Analysis Overview
SHA256
a1dd74d7301bf8d504449071142c81113bcd4d0c88fee46e7bacf550495a72bc
Threat Level: Known bad
The file 87936f0b8f079c7f722ab91029cc3f8a was found to be: Known bad.
Malicious Activity Summary
Trickbot
Downloads MZ/PE file
Modifies Installed Components in the registry
Executes dropped EXE
Uses the VBS compiler for execution
Loads dropped DLL
Adds Run key to start application
Checks installed software on the system
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
Unsigned PE
Program crash
Enumerates physical storage devices
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Opens file in notepad (likely ransom note)
Modifies registry class
Enumerates system info in registry
NTFS ADS
Suspicious behavior: LoadsDriver
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-01 21:43
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-01 21:43
Reported
2024-02-01 22:02
Platform
win11-20231215-en
Max time kernel
1050s
Max time network
1049s
Command Line
Signatures
Trickbot
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| Key created | \REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\winrar-x64-624.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO4AB0706B\Virus Maker.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\Free Robux (not a virus).exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\Free Robux (not a virus).exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\Free Robux (not a virus).exe | N/A |
| N/A | N/A | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
Loads dropped DLL
Uses the VBS compiler for execution
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\tv_enua = "RunDll32 advpack.dll,LaunchINFSection C:\\Windows\\INF\\tv_enua.inf, RemoveCabinet" | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
Checks installed software on the system
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\SET5891.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\SysWOW64\SET5891.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\msvcp50.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Options\CheckRuntimes.bat | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page10.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page12.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\Thumbs.db | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Bonzi's Solitaire.vbw | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\t001.nbd | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page6.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\ActiveSkin.ocx | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page12.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page14.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\Thumbs.db | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page4.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page1.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\j3.nbd-SR | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\BG\Bg2.bmp | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Options\test.vbs | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page8.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page15.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\book | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\msvcrt.dll | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\T001.nbd-SR | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page5.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page3.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\msvbvm60.dll | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb005.gif | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page16.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page12.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\sites.nbd | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page1.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\book | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Reg.nbd | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Options\menu.bat | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp005.gif | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\book | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page8.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page9.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page10.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page20.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page4.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\BBReader.EXE | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\CHORD.WAV | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb014.gif | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\MSWINSCK.OCX | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page5.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\msvbvm60.dll | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\RACREG32.DLL | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb009.gif | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Regicon.ocx | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\book | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\p001.nbd | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page10.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page3.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Intro2.wav | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb016.gif | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\BG\Bg2.bmp | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb013.gif | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page10.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb015.gif | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page9.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page7.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\Thumbs.db | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page11.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\J001.nbd-SR | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\lhsp\help\tv_enua.hlp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentDPv.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\intl\SET6C0F.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\intl\SET6C0F.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6C20.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\lhsp\tv\SET587C.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET6BF8.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentAnm.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\help\SET6C0E.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\chars\Bonzi.acs | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Windows\fonts\andmoipa.ttf | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET6BE5.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentSR.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6C0D.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\chars\Peedy.acs | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Windows\lhsp\tv\tv_enua.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\lhsp\tv\tvenuax.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\INF\SET6BFC.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\help\SET587E.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET6BF6.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6BE5.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentSvr.exe | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6BFB.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\intl\Agt0409.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\tv\SET587C.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\lhsp\tv\SET587D.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentPsh.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\help\SET6C0E.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\tv\SET587D.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentCtl.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgtCtl15.tlb | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6BFA.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentMPx.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\INF\agtinst.inf | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6C0D.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\help\Agt0409.hlp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\lhsp\help\SET587E.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\INF\tv_enua.inf | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\chars\Bonzi.acs | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Windows\msagent\chars\Peedy.acs | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| File created | C:\Windows\msagent\SET6BF6.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6BF9.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\INF\SET5890.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\INF\SET5890.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\msagent\SET6BFB.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\INF\SET6BFC.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\fonts\SET587F.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET6BF7.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6BF7.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6C20.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6BFA.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\fonts\SET587F.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET6BE6.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentDp2.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6BF8.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6BE6.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6BF9.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\mslwvtts.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\regsvr32.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{74179610-5A56-11CE-940F-0000C0C14E92}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\ToolboxBitmap32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DD9DA660-8594-11D1-B16A-00C0F0283628}\ = "IComboItem" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{368C5B10-6A0F-11CE-9425-0000C0C14E92}\TypeLib\ = "{E8671A8B-E5DD-11CD-836C-0000C0C14E92}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0A45DB4F-BD0D-11D2-8D14-00104B9E072A}\MiscStatus\ = "0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0A45DB4E-BD0D-11D2-8D14-00104B9E072A}\TypeLib\Version = "2.0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3CD19360-7454-11CE-9430-0000C0C14E92}\ = "SSDateCombo Property Page" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{37DEB788-2D9B-11D3-9DD0-C423E6542E10}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\VersionIndependentProgID | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6B1BE804-567F-11D1-B652-0060976C699F}\MiscStatus\ = "0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\ActiveSkin.COMScript.1\CLSID | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{83C2D7A0-0DE6-11D3-9DCF-9423F1B2561C}\TypeLib\ = "{972DE6B5-8B09-11D2-B652-A1FD6CC34260}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EB52CF7B-3917-11CE-80FB-0000C0C14E92}\TypeLib | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32\ = "C:\\Program Files (x86)\\BonziBuddy432\\MSCOMCTL.OCX" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FE9-1BF9-11D2-BAE8-00104B9E0792}\Implemented Categories | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BF1B5D50-3C5C-48CE-B991-0E86D26F6F5E}\TypeLib | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\ = "Microsoft TreeView Control, version 6.0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.TreeCtrl\ = "Microsoft TreeView Control, version 6.0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D41-2CDD-11D3-9DD0-D3CD4078982A}\MiscStatus\1\ = "139665" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{55DD814E-A1B7-4808-9625-4F75A3FAD8A7}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Control | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.ProgCtrl | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B0913412-3B44-11D1-ACBA-00C04FD97575}\TypeLib\Version = "2.0" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Threed.SSFrame | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FE6-1BF9-11D2-BAE8-00104B9E0792}\Implemented Categories\{1D06B600-3AE3-11CF-87B9-00AA006C8166} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{35053A21-8589-11D1-B16A-00C0F0283628}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FD2-1BF9-11D2-BAE8-00104B9E0792}\TypeLib\ = "{065E6FD1-1BF9-11D2-BAE8-00104B9E0792}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E91E27A2-C5AE-11D2-8D1B-00104B9E072A}\ = "DSSTabPanelControlEvents" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C4ABF875-8100-11D0-AC63-00C04FD97575}\TypeLib | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BB64DF2F-88E4-11D0-9E87-00C04FD7081F}\TreatAs | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{08C75162-3C9C-11D1-91FE-00C04FD701A5}\TypeLib | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\MiscStatus | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6CFC9BA1-FE87-11D2-9DCF-ED29FAFE371D} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0A45DB4E-BD0D-11D2-8D14-00104B9E072A}\TypeLib\Version = "2.0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8B77181C-D3EF-11D1-8500-00C04FA34A14}\TypeLib\ = "{F5BE8BC2-7DE6-11D0-91FE-00C04FD701A5}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{EE11629B-36DF-11D3-9DD0-89D6DBBBA800}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2F5A7562-BDC3-41F8-8122-4A54D2C3C50C}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FDF-1BF9-11D2-BAE8-00104B9E0792}\VersionIndependentProgID | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{14E27A73-69F0-11CE-9425-0000C0C14E92}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{643F1350-1D07-11CE-9E52-0000C0554C0A}\Control\ | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\ActiveSkin.COMScript.1\CLSID\ = "{4F7AE601-0142-11D3-9DCF-89BE4EFB591E}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D41-2CDD-11D3-9DD0-D3CD4078982A}\InprocServer32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{53FA8D4C-2CDD-11D3-9DD0-D3CD4078982A}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6BA90C00-3910-11D1-ACB3-00C04FD97575}\ = "IAgentCommandsEx" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D6589121-FC70-11D0-AC94-00C04FD97575}\TypeLib | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D4A-2CDD-11D3-9DD0-D3CD4078982A}\ToolboxBitmap32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3C6D21D6-7470-4555-A8FB-6C2292B39C46}\Programmable | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FD8-1BF9-11D2-BAE8-00104B9E0792}\Implemented Categories\{40FC6ED9-2438-11CF-A3DB-080036F12502} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C74190B4-8589-11D1-B16A-00C0F0283628}\TypeLib | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FE6-1BF9-11D2-BAE8-00104B9E0792}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{00E212A2-E66D-11CD-836C-0000C0C14E92}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.ListViewCtrl\ = "Microsoft ListView Control, version 6.0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6B976285-3692-11D0-9B8A-0000C0F04C96} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MSWinsock.Winsock | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{14E27A73-69F0-11CE-9425-0000C0C14E92}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FDE-1BF9-11D2-BAE8-00104B9E0792}\TypeLib | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C4ABF875-8100-11D0-AC63-00C04FD97575}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EB52CF7C-3917-11CE-80FB-0000C0C14E92}\TypeLib | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8563FF20-8ECC-11D1-B9B4-00C04FD97575}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E91E27A3-C5AE-11D2-8D1B-00104B9E072A}\VersionIndependentProgID | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SSCalendar.SSDateComboCtrl.1\CLSID | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D4D-2CDD-11D3-9DD0-D3CD4078982A} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 855817.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\wermgr.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\winrar-x64-624.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\winrar-x64-624.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\winrar-x64-624.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO4AB0706B\Virus Maker.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\87936f0b8f079c7f722ab91029cc3f8a.dll
C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\87936f0b8f079c7f722ab91029cc3f8a.dll
C:\Windows\system32\wermgr.exe
C:\Windows\system32\wermgr.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1688 -ip 1688
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1688 -s 556
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffe1e1e3cb8,0x7ffe1e1e3cc8,0x7ffe1e1e3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2652 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5260 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5392 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6644 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3460 /prefetch:8
C:\Users\Admin\Downloads\winrar-x64-624.exe
"C:\Users\Admin\Downloads\winrar-x64-624.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6488 /prefetch:2
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\b0f728009de64fbf83552b649acdd380 /t 1560 /p 2396
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1888 /prefetch:1
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Virus Maker.rar"
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\7zO4AB7950B\readme.txt
C:\Users\Admin\AppData\Local\Temp\7zO4AB0706B\Virus Maker.exe
"C:\Users\Admin\AppData\Local\Temp\7zO4AB0706B\Virus Maker.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe" /noconfig @"C:\Users\Admin\AppData\Local\Temp\itb2xi0d\itb2xi0d.cmdline"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES5225.tmp" "C:\Users\Admin\AppData\Local\Temp\vbcE13192F45602460D8EB92AAA9CC81C66.TMP"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Virus Maker.rar"
C:\Users\Admin\Documents\Free Robux (not a virus).exe
"C:\Users\Admin\Documents\Free Robux (not a virus).exe"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Documents\msg.vbs"
C:\Windows\system32\rundll32.exe
RUNDLL32 USER32.DLL,SwapMouseButton
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\cmd.bat" "
C:\Users\Admin\Documents\Free Robux (not a virus).exe
