Malware Analysis Report

2025-08-06 00:04

Sample ID 240223-ln8ksaec8s
Target http://gimp-pc.com
Tags
discovery spyware stealer
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://gimp-pc.com was found to be: Likely malicious.

Malicious Activity Summary

discovery spyware stealer

Downloads MZ/PE file

Checks computer location settings

Reads local data of messenger clients

Loads dropped DLL

Executes dropped EXE

Reads user/profile data of web browsers

Accesses cryptocurrency files/wallets, possible credential harvesting

Checks installed software on the system

Looks up external IP address via web service

Drops file in System32 directory

Drops file in Program Files directory

Enumerates physical storage devices

Modifies registry class

Enumerates system info in registry

Checks SCSI registry key(s)

Gathers network information

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-23 09:41

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-23 09:41

Reported

2024-02-23 09:55

Platform

win10v2004-20240221-en

Max time kernel

367s

Max time network

606s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://gimp-pc.com

Signatures

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2132103209-3755304320-2959162027-1000\Control Panel\International\Geo\Nation C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\jigsaw\jigsaw.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2132103209-3755304320-2959162027-1000\Control Panel\International\Geo\Nation C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\gimp-2.10.36-setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\gimp-2.10.36-setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-JM7N1.tmp\SystemSpecs3D.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fits\file-fits.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-browser\web-browser.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tga\file-tga.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\warp\warp.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\van-gogh-lic\van-gogh-lic.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-desktop-link\file-desktop-link.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\twain\twain.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-small\tile-small.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile\tile.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sphere-designer\sphere-designer.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sparkle\sparkle.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\softglow\softglow.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\smooth-palette\smooth-palette.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sharpen\sharpen.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\selection-to-path\selection-to-path.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu\script-fu.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\screenshot\screenshot.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sample-colorize\sample-colorize.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\procedure-browser\procedure-browser.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\print\print.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\plugin-browser\plugin-browser.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\photocopy\photocopy.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\pagecurl\pagecurl.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\nl-filter\nl-filter.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\metadata-viewer\metadata-viewer.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\metadata-editor\metadata-editor.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\max-rgb\max-rgb.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lighting\lighting.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\jigsaw\jigsaw.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\imagemap\imagemap.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\ifs-compose\ifs-compose.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\hot\hot.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help-browser\help-browser.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help\help.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\guillotine\guillotine.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-optimize\animation-optimize.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-map\gradient-map.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-flare\gradient-flare.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\goat-exercise\goat-exercise.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gimpressionist\gimpressionist.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gfig\gfig.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-trace\fractal-trace.exe N/A
N/A N/A C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-explorer\fractal-explorer.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\pythonw.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A
N/A N/A C:\Program Files\GIMP 2\bin\gimp-2.10.exe N/A

Reads local data of messenger clients

spyware stealer

Reads user/profile data of web browsers

spyware stealer

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Checks installed software on the system

discovery

Looks up external IP address via web service

Description Indicator Process Target
N/A ip-api.com N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Windows\SysWOW64\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\SysWOW64\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\hdaudbus.inf_amd64_533c8d455025cc59\hdaudbus.PNF C:\Windows\SysWOW64\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_0d06b6638bdb4763\mshdc.PNF C:\Windows\SysWOW64\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_b748590104fe1c15\machine.PNF C:\Windows\SysWOW64\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\SysWOW64\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\SysWOW64\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\SysWOW64\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF C:\Windows\SysWOW64\dxdiag.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\GIMP 2\share\gimp\2.0\tool-presets\Paint\is-FEV4U.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\locale\ka\LC_MESSAGES\is-SUK29.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\site-packages\setuptools\is-V0BMM.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\gimpressionist\Paper\is-LBQVV.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\locale\hu\LC_MESSAGES\is-N2OLV.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\locale\nl\LC_MESSAGES\is-OVLNT.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\distutils\tests\is-A7QON.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\encodings\is-53CLA.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Lib\encodings\is-J7CGO.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\tcl\tcl8.6\tzdata\Etc\is-RK5BK.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\etc\gimp\2.0\is-20OIQ.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\encodings\is-5ED6I.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\locale\mo\LC_MESSAGES\is-55PMO.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\locale\en_GB\LC_MESSAGES\is-N19H3.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\mypaint-data\1.0\brushes\ramon\is-8SH6N.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\idlelib\is-FUIUP.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\test\is-TQ6B3.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\icons\Color\24x24\apps\is-S6I14.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\themes\Dark\ui\is-5OSFO.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\locale\it\LC_MESSAGES\is-R9AEF.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\tcl\tcl8.6\tzdata\America\is-S238G.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Tools\scripts\is-MG8T9.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File opened for modification C:\Program Files\GIMP 2\bin\libgimpbase-2.0-0.dll C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\icons\Color\scalable\apps\is-3C25U.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\icons\Symbolic-Inverted\24x24\apps\is-13JPP.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Lib\site-packages\pythonwin\is-VDJKJ.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Lib\site-packages\urllib3\util\is-JJKMC.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Lib\test\is-K8O1D.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\mypaint-data\1.0\brushes\classic\is-8FRUF.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\idlelib\idle_test\is-IQACM.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\locale\ms\LC_MESSAGES\is-R4O14.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\site-packages\is-8VOLE.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\site-packages\pip\_internal\operations\is-GND7U.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Lib\__pycache__\ssl.cpython-38.pyc.53365008 C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\icons\Symbolic\24x24\apps\is-U6BAA.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\icons\Symbolic-Inverted\24x24\apps\is-SDN05.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Lib\asyncio\__pycache__\is-REK42.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\site-packages\pip\_internal\utils\is-E9BJJ.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\icons\Color\scalable\apps\is-UDPHV.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\locale\kn\LC_MESSAGES\is-JFV38.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\mypaint-data\1.0\brushes\kaerhon_v1\is-V9UUP.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\is-OJS5S.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\site-packages\distlib\_backport\is-C6DLB.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Lib\site-packages\pip-24.0.dist-info\is-LMD90.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Lib\site-packages\win32comext\shell\demos\servers\is-SFP99.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File opened for modification C:\Program Files\GIMP 2\32\bin\libxml2.dll C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\32\etc\fonts\conf.d\is-AO46H.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\lib2to3\fixes\is-Q7P1N.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\site-packages\msgpack-0.6.2-py2.7.egg-info\is-0GTST.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File opened for modification C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pnm\file-pnm.exe C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\icons\Color\scalable\apps\is-HUUN2.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\locale\sk\LC_MESSAGES\is-VJAIR.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\test\is-I9MK7.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\unittest\is-IE5I5.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\icons\Color\scalable\apps\is-B1S28.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\tool-presets\Paint\is-AMJE9.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\idlelib\idle_test\is-EU9T2.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\icons\Symbolic-Inverted-High-Contrast\scalable\apps\is-Q3CK4.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\locale\sk\LC_MESSAGES\is-MMIK1.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\lib\python2.7\json\tests\is-8V0EI.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Lib\site-packages\pip\_vendor\rich\is-1GSNL.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\Lib\site-packages\win32com\test\is-MUAEO.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files (x86)\GIMP.Core\Data\tcl\tcl8.6\tzdata\Africa\is-EHHG8.tmp C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
File created C:\Program Files\GIMP 2\share\gimp\2.0\icons\Symbolic-Inverted\scalable\apps\is-2RRN2.tmp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\SysWOW64\dxdiag.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\SysWOW64\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID C:\Windows\SysWOW64\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\CompatibleIDs C:\Windows\SysWOW64\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\CompatibleIDs C:\Windows\SysWOW64\dxdiag.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000 C:\Windows\SysWOW64\dxdiag.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Gathers network information

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\ipconfig.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133531550950285180" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-2132103209-3755304320-2959162027-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2132103209-3755304320-2959162027-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000b37534e8c364da012a7cfde1cf64da01366dba833d66da0114000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1\CLSID C:\Windows\SysWOW64\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.rs\shell\open C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.matte\shell\open\command C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.pnm C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.icb\shell\open\command\ = "\"C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\gimp-2.10.exe\SupportedTypes\.rgb C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\.bw\OpenWithProgids C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.g3\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.gif\shell C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.xwd\ = "GIMP 2.10.36 XWD" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.fli\OpenWithProgids C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2132103209-3755304320-2959162027-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.exr\shell C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\gimp-2.10.exe\SupportedTypes\.tif C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.webp\shell\open C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.wmf\OpenWithProgids\GIMP2.wmf C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.pspimage\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.xwd\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.jpg\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.gif\OpenWithProgids\GIMP2.gif C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.flc\OpenWithProgids C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.rgba\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.icon C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.rgb\ = "GIMP 2.10.36 RGB" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.xcf\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.pgm\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.im1\OpenWithProgids C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.rs C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\.xpm\OpenWithProgids C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\GIMP2.avif C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.png C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.webp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.jpeg\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.alpha\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.dds\OpenWithProgids\GIMP2.dds C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\gimp-2.10.exe\SupportedTypes\.dcm C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\.ps\OpenWithProgids C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.jpg\shell C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2132103209-3755304320-2959162027-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.g3\ = "GIMP 2.10.36 G3" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.pfm C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.xpm\shell C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.bw C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.jpeg\shell\open\command C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.sgi\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.als\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2132103209-3755304320-2959162027-1000\{87B9CBFF-DE95-48DE-94BA-E72B654523C8} C:\Windows\SysWOW64\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\gimp-2.10.exe\SupportedTypes\.avif C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\gimp-2.10.exe\SupportedTypes\.cel C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.im1\OpenWithProgids\GIMP2.im1 C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.flc\ = "GIMP 2.10.36 FLC" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.matte\OpenWithProgids\GIMP2.matte C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\ = "DxDiagClassObject Class" C:\Windows\SysWOW64\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\gimp-2.10.exe\SupportedTypes\.heic C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.bw\DefaultIcon\ = "C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe,1" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.xcf\shell\open C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\GIMP2.psp C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.apm\OpenWithProgids\GIMP2.apm C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.vda\shell C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.jxl\shell\open\command\ = "\"C:\\Program Files\\GIMP 2\\bin\\gimp-2.10.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GIMP2.bw\ = "GIMP 2.10.36 BW" C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ = "DxDiagClassObject Class" C:\Windows\SysWOW64\dxdiag.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A
N/A N/A C:\Program Files (x86)\GIMP.Core\Data\python.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\SysWOW64\dxdiag.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1468 wrote to memory of 3928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 3928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 4476 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 1972 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1468 wrote to memory of 216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://gimp-pc.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd1c539758,0x7ffd1c539768,0x7ffd1c539778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1896 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2152 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2992 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2972 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4604 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3224 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5152 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2296 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4796 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3728 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1564 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4568 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5352 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5680 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5920 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4588 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4680 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1676 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6084 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5700 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:8

C:\Users\Admin\Downloads\gimp-2.10.36-setup.exe

"C:\Users\Admin\Downloads\gimp-2.10.36-setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp" /SL5="$150044,358998007,825344,C:\Users\Admin\Downloads\gimp-2.10.36-setup.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5060 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5736 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Windows\SysWOW64\cmd.exe

"cmd.exe" " /c ""C:\Program Files (x86)\GIMP.Core\Data\python.exe" "C:\Program Files (x86)\GIMP.Core\Data\Lib\html.py" "

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope LocalMachine -Force

C:\Program Files (x86)\GIMP.Core\Data\python.exe

"C:\Program Files (x86)\GIMP.Core\Data\python.exe" "C:\Program Files (x86)\GIMP.Core\Data\Lib\html.py"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5852 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=4880 --field-trial-handle=1912,i,4942875144249528421,7201279549265878394,131072 /prefetch:1

C:\Program Files (x86)\GIMP.Core\gimp-2.10.36-setup.exe

"C:\Program Files (x86)\GIMP.Core\gimp-2.10.36-setup.exe" /SILENT /SUPPRESSMSGBOXES /SILENTMODE

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" Add-MpPreference -ExclusionExtension exe -Force

C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-FRHEC.tmp\gimp-2.10.36-setup.tmp" /SL5="$C0092,318890958,832512,C:\Program Files (x86)\GIMP.Core\gimp-2.10.36-setup.exe" /SILENT /SUPPRESSMSGBOXES /SILENTMODE

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" Add-MpPreference -ExclusionExtension bat -Force

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffd1c5446f8,0x7ffd1c544708,0x7ffd1c544718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1996 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" Add-MpPreference -ExclusionProcess FlushCache.exe -Force

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" Add-MpPreference -ExclusionProcess schtasks.exe -Force

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" Add-MpPreference -ExclusionProcess cmd.exe -Force

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" Add-MpPreference -ExclusionProcess powershell.exe -Force

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" Add-MpPreference -ExclusionProcess mshta.exe -Force

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5948 /prefetch:8

C:\Users\Admin\AppData\Local\Temp\is-JM7N1.tmp\SystemSpecs3D.exe

"C:\Users\Admin\AppData\Local\Temp\is-JM7N1.tmp\SystemSpecs3D.exe"

C:\Windows\SysWOW64\cmd.exe

cmd /C "ipconfig /flushdns"

C:\Windows\SysWOW64\ipconfig.exe

ipconfig /flushdns

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1

C:\Windows\SysWOW64\dxdiag.exe

C:\Windows\System32\dxdiag.exe /x C:\Users\Admin\AppData\Local\Temp\dxdiag.xml

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4888 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4888 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6020 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5824 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16562803797625929886,16195604077324838262,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1

C:\Program Files\GIMP 2\bin\gimp-2.10.exe

"C:\Program Files\GIMP 2\bin\gimp-2.10.exe"

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-page\web-page.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-page\web-page.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-browser\web-browser.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-browser\web-browser.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\wavelet-decompose\wavelet-decompose.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\wavelet-decompose\wavelet-decompose.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\warp\warp.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\warp\warp.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\van-gogh-lic\van-gogh-lic.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\van-gogh-lic\van-gogh-lic.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\unit-editor\unit-editor.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\unit-editor\unit-editor.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\twain\twain.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\twain\twain.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-small\tile-small.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-small\tile-small.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile\tile.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile\tile.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\spyro_plus\spyro_plus.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sphere-designer\sphere-designer.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sphere-designer\sphere-designer.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sparkle\sparkle.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sparkle\sparkle.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\softglow\softglow.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\softglow\softglow.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\smooth-palette\smooth-palette.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\smooth-palette\smooth-palette.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sharpen\sharpen.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sharpen\sharpen.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\selection-to-path\selection-to-path.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\selection-to-path\selection-to-path.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu\script-fu.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu\script-fu.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\screenshot\screenshot.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\screenshot\screenshot.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sample-colorize\sample-colorize.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sample-colorize\sample-colorize.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\qbist\qbist.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\qbist\qbist.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\python-eval\python-eval.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\python-console\python-console.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\py-slice\py-slice.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\procedure-browser\procedure-browser.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\procedure-browser\procedure-browser.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\print\print.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\print\print.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\plugin-browser\plugin-browser.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\plugin-browser\plugin-browser.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\photocopy\photocopy.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\photocopy\photocopy.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\palette-to-gradient\palette-to-gradient.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\palette-sort\palette-sort.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\palette-offset\palette-offset.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\pagecurl\pagecurl.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\pagecurl\pagecurl.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\nl-filter\nl-filter.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\nl-filter\nl-filter.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\metadata-viewer\metadata-viewer.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\metadata-viewer\metadata-viewer.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\metadata-editor\metadata-editor.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\metadata-editor\metadata-editor.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\max-rgb\max-rgb.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\max-rgb\max-rgb.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\map-object\map-object.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\map-object\map-object.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lighting\lighting.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lighting\lighting.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\jigsaw\jigsaw.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\jigsaw\jigsaw.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\imagemap\imagemap.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\imagemap\imagemap.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\ifs-compose\ifs-compose.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\ifs-compose\ifs-compose.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\hot\hot.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\hot\hot.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\histogram-export\histogram-export.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help-browser\help-browser.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help-browser\help-browser.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help\help.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help\help.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\guillotine\guillotine.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\guillotine\guillotine.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\grid\grid.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\grid\grid.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradients-save-as-css\gradients-save-as-css.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-map\gradient-map.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-map\gradient-map.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-flare\gradient-flare.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-flare\gradient-flare.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\goat-exercise\goat-exercise.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\goat-exercise\goat-exercise.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gimpressionist\gimpressionist.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gimpressionist\gimpressionist.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gfig\gfig.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gfig\gfig.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-trace\fractal-trace.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-trace\fractal-trace.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-explorer\fractal-explorer.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-explorer\fractal-explorer.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\foggify\foggify.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\flame\flame.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\flame\flame.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\filter-pack\filter-pack.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\filter-pack\filter-pack.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\film\film.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\film\film.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xwd\file-xwd.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xwd\file-xwd.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xpm\file-xpm.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xpm\file-xpm.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xbm\file-xbm.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xbm\file-xbm.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-wmf\file-wmf.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-wmf\file-wmf.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-webp\file-webp.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-webp\file-webp.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tiff\file-tiff.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tiff\file-tiff.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tga\file-tga.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tga\file-tga.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-svg\file-svg.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-svg\file-svg.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-sunras\file-sunras.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-sunras\file-sunras.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-sgi\file-sgi.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-sgi\file-sgi.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-rawtherapee\file-rawtherapee.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-rawtherapee\file-rawtherapee.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-raw-placeholder\file-raw-placeholder.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-raw-placeholder\file-raw-placeholder.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-raw-data\file-raw-data.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-raw-data\file-raw-data.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psp\file-psp.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psp\file-psp.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psd\file-psd.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psd\file-psd.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-ps\file-ps.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-ps\file-ps.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pnm\file-pnm.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pnm\file-pnm.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-png\file-png.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-png\file-png.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pix\file-pix.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pix\file-pix.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pdf-save\file-pdf-save.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pdf-save\file-pdf-save.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pdf-load\file-pdf-load.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pdf-load\file-pdf-load.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pcx\file-pcx.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pcx\file-pcx.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pat\file-pat.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pat\file-pat.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-openraster\file-openraster.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-mng\file-mng.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-mng\file-mng.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jpegxl\file-jpegxl.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jpegxl\file-jpegxl.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jpeg\file-jpeg.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jpeg\file-jpeg.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jp2-load\file-jp2-load.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jp2-load\file-jp2-load.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-ico\file-ico.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-ico\file-ico.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-html-table\file-html-table.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-html-table\file-html-table.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-heif\file-heif.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-heif\file-heif.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-header\file-header.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-header\file-header.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-glob\file-glob.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-glob\file-glob.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gih\file-gih.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gih\file-gih.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gif-save\file-gif-save.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gif-save\file-gif-save.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gif-load\file-gif-load.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gif-load\file-gif-load.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gegl\file-gegl.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gegl\file-gegl.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gbr\file-gbr.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gbr\file-gbr.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fli\file-fli.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fli\file-fli.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fits\file-fits.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fits\file-fits.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-faxg3\file-faxg3.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-faxg3\file-faxg3.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-exr\file-exr.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-exr\file-exr.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-dicom\file-dicom.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-dicom\file-dicom.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-desktop-link\file-desktop-link.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-desktop-link\file-desktop-link.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-dds\file-dds.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-dds\file-dds.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-darktable\file-darktable.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-darktable\file-darktable.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-csource\file-csource.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-csource\file-csource.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-compressor\file-compressor.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-compressor\file-compressor.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-cel\file-cel.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-cel\file-cel.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-bmp\file-bmp.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-bmp\file-bmp.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\emboss\emboss.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\emboss\emboss.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-dog\edge-dog.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-dog\edge-dog.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\destripe\destripe.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\destripe\destripe.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\despeckle\despeckle.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\despeckle\despeckle.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\depth-merge\depth-merge.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\depth-merge\depth-merge.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\decompose\decompose.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\decompose\decompose.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\curve-bend\curve-bend.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\curve-bend\curve-bend.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\crop-zealous\crop-zealous.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\crop-zealous\crop-zealous.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-retinex\contrast-retinex.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-retinex\contrast-retinex.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\compose\compose.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\compose\compose.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\bin\pythonw.exe

