Malware Analysis Report

2024-11-13 13:30

Sample ID 240604-bgd3gsfg5w
Target 20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe
SHA256 20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2
Tags
bootkit discovery evasion persistence spyware stealer trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2

Threat Level: Known bad

The file 20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe was found to be: Known bad.

Malicious Activity Summary

bootkit discovery evasion persistence spyware stealer trojan

Detects executables referencing many IR and analysis tools

Detects executables referencing sandbox artifacts

Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion

Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion

Detects executables referencing sandbox artifacts

Detects executables referencing many IR and analysis tools

Downloads MZ/PE file

Sets file execution options in registry

Modifies Installed Components in the registry

Reads user/profile data of web browsers

Registers COM server for autorun

Checks BIOS information in registry

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Checks for any installed AV software in registry

Checks installed software on the system

Writes to the Master Boot Record (MBR)

Adds Run key to start application

Checks whether UAC is enabled

Checks system information in the registry

Drops file in Program Files directory

Enumerates physical storage devices

Program crash

Unsigned PE

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Modifies system certificate store

Checks SCSI registry key(s)

Modifies Internet Explorer settings

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Uses Task Scheduler COM API

Suspicious use of WriteProcessMemory

Modifies registry class

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-04 01:06

Signatures

Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion

Description Indicator Process Target
N/A N/A N/A N/A

Detects executables referencing many IR and analysis tools

Description Indicator Process Target
N/A N/A N/A N/A

Detects executables referencing sandbox artifacts

Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win7-20240221-en

Max time kernel

134s

Max time network

136s

Command Line

"C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe"

Signatures

Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion

Description Indicator Process Target
N/A N/A N/A N/A

Detects executables referencing many IR and analysis tools

Description Indicator Process Target
N/A N/A N/A N/A

Detects executables referencing sandbox artifacts

Description Indicator Process Target
N/A N/A N/A N/A

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982} C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\ = "AVG Secure Browser" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\StubPath = "\"C:\\Program Files (x86)\\AVG\\Browser\\Application\\109.0.24111.121\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\Localized Name = "AVG Secure Browser" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\IsInstalled = "1" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\Version = "43,0,0,0" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\AVGBrowserInstaller.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\AVGBrowserInstaller.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A

Reads user/profile data of web browsers

spyware stealer

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32 C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32\ = "\"C:\\Program Files (x86)\\AVG\\Browser\\Application\\109.0.24111.121\\notification_helper.exe\"" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\AVG\\Browser\\Application\\109.0.24111.121\\notification_helper.exe" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Windows\CurrentVersion\Run\AVGBrowserAutoLaunch_2539D9FFF1F40C0A976762D6C815D3E3 = "\"C:\\Program Files (x86)\\AVG\\Browser\\Application\\AVGBrowser.exe\" --check-run=src=logon --auto-launch-at-startup --profile-directory=\"Default\"" C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A

Checks for any installed AV software in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\SOFTWARE\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\SOFTWARE\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Key opened \REGISTRY\MACHINE\Software\Wow6432Node\AVAST Software\Avast C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_sr.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_th.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ro.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\browser_proxy.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_cs.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_lt.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_lv.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\af.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_fa.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_lt.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_da.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_te.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\fi.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\te.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\AVGBrowserQHelper.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_tr.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_vi.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateBroker.exe C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\109.0.24111.121.manifest C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\es.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_no.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_pl.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_pt-BR.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_sk.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\ca.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserCrashHandler64.exe C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_bg.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_kn.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\chrome.dll.sig C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\chrome_200_percent.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\bg.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\ro.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\GUTFA19.tmp C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\psmachine.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_gu.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\AVGBrowserInstaller.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_es.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ja.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\et.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\AVGBrowserUninstall.exe C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_hi.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Extensions\external_extensions.json C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\chrome_pwa_launcher.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\hu.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_sl.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_pt-BR.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ru.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_is.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ur.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\he.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\ja.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\Installer\chrmstp.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_bn.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_lv.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_mr.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\sv.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\ta.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_tr.dll C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\ms.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\Locales\ru.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_kn.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUMFA08.tmp\goopdateres_ru.dll C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Temp\source2488_171534374\Safer-bin\109.0.24111.121\browser_crash_reporter.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498} C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppName = "AVGBrowserUpdateWebPlugin.exe" C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\Policy = "3" C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077} C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppName = "AVGBrowserUpdateBroker.exe" C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\Policy = "3" C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\MachineId = "000058d4b27a012b9e3e4541471e6c69" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\ C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AVG C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\devmode = "0" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AVG\Browser C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\endpoint = "update.avgbrowser.com" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\hostprefix C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\MachineIdDate = "20240604" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C9E6B2FC-34C6-435F-BC66-1EA330DB1270}\NumMethods\ = "13" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{633D953B-278A-4DAC-8E4B-D15296A1C845}\VersionIndependentProgID\ = "AVGUpdate.Update3WebSvc" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB785069-B832-4423-B813-47F7422BA6E5}\ = "ICoCreateAsync" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2DAE1732-F855-42A3-9D28-B7F6E291ECCD}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BEBC1D02-EC16-479A-83F6-AA4247CA7F70}\Elevation\IconReference = "@C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\goopdate.dll,-1004" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6CEBE594-0680-4815-86E1-615A6BE65E0E}\NumMethods\ = "4" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{41A025DF-6171-460F-B9A1-29ECE33E754E}\NumMethods\ = "10" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E37D9308-A3C0-4EC3-87C5-222235C974E3}\LocalServer32\ = "\"C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\AVGBrowserUpdateOnDemand.exe\"" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{40C1C1D3-AAEA-46EE-AA2B-79A2CC62F257}\VersionIndependentProgID\ = "AVGUpdate.CredentialDialogMachine" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B02B2F29-8637-4B78-892A-CFD7CCE793EC}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{358EC846-617A-4763-8656-50BF6E0E8AA2}\1.0\0\win64\ = "C:\\Program Files (x86)\\AVG\\Browser\\Application\\109.0.24111.121\\elevation_service.exe" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A27F7BCA-118B-4330-9B07-9092E8F047E2}\InprocHandler32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C9E6B2FC-34C6-435F-BC66-1EA330DB1270}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5CCD3788-C8CC-4EE9-8DF7-944B7D9674F2}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5CCD3788-C8CC-4EE9-8DF7-944B7D9674F2}\NumMethods\ = "10" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB785069-B832-4423-B813-47F7422BA6E5}\ = "ICoCreateAsync" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C8159E37-5EDF-4E6D-8E6D-E558E8DDC2A0}\ = "IGoogleUpdate" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CA348B59-06AD-4482-AD87-966302908F0F}\LocalService = "AVGSecureBrowserElevationService" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgHTML\Application\AppUserModelId = "AVG_Secure_Browser" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{30612A81-C10F-498E-9163-C2B2A3F81A14}\ = "ServiceModule" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{925547A3-663F-4673-A7B7-3FCACCDC4879}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{079CAB07-5001-4E71-9D5A-B412842E5178}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{41A025DF-6171-460F-B9A1-29ECE33E754E}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.html\OpenWithProgIds\AvgHTML C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D37D106C-CDD2-4821-BC7A-F08990DDCA74}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{925547A3-663F-4673-A7B7-3FCACCDC4879}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A012A499-D8A6-4F6C-9E05-B02D58E3781A}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000_CLASSES\.xhtml\ = "AvgHTML" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E3700FAF-2DC2-4322-99B1-D6A51203AF77} C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A27F7BCA-118B-4330-9B07-9092E8F047E2} C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6DD8E03F-6BE1-41E2-B931-A37C7D1C0317} C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.CoreClass\CurVer\ = "AVGUpdate.CoreClass.1" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D37D106C-CDD2-4821-BC7A-F08990DDCA74}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{358EC846-617A-4763-8656-50BF6E0E8AA2}\1.0\0 C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\http\shell\open\ddeexec C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{925547A3-663F-4673-A7B7-3FCACCDC4879}\NumMethods\ = "11" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7E22D0ED-B403-44D2-BABF-4DDD0DFCA692}\ProgID C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgHTML\DefaultIcon\ = "C:\\Program Files (x86)\\AVG\\Browser\\Application\\AVGBrowser.exe,0" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AvgHTML\shell C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.MiscUtils\CurVer C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7E22D0ED-B403-44D2-BABF-4DDD0DFCA692} C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{358EC846-617A-4763-8656-50BF6E0E8AA2}\TypeLib C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AvgHTML\shell\open C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.CoreClass\CurVer C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5CCD3788-C8CC-4EE9-8DF7-944B7D9674F2}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{925547A3-663F-4673-A7B7-3FCACCDC4879}\ = "IAppCommand" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0C0BAA6C-52FD-4A3F-8731-F588C5E8F191}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32\ = "\"C:\\Program Files (x86)\\AVG\\Browser\\Application\\109.0.24111.121\\notification_helper.exe\"" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.CoreClass\CLSID C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0C0BAA6C-52FD-4A3F-8731-F588C5E8F191}\ = "IRegistrationUpdateHook" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{45F7CBA5-258D-4852-AD0A-B18F3FB214F4} C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C8159E37-5EDF-4E6D-8E6D-E558E8DDC2A0}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{23AE0B95-20F3-4632-A2AE-C3D706E1D5D9}\ProgID\ = "AVGUpdate.CoreMachineClass.1" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A42B2494-93AE-44E1-B76D-BA8509A5167D}\VersionIndependentProgID\ = "AVGUpdate.Update3WebMachineFallback" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgHTML\Application\ApplicationDescription = "Access the Internet" C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{82C85EAA-7C94-4702-AA75-DF39403AE358}\AppID = "{82C85EAA-7C94-4702-AA75-DF39403AE358}" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A708F91-06A3-409E-83BC-4A5CF10C8025}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8C50E3A4-12A8-41FB-9941-E8EEB222E07E}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C50E3A4-12A8-41FB-9941-E8EEB222E07E}\ = "IProcessLauncher2" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BEBC1D02-EC16-479A-83F6-AA4247CA7F70} C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B80EC6B9-55FF-4E4F-B4E8-9BD098DBBAA5}\ProgID C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13\Blob = 0f00000001000000140000005bcaa1c2780f0bcb5a90770451d96f38963f012d0b000000010000001e000000440053005400200052006f006f0074002000430041002000580033000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000c4a7b1a47b2c71fadbe14b9075ffc415608589101d00000001000000100000004558d512eecb27464920897de7b66053030000000100000014000000dac9024f54d8f6df94935fb1732638ca6ad77c1320000000010000004e0300003082034a30820232a003020102021044afb080d6a327ba893039862ef8406b300d06092a864886f70d0101050500303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f74204341205833301e170d3030303933303231313231395a170d3231303933303134303131355a303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f7420434120583330820122300d06092a864886f70d01010105000382010f003082010a0282010100dfafe99750088357b4cc6265f69082ecc7d32c6b30ca5becd9c37dc740c118148be0e83376492ae33f214993ac4e0eaf3e48cb65eefcd3210f65d22ad9328f8ce5f777b0127bb595c089a3a9baed732e7a0c063283a27e8a1430cd11a0e12a38b9790a31fd50bd8065dfb7516383c8e28861ea4b6181ec526bb9a2e24b1a289f48a39e0cda098e3e172e1edd20df5bc62a8aab2ebd70adc50b1a25907472c57b6aab34d63089ffe568137b540bc8d6aeec5a9c921e3d64b38cc6dfbfc94170ec1672d526ec38553943d0fcfd185c40f197ebd59a9b8d1dbada25b9c6d8dfc115023aabda6ef13e2ef55c089c3cd68369e4109b192ab62957e3e53d9b9ff0025d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e04160414c4a7b1a47b2c71fadbe14b9075ffc41560858910300d06092a864886f70d01010505000382010100a31a2c9b17005ca91eee2866373abf83c73f4bc309a095205de3d95944d23e0d3ebd8a4ba0741fce10829c741a1d7e981addcb134bb32044e491e9ccfc7da5db6ae5fee6fde04eddb7003ab57049aff2e5eb02f1d1028b19cb943a5e48c4181e58195f1e025af00cf1b1ada9dc59868b6ee991f586cafab96633aa595bcee2a7167347cb2bcc99b03748cfe3564bf5cf0f0c723287c6f044bb53726d43f526489a5267b758abfe67767178db0da256141339243185a2a8025a3047e1dd5007bc02099000eb6463609b16bc88c912e6d27d918bf93d328d65b4e97cb15776eac5b62839bf15651cc8f677966a0a8d770bd8910b048e07db29b60aee9d82353510 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436 C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d43190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13\Blob = 1900000001000000100000006cf252fec3e8f20996de5d4dd9aef424030000000100000014000000dac9024f54d8f6df94935fb1732638ca6ad77c131d00000001000000100000004558d512eecb27464920897de7b66053140000000100000014000000c4a7b1a47b2c71fadbe14b9075ffc41560858910090000000100000016000000301406082b0601050507030406082b060105050703010b000000010000001e000000440053005400200052006f006f00740020004300410020005800330000000f00000001000000140000005bcaa1c2780f0bcb5a90770451d96f38963f012d20000000010000004e0300003082034a30820232a003020102021044afb080d6a327ba893039862ef8406b300d06092a864886f70d0101050500303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f74204341205833301e170d3030303933303231313231395a170d3231303933303134303131355a303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f7420434120583330820122300d06092a864886f70d01010105000382010f003082010a0282010100dfafe99750088357b4cc6265f69082ecc7d32c6b30ca5becd9c37dc740c118148be0e83376492ae33f214993ac4e0eaf3e48cb65eefcd3210f65d22ad9328f8ce5f777b0127bb595c089a3a9baed732e7a0c063283a27e8a1430cd11a0e12a38b9790a31fd50bd8065dfb7516383c8e28861ea4b6181ec526bb9a2e24b1a289f48a39e0cda098e3e172e1edd20df5bc62a8aab2ebd70adc50b1a25907472c57b6aab34d63089ffe568137b540bc8d6aeec5a9c921e3d64b38cc6dfbfc94170ec1672d526ec38553943d0fcfd185c40f197ebd59a9b8d1dbada25b9c6d8dfc115023aabda6ef13e2ef55c089c3cd68369e4109b192ab62957e3e53d9b9ff0025d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e04160414c4a7b1a47b2c71fadbe14b9075ffc41560858910300d06092a864886f70d01010505000382010100a31a2c9b17005ca91eee2866373abf83c73f4bc309a095205de3d95944d23e0d3ebd8a4ba0741fce10829c741a1d7e981addcb134bb32044e491e9ccfc7da5db6ae5fee6fde04eddb7003ab57049aff2e5eb02f1d1028b19cb943a5e48c4181e58195f1e025af00cf1b1ada9dc59868b6ee991f586cafab96633aa595bcee2a7167347cb2bcc99b03748cfe3564bf5cf0f0c723287c6f044bb53726d43f526489a5267b758abfe67767178db0da256141339243185a2a8025a3047e1dd5007bc02099000eb6463609b16bc88c912e6d27d918bf93d328d65b4e97cb15776eac5b62839bf15651cc8f677966a0a8d770bd8910b048e07db29b60aee9d82353510 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13\Blob = 040000000100000010000000410352dc0ff7501b16f0028eba6f45c50f00000001000000140000005bcaa1c2780f0bcb5a90770451d96f38963f012d0b000000010000001e000000440053005400200052006f006f0074002000430041002000580033000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000c4a7b1a47b2c71fadbe14b9075ffc415608589101d00000001000000100000004558d512eecb27464920897de7b66053030000000100000014000000dac9024f54d8f6df94935fb1732638ca6ad77c131900000001000000100000006cf252fec3e8f20996de5d4dd9aef42420000000010000004e0300003082034a30820232a003020102021044afb080d6a327ba893039862ef8406b300d06092a864886f70d0101050500303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f74204341205833301e170d3030303933303231313231395a170d3231303933303134303131355a303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f7420434120583330820122300d06092a864886f70d01010105000382010f003082010a0282010100dfafe99750088357b4cc6265f69082ecc7d32c6b30ca5becd9c37dc740c118148be0e83376492ae33f214993ac4e0eaf3e48cb65eefcd3210f65d22ad9328f8ce5f777b0127bb595c089a3a9baed732e7a0c063283a27e8a1430cd11a0e12a38b9790a31fd50bd8065dfb7516383c8e28861ea4b6181ec526bb9a2e24b1a289f48a39e0cda098e3e172e1edd20df5bc62a8aab2ebd70adc50b1a25907472c57b6aab34d63089ffe568137b540bc8d6aeec5a9c921e3d64b38cc6dfbfc94170ec1672d526ec38553943d0fcfd185c40f197ebd59a9b8d1dbada25b9c6d8dfc115023aabda6ef13e2ef55c089c3cd68369e4109b192ab62957e3e53d9b9ff0025d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e04160414c4a7b1a47b2c71fadbe14b9075ffc41560858910300d06092a864886f70d01010505000382010100a31a2c9b17005ca91eee2866373abf83c73f4bc309a095205de3d95944d23e0d3ebd8a4ba0741fce10829c741a1d7e981addcb134bb32044e491e9ccfc7da5db6ae5fee6fde04eddb7003ab57049aff2e5eb02f1d1028b19cb943a5e48c4181e58195f1e025af00cf1b1ada9dc59868b6ee991f586cafab96633aa595bcee2a7167347cb2bcc99b03748cfe3564bf5cf0f0c723287c6f044bb53726d43f526489a5267b758abfe67767178db0da256141339243185a2a8025a3047e1dd5007bc02099000eb6463609b16bc88c912e6d27d918bf93d328d65b4e97cb15776eac5b62839bf15651cc8f677966a0a8d770bd8910b048e07db29b60aee9d82353510 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 04000000010000001000000079e4a9840d7d3a96d7c04fe2434c892e0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Token: 33 N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\AVGBrowserInstaller.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\AVGBrowserInstaller.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1640 wrote to memory of 2960 N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe
PID 1640 wrote to memory of 2960 N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe
PID 1640 wrote to memory of 2960 N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe
PID 1640 wrote to memory of 2960 N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe
PID 1640 wrote to memory of 2960 N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe
PID 1640 wrote to memory of 2960 N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe
PID 1640 wrote to memory of 2960 N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe
PID 2960 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe
PID 2960 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe
PID 2960 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe
PID 2960 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe
PID 2960 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe
PID 2960 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe
PID 2960 wrote to memory of 3068 N/A C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe
PID 3068 wrote to memory of 1616 N/A C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe
PID 3068 wrote to memory of 1616 N/A C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe
PID 3068 wrote to memory of 1616 N/A C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe
PID 3068 wrote to memory of 1616 N/A C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe
PID 3068 wrote to memory of 1616 N/A C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe
PID 3068 wrote to memory of 1616 N/A C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe
PID 3068 wrote to memory of 1616 N/A C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 588 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 588 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 588 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 588 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 588 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 588 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 588 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2724 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2724 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2724 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2724 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2724 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2724 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2724 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 2724 wrote to memory of 2084 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2084 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2084 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2084 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2092 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2092 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2092 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2092 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2216 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2216 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2216 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2724 wrote to memory of 2216 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 1616 wrote to memory of 1136 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 1136 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 1136 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 1136 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 1136 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 1136 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 1136 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2232 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2232 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2232 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2232 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2232 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2232 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 1616 wrote to memory of 2232 N/A C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 2064 wrote to memory of 1808 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\AVGBrowserInstaller.exe
PID 2064 wrote to memory of 1808 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\AVGBrowserInstaller.exe
PID 2064 wrote to memory of 1808 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\AVGBrowserInstaller.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe

"C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe"

C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe

"C:\Users\Admin\AppData\Local\Temp\ajBFC9.exe" /relaunch=8 /was_elevated=1 /tagdata

C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe

AVGBrowserUpdateSetup.exe /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome"

C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe

"C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe" /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome"

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regsvc

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regserver

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgb21haGFpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHVwZGF0ZXJ2ZXJzaW9uPSIxLjguMTY5My42IiBzaGVsbF92ZXJzaW9uPSIxLjguMTY5My42IiBpc21hY2hpbmU9IjEiIGlzX29tYWhhNjRiaXQ9IjAiIGlzX29zNjRiaXQ9IjEiIHNlc3Npb25pZD0iezExRUU5QkZGLTE1MEMtNEE4MS05NDdELUQ2OEU2NkZGMjIwMX0iIGNlcnRfZXhwX2RhdGU9IjIwMjUwOTE3IiB1c2VyaWQ9Ins5MDRCOEEwMC03NDlBLTQzMDAtOEMyNy02MjQwQzMxNkRFMzV9IiB1c2VyaWRfZGF0ZT0iMjAyNDA2MDQiIG1hY2hpbmVpZD0iezAwMDA1OEQ0LUIyN0EtMDEyQi05RTNFLTQ1NDE0NzFFNkM2OX0iIG1hY2hpbmVpZF9kYXRlPSIyMDI0MDYwNCIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiB0ZXN0c291cmNlPSJhdXRvIiByZXF1ZXN0aWQ9Ins5N0M2MUNBRS04RkM5LTQ5NjAtQUNBMS1CRDQ0NUE1NUExOEJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjYuMS43NjAxLjAiIHNwPSJTZXJ2aWNlIFBhY2sgMSIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuOC4xNjkzLjYiIGxhbmc9ImVuLVVTIiBicmFuZD0iOTI0OSIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iMzI5MiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /handoff "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome" /installsource otherinstallcmd /sessionid "{11EE9BFF-150C-4A81-947D-D68E66FF2201}" /silent

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc

C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\AVGBrowserInstaller.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\AVGBrowserInstaller.exe" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data=iexplore --import-cookies --auto-launch-chrome --system-level

C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe" --install-archive="C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\SECURE.PACKED.7Z" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data=iexplore --import-cookies --auto-launch-chrome --system-level

C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{E456941F-F3BD-4E03-BDCF-4D6FFA9A7D11}\CR_09439.tmp\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=109.0.24111.121 --initial-client-data=0x14c,0x150,0x154,0x120,0x158,0x140097c40,0x140097c50,0x140097c60

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe"

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

AVGBrowser.exe --heartbeat --install --create-profile

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=109.0.24111.121 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xc8,0x7fef6486b78,0x7fef6486b88,0x7fef6486b98

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --start-stack-profiler --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1128 --field-trial-handle=1180,i,10963008263380258700,15943309300571522082,131072 /prefetch:2

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=1456 --field-trial-handle=1180,i,10963008263380258700,15943309300571522082,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1592 --field-trial-handle=1180,i,10963008263380258700,15943309300571522082,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe

"C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe"

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2376 --field-trial-handle=1180,i,10963008263380258700,15943309300571522082,131072 /prefetch:1

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2384 --field-trial-handle=1180,i,10963008263380258700,15943309300571522082,131072 /prefetch:1

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2880 --field-trial-handle=1180,i,10963008263380258700,15943309300571522082,131072 /prefetch:1

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2980 --field-trial-handle=1180,i,10963008263380258700,15943309300571522082,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe

"C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe"

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --start-stack-profiler --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3440 --field-trial-handle=1180,i,10963008263380258700,15943309300571522082,131072 /prefetch:2

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1112 --field-trial-handle=1180,i,10963008263380258700,15943309300571522082,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

AVGBrowser.exe --silent-launch

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=109.0.24111.121 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6326b78,0x7fef6326b88,0x7fef6326b98

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --start-stack-profiler --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1136 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:2

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=1464 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1548 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe

"C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe"

C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe

"C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\elevation_service.exe"

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2560 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:1

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2568 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:1

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --start-stack-profiler --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1368 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:2

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --disable-protect

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=109.0.24111.121 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6326b78,0x7fef6326b88,0x7fef6326b98

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3516 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3944 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3836 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3804 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3704 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3708 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3672 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3752 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3824 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3632 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4172 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4312 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4440 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3740 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1424 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4656 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4756 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4864 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3704 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4176 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4036 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3972 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3684 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4768 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4156 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4404 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3516 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4224 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5116 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4160 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3532 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4820 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=4524 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:1

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4168 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4692 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3824 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4040 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5168 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4220 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:8

C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=3788 --field-trial-handle=1220,i,5411757553981203696,11436749583613082273,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 stats.securebrowser.com udp
US 104.20.86.8:443 stats.securebrowser.com tcp
US 8.8.8.8:53 update.avgbrowser.com udp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.153:80 apps.identrust.com tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 8.8.8.8:53 browser-update.avg.com udp
GB 104.91.71.133:80 browser-update.avg.com tcp
US 8.8.8.8:53 engagement.avgbrowser.com udp
US 8.8.8.8:53 engagement.avgbrowser.com udp
US 8.8.8.8:53 stats.securebrowser.com udp
US 8.8.8.8:53 stats.securebrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 104.20.86.8:443 stats.securebrowser.com tcp
US 104.22.62.125:443 update.avgbrowser.com tcp
GB 142.250.187.206:443 redirector.gvt1.com tcp
US 8.8.8.8:53 r1---sn-aigl6nsr.gvt1.com udp
US 8.8.8.8:53 r1---sn-aigl6nsr.gvt1.com udp
GB 74.125.105.134:443 r1---sn-aigl6nsr.gvt1.com udp
GB 74.125.105.134:443 r1---sn-aigl6nsr.gvt1.com tcp
US 8.8.8.8:53 s-install.avcdn.net udp
GB 2.21.189.79:443 s-install.avcdn.net tcp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 104.22.62.125:443 update.avgbrowser.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 browser-update.avg.com udp
US 8.8.8.8:53 browser-update.avg.com udp
GB 104.91.71.140:443 browser-update.avg.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google udp
GB 142.250.178.10:443 tcp