"C:\Users\Admin\Documents\Free Robux (not a virus).exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\cmd.bat" "
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Documents\msg.vbs"
C:\Windows\system32\rundll32.exe
RUNDLL32 USER32.DLL,SwapMouseButton
C:\Users\Admin\Documents\Free Robux (not a virus).exe
"C:\Users\Admin\Documents\Free Robux (not a virus).exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\cmd.bat" "
C:\Windows\system32\rundll32.exe
RUNDLL32 USER32.DLL,SwapMouseButton
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Documents\msg.vbs"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7360 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8056 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat" "
C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe
tv_enua.exe
C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE
MSAGENT.EXE
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s C:\Windows\lhsp\tv\tv_enua.dll
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s C:\Windows\lhsp\tv\tvenuax.dll
C:\Windows\SysWOW64\grpconv.exe
grpconv.exe -o
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentDPv.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\mslwvtts.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentDP2.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentMPx.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentSR.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentPsh.dll"
C:\Windows\msagent\AgentSvr.exe
"C:\Windows\msagent\AgentSvr.exe" /regserver
C:\Windows\SysWOW64\grpconv.exe
grpconv.exe -o
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentCtl.dll"
C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat" "
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://bonzibuddy.tk/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffe1e1e3cb8,0x7ffe1e1e3cc8,0x7ffe1e1e3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,10014119905718900225,16832299510009491820,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| BR | 143.0.208.20:443 | tcp | |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| BR | 45.239.234.2:443 | tcp | |
| GB | 92.123.128.150:443 | www.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 92.123.128.145:443 | www.bing.com | tcp |
| GB | 92.123.128.145:443 | www.bing.com | tcp |
| GB | 92.123.128.181:443 | th.bing.com | tcp |
| GB | 92.123.128.181:443 | th.bing.com | tcp |
| IE | 20.190.159.71:443 | login.microsoftonline.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 204.79.197.200:443 | www2.bing.com | tcp |
| DE | 51.195.68.162:443 | www.rarlab.com | tcp |
| DE | 51.195.68.162:443 | www.rarlab.com | tcp |
| GB | 96.17.179.184:80 | apps.identrust.com | tcp |
| NA | 196.216.59.174:443 | tcp | |
| TH | 118.173.233.64:443 | tcp | |
| TR | 185.189.55.207:443 | tcp | |
| DE | 51.195.68.162:443 | www.rarlab.com | tcp |
| IT | 185.17.105.236:443 | tcp | |
| BR | 186.225.119.170:443 | tcp | |
| KH | 45.201.136.3:443 | tcp | |
| GB | 92.123.128.149:443 | r.bing.com | tcp |
| KR | 220.82.64.198:443 | tcp | |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| GB | 92.123.128.175:443 | th.bing.com | tcp |
| GB | 92.123.128.175:443 | th.bing.com | tcp |
| IT | 2.238.145.99:443 | www.blackhost.xyz | tcp |
| IT | 2.238.145.99:443 | www.blackhost.xyz | tcp |
| BR | 177.10.90.29:443 | tcp | |
| KR | 119.202.8.249:443 | tcp | |
| BR | 45.239.233.131:443 | tcp | |
| ZA | 41.57.156.203:443 | tcp | |
| PL | 178.216.28.59:443 | tcp | |
| IN | 49.248.217.170:443 | tcp | |
| ID | 222.124.16.74:443 | tcp | |
| PL | 91.237.161.87:443 | tcp | |
| VN | 14.232.161.45:443 | tcp | |
| ZA | 105.30.26.50:443 | tcp | |
| ES | 82.159.149.37:443 | tcp | |
| ID | 202.165.47.106:443 | tcp | |
| VN | 113.160.132.237:443 | 113.160.132.237 | tcp |
| VN | 113.160.132.237:443 | 113.160.132.237 | tcp |
| VN | 113.160.132.237:443 | 113.160.132.237 | tcp |
| IN | 103.122.228.44:443 | tcp | |
| AR | 181.114.215.239:443 | tcp | |
| BR | 200.236.218.62:443 | tcp | |
| DE | 3.64.163.50:443 | bdns.nu | tcp |
| SE | 88.80.20.20:443 | bdns.pro | tcp |
| UA | 194.54.82.12:443 | bdns.pro | tcp |
| RU | 190.115.26.106:443 | bdns.pro | tcp |
| GB | 92.123.128.187:443 | www.bing.com | tcp |
| GB | 92.123.128.187:443 | www.bing.com | tcp |
| GB | 92.123.128.175:443 | th.bing.com | tcp |
| GB | 92.123.128.175:443 | th.bing.com | tcp |
| GB | 92.123.128.174:443 | th.bing.com | tcp |
| GB | 92.123.128.174:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 174.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b-dns.se | udp |
| DE | 3.64.163.50:443 | b-dns.se | tcp |
| US | 8.8.8.8:53 | www.x64bitdownload.com | udp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 8.8.8.8:53 | 187.2.126.209.in-addr.arpa | udp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 8.8.8.8:53 | www.cookieconsent.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 142.250.74.228:443 | www.google.com | tcp |
| US | 172.67.137.186:443 | www.cookieconsent.com | tcp |
| US | 8.8.8.8:53 | www.termsfeed.com | udp |
| US | 104.26.7.160:443 | www.termsfeed.com | tcp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 186.137.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.74.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.7.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.179.250.142.in-addr.arpa | udp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | udp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.74.226:443 | www.googletagservices.com | tcp |
| FR | 142.250.74.228:443 | www.google.com | udp |
| FR | 172.217.18.206:443 | fundingchoicesmessages.google.com | tcp |
| FR | 172.217.18.206:443 | fundingchoicesmessages.google.com | udp |
| FR | 142.250.74.226:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.74.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.20.217.172.in-addr.arpa | udp |
| FR | 172.217.20.161:443 | lh3.googleusercontent.com | tcp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.74.228:443 | www.google.com | udp |
| GB | 23.214.133.66:443 | cxcs.microsoft.net | tcp |
| GB | 92.123.128.170:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | bdns.by | udp |
| US | 8.8.8.8:53 | 66.133.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.128.123.92.in-addr.arpa | udp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | udp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| FR | 142.250.74.228:443 | www.google.com | udp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | udp |
| FR | 172.217.18.206:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| FR | 142.250.74.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| OM | 216.58.209.131:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | secure-download.x64bitdownload.com | udp |
| DE | 138.68.69.109:443 | secure-download.x64bitdownload.com | tcp |
| US | 8.8.8.8:53 | bdns.im | udp |
| US | 8.8.8.8:53 | 131.209.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.69.68.138.in-addr.arpa | udp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| FR | 142.250.74.228:443 | www.google.com | udp |
| DE | 138.68.69.109:443 | secure-download.x64bitdownload.com | tcp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| US | 172.234.25.151:80 | getbonzi.com | tcp |
| US | 172.234.25.151:80 | getbonzi.com | tcp |
| US | 8.8.8.8:53 | ww12.getbonzi.com | udp |
| US | 13.248.148.254:80 | ww12.getbonzi.com | tcp |
| US | 8.8.8.8:53 | parking3.parklogic.com | udp |
| FR | 142.250.74.228:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | d38psrni17bvxu.cloudfront.net | udp |
| US | 45.79.244.209:443 | parking3.parklogic.com | tcp |
| IE | 18.66.168.193:80 | d38psrni17bvxu.cloudfront.net | tcp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| US | 8.8.8.8:53 | 151.25.234.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.148.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.168.66.18.in-addr.arpa | udp |
| FR | 172.217.18.206:443 | www.adsensecustomsearchads.com | tcp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| FR | 172.217.18.206:443 | www.adsensecustomsearchads.com | udp |
| US | 13.248.148.254:80 | ww12.getbonzi.com | tcp |
| US | 8.8.8.8:53 | afs.googleusercontent.com | udp |
| US | 8.8.8.8:53 | bdns.link | udp |
| FR | 172.217.20.161:443 | afs.googleusercontent.com | udp |
| FR | 62.75.198.178:443 | bdns.link | tcp |
| US | 8.8.8.8:53 | 209.244.79.45.in-addr.arpa | udp |
| US | 209.126.2.187:443 | www.x64bitdownload.com | tcp |
| DE | 138.68.69.109:443 | secure-download.x64bitdownload.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 138.68.69.109:443 | secure-download.x64bitdownload.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.175:443 | th.bing.com | tcp |
| GB | 92.123.128.175:443 | th.bing.com | tcp |
| GB | 92.123.128.177:443 | th.bing.com | tcp |
| GB | 92.123.128.177:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 177.128.123.92.in-addr.arpa | udp |
| US | 198.187.29.31:443 | bonzibuddy.org | tcp |
| US | 198.187.29.31:443 | bonzibuddy.org | tcp |
| US | 8.8.8.8:53 | 31.29.187.198.in-addr.arpa | udp |
| US | 198.187.29.31:80 | bonzibuddy.org | tcp |
| US | 198.187.29.31:80 | bonzibuddy.org | tcp |
| DE | 3.64.163.50:443 | b-dns.se | tcp |
| SE | 88.80.20.20:443 | bdns.pro | tcp |
| UA | 194.54.82.12:443 | bdns.pro | tcp |
| RU | 190.115.26.106:443 | bdns.pro | tcp |
| DE | 3.64.163.50:443 | b-dns.se | tcp |
| US | 8.8.8.8:53 | bdns.at | udp |
| US | 8.8.8.8:53 | bdns.by | udp |
| US | 8.8.8.8:53 | bdns.co | udp |
| US | 8.8.8.8:53 | bdns.im | udp |
| US | 8.8.8.8:53 | bonzibuddy.tk | udp |
| US | 104.21.78.241:80 | bonzibuddy.tk | tcp |
| US | 104.21.78.241:80 | bonzibuddy.tk | tcp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | www.twitter.com | udp |
| US | 104.21.78.241:80 | bonzibuddy.tk | tcp |
| US | 104.21.78.241:80 | bonzibuddy.tk | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | 241.78.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.2.101.151.in-addr.arpa | udp |
| FR | 62.75.198.178:443 | bdns.link | tcp |
| BR | 143.0.208.20:443 | tcp | |
| GB | 92.123.128.171:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 171.128.123.92.in-addr.arpa | udp |
Files
memory/1688-0-0x0000000002260000-0x00000000024BD000-memory.dmp
memory/1688-1-0x0000000000AE0000-0x0000000000B20000-memory.dmp
memory/1688-3-0x0000000010000000-0x0000000010003000-memory.dmp
memory/1688-2-0x0000000000990000-0x0000000000991000-memory.dmp
memory/2764-4-0x000001D5ABC30000-0x000001D5ABC31000-memory.dmp
memory/2764-5-0x000001D5AB920000-0x000001D5AB948000-memory.dmp
memory/1688-6-0x0000000000AE0000-0x0000000000B20000-memory.dmp
memory/2764-7-0x000001D5AB920000-0x000001D5AB948000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | bb88128b6b2d63f04c36ce68ed52d0a1 |
| SHA1 | 29cd0515976a9249fc96a9d77c9986238cd1c2da |
| SHA256 | 19341f9fde32349d43cf9951f118ebbff856499e0e6875101eaf2db37a7d7d8b |
| SHA512 | ab3071e116a32fc105a868fe9f3cd11cb282fc6cdc1e101b09c7f6269502f98b34b2f0a2ec32eb2b537073e2b20bd22cefd2fdcd4be87f8b169e6eed3bed1ae7 |
\??\pipe\LOCAL\crashpad_2072_MIAZBPBLGZDNKIMU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5bd3c86dccb3a744c8100dd5e06e3dc3 |
| SHA1 | 62912e90d800e5229ff1f3a54978addca5e67123 |
| SHA256 | 679d3a3f8de218cc555a96fbb2667032634881f875d826471ffc06f85f7032a4 |
| SHA512 | cc14b523c7f3bf27acfa7b4fa76ebbe250a16c99def1c77528e841e042532f31380cf5977463d61c0a1ed906321823a6307c1d5b32bf5d9ace590d733fc89d89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 13616ede13f47df9e86a13207ed7b69c |
| SHA1 | f51c891df0b2fc41f38fee09c537418a75c6c4f5 |
| SHA256 | 4bfb28f976d65309b4d7ebd1c837cd4bc9118099abaa7332f4730ef43fef06e0 |
| SHA512 | 819b554170c5dd16ec7c9dbdb88d58d7103aac5b3ef8cb3c1a55889eacdc77eaec80f9e1f6c6de3b97a257022c44017905ec54a0aa2c86a7fc08b8b51a967536 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8b9b7bc8c30e5a8f216178c187f612c1 |
| SHA1 | 3dd158f659267153ad975c3d6f43f313cd8592b3 |
| SHA256 | c9a27d8778b1c918b6bdd78b86d0554fd945180d69a416449b9731ad873b2619 |
| SHA512 | d6a9a861df1b904db971a63b08201fdab2249a787b6e8854f9990e8dab4b85d066da1abdc4389cf1c1c888509a79e0673e8d9bfba69e36ca0821221f3a1b06d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 87796f83a580ad1059639b7b6f48c978 |
| SHA1 | 3aeb3452c1d42aa82dcc46fac0eff546266958ca |
| SHA256 | ca9281ab005e47fe20e132b81ccfbf7a5f0e6d845cd3412129bcb07cacb1397d |
| SHA512 | 196d07ff37bf35b583ba80ef92e0277eee328925a77accb3dae1ca10a356a7924f49a7e6233db1b8b320eef6beeb9677ee7d642dd4bcdb2f1343cfe84fb186cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | be7aa64fe677033cf6a061aad5936e8d |
| SHA1 | 40788f2e2ca5180ddbd00090dccc324d804fd5fa |
| SHA256 | 43f17ad67e9fca9614cb4e1dd83a492bb64de85ee612c657343cab1e90c5b13f |
| SHA512 | 20bc1f7831b460698b3a988ec55f26ecec608379bb5aa231d389a6d3949ab05b73a4371943f9428886db6e2e4a8000684922fae9c5e08eb8e5f84054bc3af048 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4837fd0e8ae86bbae8109a663907b938 |
| SHA1 | 500174730890c6022f80b3415fefd2e770eb3992 |
| SHA256 | 7dee21a21809d7c5242fd8c9685625cbe3d4ae1b5ab1c7043f29679a930147e5 |
| SHA512 | f21e276e05b0ea8dc2b449a362c5451b131721cbda4ac5185eff7936dc9cdad9c280cef7fa697505dc99c2b820ffcea4157cbef812b83cec0103ff10ee9bee5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 4e9531e4ab1439ccd0996b13824e5172 |
| SHA1 | 46f991556cd51342f326a23b3a5723fdd463c0cc |
| SHA256 | bca36632ce568ee949d3ff1971c0e1d73ffd7a817a52a677dc098ae6d68b1bc4 |
| SHA512 | c3b23989e9afd8f9e16b7204042cb92d8ab6519c05058e13c6b7f904bbcdf17dffecefd1f99725e6132429af856d798bd509a310eecd8ee07757fe170bdb0879 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 077e4b001d1153a10921f4f66b17e84b |
| SHA1 | d78dcc9fb3aada712692b48a2fe72086b14cef44 |
| SHA256 | e41355559ae16693f91f53fad7b98af85ab235ed042cb73d467ec5ef5d3ef4eb |
| SHA512 | 28a3173c3d4d9756ee6882f5612cabd9e2a3ebc275547a2d4be9fc00f898fe5d384558d3a55ecc5f67ff103f60ff9f39b6f007cdd6f7a44df276582b7d40a279 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f814fa74e78b47489b7aa6f77c4a0a0b |
| SHA1 | 490d0b46cf4a9d5a7e86cfba068af35204f042f8 |
| SHA256 | 45e05af879fe922e9426b96a07bd6a41f38389947cfd2f0342712a4810072e7b |
| SHA512 | 3b71e7b45dd5787b5bdea3fee28d999660252026b37293d22142d9d55a0f6b2a4669ff6c0c04c8f63fa776e3ad64318796641d602a54190768257dbeef79bf1c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d04e52add33da14d6ce2c234f37b0848 |
| SHA1 | 9e151afad93f11ad6597a75dc985c7f053a209ba |
| SHA256 | 39993073c0b49abeb98d72251f2791cbbbbf58e797847e68eff8055bdb67fd5f |
| SHA512 | cdbd3a1a0ecd1cb204b3bc7c94512f90c8b2c398c586e86a1a7c376369b7eb075e4cbcebae34934fdac5ca09399af71b3d46a9c71569efbde55a71d1db69367f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe593714.TMP
| MD5 | 50674245441862a2263d0edb433d38fe |
| SHA1 | a01787be9b692f370d5d282fe8bac57aa6a1c11a |
| SHA256 | d8a7ff4382606b6aa84a1733cc44ac9f9ca83a345ea601e375213d81834e2eb2 |
| SHA512 | 0cbe19fef32e857bbe7fc057bf52002c74970f5acc9d8a5c86f8a6e90aa670e607c6dfc190a9987d85c6d978c12b3a78cb831095cc7f6c2e6310b355d09fab72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 806cb16b1d996e140307d36327eeb39e |
| SHA1 | 5024487f2568514402d01e0167f8a33ee8dabeb0 |
| SHA256 | 2eb5990d08c2faee2369875e0429798debbad6233be74f66f2af72a96894fe8c |
| SHA512 | dd6c09dc7a01a9dd0a162f81155dadf4bba94900208144062c1dcaa2b74897d25ea2360826318b0e14b85f5e65f1aff602be8a6acf2c5e3f9e978339f46beb0b |
C:\Users\Admin\Downloads\winrar-x64-624.exe
| MD5 | db39a1731fd514486b8bc80dac47edd5 |
| SHA1 | 9c84dbd6584c8264eee3b342949aa02d7990526e |
| SHA256 | 49bad8c1d86129820ec35ad3a9908b4b10789a5089f3d6082113bcd5b286ceee |
| SHA512 | c238d4a0daa629c1a3175542627bd8bb49dea5e97322fa982225458cdcb362e7d45283232cdc3a029e6837307f6498d9ab1637b396dee66532493cfce9b35c71 |
C:\Users\Admin\Downloads\winrar-x64-624.exe
| MD5 | 0a4f482099b9468f3cd5c98f71cf5f71 |
| SHA1 | aa5e8d9fd7d613a163acebcccefdfd33bb18c8cd |
| SHA256 | 794481dbbc9009a2565726fb5b4a4ab2fe216ff9edbb08951548ee765de9b4a6 |
| SHA512 | f5f61a3cf4440d9fa59e7093341a293c0b42081b547992284e54cef61eee1f817fdbbbcc2cb921b077f8bce5b9280072c0f3b5a1bff266ef23c3d9a792d24b9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 79300925f6d73fe5164453ce7ca1bd81 |
| SHA1 | 7a8a5b7e427287ea1fb1ebedafc1093f6ec9b51b |
| SHA256 | 90a268efdf7e958ee7bc8696d277f951d2404feda8e114ff1ddc1951ae689476 |
| SHA512 | bf217ac93647c84b41cd2137b815fc2973929b8ec28b1e7bf98288dec2aca735147945670357fb7618672785001909a40fb07ccbd06e7b68bb8e6d58a75f5168 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9eaad88a64073ff93138ad81ed05a93b |
| SHA1 | 8d3ecdb06117a7f83e9e146ea1a57dbf224d9c01 |
| SHA256 | db2349036d4e15aa6a3d5602794836bfbb1cb512b5b969916ee32f318d5c720c |
| SHA512 | d0b7f7c2aca548c9f8afc509c03599d282001a565ae556d4c6c52d2904c24b0e3b39b5e415a06b31615bc997039f6f49c442ab6c109760582071878ffcf23d29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c95b8347ad55cb0787daa06c5ac534d8 |
| SHA1 | 3ac4a980f953f64ac7e833aae62545a91014fd59 |
| SHA256 | 8231dcc6907ec0c544a55642e7ebf8a769332ec1ff66b6910db15f2dea259c70 |
| SHA512 | 2790c8b8a194b5baa5857ccc7ed136e204bf03d5f7475527262ac39422bf811f9b86edd84745f5f37f24eddb5c5e386baeadf400d0b34655dcb1217e6f7c445d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | a127a49f49671771565e01d883a5e4fa |
| SHA1 | 09ec098e238b34c09406628c6bee1b81472fc003 |
| SHA256 | 3f208f049ffaf4a7ed808bf0ff759ce7986c177f476b380d0076fd1f5482fca6 |
| SHA512 | 61b54222e54e7ab8743a2d6ca3c36768a7b2cf22d5689a3309dee9974b1f804533720ea9de2d3beab44853d565a94f1bc0e60b9382997abcf03945219f98d734 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 892a0c5604126eadf66bbb88f1489b0c |
| SHA1 | dfa88fa58d34c62599ec210fd97129650c1d4c72 |
| SHA256 | 4a61366d6fa7400e3a523a7ea286d95f264b244f1adf914401478dfff92fe1ab |
| SHA512 | 738da759231668178c2b7e0ca06de6f1fb9d79b475fd264e7332af71506f114c7a5ea70e004c407f9a06fde69a657364bfed321ccb00c3727158618e2d880885 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 74e33b4b54f4d1f3da06ab47c5936a13 |
| SHA1 | 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c |
| SHA256 | 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287 |
| SHA512 | 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 02c1206f20c7baa83eae33aade3ac785 |
| SHA1 | a1d41ca2c8218d17c066e02aa5415ea80050c0ae |
| SHA256 | 5a3854e0aecaab90c3636bae02061599a50971ee73d0f5edb81e4529a562b67e |
| SHA512 | 3ed12ff700249ddeb37a974ffcd23922f50e62f3163f28af180258b57560fdd59a9e3e4c883ef82d28ca17f1b78451f4f30b439b108d81b88060ba23ddd776f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b28fe8f59e76850f5e69d6e212ce4d6e |
| SHA1 | aeec46ccfd706d814e438df40a733ded8f7b06d5 |
| SHA256 | c4687b54d2c6bbc2eb938217dd709bf523e5ec775452b0e74dc373f9764d8833 |
