What is pmservice.exe?
pmservice.exe is part of PremierOpinion and developed by VoiceFive, Inc. according to the pmservice.exe version information.
pmservice.exe's description is "PremierOpinion"
pmservice.exe is digitally signed by VoiceFive, Inc..
pmservice.exe is usually located in the 'C:\Program Files (x86)\PremierOpinion\' folder.
Some of the anti-virus scanners at VirusTotal detected pmservice.exe.
If you have additional information about the file, please share it with the FreeFixer users by posting a comment at the bottom of this page.
Vendor and version information [?]
The following is the available information on pmservice.exe:
| Property | Value |
|---|---|
| Product name | PremierOpinion |
| Company name | VoiceFive, Inc. |
| File description | PremierOpinion |
| Legal copyright | Copyright © 2001-2019 |
| Product version | 1.1.24.111 (Build 24.111) |
| File version | 1.1.24.111 (Build 24.111) |
Here's a screenshot of the file properties when displayed by Windows Explorer:
| Product name | PremierOpinion |
| Company name | VoiceFive, Inc. |
| File description | PremierOpinion |
| Legal copyright | Copyright © 2001-2019 |
| Product version | 1.1.24.111 (Build 24.111) |
| File version | 1.1.24.111 (Build 24.111) |
Digital signatures [?]
pmservice.exe has a valid digital signature.
| Property | Value |
|---|---|
| Signer name | VoiceFive, Inc. |
| Certificate issuer name | COMODO RSA Code Signing CA |
| Certificate serial number | 492a13847ad07d0ce774a654b1996d33 |
VirusTotal report
39 of the 70 anti-virus programs at VirusTotal detected the pmservice.exe file. That's a 56% detection rate.
| Scanner | Detection Name |
|---|---|
| Ad-Aware | Application.RelevantKnowledge.BK |
| Alibaba | AdWare:Win32/Generic.a1394b63 |
| Antiy-AVL | GrayWare[AdWare]/Win32.Relevant |
| APEX | Malicious |
| Arcabit | Application.RelevantKnowledge.BK |
| BitDefender | Application.RelevantKnowledge.BK |
| CAT-QuickHeal | PUA.GenericPMF.S5671855 |
| Comodo | Application.Win32.RK.A@5uqfw9 |
| CrowdStrike | win/malicious_confidence_60% (D) |
| Cybereason | malicious.b7e76c |
| Cylance | Unsafe |
| Cyren | W32/Application.BINW-8889 |
| DrWeb | Adware.Relevant.178 |
| Emsisoft | Application.Generic (A) |
| Endgame | malicious (high confidence) |
| ESET-NOD32 | a variant of Win32/Adware.RK |
| FireEye | Application.RelevantKnowledge.BK |
| Fortinet | Riskware/RK |
| GData | Application.RelevantKnowledge.BK |
| Ikarus | PUA.RelevantKnowledge |
| Invincea | heuristic |
| K7AntiVirus | Adware ( 005524301 ) |
| K7GW | Adware ( 005524301 ) |
| Malwarebytes | Adware.Graftor |
| MaxSecure | Trojan.Malware.74329101.susgen |
| Microsoft | PUA:Win32/RelevantKnowledge |
| MicroWorld-eScan | Application.RelevantKnowledge.BK |
| NANO-Antivirus | Riskware.Win32.Relevant.fedcsy |
| Paloalto | generic.ml |
| Panda | PUP/RnkBend |
| Rising | Adware.PremierOpinion!1.B625 (CLASSIC) |
| SentinelOne | DFI - Suspicious PE |
| Sophos | Generic PUA OL (PUA) |
| SUPERAntiSpyware | PUP.PremierOpinion/Variant |
| VBA32 | BScope.Adware.Agent |
| VIPRE | Trojan.Win32.Generic!BT |
| ViRobot | Adware.Relevant.169848 |
| Webroot | W32.Adware.Relevantknowledge |
| Zillya | Adware.RK.Win32.2150 |
Sandbox Report
The following information was gathered by executing the file inside Cuckoo Sandbox.
Summary
Successfully executed process in sandbox.
