d5f4b3f1006e27b42c0ddf |
| SHA512 | b833d708539a4d9e81083232adc9f2244315911bc10063b0281fdbd8e1c6317f9edb8eabaaabdb42d3582bb0ac61012a7e955bae495222c34712e81ed6c827d8 |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 79523ec1e03f8ff4c8ae7435e5abcd54 |
| SHA1 | bf33781bc0f3eaf94cf1a9f360b893ff628bd4b9 |
| SHA256 | 472764510e3430c16d8d6967493cdbfa9fa6ade109c7a793fc384f6ad59e04cc |
| SHA512 | 54f18f55c535bb06050e71e5d70ea69d282996a3a54b850ca301ee927f2c72de23165559588cf51852d999b1a7075322c8e5c54ba38c0b208d42675b9bbabdd7 |
memory/25104-3346-0x0000000000F70000-0x0000000000FE4000-memory.dmp
memory/7792-3345-0x0000000000240000-0x0000000000270000-memory.dmp
memory/7792-3360-0x0000000002970000-0x0000000002A02000-memory.dmp
memory/7792-3358-0x00000000050A0000-0x000000000559E000-memory.dmp
memory/7792-3362-0x0000000000950000-0x000000000095A000-memory.dmp
memory/25104-3363-0x0000000001710000-0x000000000171A000-memory.dmp
memory/5940-3646-0x000001B826590000-0x000001B82659A000-memory.dmp
memory/5940-3647-0x000001B826660000-0x000001B826688000-memory.dmp
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\deployment.properties
| MD5 | ad50d14a45d2e7542f7ed54bd2defd97 |
| SHA1 | a430a5f2c1443317b12c8c29b55834ae62988d6d |
| SHA256 | 6e9a0406ba78a6f15a34b3de64c1200fa81f2995503b999b459ade07dd16cbca |
| SHA512 | 2e3a7994fdbc764a580e97768d01698f3646177aaa4a2fe0ea02160d1fd3da01e5e5c30dcce44e4a923b0da01ae50ad3676f46b08c59a8a564beca5d5f5eca66 |
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\security\securitypack.jar
| MD5 | 4f9f42a2c5524bf0ce187c5dcb517b89 |
| SHA1 | b54ff1e485ee0605753e23f254e288f9a79cc59d |
| SHA256 | e271e41f800f3f25e0f9fe212f2e31e6a57b74d28b89fd3425deb42a6a1b411a |
| SHA512 | 45eb73dae61b6cb855a33966b6c3f1f064a15714761e3075eda105f72adf3780b05dbfbcca75fb47734ca47bb6abe4a1db075d30b1db748ffca11d9928d6cdbc |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\905ebba3a8fc8cc.timestamp
| MD5 | 9f4fa2d7b65f02b040011d498dbaf778 |
| SHA1 | e98b710baab79e4448d938703253e3abca37bfbc |
| SHA256 | bd13c12ade30faa860502745cafd70ebe17a81ad66862f473d838da22e2d6e2f |
| SHA512 | 88fb1ea84d043a6334061c945ec105dc539ce09240e8c970700f3c1b1b76ac176a3e4d65788c2d5d8b5252e1d510f760f54973ee9469e35a39fd79261a6b00ab |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013_1\OneDrive.exe
| MD5 | e22475a3a3fd996e6aed8fb344fc1277 |
| SHA1 | 0702e726df0a403d2a2175ef7d238cb87a32a05f |
| SHA256 | a1fbd37a3f712e6c90a94c35db03190d221cb6bdcb33d71dce3a68db4e88354b |
| SHA512 | 726b3615758b47403558ac11419b931cda72c740eabe2b721c4489cfded7cb2982d91be04039244bbc3be610c9cfc12517eb98fcf133f7c96fcb1ff61d413720 |
memory/14896-4682-0x00000242E4610000-0x00000242E4618000-memory.dmp
C:\Users\Admin\Documents\Scanned Documents\Welcome Scan.jpg
| MD5 | 73d4281e46a68222934403627e5b4e19 |
| SHA1 | 0f1c29cea7ea24ebb75c95114e0b0d26438e1d39 |
| SHA256 | aac4ac970ec47cd95dc7c65d7d38d29c1f948be24d5dad1d5aa21053125367c7 |
| SHA512 | bb7aad10e5accd3f5c0f6b2968973034a2f7c2523401eb234b2de0cdad2dc13f4fd58d08ece94ec06420a52b3d371ba832f8fb4741f48799703bdf32a4daf555 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013_1\LogoImages\OneDriveMedTile.contrast-black_scale-100.png
| MD5 | 433d5c9bfe71c70e6bf1f18b7da188f4 |
| SHA1 | 54f9253621c725ea644b3c2a0a11b0ff6bf8e44c |
| SHA256 | 3ba55b200b58756480679cf8b6b98d7b3570f8dfcdb39186f721357da8d8172c |
| SHA512 | 49f00fbdd9dfc542a2ac844520d34fdeec927b932fad9910f189c9171d50aa4037f9cfb2e1de778e12ed964adae6d3b3aed60555fcc50712539f2e69fb44da8e |
C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
| MD5 | 8d117f0cace088ed532bde151099bfef |
| SHA1 | 1d27ba224308ab9dfa08d0b4c19dda4ab47d7e2c |
| SHA256 | 3fbe674ede8c7099ba6c316e1e1562c6ebe1f3bbde96276d6676fe4309658c81 |
| SHA512 | 2560ebd7e040b9b7a3de60d16e00182f2b0fc0c0224125cd9bc6eff0fdcf23aa44c2683d7b1a39a16a5cf7f70cc5dfb84628cbfe6c2e6263e1d2936bf8723cd6 |
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\deployment.properties
| MD5 | 2018691d6a1b8223a861e603abba2589 |
| SHA1 | 40a157ea2affcc7cf7b7b19cb8a8fea4e97c837c |
| SHA256 | 6727f68585bbf21389c6f0e4805dc7c51af2326179d435d80a9a821b0e214ffa |
| SHA512 | d023d2c0477c37bfe1276c545dc70f970dab416021421a8453ce298d2c091268602933dd7eb10e3e84faa7a9302835582b677e23a08cf8746d5ba7fc95b3a585 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013_1\LogoImages\OneDriveMedTile.contrast-black_scale-125.png
| MD5 | f837c5aa1f38d8241b28b92d15eebe75 |
| SHA1 | 9b11b235c11cfce25f1325eba753e469b5d5e74f |
| SHA256 | cc134daaa737e48e0f37ff5bece33e23484c47b55cb6571f3283e73e14f54334 |
| SHA512 | c79f1fb011e21555db8d0fb249d37b1cfa31d2c35d1e7e0417035cbaa717174d63d5a535fbaf1578625c50cf2417dae1e0a97e06e8799e53a8af951c1cd6ff19 |