Current Path : C:/ProgramData/Malwarebytes/MBAMService/config/ |
Current File : C:/ProgramData/Malwarebytes/MBAMService/config/AeConfig.json.bak |
D823B8350FC643B33C773FF974FCD430ACFB0EB8DA677F26BD673AE14AF54828 { "AH" : 65, "BASLR" : 66, "Blocked" : "0", "CALLER" : 863, "DAH" : 65, "DEPHDLR" : 0, "DLL" : 591, "FILE" : 65407, "JAVACMD" : 0, "JAVACMD2" : 0, "JAVACMD2DefaultReset" : true, "JAVAIN" : 1, "JAVAINTRANET" : 0, "JAVAOUT" : 0, "JAVASOCK" : 1, "L0DEP" : 587, "L1DEP" : 591, "MACRO_DISABLE" : 0, "MSGBOX" : 0, "OFFICE_VBA7" : 2, "OFFICE_WMI" : 2, "PENTESTDefaultReset" : true, "PENTEST_MODE" : 0, "PIV" : 863, "PROCESS" : 65535, "ROPC32" : 863, "ROPC64" : 863, "ROPR32" : 0, "ROPR64" : 0, "STK32" : 0, "STK64" : 0, "VB_DISABLE" : 65, "VB_EXEC" : 65, "WPM" : 589, "XMLHTTP" : 65, "defaultExclusions" : [ { "date" : "", "hash" : "00A7CF3BAAE095DBFBE458264E5AA649", "id" : "", "path" : "" }, { "date" : "", "hash" : "0233C2460C020FB77685F5070158D63D", "id" : "", "path" : "" }, { "date" : "", "hash" : "02B0C359F6F66575B8EC10A7002A7EF1", "id" : "", "path" : "" }, { "date" : "", "hash" : "034CCADC1C073E4216E9466B720F9849", "id" : "", "path" : "" }, { "date" : "", "hash" : "03E0A0812CDD2AD7261EAF533F7761F6", "id" : "", "path" : "" }, { "date" : "", "hash" : "03FBBFC587F2D6D06B6F085F2E745EC8", "id" : "", "path" : "" }, { "date" : "", "hash" : "03FCFBE2C8E71C60F1BC34EB91D07F99", "id" : "", "path" : "" }, { "date" : "", "hash" : "0465160B92E7CF11BD322726EE8CF0E2", "id" : "", "path" : "" }, { "date" : "", "hash" : "046A78D20889A0B96B84646B2E59729F", "id" : "", "path" : "" }, { "date" : "", "hash" : "04E69D16137C2EB4AC353BE3F9EAA1A6", "id" : "", "path" : "" }, { "date" : "", "hash" : "050E6DDC48FDCD458ABCAC2A60D96757", "id" : "", "path" : "" }, { "date" : "", "hash" : "0575F6FEEE5E04017D6D38440E144CBF", "id" : "", "path" : "" }, { "date" : "", "hash" : "088ed8bbd1a2b05eb466459aa68c3ec6", "id" : "", "path" : "" }, { "date" : "", "hash" : "094CD1EBF80AE8D466DEA25B7B679B35", "id" : "", "path" : "" }, { "date" : "", "hash" : "0A8CD5ACD17A77726103C632455557BD", "id" : "", "path" : "" }, { "date" : "", "hash" : "0A903F975BF30F70C36315A3D92A051B", "id" : "", "path" : "" }, { "date" : "", "hash" : "0B87E3B50D974210F394F8038A157E7B", "id" : "", "path" : "" }, { "date" : "", "hash" : "0BF90B3A9F703F23A6AD342B5BC01B26", "id" : "", "path" : "" }, { "date" : "", "hash" : "0CD4882A36D15DAD767E9D77297289CC", "id" : "", "path" : "" }, { "date" : "", "hash" : "0d57b9f7bc18930bb316fcae2312bc30", "id" : "", "path" : "" }, { "date" : "", "hash" : "0D7D8A7525E7F5F5A09F5CD04C01AB94", "id" : "", "path" : "" }, { "date" : "", "hash" : "0D97759E5A6ABBA62E536D9D3585F04B", "id" : "", "path" : "" }, { "date" : "", "hash" : "0EF3BF0E2B8ABCC6DFBC9459A2C80797", "id" : "", "path" : "" }, { "date" : "", "hash" : "0FCF9F3D9518B90FB58CC950FA33998C", "id" : "", "path" : "" }, { "date" : "", "hash" : "11C068B9BA0E65022DC1EA3CD5F9EB86", "id" : "", "path" : "" }, { "date" : "", "hash" : "11DE7AC5B18CCDD77E47A258D506A87D", "id" : "", "path" : "" }, { "date" : "", "hash" : "12F83B690D2D67F948186A655DC22528", "id" : "", "path" : "" }, { "date" : "", "hash" : "14953FB0442FD7179C36DC126D1E6872", "id" : "", "path" : "" }, { "date" : "", "hash" : "1554d7e3382a5fb0b5499eea319a85df", "id" : "", "path" : "" }, { "date" : "", "hash" : "158DD7391F408FA1F38685F4EA237455", "id" : "", "path" : "" }, { "date" : "", "hash" : "159abe552e659f6819368a086f8c4ba7", "id" : "", "path" : "" }, { "date" : "", "hash" : "1628E2212724449B8ED5E4773919B139", "id" : "", "path" : "" }, { "date" : "", "hash" : "1B3A9C5F081FFEFEBFCE6930EB40F6B0", "id" : "", "path" : "" }, { "date" : "", "hash" : "1b608a3165adcaa835f4bf1dc1647588", "id" : "", "path" : "" }, { "date" : "", "hash" : "1c3603381e86fc752c47142ab39abfca", "id" : "", "path" : "" }, { "date" : "", "hash" : "1C39BFC65496DCE68AD59DC4E6316FDD", "id" : "", "path" : "" }, { "date" : "", "hash" : "1C5B6815372D0D0EBA9CE18EC2FA9D73", "id" : "", "path" : "" }, { "date" : "", "hash" : "1CDF331C2ED30014F81A6B29ECE49A7D", "id" : "", "path" : "" }, { "date" : "", "hash" : "1D3774C99A21F023E50F78A11AEC855D", "id" : "", "path" : "" }, { "date" : "", "hash" : "1DBDCF44EF750167AC36666F1A87EBA0", "id" : "", "path" : "" }, { "date" : "", "hash" : "1DE93FC61EF61839D55C4750BE99EA5E", "id" : "", "path" : "" }, { "date" : "", "hash" : "1e06894f5963f9c235b7d9d0ac105c1c", "id" : "", "path" : "" }, { "date" : "", "hash" : "208590E601CEE15C7D8CDA6EA1671818", "id" : "", "path" : "" }, { "date" : "", "hash" : "20B61524A5A8837DEEC364D03654EA75", "id" : "", "path" : "" }, { "date" : "", "hash" : "215D6C16884141414975DCB8232E3D95", "id" : "", "path" : "" }, { "date" : "", "hash" : "2162D735507A707E512F5725FFB67C3B", "id" : "", "path" : "" }, { "date" : "", "hash" : "2252290BC44BEAD16AA1BF89948472E8", "id" : "", "path" : "" }, { "date" : "", "hash" : "23683D629CEA2FC630C790BB18FB99C0", "id" : "", "path" : "" }, { "date" : "", "hash" : "23B28530283FC40E2DC554A5271BD188", "id" : "", "path" : "" }, { "date" : "", "hash" : "249C1C8BD8AC9568E5C5A0EC2FB39018", "id" : "", "path" : "" }, { "date" : "", "hash" : "25ABC0B24EAC8711DCF65D855EBDB3C1", "id" : "", "path" : "" }, { "date" : "", "hash" : "26A414A2B7FC8AA5475CADB1189F1D02", "id" : "", "path" : "" }, { "date" : "", "hash" : "26b1cd6525a3e2c171d74e777a8d9d0a", "id" : "", "path" : "" }, { "date" : "", "hash" : "2772BB5CF6C3E61B0703738AD571B246", "id" : "", "path" : "" }, { "date" : "", "hash" : "289A45C59B6481D0ADAEBEE52C7C08E8", "id" : "", "path" : "" }, { "date" : "", "hash" : "28E4D67DB8F5A83A47CA92F931D7D5EB", "id" : "", "path" : "" }, { "date" : "", "hash" : "29D9E417ABC