Summary
{
"regkey_opened": [
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D08D9F98-1C78-4704-87E6-368B0023D831}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1AA5A604-4A87-4E82-BF39-84868DEEDBD3}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{E0D14EFD-5CE1-42C9-97DD-A782D4CF3F07}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2358A6DD-DFCC-4519-90A8-63AD28847171}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{62F41B6D-3DBD-4B7A-81C4-2990CDC7248E}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{C6FDAF89-7622-41CF-BFF9-FF22BF31F207}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F3056526-65FE-47EE-921C-8E9B8E7CA90C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{DB7DEA22-E231-4A21-B42A-BB516846C0D9}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4092B7BC-4BF7-4EA7-9424-259A0E7DC7F6}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D6A666B8-3DFC-480C-9180-B5D3799EDD92}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1C2BE269-40E4-429F-8FB9-F0D5290BCACE}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1B3C34B7-5D93-41E4-A18E-51B930458852}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D76E0199-482B-44F9-9378-F8E28A381113}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{775953C1-3A9F-4611-BC00-DFC5467F0C54}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{019CA07C-BD0D-47C0-B634-D75122F7B021}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{614C7E53-96AB-4BC9-A1CD-CB7EA8E3E105}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{5EAFDF74-1830-41E8-8AAA-6BABD746C193}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2B089A27-107B-4E0F-AAD3-49EB1EC4CC9B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1AEBCC44-7A6C-43B9-AE5A-A6EE651D67CE}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9CF77345-AC1F-46E5-83FF-79676BEE4D6B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{42CD067F-D483-428D-83BC-437211349927}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{B58783BC-EA15-4926-AA30-61E4A4CF458A}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{E1337A80-C2C5-4D1E-A7D4-63BA8F3A8CE2}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{62B7D2AA-FD89-4A0F-AA7F-B5C61833B791}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{471D551A-F5A7-4430-8973-743EFD95229D}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8BEB81AD-BD55-4107-A862-90514F8BA539}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{B9A87164-61A5-466B-B34C-E1CB9DE00A4B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1213DE8E-90F1-4241-8CB2-3144E29BEA25}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EE088979-9F28-4018-AD3E-844F14B6C5F2}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F84D74B5-B250-456A-8073-CDADC5D48361}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0541A37A-F396-4B41-AC58-E76B37A4B318}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{16DEB351-9F67-482F-A05C-FAA9BF84AB90}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1C7EFC54-1525-4F7A-AFF5-45F6856DAF38}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2D90094B-3E3E-43E6-89BA-C6CDF84A8EED}",
"HKEY_LOCAL_MACHINE\\Config\\OSSProxy\\Settings",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0D55996C-A60C-459D-A3D3-562E95CA7083}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{A660C7AE-A5D9-4CBC-AF6F-535045AF22BE}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D1218F58-84BE-4190-B636-19845F02986C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F50BC8DC-2EE0-46D3-BCD4-247FA737E62A}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{C476DA41-4B0D-4CF7-A3B5-37C375DA358B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4074CE24-9A24-4378-AE40-B45061183E82}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{759AC2C0-AE8A-4407-8118-3C6D1CAF5734}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8AA55F28-ED54-4DE4-8954-30CF1B0BE72C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F9C693C2-E135-40F9-905D-7081A92A6EA4}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{CAA9F3C8-4F91-45C1-8487-2219C26219E9}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{AF3A4F65-267F-4774-A676-8204722D2456}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6AC4C165-4857-48CF-9877-65E283DDE598}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{A71B1608-0DE3-445D-AFC1-16CC74422A9E}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0730F573-EC62-4935-8427-06FFAFAA1980}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F76F85EC-C350-441B-A77F-938D5AE7D50A}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{DDD7448D-B411-42AF-85CB-CC51958B0F6F}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{233CABE3-7257-4122-B48B-A5B1B16B26D4}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{3D1FD035-DB90-47EF-B1EF-EB05B51680A3}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{A1EDB681-9002-4E83-9074-98848F56BAAF}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F4A143BF-F9D8-40F8-8567-A84D638162CD}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D1F0F240-B69A-4FBA-80A1-83AC2A18A68F}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{BA11561E-F0C3-4E6B-9548-79EF48CC4087}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6DE36A52-6197-4E69-9F7A-4BA26D337FC1}