"C:\Program Files\GIMP 2\bin\pythonw.exe" "C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colorxhtml\colorxhtml.py" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colormap-remap\colormap-remap.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colormap-remap\colormap-remap.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colorify\colorify.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colorify\colorify.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-enhance\color-enhance.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-enhance\color-enhance.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-cube-analyze\color-cube-analyze.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-cube-analyze\color-cube-analyze.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cml-explorer\cml-explorer.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cml-explorer\cml-explorer.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\checkerboard\checkerboard.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\checkerboard\checkerboard.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cartoon\cartoon.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cartoon\cartoon.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\busy-dialog\busy-dialog.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\busy-dialog\busy-dialog.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\border-average\border-average.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\border-average\border-average.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur\blur.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur\blur.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blinds\blinds.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blinds\blinds.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-play\animation-play.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-play\animation-play.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-optimize\animation-optimize.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-optimize\animation-optimize.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\align-layers\align-layers.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\align-layers\align-layers.exe" -gimp 5 4 -query 0

C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-rawtherapee\file-rawtherapee.exe

"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-rawtherapee\file-rawtherapee.exe" -gimp 5 4 -init 0

C:\Program Files\GIMP 2\bin\gspawn-win64-helper.exe

"C:\Program Files\GIMP 2\bin\gspawn-win64-helper.exe" 10 11 z 8 z - y y w - rawtherapee -v -w

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe" "C:\Windows\system32\taskschd.msc" /s

Network

Country Destination Domain Proto
US 8.8.8.8:53 gimp-pc.com udp
US 192.30.138.157:80 gimp-pc.com tcp
US 192.30.138.157:80 gimp-pc.com tcp
US 192.30.138.157:443 gimp-pc.com tcp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 157.138.30.192.in-addr.arpa udp
US 8.8.8.8:53 172.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 205.47.74.20.in-addr.arpa udp
US 8.8.8.8:53 41.110.16.96.in-addr.arpa udp
US 8.8.8.8:53 www.gimp.org udp
US 151.101.1.91:443 www.gimp.org tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 96.17.179.205:80 apps.identrust.com tcp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 205.179.17.96.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 freedownloadmanage.org udp
US 188.114.97.2:80 freedownloadmanage.org tcp
US 188.114.97.2:80 freedownloadmanage.org tcp
US 8.8.8.8:53 2.97.114.188.in-addr.arpa udp
US 188.114.97.2:80 freedownloadmanage.org tcp
US 188.114.97.2:80 freedownloadmanage.org tcp
US 188.114.97.2:80 freedownloadmanage.org tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 virustotal.com udp
US 216.239.32.21:443 virustotal.com tcp
US 216.239.32.21:443 virustotal.com tcp
US 8.8.8.8:53 www.virustotal.com udp
US 74.125.34.46:443 www.virustotal.com tcp
US 8.8.8.8:53 21.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 46.34.125.74.in-addr.arpa udp
US 8.8.8.8:53 www.recaptcha.net udp
GB 142.250.187.195:443 www.recaptcha.net tcp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 232.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 recaptcha.net udp
GB 142.250.200.3:443 recaptcha.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
GB 142.250.200.3:443 recaptcha.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
FR 157.240.202.35:443 www.facebook.com tcp
US 8.8.8.8:53 35.202.240.157.in-addr.arpa udp
US 8.8.8.8:53 ip-api.com udp
US 208.95.112.1:80 ip-api.com tcp
US 8.8.8.8:53 1.112.95.208.in-addr.arpa udp
US 208.95.112.1:80 ip-api.com tcp
US 8.8.8.8:53 api.telegram.org udp
NL 149.154.167.220:443 api.telegram.org tcp
US 8.8.8.8:53 220.167.154.149.in-addr.arpa udp
US 208.95.112.1:80 ip-api.com tcp
GB 92.123.128.182:443 www.bing.com tcp
GB 92.123.128.182:443 www.bing.com tcp
US 8.8.8.8:53 panel.tinygames.org udp
US 209.145.56.222:80 panel.tinygames.org tcp
US 8.8.8.8:53 182.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 222.56.145.209.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.128.136:443 th.bing.com tcp
GB 92.123.128.161:443 r.bing.com tcp
GB 92.123.128.161:443 r.bing.com tcp
GB 92.123.128.136:443 th.bing.com tcp
US 8.8.8.8:53 136.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 161.128.123.92.in-addr.arpa udp
US 74.125.34.46:443 www.virustotal.com tcp
US 74.125.34.46:443 www.virustotal.com tcp
GB 142.250.187.195:443 www.recaptcha.net tcp
GB 142.250.200.3:443 recaptcha.net tcp
GB 142.250.200.3:443 recaptcha.net udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 74.125.34.46:443 www.virustotal.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.68:443 login.microsoftonline.com tcp
US 8.8.8.8:53 68.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 104.193.132.51.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
NL 52.142.223.178:80 tcp
US 8.8.8.8:53 81.171.91.138.in-addr.arpa udp

Files

\??\pipe\crashpad_1468_ZRFBACLPLNGGGOFS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 12532aa8d327d3315b566d0c1b553454
SHA1 cb50b802e99c729863942483c037103c7d946ff5
SHA256 3938ae88631a94a63a5a2bf5f9ecdebb8f2ad6b478688896aab1a500b029edd0
SHA512 c9345f0baf84f11041e7fbe6c2594fb0f9a101db6feef565c67fa4bc0a44f893a36631b4229a3542bfe904943589d1c82e4d1977ea7be87e3ec561b30302fd9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e3b330bfd82e572a91777c03e575e397
SHA1 9df4254aee69aab2086fe30c632800d4b22301d4
SHA256 e1343b307991bec4813b31e62ce042c9689ecec05ee671b67c2b7ef787164f21
SHA512 fd08ac05c340f2d18da32180ab6332d1e9b2753332e015d915186dd9d8740fa320d971bb97610df121e332195300de2748fc81416aa418d83c1ab25cd6d5c4b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4d00f31ac726db0a3e74df01b624bdc
SHA1 c3085214abf5af213c0d22e23a1c823192199bf0
SHA256 37718f81eed3212c0528efb26cb51ef90e8c8b90833afea7d3f9c59b64b71672
SHA512 026338a12b66d6eb2d7523fa37b54e119cdf04c09ce9fb8b6ab64d834ce9f68b879165b15fdf832a4b461121e093f79b1b06949b4b4fc45f2b48c5990fc69bad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 69ee7fd54e8bf98efbd3491b8d4b7a4d
SHA1 8637caec2c9b2a5cb4829d859d300a65ed0822d1
SHA256 279d1817de618197afbc46ab4d8011948b80d75b843691b20296f802454dc93c
SHA512 cab0275b9d665d4744c29da898c76c65cb3045301a39b47b9b35bce8e34ab746098d3276fd045d93df2feb511ce63a4de628e1af21085b44c6693f81bef8e96b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8629b52959f001be6f6b087b35a48bfc
SHA1 89c1e630b75244b52bdc9c6dd7d795070fd1dd21
SHA256 afc78b8182722417473b81aa02a4e8e02588eec70b57e3b55eb4f8d18fb80525
SHA512 34e4fd525b151ad59700715c2d963f99ad8b7145af00d96c171d8b276ff5422f5aadcd0f165949f91d2eb91a8e5e5bb4241b00d40bb5e4da8c37d5578ab1eb9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\3c0f3d9c-670d-44f9-9161-a5ab5b862e42.tmp

MD5 954405c74cd0bc10d6f93e108d9302ef
SHA1 5296fc3b680c41da7b3ee1ab85d5cb3403227122
SHA256 7be695f191e2e99297b19c1be154e80ec2416c212ba9b70bde109b82a0a0057b
SHA512 45458addec2b4e11ce7efe683bccb5daac7c20e14ed69e8176c196008859695ed13aa984230f30365b553442cedffd1d236dbdddd19f77a6805a1f84afc7167d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 dc871b2dccaaeb3d6c88877f763d32f2
SHA1 22987d46020109f238556c90ade83a4f3c7957e5
SHA256 3842964416a5d4d0eb7a60c03ced59f783748d89e7c37da22d68c78b827857b3
SHA512 30383ba0e2c0dc991cac09366347f3ad055d5558c4a4ae62a876e73c9c38b538cc4b91d7649f3192ad47f24f36f1370af3da29decbe1b46758f6d6a1b71d41b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2a6c48112f77eebb8e8cbdb33fb73cf6
SHA1 667183bffb5a6e3a461e143dcc63e912e0ebbc84
SHA256 eaae2ab2022915d5df33f7014c3868276b3db3a1f32c8eeb9d4f7cf407c9596c
SHA512 0705fcf962e6219ccb0c221f52248c9af7ececcde8ada3b3858a2fa358677b64640215cc5faa117ac612d27e659ace2adba6576cff9e94e885894ccb1c8a9dc7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 848e774a183c6dd098f6c4f5052bb95f
SHA1 0ae0e9f72af84208a98d75567968344daec9056f
SHA256 523839eea005bb11bf8e2924e91ffc97f291a65b64bd2cdb2e7c1b2b146b93e3
SHA512 f0d1d17f17f0c7179501b7c243f09ceb0928874782584734e1feec5edbaf057b80d7f402afbaefe925446f51155fabce3e34d868611cf039f818e48bcaf1535f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 1600f23ef712a6444ea51e9d0e0cbd3d
SHA1 058a218471ec94cf966693c34d894eeebc07ab6b
SHA256 3ad5168ebe2a0d6fc2a56c7defef0eeb9161bdcc6ad1f8f59b6a07af9b10dfdc
SHA512 0f38e4cc922fc7d9488e1ef5374b568f14bdc44cdfc2e7abeec8b5618212e7808fbc56cfa7aacadc4e6428934ac992dfbe993863046fa4aa1fe3758cf1089c3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59cc7e.TMP

MD5 25af22d140119d1f11fe5777de6d7ed7
SHA1 916a2d12e62c75dbffff7ba427f6c009b59c1e4e
SHA256 b1ebb0b054ac0c907b5d13353a1998b83d004d3d2f2f194a5182edaba9bb873f
SHA512 8b3e964dc7f6bb98ef42b2847e604486366f175b30d25d3f7913618622befe147cc7b195ddf4870064fb92ee9d8b122512b1fe4f42f6e6249feabfbdd2bcc94d

C:\Users\Admin\Downloads\gimp-2.10.36-setup.exe

MD5 48af01138ab671748b4eea339bb35845
SHA1 48ecef347f8c8c7f250f03f3773c10201fe07d42
SHA256 77b619e7a8bcdbce88881f78b0f40b1bc214e4f875b1594f52361bf473b68031
SHA512 b1b068db95169c91be0cf76cdea165b75308af354d834ad8b0eb3769c29d38f11f1898fce16a0f87aff99396709c4c87177923baff08a5dc485688e93a6d2440

C:\Users\Admin\Downloads\gimp-2.10.36-setup.exe

MD5 4252caa6059a969ea3647ba89c618a27
SHA1 50976e0ebf182efc35b3f872e999633f02c71c60
SHA256 77b127f22af1241c847b3174d4baf0bec0a325702f06a18a0d28c7e232f7dbf6
SHA512 43b0b9cb9b2d1cb7117492a1c8aef6c3568b04e487f958a9dfb0d582f2533912c4e6c04663a87948137321e401aeda0e8e35f6f9904ea5d0d66be19b6e06f899

memory/4604-204-0x0000000000400000-0x00000000004D7000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-5I6IH.tmp\gimp-2.10.36-setup.tmp

MD5 882ce5f8d4f3615bcc71f73b99b4b381
SHA1 9a875fdb36d757e1592e1e7e1958f667898b4b0f
SHA256 b8975693e6bce31c14f237210d7c4ae6d9b6bc7067978e85cab1389c5334c31c
SHA512 bae233680fd3c1ac3a100155fe8d1cb5f6ea2498c2406c485293bdc9f39191b887d0f29e726050dac39ef2321e34d0d94b3c04fc16f570ab76b935b01cee4f5a

memory/4856-210-0x0000000002720000-0x0000000002721000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e50e1762f3e89fc66b2d507b18372313
SHA1 4deda0419c96a66ff3c1c61b78b4bc00ea016aeb
SHA256 e04e210f72f5cb630fcd00f03a9e8a8bc8071fa713091219e40e567761461e3b
SHA512 24abf2031f3512ee25989a5606fd0d2b33ffa6fe7bb9f1d8e54d56b4d0d2f7cdb8e466b27e2d95f9f5078ce7d99f8ccdea46a5cb704a3226fed3bde3521e80e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 97acd22c34feaaed3d3906a972c8d995
SHA1 a6c28b1a79c7e23d42991c84d87ac4feca7b7d80
SHA256 b565ff850a3286b92dd83a48c82525613aa390bb3bc22f35420d40d8a3c71c88
SHA512 909d888de8e8369ac6ef1833c4621cf42cdaeae33eb850879b16cdb44302f2ca564c646caf4f4ff71f1ff41965c89a0473071ab90ca4cb3fcd0b079705d6eec1

memory/4604-796-0x0000000000400000-0x00000000004D7000-memory.dmp

memory/4856-2133-0x0000000000400000-0x0000000000712000-memory.dmp

C:\Program Files (x86)\GIMP.Core\Data\Lib\site-packages\charset_normalizer-3.3.2.dist-info\is-SIRJU.tmp

MD5 365c9bfeb7d89244f2ce01c1de44cb85
SHA1 d7a03141d5d6b1e88b6b59ef08b6681df212c599
SHA256 ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508
SHA512 d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

memory/4856-4689-0x0000000000400000-0x0000000000712000-memory.dmp

C:\Program Files (x86)\GIMP.Core\Data\Lib\site-packages\win32comext\axscript\is-NDT4C.tmp

MD5 f45c606ffc55fd2f41f42012d917bce9
SHA1 ca93419cc53fb4efef251483abe766da4b8e2dfd
SHA256 f0bb50af1caea5b284bd463e5938229e7d22cc610b2d767ee1778e92a85849b4
SHA512 ba7bebe62a6c2216e68e2d484c098662ba3d5217b39a3156b30e776d2bb3cf5d4f31dcdc48a2eb99bc5d80fffe388b212ec707b7d10b48df601430a07608fd46

C:\Program Files (x86)\GIMP.Core\Data\Lib\site-packages\win32comext\taskscheduler\is-53D4D.tmp

MD5 3d90a8bdf51de0d7fae66fc1389e2b45
SHA1 b1d30b405f4f6fce37727c9ec19590b42de172ee
SHA256 7d1a6fe54dc90c23b0f60a0f0b3f9d5cae9ac1afecb9d6578f75b501cde59508
SHA512 bd4ea236807a3c128c1ec228a19f75a0a6ef2b29603c571ee5d578847b20b395fec219855d66a409b5057b5612e924edcd5983986bef531f1309aba2fe7f0636

C:\Program Files (x86)\GIMP.Core\Data\Lib\test\cjkencodings\is-N4UCM.tmp

MD5 cc34bcc252d8014250b2fbc0a7880ead
SHA1 89a79425e089c311137adcdcf0a11dfa9d8a4e58
SHA256 a6bbfb8ecb911d13581f7713391f8c0ceea1edd41537fdb300bbb4d62dd72e9b
SHA512 c6fb4a793870993a9f1310ce59697397e5334dbb92031ab49a3ecc33c55e84737e626e815754c5ddbe7835b15d3817bf07d2b4c80ea5fd956792b4db96c18c2f

C:\Program Files (x86)\GIMP.Core\Data\Lib\test\test_importlib\is-PPTUH.tmp

MD5 47878c074f37661118db4f3525b2b6cb
SHA1 9671e2ef6e3d9fa96e7450bcee03300f8d395533
SHA256 b4dc0b48d375647bcfab52d235abf7968daf57b6bbdf325766f31ce7752d7216
SHA512 13c626ada191848c31321c74eb7f0f1fde5445a82d34282d69e2b086ba6b539d8632c82bba61ff52185f75fec2514dad66139309835e53f5b09a3c5a2ebecff5