| SHA512 | be4371bf1c7ebd14a4e0d7ca56c8581dadb8c6aca43dbe951e86dc3ce099f093797eef54c53b55bf823af0fb328b06e7f65ce398c47845fe6674d241d31a449d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d1d8bc9f724217126b7546916b353726 |
| SHA1 | 80f145ef1fb46e232ff7b3dcc55faeb1c6c390b3 |
| SHA256 | 0d2316ce543758c6a97de27036aa05d9be53b7afabaa6b703c0e2c93192ff1a3 |
| SHA512 | 832324bd98d2e56cf7aa62b664b1faab0bdf1a65aaf213b5f99fed9ef2124533eda5bf23184d180cebe60a7454ee612c102d040d083d8dbe7d7e5bc5da87c4d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5b15e469b801a4c5901f9bd81628ba31 |
| SHA1 | eb6daf4dfeda25ca0f79cd0b75e445d7f621e000 |
| SHA256 | fc575c09e6385b4355a7e01eaeae1e115ca53d036477d35b9eaba4223550c021 |
| SHA512 | 1a88106472c8d1e6aacfc2ab49ef6ab24bc6be6448676ea001acbcc337cb76d5db30998e351b7e1e9d1bfeab124156d0cd20b1f4a46a9af97050ac22263b9032 |
C:\Users\Admin\Downloads\Virus Maker.rar
| MD5 | d1f61793e7898df4b27e3345764ceca8 |
| SHA1 | f03b91146aeaf753b565620a022a238830ed56d4 |
| SHA256 | d32f3a860b863d38f117c2e7efcaa6909583d418f8578b526a7ed0153529644b |
| SHA512 | 6491767f6db68886d000b173306377f3b0bf2d6db765ce4c14139c9ad09fa44e6cb75489f3858e45c4000333d2ad517721f81cc48e94de25c75c17cac36bb617 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 520568131d3bd91e944d1ad03c305450 |
| SHA1 | 5014853b43ac83562607c39cd8c8fb3b31106d2b |
| SHA256 | b867c0620ef7f9c12215b6a6f57a90109824c72213a5b76c256e4ebb48a4f2c0 |
| SHA512 | aeb58b0f5c7a88000ffa189b96748df189a8554a5ceee70cf41dc643e9851dc5f0a3ea971072b4d13d93604f41f4800d5e1182127143b48ae06cc7acf0f17716 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e070e4f64eaa89530bb80d99738b987e |
| SHA1 | c93637d55c1b18de2d9bc9da1f0d6906cef95573 |
| SHA256 | ecb2cde8cba0c4c3fe1be1a08821cdb30efa354fb0c5310a695230fea96bc158 |
| SHA512 | 004fdaecc660b4080fd9d1f1a2563ca1375f03a1b0e4d32a27c59198411a81fc796f8e5f2429172cca4ff42f8e8ea776be4c78129140ba660be5c5c4209f9982 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 973ad64301e2cbb9805f19466693462c |
| SHA1 | fe05d6f56455304fa9c2b4849d37f82b6904330a |
| SHA256 | bcc74cc7315647a901270f1d6bbcfc0ed9e7b881aa30eed0116093fcca89b927 |
| SHA512 | 32c08bdf175e78a13c4a612d41ec244ce009049987abd499847df51a767a7f7b1559bae7ef504a5b5d6e570a238059ea29ebf00375f453d2fd5c68f2f023ee3d |
C:\Users\Admin\AppData\Local\Temp\7zO4AB7950B\readme.txt
| MD5 | 25cacb7c8b102e2ad4658121bdd2459e |
| SHA1 | 7b5ed8c98f3e04774aa20de108d2b5e3ffcada8a |
| SHA256 | ec059872ca0ab2a183c1e5539e76f926605ae2e7a60ced5247e5f0f72465d971 |
| SHA512 | 747c6cef1744f1aba9c74b5573e21807225ee8ed7ac9229ae551f37e6d577b9875e3ce8a2991cbeac1e2ef5f1fb768d50deabb5fa5eaa0180a406d2c246956f5 |
C:\Users\Admin\AppData\Local\Temp\7zO4AB0706B\Virus Maker.exe
| MD5 | d0d02f3b3fccd570d8c66e73aa982d21 |
| SHA1 | f5961902a2fd50ba18ba17f1c903704fffe1a81e |
| SHA256 | b2dd5194837dbc1d7965fd1f8ca7da93868a2048c70546415d8d78221547e638 |
| SHA512 | b064ff1cb4bb3e7278d2cea4dc5dad1a2a2ae69a8b24da826d7148b92990b9e02f316578c89eb76e914ba37d097ad499d020ebb67212907963e3a4f32642c369 |
C:\Users\Admin\AppData\Local\Temp\7zO4AB0706B\Virus Maker.exe
| MD5 | 2e8d3352d6835d1524d7044dbf19c356 |
| SHA1 | 01f8314845e1f7ef3dbf278b520629cc16e285b5 |
| SHA256 | 31a64ed4ab96b798782bd103f090421123e6571367569a834699b04be2a73415 |
| SHA512 | 76a01d68297e66915abac2d034dbe0b9da02dd37ff9789f01eb44c37989f44b15a113192b4ef857e379861498de23be82b7cec7144f5d23c6f9250a13e0a7f59 |
C:\Users\Admin\AppData\Local\Temp\7zO4AB0706B\Virus Maker.exe
| MD5 | ac45f0d5e869d248a8f05899f6aa3977 |
| SHA1 | 7a3cf0341c65dbb6a0ee1c4fd524da1fdcedc03b |
| SHA256 | 0bdb2e49b20267311c9ee1edd11ddccc7d6930ba0e19dcb4eeae14169c0b02c3 |
| SHA512 | 8f6c5b10c1984a509f7a6e971e51ade3f24381c538822b0e20abc60e8f2527cdd504668f8a8074b4e78a23c004c3ec0ce7d35581c816fc14123578d4e59108fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 216f638439b404e7fcbe3ed3b7bb008a |
| SHA1 | 6fbddf4022611f7904eb90c64d2a6b8fdcd195cc |
| SHA256 | 6ed59491a35f719dfb1eae3b98b7fa4540a92f2cfbd33617efab4845e50f37d3 |
| SHA512 | 75f054795115558af7813c2455c3e4059d856d402210b1bce965df517f3e03c7b8106e8cb7e39c00cb2d25f2e7b84875676b5858dce707eb455029c54cf06967 |
memory/1200-737-0x00000000006E0000-0x0000000000A8E000-memory.dmp
memory/1200-736-0x00000000742B0000-0x0000000074A61000-memory.dmp
memory/1200-738-0x00000000054D0000-0x000000000556C000-memory.dmp
memory/1200-739-0x0000000005B90000-0x0000000006136000-memory.dmp
memory/1200-740-0x0000000005680000-0x0000000005712000-memory.dmp
memory/1200-741-0x0000000005880000-0x0000000005890000-memory.dmp
memory/1200-743-0x0000000005810000-0x0000000005866000-memory.dmp
memory/1200-742-0x00000000055C0000-0x00000000055CA000-memory.dmp
memory/1200-744-0x00000000742B0000-0x0000000074A61000-memory.dmp
memory/1200-745-0x0000000005880000-0x0000000005890000-memory.dmp
memory/1200-746-0x0000000005880000-0x0000000005890000-memory.dmp
memory/1200-747-0x0000000005880000-0x0000000005890000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
| MD5 | 0beb2a38aa208e69e14709b7a1a2df32 |
| SHA1 | 0540f3875734a40ac2a654203eb64e8ca58c066c |
| SHA256 | 51b708d0d66e2ca22a3500df3510bbc450d8b3ef3611072865981b9a6521be36 |
| SHA512 | 4485371a61fa2ad23ab2eda116441b23c6d5ce878e5b31ae403b847f561cb6e0de34abf366e39f2244b7d133995c257303e78ef695f86142373d47c4e92a9369 |
C:\Users\Admin\AppData\Local\Temp\itb2xi0d\itb2xi0d.cmdline
| MD5 | 1061cf07cf412d90ea5949b03ee60717 |
| SHA1 | cdee13b79aaa4d9d205d77dab6772b06f3af5799 |
| SHA256 | 06482bc3e773454fe918c9cccbe79116cc602b2c9111eb27ff522d5b5e4ae88c |
| SHA512 | 538f2ece7685a0151da206dbd1fe5c966a086891d944abc3f54daadf2c0b9944422dc4af763f5bd3d522564de48da83540b048ee37aabb50d9416ce110bc110c |
C:\Users\Admin\AppData\Local\Temp\itb2xi0d\itb2xi0d.0.vb
| MD5 | 79ddf9361b0f3bcacda779312ba9cfa2 |
| SHA1 | c4f2d47a303744f9f40730646b67b53e992101b6 |
| SHA256 | 53ac554c719ba3bd7ad14e20f4da03e8d370853c76d1bb88e540d6e53ae0f27c |
| SHA512 | 638919ed9ad1007ff861be766a024fd347fa678d484d67e02356faf86690457093ddc8d07f8a1a9d02f467ee0c609986eed7990bdf52c04a33eedd421fbf9b6e |
C:\Users\Admin\AppData\Local\Temp\vbcE13192F45602460D8EB92AAA9CC81C66.TMP
| MD5 | d67644899fd64aba5a5d6c2e8bb24648 |
| SHA1 | f66842215890330afa87b8628cccf39d9b374130 |
| SHA256 | f402990fa557802110443269a8a66b62df73bceb1da98b7631d188f10b2ef63b |
| SHA512 | 69db5cb36749e443c5aebcac17d0740a37723f31fe5847036dd00d9137bc41993f93587bea4d5929becf5ba51fdda62aeae23e2800813bb22cff1d2c808c4f2c |
C:\Users\Admin\AppData\Local\Temp\RES5225.tmp
| MD5 | c28c03406f6d7821ee5faeb4dbc23eeb |
| SHA1 | bf7bdfac1ec2c216ebe37f72a5826570c99ac739 |
| SHA256 | aee36a82b7adc0fc11d2ac0290941b691bd9cafab8c140c95ab9a92bba0d8fd1 |
| SHA512 | 13be3b8550d2dab39cf22a2716ec34392fdd0ff5087e8af0f7cd917095e6060d624c22b46b8d59f9c3809fbd6a5561015532d0362cc6d62c22644bc9940e46df |
memory/1200-769-0x0000000005880000-0x0000000005890000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
| MD5 | 63409c6fd7c1da7629fa5cfdf09cc4a3 |
| SHA1 | 16933e963671b7fb551ae7b1d261dd851c3760f3 |
| SHA256 | 106043a24ef4511f964a2d21929b1f257ea8c4958cefe5eab60345228dc8aa5c |
| SHA512 | b33a727bbcab3490f69cf4ff8a43d7abc11b9f674144728924d1f5c1739298a65fe503b7160f95e4826279ed97147a494e827f84f9da8c1039509a1c68d34459 |
C:\Users\Admin\Documents\Free Robux (not a virus).exe
| MD5 | 428c44f816a09e46be91ba605ab88b66 |
| SHA1 | 9e0878b2bbd763b533f0ddf026d171f862149d53 |
| SHA256 | 0ead7a3692affaf87f3d8a4b1c7626a7bfcd6e06d77bc16561f1d78b5ed28df7 |
| SHA512 | be33d6a585f1a342787fe2be37c6c18f200436da7660e8551597ce585fcaf1315fb81223604e0c9c7fbc99046eaa87c47210587df0187d2f09d37a6995167d8a |
memory/2804-774-0x0000000000470000-0x000000000047A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\cmd.bat
| MD5 | db1f8d5bf238144e6c67b9d6c2a6d321 |
| SHA1 | e300417ee8d38c2ec703fdf4fb2be0aaecccea43 |
| SHA256 | 82461a1f5804aaac14c2ccd26c50ecfb2a357041f6f60b0ed974c1d242eee1f2 |
| SHA512 | 64177734c5553c8c5eba8da78ec0614ac6d372b63986af74c7508b439a31172ca207292feebfe7ab3635a6439f07eff1091afd0667329be10d7b8e42601d0e16 |
C:\Users\Admin\Documents\msg.vbs
| MD5 | 4726966f9ac2a52b4af74c83f527cd45 |
| SHA1 | 0718c09e8b93727f3712be7ba434a7333df41d61 |
| SHA256 | c7f80ee43ad6292e1406989dfb17bb8fa3b90af46011bcdf133235cd5b6b2ec0 |
| SHA512 | fad37f32e08cb95a2c1d00947f7854464ff71e74b4a7bf4c1400f44a04771889c5d6ca4ac4e98371b9c74274335b0f778f264955b84e2da0f303962012b66d65 |
memory/2804-779-0x00007FFE07BE0000-0x00007FFE086A2000-memory.dmp
memory/2804-788-0x00007FFE07BE0000-0x00007FFE086A2000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Free Robux (not a virus).exe.log
| MD5 | 4ae344179932dc8e2c6fe2079f9753ef |
| SHA1 | 60eacc624412b1f34809780769e3b212f138ea9c |
| SHA256 | 3063de3898a9b34e19f8cf0beeec2b8bd6bd05896b52abd73f4703d07b8a7cd4 |
| SHA512 | fadfe2b83f1af8fdc50430325f69d6172d2c1e889ca3800b3b83e5535d5970c32e9a176b48563275a0630d56c96d9f88df148fd6b2d281f0fc58129e5f4dba19 |
memory/3044-794-0x00007FFE07B70000-0x00007FFE08632000-memory.dmp
C:\Users\Admin\Documents\msg.vbs
| MD5 | 2ff7fda119f12fbd2babf2b47587ebb8 |
| SHA1 | fae1d0063320b21b0a8eed2face1d6706c7ba8ed |
| SHA256 | 9a5a19c9a47d828d456e26fb4810a549b4f9299f208b30a80c06869493c4df42 |
| SHA512 | 75b0a91292f9c071549c78662d940adc69e8ae4dfa1721ee4299a2de93a2e52f1d6b902acef0c74f39e05e923cd10d37d91c1b190c1afce8a7ade0c8f3ea09f2 |
memory/4616-807-0x00007FFE07B70000-0x00007FFE08632000-memory.dmp
C:\Users\Admin\Documents\msg.vbs
| MD5 | f448e6002ae9034bb18305ff04c0b056 |
| SHA1 | d6ed22c24b627c3f7dcde720aa964a8d36392955 |
| SHA256 | b498011d6755ab1c5eb5bac2e10a535aaa1c7cc02540ec1a2f8cef0c6210bb94 |
| SHA512 | 3a41df3c9ae0fee723d9a6fdf00375517faa17876c22974b0737e0dfb8c06b518bc443df9615d8198fa1fe5e7b03e4bfa6aeef9240f3742fa1f274328bee0c3a |
memory/3044-816-0x00007FFE07B70000-0x00007FFE08632000-memory.dmp
memory/4616-819-0x00007FFE07B70000-0x00007FFE08632000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
| MD5 | f0d11cde238eb54a334858a3b0432a3f |
| SHA1 | 7c764fe6f00cab8058caeba38eb7482088a378f4 |
| SHA256 | 579adf148a5905868140df9075b90a2ff33c9070dfd35b3ab869a2d9aacd9a96 |
| SHA512 | b3e590c88b462004b29ced18027f640addd1ea6ce9ae584820054ca508ce7d626acb3bd729e3693b50ccdc5e4694b1aa400cb33a315a475de47f5b25ed964d02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 3cd0f2f60ab620c7be0c2c3dbf2cda97 |
| SHA1 | 47fad82bfa9a32d578c0c84aed2840c55bd27bfb |
| SHA256 | 29a3b99e23b07099e1d2a3c0b4cff458a2eba2519f4654c26cf22d03f149e36b |
| SHA512 | ef6e3bbd7e03be8e514936bcb0b5a59b4cf4e677ad24d6d2dfca8c1ec95f134ae37f2042d8bf9a0e343b68bff98a0fd748503f35d5e9d42cdaa1dc283dec89fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | cf989be758e8dab43e0a5bc0798c71e0 |
| SHA1 | 97537516ffd3621ffdd0219ede2a0771a9d1e01d |
| SHA256 | beeca69af7bea038faf8f688bf2f10fda22dee6d9d9429306d379a7a4be0c615 |
| SHA512 | f8a88edb6bcd029ad02cba25cae57fdf9bbc7fa17c26e7d03f09040eb0559bc27bd4db11025706190ae548363a1d3b3f95519b9740e562bb9531c4d51e3ca2b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a8a0a5936d32e3960b5e4defd79fd1d3 |
| SHA1 | cf3119071a4fad264af12b98d2602117305871c0 |
| SHA256 | a762d94d43121cecc2e73d2c44f04c23ff276def4a51680a32921b83560947cb |
| SHA512 | ad729ecb9e6907300465199f76aa78748b68816eb52c4b3eb4991a52d5035a4ee0d0967736e9ce6bcba428b919c4310a3d97e91d4b96b30de0df2ec4727f080c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2a32cc87a2ba876131f2955e3cf6ce70 |
| SHA1 | e9e5bfef262e0c6728122c9436cbba3b542b0ff0 |
| SHA256 | 8e679441577e516eda45a038b3d97d21b14be18e30120fb2a908268415ee5fb2 |
| SHA512 | 8cbd016a2a05398ded7d39ef382b82b4f5031078c0e6294e2f2059862fe0040f5d53f2a2bdfd7abd3ecc6654a8195a328a3262095f975e914625ce1f43f81d82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 482b1cdb275845a1d4277ba4f69b80f6 |
| SHA1 | 3becef0494ab23d46479dccc103a19cd1fd5b4f3 |
| SHA256 | 90c52ce779f414791f0d30a84f84775f6279b5a917a0d2d51a689883e342391f |
| SHA512 | 5cf215fc03358fde1baf80268930e41ff9c126029f73b3cab2e38ce010e740746facf40b03aac747d104052d8cc161114deea051f7a4238a4ae79764dd919f7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 970cdea62f25d8825a6d7de4aaa628c1 |
| SHA1 | a25621a623f94e5845903cdaaa0b6867bbb39802 |
| SHA256 | af56255df514fe59896f5493da48d4b7249c27ce6ffd6a8b101b84d73ecd057e |
| SHA512 | c1bb79c8670fd67e4b5c61e2d84a4321d25bf1c758e3b1b458598e10ceb8598c4aa065ccf63085c692f0ee08ca7c1ab85ce0b989d90c972352e7106a30b0589a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 816245d4f50910a6d4170524c0829257 |
| SHA1 | b09cb8bb6d90fe57686a8d8d37d924cce7aa0138 |
| SHA256 | 186eef47e9808d44d6d233470909376ae0c32206682dde3af8d7f76310778ce2 |
| SHA512 | f266dc331f1d676aad512ee94361d9ad810fb64fe4083853a2380bca2faac5f4844f719c981c4d3c5b1bd22fa50a854ddddab16cd5d5040b030059494752ad3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 373e5afb7cb41fb2672caeb8c756e264 |
| SHA1 | d477725b21576b283bfe24224510f145cb3e74b6 |
| SHA256 | e948247866a9ef0c897c6521130f1e77c110100d764ba2ae2915847f069662aa |
| SHA512 | ce3c5bb30e739c59b101e36f72e2225f074947cc7f6eb9792541c4ce28c3746556a6adfb3293f6e7d068303950c8d09f97cbb742f622f51d0eddae362da5bde8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | 12a3420a27c1dcea86fb1f225f4fdf89 |
| SHA1 | 7c2e10797a6d937747c09bf9f36d87d505d4b0fd |
| SHA256 | e8bbb2ee3443047fc5a2a90c5b60f265f3c61aafba5d457a984520f8793fa8c5 |
| SHA512 | 7e01f5100408a4ce04bbd4df8e713905c44a2bee4e9711a0305b23b3eb3f283b9e0774ad39d319e597abb547fcc5865275b92a013e41ff180113424a01493494 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
| MD5 | a7d387656da381638b48e3cd5a2765a5 |
| SHA1 | 46de47b90b7b967a18daa16853e43e159707c815 |
| SHA256 | 43dedeef7c70fc059dd30b5d6246aa8fe3695153a63e5f94ff94d83f0ee4e1ad |
| SHA512 | 593b270d1192b420e58e22c8340369fa440ced1df4712c02570a0dcb9a9182d523dfb46ba26a070fe594622565d976a6d367083b351a00f13717523ad35e046b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3fb3bdfbbaac10851b7b6bbaac8064e9 |
| SHA1 | f35c363720c9de89145f5a21525b1e0762a17409 |
| SHA256 | 47f72fb52803818025163842b62fe811b4c7be5d1d7d5185f86757ea007c0e2a |
| SHA512 | f6dd4cc7339e47ad26486b27ef6e883ce3cad827f50f5e6b1bb79ad732ec67402bab7a3e394ccb88000cfb39f6435791ad85a0c8e8939f535a17dd7ab55875e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | 7fe2c36271aa8065b034ce9efdbd2a07 |
| SHA1 | e22ee654cb122d0d62393dd8d6753d2bcad148a3 |
| SHA256 | 02cf672988303d8fbdbc7625f54596ece6d83c78152ca6e1aa332fc8c75d5c34 |
| SHA512 | 45d53a09ced29138e2f99e0e8a293322050f8032e006df06315ac9af2f1ab64d1c767ea5db53289bb5881a4866061299e5a60cd83753fe6ba88e8de7562706ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | ff5c13d51dbc839206cd6f53f3be7e10 |
| SHA1 | 6bf592ab83384f7c156156edd4ec82eef1d39ea6 |
| SHA256 | 2c939abb4ee330ab2bfbf861c6cb3be8c70271ac1c8274807bb107093e60a99a |
| SHA512 | a13351abf0070712c2fc76848a9d23d9d562cdee2e1a0e3693354a8e288a445e468ff13f3e8ce1068351244d5fb7caa06d56ff5c6392c5a2430c0d28634b8c2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
| MD5 | c58b2ad20e02980eee174a19b34311c4 |
| SHA1 | 4bd6793cf28cbb126fd1e664316ecaaefc74028b |
| SHA256 | 4a620b6860da8b770eb0756cbbeb27e44ae716c08fe8982a69f632e4a6cdc7bf |
| SHA512 | ee2b1e68bd28e011213350af1c758759648d1804de50c3dab90d486d194b0e61682497b63f0b7152b7444e99e1f3bac8b5f2586f02dade4661f01c5a2b74c68e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
| MD5 | 6023e5773f57cbb81b497e5ff9aa5cfa |
| SHA1 | 952ef9fb373898152d0487a16bb27b6600f9c17c |
| SHA256 | 35a748146c5afb7bf936423cfdc905fbf4b974a4b592f940402c8e568b78b296 |
| SHA512 | 25479b88ae880e02d875b3f3781919693bd281e56aa3ceab5c047ae2571ae52567aaf6aae9bc3df9e2461838195ddecf35af82116d0ac7f2668da27317ffed49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | ac2c8ffe087fb82b0f2eea454eaf3bee |
| SHA1 | c0de0c52ddbf2508310558142018ce0d0b8e9088 |
| SHA256 | 82fac7169701b6a2b9f754272de2ea031166d0ba464f2e824234cf8e5856b73e |
| SHA512 | 970b5e46fc5c3e90641ee06ba1dc3fb278215fbcf21f635678c4dff3b505f2ed99198b1c989e11ed227d084ddf4210c207b5fb31937511a93a58e3c16213a244 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 015c126a3520c9a8f6a27979d0266e96 |
| SHA1 | 2acf956561d44434a6d84204670cf849d3215d5f |
| SHA256 | 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa |
| SHA512 | 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0b4d915862547c3ac2a7d96f7919766d |
| SHA1 | 4e61d9d71536f98f04dbf1c391247596d30a342c |
| SHA256 | 93132c7dd4cb0e6369f903679b9c690a133d1c17231cec454087d20a914e2ab7 |
| SHA512 | 407668190c1a3c7092baba4ea5aa940999f962c830d0922335c248ca4d5a5fac1634ebd3da1dfa420f6c0d9a3c6ce5672a89da32482ce615ec59b1098b65a4ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | 55b063ef4ce0a0ea71f7941b34f7ef17 |
| SHA1 | 86b80b2b9468c7681d07e0e96925e3e02dd442ef |
| SHA256 | ae67e955f334f5fe9599c979fe34327930bc8a69f28688cf58b44ed9152af7ff |
| SHA512 | 746ebce82f906ae9fbd1218b4c6a16ecb77c2e2e291d4e13ff39da9561e2b83ff2f1fa18fb4e396efd30521fc1c4592b01bf911480ec8062a6ced0e9c48b5035 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7efd418e59593bb0dbdebae474b918df |
| SHA1 | 2a1816834b0c91625242720636e1de945ddadddb |
| SHA256 | 1a64f6311173578d8fea11670025b18fbf36d5eb0804a27e6bf8f5e6692ce39e |
| SHA512 | 72847a4fe36a9521e5cf73cf4a0fdfd3d53678c7f89965eb37ae685a1314b67cf13388ff7beb8a72d5e618b1247a9afdaa693190de85bb67c55b6efb3ab1abd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4a6cacc252a4becbe260a4c7a4aa95a3 |
| SHA1 | c812624dd951aaa62349f302d07dd1e94a9f3baa |
| SHA256 | 8d440c6b9603901bdd8866fe46562f4df01de9d30e5c190cf86dfdbecd346f55 |
| SHA512 | 7a8c3b927389def4e21582b67b54ec0abb639bf0aef2f898ee593985db9d66d87fd06c50f628355ee8b06e0d505484d9dd40457fb6a94f4d54256962d380482a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | 5db275d431eab0943665c35a8de0ea84 |
| SHA1 | 38b29a08f758a98bb025b9414f6d565d130895ba |
| SHA256 | eb0a9c486470abfcaa4e4c690b70f8be212a16137e1aaeb87b6f90441044fd13 |
| SHA512 | 9537475d2f66382eec69b854ac8a3fa877372e8b92571e0bce465ec208842552fda87147466d725ea74833b85f610d132f562faf2ee30974207eaf5ec2fd5d15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e657cc203eb9abfe_0
| MD5 | 6de27f47e416596823aea19541ff9724 |
| SHA1 | b7aa9f4df00571723ffa418bdb57e20267a62063 |
| SHA256 | 449fc93c28b0911277b17080663a3722c233ba36613346e47877c20a1c511ae4 |
| SHA512 | 4fd3f6cb3305a65fa993099bae011c4404c88c6c7ad694961d86750f1c22382f3e3c691ba25f4272488889f5d287e1ce3ed5d0915bdfdad32e6e89fc2b6e9510 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d4526974f6b1a56e_0
| MD5 | 065e17ba791b8d93f0054040a35ddc05 |
| SHA1 | 522e2bc83051505c0982ced01a7568482339f19d |
| SHA256 | fb4f3d2d06541914d4ecb2de33909673be84f7f6f6c2ee749dca1a8103d970fb |