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{32F66531-E188-4D2D-BB57-F36725963FD7}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2A0DA165-889B-4900-A115-08CF0140EF7B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{E88DB089-EC39-485C-86C0-984F216ADB7C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EC5B1160-4918-4D15-8E27-F27A1F1F6042}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8EDF80B6-2926-4737-981F-5FD7EC9BF662}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{ACD16646-870D-46FE-B0AF-B444D17E6CCB}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{13800EE5-D499-4B30-8D91-E0F7A45D59CE}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{3B9D6392-D0BD-4D9B-91F5-D8F092969FC7}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{309A6371-94E6-44E4-AFBF-DF56403A63B1}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{63D905C0-5721-440C-84E2-A7E08ABCE6D1}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{E03D8272-A1C3-474A-A605-6770456FB491}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{7BDEA6CE-A04D-4E40-B656-15D87DAD37D7}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{DED643D8-9233-49F6-8C4A-57C71907965C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F5866320-5059-43D6-9E29-7789332A0D17}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{15D612DF-D417-4CDA-B8B5-94F47BA21313}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2CBD1BB3-9AC7-4D7F-9023-8A3E8DFB841A}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2EBFCBCE-855B-4275-BB14-B1389BBB23A1}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{5B35D2F8-2082-4CFA-A9DF-F6E28464BD40}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{AC76930B-8C77-4A64-991C-B2AC308A8425}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{BFB84C8A-F53C-4CDC-A9C7-6E79EBD9BD9D}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{5E34AAB5-C68C-450B-B135-C0280D7DCAD8}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{7C4B369F-E660-40DF-9329-289886054297}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{FB41DEA8-8966-4579-B330-D2CD9A015A41}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EB89B364-CF98-4D30-9B22-789EBEE1F6B1}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{362B5D37-5278-4714-94E0-00BA0CFC371A}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{BFF31CBB-0666-451F-B963-0156AE13F9A6}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{3579C468-F59F-4726-8460-0AEB416E3086}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9628510F-B692-4D05-B126-6092DE4E6B8E}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{7F7849F8-C998-4DDC-B199-776AFD5D1BB9}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1A8B4CCF-4F49-4210-89E3-4B31141493B0}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F1A9B85F-E717-442B-92E2-C1EBB180089E}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{114912A3-69FA-4B4D-A77B-1D74D959CCE4}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{66ED044A-0E4F-40BA-BEE2-AE9314A85DFA}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{02CF1D86-3DED-457C-BEEF-17F69673438F}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{C1600B9A-7879-4C37-84BB-7AE3095D2E2F}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EEB86AEF-4A5D-4B75-9D74-F16D438FC286}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2DD5AEDE-3A56-4B0B-BE92-574AF29FAA45}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6A347828-BBC8-4344-B2A3-37B3B920DC62}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{B144A578-63B8-4365-A90E-5D205450D74B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{295EEAB0-AD85-44F5-B985-DC96E62C23E7}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9617031D-0585-414A-BFAC-A31C3D2BE037}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{58E5D5A3-4112-4E73-9C29-8F8EFB70920C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{464F37A9-D4C2-407A-B197-F1066BCBCFAD}"
],
"regkey_read": [
"\\ServiceName",
"\\nus"
]
}Generic
[
{
"process_path": "C:\\Users\\cuck\\AppData\\Local\\Temp\\c63062142c765cf9ae95e36063f85f000fd8f9c2a0e8509f584dae0c296a2c5b.bin",
"process_name": "c63062142c765cf9ae95e36063f85f000fd8f9c2a0e8509f584dae0c296a2c5b.bin",
"pid": 2816,
"summary": {
"regkey_opened": [
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D08D9F98-1C78-4704-87E6-368B0023D831}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1AA5A604-4A87-4E82-BF39-84868DEEDBD3}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{E0D14EFD-5CE1-42C9-97DD-A782D4CF3F07}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2358A6DD-DFCC-4519-90A8-63AD28847171}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{62F41B6D-3DBD-4B7A-81C4-2990CDC7248E}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{C6FDAF89-7622-41CF-BFF9-FF22BF31F207}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F3056526-65FE-47EE-921C-8E9B8E7CA90C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{DB7DEA22-E231-4A21-B42A-BB516846C0D9}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4092B7BC-4BF7-4EA7-9424-259A0E7DC7F6}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D6A666B8-3DFC-480C-9180-B5D3799EDD92}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1C2BE269-40E4-429F-8FB9-F0D5290BCACE}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1B3C34B7-5D93-41