7FF2ACADF7111928F02E4", "id" : "", "path" : "" }, { "date" : "", "hash" : "2AF49EC6AF48198FF8BA6FE17B9C1BCA", "id" : "", "path" : "" }, { "date" : "", "hash" : "2B9B5F0C70011FCE8369850709D9622F", "id" : "", "path" : "" }, { "date" : "", "hash" : "2C2DE43BDE6357B3D68B2E95383A08CE", "id" : "", "path" : "" }, { "date" : "", "hash" : "2E02156CFEAAF70141F91B894C770AC8", "id" : "", "path" : "" }, { "date" : "", "hash" : "2EBF305C037A028D23B54E901A77FC76", "id" : "", "path" : "" }, { "date" : "", "hash" : "2FAFB224F30F7F9C718767EDD6018240", "id" : "", "path" : "" }, { "date" : "", "hash" : "30CABEFAC007FABA58F9BEDAC3828DC9", "id" : "", "path" : "" }, { "date" : "", "hash" : "319B1108E328EDFD5002AB4544E59F43", "id" : "", "path" : "" }, { "date" : "", "hash" : "324255A4DEAD441DA3876C055FED22B1", "id" : "", "path" : "" }, { "date" : "", "hash" : "333A47D3675AE77362E80E02AD82C5E7", "id" : "", "path" : "" }, { "date" : "", "hash" : "33C9D1E56152E212367E9C5B01671E45", "id" : "", "path" : "" }, { "date" : "", "hash" : "342F8C1A91764FBC5EB6CDF94435E24A", "id" : "", "path" : "" }, { "date" : "", "hash" : "34FA88969043A3CC78C653D250493A05", "id" : "", "path" : "" }, { "date" : "", "hash" : "3613076AC79608EF1EA26C9193597DAC", "id" : "", "path" : "" }, { "date" : "", "hash" : "37651F52CCD3E7DFCAC9747F1F5506BA", "id" : "", "path" : "" }, { "date" : "", "hash" : "37666EB6150CF070FA5211D523EDB2DF", "id" : "", "path" : "" }, { "date" : "", "hash" : "37945433C7B7D743B863C54A8CB18DEE", "id" : "", "path" : "" }, { "date" : "", "hash" : "3842c46f2fbc7522ef625f1833530804", "id" : "", "path" : "" }, { "date" : "", "hash" : "3A7B42735886D31A95BF0DF9F2567ADA", "id" : "", "path" : "" }, { "date" : "", "hash" : "3b256db783d1446ba3339cf65a47ab30", "id" : "", "path" : "" }, { "date" : "", "hash" : "3B965AE6D1E7C9D9B0462C179956CC36", "id" : "", "path" : "" }, { "date" : "", "hash" : "3BC2A3CCDE0CD62B8C8E05683283A25C", "id" : "", "path" : "" }, { "date" : "", "hash" : "3E72E1AB196855916E2065C604674631", "id" : "", "path" : "" }, { "date" : "", "hash" : "3EB1530ECB70951FBF12DBFCF5B6CE3B", "id" : "", "path" : "" }, { "date" : "", "hash" : "3F25CC87222FCE566A90D6A8727506FD", "id" : "", "path" : "" }, { "date" : "", "hash" : "3F39234D73C420642275B7DC0B1E981C", "id" : "", "path" : "" }, { "date" : "", "hash" : "4246B1662DDEE1DF479B99161C46F4FC", "id" : "", "path" : "" }, { "date" : "", "hash" : "42E5F2F8EFF6690BB27D23CB6104892C", "id" : "", "path" : "" }, { "date" : "", "hash" : "4333f45dceff11453bd6539836f573dc", "id" : "", "path" : "" }, { "date" : "", "hash" : "43DFEB90B3537EA613A1EA823091AA24", "id" : "", "path" : "" }, { "date" : "", "hash" : "4798ec7788a4d768005489abbc8814d7", "id" : "", "path" : "" }, { "date" : "", "hash" : "4841ec5b0e6f371346c539926cb7c336", "id" : "", "path" : "" }, { "date" : "", "hash" : "4896A40C1EB3BF77D726854E4851A086", "id" : "", "path" : "" }, { "date" : "", "hash" : "4A9770F61FF364C25E9129DE6A185C4B", "id" : "", "path" : "" }, { "date" : "", "hash" : "4AA31094E87BDF320E9DDFE0AA6ECC76", "id" : "", "path" : "" }, { "date" : "", "hash" : "4ACE9EEB32DE26548956B5E5841E90CB", "id" : "", "path" : "" }, { "date" : "", "hash" : "4BD792D4A6B757C133502938C06CAF49", "id" : "", "path" : "" }, { "date" : "", "hash" : "4C2A5B27DF2EE0A83E73A5E4B2548E87", "id" : "", "path" : "" }, { "date" : "", "hash" : "4d95f3395787808e4e5a4e4bfc48204b", "id" : "", "path" : "" }, { "date" : "", "hash" : "4E4682F1E7A6B6846E0F99612FC41D06", "id" : "", "path" : "" }, { "date" : "", "hash" : "4E7D02BA37DCAEC3C8B99E2CB53E9EA3", "id" : "", "path" : "" }, { "date" : "", "hash" : "4EE24C7FD67B098431C951DB7686BD19", "id" : "", "path" : "" }, { "date" : "", "hash" : "4F5BD8D491AAE778B358ECE2A1D28F09", "id" : "", "path" : "" }, { "date" : "", "hash" : "4F9C97AD03B3CF13EB4C519CED9A12BB", "id" : "", "path" : "" }, { "date" : "", "hash" : "50754352847B5E71E11ABF4D30407148", "id" : "", "path" : "" }, { "date" : "", "hash" : "5245DB0ACFFCE8D35D34948BAFBD88BC", "id" : "", "path" : "" }, { "date" : "", "hash" : "52950AC9E2B481453082F096120E355A", "id" : "", "path" : "" }, { "date" : "", "hash" : "53560C9205CD9A362F10CDDAD91BF7BD", "id" : "", "path" : "" }, { "date" : "", "hash" : "535C0EA5CF6FF5105F6D297FADF160E1", "id" : "", "path" : "" }, { "date" : "", "hash" : "5396A1EF484F7102A1B708B4AC529913", "id" : "", "path" : "" }, { "date" : "", "hash" : "55293D6D1DB05E4800F2B62407D61DD7", "id" : "", "path" : "" }, { "date" : "", "hash" : "55561AC10D64539FA634E4FCB14D83DF", "id" : "", "path" : "" }, { "date" : "", "hash" : "55ED4864C1D3F6357D9FAFCB4CA09FA8", "id" : "", "path" : "" }, { "date" : "", "hash" : "5782294B0D5B4436EB1E2435C587FC1C", "id" : "", "path" : "" }, { "date" : "", "hash" : "57BF209A6EE8A9512D4E1A36DFA367EB", "id" : "", "path" : "" }, { "date" : "", "hash" : "59A8E5D44C5219BC444C03F81FF90971", "id" : "", "path" : "" }, { "date" : "", "hash" : "5b4d63670c3edafd876c688a4344027a", "id" : "", "path" : "" }, { "date" : "", "hash" : "5E1085CBCF2C80C31CC4EC059C1AC8B3", "id" : "", "path" : "" }, { "date" : "", "hash" : "5F17AFF764132A9B74C07704E4C177A7", "id" : "", "path" : "" }, { "date" : "", "hash" : "6013B3F1FEA8ED5FEF3194B63A486FB4", "id" : "", "path" : "" }, { "date" : "", "hash" : "61038B1C35F1D52C3C006DA95BD44171", "id" : "", "path" : "" }, { "date" : "", "hash" : "61DD816FA1B04FA5AAA5A78A287DFA8E", "id" : "", "path" : "" }, { "date" : "", "hash" : "62700FECE4F259431CBA8250B6500C24", "id" : "", "path" : "" }, { "date" : "", "hash" : "65133DA829359A4E4079D965D05BA5BF", "id" : "", "path" : "" }, { "date" : "", "hash" : "658633D255FEF154EA1CB8705B4468C5", "id" : "", "path" : "" }, { "date" : "", "hash" : "