| SHA512 | ed80b51808a28e6b3ea0ce844c70cb6bc784f070dae8949c7a58e9652416816d2bdb5ad3912e6eb923c1887d85c517d05525caf4c1bdebbc5ee766a13de19dd0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e
| MD5 | b231b682df5bde1f68f8f7c30db6d4e8 |
| SHA1 | 809f8776cad70ad13cb5fc7727c879739e5bdc05 |
| SHA256 | fa962ad45a43b31d48e6e445e1f35b27a399347d37232b91d54ac4906c261a8a |
| SHA512 | fe780828fbe94a69d25770f738bb6775c41ac2bd012461b4ada7557ea3d68b367929f04d07cb62dfb109aaefbf80b4fc2e8481988f1bfe4f411a2b0613f46c66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\55ddd064e8654d93_0
| MD5 | 53c5d75026622eccc97db030059b6775 |
| SHA1 | 4c88c15dbcc2de8bd6263db02ba22345ea2ef7b6 |
| SHA256 | 677861c4380c8fec313549de737e962c5039b01aa799adcbeae1a843daa51c71 |
| SHA512 | 75d9167f667fb67f5149a36e574685f5da68f775472248c471fe5922c691c4d308fcd3c4f9b40b22d012668b6ad2c04430f2e868b74a61c9bcdd84ef13edf15f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3b1e0bb8586f5a6c_0
| MD5 | bfa8cac7ff46e9944f6bc4b031353e15 |
| SHA1 | b626185bd80be5fe24bf7c3fe90114a17ebc86ce |
| SHA256 | 7b030aa402899801b9470f76a414edbc0f3d1b19f3041cdf644a168571a6e205 |
| SHA512 | c72ccf4299fd5c13d5d061d688d3c1a9f7d0a5a5992bd4b17edb4c5790e201807169c41be4a3ab70dc68971e520c451a79fe43da994d27542f55d2a658d56f3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\417fb35d227cbeca_0
| MD5 | 252e0bccc17c30e318c2cfcfdc3df36e |
| SHA1 | d5dcb75861811d85912181bb8fa1293e494b3884 |
| SHA256 | 99b0f31cf4450d71dc59801925cf2a2d1cce34ad52723a678d54d6736984d3e6 |
| SHA512 | a43a9b710bb12da06295dcf816c2736fc92f4495a807a5a8b1d57f4168191e35d919ad43bbd2dbda07038344b81c069454fc3c7873c405bcfa2f457c6cfb771e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1e7db54d447341ad4dc81dd7280451aa |
| SHA1 | 6a114c3337c530de8727f771ac342dd9ed9c7e41 |
| SHA256 | 1dd717c4c82da727c1c97315d4c3bc2f3a7e1850a1c16e6ef7edd82ae6065da7 |
| SHA512 | 1d5beef431ac95b3fabf99eafb4ce7d5aef4796d59382c9e26fec00e51348165252293d167f381626f5f8becebb5caf53f3d2583f77f2ef0bcbf965f3edcdf62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2daa87dd51c8e798_0
| MD5 | f66f6ad5c3c0c6b7f2bd3d4d1cb789e5 |
| SHA1 | 6f701191ccb42b9a11fe57ce6963deb4466e2a2f |
| SHA256 | 56c2a27262e1dc42571aac69f842cb1c59b7a971f39794ab311d697431e45740 |
| SHA512 | 5bb30c27cab237cd7c5cecc2135fd57832332a7b38c27c661b0ad913741d726387077c80dc357f1d375325d4e43631805bafbdd59df81a7514c3932160da1bb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b5d4a437263eb866_0
| MD5 | df6a7f2ff1e7daf523e9b3de8025a842 |
| SHA1 | b87fd95b315779849cb3fde9ce9eca88895d5d5f |
| SHA256 | 4f4062f3924bcb1db6d062b86f961bd056936c5d68fb5c33ee2ced90ff8a68bb |
| SHA512 | a63480dadbc8a6812c30a0d4ed0f755e00a18f1a84d48e4262ceb96e10f231f975d810bc6ee7f7211dcf68137f09db44f4fd5a2493f95d6cd6568a5bd2cffcdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\00bf9a60919b63b3_0
| MD5 | 68e2aedbd36d97dc42cc541c0a2a331a |
| SHA1 | 37297ebfe9f438043c39b59c744f77a1c1e1fbd6 |
| SHA256 | 24c7ee66e090fc401cde33f42925478dcb52dea500dfca6d16327c0a93223ac9 |
| SHA512 | 09bce21bf18c823592ee52a33ebf6c4a314c5f1b70836b307967e5e05335bc7db27c7a30a582c42de743fb97f59230dff1585af8c8a96c080360aa4e3a4dc7f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b99de0c5d10b251b_0
| MD5 | c20d856d1ff53e899c44c57d52d938d9 |
| SHA1 | aa227949623f41aabd213c8c8906741fa208ee32 |
| SHA256 | 44b39728e9769fb7cc1a59a59c208c958ca2b7c3213697706e3549e00dd0ee13 |
| SHA512 | 076536a519ae8a55b8a6fbe4797d7042314dcd536c46750c5076a0caa69856cca89755fb0a646ecb65d6b94c66bb63e559cd16c24632118a7001fc38e96e79a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37c7800a43d1f6db_0
| MD5 | e480acd650e73a12a61069e8a21e117b |
| SHA1 | 2a933d59a8361438d7720df5149ec44065fca81a |
| SHA256 | ed9147edb356627d476e0b1399a0490b7c7dc68b1f3337ccb19dec0af00e4ae5 |
| SHA512 | 9085fb0713f043f8d45bc0f83e875ba4f59adcd69cee4a4c461f402029ecce7752de470dbbb436a75b2475de125733e31843d5e6f3bd49aedc962bc370c361e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0fb76c4c3148ad3d_0
| MD5 | 393e9fd669b789d8abc7c3b4b446603b |
| SHA1 | 929fbd622da335510badbca8615c52cc3b3f292c |
| SHA256 | 662c23c31a076edf3c29fa568bf7a1cae66b3d283149b85a1ae26003f722c447 |
| SHA512 | 7558a0e702a5568abfc99ec4efce136b0e7d6ddeb32cbac78ee41a6e5696f020de41df4025ca651cf4dd4b61fcaa8d1c596ff8fb7e37952ffbc11324ed941da6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
| MD5 | a5f8fe649482ac867d9e4f09e909fc72 |
| SHA1 | 2553058a415dfb83b47bb831101e22654bc7033e |
| SHA256 | b679f33031ce8841b841ca3d72307bf3435f2a8dd85fed1388804811b57297d9 |
| SHA512 | 2619414c13c0e2366f05eebf3509bc6d07c3766daccefb3a3bc5d89e43aef9d9915056037555b407991237942945ee48f155b3969113b10aad312a5c4ba14ac0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aec509b936f6690b_0
| MD5 | 3caf36ebae5c2b2afef8e8bd26a9bda8 |
| SHA1 | 1dcd801cee6518d7fb263a12fbc3c2b592f75ab2 |
| SHA256 | d53851d383470d9b79414219349daf18f866737fff828f44b1bf4fa3b383bc14 |
| SHA512 | ab131765a35302eeed47d606faf8f0bc0de6f06c04be0a5869ab6110f1f523fbe3216e8cabc752f84efc16276323a1c8f0f76f3baaf7e8dd9e39c515bfd4fc83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\57838308b7315ca9_0
| MD5 | 2814ff2b6f75c38bf7b3eac681676c68 |
| SHA1 | 95a445966761ba2f347fa81133bc598896e92ab7 |
| SHA256 | 6cdb1e2a55f80a539fa8be925ad415210aa7ab4d05f25aafc146e209b6987431 |
| SHA512 | d76d7605cd359373ee90e60eb0756eb1a69147557b2140fe0b402be698055590927dd88bc541052070803e3dd39f22e82d5d4242deb6f1fcba47c0774ed0635e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7673384e74e7bbc0_0
| MD5 | 1d19b981649857ce6969d8a3dd5de087 |
| SHA1 | cf72f022183ab7fc5601955dddee7e53144a6b3d |
| SHA256 | f58456824c148049301c7863ed0fc0621cf60c50dd18e0216ca9397edbb496e4 |
| SHA512 | f159dd11387bae869e786f9236757c38a2c6edf62a391f78f09b36e11fc01bf81d038548f982015e7a7d28d66703941506ab5831834533c5314ccb0b00811a2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042
| MD5 | 09475fbb4a6b7ea545271d120b2e1ecc |
| SHA1 | dd185017e81936a1314b622ac838ab790fb6b6a0 |
| SHA256 | eaf6ade522b145f994b8d456f60fb5ff2ce1959abe8ede8bbe9fafa729c6523b |
| SHA512 | 095a15a1435fbb41cdc23a32fae28b6ea2b2699174df8ce21d774efe38de784db2c5507ac251b4994fa9ae09d19179d69f193710431684e15b9e3d9863ddc6f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f60e2dd94a42aee4_0
| MD5 | 0805f0b40e9fa8dda3e170f22060591c |
| SHA1 | e78f139b0358a8123ddcd12f6d740deac834c306 |
| SHA256 | e3bd48f5fbe609018f5c654ab046b7aa8b08098877af3a9f4493fee293130d39 |
| SHA512 | a37b794a22ffa697c9bdbdaafc2522b126472e80647e9b163a3794fb92ced3a4fbefb96eb12f107e0006caed66e66f007ade6cb7f1055be1975bf7f4e0cb91a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df53531c39eddfce_0
| MD5 | caa7e6c8fc1bf3cdfc8dd26f98339f43 |
| SHA1 | fe4cecfcf298eed69d67c1208dbf97ec831c33d9 |
| SHA256 | 3b0cda3f6498f3089acf2f7e16417ccb3c11161dc7027fdc76a7043b699844cd |
| SHA512 | 1fa5ac5ff5119e67f06f995b02df215ce29e636c0b3575602b24014c1cae3b8f927225d554f35b20acd0a01e2f4c2e0f391eef4539bb5bbfc6c84bc660c00ff2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | 6f6e39a98eae26cf485f7b62a6fab19f |
| SHA1 | 5b0b1a9f521b61c52c90b2f809586ab9f9f3b3d2 |
| SHA256 | 8dc890459b7efb6ab07dabfdb1f7786d01c34df1a96158148a9561c445a6fef1 |
| SHA512 | 54b6bad50067a579b18b5e4ff3fe01588608c6bc71d537e9f9d34a8df6134d260e394eb292fdaf2cb0b93ce16a837e97a8d325486069ef46797f9dd958ea9e28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94ebe1630900d094_0
| MD5 | 0110fffe24ef30495125e6045e15c2c1 |
| SHA1 | 3d36c25137f61812ad65510a03826a8d06133c9d |
| SHA256 | 5934d0a896882c1e2ec0765290bb0ec95390e35edec9212ffdea6acb273381ad |
| SHA512 | 685a4b357f5e4055dfa9462c2b7207eaa834732fc2048a103ac7b3f5ee957fdc87882c544791307397ce23bd29b3331da8ee8b8bec8c347f8bd58cf948fd783a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8781fa41e6538ca4_0
| MD5 | 82463d488bf45f0fc3877ba6ad09b5ca |
| SHA1 | 14958e60656704311c157b5e930a5a284267e292 |
| SHA256 | 323dce19018c599e8dcec3ac2af2483c0adb78c42933ffabb07341a5593c4422 |
| SHA512 | e18b16e048b125fda1611fe0f734adc72952ceca85e1050ffab7c3c6424ff82e9105ea3fe5cd8523e457176fb8114a3bc7ccd21e971f89fe985c7a3a18b1a3d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0
| MD5 | 97097b5a238cb024e12c74e1ccb531ba |
| SHA1 | 59b5a39c93e1b27d364c42b74f291c47d4bc303e |
| SHA256 | 8b6d2c65d4f2eeecb3011c6d2582331fc53936043a9a9f50b21386215149543c |
| SHA512 | bf1c2413a1f5da081ceb8dd7379c6b876b4683b0fce62b1e2c63a96b7b66b42041c3f2cd423dc21d3e0af7dda81cb7ed770f39e45af6a481834497b0fa72aa82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c37dfb5671a046f1_0
| MD5 | c96ed60b93929b5f41f2c6fb374ce19f |
| SHA1 | d94b730dff1fe2e62eb8fd102bd38120947d4d54 |
| SHA256 | ec5b8413e4c2d0e37a9bc7fdccd850b10bd4a7d477e37c40ecb68b2877541dd2 |
| SHA512 | ef669ec8fc99a350b52aa82ff06595285c8ae71fdcf71913849424b1499bc6d08b6d23b68d43b88b8acc485a5c50f4e58fc78f2a5ceb51d21e58fb0a632bcbd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5ebae3eea1f01edc_0
| MD5 | c459ad4e89c9f73054a3f8280cc68ced |
| SHA1 | 21fc49009f766fa239b1061c350353dce3259029 |
| SHA256 | 88dcb44360b8703328196bd4ade0cb85627d9046ffcab9e1328a5d59c60c8a4f |
| SHA512 | 894261d5ec38f8cc512b77ed7cd1fbc50c6e36e686450ae3ae42d4197eb2bb28bfa2fb13f63409b0f746d47878d590b6262c90384f8163379fd41a998fe78ddc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5de0018b24a31228a642ddc9254a8bca |
| SHA1 | f309f26ae4e6a7d9323d5eb25282ac7902b42ecc |
| SHA256 | 60c483f2fbef16b493d2e0b008e532b51f2e1c815b3f4cc9b67c2ed44df9f51a |
| SHA512 | f679ccd1b4f1726f9d2430c4a0b9b043d522b6c2cb8b6fa66f2ab9202e6d18d8457d17572bd3d89987d6c282212037ae47dbd45d579327702f46927a1f0c2cc1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\3afefa38-9ca4-4313-be0f-951394b6d4bb.tmp
| MD5 | a79aa441a47ffe30be70a02c804e14e3 |
| SHA1 | 5157db6ad690f7d8b80e2cbd92fa0d4cdf4ee6d2 |
| SHA256 | 35f2d70d024f18e2ad79735afe70ad9125d5e830b154b615e7f0c2ebee8dbbc6 |
| SHA512 | adfa81f6187b0577e183adf081fd171d4a787be174f1f016b094205a988153cd3318fb58772ebd36a4e094d3cd5bc3900b8e538c6ffabfedbde15fc69959e5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2516cc7c88a30ff37efa8b46c6817c4d |
| SHA1 | 4a434feb6668f500f6cc76f20899d86e533d87a5 |
| SHA256 | 06f2e438e8055bdebc78637fd199dec4490453b21e8ed46cd1a874d1564a1da7 |
| SHA512 | adc1fb2d60aab05b916366b1396c6ec8c6f46b3400e81e54f220d3e52913d68898e6aff396a55a1e1b6942fa42d4c492398f384482df5d8f6450faacd2513e1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a0c61c45ea042b43094387edc5b4fb57 |
| SHA1 | 2683132fcb02b9838066112b752c9990c48a6b80 |
| SHA256 | 3b252542977bd6d001ade1a157e5ad545ab83761f320bb7d97f00326e5a0f084 |
| SHA512 | 9280e9ffe7bbfebba927038230c7ae78a61788df490bb4f572b5a431b454409987df0f022cc270fee3e937a7d2884e3063b13d9fe7c957921b99d5b6d622de73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 353ec0ae11ef59f4c65699ca0d89e77e |
| SHA1 | 8ed82f626f012e3681b7cd3b49970df78c948b58 |
| SHA256 | 8c7371a49f4a934be417c4c5ca2651c5bd75ab6079f4d68748d0ac1a18413162 |
| SHA512 | f017720dfa71157c1f36126804710116f317f87f54247ad40372affab80d8b5a7c2a14f3a7b3821373dd990d945256e1eb8ee3a17d984c3e349e6a5a2423c14a |
C:\Users\Admin\Downloads\Unconfirmed 886897.crdownload
| MD5 | 5137651f51b72492dac95e665e009003 |
| SHA1 | 536bc61688a8c44d11dc36b70e7d6522c4d7d9b3 |
| SHA256 | 21347021ee20fac223a903ae5e3def2bf6a12cf66bf2db00c581c6c5cca8fce9 |
| SHA512 | 9cec3cd372360fa9fe7e738e8a3b8c3d098afa8911347e3da071e02d3d90cff452612eed5deaed4523db230265e946c4f214321721665a7d9f7724c3080cc232 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 451341ec2e7a404f6536b0db61ea305c |
| SHA1 | 1993e4e2b059b9fc1fee00f3169b950704e13da1 |
| SHA256 | 5b72ae0cb6e27df214562a87d946be76d9eacb703a0a6928402caf85efdb529f |
| SHA512 | 8316215e0d220a0618af1b4c73a0127b24a97b43ad0469bfbfe2127f1fae5c7c2dd53e6b8d0eb4a4ac4abb1c1737fe51a2269d7ac5e1368b80b8805d0e7802ac |
C:\Users\Admin\AppData\Local\Temp\$inst\0001.tmp
| MD5 | f9f82675bdf17e29cee6a91b001d74df |
| SHA1 | 7dc41a278946d908befc392a3bac6b641c7affa5 |
| SHA256 | 57de09fc4b2816751daf93d5052eca04d213ebdfe58c2afb33fc5730ed838d60 |
| SHA512 | 916ff596c2821711c2c33522ab997d916e3961ff9896bd6c1a34e56b7e6f7dcd7cf1bbf4be8260fdc79ad0cc4d3b15b1d2a173bd1d1e3e30478f0481909b500e |
C:\Users\Admin\AppData\Local\Temp\$inst\0002.tmp
| MD5 | a1348e7dff78bedfea730241581bd731 |
| SHA1 | f4266520fcc61d0c48c6cf4302b56ffba3570c9d |
| SHA256 | 8fbb8d50ff7987bca182d04ebeee81124379efefc31022840ac0443b3650ab1c |
| SHA512 | 983883e79077f90880f8b0ae2b86d6725f16898233e86f95c6bc2000e50cecd43ec77f5eae60272499cd5721b6076c025d8117e2de1310f78907cfeba643b7ea |
C:\Users\Admin\AppData\Local\Temp\$inst\0003.tmp
| MD5 | 1348519f83b41973b27b693f72018459 |
| SHA1 | ad1a0307892d3a9fcde0dc94793c53407186a23e |
| SHA256 | ed21d47664ed2316c314eca332c259ffce963046f5514816addfec297d705154 |
| SHA512 | 513b5a11381cf22e42ce78fcce5e1ef3a95b842fa67584f60f872a6cb8adc4d9bcf9a75898d8ac3c837e320cc57a9b56264f8ee3d2b11ceb5e8346212cd08527 |
C:\Users\Admin\AppData\Local\Temp\$inst\0004.tmp
| MD5 | aafc644b353e123506faf32cf92d636e |
| SHA1 | 367668f031236e6ee32ffcea557c8abafe54f7a6 |
| SHA256 | 763a4aeb1017671d79be2e69c6eb6979af56240dedf2d50c78af550dfde48479 |
| SHA512 | 2f201a37b157f400621e22f167aa56e49829b1414edc5f52d6df3c6728968691a39eb55e18a50256d0996585015a6f6447112897c1c43a683d7b8a2954d17d80 |
C:\Windows\msagent\chars\Bonzi.acs
| MD5 | 9e59aa7cf10405c56fb486e78e4800ca |
| SHA1 | bb18ad4d3b9cf31f5c5af01b6dc3f3df8573bba5 |
| SHA256 | 6d169a45e93e7a9f4e3bd074217be9eacc61b54032fad04eef375ca63af2bdab |
| SHA512 | dfd9f605b6e6d2884cdddc18b8089a1e8e9721103d93f3195cef30f6608f23c229f32725c69fa3d46293d3a470adf6505cf4b87ef518640fce3cd6b77e2a2aa7 |
C:\Windows\msagent\chars\Peedy.acs
| MD5 | 855e7bde93f17a0ce622c43f76556917 |
| SHA1 | bc4a44909cccd95e2aa5f9d1ad23903dd11c1fc1 |
| SHA256 | b3b7df1532b2e2c9415d2408424b6e2056b6ae3b1d26828aa1a784f72d3a2195 |
| SHA512 | 683b37e9f9809923bc8427120e9c88eec0776f25ca57b4146ac4be3518d6ecfbc0fb72c9fdbf93cce21c27b3c587692132fdc84b2d8aeb86af7585040d533f95 |
C:\Users\Admin\AppData\Local\Temp\$inst\0005.tmp
| MD5 | 9e4e1cd9f469d81b190d2fa00a4e4b2f |
| SHA1 | 2dac0f02c05b87082c9bd9924a49352244e07b23 |
| SHA256 | 913ec95d3b28f525ed1c48bf09f3974ccbb1c51815f044ccaeeada325587b956 |
| SHA512 | 987f9bfea3aaaa93bbfc9e133e69ae3eba5aa65f5f1d7eddebab2f1d8d3dcbb2822f308a8e2455ce41d5a99539d94f41d1b034f55ad968b84088f475508a3149 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page18.jpg
| MD5 | 108fd5475c19f16c28068f67fc80f305 |
| SHA1 | 4e1980ba338133a6fadd5fda4ffe6d4e8a039033 |
| SHA256 | 03f269cd40809d7ec94f5fa4fff1033a624e849179962693cdc2c37d7904233b |
| SHA512 | 98c8743b5af89ec0072b70de8a0babfb5aff19bafa780d6ce99c83721b65a80ec310a4fe9db29a4bb50c2454c34de62c029a83b70d0a9df9b180159ea6cad83a |
C:\Users\Admin\AppData\Local\Temp\$inst\0006.tmp
| MD5 | a63a3b158855e93b872d5df5fd1f4704 |
| SHA1 | 5a1dc3f546da956193e20d0ccd826c618d1286a2 |
| SHA256 | 642f1c10429e2ef7ba23e9acaf0f0fc25f4c5cbeaa604b874e236c2ce8fc0dae |
| SHA512 | 2efd03f890916122fbdb884aecd48e9f6e16d2e6f88a2eb23ee1dbe76c9ba99950fcaca149cc10c092143ded0e0f403c555c45ff13b5465242c12f957d9511cf |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page17.jpg
| MD5 | e8f52918072e96bb5f4c573dbb76d74f |
| SHA1 | ba0a89ed469de5e36bd4576591ee94db2c7f8909 |
| SHA256 | 473a890da22defb3fbd643246b3fa0d6d34939ac469cd4f48054ee2a0bc33d82 |
| SHA512 | d57dd0a9686696487d268ef2be2ec2d3b97baedf797a63676da5a8a4165cda89540ec2d3b9e595397cbf53e69dcce76f7249f5eeff041947146ca7bf4099819f |
C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE
| MD5 | e94487b824144e9c49bd339cd56c94c7 |
| SHA1 | a4dbe94e9763e3552cc39e642508024c7249d061 |
| SHA256 | c586a4c3fa92574b709c7dca45968cdd64227dea5d133ea59d06b590e9cc8a9a |
| SHA512 | 10c9ae3a06b93b15f2ab22212eac10bc4b24cb3561fee9133d6eb9ebe9e751f5b6ab8e9b4f8f0808210c5cc4e77dddd6278ff1c6f7f28dfe05a7ee0586064d81 |
C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE
| MD5 | c0818e595037e78dd5fac9ad582ff3de |
| SHA1 | 79b92d52edbddbfd5d46593b3541ff227392880b |
| SHA256 | de71ecf56d86809ff9cfdb8c4250531a5ff108c0e66125db0887befa9f5d3ec5 |
| SHA512 | 32ec4d9c897447fd230e575201b5af934068802c402b80ba9f0f0d59120099a6b6719701e896feeb03f87dbb8c5c86ae668223a7ab4582879b55fbb818ffd7d0 |
C:\Program Files (x86)\BonziBuddy432\Uninstall.exe
| MD5 | 068ace391e3c5399b26cb9edfa9af12f |
| SHA1 | 568482d214acf16e2f5522662b7b813679dcd4c7 |
| SHA256 | 2288f4f42373affffbaa63ce2fda9bb071fd7f14dbcd04f52d3af3a219b03485 |
| SHA512 | 0ba89fcdbb418ea6742eeb698f655206ed3b84c41ca53d49c06d30baed13ac4dfdb4662b53c05a28db0a2335aa4bc588635b3b205cfc36d8a55edfc720ac4b03 |
C:\Program Files (x86)\BonziBuddy432\ActiveSkin.ocx
| MD5 | 3d225d8435666c14addf17c14806c355 |
| SHA1 | 262a951a98dd9429558ed35f423babe1a6cce094 |
| SHA256 | 2c8f92dc16cbf13542ddd3bf0a947cf84b00fed83a7124b830ddefa92f939877 |
| SHA512 | 391df24c6427b4011e7d61b644953810e392525743914413c2e8cf5fce4a593a831cfab489fbb9517b6c0e7ef0483efb8aeaad0a18543f0da49fa3125ec971e1 |
C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE
| MD5 | 2ff63b891ff127775c992c27198f28a9 |
| SHA1 | 6cfed949497d16a031e29a0c37be5dd235c1b3c2 |
| SHA256 | 0d05885ecc80187f9b6a4164fbe09695af3982a3086c503c8b39c3d781e5ae72 |
| SHA512 | fb808b6b4b1c61ad6ea80b27c4cc6b77d6ebb5420e490af73ae826398db418b6ad052c3afdbb008935edb91ae90b5d4fdfc2d87e9d2c54afeccb5f32c0ee2a7b |
C:\Program Files (x86)\BonziBuddy432\BonziCheckers.ocx
| MD5 | 66551c972574f86087032467aa6febb4 |
| SHA1 | 5ad1fe1587a0c31bb74af20d09a1c7d3193ec3c9 |
| SHA256 | 9028075603c66ca2e906ecac3275e289d8857411a288c992e8eef793ed71a75b |
| SHA512 | 35c1f500e69cdd12ec6a3c5daef737a3b57b48a44df6c120a0504d340e0f721d34121595ed396dc466a8f9952a51395912d9e141ad013000f5acb138b2d41089 |
C:\Program Files (x86)\BonziBuddy432\MSCOMCTL.OCX
| MD5 | ffcef159ddad2d546598e7cf7420a29f |
| SHA1 | af88c52035715d3069d272817872780f8f9f082d |
| SHA256 | 4f90166ae49af24a72d6794184b38748c95471ec195d766530553a327c52729c |
| SHA512 | 0529f9791dba05b7aadcbb0c78046241c08f757d5ccc98edb4882fa3d70f84f462549658c0efbf5ac08e3e15acb599cc979bffe0491aceb5a021a61f2c6d6a35 |
C:\Program Files (x86)\BonziBuddy432\MSINET.OCX
| MD5 | 7bec181a21753498b6bd001c42a42722 |
| SHA1 | 3249f233657dc66632c0539c47895bfcee5770cc |
| SHA256 | 73da54b69911bdd08ea8bbbd508f815ef7cfa59c4684d75c1c602252ec88ee31 |
| SHA512 | d671e25ae5e02a55f444d253f0e4a42af6a5362d9759fb243ad6d2c333976ab3e98669621ec0850ad915ee06acbe8e70d77b084128fc275462223f4f5ab401bc |
C:\Program Files (x86)\BonziBuddy432\Regicon.ocx
| MD5 | 32ff40a65ab92beb59102b5eaa083907 |
| SHA1 | af2824feb55fb10ec14ebd604809a0d424d49442 |
| SHA256 | 07e91d8ed149d5cd6d48403268a773c664367bce707a99e51220e477fddeeb42 |
| SHA512 | 2cfc5c6cb4677ff61ec3b6e4ef8b8b7f1775cbe53b245d321c25cfec363b5b4975a53e26ef438e07a4a5b08ad1dde1387970d57d1837e653d03aef19a17d2b43 |