E4-A18E-51B930458852}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D76E0199-482B-44F9-9378-F8E28A381113}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{775953C1-3A9F-4611-BC00-DFC5467F0C54}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{019CA07C-BD0D-47C0-B634-D75122F7B021}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{614C7E53-96AB-4BC9-A1CD-CB7EA8E3E105}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{5EAFDF74-1830-41E8-8AAA-6BABD746C193}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2B089A27-107B-4E0F-AAD3-49EB1EC4CC9B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1AEBCC44-7A6C-43B9-AE5A-A6EE651D67CE}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9CF77345-AC1F-46E5-83FF-79676BEE4D6B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{42CD067F-D483-428D-83BC-437211349927}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{B58783BC-EA15-4926-AA30-61E4A4CF458A}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{E1337A80-C2C5-4D1E-A7D4-63BA8F3A8CE2}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{62B7D2AA-FD89-4A0F-AA7F-B5C61833B791}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{471D551A-F5A7-4430-8973-743EFD95229D}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8BEB81AD-BD55-4107-A862-90514F8BA539}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{B9A87164-61A5-466B-B34C-E1CB9DE00A4B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1213DE8E-90F1-4241-8CB2-3144E29BEA25}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EE088979-9F28-4018-AD3E-844F14B6C5F2}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F84D74B5-B250-456A-8073-CDADC5D48361}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0541A37A-F396-4B41-AC58-E76B37A4B318}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{16DEB351-9F67-482F-A05C-FAA9BF84AB90}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1C7EFC54-1525-4F7A-AFF5-45F6856DAF38}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2D90094B-3E3E-43E6-89BA-C6CDF84A8EED}",
"HKEY_LOCAL_MACHINE\\Config\\OSSProxy\\Settings",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0D55996C-A60C-459D-A3D3-562E95CA7083}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{A660C7AE-A5D9-4CBC-AF6F-535045AF22BE}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D1218F58-84BE-4190-B636-19845F02986C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F50BC8DC-2EE0-46D3-BCD4-247FA737E62A}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{C476DA41-4B0D-4CF7-A3B5-37C375DA358B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4074CE24-9A24-4378-AE40-B45061183E82}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{759AC2C0-AE8A-4407-8118-3C6D1CAF5734}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8AA55F28-ED54-4DE4-8954-30CF1B0BE72C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F9C693C2-E135-40F9-905D-7081A92A6EA4}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{CAA9F3C8-4F91-45C1-8487-2219C26219E9}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{AF3A4F65-267F-4774-A676-8204722D2456}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6AC4C165-4857-48CF-9877-65E283DDE598}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{A71B1608-0DE3-445D-AFC1-16CC74422A9E}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0730F573-EC62-4935-8427-06FFAFAA1980}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F76F85EC-C350-441B-A77F-938D5AE7D50A}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{DDD7448D-B411-42AF-85CB-CC51958B0F6F}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{233CABE3-7257-4122-B48B-A5B1B16B26D4}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{3D1FD035-DB90-47EF-B1EF-EB05B51680A3}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{A1EDB681-9002-4E83-9074-98848F56BAAF}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F4A143BF-F9D8-40F8-8567-A84D638162CD}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D1F0F240-B69A-4FBA-80A1-83AC2A18A68F}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{BA11561E-F0C3-4E6B-9548-79EF48CC4087}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6DE36A52-6197-4E69-9F7A-4BA26D337FC1}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{32F66531-E188-4D2D-BB57-F36725963FD7}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2A0DA165-889B-4900-A115-08CF0140EF7B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{E88DB089-EC39-485C-86C0-984F216ADB7C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EC5B1160-4918-4D15-8E27-F27A1F1F6042}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8EDF80B6-2926-4737-981F-5FD7EC9BF662}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{ACD16646-870D-46FE-B0AF-B444D17E6CCB}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{13800EE5-D499-4B30-8D91-E0F7A45D59CE}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{3B9D6392-D0BD-4D9B-91F5-D8F092969FC7}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{309A6371-94E6-44E4-AFBF-DF56403A63B1}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{63D905C0-5721-440C-84E2-A7E08ABCE6D1}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{E03D8272-A1C3-474A-A605-6770456FB491}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{7BDEA6CE-A04D-4E40-B656-15D87DAD37D7}