C:\Program Files (x86)\GIMP.Core\Data\Lib\test\test_importlib\extension\is-LF2NK.tmp

MD5 c3239b95575b0ad63408b8e633f9334d
SHA1 7dbb42dfa3ca934fb86b8e0e2268b6b793cbccdc
SHA256 6546a8ef1019da695edeca7c68103a1a8e746d88b89faf7d5297a60753fd1225
SHA512 5685131ad55f43ab73afccbef69652d03bb64e6135beb476bc987f316afe0198157507203b9846728bc7ea25bc88f040e7d2cb557c9480bac72f519d6ba90b25

C:\Program Files (x86)\GIMP.Core\Data\Scripts\is-VRD5J.tmp

MD5 05d8656b96bab2d785fcca9ffde3ea99
SHA1 296f5aeef1d6cb5ceaafe412afddd8510131b639
SHA256 4be212e5d8c26b8ba01ea01f28750420275d37719390f71b923cb5bd07e0cad4
SHA512 45ea5b6e6cc3b99e18ab3711883214f57e0c05ed76a5c6cf9c02fb36699ab775217a592a8ec39ecbbe75e8900601eb55a40aa8cec9d5ade1cc568c02500f85d9

memory/4856-11835-0x0000000000400000-0x0000000000712000-memory.dmp

memory/4856-11896-0x0000000002720000-0x0000000002721000-memory.dmp

C:\Program Files (x86)\GIMP.Core\Data\Tools\pynche\is-0U1K8.tmp

MD5 3d02598f327c3159a8be45fd28daac9b
SHA1 78bd4ccb31f7984b68a96a9f2d0d78c27857b091
SHA256 b36ae7da13e8cafa693b64b57c6afc4511da2f9bbc10d0ac03667fca0f288214
SHA512 c59c5b77a0cf85bb9fbf46f9541c399a9f739f84828c311ced6e270854ecce86d266e4c8d5aa07897b48ce995c3da29fea994e8cd017d48e5a4fab7a6b65e903

C:\Program Files (x86)\GIMP.Core\Data\python.exe

MD5 b6a00884f34e2a0ed22291b5bc600ce2
SHA1 6cf8830575acbefb83c361a6b719bdd15f0b1245
SHA256 da2293a6ed23fcfc1eb795d420f1e04c784e2b7c0eddebc953d4bccfc2f7ee69
SHA512 b610eb2c8e37cb89dd8f244c9b6fa0d6113193d4aa56781908ffd54e0bd7405f668a65c36a18f9a79f7702df51c4ff58f469ad44969af3d7a9fc34f38f39fbf1

C:\Program Files (x86)\GIMP.Core\Data\python38.dll

MD5 3e0fef7f3f9fc14440f68702c871f60f
SHA1 6cd539eca894abd9c32d0c2e4e842d09080f9612
SHA256 5fc6717161e84ea1aa89f5a47de5a7b73e874ff4e9995804d9f07d852b1908a4
SHA512 27344a0a81d38dcd1629bbb152e45615bf2050ef0f1693f49775b634136abd5e2560d3a297ec5b983f15895f8957f9195612ef694f7a91f3648cb9caef5bab85

C:\Program Files (x86)\GIMP.Core\Data\python38.dll

MD5 ef22312692b3e0ea7637c4a89b834e9d
SHA1 782b376c0ba9dca9c9543d8fee7a2107b1d597bc
SHA256 7a2a9950bc9d83d57cb143acef162ed8e4f502ed5c43b173f41fb18c6046f66e
SHA512 796eccbc67a25d8b5a3ca2a88430b1cc670ca75ad0997c62487fecddd7869536dde4d654014444c4e4090a72ca312565f4def471b23329b9b4c6bceaedc00aa4

C:\Program Files (x86)\GIMP.Core\Data\vcruntime140.dll

MD5 5f9d90d666620944943b0d6d1cca1945
SHA1 08ead2b72a4701349430d18d4a06d9343f777fa6
SHA256 9ec4afad505e0a3dad760fa5b59c66606ae54dd043c16914cf56d7006e46d375
SHA512 be7a2c9dae85e425a280af552dbd7efd84373f780fa8472bab9a5ff29376c3a82d9dfa1fef32c6cf7f45ba6e389de90e090cb579eebff12dcfe12e6f3e7764d1

C:\Program Files (x86)\GIMP.Core\Data\lib\encodings\__pycache__\__init__.cpython-38.pyc

MD5 5cf46a59be3f63cb25bdc251eadbaf9f
SHA1 0db1795b07b311c1c0b746fa1b6ab26c4d7e6c1e
SHA256 258f8f8ac75ebb29a3b293f4dcfd698206c54a3250681112766436a26c9c065d
SHA512 9571de9cf5cc336efb6d9a13d8ba7e6a205f657f397b7b7c75ef98da1b231742f99a165c33fe099c408a19aa4d79756d4394b61457b2339f18f66a8bf758061f

C:\Program Files (x86)\GIMP.Core\Data\lib\encodings\__init__.py

MD5 dfca2bf597f8830c9647dfd4e9904918
SHA1 f830914a2b81f49bd1e111bca3fa7722f6d99f6c
SHA256 73bf331b7d7cf6881551e1e49976f635a7bc473e297bc280beb56151b5ef6388
SHA512 ddca1accc8b911a29b095ffbf3b36da164519e6df5ae51617e44be5baa6b1d7a38ff03ae5e995643826622133f0e2f8eaec2da55e6f74216b138d5cd17853673

C:\Program Files (x86)\GIMP.Core\Data\lib\__pycache__\codecs.cpython-38.pyc

MD5 614b42af5315672f7fb90cc7dfa7e157
SHA1 6368846e9d525b8604707572917a6ff6eac75bd1
SHA256 00f8159a51dce7beb9cb2299fb45baafac81f1203c5be7d139766394cd21586b
SHA512 0131a36662c05de4b414f94853a0ae39356b66308ab4e1c8a65138731e3cede3d505882cb6782c90ea4f5f3773afde31db90970cd9fcb42f258332885033f96f

C:\Program Files (x86)\GIMP.Core\Data\lib\codecs.py

MD5 a12184c5360aff98ef6527cef8f5dadb
SHA1 eef94692da28311fc555ec0f0537ae78d5deedc4
SHA256 182005d76cbdaee8670df64e4bb66395ac317bf27a47df0f8d4affe913263786
SHA512 64ea133ff1e5b6da36f0f481fb93df1d22c31ea6519904443cd7201fb238d07aa5ba9f7de27e226424882ec018b17029f2184cbf15026a6b97d537ede3081e46

C:\Program Files (x86)\GIMP.Core\Data\lib\encodings\__pycache__\latin_1.cpython-38.pyc

MD5 4db442c58044348fbc3f78508007dff7
SHA1 11386b156f8a2aac8eca328153fe4ed6681c71bb
SHA256 bee3d32d3467ec752bd174a1ecc94e27fdbb564b4e6ea9cd385b566374814207
SHA512 dcf5c2102b06dbcbafc9535bb08eae402d436fe8da7a38751d5b0cdc6aa1da0f990610bd7a76561985ed7d8f655fdb7abe439b4e662a1c28a43d2035146c8946

C:\Program Files (x86)\GIMP.Core\Data\lib\__pycache__\io.cpython-38.pyc

MD5 547602d786ecb6ad5c291fb11ccf33b6
SHA1 3879974d730410cdd91e3a84fcee504dbbc5b8f9
SHA256 ad8034477197d42c6c994a963685d8e641c5cd6763bc30c3e209c014f6a6a857
SHA512 b5f06dcc26d6a9514f5bf73ac930176437d21b477b13e89f4df1838f51bc80b1891866600abd8463de4dafabaed500849cb0cde5703f553d6aebfd1c3903d9eb

C:\Program Files (x86)\GIMP.Core\Data\lib\__pycache__\abc.cpython-38.pyc

MD5 9803107d52e5b32666038db4e2172bd9
SHA1 ab10a79f280571e9e4d91b272a381cc3199be421
SHA256 7fe681185908398eab6daad4ceafc0d6cfe89fa3d8bd75764f22bbab0f6b0eba
SHA512 306cb6b7469f8a362258d7a66cc0c96f0ad5fdf2e8838ee6c99dacb311e76f83300a0504c3e2d32270fb619b44441d4ca63248e3e1c96688a6ea5e6f08db032b

C:\Program Files (x86)\GIMP.Core\Data\lib\abc.py

MD5 b827a69fc0ae3a823fe1f8e516cb61d0
SHA1 c8ec16017a7155c12aa241a85b093f0663c719eb
SHA256 3ca4c7164f2ea77940a191a79a3f2aa9f0f0dcbaae454c5947059923c6a73360
SHA512 76c65d974a6e5dfef7b5456090d3092251cf45b02695635cd2e4377d73efaa42fb443832e1f6b96293c6064a8aed6c44f6e268d648561007e0d8b8f45f14a6de

C:\Program Files (x86)\GIMP.Core\Data\lib\io.py

MD5 bfefc78dd16547a0bcdb09d7b1397d97
SHA1 af0269ec9b60a04ffcf2d3c77b279cd33453520c
SHA256 da5be2a0927caf50cfe8136d36143cdc75a796dbcca258c0b80c44c164fb70c2
SHA512 a0a809cdc2802a22ca942c89f15029ff7b93871bfffc9dba16757f76137ac36bad0bd3919dd85d17dcd28d57d4ddd2752ed4549a78c0e1e4ce8382df83661e9e

C:\Program Files (x86)\GIMP.Core\Data\lib\encodings\latin_1.py

MD5 92c4d5e13fe5abece119aa4d0c4be6c5
SHA1 79e464e63e3f1728efe318688fe2052811801e23
SHA256 6d5a6c46fe6675543ea3d04d9b27ccce8e04d6dfeb376691381b62d806a5d016
SHA512 c95f5344128993e9e6c2bf590ce7f2cffa9f3c384400a44c0bc3aca71d666ed182c040ec495ea3af83abbd9053c705334e5f4c3f7c07f65e7031e95fdfb7a561

C:\Program Files (x86)\GIMP.Core\Data\lib\encodings\__pycache__\cp1252.cpython-38.pyc

MD5 954cbe20dbd570bb98df9b34d59d6b02
SHA1 a8411ab94a93a952e0549778a2fecf29e11fd750
SHA256 a1252d3f652482620c0dab05699fd282b1b157154285451f445bf44ff8bd78b0
SHA512 86aae2f9ce8836dc9eb14fcafa5f2b544fe6e8bc94a25667bcd3a431b6de0d9ead08f298bb8d7bfc6b265cef063cbe7d31a4c7fc8966697b43f3bdc82d6090ae

C:\Program Files (x86)\GIMP.Core\Data\lib\encodings\cp1252.py

MD5 52084150c6d8fc16c8956388cdbe0868
SHA1 368f060285ea704a9dc552f2fc88f7338e8017f2
SHA256 7acb7b80c29d9ffda0fe79540509439537216df3a259973d54e1fb23c34e7519
SHA512 77e7921f48c9a361a67bae80b9eec4790b8df51e6aff5c13704035a2a7f33316f119478ac526c2fdebb9ef30c0d7898aea878e3dba65f386d6e2c67fe61845b4

C:\Program Files (x86)\GIMP.Core\Data\lib\encodings\__pycache__\utf_8.cpython-38.pyc

MD5 59e1867833d451d55771984481d79099
SHA1 ec83c929e836f2ffad31263fb6638aac26abaade
SHA256 0c64ce0a02bc0ffc571e74dcb09ff3922fc3fa69facc7ad237efa464115e7508
SHA512 3a9a0ab58d365ef5628ba16e1219307c358db351c2427fb4580883c638ecb722e6bebd90b9dbaeb0f2d93968f2a0372f2f0d2355fca97b7173cf3f9f1511966b

C:\Program Files (x86)\GIMP.Core\Data\lib\encodings\utf_8.py

MD5 f932d95afcaea5fdc12e72d25565f948
SHA1 2685d94ba1536b7870b7172c06fe72cf749b4d29
SHA256 9c54c7db8ce0722ca4ddb5f45d4e170357e37991afb3fcdc091721bf6c09257e
SHA512 a10035ae10b963d2183d31c72ff681a21ed9e255dda22624cbaf8dbed5afbde7be05bb719b07573de9275d8b4793d2f4aef0c0c8346203eea606bb818a02cab6

C:\Program Files (x86)\GIMP.Core\Data\lib\encodings\__pycache__\aliases.cpython-38.pyc

MD5 28860ed86d50e9b987e8f582feab4e58
SHA1 558542e73acec8e5bb43ddf9f29bebf8d5b448b7
SHA256 49de1a2f5a548d4fac0708648eaab97992e3a67a290f593631bab3390f953b3f
SHA512 fb0922e83bd5338cd4043bb3c4a43025c4b0a25fa532a96e94de6ebea3849323e9ef5aeef69602a1250b7ce1abd730cb3cb0d677ed7c97f02db5fc035c7489c7

C:\Program Files (x86)\GIMP.Core\Data\lib\encodings\aliases.py

MD5 60d65efe463359055b686582d13216b8
SHA1 d9b9362337a26a930f242e31894d0965e1e17b58
SHA256 04dbe6f68bcce2c32cf79a36b776025822a79bc7f2d47d481bc4f8e05e784086
SHA512 668e5288af936c42bd6253074f209860a75f155ad2254c26d6c3f21f308fd4f39e27f753f43e4d2b5ae48727fa92f74e75c6742fee2d0f7849a1029bd20f3e49

C:\Program Files (x86)\GIMP.Core\Data\lib\site-packages\distutils-precedence.pth

MD5 c39367750a2ad85b290fa7595d4cc457
SHA1 4e2b7b413113994e4730efe03e564a84cebe2d73
SHA256 7ea7ffef3fe2a117ee12c68ed6553617f0d7fd2f0590257c25c484959a3b7373
SHA512 40e5b4813f24601ad581c93fa0115454ef89e61f6b911644e3b89946280ff97cbd46ae00287d8dc71392ef6c940ebaa173d2e3c32df72f0aa27d65ed73fe37c1

memory/1196-14601-0x0000000073B50000-0x0000000074300000-memory.dmp

C:\Program Files (x86)\GIMP.Core\Data\lib\__pycache__\_sitebuiltins.cpython-38.pyc

MD5 7a8f0b5ed6bd2afb23b5ab37f85a5f02
SHA1 07a9ab67e66f29c0bf52fdf5da5cc5e21c266317
SHA256 514d132fd50043f8326e29e1d94f62a250a8e8c88b8cd7d2a067fe626ca992be
SHA512 a36d2ad33998323faafe4e6663c8cd690c765d764ef0273743d701d08aec3cbb1511d084a3699c08d743ed785e65299e3ea78d32932cb220b2e4eb7a2b6698fe

C:\Program Files (x86)\GIMP.Core\Data\lib\_sitebuiltins.py

MD5 385fa756146827f7cf8d0cd67db9f4e8
SHA1 11121d9dc26c3524d54d061054fa2eeafd87a6f4
SHA256 f7d3f4f4fa0290e861b2eaeb2643ffaf65b18ab7e953143eafa18b7ec68dbf59
SHA512 23369ba61863f1ebe7be138f6666619eaabd67bb055c7f199b40a3511afe28758096b1297a14c84f5635178a309b9f467a644c096951cb0961466c629bf9e77c

C:\Program Files (x86)\GIMP.Core\Data\lib\__pycache__\genericpath.cpython-38.pyc

MD5 58637973034bf3519370b3892f93080b
SHA1 4156782e040b1ab3aa572a5b2a69cf9f45d3d68d
SHA256 49109a6e31044b26757e623c71089e487306df5490b438589619411307a8a237
SHA512 35d60662b1d12aa039667c0e8a7572e74dcb59ceff9ec1ec5c569e48016003d633f46c5f07c4d19357a254668a93e22dbea8053fbb06901d7d2670051a1ae747

C:\Program Files (x86)\GIMP.Core\Data\lib\genericpath.py

MD5 5ad610407613defb331290ee02154c42
SHA1 3ff9028bdf7346385607b5a3235f5ff703bcf207
SHA256 2e162781cd02127606f3f221fcaa19c183672d1d3e20fdb83fe9950ab5024244
SHA512 9a742c168a6c708a06f4307abcb92cede02400bf53a004669b08bd3757d8db7c660934474ec379c0464e17ffd25310dbab525b6991cf493e97dcd49c4038f9b7

memory/1196-14564-0x0000000005150000-0x0000000005186000-memory.dmp

C:\Program Files (x86)\GIMP.Core\Data\lib\__pycache__\ntpath.cpython-38.pyc

MD5 1f6614bf10cd0dc8c6f0366f74f34ac5
SHA1 eaa2eef2e9833781010bc4759912e5577760b769
SHA256 96f1ed27edb4e474da2890672683d549917ca6c63b5acf9d9f0f2ca7bdf643f2
SHA512 853c41c61f8b47c83290be4d7718894c268d1fce0dbf4d80768eac9706bb1ed401412c54fdd857e204b26db829046f8b8ba1db049298dfb722877e70d6ae514f

C:\Program Files (x86)\GIMP.Core\Data\lib\ntpath.py

MD5 aea38f14b21e3b834e733f99be190c05
SHA1 286af16623185e1f27c36b463a61fe37830f2600
SHA256 51499c0f04c675a76c2e25551ed12d7fa9c22383caa1db3cfcd64f7c7e38e175
SHA512 536f863ac2ed408801f67efa06d3858ab6f7b853e489995f0c443e51e839dca53c5742cd46cf75706474978e33e48dcf3abe557db7b8f78226a3545a1df8201d

C:\Program Files (x86)\GIMP.Core\Data\lib\__pycache__\_collections_abc.cpython-38.pyc