65ADDEAC93565EE7C20309E591463006", "id" : "", "path" : "" }, { "date" : "", "hash" : "681343E00D266C5F811320FCA9054370", "id" : "", "path" : "" }, { "date" : "", "hash" : "68FCEB727572063A0336ACFB449AFBD4", "id" : "", "path" : "" }, { "date" : "", "hash" : "695E786411F533045D9FE5A31E3EED75", "id" : "", "path" : "" }, { "date" : "", "hash" : "6A093C84B1E9BF4363C4367CE01B4669", "id" : "", "path" : "" }, { "date" : "", "hash" : "6A5C2E41065737C5842F4D84FB89FC5A", "id" : "", "path" : "" }, { "date" : "", "hash" : "6A90345F572E6B166D4772533288146D", "id" : "", "path" : "" }, { "date" : "", "hash" : "6B912966E17C324FF6B37F647FFF4CF5", "id" : "", "path" : "" }, { "date" : "", "hash" : "6CC3D56C927B00CE02A9F891541C7636", "id" : "", "path" : "" }, { "date" : "", "hash" : "6cfb336bff524a652f87f9897c09b224", "id" : "", "path" : "" }, { "date" : "", "hash" : "6FF1259AB056E29564406A4C07A47403", "id" : "", "path" : "" }, { "date" : "", "hash" : "70B2F403924958B8BD9BCACE8E097A59", "id" : "", "path" : "" }, { "date" : "", "hash" : "71E6DD8A9DE4A9BAF89FCA951768059A", "id" : "", "path" : "" }, { "date" : "", "hash" : "7316EAA172DE588080F19387813829E7", "id" : "", "path" : "" }, { "date" : "", "hash" : "74a57b2ec648a4f655c72e93ffa58c92", "id" : "", "path" : "" }, { "date" : "", "hash" : "7505355462F21362387DA1F6ED06089D", "id" : "", "path" : "" }, { "date" : "", "hash" : "75A3E359FBBCC3F88A8775D95ACB9E26", "id" : "", "path" : "" }, { "date" : "", "hash" : "7685248592B310F0EB9874170FC6E993", "id" : "", "path" : "" }, { "date" : "", "hash" : "76AA78F96108AAA7BFDA1542C5550984", "id" : "", "path" : "" }, { "date" : "", "hash" : "76CDC6433506FAA8D0D7A95A3798C6BD", "id" : "", "path" : "" }, { "date" : "", "hash" : "77D4C7979D0D5D82FA58E669808476C4", "id" : "", "path" : "" }, { "date" : "", "hash" : "78A5A005689B75A7A6E1EF6E08DA8F4B", "id" : "", "path" : "" }, { "date" : "", "hash" : "792E845B49583D4B26B7352E51F0C5B6", "id" : "", "path" : "" }, { "date" : "", "hash" : "7A155B852441D14D5C598BAFD8C644D1", "id" : "", "path" : "" }, { "date" : "", "hash" : "7A907BC8A3183142266FCFF1A65A1DCB", "id" : "", "path" : "" }, { "date" : "", "hash" : "7B298EFA16AC68E6E9BB02C8D34B9114", "id" : "", "path" : "" }, { "date" : "", "hash" : "7D459AEBCDF8E2ECA7B85C0B198E23C9", "id" : "", "path" : "" }, { "date" : "", "hash" : "7E3F50AFA690166BEE17904BAB1E01C0", "id" : "", "path" : "" }, { "date" : "", "hash" : "7E986AB5B668C3C82D0BB855F8E596D8", "id" : "", "path" : "" }, { "date" : "", "hash" : "8088AA1C88204A12E767C820155623AE", "id" : "", "path" : "" }, { "date" : "", "hash" : "81D188A849C8768E8F3694EB1C0E6086", "id" : "", "path" : "" }, { "date" : "", "hash" : "820F933658D9EE76CCC121708E41CB42", "id" : "", "path" : "" }, { "date" : "", "hash" : "826E5391047A722101D48870DE03374B", "id" : "", "path" : "" }, { "date" : "", "hash" : "82B8781755B1A3D2928DD154729C944A", "id" : "", "path" : "" }, { "date" : "", "hash" : "82D6C3AA80EFD9D59FCFB70A4CC15B65", "id" : "", "path" : "" }, { "date" : "", "hash" : "839C447BAC2FD43C2DCC2E32B7904D13", "id" : "", "path" : "" }, { "date" : "", "hash" : "856d3c40185b6f7049c9d0497a25297b", "id" : "", "path" : "" }, { "date" : "", "hash" : "8643B277423F05B8A34775E93B8B7ABC", "id" : "", "path" : "" }, { "date" : "", "hash" : "866141918B06220D456284430B9A6B5C", "id" : "", "path" : "" }, { "date" : "", "hash" : "871c903a90c45ca08a9d42803916c3f7", "id" : "", "path" : "" }, { "date" : "", "hash" : "87388AD2BDA1A2B37CC7396125E4965B", "id" : "", "path" : "" }, { "date" : "", "hash" : "8839166DCDD9F264639A0946B3D4378B", "id" : "", "path" : "" }, { "date" : "", "hash" : "884C8A04A6B075B5E794710644A703C6", "id" : "", "path" : "" }, { "date" : "", "hash" : "8A14C7DDFC299934ACAB1F4F8BFB8E9E", "id" : "", "path" : "" }, { "date" : "", "hash" : "8b3f8c472078e517fa8fbaeb5142a17d", "id" : "", "path" : "" }, { "date" : "", "hash" : "8C01B791F8C03DECAE28E2A9A3D3DE7F", "id" : "", "path" : "" }, { "date" : "", "hash" : "8F4320F57599893A0565B89D9367281F", "id" : "", "path" : "" }, { "date" : "", "hash" : "92A08CD2648685717321070FA2259671", "id" : "", "path" : "" }, { "date" : "", "hash" : "92FB79722C8BFB175D8DE2023B2F9264", "id" : "", "path" : "" }, { "date" : "", "hash" : "938AD48B215D52565829B7A163045D5E", "id" : "", "path" : "" }, { "date" : "", "hash" : "94017abbde345580542d8301793eff7a", "id" : "", "path" : "" }, { "date" : "", "hash" : "9496AC83CA3496984B562932A814A237", "id" : "", "path" : "" }, { "date" : "", "hash" : "95C8BFE19202785B2AA1A73BA014911B", "id" : "", "path" : "" }, { "date" : "", "hash" : "95E15A2DE75AB48728AB8E1911C3EDB1", "id" : "", "path" : "" }, { "date" : "", "hash" : "97776CFD9C89D06B57BD624FFF690002", "id" : "", "path" : "" }, { "date" : "", "hash" : "97F9399DD616DF9A2B54A05B2859DBE6", "id" : "", "path" : "" }, { "date" : "", "hash" : "9ab7fb7393b5cf6ce8d91f3d48572c71", "id" : "", "path" : "" }, { "date" : "", "hash" : "9B9A3CC9D0DBC66C129960A55256DD27", "id" : "", "path" : "" }, { "date" : "", "hash" : "9D8274B19C6F4B3E21E12DE6E378F462", "id" : "", "path" : "" }, { "date" : "", "hash" : "9E735F008AE8D32184AF78D39ABB67B3", "id" : "", "path" : "" }, { "date" : "", "hash" : "9EA1947855C8A6F1AE1CF3D2E07AF238", "id" : "", "path" : "" }, { "date" : "", "hash" : "9F2AEF6DC4E11307B065FD38D1DF00B8", "id" : "", "path" : "" }, { "date" : "", "hash" : "9F4BC88598BC55A5603137E2A9602B11", "id" : "", "path" : "" }, { "date" : "", "hash" : "9F7A1813A801D286EC3191FD53B428B8", "id" : "", "path" : "" }, { "date" : "", "hash" : "9F8C5EAF561629D9323720ED6A80E9F8", "id" : "", "path" : "" }, { "date" : "", "hash" : "9FEF04A50F79295C036CF000B0366EF8", "id" : "", "path" : "" }, { "date" : "", "hash" : "A03F6C7655338FFB588243B7FE2D5C8D", "id" : "", "path" : "" }, { "date" : "", "hash" : "A062AB670FFBE6E69C9F6F0E574CA4A5", "id" : "", "path" : "" }, { "date" : "", "hash" : "A35B86FFBB9B7E98D6C369FD074B35B6", "id" : "", "path" : "" }, { "date" : "", "hash" : "A53761C54221EECEA9421AECD225F9D5", "id" : "", "path" : "" }, { "date" : "", "hash" : "A7C34601340F9ED6CB2CECA7A34B4BF2", "id" : "", "path" : "" }, { "date" : "", "hash" : "A91553D0073883E079EC9DB0D0AE9A85", "id" : "", "path" : "" }, { "date" : "", "hash" : "AAA404400F755D066E74A792D221500C", "id" : "", "path" : "" }, { "date" : "", "hash" : "AB822181ED39642F3BD3124B3735EFEB", "id" : "", "path" : "" }, { "date" : "", "hash" : "AD3DEC8E99EA9766291E6BFFFC756C26", "id" : "", "path" : "" }, { "date" : "", "hash" : "ADB48BF471D66FC349D2893813FD998A", "id" : "", "path" : "" }, { "date" : "", "hash" : "AE0C754DDE736308D29E791760B0CB6E", "id" : "", "path" : "" }, { "date" : "", "hash" : "AF1783D488CDE0D32A96603639CF2E7B", "id" : "", "path" : "" }, { "date" : "", "hash" : "AFFD149999E57E41A876C47F1AC9AC87", "id" : "", "path" : "" }, { "date" : "", "hash" : "B0C657BE65A593D01733CB79BF724100", "id" : "", "path" : "" }, { "date" : "", "hash" : "b22eeda42a2284ef5e07f03f4ce8a518", "id" : "", "path" : "" }, { "date" : "", "hash" : "B2476F60597B560717BE21E1F60811B3", "id" : "", "path" : "" }, { "date" : "", "hash" : "B3FE85EE1FE6E10667FD46B7C318C5BA", "id" : "", "path" : "" }, { "date" : "", "hash" : "B44C0B2AEEB3334C780A9725DC945EA6", "id" : "", "path" : "" }, { "date" : "", "hash" : "B4688EDAB86010BD1996F0B25DFD97A9", "id" : "", "path" : "" }, { "date" : "", "hash" : "B837F8127C31E2D1D777911306C52E73", "id" : "", "path" : "" }, { "date" : "", "hash" : "B8C997E772BE343E1664FEE14C1FB9B7", "id" : "", "path" : "" }, { "date" : "", "hash" : "B8D08F0446C7D590043C49302A5DB625", "id" : "", "path" : "" }, { "date" : "", "hash" : "B93E0C10AE163764F372111D142ABF90", "id" : "", "path" : "" }, { "date" : "", "hash" : "BA87291DEA637E2F1830AFD92530DE32", "id" : "", "path" : "" }, { "date" : "", "hash" : "BB33A3BCF0B5BDDE08D6E03EC60EBE7C", "id" : "", "path" : "" }, { "date" : "", "hash" : "BCCA302522B7E247DD128A78D9B20F94", "id" : "", "path" : "" }, { "date" : "", "hash" : "BE8981EEB84FD419661C6A441568750C", "id" : "", "path" : "" }, { "date" : "", "hash" : "BE9F5E3DC4539B71B1858AC66C81F789", "id" : "", "path" : "" }, { "date" : "", "hash" : "BF3F290275C21BDD3951955C9C3CF32C", "id" : "", "path" : "" }, { "date" : "", "hash" : "BFDE31D521AC2796BA2D75D1F7086F08", "id" : "", "path" : "" }, { "date" : "", "hash" : "bff64f2e303176dd498d695dcc623437", "id" : "", "path" : "" }, { "date" : "", "hash" : "C0CFA6F0289AF556EF6C34E37FE61569", "id" : "", "path" : "" }, { "date" : "", "hash" : "c29db9881259c2eb9877e0b95e2c4122", "id" : "", "path" : "" }, { "date" : "", "hash" : "C2D2C87649E0315B4356B51498882B37", "id" : "", "path" : "" }, { "date" : "", "hash" : "C302A039ED136F12067FD40A154ED3CD", "id" : "", "path" : "" }, { "date" : "", "hash" : "C31F66C64198C07F8A7820A9E1E45BD4", "id" : "", "path" : "" }, { "date" : "", "hash" : "c3967ee40d7d552b871c097af863d51f", "id" : "", "path" : "" }, { "date" : "", "hash" : "C4A77CA5D5FC0E7388725DD925687D8B", "id" : "", "path" : "" }, { "date" : "", "hash" : "C5C785497A57FC48AB3D11245B90ED09", "id" : "", "path" : "" }, { "date" : "", "hash" : "C6689007B3A749C49A5438DCF36E0CE4", "id" : "", "path" : "" }, { "date" : "", "hash" : "C6D7D3A24AFF72FE4621BA026B098FAB", "id" : "", "path" : "" }, { "date" : "", "hash" : "C6EB5353BCA864D949FEEB50810860DF", "id" : "", "path" : "" }, { "date" : "", "hash" : "c8b03a37c2320287962f81df3eb215aa", "id" : "", "path" : "" }, { "date" : "", "hash" : "C8E8F12B364C3A7BA45888FBBC474AAA", "id" : "", "path" : "" }, { "date" : "", "hash" : "CA0C67BA7AEBA6AED5DDB852E6EEA811", "id" : "", "path" : "" }, { "date" : "", "hash" : "CA27DCD8BFF10CBD45F39344A893BA9B", "id" : "", "path" : "" }, { "date" : "", "hash" : "CACC3702B61A1E75ECF7020343D41DBE", "id" : "", "path" : "" }, { "date" : "", "hash" : "CB3638541DCAC86EE17FA8258202E20E", "id" : "", "path" : "" }, { "date" : "", "hash" : "CDD58878B4FF49EEE313E1EDDE83CD00", "id" : "", "path" : "" }, { "date" : "", "hash" : "CE21EA5624B75F707D5AD714F39D8196", "id" : "", "path" : "" }, { "date" : "", "hash" : "CE2640E0F9D39999AF5B171B380E2EB8", "id" : "", "path" : "" }, { "date" : "", "hash" : "D022DF5629EBA1FDA393E19DC9125D39", "id" : "", "path" : "" }, { "date" : "", "hash" : "D0610098E4BD2BB8BB75BCC02B9FDC6F", "id" : "", "path" : "" }, { "date" : "", "hash" : "D20B77F9EF6128949EC6BEF7E4E8B34E", "id" : "", "path" : "" }, { "date" : "", "hash" : "D305D4735A718000BCA1869F9E13D95F", "id" : "", "path" : "" }, { "date" : "", "hash" : "D3AD181D94CDEBF7FD85BF8399B22E21", "id" : "", "path" : "" }, { "date" : "", "hash" : "D4E1305A4BD1FAD809C450DEBBD4F515", "id" : "", "path" : "" }, { "date" : "", "hash" : "D50CEA58FA668C637B2A28D160ECA494", "id" : "", "path" : "" }, { "date" : "", "hash" : "D563DB4131D3E27B25C3BDBB52D5ADB6", "id" : "", "path" : "" }, { "date" : "", "hash" : "D5AEFF9D01502623823B1F4A287ABCD7", "id" : "", "path" : "" }, { "date" : "", "hash" : "D6287B2691D8D2681A6B1909D8AE39FE", "id" : "", "path" : "" }, { "date" : "", "hash" : "D736D938B0059F61CDABE02E7676CAA2", "id" : "", "path" : "" }, { "date" : "", "hash" : "D75F3D94E29653B1E28E402A7210CB7F", "id" : "", "path" : "" }, { "date" : "", "hash" : "D79108C6128A2C93E42A77F88C2F6D16", "id" : "", "path" : "" }, { "date" : "", "hash" : "d7cee9ec7f169885e4639ff72f43548d", "id" : "", "path" : "" }, { "date" : "", "hash" : "D9591620780EA176327838FD7BF3BB15", "id" : "", "path" : "" }, { "