C:\Program Files (x86)\BonziBuddy432\ssa3d30.ocx
| MD5 | 48c35ed0a09855b29d43f11485f8423b |
| SHA1 | 46716282cc5e0f66cb96057e165fa4d8d60fbae2 |
| SHA256 | 7a0418b76d00665a71d13a30d838c3e086304bacd10d764650d2a5d2ec691008 |
| SHA512 | 779938ec9b0f33f4cbd5f1617bea7925c1b6d794e311737605e12cd7efa5a14bbc48bee85208651cf442b84133be26c4cc8a425d0a3b5b6ad2dc27227f524a99 |
C:\Program Files (x86)\BonziBuddy432\MSWINSCK.OCX
| MD5 | 9484c04258830aa3c2f2a70eb041414c |
| SHA1 | b242a4fb0e9dcf14cb51dc36027baff9a79cb823 |
| SHA256 | bf7e47c16d7e1c0e88534f4ef95e09d0fd821ed1a06b0d95a389b35364b63ff5 |
| SHA512 | 9d0e9f0d88594746ba41ea4a61a53498619eda596e12d8ec37d01cfe8ceb08be13e3727c83d630a6d9e6d03066f62444bb94ea5a0d2ed9d21a270e612db532a0 |
C:\Program Files (x86)\BonziBuddy432\SSCALA32.OCX
| MD5 | ce9216b52ded7e6fc63a50584b55a9b3 |
| SHA1 | 27bb8882b228725e2a3793b4b4da3e154d6bb2ea |
| SHA256 | 8e52ef01139dc448d1efd33d1d9532f852a74d05ee87e8e93c2bb0286a864e13 |
| SHA512 | 444946e5fc3ea33dd4a09b4cbf2d41f52d584eb5b620f5e144de9a79186e2c9d322d6076ed28b6f0f6d0df9ef4f7303e3901ff552ed086b70b6815abdfc23af7 |
C:\Program Files (x86)\BonziBuddy432\sstabs2.ocx
| MD5 | 7303efb737685169328287a7e9449ab7 |
| SHA1 | 47bfe724a9f71d40b5e56811ec2c688c944f3ce7 |
| SHA256 | 596f3235642c9c968650194065850ecb02c8c524d2bdcaf6341a01201e0d69be |
| SHA512 | e0d9cb9833725e0cdc7720e9d00859d93fc51a26470f01a0c08c10fa940ed23df360e093861cf85055b8a588bb2cac872d1be69844a6c754ac8ed5bfaf63eb03 |
C:\Program Files (x86)\BonziBuddy432\SSCALB32.OCX
| MD5 | 01a641e023d2f0393b751b8e2d2ac19d |
| SHA1 | 76e889e08babf28f95fd93c13eec0479078de7c9 |
| SHA256 | 6bbd2cd98e68f7ef5ce4f31a28e5581462a944f83a6479292cf35017142ac984 |
| SHA512 | a3c87633c76190c31123083b75ea62bf07f4337dc8c37fa21a8222b8743f508e32521f9179909bdfa6d48c1d88e89bdc2ce87458fc3215398881c31b3e533771 |
C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat
| MD5 | 4877f2ce2833f1356ae3b534fce1b5e3 |
| SHA1 | 7365c9ef5997324b73b1ff0ea67375a328a9646a |
| SHA256 | 8ae1ed38bc650db8b14291e1b7298ee7580b31e15f8a6a84f78f048a542742ff |
| SHA512 | dd43ede5c3f95543bcc8086ec8209a27aadf1b61543c8ee1bb3eab9bc35b92c464e4132b228b12b244fb9625a45f5d4689a45761c4c5263aa919564664860c5e |
memory/5664-2690-0x0000000000400000-0x0000000000424000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.inf
| MD5 | 0a250bb34cfa851e3dd1804251c93f25 |
| SHA1 | c10e47a593c37dbb7226f65ad490ff65d9c73a34 |
| SHA256 | 85189df1c141ef5d86c93b1142e65bf03db126d12d24e18b93dd4cc9f3e438ae |
| SHA512 | 8e056f4aa718221afab91c4307ff87db611faa51149310d990db296f979842d57c0653cb23d53fea54a69c99c4e5087a2eb37daa794ba62e6f08a8da41255795 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.dll
| MD5 | 1cb10ecd5003ebdcc33f958b4e39762a |
| SHA1 | e770185650a53d0674c4e6fd7088a6fe39e16d37 |
| SHA256 | 5ed1a334431267c46f6427246946bc756338be5e831da961d0b06080429a94d4 |
| SHA512 | 5d559cdf95aa3dbc6f033f47ea93cf0ee25339be0c40717722ff5b945fce96fd91a13c574a1c938f2739777a247b5c0b4a827e7a706a6cbf0f5f90984a3f581f |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Msvcp50.dll
| MD5 | 497fd4a8f5c4fcdaaac1f761a92a366a |
| SHA1 | 81617006e93f8a171b2c47581c1d67fac463dc93 |
| SHA256 | 91cd76f9fa3b25008decb12c005c194bdf66c8d6526a954de7051bec9aae462a |
| SHA512 | 73d11a309d8f1a6624520a0bf56d539cb07adee6d46f2049a86919f5ce3556dc031437f797e3296311fe780a8a11a1a37b4a404de337d009e9ed961f75664a25 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Msvcirt.dll
| MD5 | e7cd26405293ee866fefdd715fc8b5e5 |
| SHA1 | 6326412d0ea86add8355c76f09dfc5e7942f9c11 |
| SHA256 | 647f7534aaaedffa93534e4cb9b24bfcf91524828ff0364d88973be58139e255 |
| SHA512 | 1114c5f275ecebd5be330aa53ba24d2e7d38fc20bb3bdfa1b872288783ea87a7464d2ab032b542989dee6263499e4e93ca378f9a7d2260aebccbba7fe7f53999 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\andmoipa.ttf
| MD5 | c3e8aeabd1b692a9a6c5246f8dcaa7c9 |
| SHA1 | 4567ea5044a3cef9cb803210a70866d83535ed31 |
| SHA256 | 38ae07eeb7909bda291d302848b8fe5f11849cf0d597f0e5b300bfed465aed4e |
| SHA512 | f74218681bd9d526b68876331b22080f30507898b6a6ebdf173490ca84b696f06f4c97f894cb6052e926b1eee4b28264db1ead28f3bc9f627b4569c1ddcd2d3e |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.hlp
| MD5 | 80d09149ca264c93e7d810aac6411d1d |
| SHA1 | 96e8ddc1d257097991f9cc9aaf38c77add3d6118 |
| SHA256 | 382d745e10944b507a8d9c69ae2e4affd4acf045729a19ac143fa8d9613ccb42 |
| SHA512 | 8813303cd6559e2cc726921838293377e84f9b5902603dac69d93e217ff3153b82b241d51d15808641b5c4fb99613b83912e9deda9d787b4c8ccfbd6afa56bc9 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tvenuax.dll
| MD5 | 1587bf2e99abeeae856f33bf98d3512e |
| SHA1 | aa0f2a25fa5fc9edb4124e9aa906a52eb787bea9 |
| SHA256 | c9106198ecbd3a9cab8c2feff07f16d6bb1adfa19550148fc96076f0f28a37b0 |
| SHA512 | 43161c65f2838aa0e8a9be5f3f73d4a6c78ad8605a6503aae16147a73f63fe985b17c17aedc3a4d0010d5216e04800d749b2625182acc84b905c344f0409765a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\ADVPACK.DLL
| MD5 | 81e5c8596a7e4e98117f5c5143293020 |
| SHA1 | 45b7fe0989e2df1b4dfd227f8f3b73b6b7df9081 |
| SHA256 | 7d126ed85df9705ec4f38bd52a73b621cf64dd87a3e8f9429a569f3f82f74004 |
| SHA512 | 05b1e9eef13f7c140eb21f6dcb705ee3aaafabe94857aa86252afa4844de231815078a72e63d43725f6074aa5fefe765feb93a6b9cd510ee067291526bb95ec6 |
memory/5544-2818-0x0000000004390000-0x0000000004A32000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\W95INF16.DLL
| MD5 | 7210d5407a2d2f52e851604666403024 |
| SHA1 | 242fde2a7c6a3eff245f06813a2e1bdcaa9f16d9 |
| SHA256 | 337d2fb5252fc532b7bf67476b5979d158ca2ac589e49c6810e2e1afebe296af |
| SHA512 | 1755a26fa018429aea00ebcc786bb41b0d6c4d26d56cd3b88d886b0c0773d863094797334e72d770635ed29b98d4c8c7f0ec717a23a22adef705a1ccf46b3f68 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT20.INF
| MD5 | e4a499b9e1fe33991dbcfb4e926c8821 |
| SHA1 | 951d4750b05ea6a63951a7667566467d01cb2d42 |
| SHA256 | 49e6b848f5a708d161f795157333d7e1c7103455a2f47f50895683ef6a1abe4d |
| SHA512 | a291bb986293197a16f75b2473297286525ac5674c08a92c87b5cc1f0f2e62254ea27d626b30898e7857281bdb502f188c365311c99bda5c2dd76da0c82c554a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\W95INF32.DLL
| MD5 | 4be7661c89897eaa9b28dae290c3922f |
| SHA1 | 4c9d25195093fea7c139167f0c5a40e13f3000f2 |
| SHA256 | e5e9f7c8dbd47134815e155ed1c7b261805eda6fddea6fa4ea78e0e4fb4f7fb5 |
| SHA512 | 2035b0d35a5b72f5ea5d5d0d959e8c36fc7ac37def40fa8653c45a49434cbe5e1c73aaf144cbfbefc5f832e362b63d00fc3157ca8a1627c3c1494c13a308fc7f |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDPV.DLL
| MD5 | 7c5aefb11e797129c9e90f279fbdf71b |
| SHA1 | cb9d9cbfbebb5aed6810a4e424a295c27520576e |
| SHA256 | 394a17150b8774e507b8f368c2c248c10fce50fc43184b744e771f0e79ecafed |
| SHA512 | df59a30704d62fa2d598a5824aa04b4b4298f6192a01d93d437b46c4f907c90a1bad357199c51a62beb87cd724a30af55a619baef9ecf2cba032c5290938022a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTCTL15.TLB
| MD5 | f1656b80eaae5e5201dcbfbcd3523691 |
| SHA1 | 6f93d71c210eb59416e31f12e4cc6a0da48de85b |
| SHA256 | 3f8adc1e332dd5c252bbcf92bf6079b38a74d360d94979169206db34e6a24cd2 |
| SHA512 | e9c216b9725bd419414155cfdd917f998aa41c463bc46a39e0c025aa030bc02a60c28ac00d03643c24472ffe20b8bbb5447c1a55ff07db3a41d6118b647a0003 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.DLL
| MD5 | 0cbf0f4c9e54d12d34cd1a772ba799e1 |
| SHA1 | 40e55eb54394d17d2d11ca0089b84e97c19634a7 |
| SHA256 | 6b0b57e5b27d901f4f106b236c58d0b2551b384531a8f3dad6c06ed4261424b1 |
| SHA512 | bfdb6e8387ffbba3b07869cb3e1c8ca0b2d3336aa474bd19a35e4e3a3a90427e49b4b45c09d8873d9954d0f42b525ed18070b949c6047f4e4cdb096f9c5ae5d5 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.HLP
| MD5 | 466d35e6a22924dd846a043bc7dd94b8 |
| SHA1 | 35e5b7439e3d49cb9dc57e7ef895a3cd8d80fb10 |
| SHA256 | e4ccf06706e68621bb69add3dd88fed82d30ad8778a55907d33f6d093ac16801 |
| SHA512 | 23b64ed68a8f1df4d942b5a08a6b6296ec5499a13bb48536e8426d9795771dbcef253be738bf6dc7158a5815f8dcc65feb92fadf89ea8054544bb54fc83aa247 |
memory/4708-3030-0x00000000042A0000-0x0000000004942000-memory.dmp
C:\Windows\msagent\SET6C0D.tmp
| MD5 | 316999655fef30c52c3854751c663996 |
| SHA1 | a7862202c3b075bdeb91c5e04fe5ff71907dae59 |
| SHA256 | ea4ca740cd60d2c88280ff8115bf354876478ef27e9e676d8b66601b4e900ba0 |
| SHA512 | 5555673e9863127749fc240f09cf3fb46e2019b459ad198ba1dc356ba321c41e4295b6b2e2d67079421d7e6d2fb33542b81b0c7dae812fe8e1a87ded044edd44 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTINST.INF
| MD5 | b127d9187c6dbb1b948053c7c9a6811f |
| SHA1 | b3073c8cad22c87dd9b8f76b6ffd0c4d0a2010d9 |
| SHA256 | bd1295d19d010d4866c9d6d87877913eee69e279d4d089e5756ba285f3424e00 |
| SHA512 | 88e447dd4db40e852d77016cfd24e09063490456c1426a779d33d8a06124569e26597bb1e46a3a2bbf78d9bffee46402c41f0ceb44970d92c69002880ddc0476 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTPSH.DLL
| MD5 | b4ac608ebf5a8fdefa2d635e83b7c0e8 |
| SHA1 | d92a2861d5d1eb67ab434ff2bd0a11029b3bd9a9 |
| SHA256 | 8414dfe399813b7426c235ba1e625bd2b5635c8140da0d0cfc947f6565fe415f |
| SHA512 | 2c42daade24c3ff01c551a223ee183301518357990a9cb2cc2dd7bf411b7059ff8e0bf1d1aee2d268eca58db25902a8048050bdb3cb48ae8be1e4c2631e3d9b4 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTANM.DLL
| MD5 | 48c00a7493b28139cbf197ccc8d1f9ed |
| SHA1 | a25243b06d4bb83f66b7cd738e79fccf9a02b33b |
| SHA256 | 905cb1a15eccaa9b79926ee7cfe3629a6f1c6b24bdd6cea9ccb9ebc9eaa92ff7 |
| SHA512 | c0b0a410ded92adc24c0f347a57d37e7465e50310011a9d636c5224d91fbc5d103920ab5ef86f29168e325b189d2f74659f153595df10eef3a9d348bb595d830 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTMPX.DLL
| MD5 | 4fbbaac42cf2ecb83543f262973d07c0 |
| SHA1 | ab1b302d7cce10443dfc14a2eba528a0431e1718 |
| SHA256 | 6550582e41fc53b8a7ccdf9ac603216937c6ff2a28e9538610adb7e67d782ab5 |
| SHA512 | 4146999b4bec85bcd2774ac242cb50797134e5180a3b3df627106cdfa28f61aeea75a7530094a9b408bc9699572cae8cf998108bde51b57a6690d44f0b34b69e |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSVR.EXE
| MD5 | 5c91bf20fe3594b81052d131db798575 |
| SHA1 | eab3a7a678528b5b2c60d65b61e475f1b2f45baa |
| SHA256 | e8ce546196b6878a8c34da863a6c8a7e34af18fb9b509d4d36763734efa2d175 |
| SHA512 | face50db7025e0eb2e67c4f8ec272413d13491f7438287664593636e3c7e3accaef76c3003a299a1c5873d388b618da9eaede5a675c91f4c1f570b640ac605d6 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDP2.DLL
| MD5 | a334bbf5f5a19b3bdb5b7f1703363981 |
| SHA1 | 6cb50b15c0e7d9401364c0fafeef65774f5d1a2c |
| SHA256 | c33beaba130f8b740dddb9980fe9012f9322ac6e94f36a6aa6086851c51b98de |
| SHA512 | 1fa170f643054c0957ed1257c4d7778976c59748670afa877d625aaa006325404bc17c41b47be2906dd3f1e229870d54eb7aba4a412de5adedbd5387e24abf46 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSR.DLL
| MD5 | 9fafb9d0591f2be4c2a846f63d82d301 |
| SHA1 | 1df97aa4f3722b6695eac457e207a76a6b7457be |
| SHA256 | e78e74c24d468284639faf9dcfdba855f3e4f00b2f26db6b2c491fa51da8916d |
| SHA512 | ac0d97833beec2010f79cb1fbdb370d3a812042957f4643657e15eed714b9117c18339c737d3fd95011f873cda46ae195a5a67ae40ff2a5bcbee54d1007f110a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTCTL.DLL
| MD5 | 237e13b95ab37d0141cf0bc585b8db94 |
| SHA1 | 102c6164c21de1f3e0b7d487dd5dc4c5249e0994 |
| SHA256 | d19b6b7c57bcee7239526339e683f62d9c2f9690947d0a446001377f0b56103a |
| SHA512 | 9d0a68a806be25d2eeedba8be1acc2542d44ecd8ba4d9d123543d0f7c4732e1e490bad31cad830f788c81395f6b21d5a277c0bed251c9854440a662ac36ac4cb |
memory/5664-3032-0x0000000000400000-0x0000000000424000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\$inst\2.tmp
| MD5 | 4b332a1b235922a7870595abef346cb6 |
| SHA1 | a0a9a95768942641c0622ddf2e29624c5fecb4bb |
| SHA256 | 4690ea1b97998f45a2bd991085dfb08177dd074bec58a9e07b61e3ed721bedce |
| SHA512 | 714447bd0441587dd0c17d0af0478aea575a419a20cba07508e03785f17d7a6f46dda686f9e9462125639039b9ce526538387e8822e2705a473ae45e85f3452d |
C:\Users\Admin\AppData\Local\Temp\$inst\16.tmp
| MD5 | 38851b1e45d75c5a7489188440c23ba8 |
| SHA1 | ef57d1afdce578cbcf6c79e613c805e24a840285 |
| SHA256 | f783ade814f65f9e750acbb0bd27312cbfc86d699edfa2c77773c67094c11fc8 |
| SHA512 | 88dc0680c9dc7b01c61ee7687fdfe95fbfcda6fb24c53ec643b5e0bfb3d8af9cf5dae098b6fcd22d3a92ce7b12a3f32862ad521b42e407de5be056dfea62135f |
C:\Users\Admin\AppData\Local\Temp\$inst\7.tmp
| MD5 | 420aee57b5e083d256d28e45ef887adb |
| SHA1 | 39f58e11b68f13932217b98672c4f33adc353be8 |
| SHA256 | 1efb1a8831f68b443a3e3a06599e914162dc1a9b1b8f9ebc8020b40b72bbfb80 |
| SHA512 | 76ae5dbb4aa3baf1df3e5684855ece03cd7693698b993a40da579c78c4cf9ba3dc4baaf699933d4bf56eca12ea2847b02f997d5d8ab8e5f267d5f4d6634a52cc |
C:\Program Files (x86)\BonziBuddy432\AUTPRX32.DLL
| MD5 | 6e62806f4121eed119ef7d361f3322ca |
| SHA1 | 2265e83e068fd0bda58d0ed8366050614138787e |
| SHA256 | 0563e77b6bd63eb0561f6264badb5d07dacb7287ce029dc3ca3279a964ea6a6d |
| SHA512 | fa5efb12fcd7d34a026b95a573c5a8b72dcacfa0c3df439e55691f27c9c0d8cd8905f0d3cad610259b9bdac474a3ed41796a91474e0ab522e78d8a2cf2a53dba |
C:\Program Files (x86)\BonziBuddy432\BBReader.EXE
| MD5 | eea3608cb27995431165a2caaafb00a6 |
| SHA1 | 45b73c03bd68be6b39d7e3737c4853db2998f3e0 |
| SHA256 | 2836a35937ad987bd9ddba33162136d71bcbaba0ad6d9b1930a412961b3a3523 |
| SHA512 | eafeda44eb25ed88e9ba286d18586c56c7e6e0d09930606306ad1cbc778a4c82cf167ec8dee045633ce480dbed954e8519614692f1fd458a8429a60de9f0e359 |
C:\Program Files (x86)\BonziBuddy432\BonziBDY.vbw
| MD5 | b4d876161a7abb7bcaea37003dae158f |
| SHA1 | 5317af4e389e00103faf2ec0a1acfa2b59b30843 |
| SHA256 | 4dd98f95113b70772308a4671a482b9b59bba5fbf41e928f2a833366c54424e4 |
| SHA512 | 3d5da08c1c39cb4ea24b66612a383e166500dbd891113f080c66ded8a29bf8e4094c6e407fc24f873d598e13daac8c06d91ba488f9d4ca10eecbc1f51f649767 |
C:\Program Files (x86)\BonziBuddy432\BonziBUDDY_Killer.exe
| MD5 | 913d38cb9d132c8c92b21cff05a7eb62 |
| SHA1 | eb829ea4de07193edb16d8c0196426919c452d42 |
| SHA256 | 6d80bd5a3d5ec6630e9a411a978c8e2c196f530f6a5b580fa982c5ad1622bd0c |
| SHA512 | 9b154d60352e864722c8f1ae0c0d0d4dcca670a47daea9b13b58a8cfd4f8c9275cebc6e51d755de77025e1a10115a2ac09416f273a44ead4a0c742f14e0e9d5d |
C:\Program Files (x86)\BonziBuddy432\BonziCTB.dll
| MD5 | 6a4c7d730aed29b0405b03e128c1655a |
| SHA1 | 1dbb8dbbe7bac39196f7697486a36dedf59b31f1 |
| SHA256 | f85525a3ebe334f7403f031ec47c2b32461650224223ee728107dce0e879ea93 |
| SHA512 | 212ebd6b0cfa2500add4813860c74288e83a606676bcba837d500ac30960c10cbf1da25c7f7c526cf9953ea619f8a3244dc1d5fdccb1c1577b271e37289ecd7f |
C:\Users\Admin\AppData\Local\Temp\$inst\temp_0.tmp
| MD5 | a2f2a9fe43b569b98438095489309cdc |
| SHA1 | 4e60205b39b2e7bad0ba3df8ee4a64423c4eda53 |
| SHA256 | c675e4999bce138c44f599ee358b1acc96b4034b2013803f58ca2880d860af33 |
| SHA512 | 6f2879e451f1bbd6a83a5d2d9153165e06bc9c9c8a4d2c90c3066d167cd6278b58040c714f27c23f023d50437b5c887cd0f7e131100d15bec47ca09e81b3803b |
C:\Program Files (x86)\BonziBuddy432\Bonzi's Beach Checkers.exe
| MD5 | df4dff96403009d1d9a8555e7f7838c0 |
| SHA1 | 8f6f84030718eec2cb060a99cf74666161d52845 |
| SHA256 | ee9b75d85cb90af6036505f72a924a6c8330b7669725cc7d9035bc88534ee0ee |
| SHA512 | 032f79f98f257f4c6ea83b6a5685e3dedbe68812a87f8190d3582e38444563522f4875b75ee9c9a9982cb8558be70c4135adab5e201d4f0049d154887f4e954b |
C:\Program Files (x86)\BonziBuddy432\Bonzi's Solitaire.exe
| MD5 | cb3d6c8837f54326e3de5a785378d388 |
| SHA1 | 04ee501c85dde5cc50d95d5226986c47206cd0e0 |
| SHA256 | 9b8abef3c35e5da10179eae5885d0129af37e4f506670a08555d98e80e7e8d73 |
| SHA512 | 1631fe45cdb9105bff280621ff8149cad872c051992b983fc4d879f3fbbadaa887f3b822f88a6e8c12ddb786d960207d743a7e608d7db7ba3636e7091bc345c5 |
C:\Program Files (x86)\BonziBuddy432\Bonzi's Solitaire.vbw
| MD5 | 9b909f17e524b7fa854ad4709dbc349a |
| SHA1 | c66425f2082a88bbb248287128a1cda3a2fe7ade |
| SHA256 | f8cae184ce04d906e348ff795aa20f6ac26e45ee41fa3de16c6985b291e3fdc4 |
| SHA512 | 7124b6a8e66633c9fd1fcf006528db117de605ba7378b69fa6c7096f01a9f6d5757093a40e196d3e6b987a3ed4e96fed531ba05971974cd3143205d31e540dde |
C:\Program Files (x86)\BonziBuddy432\CHORD.WAV
| MD5 | e913f3f2201c09d938c63f10dc535bb1 |
| SHA1 | 1e326ad6d1c2c538c429235006e0fa64f9aeec9d |
| SHA256 | 1cdb5e4d203f61e94c02f5eea5008289fb463c02174879887fc62574b34c12d3 |
| SHA512 | 0838a26ee0d918cad1cec431ecd1ebe431f559951ccb85161823d234ae4157f0699d903af178b4af2d70046b04b29509bf1691f57c021f8f63dce579cbece233 |
C:\Program Files (x86)\BonziBuddy432\Intro2.wav
| MD5 | 125f1998a1e8fd06bb02f6168b0445fa |
| SHA1 | d65ff4d8a79e47122ba872ee3f4986df7827766a |
| SHA256 | 1d648a27a0209959027567f793f8b3fd18a103b64e62eda3f20f11192bd0dfaa |
| SHA512 | 62cf29c85efff23449f2cf0985c1eb5d71111bf5332e6932129ab9e9ec4d2fbf819851fbb9ea73946c24fa6a1715d1aea6eef58c5e52de340128a4aaf5267c56 |
C:\Program Files (x86)\BonziBuddy432\favicon.ico
| MD5 | e1a53bb79bcf97ae324b05552c1b3ca9 |
| SHA1 | 5ee16e7d9fb3473df37f1c318881a59b1bf2d9ef |
| SHA256 | d5343ff39d29ecd9b60fd31cc60321b2d4a36001d5d1ee24f6c766b10eef0095 |
| SHA512 | 1c8ac8b9a9e8e063f572c41ce9a7aac91dcf956763859716fa68247c3774cca00bf5aebd5dae3dfe6c0ef1a961cf640f7ad3c68965ec9d8b5e0d610b77c29c80 |
C:\Program Files (x86)\BonziBuddy432\emsmtp.dll
| MD5 | 365920b74d38322571e16f66686ef56b |
| SHA1 | d4a112bcc048526d1e6b7a6841c059c63d23d4f6 |
| SHA256 | 743857c8be216893265c231ad45f4ffd3babb67c024ef8ceb5a698e292464263 |
| SHA512 | f13a913e09b467a929fb25da3fce4c9eded9571c2f43d6a9365de4e86f4183434d643c32f35e5ee4b8d7798b5aa24beaf3898d61e92daa4df35f0a31ea338164 |
C:\Program Files (x86)\BonziBuddy432\empop3.dll
| MD5 | a0fdd2077934c34f08d48aa214da2c4e |
| SHA1 | 9b9593ef99515aac8665c6da73deb871815d73e9 |
| SHA256 | f198ec842cf9b9d1e9e3f4bb6864fae7eea98d6919e0c6609e139e00c262d6bc |
| SHA512 | 2bef50a54f8c06821e31771bac566992f7a8872709b8a993322a43750f19ccad773dd9fd88f87d819d317845ccfe1b66087c2b2bda094b3382e6054ccce2f62a |
C:\Program Files (x86)\BonziBuddy432\J001.nbd-SR
| MD5 | 35c46be741382648dbc6c7241d1f7148 |
| SHA1 | 24fea5f70e437ecd40a37035d2e1ca3df293d0db |
| SHA256 | 56ac8a4f90686b433297712de577ba68e0970458dee218764ed3acb3b3560f7b |
| SHA512 | ebbacc846af47d3e955a43291626470c73296c874b7d80f0021ec577922f29f453ab5794925b6372b8a75b732677d7c27c16c1f8728ee60a57c66dc4a6c4d86e |
C:\Program Files (x86)\BonziBuddy432\j3.nbd-SR
| MD5 | 4c273ee71a2d85203ca95387fa78a315 |
| SHA1 | 195a066b030685b1fb8b5e594f6a77889a1ff3ab |
| SHA256 | 2a9cbdbd1459111eac43d2d505e7828108c68cc5042c97b4e93d235962f8ad59 |
| SHA512 | 6e833e069f410d73976c97031b61949cfc31e81df7363e724090f13a5a2306496a1a15aa3ee01fa1cff43cf91d37d191c84be293ebf6ae7c1c5c3b55cee06724 |
C:\Program Files (x86)\BonziBuddy432\j3.nbd
| MD5 | 0b9550caef707aebf17f4c17a7e0f424 |
| SHA1 | 06d91cae8ea9324f76b7828d2d2e9455ba2c6c7b |
| SHA256 | 197cd5e9b3bdec70314d3b3e5ddb5ee41578907a8a50d9ad2fc3683ff271656f |