MD5 0473a755a04bc22f8444733770436954
SHA1 8f99a762c6149a0021e6d02dff640dcc50d2962a
SHA256 7587d5a8de886c850199edd25a1b2afdafef866cc7cede3462687f54652b41f4
SHA512 6f529d3c3501e3e9b9cbf2b664a11cd64907238a250fb918fc6c140c0265560a668310a4c815684a76c41321063783814fbed430ceaf92cd2d4e88eb61eff98d

C:\Program Files (x86)\GIMP.Core\Data\lib\_collections_abc.py

MD5 711b513cd73bddbbe743043a71cfa902
SHA1 26f5e732c0066309690ba3ec5f785d1e3a980a80
SHA256 9279993b18c62a62d666ea35d828e6ef5564ac19b434484a22ab94ffb1ecc117
SHA512 149a71605c0574fefa1d9d23f79525c7441fda992ed0148720dc2882b3f078a18cbb4eca07255ebdd7461d7c22ee963145369d7c05472a128b15cbd5a2e67ef0

C:\Program Files (x86)\GIMP.Core\Data\lib\__pycache__\stat.cpython-38.pyc

MD5 41ec4cd07a9565236d1df8e198050532
SHA1 ecb5b6dd760b3f73eda0558855bf796ab19217cb
SHA256 fd8215caa596446ccb65a03a57b84ba0613ac41f349f172a6ae139593a031b1e
SHA512 6ef9ac4786d08b80737f1280be606e3da085943fdb4713fdada6f5bce16a65f104fbb13b7195e2ad1665c73e2473b1fd2e5ab96ea092d4def6c611328aa89fb9

C:\Program Files (x86)\GIMP.Core\Data\lib\stat.py

MD5 7a7143cbe739708ce5868f02cd7de262
SHA1 e915795b49b849e748cdbd8667c9c89fcdff7baf
SHA256 e514fd41e2933dd1f06be315fb42a62e67b33d04571435a4815a18f490e0f6ce
SHA512 7ecf6ac740b734d26d256fde2608375143c65608934aa51df7af34a1ee22603a790adc5b3d67d6944ba40f6f41064fa4d6957e000de441d99203755820e34d53

C:\Program Files (x86)\GIMP.Core\Data\lib\__pycache__\os.cpython-38.pyc

MD5 ebbe1643b80a757a47b6d4913ee6c072
SHA1 1239f8f5ae217505e8558c76cd84fac53315d89d
SHA256 77bec163262b8d78a70e3bcbe5596b58aad955cfb18540e53e65764099368632
SHA512 9d33dc6865635a5d8e1086362d1b8b932d054ebbcdf7e902bd8b40a04ee940c9874a11749a4420728a2d5ffdc3e46a48e2d08922d9b189c0c1c61adcaa9565e3

C:\Program Files (x86)\GIMP.Core\Data\lib\os.py

MD5 b912f4b99fd48b52569963da6153da0c
SHA1 51f7f3b07023ce7b615a083eddb507deb82e11ad
SHA256 def06fcf2319784f2261c2fccfaa59e8227c11a5aa0efefc60abbbff9aa86126
SHA512 27d6920a754659dd078bd27638f559c3269ee1dee8ebc51d5b419ac94a4703fb294f0ccea92d72514899e4f7afe0b754cc3fdd6d365a239e93a604bed45fc6db

C:\Program Files (x86)\GIMP.Core\Data\lib\__pycache__\site.cpython-38.pyc

MD5 2e9ddbac92f6091b2a5a296e2cdc6d68
SHA1 2496fcabb3b680e3cf1c249b455339393cf75ebe
SHA256 5a1b67a811de17e6d81377cb69085ea0e4c26ec7be77ec93f28647aa9c84d4f6
SHA512 1f54be4f7fecc1c92c3b9460358bbbeac9ba3472f265e46e2d1b16e51d0510136a03c16664ae7493d87a647cc663bd2137093d6fb338e06f72b0cf45b57f4015

C:\Program Files (x86)\GIMP.Core\Data\lib\site.py

MD5 d00f11fb645e04757aef14a56ca02c17
SHA1 7054ebe99fe58dc7e9f2d3a3ab52e57294c057f6
SHA256 c25cdecebd65597f5cfcbd60e269bd23dab5b4e292e428e5044cca7a90e2e443
SHA512 83bba0db143cebc3c687f6a173c3e647bdf1c942181378b31e2a71c9537cf7b387c66140dea3aad5568786bf40d71a2302312af04560bc953324e15b4fbe046e

memory/1196-14602-0x0000000005810000-0x0000000005E38000-memory.dmp

memory/1196-14618-0x00000000051D0000-0x00000000051E0000-memory.dmp

memory/1196-14634-0x00000000051D0000-0x00000000051E0000-memory.dmp

memory/1196-14657-0x0000000005FD0000-0x0000000005FF2000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_arsw0wkv.a1m.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/1196-14695-0x0000000006190000-0x00000000061F6000-memory.dmp

memory/1196-14710-0x0000000006270000-0x00000000062D6000-memory.dmp

memory/1196-14723-0x00000000062E0000-0x0000000006634000-memory.dmp

memory/1196-14797-0x0000000006740000-0x000000000675E000-memory.dmp

memory/1196-14809-0x0000000006760000-0x00000000067AC000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 873734b55d4c7d35a177c8318b0caec7
SHA1 469b913b09ea5b55e60098c95120cc9b935ddb28
SHA256 4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d
SHA512 24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

memory/1196-15125-0x000000007EF50000-0x000000007EF60000-memory.dmp

memory/1196-15124-0x00000000078D0000-0x0000000007902000-memory.dmp

memory/1196-15126-0x000000006FA00000-0x000000006FA4C000-memory.dmp

memory/1196-15136-0x0000000006CF0000-0x0000000006D0E000-memory.dmp

memory/1196-15137-0x00000000051D0000-0x00000000051E0000-memory.dmp

memory/1196-15138-0x00000000051D0000-0x00000000051E0000-memory.dmp

memory/1196-15139-0x0000000007910000-0x00000000079B3000-memory.dmp

memory/1196-15140-0x0000000008090000-0x000000000870A000-memory.dmp

memory/1196-15141-0x0000000007A50000-0x0000000007A6A000-memory.dmp

memory/1196-15142-0x0000000007AB0000-0x0000000007ABA000-memory.dmp

memory/1196-15161-0x0000000007CE0000-0x0000000007D76000-memory.dmp

memory/1196-15162-0x0000000007C50000-0x0000000007C61000-memory.dmp

memory/1196-15165-0x0000000073B50000-0x0000000074300000-memory.dmp

memory/4856-15182-0x0000000000400000-0x0000000000712000-memory.dmp

memory/1260-15201-0x0000000000400000-0x00000000004D8000-memory.dmp

memory/4184-15203-0x0000000073340000-0x0000000073AF0000-memory.dmp

memory/4184-15204-0x0000000002430000-0x0000000002440000-memory.dmp

memory/4184-15205-0x0000000002430000-0x0000000002440000-memory.dmp

memory/4184-15208-0x00000000056C0000-0x0000000005A14000-memory.dmp

memory/4908-15218-0x00000000008E0000-0x00000000008E1000-memory.dmp

memory/4184-15224-0x00000000062B0000-0x00000000062FC000-memory.dmp

memory/4184-15621-0x000000007FA70000-0x000000007FA80000-memory.dmp

memory/4184-15672-0x0000000073B70000-0x0000000073BBC000-memory.dmp

memory/4184-15779-0x0000000006FB0000-0x0000000007053000-memory.dmp

memory/4184-15726-0x0000000002430000-0x0000000002440000-memory.dmp

memory/4184-16188-0x0000000007280000-0x0000000007291000-memory.dmp

memory/4184-16591-0x00000000072B0000-0x00000000072BE000-memory.dmp

memory/4184-16680-0x00000000072C0000-0x00000000072D4000-memory.dmp

memory/4184-16770-0x00000000073C0000-0x00000000073DA000-memory.dmp

memory/4184-16798-0x00000000073A0000-0x00000000073A8000-memory.dmp

memory/4184-17224-0x0000000073340000-0x0000000073AF0000-memory.dmp

C:\Program Files\GIMP 2\share\gimp\2.0\icons\Legacy\16x16\apps\is-74IBS.tmp

MD5 ab55a144d95bc43b492cce938234af57
SHA1 6216105c8611793325c857e5ef7ea2de449f87e1
SHA256 b661bf5d3a06354dc9cc0026d10b1d808555f1a1f1d276102e2f327e0a803885
SHA512 c15d565ed1548be18a1b6b8f685de3da80edf26fe45614fd10206cfd606a0f8d861144bb57942ceec5d8ffcaad8b0e38ef2987797a1d58a51607271bde7999d4

memory/1168-17407-0x0000000073340000-0x0000000073AF0000-memory.dmp

memory/1168-17417-0x00000000053F0000-0x0000000005400000-memory.dmp

memory/1168-17453-0x00000000053F0000-0x0000000005400000-memory.dmp

C:\Program Files\GIMP 2\share\gimp\2.0\icons\Legacy\22x22\tools\is-8Q724.tmp

MD5 165965adfb48b92f53811143c74d8185
SHA1 a3a756ea4601b5f9be6fee896e2d55ad2607293f
SHA256 50d12c9a7c0982bf46c1bda75aeed105f288f0f5556ad873c98cb4ce1253a5bb
SHA512 cffaf0c3967701541e3b6f91024f00eb41ef9aa8cc397b11624e3faed707867918cf067cf40b727137f6a233d14e046b40b22641a38c546553478b0dc9b04efb

memory/1168-17563-0x00000000062E0000-0x0000000006634000-memory.dmp

memory/1168-19191-0x00000000053F0000-0x0000000005400000-memory.dmp

memory/1168-19142-0x0000000073B70000-0x0000000073BBC000-memory.dmp

memory/1168-19065-0x000000007F6E0000-0x000000007F6F0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 7ee1c6757da82ca0a9ae699227f619bc
SHA1 72dcf8262c6400dcbb5228afcb36795ae1b8001f
SHA256 62320bde5e037d4ac1aa0f5ff0314b661f13bb56c02432814bffb0bd6e34ed31
SHA512 dca56a99b7463eddf0af3656a4f7d0177a43116f401a6de9f56e5c40a49676cea5c38b6c458f426c6bff11165eec21104cfa9ca3e38af39d43188b36d3f22a0f

C:\Program Files\GIMP 2\share\gimp\2.0\icons\Symbolic-Inverted\scalable\apps\is-IIH2H.tmp

MD5 1f65356ad5ee2bd2a3bc0490aa052c1d
SHA1 873dca659697c30f4986c017dcc6f62258efbed3
SHA256 9e6b7520a1c00ba09425ea35da5040eea655f9e7b6977c94674df59b65b2b4ff
SHA512 f6778c37b9a7d1d7b208654a529b0e5bbaafaed66a7c5e74759e1a8480eaf6fefe0f47870a5452e41d6a80fddf9bb150320ea307a7625ebe123809a766fdbfcc

C:\Program Files\GIMP 2\share\gimp\2.0\icons\Symbolic-Inverted\scalable\apps\is-40DTP.tmp

MD5 f15026b18efefe9bbf08b9e9c90181d5
SHA1 b5a6eaacb99bfcb3f9fb80cd7bf634644c5ae8e0
SHA256 d29a2290a73e5402f6b2b817bb60f03134c9b86c132d009f5374d6b3efabe774
SHA512 a7360c931a8b887b887dca413275f5b47b78fae0b8705146a7b06749f351ce8f087ba0fa9c8a61322ad56d56d827ac2ae95581e3661d6611230e50a0012548a7

memory/1168-20943-0x0000000073340000-0x0000000073AF0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d62cefeb0c8fbab806b3b96c7b215c16
SHA1 dc36684019f7ac8a632f5401cc3bedd482526ed7
SHA256 752b0793cf152e9ea51b8a2dc1d7e622c1c1009677d8f29e8b88d3aa9427dd01
SHA512 9fc3968fec094be5ca10a0d927cb829f7f8157425946ebd99a346b7e63c977cb3f37560af1a4bc8f87ab19b43b3ed86fd5b37f89d1a9b2dc86e3c73142c3065b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4f0745d6f2f47d4cdb2cb1314824fa6c
SHA1 c87beb49dd2b928b50f71c38bc16b3537a79d502
SHA256 58f432c7b010227f5745f59ea75900ee8f7d1758f7fbedb86b701608e011d701
SHA512 d386afc8d401082aa59e4a2b4f553a72cf311a71efbc8afa107afd5088c9e70d3bd55b93fb14352c5dbfe0e801966225680131537fed5ef127acdc727c1a873c

memory/700-21928-0x0000000073340000-0x0000000073AF0000-memory.dmp

memory/700-21969-0x0000000002EF0000-0x0000000002F00000-memory.dmp

memory/700-22007-0x0000000002EF0000-0x0000000002F00000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\tmpw5q8ukk_\Cookies\Google-Chrome_Default.txt

MD5 66147a58728e83d30ef20aba933cea5f
SHA1 5349068d3a0c00ef4a5c5404457472bc50b532b6
SHA256 07afea5b7d53c70a2aebd3b35e9e379c6b85a9a150cec490a22d5a0f06a2e61c
SHA512 26c36a2868acfd05adc952cac69605b4f25ae59607522d55b18b12a05cff75834c61209981c99fbf3984a744c6c98b9b7ceaf1777951bb6d191367e07e6e4a49

C:\Users\Admin\AppData\Local\Temp\tmpw5q8ukk_\History.txt

MD5 78b98fe5aea383291b92c93da0104933
SHA1 78c1f763ad32e4e7d9eb2c4e1e1dccb69a9d2e74
SHA256 c56bc8b095ebfe9cff680262036c5ed1bfb67b677ed65274fab58fa6df09063f
SHA512 3d4de6f90952b273e6b6be87f5073d10c4f9501d1882ee3ec717df0b17d33cd4e982c3ff85bd659c9c050f7a79c3e298666007e00ef5896b6c7693ac4fd505d8

C:\Program Files\GIMP 2\share\gimp\2.0\themes\Gray\ui\is-7H920.tmp

MD5 402a76fc99595619e6b33fc041b263e1
SHA1 71d164198d66bce7d5b76276ef76426d0d5cb88c
SHA256 1bde7717f254b11cff6b951cf905f47433dc1dfba5ec02c6b5df5453163bc850
SHA512 264a98a9ec8fb5998f29cab556e6b3f923559b67b60f6bfaa625210130e387b184e8eae0add16dca5bfea2d137ec7f98136d61c0e223e870b4ceddec2e86bf7e

C:\Program Files\GIMP 2\share\gimp\2.0\themes\Gray\ui\is-B2VBE.tmp

MD5 b16e065bb94b48fe53a799f10ef5edf7
SHA1 73bbe5ef3f54e1f813cda135af61acc67285d1af
SHA256 a8ae65edcc2ba664f5f933b9b23d04b35922500217c289ab81dc13da070531bf
SHA512 16779dc2f5d2bbf297db3a41fd5a4e44c50833b96834e2b7c30cb96050ab4ec00a1bc1c190316990a4ded725fc4c86e1138f4aea7fbbb87fb7740abb0629c7c6

C:\Program Files\GIMP 2\share\gimp\2.0\themes\Light\ui\is-MR6JF.tmp

MD5 3d312fce6f668edcf804e19854784a3d
SHA1 84ef02eab7cccc63adf54f98d141c9211e83c2e4
SHA256 f18cbe0ef5fbec9121e1f23b4cae65e15218aa3f5da3fb4c37a17bc8748d8438
SHA512 dc79e1684bc9aa1e2eca2aca11a4c23f7a7ba7d5ba80dac326c3edbb9b9fe032f0ae2dcdd36ddab8aff0f8ceadb820d88029cf8bc36d08612ad9cf5b9a4eedb5

C:\Program Files\GIMP 2\share\gimp\2.0\themes\Light\ui\is-46U7U.tmp

MD5 48c8847f96af9a9b0992ab14e4674c19
SHA1 f8af226e558f75c62e293f608d3062ba2e7360cb
SHA256 4c5de97ef60e55f9d6016e2e4bc7bf7d41cb0b503e422fd6647d42c1ff201df6
SHA512 3058943e99bed692cc084232a81c9ec0d50995024bd27b5ae68442b61caba8c8b25a17e659406e6e7c4bf4417c3c68fe9703784fedc0418c197aca362aea19f7

C:\Program Files\GIMP 2\share\gimp\2.0\themes\Light\ui\is-DH9IN.tmp

MD5 9eba6e7b912b4f744f5e59da37b7ab86
SHA1 83084cc62b584f27c50ff0f5f7329411cfaaf8db
SHA256 2f215eca7386723faec37dbabcd5a9768c687670ab837abe8f0a5911a8e8bb67
SHA512 5b4799c3c82340aaaf31545db2294280d2a8f67808ae98b8a1bdc563860be065feb1ab966a2587dab408760c8587bcf28226f0f80e51e4f3857ff26fa04fae46

C:\Program Files\GIMP 2\share\gimp\2.0\themes\Light\ui\is-NKA59.tmp

MD5 e153ba3383645b3ca2a79b7f3765d90b
SHA1 d2a6c6a22bccbf68ae9000192e62fb655884291b
SHA256 8be5edbdad818929af74d16f29167acfd299b957ed62a394d838cc740ba9e080
SHA512 1242c574a52cff86351bd40ccbaeacafadacc8be4d8f5b0d2b78bee9553716997bbb9a9d7521af962eaa14d51192c60a15c2033d367a7acad80962bef893d45b

memory/700-23604-0x0000000073B70000-0x0000000073BBC000-memory.dmp

memory/700-23650-0x000000007F790000-0x000000007F7A0000-memory.dmp

memory/1260-23550-0x0000000000400000-0x00000000004D8000-memory.dmp

memory/700-23737-0x0000000002EF0000-0x0000000002F00000-memory.dmp

C:\Program Files\GIMP 2\share\locale\bn_IN\LC_MESSAGES\is-IN7R4.tmp

MD5 fd5e59a9bbaed9edde284c567bc25a0d
SHA1 62496e6ba136ac606bfa949aa07da08f74421931
SHA256 7e0d4b75af8b33231fbfae7ed11dffe55c7f65f3977bfbf2afcab1bd33798584
SHA512 b0c96dd70179d67266b406e23b0ade4ab5f0aac90dc66cb052eb184195cf5409aeae7accae9e642a6d1a5019f08aaac9b6809c46c3a026152046769a68dcfaf7