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{DED643D8-9233-49F6-8C4A-57C71907965C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F5866320-5059-43D6-9E29-7789332A0D17}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{15D612DF-D417-4CDA-B8B5-94F47BA21313}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2CBD1BB3-9AC7-4D7F-9023-8A3E8DFB841A}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2EBFCBCE-855B-4275-BB14-B1389BBB23A1}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{5B35D2F8-2082-4CFA-A9DF-F6E28464BD40}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{AC76930B-8C77-4A64-991C-B2AC308A8425}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{BFB84C8A-F53C-4CDC-A9C7-6E79EBD9BD9D}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{5E34AAB5-C68C-450B-B135-C0280D7DCAD8}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{7C4B369F-E660-40DF-9329-289886054297}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{FB41DEA8-8966-4579-B330-D2CD9A015A41}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EB89B364-CF98-4D30-9B22-789EBEE1F6B1}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{362B5D37-5278-4714-94E0-00BA0CFC371A}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{BFF31CBB-0666-451F-B963-0156AE13F9A6}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{3579C468-F59F-4726-8460-0AEB416E3086}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9628510F-B692-4D05-B126-6092DE4E6B8E}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{7F7849F8-C998-4DDC-B199-776AFD5D1BB9}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1A8B4CCF-4F49-4210-89E3-4B31141493B0}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F1A9B85F-E717-442B-92E2-C1EBB180089E}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{114912A3-69FA-4B4D-A77B-1D74D959CCE4}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{66ED044A-0E4F-40BA-BEE2-AE9314A85DFA}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{02CF1D86-3DED-457C-BEEF-17F69673438F}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{C1600B9A-7879-4C37-84BB-7AE3095D2E2F}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EEB86AEF-4A5D-4B75-9D74-F16D438FC286}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2DD5AEDE-3A56-4B0B-BE92-574AF29FAA45}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6A347828-BBC8-4344-B2A3-37B3B920DC62}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{B144A578-63B8-4365-A90E-5D205450D74B}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{295EEAB0-AD85-44F5-B985-DC96E62C23E7}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9617031D-0585-414A-BFAC-A31C3D2BE037}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{58E5D5A3-4112-4E73-9C29-8F8EFB70920C}",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{464F37A9-D4C2-407A-B197-F1066BCBCFAD}"
],
"regkey_read": [
"\\ServiceName",
"\\nus"
]
},
"first_seen": 1566085985.7031,
"ppid": 2016
},
{
"process_path": "C:\\Windows\\System32\\lsass.exe",
"process_name": "lsass.exe",
"pid": 476,
"summary": {},
"first_seen": 1566085985.3438,
"ppid": 376
}
]Signatures
[
{
"markcount": 1,
"families": [],
"description": "This executable has a PDB path",
"severity": 1,
"marks": [
{
"category": "pdb_path",
"ioc": "d:\\src\\v1.3.338\\Client\\OSSService\\SmallStandalone\\OSSService.pdb",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "has_pdb"
},
{
"markcount": 100,
"families": [],
"description": "Queries for potentially installed applications",
"severity": 2,
"marks": [
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F76F85EC-C350-441B-A77F-938D5AE7D50A}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F76F85EC-C350-441B-A77F-938D5AE7D50A}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 36
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8EDF80B6-2926-4737-981F-5FD7EC9BF662}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8EDF80B6-2926-4737-981F-5FD7EC9BF662}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 37
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{DB7DEA22-E231-4A21-B42A-BB516846C0D9}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{DB7DEA22-E231-4A21-B42A-BB516846C0D9}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 38
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{15D612DF-D417-4CDA-B8B5-94F47BA21313}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{15D612DF-D417-4CDA-B8B5-94F47BA21313}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 39
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2B089A27-107B-4E0F-AAD3-49EB1EC4CC9B}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2B089A27-107B-4E0F-AAD3-49EB1EC4CC9B}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 40
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6AC4C165-4857-48CF-9877-65E283DDE598}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6AC4C165-4857-48CF-9877-65E283DDE598}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 41
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{A71B1608-0DE3-445D-AFC1-16CC74422A9E}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{A71B1608-0DE3-445D-AFC1-16CC74422A9E}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 42
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D08D9F98-1C78-4704-87E6-368B0023D831}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D08D9F98-1C78-4704-87E6-368B0023D831}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 43