date" : "", "hash" : "D9BF61FE2AADDE81475F13E9819124C1", "id" : "", "path" : "" }, { "date" : "", "hash" : "DAA1881D9A6B3D11A3C7939D9E71AF36", "id" : "", "path" : "" }, { "date" : "", "hash" : "DB6754154DF5E60E19BEA04DBB6774BC", "id" : "", "path" : "" }, { "date" : "", "hash" : "DBF5468C0630C890D344BBBC89DAC9D4", "id" : "", "path" : "" }, { "date" : "", "hash" : "DC4417AF85AAA8008E2A07741F4CAA61", "id" : "", "path" : "" }, { "date" : "", "hash" : "DCBB15DFBC08046AF8D10A1135FFA423", "id" : "", "path" : "" }, { "date" : "", "hash" : "DD093FA64DBDFA669FD6A89D400D6ADB", "id" : "", "path" : "" }, { "date" : "", "hash" : "DD7B83919ED3F5C6CF4C343A79D6E7BC", "id" : "", "path" : "" }, { "date" : "", "hash" : "DE9AF41A7E0AD0DD7F83A5BC88D50D0F", "id" : "", "path" : "" }, { "date" : "", "hash" : "DEC7E5E645ADED51F9D7F02D60E9ED41", "id" : "", "path" : "" }, { "date" : "", "hash" : "E2DAF5C1532187F67F067F0342B74B9B", "id" : "", "path" : "" }, { "date" : "", "hash" : "E46DED787C1F645FA14F20B09AD1D42F", "id" : "", "path" : "" }, { "date" : "", "hash" : "E499DBE261EA2341CED7BC0F49C37614", "id" : "", "path" : "" }, { "date" : "", "hash" : "E4A2856522E6A817E3F0EDD2677FA647", "id" : "", "path" : "" }, { "date" : "", "hash" : "E511F8508F13FA0C9F99B0C527DDF89B", "id" : "", "path" : "" }, { "date" : "", "hash" : "E643900BB6FC3D452CAB0B9ADB28418C", "id" : "", "path" : "" }, { "date" : "", "hash" : "E9A9367D47B9065701E7C99E4CFCB36A", "id" : "", "path" : "" }, { "date" : "", "hash" : "E9DEA33AA3632A27F6962993EA1A2432", "id" : "", "path" : "" }, { "date" : "", "hash" : "EB9D5656688B51ABC5CBA1E6CA8E0CFC", "id" : "", "path" : "" }, { "date" : "", "hash" : "EC7DC85C1CC6F42566799DDA6B095341", "id" : "", "path" : "" }, { "date" : "", "hash" : "ED1E1C62A7635A7C263DE0E2F2DA0763", "id" : "", "path" : "" }, { "date" : "", "hash" : "EE60596A12B7FB9E69FD0D55C28BC875", "id" : "", "path" : "" }, { "date" : "", "hash" : "EED888394AC81A663F12C6EC43AB2838", "id" : "", "path" : "" }, { "date" : "", "hash" : "F07B83D22A9F2784272C27AE4F1F50BA", "id" : "", "path" : "" }, { "date" : "", "hash" : "F195807A46C284971D8395C61328AB7D", "id" : "", "path" : "" }, { "date" : "", "hash" : "F4A75777861DF84C3068513358D464A1", "id" : "", "path" : "" }, { "date" : "", "hash" : "F5142340EB8F0808B2956D60AFD4667B", "id" : "", "path" : "" }, { "date" : "", "hash" : "F53C2CF0B21FC21356B11486A2BB727C", "id" : "", "path" : "" }, { "date" : "", "hash" : "F5DC2AE9B6EFF70C6D1A7377ED658049", "id" : "", "path" : "" }, { "date" : "", "hash" : "F65BC9B3BE62DACD657C8BDB1CA14224", "id" : "", "path" : "" }, { "date" : "", "hash" : "F675F4ED4364D11C4CB967F1B4C238EB", "id" : "", "path" : "" }, { "date" : "", "hash" : "F7515F67CB096DC981AE91221A7C67E6", "id" : "", "path" : "" }, { "date" : "", "hash" : "F78940628EB76AB6E654C19EE33F2F89", "id" : "", "path" : "" }, { "date" : "", "hash" : "F7CB4D481C03004496EFEA76120EC85E", "id" : "", "path" : "" }, { "date" : "", "hash" : "F8DD3BB433EAB490F6D776E953777B68", "id" : "", "path" : "" }, { "date" : "", "hash" : "F9388BFB46D2A30A965EED6B5A62A7A6", "id" : "", "path" : "" }, { "date" : "", "hash" : "FAEB00C5A6CCF790652CB591303DABDE", "id" : "", "path" : "" }, { "date" : "", "hash" : "fcbe04b636a9a30d7a2b0f9437cbf8b6", "id" : "", "path" : "" }, { "date" : "", "hash" : "FDBC0AD3C7F8C5E4C1DD8C0C034BD9DE", "id" : "", "path" : "" }, { "date" : "", "hash" : "fe4f7cd9911ee7f722ea8786dc56c3eb", "id" : "", "path" : "" }, { "date" : "", "hash" : "FE54685115E66DF0A5A3F7B9605AE181", "id" : "", "path" : "" }, { "date" : "", "hash" : "FFE48CD06F760596EC6C98460819EE34", "id" : "", "path" : "" }, { "date" : "", "hash" : "923CDF89104873B0A3C5F04062DB8753", "id" : "", "path" : "" }, { "date" : "", "hash" : "69722AFD3BFC0BC0416BCD72F10B3A9B", "id" : "", "path" : "" }, { "date" : "", "hash" : "652E6BEDA88D37FF49BFFCE8AC9AE2E8", "id" : "", "path" : "" } ], "dynconfig" : [ { "configValue" : [ { "aeOption" : 5, "mask" : 1, "value" : 0 }, { "aeOption" : 10, "mask" : 521, "value" : 0 }, { "aeOption" : 13, "mask" : 521, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Diebold\\Warsaw" }, { "configValue" : [ { "aeOption" : 5, "mask" : 1, "value" : 0 }, { "aeOption" : 10, "mask" : 521, "value" : 0 }, { "aeOption" : 13, "mask" : 521, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files (x86)\\GbPlugin" }, { "configValue" : [ { "aeOption" : 5, "mask" : 1, "value" : 0 }, { "aeOption" : 10, "mask" : 521, "value" : 0 }, { "aeOption" : 13, "mask" : 521, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\ProgramData\\GAS Tecnologia" }, { "configValue" : [ { "aeOption" : 5, "mask" : 1, "value" : 0 }, { "aeOption" : 10, "mask" : 521, "value" : 0 }, { "aeOption" : 13, "mask" : 521, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\ProgramData\\GbPlugin" }, { "configValue" : [ { "aeOption" : 5, "mask" : 1, "value" : 0 }, { "aeOption" : 10, "mask" : 521, "value" : 0 }, { "aeOption" : 13, "mask" : 521, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\GbPlugin" }, { "configValue" : [ { "aeOption" : 5, "mask" : 1, "value" : 0 } ], "objectType" : "file", "objectValue" : "C:\\Windows\\winipbin\\svrltmgr.dll" }, { "configValue" : [ { "aeOption" : 2, "mask" : 513, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files (x86)\\Imprivata\\OneSign Agent" }, { "configValue" : [ { "aeOption" : 2, "mask" : 513, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Imprivata\\OneSign Agent" }, { "configValue" : [ { "aeOption" : 3, "mask" : 2, "value" : 0 } ], "objectType" : "file", "objectValue" : "C:\\Program Files\\Manufacturer\\Endpoint Agent\\clpbm.dll" }, { "configValue" : [ { "aeOption" : 3, "mask" : 2, "value" : 0 } ], "objectType" : "file", "objectValue" : "C:\\Program Files (x86)\\Manufacturer\\Endpoint Agent\\clpbm.dll" }, { "configValue" : [ { "aeOption" : 6, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files (x86)\\Manufacturer\\Endpoint Agent" }, { "configValue" : [ { "aeOption" : 6, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Manufacturer\\Endpoint Agent" }, { "configValue" : [ { "aeOption" : 6, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files (x86)\\Symantec\\Symantec Endpoint Protection" }, { "configValue" : [ { "aeOption" : 6, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Symantec\\Symantec Endpoint Protection" }, { "configValue" : [ { "aeOption" : 5, "mask" : 1, "value" : 0 } ], "objectType" : "module", "objectValue" : "csvrelay32.dll" }, { "configValue" : [ { "aeOption" : 16, "mask" : 2, "value" : 0 } ], "objectType" : "module", "objectValue" : "a2hooks64.dll" }, { "configValue" : [ { "aeOption" : 16, "mask" : 2, "value" : 0 } ], "objectType" : "module", "objectValue" : "a2hooks32.dll" }, { "configValue" : [ { "aeOption" : 6, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Bitdefender Antivirus Free" }, { "configValue" : [ { "aeOption" : 6, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Bitdefender" }, { "configValue" : [ { "aeOption" : 6, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Bitdefender Agent" }, { "configValue" : [ { "aeOption" : 10, "mask" : 1, "value" : 0 }, { "aeOption" : 13, "mask" : 1, "value" : 0 }, { "aeOption" : 16, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files (x86)\\Trusteer" }, { "configValue" : [ { "aeOption" : 10, "mask" : 1, "value" : 0 }, { "aeOption" : 13, "mask" : 1, "value" : 0 }, { "aeOption" : 16, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Trusteer" }, { "configValue" : [ { "aeOption" : 16, "mask" : 2, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\think-cell" }, { "configValue" : [ { "aeOption" : 16, "mask" : 2, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files (x86)\\think-cell" }, { "configValue" : [ { "aeOption" : 10, "mask" : 4, "value" : 0 }, { "aeOption" : 13, "mask" : 4, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files (x86)\\Mirillis" }, { "configValue" : [ { "aeOption" : 10, "mask" : 4, "value" : 0 }, { "aeOption" : 13, "mask" : 4, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Mirillis" }, { "configValue" : [ { "aeOption" : 11, "mask" : 1, "value" : 0 }, { "aeOption" : 14, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files (x86)\\Mozilla Firefox" }, { "configValue" : [ { "aeOption" : 11, "mask" : 1, "value" : 0 }, { "aeOption" : 14, "mask" : 1, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Mozilla Firefox" }, { "configValue" : [ { "aeOption" : 8, "mask" : 2, "value" : 0 } ], "objectType" : "module", "objectValue" : "Swissarmy.dll" }, { "configValue" : [ { "aeOption" : 16, "mask" : 2, "value" : 0 } ], "objectType" : "module", "objectValue" : "tmmon.dll" }, { "configValue" : [ { "aeOption" : 8, "mask" : 2, "value" : 0 } ], "objectType" : "module", "objectValue" : "mbae.dll" }, { "configValue" : [ { "aeOption" : 8, "mask" : 2, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files (x86)\\Malwarebytes Anti-Exploit" }, { "configValue" : [ { "aeOption" : 8, "mask" : 2, "value" : 0 } ], "objectType" : "folder", "objectValue" : "C:\\Program Files\\Malwarebytes Anti-Exploit" }, { "configValue" : [ { "aeOption" : 16, "mask" : 10, "value" : 0 } ], "objectType" : "module", "objectValue" : "FsMonitor.dll" } ], "dynconfigVersion" : 0, "engineApiConfig" : [ ], "exclusionsVersion" : 0, "exploitFiles" : [ ], "protectedApps" : [ { "AppDisplayName" : "winrar", "AppId" : "1E2880DE-B51B-4680-AC4A-B134BC7BBC1B", "FamilyID" : 1024, "FileName" : "winrar.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "winzip", "AppId" : "22BDABD2-B11C-49C9-A36D-A09155018CBC", "FamilyID" : 1024, "FileName" : "winzip.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "7z", "AppId" : "422E92DE-2DA0-450F-954F-29B9FD54E1CA", "FamilyID" : 1024, "FileName" : "7z.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "7zFM", "AppId" : "19A73B9E-B29E-4780-88AF-66CDE57B9EEE", "FamilyID" : 1024, "FileName" : "7zFM.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "7zG", "AppId" : "840D9666-9E1C-4C75-8A44-539BD1E35866", "FamilyID" : 1024, "FileName" : "7zG.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "S7Z", "AppId" : "842CA774-45A0-414F-B82C-CBA6FFCB5120", "FamilyID" : 1024, "FileName" : "S7Z.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "7zextractor", "AppId" : "B30E680C-E5DC-4DE7-8366-4781094E4A21", "FamilyID" : 1024, "FileName" : "7zextractor.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Winzip32", "AppId" : "8E365AD3-8E8B-4379-90E2-72D457EE3144", "FamilyID" : 1024, "FileName" : "Winzip32.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Winzip64", "AppId" : "7360668C-EDC2-47DC-9008-5418ED866E03", "FamilyID" : 1024, "FileName" : "Winzip64.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "wzdisktools", "AppId" : "80C3B7F1-A1F8-4400-83C2-C67D557A7240", "FamilyID" : 1024, "FileName" : "wzdisktools.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "winzipss", "AppId" : "0DD44506-8379-49BA-9652-23E8D74EB3DA", "FamilyID" : 1024, "FileName" : "winzipss.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "cmd", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264300", "FamilyID" : 128, "FileName" : "cmd.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Windows Help", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264301", "FamilyID" : 16, "FileName" : "winhlp32.