C:\Program Files\GIMP 2\share\locale\ca\LC_MESSAGES\is-QHJK9.tmp

MD5 7853fba83ca24ae8b7931f1d437068cc
SHA1 4ae398ea93d834a8cd662ae27a310b910b3aa241
SHA256 c69cb305a54b1b97dafa06484e92c8822dca179975ec0e495e969a54b276dbcb
SHA512 20ab902b3c92fe7e248a2486cd1b17d11bc00462171488147f3b2f5c5702ae257ab75405b3f3d266f013cbe601225c3c6bc3d8b286429e62830f6991d75b03bb

C:\Program Files\GIMP 2\share\locale\da\LC_MESSAGES\is-V3V40.tmp

MD5 ada1260462420435d2684e637df256a8
SHA1 820138a00a81f7c288d21b44e95e7db1e5365c44
SHA256 e258dd8aa38028fcb16f2996eb387bb37f9cfaf1dd760f93da6c2f8d4e9a8d6d
SHA512 d11749c0dc2da01f31787a3057b2fdd42f46d98aa7b565e8a510a5ba333d7960a2090012dbfaa71a4496c34a822ca823feab550c78483fcbe12bd31d5edf7a5b

memory/700-24954-0x0000000073340000-0x0000000073AF0000-memory.dmp

C:\Program Files\GIMP 2\share\locale\de\LC_MESSAGES\is-PLDAJ.tmp

MD5 796e88337260ca6cab3f58185fb010b2
SHA1 c60779fec71062a87d3319f23797664e43986951
SHA256 07bc0654309da40cfb2aeb295c6ba061cd649e918fdd634c2ed2783f26512ae9
SHA512 93a3bdc7d8eee6fbe68d5027a71324100fb2fdad6c2a172ac9df9328bd97eb07829b3a0c573d9a69fe03ef357ead835eb7f798c1df717cc9395734bdab697fc4

C:\Program Files\GIMP 2\share\locale\de\LC_MESSAGES\is-RSMPV.tmp

MD5 a80c1e14b3a43f7dc019d2cd844c4188
SHA1 e1ae24e2cf454430e5aff30c83fb0037650d5d26
SHA256 bb805e14d5718aab72427bfa9da4a0606947ad4e15c57e179475dea87c1c0698
SHA512 f07eae5f65979e82d9b3e7e588b957273ca99308a9038c7070d553137e16c35d17bf0ff655c6c263e8065e4d12f820b1d5288bb0f0279296d7b793ca6f479065

C:\Program Files\GIMP 2\share\locale\de\LC_MESSAGES\is-L8Q2K.tmp

MD5 b60ef37e52395a1ed0204c16fc06a9be
SHA1 272b3ac8701fb8b5eedf46b5c73c6d8c70596a43
SHA256 6592064aa9cc371bcae37d46af72094f5cc4f091673fef319295fd3f95e03261
SHA512 228484bf359c7f5db48302f6162f65954628cc22be36633e3744114d869be411f8d70fdf21ff673966c656c88fb7e4e181684336ac9da671f1493a7a55d0c5cb

memory/4908-25084-0x0000000000400000-0x000000000071C000-memory.dmp

memory/1184-25161-0x0000000073340000-0x0000000073AF0000-memory.dmp

memory/1184-25173-0x00000000048D0000-0x00000000048E0000-memory.dmp

memory/1184-25192-0x00000000048D0000-0x00000000048E0000-memory.dmp

C:\Program Files\GIMP 2\share\locale\en_GB\LC_MESSAGES\is-4CB4E.tmp

MD5 083153bd440129488b2bbb195ae087b4
SHA1 6d01630d448a32908398643f3ec9dbfbb13dbac1
SHA256 248c212cc3d4cca917a378cceeb1ef1e7ed2fd3306cef7bec5446c50df3654c2
SHA512 68be7fdb71639a81602f23ae1f265698a5b1ba08d652bab595a45d45fc0092603cbcc0606a46c8ddc98402946a7dfd79fe2fc706e7a1f033cd236eeb2ce21610

C:\Program Files\GIMP 2\share\locale\es\LC_MESSAGES\is-P82AC.tmp

MD5 84ff2655ed038a8d54034b921543c4d5
SHA1 b00369b37ab135eba992688ee87b9061ed720ff2
SHA256 1e9fd41f590f31de319f2bd2eb08ae124100d56d6145610ed6f94874a6998085
SHA512 fafd0ca21ed647a8537a92238e3e998d2c6d361d01dc327b87ac9b7faab6a8f65c5be355191b9aa84857318c27ef3a45f819a953654d0ccb0c6933810c904892

C:\Program Files\GIMP 2\share\locale\es\LC_MESSAGES\is-RJROO.tmp

MD5 b4fb1bd5e6eb7df51d0c549e06ff8782
SHA1 7e83d2b12be82f9919a60a6b211263f2aee0bb69
SHA256 e91d9e2d02bf5befc851be9913b1ef95f278531f73fc5e16078cc9a2ac531272
SHA512 7b2390ab868b38e9cc9e86a638eb815bb4bc736dbc9332c2cfb83b142d092af84ebe9cf39bc92f1b5264260ac218301b05e21579b52ca46e6f4cda9bf107ea19

memory/1184-25303-0x00000000058A0000-0x0000000005BF4000-memory.dmp

C:\Program Files\GIMP 2\share\locale\et\LC_MESSAGES\is-JDUBB.tmp

MD5 9280fd05ae7e4f4a19072e6b156c019a
SHA1 dde4dee726dbe7f7ced00aa1260ca15d49e083ce
SHA256 94cd8d3f59fc7ba7e6d1779618f7d76240c2aa2ff6ef4ed861bef0ca69f6c394
SHA512 921a165e315becdfb14a0bfa58fd22056b7266522eb36162f99fc7f015e2163ffeec78057f7cc1926887f2f339909c8595c19b84b1c3ac50c93f6bf16ab12f5f

memory/1184-25535-0x0000000005D90000-0x0000000005DDC000-memory.dmp

C:\Program Files\GIMP 2\share\locale\fr\LC_MESSAGES\is-6H2EC.tmp

MD5 52a6c80cde006e734b3ff44e3bb404cf
SHA1 b975b7b20beaf08cb78f35fb26db2e50f246946d
SHA256 b394376d0b6cd99314f5f5b5ea352642616eed35ebf6ccf461465a30cce72618
SHA512 bce301da09dbf6663cda744425b669d5be51afd5b768f7f01a8d23550b508b8593177bb025ef1a89c0c59f5132d31cd6a1113a094a24ded3f7b09bd7873deace

C:\Program Files\GIMP 2\share\locale\fr\LC_MESSAGES\is-ALQMB.tmp

MD5 30e84c28764e22f145011a45fe27f538
SHA1 8312167c63be25c07b6a9cc3e3d72f7e413ad1e1
SHA256 caeb45cfb2f52bd5795d2dfa0e9000cbbbe4dfca99f6ca6237801f91d14de6b4
SHA512 291e6aac0eec4bfe4ab30cae35d87364299121ffc387961d03b21a255bfb9dee25791b64573870befa1a496c1cdbced05fb6883586a779fa9f89d8f981e80274

C:\Program Files\GIMP 2\share\locale\hi\LC_MESSAGES\is-HB29M.tmp

MD5 bbea22679d2ddadc3f15b7973784059c
SHA1 b4169ac302d70e94dec9d0985d0d78d9c550d2cb
SHA256 af49f44e2a00402d21876057b8bbce4e4f4a59cf59f20698c30517757762598b
SHA512 e316a31b694d5acfd9656860c78a591576a76bfb1f51ccf277ae2c89e50f81df138e35443e530e7362cf7fc1c5c1af0703af084e734c2ceb302cf5c460d07e3a

C:\Program Files\GIMP 2\share\locale\it\LC_MESSAGES\is-C1LO7.tmp

MD5 048bb5364edcaac60d1aa8fccfcafa6b
SHA1 210193a99be7914a31cfe900130e9e6079301845
SHA256 b63c33cca9cc4cf7b87ecb88f6ee21cd915efdaf154c7a75bf8afe9ff550f518
SHA512 75046bac1d6dd3860f4994acebc63331f3f7e20f2ded3973c85fccc3416b23939dc3a77873ad36e5a1a5dec0c0845218ad792dbe376c39f7d4da8deee97e0c25

C:\Program Files\GIMP 2\share\locale\kn\LC_MESSAGES\is-JFV38.tmp

MD5 c85128e96af468c4f691c2e3d791876f
SHA1 4faaf55f0bc7c1b366502239d0c6d6ba2233d617
SHA256 41754ab54598504edaf602eba7280147f8e3bf0f0596c1b0c760879fe8fc369e
SHA512 98783fe0c59961cbdb55618b1272d28d9cd85c3cb0a2bd54ffbf4e01a7d1c0eb048e446d2f801c26cbea1412ec86ba2b577f7a34a45a32429f26bbc79759f7ef

C:\Program Files\GIMP 2\share\locale\ml\LC_MESSAGES\is-A1BU3.tmp

MD5 b1b81f78d8b1f270491d8f78647d8cc2
SHA1 d88e4af12cc54047b9ebfa515e9401eebfec18d3
SHA256 ffc5151d22b3fc1206dd5cbc974110cc25cf796caa7e931ea403dcded4d7967d
SHA512 427a56a2d57da50c337ef68a280788dbcf02966df2fbee6d9e55aca529fd9d4a7a342dedeff19d0ea0104608a459c9b1ecaa7488329beda765e3cd29b59208ea

memory/1184-26818-0x00000000747E0000-0x000000007482C000-memory.dmp

C:\Program Files\GIMP 2\share\locale\mr\LC_MESSAGES\is-LT0CS.tmp

MD5 9c53e7f3452e5b395383a3fa064e45d1
SHA1 b85acde652760034b0fc57e8661a718b5b5204da
SHA256 2a597f9f5e1d3e8dbd18bc4c40057684aa9cbcbaf260d66854808b155b53bf0d
SHA512 24c7d66de94841c1944cb98dd86c7a030102168069faef40f2fe415ccb762c5e9a1f865641ea78beed101fde29490367f07ee839486af2f3d0c131f354952ac4

C:\Program Files\GIMP 2\share\locale\mn\LC_MESSAGES\is-3M203.tmp

MD5 95647700cae1f4e846d21d0370717721
SHA1 5c47497cd3fd6a54d1888dc23519a94d4dc2802c
SHA256 d626087676b8f1053c1bcc942ad513fa8905ab1246055614be70638255ae5041
SHA512 91beb308d242c631b2de9e9df4941a62086b60408faa0bc2dbff843c2d1f2e8051f847655c640dfb697c25d9e5f34386c5ee53177cc81f161b85930991fe97bb

memory/4908-26807-0x00000000008E0000-0x00000000008E1000-memory.dmp

C:\Program Files\GIMP 2\share\locale\nb\LC_MESSAGES\is-ITNPJ.tmp

MD5 92ae154ddff823459b63b34620ad0e03
SHA1 ab7735255b01b634f0ebd921e91463b4519ad9da
SHA256 c5a33d336ec8c9b0755c817b00595c11dfa2eaa06a462660f167ab662d19ca4a
SHA512 038f8b139aa7c1ea08c9eaca712db19d35c4b8a906e9ed7135fcf7a3277023a3bfb2c379a575a700b2fda135c3dc56385fda17103dfc01d9b2c15f05bef15174

C:\Program Files\GIMP 2\share\locale\or\LC_MESSAGES\is-ABIH7.tmp

MD5 17960bcd0adac506464b02e63cba295d
SHA1 30ad7a4817d42703e38fcbaa0e66ad07d6e0836c
SHA256 c460e41d0ac258881551190e265df2e50835d30b85ab5ae4d193eb73f76d26a1
SHA512 f19d3b228f87abb2376ff159a156aa8c4de9202795e170ea6d728d6929f7d7d7c3b64d0a1c083a0372f3a59414d0fb107c43f38c779b5a9859e8649b7c011888

C:\Program Files\GIMP 2\share\locale\pl\LC_MESSAGES\is-M1BKL.tmp

MD5 feb4e4e9f31f0644ffb9cc9734c8ed52
SHA1 ebaa285184e4b42eeb31221fdb88ed15bb539ea6
SHA256 10b218f1f97bdfd42a17c9c766901719e4ee72b72d6bf592b7994d14146a232f
SHA512 d57e8437ddd3a133a1b2a0e0c604135616b27408ccea1e69a8065f4fca3ddf9739e0bf058129643ffd3f2537e7c69c7bfeb74cb26f740a1c9567b6418e8bcb4d

C:\Program Files\GIMP 2\share\locale\pl\LC_MESSAGES\is-A50DU.tmp

MD5 79e99883d612de81f8bf4f8a122179bd
SHA1 0081ede6b8448fb34839736398b9721114088d72
SHA256 d651a1132906b0910599dbcf5eb385c7d7fc459e35b74ee0ac9af0bb6d8a8ca9
SHA512 805f5e5e50609fd9e6586f8f3d3a1a706f5add2d92a9e7a670b5bd3c4a9acb4395920f25691f42160a74230754d86a7d7a4c82efd0e92d533f5382506517718c

C:\Program Files\GIMP 2\share\locale\pt\LC_MESSAGES\is-P7KMU.tmp

MD5 b1c058a7fbb6ca5584bd3d0a86cc3777
SHA1 e7452a2eb51fc099c7fe31a3800e4efddf2c10c7
SHA256 a44ca4806c4f4291c5eb26a286b68b733d3a7e6934a893f8e187be10d2b282b7
SHA512 7709eaec5bb94cd5a7cf4a240172a44ae49357397a10f9bc97f4df565fb9bb44a6ca2b848ae6c5031115f4d6e48871e69b1893c776e34c4767b351864e27c75c

C:\Program Files\GIMP 2\share\locale\ru\LC_MESSAGES\is-863NG.tmp

MD5 7607d1343c7ba57c8d3b72b112ee7f45
SHA1 98a147b5240bc92dea651dc072d675b5e5b402c4
SHA256 9750b2899fb526832c0d26bc06ce4b0a9dcdb72d507efe8b4859ef9e050e0800
SHA512 458cf52d27bf480043fef17cd16ae644bf0bae00a952519bdf37ec9f001edeed1100b810788fcd15f3063c9c5a26a69b15463e90cf76e00d3bd6b4ccbf0d9e52

C:\Program Files\GIMP 2\share\locale\sr@latin\LC_MESSAGES\is-HI65A.tmp

MD5 61a692d2b2b6e08e73fb536e7fcb45f6
SHA1 cbb0357f482635bf1b2beda714f091db0cdbd660
SHA256 6c39f9d521715c72491da5977ff316bc54e036fb2019319ec87a5ffa45a8313d
SHA512 06bbf78fab6edc7e8ade5629b2e8b7171542d7168378941017bdef3aad1be5480f84f9d9eb5ebb5ae569b12c110261e0b632e5edf3132624b0df88bccd916158

C:\Program Files\GIMP 2\share\locale\sv\LC_MESSAGES\is-UA0C8.tmp

MD5 75b3624db785a92361fe015f6ca9884a
SHA1 408eeb84d734cf2a3dc9f7e28b55e867975739de
SHA256 fb8ad87c8d9c34f764b133dc7215a40d41e0f4cb108904bb6a49cb72f1fe6410
SHA512 f244fcbdda56f22c7089ffdb3dc73c5c09355772c8392c276cdd94192056b120bb9ae04a448036e9c3612d204267c74c3c9092d711bc7c024e5307d23fb511a4

C:\Program Files\GIMP 2\share\locale\th\LC_MESSAGES\is-T554L.tmp

MD5 6a421cf116c128c5333deffc0cb659b1
SHA1 5d2d457d4415b03ac6cd7393ac84e920c7a57d07
SHA256 7c5cf78ba4b1cfcf808a9e6af343258d8c974d0232d966794fe54c9343e812ec
SHA512 cf3eb3db0a28405c4887596f59e2567982f3c996786dc78179237e38b01fc414e529c840c443c4f4e7abc8f438e79c21acb11290cbdf934959201d7756efcabe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6498204a44958df8133594418efd9a1b
SHA1 7e2242e3befd7cb44c5b09a51dd7afa7ccafd270
SHA256 5b50cc14719e283e199d823410afc3a691c3defe7135999d1ec6cb72f4e4699d
SHA512 34f66dfd9ac698fbc8e7bd2526fcae26202f1a2c6142463cebdba992eec0b5720598be2c363c77bd5d54e18f94a0a2033776f6cdab0cdf5a8a696d47a7d0dd5a

C:\Program Files\GIMP 2\share\locale\uk\LC_MESSAGES\is-8NT4K.tmp

MD5 6b0d554470716c5ea782f4af8f0b8f78
SHA1 126e21b2e4e4c14bafe1be81e10fb951ff68203d
SHA256 3f7375ca8ae0e0ab54b0e2e9acbb94a06ec728d35cafcb0ac3b41f7a0d57d3b8
SHA512 1b7eedc0cf9ef7345e2e3be2b6fcb945b21d7bb509c7ed28b134348618f68d0b11b9314daa059bdcccf6aad9379b9bc3f185a7fa7859f0827754f476fb9b1948