| SHA512 | d1cfda4b4d82a7cb0571e4c70dc5b8f4b2b19406364568a45e18dd68dfeeb1f37f4237b43448b0d1d12cfd388f54bd2d5f9390510593173c0dbcfddafcf18735 |
C:\Program Files (x86)\BonziBuddy432\j2.nbd-SR
| MD5 | 6f8c402777457a1cc7b7ca6f7a7657de |
| SHA1 | b05c00f28f9185ffd43c9ee479976382c64adbfe |
| SHA256 | 1837a9f0653a4093e448de37fdbf2bb0e4c3e98abb1414b8e60793a2863208a9 |
| SHA512 | 777d34f5e4e24c4f053050a99e00c6a7065bb89690c542362eadce7552c71005b6a7de0fdb20eeacece70610c900a1d51b6485332971d598e6c0dc475b228bda |
C:\Program Files (x86)\BonziBuddy432\j2.nbd
| MD5 | 788b0ec30cc5fae75d2a6ee0a3ef10fa |
| SHA1 | a879dc350bbe79dc2cae04ee804fd6ee9a1f8e1b |
| SHA256 | c032c71a49e0cb05072602c99251e6b1d76ca2db57120fc402b93d3392df7c3c |
| SHA512 | df5e1097db5326c168b0c840b2d598f82caab5138d30f899233a777e7164b8178e4ba9934eb0c32029533b6ee5f72c07fa279fcd93f8e11d4108485724abac1b |
C:\Program Files (x86)\BonziBuddy432\Jigsaw.exe
| MD5 | 07239776b0a3ff88b560eaa387bbb541 |
| SHA1 | 163e8351eb561918cd9abe5e74ed8f7e362fd6a7 |
| SHA256 | ca16981fc001cdff2005fbc95d843401ab387eaffd4bb4043e837ccff8639a15 |
| SHA512 | 6f82c60f51280ab66c4548e6c27691dbcef8ba7349406d1796ec1a5d637cf8215af26d52d14c8906792209c39fb4a446a3f56d42e37a8ba3180560c27c78281b |
C:\Program Files (x86)\BonziBuddy432\p001.nbd
| MD5 | 89baf0ce132d54517f89e6fdebb6764f |
| SHA1 | 41509f6bce097e434651148a36012cd8c66da2d7 |
| SHA256 | 6e39e8b14ac5a0dad47279595406a49c61c6748f16f4e69dd48738653e50882f |
| SHA512 | 2b3d3fe6dc4bddc34005cbf461f27e10e7a330aba645dd27ce787bc79ff28e9627abd3adce27bc8741ed160ceda9c22fa0c62d9faa16454d6700437eb72a6e6b |
C:\Program Files (x86)\BonziBuddy432\RACREG32.DLL
| MD5 | 4e86f6e372d5f823e457ee5358b46079 |
| SHA1 | 75bf76ac7de2a577532965c121aa0478076eace0 |
| SHA256 | 054fbd3c3a31cea5c69c78c1455d19d2f3486e07428ea951f107d5dac3e58d25 |
| SHA512 | 73b55608c748479ddd4cbdb2046488972bc2e9340e8c6fe6cf9d0d9badb344de9f5e7ed66f508c47db402d9479066d7f0f4644ba6551cec6318a5a5a468e5087 |
C:\Program Files (x86)\BonziBuddy432\s1.nbd
| MD5 | 4e4d3a1400a1d0bcf482fc8da711ccba |
| SHA1 | 751769e1582ce3a057ba6fb0270698a2a48d5dae |
| SHA256 | abad946feed68057f15569c0df432790b0c19a21149c8f07ecfc99fac2311616 |
| SHA512 | 13b04814456172ea858c220c36d0c066286965a2bcd217c0216788e3fb84ecc1c007ed8f44124a368400b858af584a2fff855919cb7bb3fb195da39abb0e675a |
C:\Program Files (x86)\BonziBuddy432\Snd1.wav
| MD5 | 7cf6069d29b9a66bf03ba1e554553fe9 |
| SHA1 | 001de4b7b9082f951e782efb74601d8e0447bee6 |
| SHA256 | 11863d5b7fec50e3ca69f74066b68ed389a18b6990394f3ed21d6ea0e67262e5 |
| SHA512 | 51414f0165ea67fcd96d0a5b2df1b321882145d3d3dcb146a0d896a3a0c395b2538cb01b7c27ce106acf65480d88bc5d2aba19e9ad03430bd756c5047f33d08d |
C:\Program Files (x86)\BonziBuddy432\Snd2.wav
| MD5 | bd183af23b343b2789e61f03b536aad0 |
| SHA1 | 66db4748e6214fdc4642e3f9a6bc4218b24ec5b4 |
| SHA256 | d59c9bc27494b2e68d5efdc1798dc5442f364bef46cfb1fcdf4b3b032358ac26 |
| SHA512 | ad5191eddb6838ea7b9200bc7a10c06e0a41966ba627a52ccd5a4f1008b1b85edfc63939a264822b7e1e9caf40e3428ddaaaaa80c82bb5066afe802d0dc52211 |
C:\Program Files (x86)\BonziBuddy432\speedup.ico
| MD5 | 6c9011742ff814f765779df48147fa58 |
| SHA1 | 5519c010b4af11452d126439d9e670ef68c77057 |
| SHA256 | aebda70076ae40f99896ee71d5a476444e91974a215663161b6b1d89faa3ab2c |
| SHA512 | 766005a4cfd5edb960346316725c1c4e427042118e1b702c0a67552b8c2de3a376ccd1422e0db0a8f955642a7e2686c70a266f01362bd17afefcea9823ce5d70 |
C:\Program Files (x86)\BonziBuddy432\sites.nbd
| MD5 | a8e5c2cef7e455ce4f6cdd601ac774bb |
| SHA1 | 0ebe0f1ddbdcaee08d4a5505b6f8a329022e554d |
| SHA256 | 5a8749440d441766dba442097d5956cd7bfc0f3bb1fb46d431df341bba1a2778 |
| SHA512 | 186a9146263011c70dd8c342956564163c4d496b938842eb2c06382464ab9aef73e5cf87dd70ee2d8177d61c1ccb3fb71510b5064b18a014b394322859fd7c3b |
C:\Program Files (x86)\BonziBuddy432\BG\Bg1.bmp
| MD5 | 48121e4f763d2badb816d57ffe54183f |
| SHA1 | d1e255061556a39e246e265020af21f9c6dbc910 |
| SHA256 | 7b22a9826f4882b32d9970e497d2a4df51b95afe2a785ba48a70a2fe5570f9a0 |
| SHA512 | 0a06654ef70b58b4b6766eb78bb139f57d1837c8ea3c9365de6c150e7230638ba47996a96c2d4d74de6a05e6bb765b3a71fa55af728f9889f122b386c80b40c1 |
C:\Program Files (x86)\BonziBuddy432\BG\Bg3.bmp
| MD5 | dbe2a8cd192a693f2b4a0c4295ddff18 |
| SHA1 | 07e02084b6add48a6064a913be30db09ef274f12 |
| SHA256 | 57a864f2892748903992f3cff6080c38c9021e67f95b96a0fb21ace01887f9dd |
| SHA512 | e5be6c467b0629fe9cb8f933d8866bd58bd0e2ddb66e6ad3bc354911dace51417a6533138295746e8e48c165e28af60ac0735f50a38cbb7b154f41b98c64c63f |
C:\Program Files (x86)\BonziBuddy432\BG\Bg2.bmp
| MD5 | 9b6e1bc5a87b90732f91fe4fe0a7397a |
| SHA1 | f3e503872ff2be7b824a90019edd9e175b22ce94 |
| SHA256 | 68d9a37cd35e7153d9a33630e13f3b80369ddbf9facc4e4280eb27e5c3d7add9 |
| SHA512 | 3fd67162a9f53be7284a1c9b89ecf53017ec82bf8c6e4edb683e9629410ba403246a594c028bf90113beb3e2a68351a1f46fea3c1d42bb64b66727795d5b5267 |
C:\Program Files (x86)\BonziBuddy432\Options\AutoDirPatcher.bat
| MD5 | 51b0404cce6d36549605f5674ef09bf9 |
| SHA1 | 9fe00a443f136534667cff0bcdc4df1d5c033f30 |
| SHA256 | 11c57b03dd1a8bdce3f15d74af679df4f7091fcec57699a09b47c83bca35a1d9 |
| SHA512 | 49b2c8618da03690a62caf405a4e062e3bf28404b7f411fbadb8c4e686189447e16dd9d6ddda197ec8483226c630b02954d8207541a3ff18161a8ebffdcd6b57 |
C:\Program Files (x86)\BonziBuddy432\Options\BonziBuddy.bat
| MD5 | f24f62eeb789199b9b2e467df3b1876b |
| SHA1 | de3ac21778e51de199438300e1a9f816c618d33a |
| SHA256 | e596899f114b5162402325dfb31fdaa792fabed718628336cc7a35a24f38eaa9 |
| SHA512 | c2636ad578f7b925ee4cf573969d4ec6640de7b0176bf1701adece3a75937dc206ab1b8ee5343341d102c3bed1ec804a5c2a9e1222a7fb53a3cc02da55487329 |
C:\Program Files (x86)\BonziBuddy432\Options\uninstall.bat
| MD5 | a187448694701f15f5ac836a258cfa78 |
| SHA1 | b47137ef4b5613a8a0bc0fa3e3095177cdd2f35e |
| SHA256 | 8c2960f58beebab3b77bc4c705e06edd1620083ac9614368a4244dad7a4a89f7 |
| SHA512 | fcb16cd4fe4c009b01583111ea4f4e14d3fda17633af45b1283a562e12388ce16ff37690e5f9c5ea69c7955ce0f5880a099b08699ea1c8192452a9e89327a6c2 |
C:\Program Files (x86)\BonziBuddy432\Options\test.vbs
| MD5 | 9673c87fa79561cb2ce31ea780e12985 |
| SHA1 | b20a855defe4d05e2e6a74ee34d8188d44772c58 |
| SHA256 | a49357c09b87f39aa3e7c1560de48e2a070f315399bc7a7337f7fa75f8b8a455 |
| SHA512 | cd30be0ef65f02e5312ad330c3879dcb695fd6e68061792302908fe9ac35c0ff184a870eb9e67b3e942f0a624fafff9a4554c1e45c2136761b64a7efef7ff314 |
C:\Program Files (x86)\BonziBuddy432\Options\registry.reg
| MD5 | 06730e009063976e92ca3155dbe21542 |
| SHA1 | 1904d9b3aa4fbc3f2f21cca4bd15ab031767e84c |
| SHA256 | 80088f8bc82b3facca2daf7066e9cb78e4bf0aa81c57f77a500a75e137c0b411 |
| SHA512 | 98c9d5ce10ee66f533df8e8aaaee42aeee2475f3a7a9cc6fd4cf963313a5e85da154171e5f1f41024c4a3249f78fee946a0f2d3de69c80393562f6dc39e8fef4 |
C:\Program Files (x86)\BonziBuddy432\Options\menu.bat
| MD5 | f04f8720e413478c181ba2cef8e4d384 |
| SHA1 | a19137dad529e68ebaed4fecfa9a9018c7ee9de3 |
| SHA256 | b65d7b112c124ab6f1927a72244160f83e7db7a5c948ec0b325f237a306db546 |
| SHA512 | b4d82e3f29f26c45c6533a56423c5770fff0217cc7237073e02df1a3a36716b54ac098aec83d64e1b1994350e1a0925b045a11ea6bba3a80c0fe94ebcde9d8e9 |
C:\Program Files (x86)\BonziBuddy432\Options\ManualShortcutsMaker.vbs
| MD5 | c33abdffe5e65874ee0ed59b40564cc0 |
| SHA1 | 48ba2360d6bd774acf7019bb92e85460ccfa5059 |
| SHA256 | 5c724387b4b1819a197b0d06b88394d7705a7311d17c8e29ac76e3b7439aac1d |
| SHA512 | fb8a22f15679341245a576077fc29fc0ea03577df1270382c8703b168af7b941bdd956adfc574a501cb771272d112e120934d7d4f45dadb6608c40cf53af4a83 |
C:\Program Files (x86)\BonziBuddy432\Options\ManualDirPatcher.vbs
| MD5 | c594e329508a06ba5e89adf59821f9e3 |
| SHA1 | 093a43a53d0129f5f04ed5bb48dc09ff21eb1a00 |
| SHA256 | 56e8d6f1006029624a8fb9b09cdd59f137eace19a122b82608e047613792de76 |
| SHA512 | c8cfa8560ed0ccb534a7b9626ea3b7dad13aae6f73276416a7f0183d0aed942f8d9f4b19eef7c64493983440603e1bde8e18428e0f93c5d5dc11dd947ee008f9 |
C:\Program Files (x86)\BonziBuddy432\Options\ManualDirPatcher.bat
| MD5 | 510937646168fa292f9485cefc3cd4fd |
| SHA1 | 8c70a305ebf5af333c5def9f4e9e9d0bb596d4d2 |
| SHA256 | 999a70147a3115502d5b47c2bebb6731b2cffaba93be49502034eba06034f412 |
| SHA512 | 244cbd347becd971b5da1e1909a0870003a4a96d811208f1d528df43b43de2a6e5a61ce9ced00690b67a2556a5a566cd3057214df8f3cea4dd8675e8b1726864 |
C:\Program Files (x86)\BonziBuddy432\Options\fix.bat
| MD5 | 00403d6181d3bc1782b9e2108d372d56 |
| SHA1 | bfca4357e50788b265d616b446664fe8ea9646b5 |
| SHA256 | 11c81b5638de403ab4bc1cb7299f7d46cc68da7c608dc971be6ff984c7391b8c |
| SHA512 | 3895c40d018673663f1262f04f8962376f4d1e71753562afc4eedcdeb1ee4dd92bbe56b9f1dea5c4f45884e53c046b7dc919b6e87d1548198be2b9baf1dceb90 |
C:\Program Files (x86)\BonziBuddy432\Options\chose.bat
| MD5 | 81b125b8da6edaf2f80ff3b90eea5981 |
| SHA1 | a9c9271e1ecaaf7fac491b3afc16e8a19eb9da5e |
| SHA256 | c191c970e39a53ae342515302c3bb1579ef5247ef76e8d2eb948000f2e5e0261 |
| SHA512 | 75d5dcc3e31a3d5e607365c4c46a9694b9c002037437a1c75ea3cefd8170f4e7e7ec8246224df26118eec2f9dd6e6891dd59e4d23fa56c9b6ac0ab76c4d4a550 |
C:\Program Files (x86)\BonziBuddy432\Options\CheckRuntimes.bat
| MD5 | 2966b9e9451b773573200add659bd660 |
| SHA1 | 86d0a8f276abfb0f418a5b809e6733d8215ead4d |
| SHA256 | 18ee11dc6a159dbbab4f56c0a552fb3d8ab5c3c18fc1744516dfd1cb17a293d4 |
| SHA512 | c4fc45247a1068ac83eaad571f97077871ba2b7950dc8affe30759790633f09618ce92d4eafbc5e224b52ddc0118931afd72f6ed0be2b29db9224d865bf3394c |
C:\Program Files (x86)\BonziBuddy432\Options\bonzibuddys.URL
| MD5 | 34a3b31000b28910ccd2a759a885cc90 |
| SHA1 | a9a3f6c09af904036bd9607179ffcfe3c854b3ec |
| SHA256 | ce6634b06d190b964741fb8dc53dad631a1b001a46193567e0d66bb478713b8e |
| SHA512 | 8b2631718b65714df93672f1cf5bfb16f03c3240a85f13d8d0dfde8129af8bb030e81f07f1c63daec78701b1ea7a36ce82fe8a7fc548c4600bdd27dcbbb31961 |
C:\Program Files (x86)\BonziBuddy432\Options\AutoShortcutsMaker.vbs
| MD5 | 943e197d47fef0c8ff3bbdaac77388c4 |
| SHA1 | 51d0ee2cb206cdcb0169d492e6c8dd6c604bb124 |
| SHA256 | cbb7267266008da6d58707bdb91ee3c57bd208d0653a32a8e9b5a7f7080061ed |
| SHA512 | 5ad4e13e9cb321f9a23e2333d9dcc846fdf3d1b65291784fe310eb653122e17c55d48ffdab91b90f2c772411ca6c39de99f045a6f2375b5b140212db20f232a1 |
C:\Program Files (x86)\BonziBuddy432\Options\AutoDirPatcher.vbs
| MD5 | 159d5892d949c6f759b5b17e99d38494 |
| SHA1 | 4af96f926d6bacb966c8635239a9b3719007898b |
| SHA256 | 08583009a3ed2b1668f729edc48d7c8eeba302a7f42fb5c303a97dd38b747041 |
| SHA512 | d3b4b913c60caa32f9a2201011ce24c7118266396bf7db2bf5fece2a2614a879d75d13c15b273b863a29b52518a12661bca4064e39cef403b5fb2de1f52760ed |
C:\Program Files (x86)\BonziBuddy432\Runtimes\spchcpl.exe
| MD5 | 7736b7cd493bbf7bb4bd3c55e3b980ba |
| SHA1 | bae4991fd253749ec3a6e2d723859229339ec5e8 |
| SHA256 | 69abb7e6b7737ec88a6a3333f7b593051ac16064c4d4d9d1f510a9e151c9b36a |
| SHA512 | 13637cf6a178251e073dbf985a41126f3831eb54e1fcb1521cd1402b7e23bb675466cd53213ba32a0a652ddee48e28b20d64dd632dd1a268b68da36e0f693f93 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page17.jpg
| MD5 | 7af7a675721f50492623d54c828fddcf |
| SHA1 | bfacc606197c260dfd3d5c60c6eda264cbb1bf3e |
| SHA256 | f08a95be88f1a893ef2989b258ab5699e49978776012789a4bde7056710fd45d |
| SHA512 | f049cff2a6e26b36dbf389b2625c272d35af4110f89789c1659eb6e13fefd057bdd7672209b3d693c7e0c2e31da376f47f892e7661579c333061f13a04613c15 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page3.jpg
| MD5 | 7455ce480dcba6cc511dd8f5dcc7c3f8 |
| SHA1 | 5395a1c85e25f2d33b545ae62f7c2b0d83a5eb03 |
| SHA256 | 7fb6ec96530be3754466c0c7a33c5302b8e38dd9d1b7fdde8c32926e98b4ade6 |
| SHA512 | 2f18c07f01c7bf6c7e8d5f6d77c02509f7da56a120d57e072cf9495dd54b23143c33079c735cfca2b7862d7266456447f4d63837b86310a964cfbca9854830c0 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb003.gif
| MD5 | ec0b47d2d9057ac9d80a3f7f6367de4f |
| SHA1 | 228c3f34695afaf8a3c48e9268cf49d93a94db17 |
| SHA256 | 95cbcbd9c41c128ae03b8536ee229771a8a42e3cbf57faf4697aaabe98c11108 |
| SHA512 | 8a77ee085dc0b5065789757f310f0e4b02b9ffb4e00ac159b6e2bd4e6b6fa634344456b6958998bc6905dae95bfddcd3863dd0504f6daec3dce685e260f6dbbd |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page12.jpg
| MD5 | 13ac61ed6148d887ec6571e181ddb11b |
| SHA1 | c3ab267bb353460da4c8505f343078bf97a9a6bb |
| SHA256 | e42286e86415ed7ff3f5206909cfbc2a8111d9aea7160b06d73e71072f8fa8f6 |
| SHA512 | cc6293db93f1e3d503a91377ca03c16701aee403b2c704ca9e1bac54c06b5ab55ac5a63c1951051359098df42756a67043a3ad09c07ce787f27d108eb8bbcacc |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page2.jpg
| MD5 | ceb7742d1bf22a39caaa45cafef4a7b1 |
| SHA1 | 37efafae5d2326cf52644304d4a06fbe826821c2 |
| SHA256 | bf164e9e1b512dee0902b66d39c9e8b7a9bf8b25beea206d593c93fe60816502 |
| SHA512 | 18fd22e878e4931db7b62a9a61c75c9c540ff769c8ac17d9dbe56a2a335f7d07fa945e9f69593c219522e9bf00473b4f1784b96c094fbd3aa35b2e1d6ee27958 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page1.jpg
| MD5 | 20ca931b49f42be729c409e5f4b719d5 |
| SHA1 | 54948429d371f838d5c24817736442350941d4e2 |
| SHA256 | a40837d0619a98a96a5a5cab016ba35694914607665d6cdd795ee0076f56aaac |
| SHA512 | 196fdb931daa28dadb29dc2404f61ae9cba007680738da87fa7fd425e05778454286127dec4e8756d88a73f27e3267e36eba19c731f73dbbbec08c4adfccb079 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp003.gif
| MD5 | e964851042773d0809582fde155b22c7 |
| SHA1 | 6d8879362935fb3ab9364feda8fb78d30cc22187 |
| SHA256 | 6078f5e78caa39fa31eaa23ab37e6939003b99e67a0c843335581cb8ec7c824b |
| SHA512 | 887eb03eb987df9c95b17ba93ad044bacae6dc9354eb5b994bfe0cb1a5c0959d360b3437f6eb4c8650176cd4cce9212bc5d5b9ba40359c0c33429391733cfd85 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page7.jpg
| MD5 | a3bf21eef4dccfd537856c47e8476db1 |
| SHA1 | a748d1c7f4320ef79471e5375548d08824063a58 |
| SHA256 | 62c6f4ee6a937eed4c0d93ba1e07f290005e4a9158da345dfd64656906f7e0d5 |
| SHA512 | 497c445b1ed3afcc04df7a07f7d6f22c127fabcf8cdca936a5ed54f9d828cd3cc2a423216e3a7dc0bc038bf3219b70d1daf48107dde0fd7e9ff3709853042659 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page9.jpg
| MD5 | 3ad3093c88e7c3d5a15fd2bcf8951abf |
| SHA1 | 968617d0c5ffbaff35d5dd38b222ab9645987827 |
| SHA256 | 0244e5c87ea823b5741c101129a3ab8a5dcbad798bde86ca15a838a777b26b67 |
| SHA512 | 53b2631b75cc7be8a6f5d687612521a4443ec7c9b6111ec1605c04ce2b04abb674962f37485ee3590573e62b7bed2b5c121d8f6277c3eca0f965b25e0ccd658c |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page8.jpg
| MD5 | a9550dd62d93b2e7dfd2fa722311038e |
| SHA1 | d9a8368accb18dbd0e3f8dcdc224f34e026a1e48 |
| SHA256 | 26040bf12d19bbe6c852237570e9a3722cc7dc7b11f4f2633aea014287bf3153 |
| SHA512 | 09d849af3361577a64bc77758193f1094c10ba5b443a7fe5ca81ea18daa5ffc9d871ce1e5585c492ba571629e02286055c0fd02d0fa29715118fb4fa7f64e8e1 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page6.jpg
| MD5 | b08b80d893510c78e9830c91139e4370 |
| SHA1 | 82c85eb44e6f3cc710aa605581c3721673c41302 |
| SHA256 | a5b2142913ac2983dbfaca6bb6c6743c762cf6c2edd3ddc2778e7b23ca0cc3d6 |
| SHA512 | dccde152efd04624b45b32f48e9f9891cba41e04871d06a72e57a4c43a1c497219c726347741382d07c79667515883329f06ca3511ca2655cc5fa5bb19fc7631 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page5.jpg
| MD5 | f333bc11d62a7eaf7cf4f0ef71078863 |
| SHA1 | 389327a5c4a7b86de347726a6ab815eaba9d53f2 |
| SHA256 | ffd5d52c98932d4feddfecd7aee546860c7fb46b6209dfc203e51a07c395a412 |
| SHA512 | 9cfc8ca1e0fe9a5c152738494ad010aa35335eb40433d2b0eb2825368d5d23147daf636436c2a49f244cd101176678cd91b895bebca640372347758d92d74651 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page4.jpg
| MD5 | 3f85711e30645829fc1ab0e2c338ee59 |
| SHA1 | dce77cd7d9513f092f6c2517d735444f678125db |
| SHA256 | 256aba539c9dfc725ecbb8925aef9e75435ce034597e16cdc21a4275c0ef814d |
| SHA512 | 40b19fa25a18b4a768811b6fd3decf10fbaffedb9f267c4d070c21871e49c01b511a07f86d09a8fb41a57c28c7cf6fb2944e202d9c6296073aef4ab47439722e |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page3.jpg
| MD5 | f2849d9e002cdfb7f49fdd599814d399 |
| SHA1 | 716b514a999ea2eaa130e09bd194bb2464076a08 |
| SHA256 | a3cb8b835b33194095574d7a0eb26bc11f92189711abe86785918f848999add3 |
| SHA512 | b2e4e55fa0f38193e785f3c5938c76aa538d0ce111c0197f7112b8713e26854b9f599df277b07cf0ff9f726d4af526ed754d5338791c3f339a41779fb302d31c |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page20.jpg
| MD5 | b2f5bf2956be990bc111501337664892 |
| SHA1 | 8cbc33dc7081d0160b18b63eda49c7f75d808bcf |
| SHA256 | 5fb9f37c7bcf322d4108fa7b424e54bb40f8dceb6016bf36c18d64003bf32635 |
| SHA512 | cab044b0eebddd9caad310c9770b13be0801f9577b3dad7c23c724eb82a643aecf8df43d2cfa73b1a40746cc320ad9e0075be31faff0417f3d3d5cb0b153b610 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page2.jpg
| MD5 | e9a0531812ba076f8610f9f877c5ed45 |
| SHA1 | 0e92eeea404a592a8a1f3297bddc3033d3c26405 |
| SHA256 | 178e4e26ee97549199d6765c4823cb18783f40b60f78f1b21eceb562d4d4d20d |
| SHA512 | 255056acfe726570e2e9e7f607e9625478b455c8c90271c9e57a2a65b81ff2208d225b9130e7e7642ef04b73224a888a86e0852450b7d8d35f9eb0b95340a9d1 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page19.jpg
| MD5 | e84e01b21f58d34424cdaa9703aaacfc |
| SHA1 | 1e573d629799a349cb02cf83588ced99f66ecb10 |
| SHA256 | 993824753ee0f99b020da4f5f0bda4b14ae0e5b535be14eb24decf398b3ee60b |
| SHA512 | bd079ecf06e5f7b1295110cea78ab63ab8c2d4bd4657f785771e94d57b994b3f80bb191ddb6327c69358a6d432040a4d60c217c83a564b0e2ece1bad763fbd98 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page16.jpg
| MD5 | b6332a8aa3afe8cb87be5284c263fa14 |
| SHA1 | 3b5c9b7750c0c8349d6549ed87e5352289280918 |
| SHA256 | 1a298bc3cc19d27f7f6213b19ecd238c044f631ed3fcd93515437a66ce165ecd |
| SHA512 | 51d051afa48dc9db63cebb1f7d532df6b46c21e296b41400be0d641a78a59770728222193afb349e7851268c6a98d567c94951bf99ecd7dc9620d05ec3b57c47 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page15.jpg
| MD5 | 236ba278a1c1af72d6afc1a0d58f1bbf |
| SHA1 | 2642f8d0f4dfb84128975f53a84406aa9d28b0cf |
| SHA256 | 8a040d1a94ab158f7807ddd2b9aaa0dba7a3e5dccfec6f2bea35673d29017de5 |
| SHA512 | 8af7461e6fc62bae79b9ad5d2a08daf644f20baa1f67f861632dedd65512dd64461a965a43fa529e0848305e3ae03b409f32e6ae8f3c134e262183b9424cde77 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page12.jpg
| MD5 | 01be157e8cd1fe6cb4a7003e78facbc9 |
| SHA1 | 312658eb73982dc1cc9983fece10bfe9a1af3795 |
| SHA256 | f8a8b2816920237db53bcc287a704be0adb43a55971f3fccec2925fd9dd143df |
| SHA512 | e01474d0cce75963799b646860de1bd434d1fb282acfdd38eb262be7f1940974518b09803390d9a8814074fc9c4f58363be999b83c7c867a431b6b24e6f9ba89 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page11.jpg
| MD5 | 581f82609b4884e89379b5b09a53ea14 |
| SHA1 | a76e7bf6bc9f98b54ebbdc33d278e087a6e2bad4 |
| SHA256 | 6dce70dc115740d5d52c0c0e2f1811f3ca457f5a948f207a5a4fccdccccfa365 |