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1C2BE269-40E4-429F-8FB9-F0D5290BCACE}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1C2BE269-40E4-429F-8FB9-F0D5290BCACE}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 44
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9628510F-B692-4D05-B126-6092DE4E6B8E}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9628510F-B692-4D05-B126-6092DE4E6B8E}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 45
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EEB86AEF-4A5D-4B75-9D74-F16D438FC286}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EEB86AEF-4A5D-4B75-9D74-F16D438FC286}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 46
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{614C7E53-96AB-4BC9-A1CD-CB7EA8E3E105}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{614C7E53-96AB-4BC9-A1CD-CB7EA8E3E105}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 47
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{02CF1D86-3DED-457C-BEEF-17F69673438F}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{02CF1D86-3DED-457C-BEEF-17F69673438F}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 48
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1B3C34B7-5D93-41E4-A18E-51B930458852}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1B3C34B7-5D93-41E4-A18E-51B930458852}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 49
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{62F41B6D-3DBD-4B7A-81C4-2990CDC7248E}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{62F41B6D-3DBD-4B7A-81C4-2990CDC7248E}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 50
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D6A666B8-3DFC-480C-9180-B5D3799EDD92}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D6A666B8-3DFC-480C-9180-B5D3799EDD92}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 51
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2358A6DD-DFCC-4519-90A8-63AD28847171}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2358A6DD-DFCC-4519-90A8-63AD28847171}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 52
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2D90094B-3E3E-43E6-89BA-C6CDF84A8EED}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2D90094B-3E3E-43E6-89BA-C6CDF84A8EED}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 53
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D1F0F240-B69A-4FBA-80A1-83AC2A18A68F}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D1F0F240-B69A-4FBA-80A1-83AC2A18A68F}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 54
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F50BC8DC-2EE0-46D3-BCD4-247FA737E62A}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{F50BC8DC-2EE0-46D3-BCD4-247FA737E62A}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 55
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8AA55F28-ED54-4DE4-8954-30CF1B0BE72C}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8AA55F28-ED54-4DE4-8954-30CF1B0BE72C}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 56
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6A347828-BBC8-4344-B2A3-37B3B920DC62}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6A347828-BBC8-4344-B2A3-37B3B920DC62}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 57
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9CF77345-AC1F-46E5-83FF-79676BEE4D6B}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9CF77345-AC1F-46E5-83FF-79676BEE4D6B}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 58
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D76E0199-482B-44F9-9378-F8E28A381113}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D76E0199-482B-44F9-9378-F8E28A381113}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 59
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{42CD067F-D483-428D-83BC-437211349927}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{42CD067F-D483-428D-83BC-437211349927}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 60
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2DD5AEDE-3A56-4B0B-BE92-574AF29FAA45}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2DD5AEDE-3A56-4B0B-BE92-574AF29FAA45}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 61
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0541A37A-F396-4B41-AC58-E76B37A4B318}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0541A37A-F396-4B41-AC58-E76B37A4B318}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 62
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1213DE8E-90F1-4241-8CB2-3144E29BEA25}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1213DE8E-90F1-4241-8CB2-3144E29BEA25}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 63
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{295EEAB0-AD85-44F5-B985-DC96E62C23E7}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{295EEAB0-AD85-44F5-B985-DC96E62C23E7}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 64
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{63D905C0-5721-440C-84E2-A7E08ABCE6D1}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{63D905C0-5721-440C-84E2-A7E08ABCE6D1}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 65