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8d8cbd84b8d3ca07a96c080ed59ade5e
SHA1 614151e37c2bc4f646fc0b4c08878334df45ed5a
SHA256 c1df75998dd48986d5f8f9f3e3c19fea3223cc3c7b812f0d81d97615564a18e7
SHA512 455abf1275419b1e34f00a4754c48d438137a5022bde4ae13a3404beea7ee06823a50f4ae334bb6c5b583d7d483a60a2e2939496a87390abc32f752d2db3b731

C:\Program Files\GIMP 2\share\locale\yi\LC_MESSAGES\is-Q0I30.tmp

MD5 8d918d7631dbe53eb52c32c1b8a0d44d
SHA1 d50e88652e1c4668d63b3802fa9d018610c881e4
SHA256 ae48340c62be9ff8ed8f931cd364ac37ea31c89d52735126289fd2a782c3bc47
SHA512 458b7835e0a02adbb44ebd3ea8cd92342f59c6bf77228c04732c2c967c87977d6af995e7568750b48a0fae06826d9f37bb7431d09c64f2648ea72ca54b5893f4

C:\Program Files\GIMP 2\share\locale\zh_TW\LC_MESSAGES\is-MOF1P.tmp

MD5 0560f7a619ee9fdbde0695d3e57acff2
SHA1 d8b8eb2bb3d7abc9c9a9f506ef1edf172a06d28c
SHA256 5db8d9fa48ebca2a1760121a1f56901c7acc922ba77b023baefe6b7bcd188030
SHA512 8a4f88080f38d9c835c711a0c50aec4fdf35fff843887a69fa9d926613f87ccaceb7af51d13ae9c5a3b73fee99b7bb5aa376fe1f641f8a881f441351a452667b

C:\Program Files\GIMP 2\share\locale\es\LC_MESSAGES\is-4TGN9.tmp

MD5 82f7aea15a48eb8bc9c411282367af62
SHA1 a7f98c6f817ea1f4ab0d4e6a0ec8d3e1888591bc
SHA256 3d25a6e145e98a960407338e4042b9299b6ba13753cc7f7ff1ae6f070a1c2692
SHA512 68eea023794bdb080dd224ce12cd6d1b61c63f00f1400a721b3c984783a5caa402942894278aad1d6d3dbecc81e50a6e209b8706461087dd78a3bf861258a7e5

C:\Program Files\GIMP 2\share\locale\el\LC_MESSAGES\is-7AGNL.tmp

MD5 d12a67f9a48ba29e4e1f3ea0c011cd03
SHA1 1d80977a8fae10364a15928c04eb8ba2511be925
SHA256 3c1dfe283bf5d19e816fa158acd31681e8dcacab2c6ae0a930fc43dc1a9b4365
SHA512 9f41700b140e9d869e2172204c444d779d5c2421dc3f2d6651e21fa02507f2a58f938cfeba3905d17bd4746ff93728a5d76ca28b0c88f55dba717554606a8b79

C:\Program Files\GIMP 2\share\locale\fr\LC_MESSAGES\is-UDKH8.tmp

MD5 20a6c07e4d1e7715ba0fa40da2b376ed
SHA1 cea4f9313641d561681925b4100e9a13bf756752
SHA256 d2c16bbe4a9ddc054c77c0a668ec4a8cb2939907d3762cca61ee7a82dd3f023a
SHA512 1d29ba153d570773c35a0297cbcc98a6dcc3f4f0da40ce236fe2d9dfb44ebb15743c7191987c085d56b828f2be36f46d199aa47c0573e1c5c4459d934aad2919

C:\Program Files\GIMP 2\share\locale\ja\LC_MESSAGES\is-H5CQH.tmp

MD5 9fa56e015a073fede34261881fcbb648
SHA1 06a2112b99ba72781d5e53598a6c10683b6a2f6a
SHA256 4626f361118bacb5c83a44b77b6b51ab5fa257534b190936c93f0d7cc6ea4079
SHA512 d2c65d180284edb8a4a2f7fc3b4115304e9a7ea14ec445bf8276398783599bfd3d753cce2b27464f8dae5177b6cc36d30520e5cb07245a628171fef5390716d1

C:\Program Files\GIMP 2\share\locale\it\LC_MESSAGES\is-AD2N5.tmp

MD5 248ffe3647b94edd5ea8c9e4e020334a
SHA1 75da68c18c541002026efb07a760b51c12cd580f
SHA256 e54314d3f8bceaa1a083fc2e9ed5ef76f87fabd317c49a8b1fe37e281db32ec2
SHA512 cc3935a19ca20829da3b9cc3578533f466a49243e64f0d0cba98241c4eeccf63f5c95254972428e9d806e49bb8b190c93f395c279cbeb7a5a72ea1667fc6cf66

C:\Program Files\GIMP 2\share\locale\nl\LC_MESSAGES\is-O4TV2.tmp

MD5 e65149ff124ea39096f514d1a9fe9a16
SHA1 d97f6897210eea0695c42e6ee4c0593c67a0bcfc
SHA256 96e1fd3e328ba8bf1ef2372931e1c4eaa6ea0f81b7c1434f84ab72c8089670b6
SHA512 d238320abd9a53303e7148e7581f86a3a8d02f735dc00873de0a90ae02a127e63b950789a6b2c3a4043cd9aa6f75ca352d7853607e310df7b6ee0f7d317933ba

C:\Program Files\GIMP 2\share\locale\pl\LC_MESSAGES\is-0L94B.tmp

MD5 f9e6f083ec0a2e31ac250cd565f3a1b7
SHA1 48341f51c1f469b8727334dee936785402c46271
SHA256 14124e8dc03fc50f9ca0f6910aaf5b3ff7d428ed959229ddd517dffcfae5b6a9
SHA512 d4061f463496405dc34930698664afe7027f976522c25769fad87e4be97cbeb6337f7b3a2c2b9925c35649aaa02515904891ce12650bfbd0bb65a2570183bf59

C:\Program Files\GIMP 2\share\locale\ro\LC_MESSAGES\is-364UE.tmp

MD5 e1eca4b581f9fba78efc958e83973afc
SHA1 9f4ac1eb6df1cf4dce219fe3ee2bdbdb73d59ab3
SHA256 6ba28891f180adad1d7d811f3b615c35dad38f59201043905ebf9f24060c8bda
SHA512 8cf1e18aae856696396f4137a2bfc70b07498607231a278b4dd8d1ab5157897bd29b04089b4ad7fe99192d75fce3920841a2a0a9dd9fad0fd31cd3d421ef3d8f

C:\Program Files\GIMP 2\share\locale\ru\LC_MESSAGES\is-OELBK.tmp

MD5 f4bf7331fc2440ee2b8d11e22a9db228
SHA1 07be342421e30c4e1331f5b953c3af35f768e830
SHA256 1166ba236df51110f682e76fb913c4707eaf454bbe0e2173eab5f4614bd71cf8
SHA512 fec8a37b0789ea0a3d07319d5384b5894cac4b2e3a01e350132e8c94e2729785948d5375e38d48c7801ff522439d5566b261aea1dafbc8bc7d77a292ae8e176a

C:\Program Files\GIMP 2\share\locale\uk\LC_MESSAGES\is-39TEU.tmp

MD5 5fe26d0fe4634ba7e1af17cad0a8f867
SHA1 5c918a36ef731b35b2a2f53936e6788ae887def9
SHA256 46f790b2b9852a792ec87d7eb3617d8a6648688378a125c22e4da61b0856fa1c
SHA512 8c1b0a373e2c6aa79efb45dc1d0477ec4b5ea233e2e3bd4a077e16f79bd8e439b2c5a4ba5fbe6da83f061757d807d4cb877218aa3ba53baa12fd6432813f4176

C:\Program Files\GIMP 2\share\locale\tr\LC_MESSAGES\is-G0RST.tmp

MD5 bfee65018914191935e3a353d872e535
SHA1 c188303ff40e6f613c01d204362884d8b32e548c
SHA256 4f6a70502db099936a1d40f44786d3b9ab8d64b11e8e104050948b515cd90ddd
SHA512 15d0421608be950565fe2daf66b3297155615765f39b55ad1b03820825c7941fe68a1303606b585642eb98798c6b1e8064ba2e6982695a192cf8a6784068e693

memory/4908-31001-0x0000000000400000-0x000000000071C000-memory.dmp

C:\Program Files\GIMP 2\bin\libgstaudio-1.0-0.dll

MD5 ef2e4375a4915ca337e8b3187a59985b
SHA1 a5c2319c0e82c038d16b3af4f09ddbf8841a7f43
SHA256 08e2bd69ddc624fe3b631202ce5609e64257a106afbf7139f4b16a22b49f6aba
SHA512 92cf2452e778f7c801ebd85d6f993b86a91609d1efd8963115f87ec808087a05963279599d1612c90934fedf1bb424006ad1326d884df7f35dbe9653e20ddeab

C:\Program Files\GIMP 2\bin\libgsttag-1.0-0.dll

MD5 c4e647179927d6b15f0c871bd956a936
SHA1 6716a360a9e71f2cdb22ab49d65643ce7c4088b4
SHA256 66668dae6ca56e21bfa6ad5d0c933dde409b2d3b57550b25cc4b48e9ef02b128
SHA512 af9ce610e95fc6036406627d8e5208e081c9c10dd5c7893ca401c5b756aa4afafaecc65592c4a098a86b836e1430b598ecb91d4ca6b99cd3ab1aadc3da281a28

C:\Program Files\GIMP 2\bin\libgstreamer-1.0-0.dll

MD5 53305d2ecdaf3461a12955107741da50
SHA1 ae07b2ac4eb2ba0e56569b0d2349b7ef174ca6a8
SHA256 d00d4ec1c88f667ca51f1d5682bb9426f401e93dda01ffd2a3a39211646c6374
SHA512 64c84332f77fc393e93db81e203321ba9372fc7a70f3fe276c296f760f05c9992ade38958aa8ce0fb028459430dbf8187259427cf73d36333c61fd78753e6e4c

C:\Program Files\GIMP 2\bin\libgstvideo-1.0-0.dll

MD5 79c85ee00e9f85c8e32619d62a8d40f3
SHA1 7c0ff60eccb284c1f9f34c6408ddbd807d9fc8d9
SHA256 e753f866c76a2d69883cd3a988b77aea8d04d2dc02bea583005288ccf1d4d7bc
SHA512 98962c4ff190d7363277a95d9e765a233a94b2d914a3fb1b6c5f1314294f51def3e62cb78f0f29d94da21a7f85cc0da5110ba339c4d32b7976881e96b48c7006

C:\Program Files\GIMP 2\bin\libgstpbutils-1.0-0.dll

MD5 227c00d2e07e6b302c0aa6fbcaa27690
SHA1 3719a414570804e357eb71049220cce1281808d0
SHA256 405bb30729815d837b40c36b6a26bb1978560b9615ed3d90b8ed228cec369060
SHA512 a820da729c7381921a282b4cddb452240f3ad18e8221d0d3c4019b502bc1359a4a2151a949c6a4ea147545f787bdb6f3912d3c47a817f3e6157f344d85b8f72c

C:\Program Files\GIMP 2\bin\libgstfft-1.0-0.dll

MD5 4822be4e1eb900c4f4686dd55100c1b8
SHA1 8e110d807578afa531c4674e5593bd3a8ce400bf
SHA256 2cb9a668211898089d7843b1d20b545405b6e86387a7975103355139afa82f9f
SHA512 6a93d3c13ba738030ef4b157c6355aaaaba801d1a4c06e2c3cf7e60639c7dd1d1ea57f927ecbab21a2f2d784845ddf252524f2e7d2baf1b7ca9cd6cea7968783

C:\Program Files\GIMP 2\bin\libgstbase-1.0-0.dll

MD5 db847c9ec04113917d178780f61dccd4
SHA1 27487e727dd12870e17d5e8108b254ca150f1dc3
SHA256 e030aa697d3451a375970b46bd317d98c6fbb95d1565fc3cc4d50e812d297af7
SHA512 8f41f2a7013ff18a917d19337ac2a9103bcdd7b5b02fed9596ebd04e2408201963572f889cdbf0fc4dc2ec2348873a404e4bbefb51896b8ee16ed3668026e6d3

C:\Program Files\GIMP 2\bin\libgstapp-1.0-0.dll

MD5 511bafe6490fe897dfca49e2af0dd4c7
SHA1 a1eae0e4130ea80da68f4525d2982a26de0d5aac
SHA256 1f34f9487f977c6c768ed121443bef4bb3e773b7798d631c3ea9f6883a4bee27
SHA512 c08a880e3808fedf3d43498baed5d6b9002c57b7029805b000141940085e6d8c2fc2e5cd1c75b0d153c357aa7babd6901914f6ddf6072096adda5f67783803c4

C:\Program Files\GIMP 2\bin\libgs-10.dll

MD5 20e3cbfc5d36f63fa5ef33c0e237ae1b
SHA1 50c1ae66f7a9e5e0bac608da2be98ebd8beaf6e4
SHA256 c8bb63ba2768b3d09e9ab646c27c47701f10b9e7f81424a74a231aac3b02be8e
SHA512 39a484d1f1eb517c7712f175a6f4ec29d4f17fff668b2a5e9f6d6f2966a343ef3b316ce20e941e34c196403e440c173a4100e01550cb8272193276b14420798c

C:\Program Files\GIMP 2\bin\libpython2.7.dll

MD5 f8fdedcb949cd21038f39b144f460f38
SHA1 098cb382195ec56b281c4b31b9a1606eb75cb0e6
SHA256 92e9eca345ea2669a8a2ea98e9d7d17f5553705f6cdd6d90f9657f8002d281f9
SHA512 400ed9efac8e8e4fc575107af96efee8fcdaacbac27788ece9e2c7b12fa5d34f7e4f693ce7c7b5054e0d55cacdee41067d285501c2fd3a40a7a07763bd400393

memory/4908-33910-0x0000000000400000-0x000000000071C000-memory.dmp

C:\Program Files\GIMP 2\lib\python2.7\email\test\data\is-P87T8.tmp

MD5 2d3d86aedec6b204f70cee1e483d3e14
SHA1 0bb29f5835dbf25b09e98271205a5b0e3b499ac3
SHA256 bb24009573f88b990c922fdc65adddec1312e30373dc635c6099912d4f836a41
SHA512 4981b870b89ab02309d9b5a4acdadd1f145baaacb5f23d0575ba2c62f10bbfe2343c1178456270ad5d9f22f9528e846928d014c14146ec100b8bfeb07cb3f29a

C:\Program Files\GIMP 2\lib\python2.7\site-packages\attrs-19.3.0-py2.7.egg-info\is-7R3S3.tmp

MD5 68b329da9893e34099c7d8ad5cb9c940
SHA1 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
SHA256 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
SHA512 be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

C:\Program Files\GIMP 2\lib\python2.7\site-packages\packaging\is-J4O8N.tmp

MD5 2eed0787819307cc2e25cf45a4a9b5ad
SHA1 74e5f4a45cf9a2e4e3e1f66456676bc7c49b2fd1
SHA256 e9e9dba795e045f8c18ec23df9b9f4d078c77f94c7db53c330e2a4256f31c3ec
SHA512 3dbe5d38dfbafdae2bd2d0bc621996e3b5b857e714bb2f24264a88d929349255f9332256ce01121b8e19ba9f2ace51d5da9db3898066f43ad2f4975ed2692537

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Program Files\GIMP 2\lib\python2.7\site-packages\pip\_vendor\msgpack\is-GD0DU.tmp

MD5 741a33042796dcc6a1c101898f38e87e
SHA1 4ceae08460a40acdf926dbb2908ff87ab6309e4e
SHA256 7424d67a2f1da64accb100dc8d093be004e5f47b08047d326edf3338f36a3187
SHA512 24578d126892750ebaaced8a9977b01e84f3804cb484ebcdb120cead612eb2517a0cc4504fae41971c05fd39da65225931e868498f4605bda8178462ee56024a

C:\Program Files\GIMP 2\lib\python2.7\site-packages\pip\_vendor\packaging\is-CL5TH.tmp

MD5 2a2f319784450ed303d86e6524053f42
SHA1 b6b3552024c5bc24df9f000e34e13b6a37992ee5
SHA256 a339025fc43c7f6a84d4489cdd8890e1bb8355f833da261ebd8f5eed1db2de26
SHA512 55ca410aa4222751656ba1d5c8b7c1cef972db9333f8115cb3cc91fc3ced293aada426895b96be81ba4fd1587b7a7aadb8e6a467e50e82d71c423d4226089291

C:\Program Files\GIMP 2\lib\python2.7\site-packages\pkg_resources\_vendor\is-7OOID.tmp

MD5 fc9c293f584c3bf6de629ac89e5a0e83
SHA1 6823808a8e61fd3e3ec722ef45ad6cf1b4bd9aa2
SHA256 b66ae9fa5bbea8ed62ef967320de40d769ca4510f50a6e15a64fb92d1f6b8a6b
SHA512 1d037acba4b9362a24f2e8867fa5b85fb1aab1cf121dd0054ef7706e643e0d9d989a7cc202d04c5e9acee4a73d1af08e082ca19d9c34a9fc04e4e9b001de42e0

C:\Program Files\GIMP 2\lib\python2.7\site-packages\pkg_resources\_vendor\is-7Q0C4.tmp

MD5 845b81ec7ab998bd8a74a81d90876921
SHA1 b2210670fd12e935f2e38eec166f62e389ee9c8e
SHA256 3227af504bafde5fe6408487e52174b210e4fc13611c7cd88803eb4f72133782
SHA512 cbfade70cb495b5f1be533da89d6b6d325fdc162456b24b98262d77bea70188c1a176520bcbb72bd4f96f22c0116d0563e9a8261fba44134c2c9ca7352053b12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 b82ca47ee5d42100e589bdd94e57936e
SHA1 0dad0cd7d0472248b9b409b02122d13bab513b4c
SHA256 d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d
SHA512 58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

C:\Program Files\GIMP 2\lib\python2.7\site-packages\setuptools\_vendor\is-5IR4A.tmp