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "mshta", "AppId" : "64B028EB-F36C-4111-852C-E04C2FB744E7", "FamilyID" : 128, "FileName" : "mshta.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Windows Script Host", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264302", "FamilyID" : 16, "FileName" : "wscript.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Console Based Script Host", "AppId" : "25FC8D8B-C432-47F3-83EC-945037341123", "FamilyID" : 2048, "FileName" : "cscript.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Power Shell", "AppId" : "B555B305-41DD-4F7D-B04B-637560FD48CA", "FamilyID" : 2048, "FileName" : "powershell.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Background Intelligent Service", "AppId" : "7E2EE5DA-A560-4AB1-83E7-6032403AE152", "FamilyID" : 2048, "FileName" : "bitsadmin.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Certification Authority Utility", "AppId" : "6E99344A-58CD-4939-9ACF-BD9C554E83F6", "FamilyID" : 2048, "FileName" : "certutil.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "QuickTime Player", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264303", "FamilyID" : 4, "FileName" : "quicktimeplayer.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Winamp Player", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264304", "FamilyID" : 4, "FileName" : "winamp.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "VLC Player", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264305", "FamilyID" : 4, "FileName" : "vlc.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Windows Media Player (mplayer2)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264306", "FamilyID" : 4, "FileName" : "mplayer2.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Windows Media Player (wmplayer)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264307", "FamilyID" : 4, "FileName" : "wmplayer.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Office PowerPoint", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264308", "FamilyID" : 2, "FileName" : "powerpnt.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Office Excel", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264309", "FamilyID" : 2, "FileName" : "excel.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Office Excel", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826430A", "FamilyID" : 2, "FileName" : "excelc.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Office Word", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826430B", "FamilyID" : 2, "FileName" : "winword.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Office Word", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826430C", "FamilyID" : 2, "FileName" : "winwordc.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Office Publisher", "AppId" : "EDC1090B-6722-4B97-9C1E-A0637C9297F2", "FamilyID" : 2, "FileName" : "mspub.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Equation Editor", "AppId" : "17088910-AD3F-4227-8AAA-6DBE0ED86427", "FamilyID" : 2, "FileName" : "eqnedt32.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "LibreOffice", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826430D", "FamilyID" : 2, "FileName" : "soffice.bin", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Foxit Reader", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826430E", "FamilyID" : 8, "FileName" : "foxitreader.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Foxit Reader", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826430F", "FamilyID" : 8, "FileName" : "foxit reader.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Foxit Phantom", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264310", "FamilyID" : 8, "FileName" : "Foxit PhantomPDF.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Foxit Phantom", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264311", "FamilyID" : 8, "FileName" : "FoxitPhantomPDF.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Adobe Reader", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264312", "FamilyID" : 8, "FileName" : "acrord32.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Adobe Acrobat", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264313", "FamilyID" : 8, "FileName" : "acrobat.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Java", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264314", "FamilyID" : 32, "FileName" : "java.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Java", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264315", "FamilyID" : 32, "FileName" : "javaw.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Java", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264316", "FamilyID" : 32, "FileName" : "javaws.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Comodo Dragon", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264317", "FamilyID" : 512, "FileName" : "dragon.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Waterfox", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264318", "FamilyID" : 1, "FileName" : "waterfox.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Tor Browser", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264319", "FamilyID" : 1, "FileName" : "tor.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Tor Browser", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826431A", "FamilyID" : 1, "FileName" : "tbb-firefox.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Palemoon", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826431B", "FamilyID" : 1, "FileName" : "palemoon.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Cyberfox", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826431C", "FamilyID" : 1, "FileName" : "cyberfox.