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{114912A3-69FA-4B4D-A77B-1D74D959CCE4}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{114912A3-69FA-4B4D-A77B-1D74D959CCE4}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 66
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EB89B364-CF98-4D30-9B22-789EBEE1F6B1}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EB89B364-CF98-4D30-9B22-789EBEE1F6B1}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 67
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4092B7BC-4BF7-4EA7-9424-259A0E7DC7F6}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4092B7BC-4BF7-4EA7-9424-259A0E7DC7F6}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 68
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{32F66531-E188-4D2D-BB57-F36725963FD7}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{32F66531-E188-4D2D-BB57-F36725963FD7}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 69
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{3579C468-F59F-4726-8460-0AEB416E3086}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{3579C468-F59F-4726-8460-0AEB416E3086}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 70
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{233CABE3-7257-4122-B48B-A5B1B16B26D4}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{233CABE3-7257-4122-B48B-A5B1B16B26D4}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 71
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{FB41DEA8-8966-4579-B330-D2CD9A015A41}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{FB41DEA8-8966-4579-B330-D2CD9A015A41}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 72
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9617031D-0585-414A-BFAC-A31C3D2BE037}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{9617031D-0585-414A-BFAC-A31C3D2BE037}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 73
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{464F37A9-D4C2-407A-B197-F1066BCBCFAD}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{464F37A9-D4C2-407A-B197-F1066BCBCFAD}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 74
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{ACD16646-870D-46FE-B0AF-B444D17E6CCB}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{ACD16646-870D-46FE-B0AF-B444D17E6CCB}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 75
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{019CA07C-BD0D-47C0-B634-D75122F7B021}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{019CA07C-BD0D-47C0-B634-D75122F7B021}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 76
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{3B9D6392-D0BD-4D9B-91F5-D8F092969FC7}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{3B9D6392-D0BD-4D9B-91F5-D8F092969FC7}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 77
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EC5B1160-4918-4D15-8E27-F27A1F1F6042}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{EC5B1160-4918-4D15-8E27-F27A1F1F6042}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 78
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{471D551A-F5A7-4430-8973-743EFD95229D}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{471D551A-F5A7-4430-8973-743EFD95229D}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 79
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{7C4B369F-E660-40DF-9329-289886054297}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{7C4B369F-E660-40DF-9329-289886054297}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 80
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{5EAFDF74-1830-41E8-8AAA-6BABD746C193}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{5EAFDF74-1830-41E8-8AAA-6BABD746C193}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 81
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4074CE24-9A24-4378-AE40-B45061183E82}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4074CE24-9A24-4378-AE40-B45061183E82}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 82
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{C6FDAF89-7622-41CF-BFF9-FF22BF31F207}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{C6FDAF89-7622-41CF-BFF9-FF22BF31F207}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 83
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{775953C1-3A9F-4611-BC00-DFC5467F0C54}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{775953C1-3A9F-4611-BC00-DFC5467F0C54}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 84
},
{
"call": {
"category": "registry",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "RegOpenKeyExW",
"return_value": 2,
"arguments": {
"access": "0x00020019",
"base_handle": "0x80000002",
"key_handle": "0x00000000",
"regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{5B35D2F8-2082-4CFA-A9DF-F6E28464BD40}",
"regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{5B35D2F8-2082-4CFA-A9DF-F6E28464BD40}",
"options": 0
},
"time": 1566085985.7661,
"tid": 2420,
"flags": {}
},
"pid": 2816,
"type": "call",
"cid": 85
}
],
"references": [],
"name": "queries_programs"
}
]Yara
The Yara rules did not detect anything in the file.