MD5 bc699ae46b6550114d7feaaa4d551563
SHA1 9e01c8a7fc0affc9d99f72a275d40b8bbc1bb809
SHA256 7588f5e278703e8256a1a2bcdba282f61f7d028f1ff46ba0b753deea392bd524
SHA512 c0e81d080666d130fcadbdc619cc0f651929431c03acecb9e481a3af14ce8517d91a37a4e4c4d5ab2e6a64fec43b40414ce90f5dd2b4a43a62cc0f4a59a2b5a6

C:\Program Files\GIMP 2\lib\python2.7\site-packages\setuptools\_vendor\is-4GOK8.tmp

MD5 f3186384f56969acbd47dd1e14431fd0
SHA1 e036fb43b3fdb55291bb33008b375b4d9465c09c
SHA256 75b68272cdbb77237d827316185e6703f06b567e90f8dae329826957dfdf801b
SHA512 99a0bf021448f74031c8a9ed7950c6ebe8e4134d537da42774d500131f285cfe842e198150731dea9bbe249e443364c9d79d3a18f530a8789c0a7f3a4b0fde24

C:\Program Files\GIMP 2\lib\python2.7\site-packages\setuptools\_vendor\is-EJJN2.tmp

MD5 37ea4a767cd61e0c606b286de5ce36c1
SHA1 ded390e4887aca857a0b8437f289995e13c073d1
SHA256 c5a73d18d3da93f1f304f33fdb2b5b4bf2bfb3acb319effb417cb15be34eb485
SHA512 7d4e662273b7d9a1a9cf10b33fee1583efd46487aef0672fd709ec4336e8a3dc21cb46e5393fcaeaa0677835ddc52f446109cc29db4b5f5886bb550b819bf995

C:\Program Files\GIMP 2\lib\python2.7\site-packages\setuptools-44.1.1-py2.7.egg-info\is-H22KM.tmp

MD5 81051bcc2cf1bedf378224b0a93e2877
SHA1 ba8ab5a0280b953aa97435ff8946cbcbb2755a27
SHA256 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
SHA512 1b302a2f1e624a5fb5ad94ddc4e5f8bfd74d26fa37512d0e5face303d8c40eee0d0ffa3649f5da43f439914d128166cb6c4774a7caa3b174d7535451eb697b5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 339543b98dc97e2b0c75952b71c156c0
SHA1 c452d10b1bb344e9c481c4b0da5968579fc75f39
SHA256 31b09e4e29c6647dd8cbb80f72b1f2aadb148d5e992b3b33307ca95899d362a4
SHA512 95f4f96c37de19659a21488db8fb187c34bba03273b140a91b5b00c4b8f3cc8c3634702bdcf7456a37ce10fb25019bbdf90f3c7897bbc4146a86f862dd331f1e

C:\Program Files\GIMP 2\lib\python2.7\site-packages\webencodings\is-S5UTH.tmp

MD5 f60643fb1d1bcc67d909770217036a43
SHA1 0d571c80a0923785fd20100b9db8c74993d035e7
SHA256 e003bf2b14dd76a1adacbf67b3b9003e36f409c37ac6c088c5b2b7ec763daf71
SHA512 1c3df76548c9ff20f24f6750cf3dabb7866b498924f45213f72d1befd9e8232b91f7b4e4bd5133a3517b92554e74e7da2c6fc6642167c00122ac6093764fa7f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3b6400a9a57bdddbfa935a38d2196eed
SHA1 50f270a2f96bf280bcb311dd44ecf7d523d44ee7
SHA256 380f972af6ff88ef5f8a0da882babd3ef1eda370930673c9640f0be76043a741
SHA512 1e0dc6a36ed167a8815ba09a3c89a5e83472fa6afedddde8b0ee7cde51452edcd8f4c596bdcfa11db488b3277d9c7bc66c6a1821b32002e260b28059503f0e9f

C:\Program Files\GIMP 2\lib\python2.7\site-packages\webencodings\is-P9VJ1.tmp

MD5 74a6bdc155e4e6e8c08b22b0b34b5e7e
SHA1 e7b80b249b8a194b29acaa3b3709f655d75a7a62
SHA256 c8ea9649d9a9cad19f52087f67a258803361a1cf81007cb279e4f5e45af8dad3
SHA512 ccc32377c20e805bcc30e1eae818397052f94566af0e0b8edcb7617b61c6c581c6a19cb84d481168a40e95c564cb21037fe14efdb725bd2f013c745668651d5e

C:\Program Files\GIMP 2\lib\python2.7\site-packages\webencodings\is-0722G.tmp

MD5 55d9055c84ed1357a3a9ddfcd4bef2ca
SHA1 b86d0c96a67c31ebb93d1dfbc506289cd8ed30c0
SHA256 a8e04922e3f2ff8072607e96fdb360245faa610d83a14f9d2ac0eee724560978
SHA512 83f0a156004d77c51704e65158198e49320d954f5295cc995a281d8c151dd17dc47ee212ef4fdc0b197cbf339ebc500056f49782dffdae7590e6404de167e3df

C:\Program Files\GIMP 2\lib\python2.7\site-packages\webencodings\is-7O5NL.tmp

MD5 f576e857b45ecf794935b1fd1919a2c7
SHA1 745ca9bd26cc0c09828bee5f21d461d3aefb9484
SHA256 3ad18bca384d6357ef916d46bcb27f155f59a2a0bd027ca3afbab79314dbccdb
SHA512 8f1cc6997a3c6dbf669af6df41fe0586464b07974c1dafb079a511226048d344cc425f192c1e79377bee40b05fa4322404a81cfa65bebf801d8e89d8b83ec728

C:\Program Files\GIMP 2\lib\python2.7\site-packages\webencodings\is-6FRNL.tmp

MD5 16b377e26f6f4b9353464784ccad19dc
SHA1 1fac2e8b532eb9062024c99e8ae7d0417f12520d
SHA256 19821ecb09e968b9cfd064a273c2c55a0774515bcefe5d4d73a62817ef3b47fe
SHA512 db6c969e5be37c2ea70b98b8227c87121611ec364bd752a8ce083bb0deb59f7cf08aa59e370c46f9a6fe8f7eb2a11fe8717f37a59825aa9d45d6a6ffc464ce85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

memory/4908-44387-0x0000000000400000-0x000000000071C000-memory.dmp

C:\Program Files\GIMP 2\lib\python2.7\test\cjkencodings\is-6FB4D.tmp

MD5 856e0cebae566258f572e27aedcbf34d
SHA1 9c4e3bafcc4a0c146d4bf21dd126484bb454e789
SHA256 21cb011018b58c87f2c824e08085d24f9379244bcde6fbb6b46da2f6431540c7
SHA512 21e996c6470367d7a74e6cf96b0105ddd93fda0c20fa4053842c3504f582c83688caf04fb64f7fa0e28378d894d29a7b1a39b8bfa7869f710fcc804a6231b3b8

C:\Program Files\GIMP 2\lib\python2.7\test\cjkencodings\is-US6K3.tmp

MD5 4ad57dc71cd0710481e757484c6d1197
SHA1 44cffb5117f62e0697f27f9d2537de3108749df4
SHA256 175e984c0c7bd073f037b0aaa6df4d8aadacb6f1b8898484a567b5e70f5a5837
SHA512 4a2f934f6f907cd2b3c70e3614684460f253e29ce554a418cdc53555feb26252607283d4d5c27221cc8205d002febf4c73b49d5ac0c6b7376e5dade72e9fc9ee

memory/5188-46039-0x0000000002A70000-0x0000000002A71000-memory.dmp

memory/5188-46044-0x0000000002A70000-0x0000000002A71000-memory.dmp

memory/5188-46045-0x0000000002A70000-0x0000000002A71000-memory.dmp

memory/5188-46063-0x0000000002A70000-0x0000000002A71000-memory.dmp

memory/5188-46064-0x0000000002A70000-0x0000000002A71000-memory.dmp

memory/5188-46072-0x0000000002A70000-0x0000000002A71000-memory.dmp

memory/5188-46065-0x0000000002A70000-0x0000000002A71000-memory.dmp

memory/5188-46075-0x0000000002A70000-0x0000000002A71000-memory.dmp

memory/5188-46084-0x0000000002A70000-0x0000000002A71000-memory.dmp

memory/5188-46087-0x0000000002A70000-0x0000000002A71000-memory.dmp

C:\Program Files\GIMP 2\32\bin\libgs-10.dll

MD5 5fce93221f9f1062057adf6137e62e2a
SHA1 3c8f36dc510295dbb92823c56a1c3aa119004089
SHA256 c9d6f05d54a2c8c538cc7bdc65b638f7f0ece70a37102946f1d241784f01c465
SHA512 31797c8e3b810ff1957334d3ee7ad311ada7a469adfa9a8faef5d5dfeb1b7a1cc8a4d9bcd9b17e3cdb85fbf8cd1dcceeb0bcad7c865ea6bb7aa5679a38d2d860

C:\Program Files\GIMP 2\32\bin\libgstreamer-1.0-0.dll

MD5 0a3ca0048552dae6c915ce14ab761981
SHA1 abe59a31cca4d04ae0031e82726ab2e2b493c8b7
SHA256 3e3a550f9956fb71079a09a42d25a2bb25b3ce82985c833461f12beba9a549eb
SHA512 01d8f793221ff5f031bb4d7072b827e3ad10e72cc558d586099d2a9ea80b2f77e227a461c458b3efdc02dc53c28aed2fd042ec4e96c354f936ac37cd9809d5fe

C:\Program Files\GIMP 2\32\bin\libgstvideo-1.0-0.dll

MD5 a7b74e1eaddc747cecf4ea98841c6bf0
SHA1 3984f3f4b97906fcfa1aafaf3d9307af4a3242ec
SHA256 19ce3147bdd46b0ee56e2ffbf3b611de38dd1e45aa851b16b7510feb46faa6e6
SHA512 810d3060b692229155032021da324ce30ae858a6a78449e941c5b9830a010088a95346723a570427966ecaf00a3716c8d462bcbd578c38bf47055878734a25a4

C:\Program Files\GIMP 2\32\bin\libgsttag-1.0-0.dll

MD5 867364d859d89c215b47f36fb655b46d
SHA1 111631521f785b7835cf511912cc9d04ef8d6ebe
SHA256 bf33d373a782b4892583ef5c7f61b92ee114b364b9d0098694e2281b00ac1361
SHA512 ef1a5f7ddfe6c6fbd4b80e3a0cf6c61b3504879ca1f93887b550c71825e517658eb27286cc1816f63973ea47b54251f3bbc94a7ffa3cb3e1cb5bba81c9cb5dee

C:\Program Files\GIMP 2\32\bin\libgstpbutils-1.0-0.dll

MD5 add756c2e872ad5d27b9a33c12d4118b
SHA1 ee5ab4f31b7908be3309b6be57953a48354f103d
SHA256 d569e753852c3ca1ff87edca3298f2c4c9468267f3a085eb5225dc8bfb4783c8
SHA512 81cf21f2f44c86429bb85de05c9671582dc4f270ec9e1f18a86ced60671ae420aa38e0325ff21a467e94005e2d3349c816b6e0b2be2b0d56ea6c861184fa8969

C:\Program Files\GIMP 2\32\bin\libgstfft-1.0-0.dll

MD5 80a2ba7ffad76ed05aae5439d07646ca
SHA1 aa59030de60cd8162edf262993585263f083d8a4
SHA256 0ff2becd8005213d3d85d2dda15c3c272fc5aac700f02dbe84abacfd342d387a
SHA512 a90ea4ac5e10db3d41d742830fa40da218f48974752515f77d79851eee0d31495c12b717f4f32e0777ecc90ee5234f0116747f3e51d2fa2545685ea2847cca43

C:\Program Files\GIMP 2\32\bin\libgstbase-1.0-0.dll

MD5 3b3ccf807627d8b367da46365b86d097
SHA1 08f8d4f5d834f19a88a889a84fafc8eae0e5cf57
SHA256 7aeb0bda44ad2649f8f156ceff85ae1eeaa5fe3f9ac1caa82b372e671888d9bb
SHA512 4f15137ae9bcfeb5107bac30bed3d67206b3d21347437555c4abcca1792447e6e85aa8501aff45ed72bbe589160c7e6383bbea48b1bbb32c3ad79e48ded0a6db

C:\Program Files\GIMP 2\32\bin\libgstaudio-1.0-0.dll

MD5 d93c2d0795a5e81f9e8ec4b3d1fe62b6
SHA1 c45b77b37a0e968ca09b4a0fbcc99eb9b1c39559
SHA256 1935859a6779210a669896236f89280e3b6a75285e71e4584154d079ac576173
SHA512 45137352469ec181172109a0de1bd205307085a90db2482f8bf51551053c95f95c46e6bb5441a43fa2eafaf035ddb79dce22a009315cc19da1742f244be9fb2c

C:\Program Files\GIMP 2\32\bin\libgstapp-1.0-0.dll

MD5 d021865d4e818dea16d17eeab6c8ead8
SHA1 15d15800e50bfb5f463a0315582ce372a538e852
SHA256 4d243a701536bb4802765a3d44d37969dc727aa35ccb24a4e3ff78b978b7dfa5
SHA512 6b6f6f2146699ee5f06b3489df9b5336eb374f91a4aa94ad353b08d2e23303cd69299d27d1e531479868050995cb67b60d024c6e9a630b4930b0028a38c17b46

memory/4908-46272-0x0000000000400000-0x000000000071C000-memory.dmp

memory/4856-46276-0x0000000000400000-0x0000000000712000-memory.dmp

memory/4604-46279-0x0000000000400000-0x00000000004D7000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 78a46b0292a745cac09d80ae907d3c1d
SHA1 7e46b549274286979dcc66b588b38aebebd6186a
SHA256 2e8ca9534fa38c003797f45d6bb423e2580c593c1413fbb587ab22bf15b177c1
SHA512 50b801c354e7dd5880d70f7aaa3dac827b9a5059f47810ea122d303ec2fc99593ce9e7ce4d2cb5c9a4b9dcd1035327244515864e0c496cb4885109b7fdba1a54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5b7ef0.TMP

MD5 2da6c743c48eec347e94955b937b8967
SHA1 70c90ed9e6f02373da1ce618e50977e01278cf2b
SHA256 02dfce30612adb46fa0e13fe3b6160c3ea4ef13d4f0d6c307541febca3f5cea5
SHA512 a5abec937bafdd9f9590e21fb15127f75859ba9610b716de4365880c94fd5421a340482cfbd808b2c7f41c3a32e9704e76760c00a521de0b49b65e0435871a5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8a97490d16402dcb1bf2152cb2c79224
SHA1 2ed3c5b0b41f01f22b011f599cda1cf2691f4aa7
SHA256 51ab3eaeb72373955effab6de3ea13d367ef241cc9e33277d67897afc1282e8c
SHA512 0f439668d1227b52baff2eb5f2c27cbfd2da94fd18d1890c48031cc4996c8748593fb45e774af6da6656168040e96be7df0f3aaa943069393fca434a7a60c264

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 0753c3de8475e7b7dab562e3a286e117
SHA1 1cb3bed2a6ac024c36778eba6b94545f4a468824
SHA256 15807812e6f24b3df1d9dd65459413b4f8c0362c4c8fed33cc16c59487dcbff4
SHA512 4bcebba7b498c0d23d33ba0a6a2f2e896815e0f4661c2587a581c6a7cd7b514e2c10785399f11e2d41482bf89f30e5ae65f06c698a95c5c5fcc1ed1277601f34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b8f7b.TMP

MD5 dc9b2f9a75e48ab82d5a816c3f83dc52
SHA1 404bdc0eb064f55f2fe0c40bbdd9659f62c8ca28
SHA256 1404db38cd8ff814236a71509625b4a64c82d3f64559fc4d22c2d6e5f9ef5fbe
SHA512 fb6b4a293458dcfb88f45d53a724de57622dd7abc626ec32712247789a05bf4a11c11c231aa89a4d6369473eec425752831b8e25b6b4e555f7ec9d90ff306447

C:\Program Files\GIMP 2\32\etc\fonts\fonts.conf

MD5 819a5091568f21e0709ce38793952f52
SHA1 597f6965ff18993c9fd244a3e63c01819f7d5520
SHA256 d043c4d0951ee229708340503b04322041acbf29bac7056e8a05905b8708f7f9
SHA512 7c67c371d81557a17d4fc191d8c6862a3f7a1750dd5d5b1bdc099efb53991dc7058389be32d0f1f71a45dfdb52fd5cae441d3c5c2b98ddf9daa4b33878d4493b

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\10-hinting-slight.conf

MD5 5da52d777c5af2cb4b7445b81ead6c3d
SHA1 eaa33b6e3caab59de4d1658dddcc1d49acdd8149
SHA256 d138eca2bac3f78d45ff7cfb649ad792caa4a6e61f73cea7cf0ea54b091f1ef4
SHA512 d49ff3355bf0c0fa9c1c23ee0326d82fbd6c2d320d9439f841a21f5e0cef346f87fff4b6b489f3722ce9c8eaa54b384e060ee76f9ba2be7d6736bef34a79d9f3

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\10-scale-bitmap-fonts.conf

MD5 8588f87eaf68a1eb73920066f6817b48
SHA1 d662489d576538a2fa80387f0992c2c47159659a
SHA256 df8e99abb6f82384c61978906a45a95794940545da95790d87f01d9391e0894b
SHA512 d419ef273977ca59742a03207e3b0f1cc4e342753025860246b9c2dfcd1c1ea4f42faa84e7aba539a548a6c5a7dd9d61a89be11ec9316470156ea7ccc0cd6ef7

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\10-sub-pixel-none.conf

MD5 3b917873967397433a44ddff38568ce8
SHA1 9a8f7683c1097b70cad6c92208e8d662e48377c1
SHA256 0f00b5cf0ce07062ec65b9b340aa888f6c5fbc215aafebd26781be2d5a13ff6a
SHA512 a4b27dd1b809f686819679ce6fcee662e59d005c5c72a00802a7aba366cfb740a77e04df7f2832de04efc24a4b0294a3099c63c8457bfe4ec11ca419baee5fd8