Files

\Users\Admin\AppData\Local\Temp\nsyAC48.tmp\jsis.dll

MD5 4b27df9758c01833e92c51c24ce9e1d5
SHA1 c3e227564de6808e542d2a91bbc70653cf88d040
SHA256 d37408f77b7a4e7c60800b6d60c47305b487e8e21c82a416784864bd9f26e7bb
SHA512 666f1b99d65169ec5b8bc41cdbbc5fe06bcb9872b7d628cb5ece051630a38678291ddc84862101c727f386c75b750c067177e6e67c1f69ab9f5c2e24367659f4

\Users\Admin\AppData\Local\Temp\nsyAC48.tmp\nsJSON.dll

MD5 ddb56a646aea54615b29ce7df8cd31b8
SHA1 0ea1a1528faafd930ddceb226d9deaf4fa53c8b2
SHA256 07e602c54086a8fa111f83a38c2f3ee239f49328990212c2b3a295fade2b5069
SHA512 5d5d6ee7ac7454a72059be736ec8da82572f56e86454c5cbfe26e7956752b6df845a6b0fada76d92473033ca68cd9f87c8e60ac664320b015bb352915abe33c8

\Users\Admin\AppData\Local\Temp\nsyAC48.tmp\JsisPlugins.dll

MD5 bd94620c8a3496f0922d7a443c750047
SHA1 23c4cb2b4d5f5256e76e54969e7e352263abf057
SHA256 c0af9e25c35650f43de4e8a57bb89d43099beead4ca6af6be846319ff84d7644
SHA512 954006d27ed365fdf54327d64f05b950c2f0881e395257b87ba8e4cc608ec4771deb490d57dc988571a2e66f730e04e8fe16f356a06070abda1de9f3b0c3da68

C:\Users\Admin\AppData\Local\Temp\nsyAC48.tmp\StdUtils.dll

MD5 7602b88d488e54b717a7086605cd6d8d
SHA1 c01200d911e744bdffa7f31b3c23068971494485
SHA256 2640e4f09aa4c117036bfddd12dc02834e66400392761386bd1fe172a6ddfa11
SHA512 a11b68bdaecc1fe3d04246cfd62dd1bb4ef5f360125b40dadf8d475e603e14f24cf35335e01e985f0e7adcf785fdf6c57c7856722bc8dcb4dd2a1f817b1dde3a

\Users\Admin\AppData\Local\Temp\{78BE99FE-A94F-4D94-A439-95C112EC1DDD}\scrt.dll

MD5 f36f05628b515262db197b15c7065b40
SHA1 74a8005379f26dd0de952acab4e3fc5459cde243
SHA256 67abd9e211b354fa222e7926c2876c4b3a7aca239c0af47c756ee1b6db6e6d31
SHA512 280390b1cf1b6b1e75eaa157adaf89135963d366b48686d48921a654527f9c1505c195ca1fc16dc85b8f13b2994841ca7877a63af708883418a1d588afa3dbe8

\Users\Admin\AppData\Local\Temp\nsyAC48.tmp\thirdparty.dll

MD5 070335e8e52a288bdb45db1c840d446b
SHA1 9db1be3d0ab572c5e969fea8d38a217b4d23cab2
SHA256 c8cf0cf1c2b8b14cbedfe621d81a79c80d70f587d698ad6dfb54bbe8e346fbbc
SHA512 6f49b82c5dbb84070794bae21b86e39d47f1a133b25e09f6a237689fd58b7338ae95440ae52c83fda92466d723385a1ceaf335284d4506757a508abff9d4b44c

\Users\Admin\AppData\Local\Temp\ajBFC9.exe

MD5 acb51434fd82eb460b052f05950b8dca
SHA1 707d192db2ce7cefdefce3037dfb85a18b8811f3
SHA256 29ffa251cb267969af445eb664df04d1a7badbcade61a7f754de42b6d4340055
SHA512 013dc0abcc9760c6298b7e48007eb1ac4bc2e453f06c1ce4aff218f50cd1e2c4bb44ad6bc5687edb057df8b0e38fa0aaada7a8d045ed08412278d3031527229d

C:\Users\Admin\AppData\Local\Temp\avg-securebrowser-web-tags

MD5 4c94408946d796a8b19c17df5cf0562d
SHA1 89056150d90683f9548dadc308eb2789a67c2a47
SHA256 68042cb47d900c4110ffc5f46e5f8395b35f42d33fc75e58ee34c7f5d8726de7
SHA512 96a31f0b7254f42fec787233e2d11991709bc0b2514d163dd1f7696015e7318f9810d9811473fc13d6782d65e40f6a94fe6a7ffef3cb962032cff3bfe8b99a29

C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\Midex.dll

MD5 581c4a0b8de60868b89074fe94eb27b9
SHA1 70b8bdfddb08164f9d52033305d535b7db2599f6
SHA256 b13c23af49da0a21959e564cbca8e6b94c181c5eeb95150b29c94ff6afb8f9dd
SHA512 94290e72871c622fc32e9661719066bafb9b393e10ed397cae8a6f0c8be6ed0df88e5414f39bc528bf9a81980bdcb621745b6c712f4878f0447595cec59ee33d

C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\CR.History.tmp

MD5 90a1d4b55edf36fa8b4cc6974ed7d4c4
SHA1 aba1b8d0e05421e7df5982899f626211c3c4b5c1
SHA256 7cf3e9e8619904e72ea6608cc43e9b6c9f8aa2af02476f60c2b3daf33075981c
SHA512 ea0838be754e1258c230111900c5937d2b0788f90bbf7c5f82b2ceda7868e50afb86c301f313267eaa912778da45755560b5434885521bf915967a7863922ae2

C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\FF.places.tmp

MD5 3476d4395be1207da665dcda0a6a2472
SHA1 9f491995d1da8d19de2d055f1e13bdd0dea295e9
SHA256 f96ab4ba458d267608cc847d760457289317883f0a5add517be53f39a6d8cf97
SHA512 23011454397ff897211779e8a46ec0a2a99cf302842bfd6216980fd8b7d6c9200a1fc0cd3f47bcbebc2112c23877decc4a52d3d32afda97f7c1aae9db0d21949

\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AVGBrowserUpdateSetup.exe

MD5 9750ea6c750629d2ca971ab1c074dc9d
SHA1 7df3d1615bec8f5da86a548f45f139739bde286b
SHA256 cd1c5c7635d7e4e56287f87588dea791cf52b8d49ae599b60efb1b4c3567bc9c
SHA512 2ecbe819085bb9903a1a1fb6c796ad3b51617dd1fd03234c86e7d830b32a11fbcbff6cdc0191180d368497de2102319b0f56bfd5d8ac06d4f96585164801a04b

C:\Users\Admin\AppData\Local\Temp\CabF702.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\TarF7DF.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Program Files (x86)\GUMFA08.tmp\@PaxHeader

MD5 fc8ee03b2a65f381e4245432d5fef60e
SHA1 d2b7d9be66c75ccf24fcb45a6d0dacedd8b6dd6f
SHA256 751a04263c2ebb889fdcd11045d6f3602690318ebaaa54f66e1332d76dde9ef4
SHA512 0837f2b22c9629990165c5e070e710a69ad4951b7fcfe28bd52354c4b8a7246672497b8aaf521a8773c7ec2a4249fc4318330948ab0d8db8c6c74da57b32f1c4

\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdate.exe

MD5 cbcdf56c8a2788ed761ad3178e2d6e9c
SHA1 bdee21667760bc0df3046d6073a05d779fdc82cb
SHA256 e9265a40e5ee5302e8e225ea39a67d452eaac20370f8b2828340ba079abbbfd3
SHA512 5f68e7dffdd3424e0eb2e5cd3d05f8b6ba497aab9408702505341b2c89f265ebb4f9177611d51b9a56629a564431421f3ecb8b25eb08fb2c54dfeddecb9e9f2e

C:\Program Files (x86)\GUMFA08.tmp\goopdate.dll

MD5 04a6438c50564146e880c5eb9d57905e
SHA1 edf5d454de99159d832cc9bd0d8dbe132d749804
SHA256 26109d47bf9960e531888e6c545ca8cfc24fee2202b549df29fb8bf9c58e0812
SHA512 8705d0ab2f8a6c1ef567ad00b33ff2cca01391b105eb0ade201d981f091e4ba87e709860ab9849bf9781698fb42ab8efe53ea731af310781766bace1eb1dc19d

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_en.dll

MD5 418853fe486d8c021d0cca2e85a63d63
SHA1 9504500a7b5076579d74c23294df4bdb1b7c517d
SHA256 4cbb2591c1eeda32bcf295685c993ce4d16acc968697fa12e2a00a1b7c4b37a3
SHA512 dc2ab4e2056e6d73a274d700bc16f75c7c687b35874029c1908b183428dec010373045d4a52eb3f5745f8b91d624cf5d40cd7f37e353f3a41348e2a054a266a3

C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserCrashHandler64.exe

MD5 deef1e7382d212cd403431727be417a5
SHA1 fac0e754a5734dd5e9602a0327a66e313f7473bb
SHA256 7d410e9eabd086827b16c89ee953a643c3e2f7929616c0af579253fd8ca60088
SHA512 6b472a57fb89b128aad9ab6313a9ce8b171f7d73264c67f669adc5cf1f0421d81f654dad1419b620476abb59dd54e1aa03a74a26c5c93813f6fb8575fbd97d4d

C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserCrashHandler.exe

MD5 f73e60370efe16a6d985e564275612da
SHA1 2f829a0a611ac7add51a6bc50569e75181cdfd58
SHA256 9cf076866935a0c64366efaeff2ec76d45ac816030ebd616fd5defb1870bc30e
SHA512 2e44e87c285bb7b72d45c8119d08ea6f2d13cea77cf0005a3cf530790bb86c7f2df7c5edac9d86c9d7214abb224738c3bf6b31f6bf104051512bb1de133042dc

C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdateCore.exe

MD5 dd5dc945cd848bf503862d0a68c3ea5d
SHA1 9b277a0c733ed5698b0656da8c3b99d2f90c7ef8
SHA256 8cc98345e367b083f545ace66d93bf69e03a4fa08b84805a9925fa4c94ef3f8f
SHA512 f6eab8422bde24d89a7723c6175b4197a50e18aa0bb5b8f419e5a23b265d85dcaacaf136b8f6ef6bbf2bd6c0eaecd8f86093f594fb98e596f4b39e9c6ff227e1

C:\Program Files (x86)\GUMFA08.tmp\AVGBrowserUpdateComRegisterShell64.exe

MD5 2a3ad7362e6c8808fbb4d4ccaba4ed4a
SHA1 3f896f7df7fe202f4a717713c503665bb4dcaed6
SHA256 4dcd341907880c8dea840819628b19c5ea42ca2b5c61ad57147d0ac7da9b6759
SHA512 892042ac713e4d5b488262a584355dafa18d967035788799c1773eb39a4616461beb9d79a230d9f85cdefd1b4076b8a5e1d4bde17254bff1f08c3eba56469679

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_am.dll

MD5 ba03b29d5d44341084eb06bea8f1e702
SHA1 7d8dd7556ea5e299b55ddc7477ca758fe2c64f48
SHA256 6a6aad33e2910c29a6d919aad074d89359c5e6723ced7ba4e215a62e9513749b
SHA512 29f902587b7078deb12bee6bf9993748109749ec12e6490d5f84bc9c532a5a1f414149d5760641ef052611bf2d441423d115dfb5a4c4c6f5e6d6a1f386924cf2