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "IceDragon", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826431D", "FamilyID" : 1, "FileName" : "icedragon.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Seamonkey", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826431E", "FamilyID" : 1, "FileName" : "seamonkey.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Maxthon", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826431F", "FamilyID" : 1, "FileName" : "maxthon.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Maxthon", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264320", "FamilyID" : 1, "FileName" : "mxapploader.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Opera (and plug-ins)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264321", "FamilyID" : 512, "FileName" : "opera.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Opera (and plug-ins)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264322", "FamilyID" : 512, "FileName" : "opera_plugin_wrapper.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Opera (and plug-ins)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264323", "FamilyID" : 512, "FileName" : "opera_wrapper_32.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Internet Explorer (and add-ons)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264324", "FamilyID" : 1, "FileName" : "iexplore.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Mozilla Firefox (and add-ons)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264329", "FamilyID" : 1, "FileName" : "firefox.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Mozilla Firefox (and add-ons)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826432A", "FamilyID" : 1, "FileName" : "plugin-container.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Mozilla Firefox (and add-ons)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826432B", "FamilyID" : 1, "FileName" : "FlashPlayerPlugin*.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Help and Support Center", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826432C", "FamilyID" : 16, "FileName" : "helpctr.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Malwarebytes Anti-Exploit Test", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F6826432D", "FamilyID" : 64, "FileName" : "mbae-test.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "svchost.exe", "AppId" : "FE93E3E7-8C8F-476E-9B93-CF49C6AFE303", "FamilyID" : 256, "FileName" : "svchost.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Forfiles Utility", "AppId" : "874A5836-10DB-455C-A7B7-D47C6B52BF65", "FamilyID" : 2048, "FileName" : "forfiles.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Access", "AppId" : "CA29B248-F75C-4C9A-8D3F-4C34D5B8157C", "FamilyID" : 2, "FileName" : "msaccess.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Java Process Launcher", "AppId" : "8C70A267-11FD-4379-AB66-859E70B56322", "FamilyID" : 32, "FileName" : "jp2launcher.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Edge (and add-ons)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264325", "FamilyID" : 1, "FileName" : "MicrosoftEdge.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Edge (and add-ons)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264326", "FamilyID" : 1, "FileName" : "MicrosoftEdgeCP.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Edge (Chromium based)", "AppId" : "CF8C4017-645F-4EF7-BF74-7E043AF596CB", "FamilyID" : 512, "FileName" : "msedge.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Google Chrome (and plug-ins)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264327", "FamilyID" : 512, "FileName" : "chrome.exe", "Hidden" : false, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Google Chrome (and plug-ins)", "AppId" : "04657AB6-7CE0-4DB8-A183-C82F68264328", "FamilyID" : 512, "FileName" : "old_chrome.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Outlook", "AppId" : "77BD63D5-BF45-4FB9-8E5D-4B3E075709A3", "FamilyID" : 8192, "FileName" : "outlook.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Microsoft Outlook Express", "AppId" : "B5EAA459-8486-42AE-80FD-C8C5161888FB", "FamilyID" : 8192, "FileName" : "msimn.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Power Shell Core", "AppId" : "B89A2832-92CE-43B1-9745-BA8413F871A9", "FamilyID" : 2048, "FileName" : "pwsh.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Remote PowerShell", "AppId" : "2E05854C-84A6-4004-BE19-2178DBB4CEA8", "FamilyID" : 16384, "FileName" : "wsmprovhost.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "PsExec Service Host", "AppId" : "022CD829-D64C-45D2-9A2D-7235145D3932", "FamilyID" : 16384, "FileName" : "psexesvc.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Python", "AppId" : "149FA253-C50F-40DE-8255-15D14B51F3CE", "FamilyID" : 16384, "FileName" : "python.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "Python", "AppId" : "C2DFF25E-703E-44B6-AC03-7B613DE016A5", "FamilyID" : 16384, "FileName" : "python3.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "APT Agent", "AppId" : "78A747F2-E146-4EC6-A127-1A0B5132CFDA", "FamilyID" : 16384, "FileName" : "ir_agent.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "APT Agent", "AppId" : "DFAC9E7C-3D35-44F7-A917-CAC1381C4AF6", "FamilyID" : 16384, "FileName" : "splunkd.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false }, { "AppDisplayName" : "ATT&CK", "AppId" : "F62DE7C3-FBC5-482F-ADE5-06FE76AF8CF8", "FamilyID" : 16384, "FileName" : "attckh4ck3r4pt.exe", "Hidden" : true, "Shielded" : true, "UserApp" : false } ], "protectionState" : "disabled", "systemExclusions" : [ ], "userExclusions" : [ ] }