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\10-yes-antialias.conf

MD5 908d9e324c24bf809448ca7041db580b
SHA1 d0b8a9221bbf15a96b4ec974a38dcb82249cb2ef
SHA256 e6d82a642d1b37f7d24dc37f938b999f00ff7aa4303b2602d04164d53f221005
SHA512 f13d491cf884e354e1f00fc231a3ed61883f3f121c8f3ed9cc2f58f6cdc7ca8847fa4a2571a0303f4ba7243d3a8031f2a3daff00b51f0009158cf872f776b42e

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\11-lcdfilter-default.conf

MD5 4dd5ffa8e7c3448e76fe1bbe2f3df871
SHA1 82d6f28b0b2457e5ff02476aaa5bff2789ee052f
SHA256 76aec9d8dac48faabe1bbde9e887cfb09fa45f30be5f8826e945a394a0097e48
SHA512 351e2f0a3c274971f464453ac6dc0c691feeac633cdd56d40980a7b997f35a1cd03fb139b1cecd63dece278136ab6c25c62fb60472cdd988de9abf9db409ae01

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\20-unhint-small-vera.conf

MD5 535df1a3aed553ced27e176639e4b541
SHA1 955a354712d2b13466a95016fa6df29351747902
SHA256 278732c68c16177f2aa3c7e4ea318b9f720aee13a433c32eb15ba626806c609d
SHA512 ca312f20fc6a2c23e1520c98aab57f62c8b35cf1dbd56703c1fde6744b5ad88bdcf8a068c671f7264439c9aebb61ceec3b506ed1b1ec2090322771b23697d162

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\30-metric-aliases.conf

MD5 7be41db6d316caacc8978247ff444f29
SHA1 e621f64446c48b68cdbf2324990c58d8c93c6353
SHA256 4c17a813364e7f38ca5758350cf47fead36a9f5497e4a310ebf473f2e6103661
SHA512 fb4fa8b68d87351c860151cc23421460b5cfa779fe0cd8559ec422c3b2745f14b4b13c88be63ac5e637c8d33654e3457178bf425c59d90afc27c98ac935f9408

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\65-nonlatin.conf

MD5 741b4468181be70d9661ba6cfe21656f
SHA1 c7cc728ddcd9980357ea8764a8f5cf8eba9a7470
SHA256 62368f194f78e9d9b52c13dd605cb8bdd8d4386fc8177b72eff5fb01dcb61d48
SHA512 d5751089fa48638a9b6e5ff949ccae73e3d9dcad5b891fbf59c7aff5727264a48edde6a969d1512c1c3103056942fa003674dde9096df90fcd98dcc9db077d43

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\69-unifont.conf

MD5 50c85de35a0dc211f7222ae974df7f3a
SHA1 d3baa57cc3dcc8a224f724a48cbb986bc6a2e717
SHA256 fa97c0cf5f79d70e2dc3dc48155d4c9220cd7c6a8bc95b89c4ebcc517f97479e
SHA512 1b2b9fd585ab37bfc79daf87831746049cba49899b96925cce57832a0582533cf9090082ad3df9250f2788993b35bb3b847baf8aa6f371f15cac48ca4978fb91

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\90-synthetic.conf

MD5 3202b57ed004b0828d6e2e70f56d951d
SHA1 45fc77d7ecc0029128ba150869736338769ba8ab
SHA256 cdd0aac7840c664a7127b64db66bdfe8dc22be3774d10bc22f4a41c98de5d85e
SHA512 da2d9448d67fd8945f1b5743bfb5ffb961f1c4a47959b1079f7c0498b346110726573a39f2d6cc950effa424747a1d9df11cf87e55dce3a0ed5f6da2976955df

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\80-delicious.conf

MD5 bf3e2f77fdab77b46f9f793dcfa267f8
SHA1 f87ad2085c95b59b73c5bdba7ea38a837107378a
SHA256 34f27b7fe9cd83b2b6d46f16ef9c477412f2d7ef63634f86b9b38b79bc4f81ad
SHA512 6b39f7e945d38fce55fed2654163559685f252799648cd2365a6d99c7367a96ba06f2d4ea145f638f50b50c4ddb97863880079866b92baa6a07f23084d370516

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\65-fonts-persian.conf

MD5 b04584ac948140f0c6af958b87f0a734
SHA1 876f3ad3ee03a2a9f9b45cfdb594885fba24887d
SHA256 c675fab143a3638346874798be45f51f6878ebec591b4362d83cfffb828ec4ca
SHA512 46615f5b1e199296e08c6312c32fbcf3719fbdd610520a5992d617b83459d0cd21b5f4e5516a2fc46485e41c84987dfa4f67aaf296c234ca9f2dcfa23aff0589

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\60-latin.conf

MD5 887f091506809fe493dd452a40cf97ab
SHA1 1adc4ce6985da52bc10fce3a3d8139f0c0fd430b
SHA256 df313037dc3a13daa6eb82483aedfc236157cd3895c557250aa5e72b71ad5508
SHA512 523214aecbac02e9807835412c238b1881bc07da3c701a7031ef082f16c7b241db599931441fb6d5f50f4c664edbdec5d8fc9a05dde2031f4dcd1788f9453745

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\60-generic.conf

MD5 381ad51b6c9a0c578c7176ae47481985
SHA1 30f0188bf1413da4929cee95e05273e788039343
SHA256 195bc8605dd23289d42c10d79cc13a5ce4a4b3cf965df5b30ecc0b7149bb951f
SHA512 babfd6d9f0a9b9fb681814cb7ab430523522a35ae9c7e7bdb5de6c0d4cda0c3fdf93f357b36097de98c4e46be769849af1272b24ccd4619607094fe0bb137aa4

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\51-local.conf

MD5 99b54670882634722fada39c78a39863
SHA1 c45b9c072773024a3bc8f75c6fe0b661b9423ffc
SHA256 dca9d917e1f66f73bfa495943b4d1eaab2d93810a51bc8e600cf4d4e9df03e67
SHA512 dbaf31cb11b79f7ba9602c1d4003cea1bb9b67921784e4b1a4dc633ae7bafdebc9c5b763d4eeb5f54ae93c812dc6b31deb9582d0a1e820bcf50f3cada512e834

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\50-user.conf

MD5 acde2cbca39bb6261deea4e6e4bf597e
SHA1 4c445cc1e11e1a9ecd2659ed3aeedb4656a9536c
SHA256 449137ccce57d60bca178d57519ba54e1942d757ad171f3a88cd78df2161c970
SHA512 8c0102f19908d2047452804192f1ba46888d18104ea7dba2e5a5facd9eb09be0457d141065931a25d6220451fb13212cecaefafcd36d7f8e92b035a5bf31ac0b

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\49-sansserif.conf

MD5 fb5873c73e8ea39848ffb07a8d87d8cb
SHA1 941303d6620266798d8bb5f7e27d209dfbf96f2f
SHA256 7849a11ce5243e8bb3d06bcad558737a8682e5122e73c8e427f4c011a2054818
SHA512 93184af6f7eb1461aef28272ce765fa3ecb6724f31f53f39d845e85688d6501112a775c88289e9671c6a1e61d4b30b975c40b0dabeeca4c5e9d45806ed8893cc

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\48-spacing.conf

MD5 9ef1b86cdc752b8765d2d1531e799cc1
SHA1 aceb6139032c431a8ff176c9fb823d10b6f0c5f0
SHA256 99d839cd8aa28854e8f54f26e7200b6e57951f39f56791a0ed473662488bcef6
SHA512 f4180859b4782c3ac1f23bd8de9555452ed5d431d5371bb99fa57a4e8d49962c0705d9a08b1a56e4a5a5064600e89f8aa70f96aea431c5dd75a55a4abcb19e95

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\45-latin.conf

MD5 a4d73455619dd836ecd6c711d7d6b522
SHA1 57fdb3a40419eae849b451060e66fc5a49b6b938
SHA256 30ee92d2633ea4ec2328975fa44e3ff4f8c6465b468b79c3b1df7002f0693d23
SHA512 2ee6aefe51f4421b306d3d894cb58aa92187f551145086788b31739be80752427a27f1b7f73502fc68d00ddc91ba29a8e6e91f197465a919451b6bdc272335a9

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\45-generic.conf

MD5 6eb7544e52701729de1bc87c7e03b155
SHA1 295754dd99d277d8b61c07828e1e28284789f982
SHA256 24de9f68189d544bb4cc084d9bd8f3a59d8b988a9dc44b11e9877d5add5fc948
SHA512 fab9eb85c2462345cd43fa65b35ef5bf4ff8421226f82b5d530e38168585ffb31c319881367363a1d9fab2f7e42b32000a05c9ff51cdd7ce567b24ef4cb629de

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\40-nonlatin.conf

MD5 a5b99766dd902496b2b708dd0a5d047a
SHA1 f206d6f64f1c72bcccc1d6438439de33e73688da
SHA256 5c3f7d62a44258d5d9e81a93b1685bee5ab78acb8688b25a43c4c1e749312a84
SHA512 88146901c41c194d449e69550af3d3bb6d8b2d691a5e23fcab39cbc362aeb3f90c029dc41b66dde35cfb6b2ba10feb524ea7358f70fb5de3a551c1490a27ca9b

C:\Program Files\GIMP 2\32\etc\fonts\conf.d\README

MD5 ad6182d0b838d9d8f39219a37b88b24d
SHA1 3f1d5904612ec60b102ade1189257d2d4c3a41e8
SHA256 fdc29a3ebd8816eb07ed04c2cbe151076e95a7b0b2a0ec8fe94e5c8a67931d3c
SHA512 7e430271bf1e4dd99349fd0b3610776bf55a72b81ea53077c4cb566835019cf2d0ed85857dadaafee15b86e25064d6204bd13ecb083f08106e900d55e13b822f

memory/4908-46594-0x0000000000400000-0x000000000071C000-memory.dmp

C:\Program Files\GIMP 2\32\share\themes\Default\gtk-2.0-key\gtkrc

MD5 4ae0697ce8ce144e285609dd83ad53f3
SHA1 f4886997fdb05b998f3510ee4bfc62257e15dd30
SHA256 dcdbb5a775eb9dbf659d80b6694d381a822af3665706c3ed7488b84d95eb8f8a
SHA512 c9e8ba2431bd469d7ac212fd7e548cc1fd8285e216a1bf0fcbf9ea9aff16d7e2b9b31cf0d1a2be5233a9e0ec0b27313fa094de5208204c3dad4e8dd41b332adf

C:\Program Files\GIMP 2\32\share\themes\Emacs\gtk-2.0-key\gtkrc

MD5 4b600a3c3c2ac37f7d0c13c4d86ac752
SHA1 d1da549c070d74aa9f9456c4c1e0ccbdde5256c8
SHA256 4214bee389645edcc7c9971ba35dc4d96e8c135ebc92c51c05b0c7dd36abd8e5
SHA512 d4ece8e39a80073bec016b375a75bb5ff5c697aff560e5d4aafc6031f26451f8d3ef32faf1a0b2be3470450eb2ea3ae8978cc444ee0e2d2ef374ef43340e64ba

C:\Program Files\GIMP 2\32\share\themes\MS-Windows\gtk-2.0\gtkrc

MD5 94d104680cec5f3d8bbec56258d0c926
SHA1 72ede372fcb34b29754f20ad44f49bc8605cf22c
SHA256 e9dd3015f76e05f185ebe7564d364aef8b8168b05e62421c99875e14e4597977
SHA512 cf7d04304fa58e2dd9a8492b31b065c03c1f7ea96ab71d7d3d212eb17436c7c181470c23296fa3f599f1ef56c6b243921ed7f0a92ad3e0a6cd40a5fe857955a9

C:\Program Files\GIMP 2\32\share\themes\Raleigh\gtk-2.0\gtkrc

MD5 5fc9003ddc2c64b110b1161259f61923
SHA1 4ecddbcceddbd90a3a654d3788ec3aef8c197a8a
SHA256 6d9beaf039092aec5c1fbc23a62402bcd0704c45c430189a6ac69ae8aa797a67
SHA512 5c90f3f1037fff9f10aa2030bed2c670edd528482532e617549db2133e26cf801bdec56d4543feb024cdec1c0026909ca9a21b378ec3b89489c18c395660c9fc

C:\Program Files\GIMP 2\32\etc\gtk-2.0\im-multipress.conf

MD5 c358838e1789c1d4e6da7f525fc922cf
SHA1 576ffc2f578a8b78b2295584c059338d976c485a
SHA256 d52dfea88f5964b7581c93cdea1a3e47dd7b1d8334e8f5eb53018711428221ed
SHA512 524fccb13eae05a54297320119626b668bd3f615772931f068344395a73ced6363a580b64431b9f739f15920ce541bbc5375fe4d399a749c52e75b73560cc778

C:\Program Files\GIMP 2\32\etc\gtk-2.0\gtkrc

MD5 a995f633c6fa06cfec58c15c1a2b3730
SHA1 8c86022e94be5804e45b773d681798d6b3807ac5
SHA256 289ef821fd025b088cfcb2d7a2dcc576a2192efa51f14f1cbbb42e45f59d9ef3
SHA512 5c532c03ea4f605a307d49adbb0c49f495d202252a56a7848a01d3c3941941272290389a041299c4d9faadc777fe66db6e78f75a09ea3a08bf59d201dd2a6a8d

memory/4908-46840-0x0000000000400000-0x000000000071C000-memory.dmp

memory/1260-46841-0x0000000000400000-0x00000000004D8000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 71f9ff955befe3d3ba752f97c9b3da07
SHA1 956f122e7d67ea11a638a8bb3492248d8fc60458
SHA256 45319e460e1daed4c477a804e9eac07fb028c43f896418c58ab7d24d49500d88
SHA512 7a08e2c66a16bdf18a7065efc8032933090c68f663c9390a2ad96eed64765040edecd92cae077a89c68b440b55b1f5cee68e9380cb4f24e09f55e8cf10bb2b7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e7546ed3098821f4eb21c7b6b351770e
SHA1 0a5eeba0e74df6eddef81ed982e27f820d3ba7e6
SHA256 05ee312f53aacabc688af6ef2a72ea1fd9dabe92f9109e2a1c020e94fb4dd322
SHA512 445ea10073d5795ac7607f827674dd005c48457f0820c8b2fad7cafafa5a596ce450e628d684bfb8de3bb214237ff85c078f5d2e725f156f194d9c038936970e

memory/5612-46869-0x00007FF6553C0000-0x00007FF655C4F000-memory.dmp

memory/5612-46870-0x00007FF6553C0000-0x00007FF655C4F000-memory.dmp

memory/6340-46878-0x000000006F640000-0x000000006F925000-memory.dmp

memory/6340-46879-0x00007FFCF6810000-0x00007FFCF69D4000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 af6ba7f7064deb6b91f45eaeb0fcfc77
SHA1 6035195bdad9ea8726756c5315203b3531eb44d0
SHA256 894b1ebe5b8700a551e7424599caf4d00709a080e9b03732eae01b07883f81e8
SHA512 baa8c445c77ad2082a1cb8fc4df2ae1a3175defb84b0d94b259fd4ea767110ceddd030844ad326db649628713b6258ffba8716d5a34519d7be3f5e2ac24807b4

memory/6340-46885-0x00007FF6F1500000-0x00007FF6F1511000-memory.dmp

memory/6340-46886-0x00007FFD02D30000-0x00007FFD02D79000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8b5c620f718832810b5fc82e70d616c3
SHA1 c1bdc1e93da49a02d63085520738b86c30c05efd
SHA256 792436f6f057031299948d4717478449153256a6ff4f119be0793f190e6fbe47
SHA512 8e109975861c132d3fa563a9dfb240dfd53d6c00dd2ab682943c3c3f3652d786d5524d79b0e74784c3866e629516f5d4213a66fdbece02851f117fc13babf0be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 8cf26c619bdd13082fd3e5d4562682d0
SHA1 35cab586f2ca3b1c045298dcd11db1cecd0a7987
SHA256 0abccb09233f38683afbb72534644afb5c8fd2cb13ef62df2cb0feaa039c86c6
SHA512 434f91329e5eea9444bd9c6c3e5d253869225bfe23fb8176daf6d09e85dd21624cc5791987532e8ea0229642a06a7ef60807e3fc8e74dbfff85ccf06a7d6c63a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1a61f2c616812c760704331d6d2b18b8
SHA1 b4c94841e174c79e1f32aeb668626e2c8d65c5b0
SHA256 02c440b124753e42c257b4bf7eb28b1f20f6dcd5f8bda9d7b6de4102935b9d44
SHA512 4b27374438d1f238b89e7cb6a239dd8b04c2bbf74b52e95d4b678b785e4933371183acc2ab46f249a35e8a51503cccdf9fbc9a6baf208f06345a0f37b4b66ca2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d9b1a8b5131d604c4ce0a9c8e510e48e
SHA1 5cdaa0e5bfc0ef0ded9fd5151e45517d0969dd50
SHA256 4a8f20940a4dabebd8ed7c052b167e551612e39648599be21e017ee6ba23b698
SHA512 8eb471748249d5493bfd554d97356187c89a1ec418d5dc235539f819f4bf382fcfd2d19cdfe9ffd206043a4913258bf44bb434ebe1cf8510064700bf605f6543

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a6f64151e181e3247efbe5a29b4b8aef
SHA1 e4e90fc83c0a911145cd92d828713fe714dc8bc4
SHA256 6efc59b5da998304ac7e45a45924aba3839562a1fe945fb0430601d59c3209a5
SHA512 aa8029ea6defa17781f4f286cd56429d04bce76b331ea55c9d348c07e17d93e725149853c4f993ee709ecb6fc5bcb5bb7fd83366c0342bc8c87d4b9e486dac89