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_ar.dll

MD5 9c77be0843f0fe4864a04f8d5f24a593
SHA1 be03adb4d3c33520e652c7a6ee45f09d5ff54a54
SHA256 39547fa5d7b93856235288b1021699b4f36f0bea10b10d6b89ea184a3ad77bb1
SHA512 f504c98b03a5d72c078b38a2cc4fdd94dbed159f5a2ed47c2c4a53fc6ec8a3b1fd969d5ad85fc7503e64427a36adee7a14f15f1275a9194103e43c8a8ee45d28

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_bg.dll

MD5 c0b41217fc33a6a53ec69ae7399460f2
SHA1 d7dd8d543b7297f1a1e138efa1806972c9489c3f
SHA256 d75a1a41ad7e5277576e3bdf35a858be3a6f540d21c8ab4156c842d8f1b3295b
SHA512 37abb726b78421aaccdbc94b358cda6b581e89ac519258eb39c6a7f0706cfc64c3a96f5c29539ba67c6e2d2afd6f10b6b0c063b54366c03376ce234d132a8253

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_ca.dll

MD5 f951cf3ca93e5ae5fc1ce2da93121d98
SHA1 15bc869406857437babe41cd3f500c356913499b
SHA256 eb00cad19ed1d16f52928962f2cc6231d65eb74b2314976ebeb1ec860103e746
SHA512 b77086ad2b39723d697d7839d9243c1c0769a2cb0f6287cd3f2d64eabd6a48d8fc2d253e9089c6586637ed5dc5970c2608615fe77cef5003f0c4d53401ef73bc

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_cs.dll

MD5 7f3dcd851645d3d75f636c8440fb057f
SHA1 85debe41ddcb46555a0d00795e41e460a35583c2
SHA256 0b31785d1931580cad5ef16d4ff5723802d12c38b56746e70fcf91d71162e043
SHA512 d0d21c397899aaa6a718b77195a6af1556309615616fd6583ecb84b04aa7087e76eb5fdd6cae0a4ff1c0f85bf72e1f51ae002042078095f640eb95da363889e4

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_bn.dll

MD5 aedf6d96ccb64f488379bb1fe65f697a
SHA1 901bbb7873d8f698f49c4b6be74fb50b353d7b5e
SHA256 941d22186ef1bfe27052e78d21944d6088cea152d1ede51452f04fb032c92f90
SHA512 d1d889a1fe75924f3569e07d9ee3f552afc02165210f5c439d4697be898b72db397bb89e7d0706259f92c1cb5759009f9e1ba5c52f764e63514b3da41dada1cc

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_da.dll

MD5 9a421423686559027e4301d36bcf58b2
SHA1 9669424f4e7c765ddb917a515d5a8b1486f87daf
SHA256 9d8ff148793d99974fab93f38027e1999323a48620b303f82170751be5dd6b69
SHA512 f5d62fe17a820323c4b1832cd3bd9c8fa291d44dceb88a8a1a8f94c6166e550ab9baf9357c5ec3388230bc75f0ccd3aa2d5247fa5d242013d22c61001128a951

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_el.dll

MD5 0d15748f01df49dae986f1e27dc098ef
SHA1 35a435bdaaf47795977b28cdae2e4ea1fdae73a3
SHA256 df13c38061cb0b02dd8a9023a17da0bbe1cda6fdedad5203129fc702c7fdd9b1
SHA512 290e9936f50e3bd11c1b9d28decf3b43f5e23bbff16801e7b0491690773d057b6bcdcf48c48a7ee16fa2400723b3e974e2b74e3899590a8e660c2e9c78b9d141

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_de.dll

MD5 1c15851d9dd22e4ae3f3bf249da79035
SHA1 60fc5652b5e1c55056c961d4d3b961492cb3432b
SHA256 a9dd72a08c0c58a71b2289d76efae681a5c8eb5faf73e49b873f15ba4050baa6
SHA512 6da386c35b317f39613da73340631f927606bccd0a8c626537eda896eb32c9a2ed1d71c7cf838f1a4b90553f3f788eeb5e02fe84774fb0ad2f574bf4e4d7e248

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_en-GB.dll

MD5 02465169cd873c4492196e03457f2771
SHA1 837ca5e54a8c12577d0d05a32996dfc04067c5ea
SHA256 4eb9edf550bf1f66382e5d8bd4958438891cd2ca46557d14f4b945dc176ec025
SHA512 e73b5f3951050f2903b80b89d2b9fd9ebf69adb922eb8238ef4c01f413ae67727d7598d4ac15f7ac8b9257aef0139e0924c70c5898357142a303d7e2b15394c3

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_es.dll

MD5 5f8ea18786d5ef1927cd95537abc3ae0
SHA1 5530650ecc719d83b7aa89e0b326b5698e8adda2
SHA256 fa416294b078226a8919dbb8f75533a6ef96d63d5bd17aac854eae68791433cf
SHA512 577dc7d19e4443e8aede759a781826c091c17d12fb06e89b1306133f21e01dab919045183a916e1b5647ddf485134a8459745a9199df5c7e36abe192645d8e25

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_et.dll

MD5 5029406d9202d6f2f279fdd3a06f55a1
SHA1 dcca8bf9392faa0038c6cb5d25929726b16804af
SHA256 cac545e04d701c39f4a730aec4c3dad177d8ea4baca10651f150925644874864
SHA512 519538e05f8e21966e4878291692cf25057bba3c993c0034a33b1da7c9eb0a8fb881565717ceb6c1139fd601b73b1f1e2aa46e20aeb6b93f897cd2ef93172934

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_fa.dll

MD5 8564514501256ff045cf7aa6c1b5a797
SHA1 40b9aa8d04c48fe2ecf193c2089418ccc938676d
SHA256 f3f46a6da6c8ccb3ce7fdd0cb5882f45523decca95852b8c775bb90f8e92c1b3
SHA512 701077c8a1c70c1bd0c35f54aa838dba7b7b6f832e0ef2776673092fca546276166c3638676451c9655086b740b9e193cd54f952fd5fca481b964083b881bcc2

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_es-419.dll

MD5 3e5971e8559c77e8901ce30d14034730
SHA1 04cc21ac4a84abd29f7d7585282345881fd81721
SHA256 613418b8779f7440b88f1734d6c514706df9dc9a58a623966cc1c9ba4e29c28f
SHA512 b4592b25cf676db6d6de1be811c39bdeecc24bbfd4dc72fa4b3f97de866f9b0fec7c85f7d56f048f61829c1d8b4109e4a0c7e14a9e410e30a6a8da702941e00e

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_fi.dll

MD5 57dad7c22bd635a5af8fcdcd63d4e530
SHA1 8aa11ea5c1cacd9b23c29989f22e82c43c827d0e
SHA256 1e0d05927a455115265db9308e0f78ffb7bbb5442f36b8483549efbe415454a2
SHA512 4236609e37ec41bf46d0f45e228c9021c1624e2f98a642eab513d290a4482da13764fcc2d044f78ebdc09e0cfc63a251678d169cb33e251d6f6d5de9b96c31b6

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_fil.dll

MD5 5ed0105f4043466a99557dde1f70e97f
SHA1 c57c935cc4b25b6375ab3fcdfbb265f4c586ec3e
SHA256 cfbe0120ddf8d5574f7c44c85488f53aecec4df9bfb25f1cefbabcad5af46096
SHA512 4fa641810f758e0031388ec146467fc130780e2f2cc8495b6a2fff0679d7bcbe7526356f85a97b5338e84d791ba14e812b2c182fdae01763640be3324fb59526

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_fr.dll

MD5 8ddc3f7276c12ac407cadcda6e2a3e12
SHA1 78c5e802f67c8b6ae3fe13202e6a54d3cca69df4
SHA256 7f2f0f9f443a022f5aedacc40c28d0654fec488f34435c75979118464256a8b7
SHA512 0d05bdd2d5e9f36eb09182e8b13507ba03e256c4aadb77bbfedf29584a47fd1e0733a825a3f687d3058e53c8075caf6dd9d24ec93f1bdd58ca97106827323540

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_gu.dll

MD5 a4061e8408cc59cb898adfdc4f173278
SHA1 ae34e3058a40449481590bb3a63aa0225b4f6f98
SHA256 e033c950ecc6333dfcb944e70622e77a6498ba0e23fd144117dbe9a2a0c15be6
SHA512 d8a847e9a21c86c7b9b072e16914f42185e3c0e1d99f6ea5259382eb0fb89578c7a7f9f62f892f1d20be180dfc327bc076ea038057895c8b92cb1f0c053e0b2a

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_hi.dll

MD5 38525b8a1b15a8aeb4fcfc8bee8358bc
SHA1 ac2ba33b8ad778a8165c87b579dad0dbef5bed75
SHA256 271e83bc86e490cd5b6cb9cb34057c7684d233c56a53f4f553aa07507c9dae52
SHA512 ad8df196174ceeadce4588dcd365066665267b922078d92b328ba661a4ebfa6d06b4263a4b8a28e4efb4d86e1140d71a3c3bf4b7b60970aa20552aa7f0c73acb

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_hr.dll

MD5 27c0dbd61a71420bb4d1a0be2373a175
SHA1 47b4c107b711caf5a6b2978bd6fd6b53ebdec5e3
SHA256 43191a4c507a112e96e06f959b6cf78406bf970b021ad8d7db59d1b9c52779bd
SHA512 d1f20e9a628bdcbd26b8d5de89b87bdbc8dab871651c86d47c023daea86c7ada0a565fdd05b48c7643a63db044639f4eb89d1640e58c9b32722e4926c3c5e72a

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_hu.dll

MD5 114cc594fab2e564ccb24a826f3623e4
SHA1 c3c3fb4ef6ea6ff0e7a1e0289320b2fd2788b03b
SHA256 c89e223a42d7173f915dd088ebc84b0048cec772bd4221b4b90ce4c0e419ffe6
SHA512 9a7eb5710340cecb2d32de26322dc862812e185b6d260d76c0c7f642f30cf9e43c88aec76b515148ef986db0c77fd0e31f71c8fd26d56a4cc72dff0d023abb5d

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_id.dll

MD5 7e7deef6ac35c9d52410fc356391c7e4
SHA1 43b3d918867a93ba109a3e4eacb45f3cd5c40b93
SHA256 963f4d2ad7ddcdcfb6185521c0590a92f2014897d5f5f525471ac81f3807fc5e
SHA512 9eb0e9be0a973693b4bd167f6c1118dd9d702b1951a90f0a3a6103e77c43ee6afa173b79d3ab21fe94a98c320b17ab0b787cf5b6ec47d9dde9e3e8c14b8cadc7

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_is.dll

MD5 dae35fa037b6248876347521c5298566
SHA1 8358fc05a675ea56f720052fbb4b384d97b94d86
SHA256 ce0652b8dfaf21b6192b66bf75e140b3d72aa545e0edf62d9e82e9b0878ac5c5
SHA512 4158b8fef0da76ead12b5d6e421c5709664ba84d1ddde44ef6bbd1023084cad3820a37abea03b206635a945a2435b301234cf5bac3c8e2861a852b2699036ade

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_it.dll

MD5 3ae3106694098f8420b182ad5e3354ab
SHA1 bc9dab621b03d4126b97c260becd7f4525255462
SHA256 59b406b29538c3c3d0f060b5fc0ccd36556f8a6278327935a5475c6b21741dc9
SHA512 f3625be57976083d642b01a41a53d6db6cad3bfc584a50de3565fe10975a5d7d2cf4f8b41bcdaa5ac70f8fc4ada113084de07e2ed45f26401dc2d4f8f4c322a9

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_iw.dll

MD5 31227325c8617b308ccd268c2be7e72a
SHA1 71e369f26e644e643fcd538d933e4087dd593f1f
SHA256 4a98e34a528eff04c2baf4e9e50489086e58d2e32e1851f33674abbe5e104c68
SHA512 ba8d94dde5b7b74a39ed54a5f3e47a558e0c1deb632018c82423c06806071143851bb1d8c7a7bada6f13e71734e7a29457f3741266972b777cded41c953a9645

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_ja.dll

MD5 0cfc5b7b3f86d6bfaec9a0713da74df3
SHA1 81a278fdee9edc302fe4e7a88c9addb230ce6df2
SHA256 1d7fd1b6a614538530385e7a40efc95d3b8be75057ae03bf999aa2419d1f9f24
SHA512 8b8f834ccee41c69c581f0b80f26b0cdb536f87bebd5a6b1f02cdf6f1aea5cf5b29c356e82c7a8fd591bb16c0938a790ac8f90f6d27edc95fc48a5aa3c30cbf0