| SHA512 | 8928b9961e4c43e8817a392826585c63d37fe596b1ce8565b1ca935a96502347de85fd9a4ad4a71b1a3e649c61851a340634a0e886439b411d50440d103c2d21 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page10.jpg
| MD5 | 0a1bbb7bead7a0dded90b8e4c1b52342 |
| SHA1 | 49a94562c37da753d7b1f2f74ff9cc11d1c6e541 |
| SHA256 | fbaffdfdd9ff30177d1da6ea5335a57fd31320158a6f659e1d0eaa433dc0df3c |
| SHA512 | 4d6b7087f45ec4a854d84ee41bbbe9f72df8cb370bc303507dbdbe289af4c24e548afaf02e813307251470ba6627455dadf6d8c235ae0f611fb684662e8b7c27 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page1.jpg
| MD5 | bcb18e7091c9a053ffaad154a796e22d |
| SHA1 | 48bb71296fe3d9c41d1423bd90a70602e14cb942 |
| SHA256 | ea87cabd9babb2b7e6791ac98451545e98051f5a3a65dc2021d41b6dc07e6441 |
| SHA512 | feff223b65d7cfadbfb83d2451672aa8d100de20274958f868649d9c92d8b83e43468041cf4ad2c20916edcc82ab1a3bd41740736e979168107fa07ae215fd4f |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page0.jpg
| MD5 | b9a19f739a5abe70ea04ff265d56058d |
| SHA1 | 2d1232622417c444c0256fecae26cdd4d16af125 |
| SHA256 | 6b3f8d11aeebf4d407e67f89e7d81d166c705ce6a8e9850bc9750306729c6f27 |
| SHA512 | 973fe510824480f51603d4ce08af9d7054257ac5b30c6191b378716e8f1c611caf3f81089b321aaa378212677d1ea0e1170c14a1618b647b14959bbeb9ea25aa |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\book
| MD5 | 08e382c1440b50b8e997f0d320f6aad0 |
| SHA1 | 167090cdb5c2a7b4b0fa63a0069b9e494c266a7c |
| SHA256 | 20a1a9d2a70aaa2d33355fb22284cd1ea5408824f93ab1d22f2145a99978402a |
| SHA512 | b0b6714d134b33a78bc766de89dbc01980aeefae397903f96d86e6f7b0fbd81711028623bee8425e0a483f83a801a2fcdc75226da3c46655aa146c8b4fad7929 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp007.gif
| MD5 | 934535182612b7b90377550f6f1a7a49 |
| SHA1 | 7fa2911dc190050ed7059259e3e55fb3ba3a0956 |
| SHA256 | 4e7c34f76e045cf1acdc64071a7fe2d31fec2864d89fdd87e3d79e37dabf30fd |
| SHA512 | 44c2191ba807d53c0cad1a3297f5a114f15d270f80cb8900f7cedb432165d2f741f66c05bb724666a534c917782ce3108273164e3afb13d7c311db9f80d8b9c0 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp006.gif
| MD5 | 1b853f839789d4c8a1d47393c06b1f25 |
| SHA1 | c65cab86f2dec503fc5caad740fbd1e81c1c0f3f |
| SHA256 | 1341f0db796d31c7382655362a682a45f00d5160ca149ddb0e13444bb622d9c9 |
| SHA512 | 60f523d36a5251dfa8ce373f046e246543b8b9b44b1beead17d9f2c6fb4ec6fa1cc3557c1342b1f8e90351d69023807ce415afcd92733845298f3e65a9e93c48 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp005.gif
| MD5 | 07d266b7a8c8499c57452f6c50046167 |
| SHA1 | 9e63e66164e18b4e6e151137316d92872ef9d470 |
| SHA256 | f30c86b0ffc248ab421f3d2cdf6dbfa1d7c3504400a8026b8548d8161c4fb081 |
| SHA512 | f3825788af9bb7c20e094f3652fea15b8beed76d78be231477d7ce4a1d13e6162ed451427f62d60c5bc7a434e539932fa7e41b81ef9675a749124110ba766a04 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp004.gif
| MD5 | 501eae9da0aebf0c28706d3e3a831f17 |
| SHA1 | 265db0cdd91a9f77dcb6d0d23884d74adc068ecf |
| SHA256 | e113e023fc04095434a417689f7b436a4e4120427c0f7368beb89e48e6ad6616 |
| SHA512 | 7fa85df145f470b74a2889a06d39c48dda006b0f85d13b8b8da5574ff8ba10d18965b57b5e6fcc577b09ccacc723446faff0a6b0d6a3ead512fb6b4cd8237501 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp002.gif
| MD5 | f1d401ed4184aa59fb75fca83e854fd1 |
| SHA1 | f3742178548022de8b6534817ff90c88e76ee6f6 |
| SHA256 | 92d4e729520977fe8c3cee533c7e259ab5ab67810f36c557c747ca821bc19ca0 |
| SHA512 | e745de3058317d6bad692880afc00d9362619382a71d8ecac79045d3cd8d37aeae91a2a4eb87f3fac6273f75e6f80b1809c2bc9d0a175f5f0dd7fdf5904c3685 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page7.jpg
| MD5 | 60447490b257933c2de36bffbdfe1f7c |
| SHA1 | 375aec1f6c66453b0f0968dd497e668ea1695e31 |
| SHA256 | db7027e0f7d02fe75874ab15de847352099e36bf10650c54c860e4fdd301d418 |
| SHA512 | 1bcfda7d1a75e1f39a16952e99f27bc042601b167caf230eb7bb78f32ca18ad9be7670708f6c5be99839fece81bff4d9a6aceb753335644e49edc77d15464bb3 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page6.jpg
| MD5 | 9e3f913b8b1a04af35cc01c338489f3c |
| SHA1 | dd5b3ca18b3e6d8050a01fdb9aa40058c2625b81 |
| SHA256 | 3c814e53b65c1752145f3248bc0996b9f8733537f9fece5e94aac072d6694364 |
| SHA512 | c67f602b4b76c88bacefdc86cc929a8cc043556e575ea1de8a3ed0481dd42f69fd9175bb39c46632078121a9e21149d7c41b959c4a9c5c0ab6a4fc4f3258871c |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp001.gif
| MD5 | a02aa2b82db348be4484ebe052d448d3 |
| SHA1 | 08c3c37acc48fcfb2a3d2a99ab4f0bca732e3225 |
| SHA256 | 86c740e67613e91aed0a45aefe643b50a3c763761264aab026859f3d1be20f74 |
| SHA512 | bf83bb918b8698d33e12b518f6e0558cacc18bb6c0c55839778ea7f4446a141d2904fe30953ed12c95193c598c9366d4c79795a68f0e10a96b57f03fca42c482 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page9.jpg
| MD5 | 4b4178dcdd926771e2d601f07edf1e55 |
| SHA1 | 3b87b64c316e43c46466b4b5b5d77112a7d6caad |
| SHA256 | c64ce0ded53d511f9a6deba02741d37e5c96e760bc34b294f546931c14d8137a |
| SHA512 | beb93360b8c1e3373d2fdc04afd7fc018033045918cf0587eca94ba65e4361415b29f0c779a86101ef1146072a88e2763552cc20c877b8816841a67d39a0bad9 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page8.jpg
| MD5 | 05de4b67553680cd23c5fa741b6991a0 |
| SHA1 | 13123c66da9c4997142e991adc6bb952cae57713 |
| SHA256 | d8333b0964148b5263793ca0493f40c373a47ea53fb3fd637f1431f44c414b7a |
| SHA512 | 56be6cf453fe8c346d8723d2fc6b3cf5f4d1f22b5fb791b43a4fd9196308fb2163207e58082e5a764d52647d5b13bf846a2b47a1912dbe44f6cfcb3f7f7667a7 |
memory/196-3717-0x0000000000400000-0x0000000000424000-memory.dmp
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page5.jpg
| MD5 | 91fd681cdd4a73a0c0dc4da4f5c2dbc7 |
| SHA1 | 8c4df7e7b87ba388d065a5732d2a48f2a2b4d5d4 |
| SHA256 | 38be8805a0cf6c7d34cfbb7256242d3e0aea0f3d36185ce6e73c7284bdd87e24 |
| SHA512 | e01db87b87da9b4638ab9ef6a01c1440ca2a2c678563a0ce8eda219989092e43e94dce53778ce240296659a3ccb923a29ea142198281c3245cc5d2ed666f2611 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page4.jpg
| MD5 | fb612fa0ba27a05bdb5f2afacc5c9f74 |
| SHA1 | 8b7ea2536a030b69c0e0ef578dd30897f4078768 |
| SHA256 | d635654cda3fff19815d46e1ea912291adb2c553933709826c1a167b6b77dd53 |
| SHA512 | b86f8ae215a03d8f594197245f11617dbed4ca314eced6f8c7a6502e1313849a5d1ba7e08e001e8514f168d1c8ab7bbc87081c183ebf21608e086140ab74a97a |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page3.jpg
| MD5 | 37d227a6ac8680e43df33ff6df5865da |
| SHA1 | 9d6aa22535d62783962c46be95cce2562aad894a |
| SHA256 | 45e619917f11c27e495813f5b3df036cbc1c022f8af9af174c3e606b0950fc0a |
| SHA512 | 993db401842dc987be8baa61b495b69bdce4764aeaebf2e67bd38b0899d00913b20ca1cfe686483dc7dbbfc6c2eae003e97d1b8888e494563df514cd84efa758 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page2.jpg
| MD5 | 5ab46cfeccde266448fc395c13c18946 |
| SHA1 | 7af4f9f9872c1c54100db865951bb7d5be5b413e |
| SHA256 | 102bf8d718bc7fd52ed450f81f4810d2af5d9e76d1f42ee983eea70b7222b529 |
| SHA512 | d744ceda60881c071c68602545bfc48c164997196518df9debd24d21c30fcace4e8300bb8e6c7e4dcb3352d3a60db68efae88769d850dc3f1b2afb018c44f9cd |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page16.jpg
| MD5 | 4f25fd90fff473840ef608d23efb3967 |
| SHA1 | 76e3b424c934e67d35fac4419f8b5561ba1f133b |
| SHA256 | 0f36eb4f571237452098816d03de25c9081625391a2295a5db4cd0a01933ddfc |
| SHA512 | 99b21e3431865bff3b9ad871a53a874d382b8612f1651198d03190e23e189dfaebeccde2e85ac8b59148a7c44487187ebc4b86c5c9d08286b3e27497a4e57306 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page15.jpg
| MD5 | 3e720f815cd37130935c0be313d7fe4b |
| SHA1 | 7005998c4541f6da091379f748af5394fe2b221d |
| SHA256 | e71359b05df80c15916fb273710c8a87702af891b11734663cf538a6baf0a32d |
| SHA512 | b665452711869dd9d774a87daf988041b5538d6bd903bbf7038193af9e13ecfbad9420dc50f03486995b76082c07d03da5d67a0858d2b0325e51a8ef8814e295 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page14.jpg
| MD5 | 628fa9eb07409a1cbb50639f2c6f29f3 |
| SHA1 | e1f92ed329cd99f69112059b8f7e60879ad4ffc7 |
| SHA256 | 8882f1cf6f0cae626f8677ff3d1b415a5df88f32b7e6f94690a5997823b4916b |
| SHA512 | 68b53043af8a63a559bb1f3490a05d604bc5bd54e38d9121bb5730c12e8d1a6a0100ddeb86b705e0f6f38f6dcf3e20a3e8ab6e9b062a3c7e3d3429712a0c5735 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page13.jpg
| MD5 | d8937305db2397be4d2d5aa50eccfa18 |
| SHA1 | a9e268193ac84de7383599ae766d4ea7fd2a6321 |
| SHA256 | b5c0c80f4c8f8b83cfde14a90c04b7eb6c3cd01b1e8dfa92e398937c90e0e883 |
| SHA512 | 9ad9dd0f5f6f005fa411550dd2fa649e3dfb2e4e179a90f2648ac66eeb45097b7e01b927488a61e9010c99bdcb4b07ae192cd40e06648b97a3aaaa6f754ca511 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page12.jpg
| MD5 | 739c4dcaad2aa6951b4c6b924d4078bc |
| SHA1 | c85b0346d0bb95817ee94042b5e6bb4c1dd7065e |
| SHA256 | 01006d2e7052d985101f0bce9c901c04fd55cd1cfb5e2d23385396f7e88e8fc0 |
| SHA512 | a22e34ac31a6b8d98f8901b5f75faf0f5ee5c362781bc81d3135ef48cc63a30613f6db120b3716ff0094fae016f0be231557c41e31c6f40f8ea8bb2bb7d2aca1 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page11.jpg
| MD5 | 7e1f1a4d240a827c40e9f3cd47d169e8 |
| SHA1 | a8587b711a0cbe45d6821750baf584d629e8c8d3 |
| SHA256 | 6a584c706ff3383b476fc4e55e7c16f0661c30c622237094f302db2f6cc7238a |
| SHA512 | 30586da3a9227a91fd3437f9fc1aed54198a805ab970dd221bad7aa6ea47be598455ae54e3e5b664b01f60fe99736196f42fb832a10613b570ad162a4647bfaf |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page10.jpg
| MD5 | e86ba8546995f30e9dd40e363f7de50d |
| SHA1 | 4cd4146839f61ae3709849a33a0bb95cba76d9ad |
| SHA256 | dc60db3b80e4c049bf870b2ce9981fefba35fba7afba5e60d75b9c0dac8ee141 |
| SHA512 | 88b50c7f7257d9e58f554e1d11cbcda57e30f56ce434a240f07152f6cf85ce4369e0185a9c3c96b18b886c22f35fae1383bfc79fb2d8c607659cdf5e19a5e450 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page0.jpg
| MD5 | 5d7dac6e837598fca17bc6dc6808921d |
| SHA1 | 8bea5a903042d1ca004b3307c43f4aa9fbfd27f9 |
| SHA256 | 6623c9cdac71de0076ec405505ee66671423752ae1c4d107963b41fed6234280 |
| SHA512 | 89c6af39a469efaf80f467ce910e9272dfae0fe0ca50ebeda8ecda3007e39548d2b8ff582cd9a2cca075ffe309b4103fa723a73c5f6117c8f0720e3124d1080b |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\book
| MD5 | e2b9604a4c6c86aacc681d8e2e6b251f |
| SHA1 | 39b684099529adb2bfb78d0dd1233b03c9fc6528 |
| SHA256 | 486c7e2d25096d871171fff1906c65f98e8c1fa888cc5c18558140f999274d4e |
| SHA512 | 6ad292e3d20dfd42228387181322ec6d4622d35b85829910f760a3fecaf110a93f000e3cbdbc575cf8a95f6d621af04b973e7c027667f8b9adfe90273464c632 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\Thumbs.db
| MD5 | 91122bf7c12c199558ac2f24bcacbcb2 |
| SHA1 | bf3cacf426b9e76348e2f4da0922c510cc83c004 |
| SHA256 | 2637ab06ccab00a9b6937c7d2c02e42a46d98f4351bed5236801ad3d3cad98f8 |
| SHA512 | dd52a1b2edbcaa11adab884de710edba1f42b47c53eb872cdb7f0710d550921a831aa85562a3dfaf1de9275b234d4f152e5c35350bf42674425a83c6e2db1da8 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\sp001.gif
| MD5 | d1bf19f98e5b064078d2fdc074d9893b |
| SHA1 | ecae2d5f2c6fe28e03baedcd84a27f0dd4ca51ff |
| SHA256 | 3a91e9c0f4514096923eb665974724e63c3037c224ce156be44cff2c1a35fb1a |
| SHA512 | 883f5327d6049237a66895b4d9a5e2ca49c8504582dd35201ae0e7de3262f2d729e3b7b1f4c795fd2d5d6d1cd89de8c3c3b0d3ce297ed6ef5d3494fb378a6df6 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page9.jpg
| MD5 | f7a203715b8a65b20855de0ef6769c67 |
| SHA1 | aa1f011ce44d4beee0d29379dc17a8e09ad7d22f |
| SHA256 | 215a885eb08f1cffce16c785be47456b38d17fb1485ede519d256d3405fc58da |
| SHA512 | 5fda653e314001e6c27df1507bbed7675da23fe883af9c28cb3aa5eb5fe9a13438daa50bc87114a5b1d521b74265f91124baf60a301bd634fd9c06db91845a56 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page8.jpg
| MD5 | 1cd4763792731c95bd42cdf9ba1d7563 |
| SHA1 | ca99ddbcd46da3f5e8c2b946f1e2f3dc3a93b22c |
| SHA256 | 82bf1e71642ce92294cedfaad9107c10f1a4e1f913fcdd2eaf7b3ce6594101df |
| SHA512 | 35a5821f598cafcf619fb39e09b8d9c8d5ff8631897d57a3c098e5f6c293af693fb1b6d76b8c2bd6f0c9cdda0b9ec6cd31a473ae3b672d42d117fcd3ccc47114 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page7.jpg
| MD5 | 55e51b0b399dfd183b5fff6b51f5af84 |
| SHA1 | f665b4c226cfdb5407e3cdd58201521d88131595 |
| SHA256 | 799e45d8227d2a9718fe85a3d3281cd4f0ca47a634e72dfb3beb253968c438e4 |
| SHA512 | a5c55f96b72a870ff79d0b8d56275944f069735e5b46df6ac6e48db1457e5a56633d8881bdfe574868e3edff1332b18d785858ab94dd5f492f034820d293cc0f |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page6.jpg
| MD5 | 5f122bd591cae0eb94e9a6aa30059354 |
| SHA1 | 336bf094f4d7b91883e01c228401ace6533bc187 |
| SHA256 | 30a17bb3c29ce5fd12f6c26ef6d6f6adc019be7ebe858125ef5682a18452186d |
| SHA512 | 6c99e11c8f7bf79114ab5c612cbcce3d7d4b0427e23ab25fd9cff02bed53b08b7b582dcf37845481259fb40a07e9e358ba79fb34f245e1380481737a934a0fda |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page5.jpg
| MD5 | f11574849d29f607d21a21b28765f686 |
| SHA1 | 3546773053192e0b4044561af8f6e322f0eb585c |
| SHA256 | 0824f38b3169496765f8d1b6cf925af47a1b53940c7b1c52e4f30cd770f5ad01 |
| SHA512 | 1c67fae3befb86a371dd546c42a6da18abcc23b36bf811c885e0972814a7338ecc027732b1e9497183b7340c06aebc17098abd7fa1821ffb38fa572aeca27e1f |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page3.jpg
| MD5 | 6f5cb5263b60cf2ca44f87faf8a51e98 |
| SHA1 | 774604cb4230782eb551a4a37aecbece3fc4f4a5 |
| SHA256 | 9080f1863c1c1b92068972bff9b7dd81b5abd314216f832879411d09b080de0c |
| SHA512 | 84c9f549cc7a634005f99e731288906eef432fdceb25396a90266a765721009ee8643fa84466392b80b60d69b5b798e75218691a723e5601c962300eea5c46f6 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page4.jpg
| MD5 | 1501134aa82fc7f1a967560b85518ce3 |
| SHA1 | b39f0a515c7f19cfdcf35bcfa03f46387b2477bb |
| SHA256 | e738143197ab2c1655345f29a3e89cdd65250d4eb631cfc930fb36abc4aff153 |
| SHA512 | 286e45a571d8fd8a999f65ae571adf4f5dbb9c715ec70938689d224d15843e7dd8695f3c94ae0a5777f4d90416787c37400dd54a9d0ded4e9a953afd7a2f5b53 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page16.jpg
| MD5 | e0de2c8139107ec64bde2b51f61014aa |
| SHA1 | cbe82dadf635d5f8e4321fcf5000064884814085 |
| SHA256 | 1cf3ec993c10248ae71928616ed8f6747be08cfcaa2a5ebb8336eb0a83bbd992 |
| SHA512 | 35c48f95917865178c9636b44c6ce9916f0c5911f81545f87d3a2a481e8ee22a35e8cef671b44d5e3ad63a399f8f5145b2a2fd43d131030e4ad17fe1bc5928ac |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page15.jpg
| MD5 | 447002498b5ba164f447e955afb8b85f |
| SHA1 | fef56f859c3889f2fe84e0381605a7bd975b9ea0 |
| SHA256 | 8a84938419a1f2a1895e482d2343cfb84a21ba2cd0053de298ac9315ead17dd9 |
| SHA512 | 368eb3e01791014d64b5e2409d6f51e367d578ed4b44ef0a779e2fc09fd79c73cee3ddbd4ce6df38641ad90afb117e115413f497e3fbcbd43bd299f264950c4a |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page14.jpg
| MD5 | 746b6a0f5c5cc637ff48394408b305e0 |
| SHA1 | de128d29da3918cc229d595091c2adaee68718c9 |
| SHA256 | 5c9c5b27a5104c494e657cd9d1d17b58338c3ed34dd38f51ad3a31d935bc88ee |
| SHA512 | f43374471da73fe8839b87cb9b857de00ebb7ff573096eb37e9ea66dc8e4d444c03b67971dc6a65fb5d1fe88976468452e83ade73d4e4f6b52f41baca39fee57 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page13.jpg
| MD5 | af87095f0801e28bc9443aa19953bbbf |
| SHA1 | b66a33b500769869a9b4a57cdf8d199e8a0cdf47 |
| SHA256 | ee4abbebc89abb59e830f51932dc25bffd87debdff9813ce0eec216bedb0cb9c |
| SHA512 | f3bb8d9e77e18dd37eb0ff4b94d92babef0830682338578f851766913c0f0e2b4f5283b260f2bac7c6bc8e5736d9dc8c74e872392f96b493197f1284724a506c |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page11.jpg
| MD5 | e8462a12a60c127b7a231218cba2ca41 |
| SHA1 | c922d146f8111cbe053df6c7fe2241b4d006047e |
| SHA256 | 1c2bf464976420ef71b59dbcb0fd16c20daec31f0fc5c03dbb3a4a5172c35712 |
| SHA512 | e2c2319dcddefbfba1299e3e58119077084c6c3b7f0eaf1d12991cea6510207b0d44712dd214d2f7fd08ed61520697908390b7e7c20ee0920b4766be0d6520d9 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page10.jpg
| MD5 | a4ea32bc6c92c2cf5cfb2593f72ca463 |
| SHA1 | 22ad90eeda027f59d41943e93b2ce8668baac676 |
| SHA256 | 606583c58aff143468c40e839c11710a9558c47b94d5a86d1151446f4c137404 |
| SHA512 | 8d365184033b5fcf85db7c6c5fafb3e324050c96eb954db9bf2758e067d0513d7dd0754c1d9fbfab153ad2d05ee51d7afbfff24ed7605bda745d9a2af705fea2 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page1.jpg
| MD5 | 170d89270e03dc2e7da9309abc47988d |
| SHA1 | 80227ad1bb344c35e156dd953299aacc9742a0f3 |
| SHA256 | 8edfe12a1d8674de7922a53aea1c8acd93a4e9b516e5c323f128e963aac974ea |
| SHA512 | 0b5fe93a12362dc8012dbd31d95746d3d4d4ab99a219e0ab49861116c13b6f5d347e23c6fad323d533b9ec11001c57774ed7db84a9a7ac916c0426ecb44fce88 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page0.jpg
| MD5 | 41386e0f455fbb9776aa8176b463b488 |
| SHA1 | 5655105d8fb1f6f0d20ac2f0e154c5af9dcf581a |
| SHA256 | 314fb3fad61f23649e79e63f3e0644dd8a0f8fd219e489f8d6d2ad7893e60f0e |
| SHA512 | b887a0fbe312dc5bb7c94f21327d8bb09f440ca3dd5187dd65baf0d75670d4e665e4fe99929c0662d4e95a3123b4114ed66fa51ec3575f7258a36163bb30d3fd |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb016.gif
| MD5 | 7ceaf70c43de87fe8f7106c5c024c6e8 |
| SHA1 | 72456f529f2e15112a57609950d5909c38471c61 |
| SHA256 | 7fd940a10524ed7aedb21658407cdbce0831475a51d7af081f1deacf9816fff0 |
| SHA512 | 382d8be5378ad62d238bacc4a45b93728d214c026afdd2a23a3854392b8f6ba617ea2e477c583d3de843d900f9a67d557b437fadc99dd29980db41bd6e09d3c3 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb015.gif
| MD5 | b9d7d09a834dc4541967ab78f7d0fd03 |
| SHA1 | 9581e21ef862542ef9f6263ac81377c7f3469b0a |
| SHA256 | 84f12116cfbeeee6373bb94a0d878e134fff50d598d6f1578f4131d23be3703d |
| SHA512 | a879dbacb814e1495f73a8a56aa46edefc6523ef9badf3d1845b6f9b234bb4daaea8d9537fd0babc4412c577860a1378802fe0a1bbe28a71283e4d5105c4176a |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb014.gif
| MD5 | 0c47d03a6d75689e2f84b925f87561de |
| SHA1 | 4782d1a60796d24f2406e35d18ee4c8fef59b64e |
| SHA256 | 963bb112090949111b885ab790c9e032784d9dc6c0fb3388f47d011f5bdf6c7a |
| SHA512 | c4e96977c2adfcd69cff2b22ff802bda3ae0c0ae6bfe3e2f1800a430d2f06749e450b4a39132be3e58c20e39e333eb7c79386ab69e8efbdb6256959c4a5a5feb |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb013.gif
| MD5 | 5ff48f51be9c3bed3e81d908c08d7135 |
| SHA1 | 7673287c411d65538b7e60d1e51a92d1acbe4d07 |
| SHA256 | f7eebb0ae58ea8e64160bf2bf8bab0955603c0208c3bfb760d89d01088f042c5 |
| SHA512 | c73ba4a996fa14f3ea9e70f6a1e980c3cb0d0ed57efa8b8d241a99ea2155bfede9d898e6404704ee005c9de130777a4d2c364012398fd839c5966a476ed05d76 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb012.gif
| MD5 | 03ac2cf533ad921fa2e570449c398d60 |
| SHA1 | b77a69ac67cc2ac113d997bf3c3d4cacd60b193d |
| SHA256 | 47f4755a428995775089a622f33eb54c4505d8a6ad7963c6de646de0b2156017 |
| SHA512 | 74acc8d75fcd3fdae5101b401e84042b6c04b3bd2347937d007201ffc9bcd06b84915beab9f58b3e1f0c09d9f49660eb979ff1d0d75db1e3396c31a5ebd0a794 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb010.gif