Network
{
"tls": [],
"udp": [
{
"src": "192.168.56.101",
"dst": "192.168.56.255",
"offset": 662,
"time": 6.3539929389954,
"dport": 137,
"sport": 137
},
{
"src": "192.168.56.101",
"dst": "192.168.56.255",
"offset": 5342,
"time": 12.399194002151,
"dport": 138,
"sport": 138
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 7186,
"time": 6.2007210254669,
"dport": 5355,
"sport": 51001
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 7514,
"time": 4.1570479869843,
"dport": 5355,
"sport": 53595
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 7842,
"time": 6.274631023407,
"dport": 5355,
"sport": 53848
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 8170,
"time": 4.6712989807129,
"dport": 5355,
"sport": 54255
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 8498,
"time": 3.0426239967346,
"dport": 5355,
"sport": 55314
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 8826,
"time": 4.6676509380341,
"dport": 1900,
"sport": 1900
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 28236,
"time": 4.1770598888397,
"dport": 3702,
"sport": 49152
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 36620,
"time": 6.2768788337708,
"dport": 1900,
"sport": 53598
}
],
"dns_servers": [],
"http": [],
"icmp": [],
"smtp": [],
"tcp": [],
"smtp_ex": [],
"mitm": [],
"hosts": [],
"pcap_sha256": "35d34707b18bd367c241fe99eef7e791a41e57f20ec82ac00c08071e41cc7066",
"dns": [],
"http_ex": [],
"domains": [],
"dead_hosts": [],
"sorted_pcap_sha256": "2b34ee8697a6578081d3acc9453c655bee903cd5b0cc7f2b77a5d9c868236843",
"irc": [],
"https_ex": []
}Screenshots
pmservice.exe removal instructions
The instructions below shows how to remove pmservice.exe with help from the FreeFixer removal tool. Basically, you install FreeFixer, scan your computer, check the pmservice.exe file for removal, restart your computer and scan it again to verify that pmservice.exe has been successfully removed. Here are the removal instructions in more detail:
- Download and install FreeFixer: http://www.freefixer.com/download.html
- Start FreeFixer and press the Start Scan button. The scan will finish in approximately five minutes.
- When the scan is finished, locate pmservice.exe in the scan result and tick the checkbox next to the pmservice.exe file. Do not check any other file for removal unless you are 100% sure you want to delete it. Tip: Press CTRL-F to open up FreeFixer's search dialog to quickly locate pmservice.exe in the scan result.
C:\Program Files (x86)\PremierOpinion\pmservice.exe 
- Scroll down to the bottom of the scan result and press the Fix button. FreeFixer will now delete the pmservice.exe file.
- Restart your computer.
- Start FreeFixer and scan your computer again. If pmservice.exe still remains in the scan result, proceed with the next step. If pmservice.exe is gone from the scan result you're done.
- If pmservice.exe still remains in the scan result, check its checkbox again in the scan result and click Fix.
- Restart your computer.
- Start FreeFixer and scan your computer again. Verify that pmservice.exe no longer appear in the scan result.
Folder name variants
pmservice.exe may also be located in other folders than C:\Program Files (x86)\PremierOpinion\. The most common variants are listed below:
- C:\Program Files\PremierOpinion\
Hashes [?]
| Property | Value |
|---|---|
| MD5 | 66b3990b7e76c23bbca1e20f821bb923 |
| SHA256 | c63062142c765cf9ae95e36063f85f000fd8f9c2a0e8509f584dae0c296a2c5b |
Error Messages
These are some of the error messages that can appear related to pmservice.exe:
pmservice.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
pmservice.exe - Application Error. The instruction at "0xXXXXXXXX" referenced memory at "0xXXXXXXXX". The memory could not be "read/written". Click on OK to terminate the program.
PremierOpinion has stopped working.
End Program - pmservice.exe. This program is not responding.
pmservice.exe is not a valid Win32 application.
pmservice.exe - Application Error. The application failed to initialize properly (0xXXXXXXXX). Click OK to terminate the application.
What will you do with pmservice.exe?
To help other users, please let us know what you will do with pmservice.exe:
What did other users do?
The poll result listed below shows what users chose to do with pmservice.exe. 100% have voted for removal. Based on votes from 2 users.
| Votes | |||
|---|---|---|---|
| Keep | 0 % | 0 | |
| Remove | 100 % | 2 |
NOTE: Please do not use this poll as the only source of input to determine what you will do with pmservice.exe. Only 2 users has voted so far so it does not offer a high degree of confidence.
Comments
Please share with the other users what you think about this file. What does this file do? Is it legitimate or something that your computer is better without? Do you know how it was installed on your system? Did you install it yourself or did it come bundled with some other software? Is it running smoothly or do you get some error message? Any information that will help to document this file is welcome. Thank you for your contributions.
I'm reading all new comments so don't hesitate to post a question about the file. If I don't have the answer perhaps another user can help you.
No comments posted yet.