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_kn.dll

MD5 49000b4a101e635b05123f21b360b492
SHA1 635f697f41c0591168e0eee10930728d9dec5a53
SHA256 a2aab58a4397c040bff69d45bef4ede6842034bf897799a9347232c4b6c9c7a5
SHA512 9b62c2048e9c132089cce7da02ea5c95b5856f1c6e28d5581f4a0b1748e681bdd78c7d537d273a64f9d476e4ec62da5c6021cc1ccb69f7bee216e7bec6ddc6e0

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_ko.dll

MD5 dd2f783c0017630f9a2969957f4eb84e
SHA1 d42218de12a7c1c48fb5e7d60e61e32ce0cd9ac6
SHA256 07e63e0e3d23f192ac131efc459c2d9f79a4ecdc39403d43fbff320c4b5fa261
SHA512 689f625df8aec45a6343249739ec094cbb1245a9dd8847ffe6bf62fd2d7042d529f77216dd22e8b33830cf21b158f0ef6ea42af2248051c8d97205eb0229a22b

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_lt.dll

MD5 38606bfb6c9bfdf74503f833ee2733e5
SHA1 670abd1279f642ec7b19f663e53f2813a716331f
SHA256 df6c4228da3bf66929d81b99cb35df4a4389418490144630e1d9d5f422b56b38
SHA512 6cc6f2fb0e5bf0241656cce5dc7311f05b8d79633f2176f8c172a9fcfa9813e3963576363d539fa1a8a58fa6bba138dd0baa7562274fbe99be5cda60f4671747

C:\Program Files (x86)\GUMFA08.tmp\goopdateres_lv.dll

MD5 83c356f6310d51f8ffc1d67d580f5914
SHA1 f9bc318975f288fa47e8426b4c450a93b10af45c
SHA256 98e35cea7cddce15191594a70f8e15ff2dd1c02bde87225af0331441c65bca26
SHA512 28a26cb1d88d072d7898ed27c3e9d056efedaa2cd9eccf951429f41df2c0162be3c14e58cfb4cf50b633d759825fa815a9249e7690d2ab75f60424b30dbe0424

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Windows\Temp\Tar1C3B.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Program Files (x86)\AVG\Browser\Application\109.0.24111.121\Installer\setup.exe

MD5 3154bd011dbecd86e6de6db6393b1f72
SHA1 914b3a63458f2dd05432bb5e4d8fc53966ce2ed7
SHA256 f5d036674fbeb5ae3b6d6208054151a1f280994cbf8ef80416d54cde1864d119
SHA512 a92a5246ccdcaabe370c0eb60f4fb1d7dac672db1ee70acb06f6cfe227d343551cd6f45919906717ec29dc213c56436ff4801bc08586e6a679fb1d42b85b2987

C:\Users\Admin\AppData\Local\Temp\nsyC370.tmp\AccessControl.dll

MD5 c36eb8336b91d277dfa8575eb00d6364
SHA1 9ec81b49e7675548449e010950bc50bff7cbc960
SHA256 4336e05960fee8c775b343209911f14acbfdde1e8d5aa9d1f0ea680fb4407307
SHA512 0abe6e367d1c934fec8a89617b5fbfea5ab7f8e557ada7a667aedb495f637c8782a2f4723c2d68b9edae4f426deb5bbc0536f643fc65ecc2cd33295078474394

memory/632-675-0x0000000000060000-0x0000000000061000-memory.dmp

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Site Characteristics Database\CURRENT~RFf783b6b.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Sync Data\LevelDB\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Sync Data\LevelDB\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\566862bc-d4b9-4848-acef-533053c770ef.tmp

MD5 af4279bfe0838ee460bda756579f1b65
SHA1 5801c6f2a9b1f41dec47d9cc88335a47cac1bea0
SHA256 34ac120fba1e4ba7c8de65264e9446e84b37053c01a280809950a0c47486330b
SHA512 67f3104b87371a58e7e72a42754c43dac33f12cf2afa1272d0bc0a7499d0d8d38f49d3b8303d6ce2a2b607c7755cd238d1ca38a66923fd8b3d8c6c541f8ce4d7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\ShaderCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\ShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\ShaderCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Sync Data\LevelDB\MANIFEST-000002

MD5 22bf0e81636b1b45051b138f48b3d148
SHA1 56755d203579ab356e5620ce7e85519ad69d614a
SHA256 e292f241daafc3df90f3e2d339c61c6e2787a0d0739aac764e1ea9bb8544ee97
SHA512 a4cf1f5c74e0df85dda8750be9070e24e19b8be15c6f22f0c234ef8423ef9ca3db22ba9ef777d64c33e8fd49fada6fcca26c1a14ba18e8472370533a1c65d8d0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\ba7097c4-d05d-48ef-af2b-935bd4b18492.tmp

MD5 5c2cc7ce0950702bf21892f7bc8ccaa7
SHA1 880d9719011a1ec21736b29a8ca9353b828337b5
SHA256 9c764714fc9accf29f0f17c1a2711adbad3eba552267b8f02d2ac443962f232e
SHA512 1ffeb08eeec73358e3e350f39938050d58f83dbb60480b78e09b4f7eae3e04b278854202e8ed39bed7222b1592b1a22499539dc192f1c7ca02972797eb434bea

C:\Program Files (x86)\AVG\Browser\Application\Dictionaries\en-US-10-1.bdic

MD5 4604e676a0a7d18770853919e24ec465
SHA1 415ef3b2ca0851e00ebaf0d6c9f6213c561ac98f
SHA256 a075b01d9b015c616511a9e87da77da3d9881621db32f584e4606ddabf1c1100
SHA512 3d89c21f20772a8bebdb70b29c42fca2f6bffcda49dff9d5644f3f3910b7c710a5c20154a7af5134c9c7a8624a1251b5e56ced9351d87463f31bed8188eb0774

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Local Storage\leveldb\000004.dbtmp

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Temp\96341b6e-814e-41a5-be90-56ac4776e6d5.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Temp\scoped_dir1428_884216614\072a144d-7ff8-40aa-b96c-bfeaa99e2ce1.tmp

MD5 79e1a051e0bb64259538622f94be9988
SHA1 9b53e95bdb4a0923ed84a69972dc7168bc2fc942
SHA256 5bbcdbe935746ee78233c06331293ccf7a62f359cfd2d88a910cfcb8d9ec65f4
SHA512 6beb6aaf5afb4b5f36cee371a149ce5dab8a4553446553a1341996affe10f888f6ec2de19cf3ef355552d71287844fa8cf988d90bf050008f4a7591cfaa31511

C:\Users\Admin\AppData\Local\Temp\scoped_dir1428_905736226\cae8068f-2e3e-44d4-8769-0b8ea2f96a20.tmp

MD5 21b06e448a0bee23eb6b80dfb39f1e82
SHA1 d60b3a9021a704247af4ba58bd539d42f780661f
SHA256 3cad9f24f2ec2bee7bef2410ef713924640bda964e865096db6dde37103481ba
SHA512 9678b1302eb289f04c0fad0a60455da7d24da4bb72177561f8668f0995d695485eba915bb222d7231a8188ac6ff3b4b0ffbbfe3b725b9c0112ca6af9465f5709

C:\Users\Admin\AppData\Local\Temp\scoped_dir1428_106061592\e63b9093-6785-4a4c-a7e3-edea51817497.tmp

MD5 06d466a1cde4306356506b35153c5ebd
SHA1 c43850528e8150e1f0e253653d2f0155d00585fd
SHA256 6b1205e9b435c6241ab9c244b1dc3c309c1d82211268501e71e43c4425fbf590
SHA512 5d79ae61fea7097ddf4b5f2c639ddd1ebdffb7d0e69b74aac47e166afbe94e88e3a4dbd1cf34d55c6c8b0fcba3c30b676c8460b120470c17278caf22896b0b33

C:\Users\Admin\AppData\Local\Temp\scoped_dir1428_1821403576\088dfa76-ac97-43d8-8ee5-ce67420d1e5f.tmp

MD5 65a028a0d2831eed0228ecda4ab9ef2f
SHA1 86d5eaec3e1c7ecde3f37ab36a017599ddcb2138
SHA256 5cae2b06bc5525e26e08cfaa43be7a5f8df88053397676cf81a5402a1ea0059a
SHA512 edad812dffcc0c8b399d3c5c216973bab2fe9e9dbc0d2c6efffc8cca5f1c58e126b83046c4c90febf003f3afd3d3c12c9ba46ad9d18975f2a6c5094643ca4f87

C:\Users\Admin\AppData\Local\Temp\scoped_dir1428_1981639573\aab6f44a-2a08-4fe2-8f5e-65369a053cb8.tmp

MD5 ffcff8e2ba102530ce54f9ea1529ce48
SHA1 0d3ebcf3ca535032d825b6a0c5a4c5e45733033a
SHA256 bfaebcbdaf420eac93d20ad94680fd13fa391bb8d4f7a29603b5172628fc093f
SHA512 e5c8aeccc919a8b07442bb291b1da38a0f82f5a1352b8ac1edbbf9b471675b92cfae53d118c819ed32dc8992ef8efb943e8ecea73d28706a7c88b8d83fd025ec

C:\Users\Admin\AppData\Local\Temp\scoped_dir1428_397505502\6eb34c42-16b0-44e0-9b10-93af30c4b2d3.tmp

MD5 d343a7167bf2962f27b54de17ec166a9
SHA1 cec2497d5ea819f05be656b8e15f79a6eaf27acf
SHA256 a00f73fe6dedd17fd34252c40d89c6be5524027ddb2c0effdbb298d7d7065de3
SHA512 64ada12e0bbd202c2f4817bb804d7583baaac469eaac0fd8db0df6bbc9d8d33603feb0cbeae6830b205fa056765da835b0e35b0733e3ce8964b8890aba382a4d

C:\Users\Admin\AppData\Local\Temp\scoped_dir1428_1440326505\631bc258-4ff6-4833-a29f-f1793bc3412a.tmp

MD5 f50e00df362d5a597b9e7f549df2587c
SHA1 cf6aafdc3f25bcffdcabd3a5db2e40d1cf42dbc9
SHA256 1518106d36a5770684ce0cd86279e19ee601225d9222f7f555421990a130eebf
SHA512 4691ef983c58d2f027bb0a283ed0a3b11da972588c4c4ab3462fd2e4546f0df85ed1c1f56a481cd86470e3ed02ee8859f22bd04c75a47ce1fe5cb5c983e64577

C:\Users\Admin\AppData\Local\Temp\scoped_dir1428_1498056949\9ac3efa4-7f8f-4151-bca2-5e41d733515b.tmp

MD5 f75cbfbb5eaa5f46574955ed6651da78
SHA1 4ce276c03898e57667b401761fe1df5f11304a68
SHA256 643962e7cc16bb8e9edbea5f05473764199c7179d06a65bd88a0d101d1d5a9bd
SHA512 287847c5caae39fc80e90ae105a5fb0c9349f402872721c599eb9c9ccaf171437879f0ef8bdeae923bf4520befa316b60acd3e975caf8496f05dad24e1b34e40

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\87bf23da-7e1d-4d49-b3ad-83bf801e9dde.tmp

MD5 e975a3b9ec5c16b02734fbcd514c2f16
SHA1 e7fd5f86a62d18e95b3b8db77443b68a65473245
SHA256 2c7ef3c1ebc9f487ed24e63326d377367afd1051098cb740cda2e8f27e676dff
SHA512 50baa0921171d5f9451bf5455b0eb1e97708414eaa4c83e43835a7a748bd562a397df78761c30cc151bffbbab842cf0e935e438efb41090eb80ad0d582240f8e

C:\Users\Admin\AppData\Local\Temp\scoped_dir1428_106061592\CRX_INSTALL\js\options.bundle.js.LICENSE.txt

MD5 4e994bc011dc4913520bd9f4cefd135a
SHA1 de9aa409a953bce76c488dd9b7297a23f63eb909
SHA256 923090b15eca2d9a8c7f02431cbc23961b45e34a33c6ca0df8c162abc6f91688
SHA512 2d64ebcf3b135c6249d4883c54de3f9bc0cef36c9c071b1295816ee416481659ee1f62d06c92c1b4a92e48c88cb29312398d8cf4e54d3dd5112d801ef3b080db

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\gjcfnponmdkenfdibginkmlmediekpnm\1.26.0.854_0\webstore.js

MD5 ff713828113f6377533d41a36bff5ebd
SHA1 7157c2333be0a6df2db2dc0c25d36738acc823f4
SHA256 60657bad3b62a195d588178203e25df302ecdb8b51fcc49cc4f628aed8998dfb
SHA512 b55bd6b59b57003785db6a8f7e0f46b2ff4db619b4ea143c09f1e456ff1c5efffa46226984849cd8da98f48c06a79a4d00edccba3b7e1d4423e448f1be001113