| MD5 | 79a9739cb814396f6cda31b59d3d87bb |
| SHA1 | 2993f8102994a1e238cd48541cad333ed950e88d |
| SHA256 | a16ddc10725a33dd91e617de97cfad7372ee33bbdf195312b70b1d10194b68c7 |
| SHA512 | 2a3e5fb4e102134aaab34d72246b194bba61b630e5e6ef7ced96574a137723cb716eb1d9a7350b4981048fcdb1f496d11fdcfa9edb5007aa06731b8ba09c62ef |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb009.gif
| MD5 | 62b85bbb9df60349a7c0d8cb06e090e4 |
| SHA1 | 4c231a467127d6cfc1118fd51a0b0220296e255a |
| SHA256 | b5cb2f91a884e832c0eecfffbc4b0f6920a67e0513f3e2ac9130bf6b744ad146 |
| SHA512 | 87e6608e33ec84ce04b20a44c69d1da3ca9f70b7f8542739456b27eb1d8c589f3cf6f22ca1b4777d0135e55f2f7e15cc5306736a5231bac81acb6b5d27f14134 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb008.gif
| MD5 | 517e6ce305c098d358d27e6a606a4e81 |
| SHA1 | 1f90118a88f4593ea4dd748526180f6c69ee617d |
| SHA256 | bdae04f6d7694e1981771c0a76fc555009dae6e56f2f11f8fdff87b2d9dd0797 |
| SHA512 | 044a47bb0115a0b8ec905f4b433acf00866e5faf4349e57aab219c80641d24dcedaed17a170d7bd7eed2e2727daf80fa6eebdfb95791bdabd1dcd2fc80ee9b9a |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb007.gif
| MD5 | 76a8d032c940da779016d3e356401758 |
| SHA1 | 2d60e50d4830e1355863544effef81a153867503 |
| SHA256 | 292ace5abc773d1dbe3db5c3a51d42b11a360e22b17643209b30f5988e437761 |
| SHA512 | 63abe8edd5bb928c4b594aded6da4e82efac7ea7ab086f2e5509391b1e0f5cb3fa6b965ffa4ffd342869d16d02b4c42e8b2c03b6b4a6fead8de581624d8643cc |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb006.gif
| MD5 | 0058727d44f8467d8283250a0b43556e |
| SHA1 | f2b42f0abe25803dd04b87a8512de171034c27be |
| SHA256 | 3f5adbc7bef95ac98d78d9b2e2f25c1b89dd6a14b02ad0c6801de51fe1e48843 |
| SHA512 | 520620f5b52a062d3b37eb866cf731ac0eb876683d929db7b84777c40cd645364c2c715aad50e87951ebf483cd4f45efe00319be1a36d63248b4f4d9c611350b |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb011.gif
| MD5 | 0420a172f5c3b557a58b9f51ed8c6249 |
| SHA1 | 07c58efb0135071854091f6b3c504b380c971dd9 |
| SHA256 | 741f4194e099e387d5b81753972074c2ec9944b36b442ee90f02f2e05a49e2f0 |
| SHA512 | eea3706f02d068df6e7f6744dc391400950cd635cb966fd224bd7818f140aea02e9389614e18887271cec6a167e699c36d37d2c972724222b9cdf978176ed755 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb005.gif
| MD5 | 618feaf37b7c85b693ce5ae0ac51a508 |
| SHA1 | d648be18ec2d54a7fe5e808517bea12e19a70fde |
| SHA256 | 0d177be82265d4458b9ab22efc15418128742dcd60488a5bdecd5d334164dedc |
| SHA512 | 9ba910a321de102eb56662acd4236030e64fdd0c026a8a81724b21ab0c0a9b6be7a45117730fbe27eeaa49e22a9ac746d48a8399263c389a338765d8afbdb0c9 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb004.gif
| MD5 | b743e2052f735e7e2f132d2843e53641 |
| SHA1 | edf2545d4279ebcb965aa42523ef4a93cbaf67a3 |
| SHA256 | 9f93891fe6aeeea23b10ae5aa680fd44e408b97ffd9df65cf0434fef1b049af0 |
| SHA512 | 0a16105b057875b105f217b40d8305feb7039f5222d7ecae7c329ab1efb1e4811d4ba111124b4bf5cd40f6bcac843a99444795dd296cd97cc01547cb4cb6cd20 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb002.gif
| MD5 | 794dedfb9768a5272ba8793933a3a44d |
| SHA1 | 010de007d8aa5fc21319cc8506b2d20565b29520 |
| SHA256 | d68e785094c2f0016c735ad9ac891e2ea2b0b30b4f30d800446759ba0134b7ac |
| SHA512 | fe2f5809f1cc2d0b3ac310a8b732ce4e014353056005ee6681c13181e3b9017d04f3ee1f8ba39c97dac00e944bbfb684c65de42e2092689d9b0f1c46d15e098b |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb001.gif
| MD5 | b8d3f236077a74be9fc38fac772f1b16 |
| SHA1 | 35f80cf295803363451dcf80c8e1f2b8610785d6 |
| SHA256 | ab33039db90f44dbb3c9967ab157f40805dd68311a441ce5e819c286a3569ddd |
| SHA512 | a88b469bf08324ee4dc5679b4e8c574ef13b76be70612de910df088ab2bbfb177a6a447d622069735108562aaac68dc4ea745577d4c186412bfe4ca08a0feffc |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\book
| MD5 | 5e8dc6605c8cd8a06497a5c22574c3a4 |
| SHA1 | bbff2a4f492241359c14b3a7660153c8c0312463 |
| SHA256 | f4b69039fc2e5827377bfc2e650623f2a1d0959e462c46e8a5502c68991cc641 |
| SHA512 | c137b5d888fbd5de91cdb7ff8baeecc5d3d1c193237a741a9741991e698925a89f7c623c7142a53704b3e0764b9d3ba28a9c93b455583b71d096ffe8e4ad80c6 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\Thumbs.db
| MD5 | 4c436b128feda301505e84bd00e9aace |
| SHA1 | 61a3bac625abb015cc8e1a6397107dcaabd9866e |
| SHA256 | 5d21bbd3ba16464b5ae1327867839f16eb5c161d60d2b5a81bd11a7f8075ffbf |
| SHA512 | 82f0d1a7fe5a4274991eeeedcba120fd16924ca02ee69b2668b29a108a26b6c2ce7c3bee3d289e6281574f57ca4407d56025cd10142b9fb28cdd180d22c4e42e |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page9.jpg
| MD5 | 3e93b462fccd9533c2dab973f717a8a2 |
| SHA1 | b0d6782f035a2d7e3de57a8260275586f3acb852 |
| SHA256 | ff19988ec62abe0e0624c2c5f91994d59c050b32217d680254e6b7796b6e8041 |
| SHA512 | 8622968201a10bd95388426dd6fbc0f41a650a742de4ef07c315555064b3cf135525c2b3506dc0af9a559707567af11ed7ac48694cfc197d54f06bc20dfdbd13 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page8.jpg
| MD5 | a25d8068b62c373ea11dd9112857e80c |
| SHA1 | bdcb6b8a76f4bccb664d93522eeb4dba9d851d2e |
| SHA256 | 544e8923ccef640c4b22499319ae5eff1b7dbae862e0143c40f6e870e9159db2 |
| SHA512 | 7262e93d05b675d85119d85ef8474eb2ec58828c7ce0ada1b754d15af918330ee8858d9c73ef191b5bc7f50c84ae25047a35186ed6685c7c161a4aaa925e7354 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page7.jpg
| MD5 | e77e17381f924ec64b43a4e9cf881cef |
| SHA1 | 22cf59e2f8745f14909e5638f3c2d07a68048f93 |
| SHA256 | 94ab8fff641c839e81860b1c3b5f28cf83ed86b5285fae14f27a112c03845d24 |
| SHA512 | 3da3e6b949e61524481a288012ba71248d787760208907c3d0243239e3fbcd661b579c3b1c0f06a59b9c3de589a612da241433baa4a970b723b9e6c065a0d22a |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page6.jpg
| MD5 | a644394a3090320de4583a807fb71ba4 |
| SHA1 | a54b6542e5fda980ca277c40f24e2c2863b4840e |
| SHA256 | a336ef4a9682e6209a47821007f4bb0ee2afb0e0bb2c3a15ef7d7c9928267aef |
| SHA512 | 322e6d09e9f66d6ad8c81937a4716512bded93ef2ff164bc0beb1f7fabd0866e4ea70cbfb96e1f96b9db3c224bfe444d2369e1145318e28fc5237a7b53f12e56 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page5.jpg
| MD5 | 4ec64b5866f3e42edfbae14d18fec0ef |
| SHA1 | 61a38083b79dc0f56408b692db424ebe424a863f |
| SHA256 | 3048bec5f4781d08360534a96ef7dec46a076cdb83cbfc1ecd84a157cf95f9f3 |
| SHA512 | d1c268fc46aa14dd77eb42211deb620ce07c512f14a30d7a47a2d3ef30db6981f5db413f1cc170bd414a4f252cfa3243ef196b80fde0f04d4efff5582d51780c |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page2.jpg
| MD5 | 9ea27ce1ba44be65a1756799a906668f |
| SHA1 | a4420b616beb0e2f5166471d655cb7cdfc866e27 |
| SHA256 | b961e9334abeef3ccca67eead97cfbd6eddc857f3d0a411e1978e22a14c27aa1 |
| SHA512 | 660413d845cfdd583555e1b8227849f4605ff369dbf07fb4c7085dae3aae1929db1b265326b7545255ceb52729ac072f83ba1a6a455ab582f5e14080aabba32b |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page4.jpg
| MD5 | 1895fe2f1c64a21f45f4b14ba9f4ca3e |
| SHA1 | da08d8d0ebe04c0c092166df13a1af530a968699 |
| SHA256 | 973f508f18f8c79dc0ae8810940d79ad3b46939ea69afc7c8864897d4cc284b4 |
| SHA512 | e2670a834f6a963b4456bab85fd1194516c05e4bdf8ccb7117e0d0181fcbcc98f3ab8e40ca25df386e25170f728ce72f690c888f8dfbc37151c9dfdb27aa0e26 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page17.htm
| MD5 | c03e5da83f9638627aad803869f8e89b |
| SHA1 | a93e0f8abc90d90cb1b1caca5d96ba40a3f896de |
| SHA256 | aca6a7880bd5a465d896f9d639e4a24fd93722d5d1f1b5bd08cde5479df67158 |
| SHA512 | e100cb00036b6d6a25151ce0ceeca21654509ad23a4e89d244ed0692cc83e45bbf6ab6f40e8fdabef8cbd4782236e0f76ed54569d60320b8c8c541958a754962 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page16.jpg
| MD5 | f9de53edeb7b5b9f1e59c41637553cdb |
| SHA1 | 7db31e8a8723f0b940504087371c50cb6953b9c4 |
| SHA256 | e43ef38555b187d9335c77d60ccd215504af10c626f76e4e4967fc690b6fc300 |
| SHA512 | 3a7be8b1f7c99242c381db4e0e6e52f3bcb71ac665d03ac81a93bf8f801335a6018faf7afa0d9d61bec7a481132f2541991e12c2e8d1d7a22eef13af955d9d64 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page15.jpg
| MD5 | b27f0a5f078782344ee60345bfb30b19 |
| SHA1 | 1e2d4ca315e01e9625a906ddffdd3c336596c432 |
| SHA256 | 2f1b0d7ff847c3987ddcd2eb432c8311bb148de5164b3d96f9f9a267d412079a |
| SHA512 | 58ca3d5336b9a37568bf0dd6fe92fee7a2ba6ecf4d24c66855f0f6dddbc402445e0830686f4566ea73eb1ab2217bdc15353979f4028654b06c8d793b15a87c82 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page14.jpg
| MD5 | 2f0b89fb6286f9cc3d4f698cfe915d3a |
| SHA1 | fb613a71ba544fff7e26be88e8c5316daa99fb0b |
| SHA256 | aa9acde92741388db556b92bb3b3c7052faf78984835d4e05f3ff1bb44c07a3c |
| SHA512 | 742841434414a05d9f5985674268c776123c504b38239f5552dc4e4431254a604e678f5b818570dfd99fafb905fcf052fdcb614952ff9f2befdfaf62453a36af |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page13.jpg
| MD5 | 3b53202999c06a3fc163ca659dfa31de |
| SHA1 | 73fa0053205b67920f7d3e6eef7fe19819603847 |
| SHA256 | 43f4e85f1c60b73fa8252dfc755e38649e8d23ba8a666a83d0cf859b0920f4a1 |
| SHA512 | 916aa4b595a91e13a0b1bddac0f9fedbd131fb024d0a925628fc332239fe053615298f5c18e2e8f4319f4d211c5d679aaa91350f5a781c8d0f18cbb71b3eb58c |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page12.jpg
| MD5 | 75ab958c17806c34e8bff5833816ce56 |
| SHA1 | 45410fa635d296b400da35cfa90e4207e43b084a |
| SHA256 | 2f52d995e111b8c9ac693663a03ca0545861e94c53c7110270d21ff10cd4876b |
| SHA512 | 7947fe6708c45109befcea84019b5f5f84ec1a80137c1895045a38c9151a525df283a47f9f300a386df992492b4f4b12b8a8eb2f0f9c98f8e4a9660723b53c8f |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page11.jpg
| MD5 | deb89b81b2655a117454893c71cf39be |
| SHA1 | 1c573f99842e46abc56accd7cb4d7f4b0f93d063 |
| SHA256 | 1eec3c97c806459052a98661e0bfcdac4eafef0df5fd2af6c4c53916156e5eb1 |
| SHA512 | 83536ba1b85b1822544997be4e4ec08e79684a747de5b2c1af3751d75d7dc848e0c743989cd5cc6996d3d8fad918cd7cf6420796d793e77c3261e58d61736107 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page10.jpg
| MD5 | 4ae333c66ef5fefe71af37c161ba20cb |
| SHA1 | e0ddf6e7d3535847a507099280cf892df5c56742 |
| SHA256 | 170bdf6aaf4971f4a7f8647aff13e586be00dfcf6f102ddfc218a28b55fc855a |
| SHA512 | 0e515f1e9b461267ca6c48be6874279d1eb575ae829ca2d1b0579d85f10e0249587c62d5063c3ad32416f1c0d66cb9d650f6cc58f27e10cf934430fd1a5fdcd1 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page1.jpg
| MD5 | 66fe43801d34b46bf67ed75989779010 |
| SHA1 | a5f48e93f10129ec8b0ae0b71a3901229d936fb4 |
| SHA256 | bc48c07bc245bb7a7561c983c72851bc2f48cae594472c48d3447456dcbea804 |
| SHA512 | 0c3ee73b3f1009140a5bbf8a07b059db37bdb30e673d46b87992541b4f96545f663b083c97926da7dbee053b5be557186aa9ea6e3a7deb2d511daa5f9f3e59da |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page0.jpg
| MD5 | 2f86991655a07f1e0ae608ae69c8de62 |
| SHA1 | 89885605155e2a4162bdb5bd0631e01e350d7608 |
| SHA256 | 4b0d3ac6305c56e814e87734d3798a4534b639fe7752a20bb398fa9eaf59bfd7 |
| SHA512 | 1843da571ee2ab31f6449e94698e51445e458829fe37b98c8967e9d3572a06811c12438f3b7cb8e908d95dd583429d69c524a50bdfd0390a84af0ccef5f2b552 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\book
| MD5 | 15ea0525b8eadba671e9d56306de1b01 |
| SHA1 | 056c306d935fffc9cd27e2db200c1efddc4155ad |
| SHA256 | 79acfe9005133be613baa6d85ff170ba9c4a7109d8dabd45cc5a39bf7f32b04a |
| SHA512 | 455b5b9daff01208df7a6cb2f24820130064dad73d8b34184a7f114f07221d2c5350c0e6b46ae5a0452db58fb95dfb27b20cfcaad1da2ecd9c03430f8b071966 |
C:\Program Files (x86)\BonziBuddy432\Runtimes\spchapi.EXE
| MD5 | 46878602caa5debb728c0f740aeb45d6 |
| SHA1 | 63237b1c8b656712d00a1e60a062a738f376a95c |
| SHA256 | 7b05a46c786c91492d154683259c229aa9456286f688da18d4016d91625bebcc |
| SHA512 | 4b20b82a543d19932a1b32629b7af3f1dd820211e2350d5fe1ef66e07007fc0717919ec509b5ff6e1495f0511433763198689df4c820e08c3df0029ab74218b9 |
C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe
| MD5 | 3f8f18c9c732151dcdd8e1d8fe655896 |
| SHA1 | 222cc49201aa06313d4d35a62c5d494af49d1a56 |
| SHA256 | 709936902951fb684d0a03a561fb7fd41c5e6f81ecd60d326809db66eb659331 |
| SHA512 | 398a83f030824011f102dbcf9b25d3ff7527c489df149e9acdb492602941409cf551d16f6f03c01bc6f63a2e94645ed1f36610bdaffc7891299a8d9f89c511f7 |
C:\Program Files (x86)\BonziBuddy432\Runtimes\Readme.txt
| MD5 | 5eab14a5391248bade4c546b26e04db9 |
| SHA1 | f00f4103914cced6aa612547542b7278b7661430 |
| SHA256 | b29f947446b61c80e8906be02b4793010aaaec5ab3c7538cc84cf0cb0b49631b |
| SHA512 | e18730a7bd2ee8fbb8c08c1258b0f7b39a7c0dec218f2c18bdc5f03dae7f8dcd31826af6373fbefcebed5e44b65ee8ae39d989756791ff9686115086813f7ae4 |
C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE
| MD5 | 66996a076065ebdcdac85ff9637ceae0 |
| SHA1 | 4a25632b66a9d30239a1a77c7e7ba81bb3aee9ce |
| SHA256 | 16ca09ad70561f413376ad72550ae5664c89c6a76c85c872ffe2cb1e7f49e2aa |
| SHA512 | e42050e799cbee5aa4f60d4e2f42aae656ff98af0548308c8d7f0d681474a9da3ad7e89694670449cdfde30ebe2c47006fbdc57cfb6b357c82731aeebc50901c |
C:\Program Files (x86)\BonziBuddy432\Runtimes\actcnc.exe
| MD5 | dab11c1ec076ae976ea272136a068c6a |
| SHA1 | cb8f7b3a2bd2148067ab1f2b9ed7e84159d5f740 |
| SHA256 | fbbd27df902483f524cc8ef269155d5d0d9828b12601c011f25322f87a0a84c4 |
| SHA512 | b9a7482a00786fd4bb47d59c0992dee12ff3a3d2d1815b2bf460cdbdb46f816d7e68d9cd6334c1d3414a0c4b2789340ba51ab1e22a5d54f7c1aabe3dc632d01e |
C:\Program Files (x86)\BonziBuddy432\t3.nbd-SR
| MD5 | d58e9150a9a022012c421bb8229385d3 |
| SHA1 | 9c1ecb6c18cddf731003e805914534635b0476b5 |
| SHA256 | a994e2ea053542543b647dc81d6e0aa7fc7585311b77f5fd76e13b1bd73a67cf |
| SHA512 | 90ae9db622ed832adcab70aab7833ee8eae4f18b006b89d5982586fb492a797f7ea0e5cdefde16b6929168f0db80ff56d49a39c53ac744e4e3487ef84d44f7cb |
C:\Program Files (x86)\BonziBuddy432\t3.nbd
| MD5 | 132adcfde600f76d5f9e4e8d45b5d936 |
| SHA1 | 619164a1f95d6f5c8286fa2ea7ab5513c6d4bb2b |
| SHA256 | 94c638be958f83325f9b96303e050383881959f509bc6c4afacd890db3755672 |
| SHA512 | b3bfa48570fc472846ae11712616ba63c6fef5994f04d463ae06cac6dbe5bb19ce43816b0c4b15ec37bc537c8c24d747757df116dade99d2f3c42f0f312a021a |
C:\Program Files (x86)\BonziBuddy432\t2.nbd
| MD5 | 3a538baefe6893b4997ffcd25f339329 |
| SHA1 | c2d3e1f16c663c435735cf27a6e114f5b2f85df7 |
| SHA256 | 87d531d27e9987f39934b0f093542790f25882c9e6e20ca554ca0405a16a4acf |
| SHA512 | e9eed3c7a0b9935e769b56d430fc6081e63f97a7d9d0df0b1913220cc0519223353ecc48b3dcc4a0147f77741d0367c0ba9b8d9a56645c1f03524399155c8c50 |
C:\Program Files (x86)\BonziBuddy432\T001.nbd-SR
| MD5 | 877bd06f8b02ff562dd476306d8bb8a9 |
| SHA1 | ae4198c145e9d69e122f3a387519194d4280a089 |
| SHA256 | 2f3d5ac26d4345be684f81cae8aa51f116334394680e9e6ac6a6ec49f58f3bac |
| SHA512 | e8fa96008c4aaca4c4251bfb310c14a4501aa59b02827e68e91013f4089bd7e20a498923046bc4469985703c94b3c116da890270f0a806431601db605a840fc4 |
C:\Program Files (x86)\BonziBuddy432\t001.nbd
| MD5 | 15a02eb5a83be1c01ff9579f2ce06aed |
| SHA1 | 1c8ed5541fb243602e963759ea4d284b9842000f |
| SHA256 | b30e7a66488327c0cf090ae98eece036f326c7f5b2ffa9f9cac3bf7df3e7af47 |
| SHA512 | 06a562d88eeb6ddd8c056df834bc8d0e02bba501c417f9a2531761492233e0f07d17ba65602c6acac2bdcbb463bd6aedba2f397b5b707bc64565958b78f27472 |
C:\Program Files (x86)\BonziBuddy432\SSubTmr6.dll
| MD5 | 1556c5b52a751c31b4ca6fe757704131 |
| SHA1 | a04263b37b69a5a53eaccc6d30dda61b2808224a |
| SHA256 | 48bb226b418dae999d66731599996e042c5592d845ea11548a15ccd3a00fb5ab |
| SHA512 | ea306e09834bd08edf8a5930c096eaff4ab6c6a8799f3910ab8ea88a0a25fde45de36887c13d468046e9bb2e1439e7bd34c970e3ef9f71d8e4eeb95b5fd60074 |
C:\Program Files (x86)\BonziBuddy432\Reg.nbd
| MD5 | 7c70fdb75615a12b46140d8e708b7fa6 |
| SHA1 | d2b5fe00939a1a53e249b7892b1d7d18f66adf45 |
| SHA256 | 03b3858e5766b07b919d176b541a105faf76e1a28ba01e3593cc319ad87dc3b6 |
| SHA512 | 632568205be861f532da9bac3f423306f44ab6b8874c1a8dd5872534afbb809081c861bff6fe041a2d7296a627f7a988059989dc58f0ba3b4162439525695b3d |
C:\Program Files (x86)\BonziBuddy432\P001.nbd-SR
| MD5 | 307f2e464cf4e0bb93fbf82037102e14 |
| SHA1 | b35f620a6dd2d0b5d04d669d4e2bb65c9c41363e |
| SHA256 | 3e8554436a52336c84117905b7b2383fe1aef01d613440d4cea70f035aaee28b |
| SHA512 | d03df59f9ebd5040ec5f6fbd5c1e426d8f4881d61ac0e98423c26d39a56b170da6a3cde6bd231209739c9a89224220514371bab2ebc38f8d9e6d86c4a76721b8 |
C:\Program Files (x86)\BonziBuddy432\ODKOB32.DLL
| MD5 | 94f66cd6a18efdb663a61f2025ab31c5 |
| SHA1 | 527afb33ff31f5ad1e60225081db34ad5083454b |
| SHA256 | c4b58c78dc14e247ba303f630e42e9e56667dafef7aba1f0fdfd058b658f0a36 |
| SHA512 | e4c14a7db92c9c7b10950ee52f34be73138ced3873962dc5a875949c533d187dc2251b0d37e6f855d54018b8662b63a611b1f0a71fb5c4744444dbf86492ed1e |
C:\Program Files (x86)\BonziBuddy432\msvcrt.dll
| MD5 | 055b02d711cdedb8c5997274c4e99cb8 |
| SHA1 | 5c816eeb6e4d5f1c11e9f56c992ee7d452e7c0f9 |
| SHA256 | d7cea69a98579d928e534070f5293e80ed7df38baf611b20717ef55aa1344a18 |
| SHA512 | 4774431fe768e424f46c833236a41d68f05d98ed14353b04428a5d190dbe213bb56087a5e5cca5cd98598f2c1611fddfed3a7a79bbd362bc02e586cc367907c0 |
C:\Program Files (x86)\BonziBuddy432\msvbvm60.dll
| MD5 | 5343a19c618bc515ceb1695586c6c137 |
| SHA1 | 4dedae8cbde066f31c8e6b52c0baa3f8b1117742 |
| SHA256 | 2246b4feae199408ea66d4a90c1589026f4a5800ce5a28e583b94506a8a73dce |
| SHA512 | 708d8a252a167fa94e3e1a49e2630d07613ff75a9a3e779a0c1fcbec44aa853a68c401f31a2b84152f46a05f7d93f4e5e502afc7a60236a22ac58dea73fa5606 |
C:\Program Files (x86)\BonziBuddy432\j001.nbd
| MD5 | 98c9159b828cbcd8f13a0491218bf537 |
| SHA1 | 6b9a736cb7840300e56acd2cbc635d5e451a68ff |
| SHA256 | e312728e0491e1a15405566c8f591cf3ca6128ca17e5e022a7550494a600ad27 |
| SHA512 | 9d07bdd0b7fbc3e23c6940c72e5e151271c61b703f0f6d858e81887fd4819f9574e4bc078bef8e2c3c9c661793884f98cc6305556f34d0092c6ce7c657aa16f8 |
memory/196-3718-0x0000000000400000-0x0000000000424000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b8981ccfc071520615b87390ab390b67 |
| SHA1 | dd9672b7d0423f995db4c1c2a264b3253df5a14e |
| SHA256 | 5c89551cfc68dcffc55565ea2e5e62d48040a89bed4425cf572500e937290d52 |
| SHA512 | 9a85e6bb052280342cde3f24567f4f16d22c9a0242d4b6ca10a1bd055a30030367acf8f94d5d083ce6349745cf81c00d33a11f049900dda5bbd69cb100ec902c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 223e082d6052d6e308a90628a908ea4b |
| SHA1 | 55bdb44a07863d9347e0e2534f9779afcf93941c |
| SHA256 | 127bdb5c14cc23b0e1a3c1f79775f7bcf26c8397c0de3c713d2c95b0c5898272 |
| SHA512 | 8c803b165362c45457e94768207d861df4bd13751f54d2b3cb5a2d34eb1eca7313ec4cbe4ef0db89fd51fdb350d5437eae446ba00c59d46a9eaff110706d6d37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 50d78732929c3becd433f367367b32bf |
| SHA1 | 3ba5119d5877eeb82449cb9e8da8b7d2601d6d9a |
| SHA256 | 66343a892139616fac4297b31e8f8e925faea422ed2c2dc47cd1f09f1a030101 |
| SHA512 | 3983c60ba322c09b89d344a6528f39d0982ec341d3fda44f6d9706a9064a9a26296e7b48eb840034855240031a7242d6d1dbdb57b4481f9b617b0589a6231251 |