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\gjcfnponmdkenfdibginkmlmediekpnm\1.26.0.854_0\_metadata\verified_contents.json

MD5 0e7bfb2084dd49ad6bd4b927d594794c
SHA1 ba3bf3c75cce643968c7a3cb9fe15f9010d938c3
SHA256 e281d85bb3163e6ec3ead28efb084400207b64e690c8302d87f7924b821e0064
SHA512 2f10dbd08b917c8c674cb658e9911202d6f601d089ee66f05972bf03e27ff48c2b02bf691bbd30da83ed9a4aa0f8b9f72dc3c0fad4d3754833713b8489484060

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences

MD5 596506ffafc7174a5e66869ede3bdd04
SHA1 7036f3d46b5d2002948adbf5a110c63fa6389de0
SHA256 0d7f63a28ae3bb862da145b29a60e5d9ca5c0b8795c815993cb7b5021e99bd22
SHA512 e709ea0047768f7382cdcb4ea9bd59b3974857cc3e0d333e50e0541696069093857fc2a65456744c17be6c645168ea0e4c2734dca2d1bf02ffed99f2211fda83

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Secure Preferences

MD5 3e83c296a256436ed1be25b820bddff7
SHA1 47a96ccae18ad7f54f2b9b55664c9b8c4c18f9f8
SHA256 97fda1867ba33499cad49bf7002a317d4cd024f25a021c7de592730df12958a6
SHA512 14847aceecce45c93cb41a2f8c634c81cfed31016dd3f3918ba50d1817b744610c313fd3daa6d32a6317fe13f0aca82e8ddf8dee7dbdd2242c22d2064f68f9df

C:\Users\Admin\AppData\Local\Temp\scoped_dir1428_884216614\CRX_INSTALL\img\common\extensions_page\icon_16.png

MD5 67816b9f9f56727c41d64793d0eb4902
SHA1 99dee423dc2ec6ddb923208240b2fd13409c8ca5
SHA256 7b9847ea5d27c37df0430ff4056ecf18b2248d18a10d7ee1cd7f8908f0a82d5d
SHA512 6fab420866894593620e95ce3cd988e6a9525b6bdb0b4577f8ee5fe513f3ba187996ccbda9d0b54b493122136e52c7bd179da22cd8106725f24401816429a3c7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\gjcfnponmdkenfdibginkmlmediekpnm\1.26.0.854_0\background.js

MD5 d0d58c54aa20e17a2fc7c90c5cbe97d5
SHA1 59de8f3d461128d40634dd9359eb8fd54d47fd7c
SHA256 c533093e78dd57b7358b779dc5a8f1ee2b2fb0d79e3a38d4f3a9d8cc0b9d7149
SHA512 c3c83771a5d3dfcb8cd03ef10bac4d55408444b17aaa1e6c88746a9950c8fd4051545260b8bea5c01e8f7572a470b6da862fd861e8e12be9bfa235487b0f8aaa

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Secure Preferences

MD5 8a432f742c3faa6c352a06f88c6b813e
SHA1 c541d248cf86fd3c48eb8d630e71400e4a85da6d
SHA256 76b9e91729285466314684f93b43cdd3cc6261e2ac781b62e96025faea1fe0d2
SHA512 dc61070a52f076c1874c60c02967f4db7d674dd30f5d17e84dca5b1c2e1513d8dea7746dce95c27a89de41c728bec8a88cf88c022b4aacc0086e9ca88fe39c07

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\bc9d5de2-d802-4997-8760-cea672f93538.tmp

MD5 13162a1332659b3162288d65db3ada5f
SHA1 4a7f893aa99d648b3cf6b65f8c534ecfb0aac9ba
SHA256 5f34b91d32841c7a48de732fd57c01e390defb7c97e564c5d36b53c56166eed1
SHA512 92ba5d17b044bca45a75d01ec04789315f19b426ad7c74d1d1228c4a298aaa055719a1c4960aafd69eee207df0a9dee6f61d4b65ae24dbce2b77b8181ff07513

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win10v2004-20240508-en

Max time kernel

149s

Max time network

153s

Command Line

"C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe"

Signatures

Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion

Description Indicator Process Target
N/A N/A N/A N/A

Detects executables referencing many IR and analysis tools

Description Indicator Process Target
N/A N/A N/A N/A

Detects executables referencing sandbox artifacts

Description Indicator Process Target
N/A N/A N/A N/A

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\Localized Name = "AVG Secure Browser" C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\IsInstalled = "1" C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\Version = "43,0,0,0" C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982} C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\ = "AVG Secure Browser" C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\StubPath = "\"C:\\Program Files\\AVG\\Browser\\Application\\124.0.25069.209\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level" C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
N/A N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\AVGBrowserInstaller.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Reads user/profile data of web browsers

spyware stealer

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32\ServerExecutable = "C:\\Program Files\\AVG\\Browser\\Application\\124.0.25069.209\\notification_helper.exe" C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32\ = "\"C:\\Program Files\\AVG\\Browser\\Application\\124.0.25069.209\\notification_helper.exe\"" C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32 C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AVGBrowserAutoLaunch_2539D9FFF1F40C0A976762D6C815D3E3 = "\"C:\\Program Files\\AVG\\Browser\\Application\\AVGBrowser.exe\" --check-run=src=logon --auto-launch-at-startup --profile-directory=\"Default\"" C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AVGBrowserAutoLaunch_2539D9FFF1F40C0A976762D6C815D3E3 = "\"C:\\Program Files\\AVG\\Browser\\Application\\AVGBrowser.exe\" --check-run=src=logon --auto-launch-at-startup --profile-directory=\"Default\"" C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Checks for any installed AV software in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\SOFTWARE\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\Software\Avira\Antivirus C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\SOFTWARE\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\Software\Avira\Antivirus C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File opened for modification C:\Program Files\Crashpad\metadata C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\chrome_wer.dll C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\zh-CN.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Application\AVGBrowserProtect.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6872_2085923162\manifest.fingerprint C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_no.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_pl.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_it.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\npAvgBrowserUpdate3.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\ru.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\et.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\fr.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\it.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\sv.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_iw.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_vi.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_nl.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_sr.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\hr.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\VisualElements\Logo.png C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_fa.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ru.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\ml.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_sk.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\en-GB.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdateBroker.exe C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_it.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_es.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_lt.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File opened for modification C:\Program Files\AVG\Browser\Application\debug.log C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\libEGL.dll C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\ur.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\snapshot_blob.bin C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_gu.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateCore.exe C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_bg.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\config.def C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_hr.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_sv.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_et.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_hr.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\ms.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\pl.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\psuser_64.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_zh-TW.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_en-GB.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateWebPlugin.exe C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\npAvgBrowserUpdate3.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_da.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_et.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\psmachine.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_th.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_fi.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_pt-BR.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_en.dll C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\chrome_elf.dll C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\124.0.25069.209\Locales\lt.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping6872_2085923162\_metadata\verified_contents.json C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\psmachine_64.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source3584_659906026\Safer-bin\AVGBrowser.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
File created C:\Program Files (x86)\GUM5525.tmp\goopdateres_tr.dll C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
File opened for modification C:\Program Files (x86)\AVG\Browser\Update\Download\{48F69C39-1356-4A7B-A899-70E3539D4982}\124.0.25069.209\AVGBrowserInstaller.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\Policy = "3" C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077} C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppName = "AVGBrowserUpdateBroker.exe" C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\Policy = "3" C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498} C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppName = "AVGBrowserUpdateWebPlugin.exe" C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\AVG C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AVG\Browser C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\endpoint = "update.avgbrowser.com" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\NGC\SoftLockoutVolatileKey C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\NGC C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\ C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\devmode = "0" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\hostprefix C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key created \REGISTRY\USER\S-1-5-19 C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\MachineId = "00009bb098663592a3a6086bcc2909e7" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\MachineIdDate = "20240604" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133619368732697495" C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography C:\Windows\system32\svchost.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgQH\Application\ApplicationName = "AVG Secure Browser Helper" C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E21E991-301D-47FD-AB7A-99FBE864EF65}\NumMethods\ = "41" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C50E3A4-12A8-41FB-9941-E8EEB222E07E}\ = "IProcessLauncher2" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{45F7CBA5-258D-4852-AD0A-B18F3FB214F4}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{804EC8ED-BF49-41ED-BCD0-CA1D716D3E98} C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{40C1C1D3-AAEA-46EE-AA2B-79A2CC62F257}\LocalServer32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{358EC846-617A-4763-8656-50BF6E0E8AA2} C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.shtml\OpenWithProgids C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ = "IAppBundleWeb" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{28E08968-59C8-4A77-BEBA-12C9394AE077}\ProgID C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{41A025DF-6171-460F-B9A1-29ECE33E754E} C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{67F69D86-C3AA-4CBF-A536-C73B5D785FFC}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.MiscUtils\CurVer C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{384098DD-AB6D-412E-B819-2F10032D9767}\AppID = "{30612A81-C10F-498E-9163-C2B2A3F81A14}" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{925547A3-663F-4673-A7B7-3FCACCDC4879}\ = "IAppCommand" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AvgHTML\shell\open C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23AE0B95-20F3-4632-A2AE-C3D706E1D5D9}\LocalServer32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A708F91-06A3-409E-83BC-4A5CF10C8025}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BAAD654E-4B50-4C9F-A261-CF29CF884478}\ = "Google Update Legacy On Demand" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgQH\URL Protocol C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\NumMethods\ = "24" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B02B2F29-8637-4B78-892A-CFD7CCE793EC}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BEBC1D02-EC16-479A-83F6-AA4247CA7F70}\LocalServer32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A27F7BCA-118B-4330-9B07-9092E8F047E2} C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.OnDemandCOMClassSvc\ = "Google Update Legacy On Demand" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ = "IAppBundleWeb" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5CCD3788-C8CC-4EE9-8DF7-944B7D9674F2} C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A012A499-D8A6-4F6C-9E05-B02D58E3781A} C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6CEBE594-0680-4815-86E1-615A6BE65E0E}\NumMethods\ = "4" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A012A499-D8A6-4F6C-9E05-B02D58E3781A}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.ProcessLauncher.1.0\CLSID C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB785069-B832-4423-B813-47F7422BA6E5}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C32E10AE-6600-4A1E-8BEA-EF89A3072F93}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AppID\{CA348B59-06AD-4482-AD87-966302908F0F} C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A27F7BCA-118B-4330-9B07-9092E8F047E2} C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{925547A3-663F-4673-A7B7-3FCACCDC4879}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6CEBE594-0680-4815-86E1-615A6BE65E0E} C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.MiscUtils.1.0 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.webp C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D} C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5CCD3788-C8CC-4EE9-8DF7-944B7D9674F2}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{67F69D86-C3AA-4CBF-A536-C73B5D785FFC}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C7E81D6-0463-485E-8DF5-2ADAD81FAF40}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{7E22D0ED-B403-44D2-BABF-4DDD0DFCA692}\LocalServer32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C7B73E65-20BA-407F-8A89-DF649EF82559}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8C50E3A4-12A8-41FB-9941-E8EEB222E07E}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FBDC15B-BBCD-402B-A45F-1853B01A9E3C} C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E21E991-301D-47FD-AB7A-99FBE864EF65}\NumMethods\ = "41" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\ = "PSFactoryBuffer" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8C7E81D6-0463-485E-8DF5-2ADAD81FAF40}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A012A499-D8A6-4F6C-9E05-B02D58E3781A}\NumMethods C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C9E6B2FC-34C6-435F-BC66-1EA330DB1270}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{45F7CBA5-258D-4852-AD0A-B18F3FB214F4}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23AE0B95-20F3-4632-A2AE-C3D706E1D5D9}\ProgID\ = "AVGUpdate.CoreMachineClass.1" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{82C85EAA-7C94-4702-AA75-DF39403AE358}\AppID = "{82C85EAA-7C94-4702-AA75-DF39403AE358}" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{384098DD-AB6D-412E-B819-2F10032D9767} C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Token: 33 N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\AVGBrowserInstaller.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\AVGBrowserInstaller.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1120 wrote to memory of 408 N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe C:\Users\Admin\AppData\Local\Temp\aj4828.exe
PID 1120 wrote to memory of 408 N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe C:\Users\Admin\AppData\Local\Temp\aj4828.exe
PID 1120 wrote to memory of 408 N/A C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe C:\Users\Admin\AppData\Local\Temp\aj4828.exe
PID 408 wrote to memory of 4548 N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe
PID 408 wrote to memory of 4548 N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe
PID 408 wrote to memory of 4548 N/A C:\Users\Admin\AppData\Local\Temp\aj4828.exe C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe
PID 4548 wrote to memory of 3936 N/A C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe
PID 4548 wrote to memory of 3936 N/A C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe
PID 4548 wrote to memory of 3936 N/A C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 1784 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 1784 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 1784 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 2980 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 2980 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 2980 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 2980 wrote to memory of 1224 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2980 wrote to memory of 1224 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2980 wrote to memory of 640 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2980 wrote to memory of 640 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2980 wrote to memory of 1400 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 2980 wrote to memory of 1400 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
PID 3936 wrote to memory of 4280 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 4280 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 4280 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 4840 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 4840 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 3936 wrote to memory of 4840 N/A C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
PID 4464 wrote to memory of 2468 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\AVGBrowserInstaller.exe
PID 4464 wrote to memory of 2468 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\AVGBrowserInstaller.exe
PID 2468 wrote to memory of 3584 N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\AVGBrowserInstaller.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe
PID 2468 wrote to memory of 3584 N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\AVGBrowserInstaller.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe
PID 3584 wrote to memory of 4896 N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe
PID 3584 wrote to memory of 4896 N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe
PID 4464 wrote to memory of 3372 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe
PID 4464 wrote to memory of 3372 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe
PID 4464 wrote to memory of 3372 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe
PID 4464 wrote to memory of 2692 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe
PID 4464 wrote to memory of 2692 N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe
PID 4872 wrote to memory of 2436 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 2436 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
PID 4872 wrote to memory of 4796 N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe

"C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe"

C:\Users\Admin\AppData\Local\Temp\aj4828.exe

"C:\Users\Admin\AppData\Local\Temp\aj4828.exe" /relaunch=8 /was_elevated=1 /tagdata

C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe

AVGBrowserUpdateSetup.exe /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome"

C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe

"C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe" /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome"

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regsvc

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regserver

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgb21haGFpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHVwZGF0ZXJ2ZXJzaW9uPSIxLjguMTY5My42IiBzaGVsbF92ZXJzaW9uPSIxLjguMTY5My42IiBpc21hY2hpbmU9IjEiIGlzX29tYWhhNjRiaXQ9IjAiIGlzX29zNjRiaXQ9IjEiIHNlc3Npb25pZD0ie0ZBOTAxRkNCLTY2NDMtNDczNi05MkJGLTM2RjEwMzY4MDUwQn0iIGNlcnRfZXhwX2RhdGU9IjIwMjUwOTE3IiB1c2VyaWQ9InsyQUIzNERERS00NTc3LTQyMjYtOTc3QS1EQ0Y0MEUxREQ0MzB9IiB1c2VyaWRfZGF0ZT0iMjAyNDA2MDQiIG1hY2hpbmVpZD0iezAwMDA5QkIwLTk4NjYtMzU5Mi1BM0E2LTA4NkJDQzI5MDlFN30iIG1hY2hpbmVpZF9kYXRlPSIyMDI0MDYwNCIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiB0ZXN0c291cmNlPSJhdXRvIiByZXF1ZXN0aWQ9InsyOTZBRThFQy0yOENELTQzQkYtQjc3RC1BMDY4MkVCQTU5RkZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjgiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuOC4xNjkzLjYiIGxhbmc9ImVuLVVTIiBicmFuZD0iOTI0OSIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iODEzIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /handoff "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome" /installsource otherinstallcmd /sessionid "{FA901FCB-6643-4736-92BF-36F10368050B}" /silent

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc

C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\AVGBrowserInstaller.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\AVGBrowserInstaller.exe" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data=iexplore --import-cookies --auto-launch-chrome --system-level

C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe" --install-archive="C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\SECURE.PACKED.7Z" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data=iexplore --import-cookies --auto-launch-chrome --system-level

C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{A28FD9F0-9657-46BE-8201-E926248FD656}\CR_11504.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0x260,0x264,0x268,0x23c,0x26c,0x7ff61c63a3f0,0x7ff61c63a3fc,0x7ff61c63a408

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

AVGBrowser.exe --heartbeat --install --create-profile

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0xf4,0xf8,0xfc,0xd0,0x100,0x7fff1fe3dc40,0x7fff1fe3dc4c,0x7fff1fe3dc58

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2052,i,10317843304305612767,11440961758503672782,262144 --variations-seed-version --mojo-platform-channel-handle=2044 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1968,i,10317843304305612767,11440961758503672782,262144 --variations-seed-version --mojo-platform-channel-handle=2516 /prefetch:3

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,10317843304305612767,11440961758503672782,262144 --variations-seed-version --mojo-platform-channel-handle=2620 /prefetch:8

C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe

"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3356,i,10317843304305612767,11440961758503672782,262144 --variations-seed-version --mojo-platform-channel-handle=3420 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3364,i,10317843304305612767,11440961758503672782,262144 --variations-seed-version --mojo-platform-channel-handle=3728 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3460,i,10317843304305612767,11440961758503672782,262144 --variations-seed-version --mojo-platform-channel-handle=3896 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3452,i,10317843304305612767,11440961758503672782,262144 --variations-seed-version --mojo-platform-channel-handle=3940 /prefetch:2

C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe

"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4540,i,10317843304305612767,11440961758503672782,262144 --variations-seed-version --mojo-platform-channel-handle=4496 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

AVGBrowser.exe --silent-launch

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff1fe3dc40,0x7fff1fe3dc4c,0x7fff1fe3dc58

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2144,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=2140 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1976,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=2584 /prefetch:3

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2276,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=2632 /prefetch:8

C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe

"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"

C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe

"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3392,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=3404 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3636,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=3376 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3644,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=3376 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3660,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=3724 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3404,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=3776 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3916,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=3932 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3376,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=4076 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3400,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=3768 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3920,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=3796 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4384,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=4400 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3764,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=4680 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4700,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=4832 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4976,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5148,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=5172 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5144,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=5280 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4668,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=5432 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4084,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=5568 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5716,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=5740 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4368,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=5712 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5160,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=6040 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5156,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=6168 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6404,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=6416 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6396,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=6620 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5728,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=6924 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5164,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=7092 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7124,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=7160 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4392,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=7428 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7296,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=7572 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7712,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=7724 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7872,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=7880 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7876,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=7732 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8024,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=7708 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7288,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=8292 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8320,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=8452 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8584,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=7080 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3572,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=8300 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8848,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=8864 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7868,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=9008 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=9240,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=9252 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=9260,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=9376 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=3676,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=3932 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --enable-protect

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=9028,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=9120 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff1fe3dc40,0x7fff1fe3dc4c,0x7fff1fe3dc58

C:\Program Files\AVG\Browser\Application\AVGBrowserProtect.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowserProtect.exe" --registration reg-task --taskintr PT10M --runonce

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=9684,i,16970141167122698678,6244855820098111956,262144 --variations-seed-version --mojo-platform-channel-handle=9696 /prefetch:8

C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe

setup.exe /silent --create-shortcuts=0 --install-level=1 --system-level

C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe

"C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0x260,0x264,0x268,0x23c,0x26c,0x7ff6786ea3f0,0x7ff6786ea3fc,0x7ff6786ea408

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=shortcut-pin-helper /prefetch:8 startpin "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

AVGBrowser.exe --check-run=src=installer

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff1fe3dc40,0x7fff1fe3dc4c,0x7fff1fe3dc58

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2112,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=2108 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1864,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=2620 /prefetch:3

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=2520 /prefetch:8

C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe

"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3224,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=3240 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3228,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=4004,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=4024 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=4640,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=4660 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4980,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=4992 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5012,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=5064 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5040,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=5280 /prefetch:2

C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe

"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=shortcut-pin-helper /prefetch:8 has-startpin "C:\Users\Public\Desktop\AVG Secure Browser.lnk"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5796,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=5884 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5912,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=5920 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --enable-protect

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0xf8,0xfc,0x100,0xe0,0x104,0x7fff1fe3dc40,0x7fff1fe3dc4c,0x7fff1fe3dc58

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6660,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=6680 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6684,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=6652 /prefetch:8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4620,i,9721927563492291190,17334742903490057679,262144 --variations-seed-version --mojo-platform-channel-handle=5420 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 43.56.20.217.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 stats.securebrowser.com udp
US 104.20.87.8:443 stats.securebrowser.com tcp
US 8.8.8.8:53 8.87.20.104.in-addr.arpa udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 8.8.8.8:53 125.63.22.104.in-addr.arpa udp
US 8.8.8.8:53 browser-update.avg.com udp
GB 104.91.71.140:80 browser-update.avg.com tcp
US 8.8.8.8:53 140.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 104.22.63.125:443 update.avgbrowser.com udp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 8.8.8.8:53 stats.securebrowser.com udp
US 8.8.8.8:53 stats.securebrowser.com udp
US 104.20.87.8:443 stats.securebrowser.com tcp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 104.20.87.8:443 config.avg.securebrowser.com tcp
US 8.8.8.8:53 browser-update.avg.com udp
US 8.8.8.8:53 browser-update.avg.com udp
GB 104.91.71.133:443 browser-update.avg.com tcp
US 8.8.8.8:53 133.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 s-install.avcdn.net udp
US 8.8.8.8:53 s-install.avcdn.net udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 104.22.63.125:443 update.avgbrowser.com udp
US 104.22.63.125:443 update.avgbrowser.com tcp
GB 2.21.189.79:443 s-install.avcdn.net tcp
US 8.8.8.8:53 browser-update.avg.com udp
US 8.8.8.8:53 browser-update.avg.com udp
GB 104.91.71.140:443 browser-update.avg.com tcp
US 8.8.8.8:53 79.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google udp
US 34.160.176.28:443 tcp
US 8.8.8.8:53 28.176.160.34.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 104.20.87.8:443 config.avg.securebrowser.com tcp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 8.8.8.8:53 stats.securebrowser.com udp
US 8.8.8.8:53 stats.securebrowser.com udp
US 104.20.86.8:443 stats.securebrowser.com tcp
US 34.149.149.62:443 ip-info.ff.avast.com tcp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 easylist-downloads.adblockplus.org udp
US 8.8.8.8:53 easylist-downloads.adblockplus.org udp
US 104.22.63.125:443 update.avgbrowser.com udp
GB 2.16.34.16:443 easylist-downloads.adblockplus.org tcp
GB 2.16.34.16:443 easylist-downloads.adblockplus.org tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 104.20.87.8:443 config.avg.securebrowser.com tcp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 34.160.176.28:443 shepherd.ff.avast.com tcp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 avast_browser_tiles.tiles.ampfeed.com udp
US 8.8.8.8:53 avast_browser_tiles.tiles.ampfeed.com udp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 104.20.86.8:443 config.avg.securebrowser.com tcp
BE 104.68.91.91:443 avast_browser_tiles.tiles.ampfeed.com tcp
US 34.149.149.62:443 ip-info.ff.avast.com tcp
US 8.8.8.8:53 8.86.20.104.in-addr.arpa udp
US 8.8.8.8:53 62.149.149.34.in-addr.arpa udp
US 8.8.8.8:53 16.34.16.2.in-addr.arpa udp
US 8.8.8.8:53 91.91.68.104.in-addr.arpa udp
US 8.8.8.8:53 engagement-content.avastbrowser.com udp
US 8.8.8.8:53 engagement-content.avastbrowser.com udp
US 8.8.8.8:53 api.accuweather.com udp
US 8.8.8.8:53 api.accuweather.com udp
US 172.67.15.96:443 engagement-content.avastbrowser.com tcp
US 172.67.15.96:443 engagement-content.avastbrowser.com tcp
US 172.67.15.96:443 engagement-content.avastbrowser.com tcp
US 172.67.15.96:443 engagement-content.avastbrowser.com tcp
US 172.67.15.96:443 engagement-content.avastbrowser.com tcp
GB 104.91.71.26:443 api.accuweather.com tcp
GB 104.91.71.26:443 api.accuweather.com tcp
US 8.8.8.8:53 96.15.67.172.in-addr.arpa udp
US 8.8.8.8:53 26.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 stwleprodwus.blob.core.windows.net udp
US 8.8.8.8:53 stwleprodwus.blob.core.windows.net udp
US 20.60.153.225:443 stwleprodwus.blob.core.windows.net tcp
US 104.22.63.125:443 update.avgbrowser.com udp
US 8.8.8.8:53 225.153.60.20.in-addr.arpa udp
US 8.8.8.8:53 eb.nextgenshopping.com udp
US 8.8.8.8:53 eb.nextgenshopping.com udp
US 151.101.1.55:443 eb.nextgenshopping.com tcp
US 8.8.8.8:53 c.nextgenshopping.com udp
US 8.8.8.8:53 c.nextgenshopping.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 52.24.71.181:443 c.nextgenshopping.com tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 52.24.71.181:443 c.nextgenshopping.com tcp
US 8.8.8.8:53 55.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 181.71.24.52.in-addr.arpa udp
US 8.8.8.8:443 dns.google udp
GB 142.250.178.10:443 tcp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:443 dns.google udp
GB 216.58.201.99:443 tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 123.35.104.34.in-addr.arpa udp
GB 216.58.201.99:443 udp
US 104.22.79.87:443 engagement-content.avastbrowser.com tcp
US 8.8.8.8:53 87.79.22.104.in-addr.arpa udp
US 8.8.8.8:53 88.65.42.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Temp\nsc3EE0.tmp\jsis.dll

MD5 4b27df9758c01833e92c51c24ce9e1d5
SHA1 c3e227564de6808e542d2a91bbc70653cf88d040
SHA256 d37408f77b7a4e7c60800b6d60c47305b487e8e21c82a416784864bd9f26e7bb
SHA512 666f1b99d65169ec5b8bc41cdbbc5fe06bcb9872b7d628cb5ece051630a38678291ddc84862101c727f386c75b750c067177e6e67c1f69ab9f5c2e24367659f4

C:\Users\Admin\AppData\Local\Temp\nsc3EE0.tmp\nsJSON.dll

MD5 ddb56a646aea54615b29ce7df8cd31b8
SHA1 0ea1a1528faafd930ddceb226d9deaf4fa53c8b2
SHA256 07e602c54086a8fa111f83a38c2f3ee239f49328990212c2b3a295fade2b5069
SHA512 5d5d6ee7ac7454a72059be736ec8da82572f56e86454c5cbfe26e7956752b6df845a6b0fada76d92473033ca68cd9f87c8e60ac664320b015bb352915abe33c8

C:\Users\Admin\AppData\Local\Temp\nsc3EE0.tmp\JsisPlugins.dll

MD5 bd94620c8a3496f0922d7a443c750047
SHA1 23c4cb2b4d5f5256e76e54969e7e352263abf057
SHA256 c0af9e25c35650f43de4e8a57bb89d43099beead4ca6af6be846319ff84d7644
SHA512 954006d27ed365fdf54327d64f05b950c2f0881e395257b87ba8e4cc608ec4771deb490d57dc988571a2e66f730e04e8fe16f356a06070abda1de9f3b0c3da68

C:\Users\Admin\AppData\Local\Temp\nsc3EE0.tmp\StdUtils.dll

MD5 7602b88d488e54b717a7086605cd6d8d
SHA1 c01200d911e744bdffa7f31b3c23068971494485
SHA256 2640e4f09aa4c117036bfddd12dc02834e66400392761386bd1fe172a6ddfa11
SHA512 a11b68bdaecc1fe3d04246cfd62dd1bb4ef5f360125b40dadf8d475e603e14f24cf35335e01e985f0e7adcf785fdf6c57c7856722bc8dcb4dd2a1f817b1dde3a

C:\Users\Admin\AppData\Local\Temp\{B894A42E-7A0E-4EE6-8CB0-DC59A44BED0A}\scrt.dll

MD5 f36f05628b515262db197b15c7065b40
SHA1 74a8005379f26dd0de952acab4e3fc5459cde243
SHA256 67abd9e211b354fa222e7926c2876c4b3a7aca239c0af47c756ee1b6db6e6d31
SHA512 280390b1cf1b6b1e75eaa157adaf89135963d366b48686d48921a654527f9c1505c195ca1fc16dc85b8f13b2994841ca7877a63af708883418a1d588afa3dbe8

C:\Users\Admin\AppData\Local\Temp\nsc3EE0.tmp\thirdparty.dll

MD5 070335e8e52a288bdb45db1c840d446b
SHA1 9db1be3d0ab572c5e969fea8d38a217b4d23cab2
SHA256 c8cf0cf1c2b8b14cbedfe621d81a79c80d70f587d698ad6dfb54bbe8e346fbbc
SHA512 6f49b82c5dbb84070794bae21b86e39d47f1a133b25e09f6a237689fd58b7338ae95440ae52c83fda92466d723385a1ceaf335284d4506757a508abff9d4b44c

C:\Users\Admin\AppData\Local\Temp\aj4828.exe

MD5 acb51434fd82eb460b052f05950b8dca
SHA1 707d192db2ce7cefdefce3037dfb85a18b8811f3
SHA256 29ffa251cb267969af445eb664df04d1a7badbcade61a7f754de42b6d4340055
SHA512 013dc0abcc9760c6298b7e48007eb1ac4bc2e453f06c1ce4aff218f50cd1e2c4bb44ad6bc5687edb057df8b0e38fa0aaada7a8d045ed08412278d3031527229d

C:\Users\Admin\AppData\Local\Temp\avg-securebrowser-web-tags

MD5 4c94408946d796a8b19c17df5cf0562d
SHA1 89056150d90683f9548dadc308eb2789a67c2a47
SHA256 68042cb47d900c4110ffc5f46e5f8395b35f42d33fc75e58ee34c7f5d8726de7
SHA512 96a31f0b7254f42fec787233e2d11991709bc0b2514d163dd1f7696015e7318f9810d9811473fc13d6782d65e40f6a94fe6a7ffef3cb962032cff3bfe8b99a29

C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\Midex.dll

MD5 581c4a0b8de60868b89074fe94eb27b9
SHA1 70b8bdfddb08164f9d52033305d535b7db2599f6
SHA256 b13c23af49da0a21959e564cbca8e6b94c181c5eeb95150b29c94ff6afb8f9dd
SHA512 94290e72871c622fc32e9661719066bafb9b393e10ed397cae8a6f0c8be6ed0df88e5414f39bc528bf9a81980bdcb621745b6c712f4878f0447595cec59ee33d

C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\CR.History.tmp

MD5 73bd1e15afb04648c24593e8ba13e983
SHA1 4dd85ca46fcdf9d93f6b324f8bb0b5bb512a1b91
SHA256 aab0b201f392fef9fdff09e56a9d0ac33d0f68be95da270e6dab89bb1f971d8b
SHA512 6eb58fb41691894045569085bd64a83acd62277575ab002cf73d729bda4b6d43c36643a5fa336342e87a493326337ed43b8e5eaeae32f53210714699cb8dfac7

C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\FF.places.tmp

MD5 b01182fd0bcfecd25f0378b6ddd50714
SHA1 faf0abd8ccde904e4ec90d216f9dada2c3a046d3
SHA256 921d4d81de816c9f7add02a5c5dc28209959a2ce1bdd64eff6675a5cdbd90a55
SHA512 a409fe0c1fbbcc158d47f6f727446ddf754b99ec235715f5f03b66a4f0c91b93c8bbd9e7ab235ed65e9b0abdd4bf2899dd3e5ec4afa8f45822e6f3dbc9d1bd7d

C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\CR.History.tmp

MD5 9618e15b04a4ddb39ed6c496575f6f95
SHA1 1c28f8750e5555776b3c80b187c5d15a443a7412
SHA256 a4cd72e529e60b5f74c50e4e5b159efaf80625f23534dd15a28203760b8b28ab
SHA512 f802582aa7510f6b950e3343b0560ffa9037c6d22373a6a33513637ab0f8e60ed23294a13ad8890935b02c64830b5232ba9f60d0c0fe90df02b5da30ecd7fa26

C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AVGBrowserUpdateSetup.exe

MD5 9750ea6c750629d2ca971ab1c074dc9d
SHA1 7df3d1615bec8f5da86a548f45f139739bde286b
SHA256 cd1c5c7635d7e4e56287f87588dea791cf52b8d49ae599b60efb1b4c3567bc9c
SHA512 2ecbe819085bb9903a1a1fb6c796ad3b51617dd1fd03234c86e7d830b32a11fbcbff6cdc0191180d368497de2102319b0f56bfd5d8ac06d4f96585164801a04b

C:\Program Files (x86)\GUM5525.tmp\@PaxHeader

MD5 e39aca4d291b7d35ac0c119f81968ca9
SHA1 e86ebc9ca04770f4a30174d088a58389f627755f
SHA256 0aac401e3c92ef8f47a22b327daf45b27c76d065ba9cd817e9c7e0ec2c8a5ab6
SHA512 64a1536a7bccb93e2b134d1e62734095ec5b5c9327d90e37062bb33d7a86dab7f5645c9b535619ed940bf0702326fa6c1c72cbb27a0353990903f1f18a9cc392

C:\Program Files (x86)\GUM5525.tmp\@PaxHeader

MD5 a910f1a328143ddc15ab90c75358f762
SHA1 3ba9134d1da0bf835aa164e1ab20c15b52e148cf
SHA256 438b92426761634a225608797c041db2651aff38a79cffd8cef67a363a142618
SHA512 97165a0614515b1f8d263840bde83557c601b741fb10db771ee2955616911b74cd6ee7cf83afa8a6cf8d345faacc1a3599e1b5d3a45765bca6b0c11109bf985e

C:\Program Files (x86)\GUM5525.tmp\@PaxHeader

MD5 939ee98d23d3ce9a0c8a0fe9aac02cf2
SHA1 b48224bddd5ad890d749f1dd16de6f9c5d9b2af5
SHA256 cea3426ac194b93a31f869d26e69045effc10a0d89962220724557136625ba39
SHA512 caddc19a06aa9bba35641c5b8b2055c18e7f8c89f0603869be5ef7b283c83ab4efc1213ba18c536007babc492ced62e406ba34af96c3a949d3378b5cae0ad881

C:\Program Files (x86)\GUM5525.tmp\@PaxHeader

MD5 5aef091c2c4a1ab1f18d62f5c63b864d
SHA1 c46940e1b5a6ed94cb08cb61eea9e6e3e11d0540
SHA256 5a098ad8a8b1745286387dba19ac2dd9a25d6daeab76256d0c747dab11f1f02e
SHA512 8275fc5f95739ed30c4d6ced2da849deed79efa46a3cf5ec0884dcd8a29e5ae0f434b1ae33b1f87ece1da69adb49ba652ea76a527933c1a252923a74eb250cf1

C:\Program Files (x86)\GUM5525.tmp\@PaxHeader

MD5 fc8ee03b2a65f381e4245432d5fef60e
SHA1 d2b7d9be66c75ccf24fcb45a6d0dacedd8b6dd6f
SHA256 751a04263c2ebb889fdcd11045d6f3602690318ebaaa54f66e1332d76dde9ef4
SHA512 0837f2b22c9629990165c5e070e710a69ad4951b7fcfe28bd52354c4b8a7246672497b8aaf521a8773c7ec2a4249fc4318330948ab0d8db8c6c74da57b32f1c4

C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdate.exe

MD5 cbcdf56c8a2788ed761ad3178e2d6e9c
SHA1 bdee21667760bc0df3046d6073a05d779fdc82cb
SHA256 e9265a40e5ee5302e8e225ea39a67d452eaac20370f8b2828340ba079abbbfd3
SHA512 5f68e7dffdd3424e0eb2e5cd3d05f8b6ba497aab9408702505341b2c89f265ebb4f9177611d51b9a56629a564431421f3ecb8b25eb08fb2c54dfeddecb9e9f2e

C:\Program Files (x86)\GUM5525.tmp\goopdate.dll

MD5 04a6438c50564146e880c5eb9d57905e
SHA1 edf5d454de99159d832cc9bd0d8dbe132d749804
SHA256 26109d47bf9960e531888e6c545ca8cfc24fee2202b549df29fb8bf9c58e0812
SHA512 8705d0ab2f8a6c1ef567ad00b33ff2cca01391b105eb0ade201d981f091e4ba87e709860ab9849bf9781698fb42ab8efe53ea731af310781766bace1eb1dc19d

C:\Program Files (x86)\GUM5525.tmp\goopdateres_en.dll

MD5 418853fe486d8c021d0cca2e85a63d63
SHA1 9504500a7b5076579d74c23294df4bdb1b7c517d
SHA256 4cbb2591c1eeda32bcf295685c993ce4d16acc968697fa12e2a00a1b7c4b37a3
SHA512 dc2ab4e2056e6d73a274d700bc16f75c7c687b35874029c1908b183428dec010373045d4a52eb3f5745f8b91d624cf5d40cd7f37e353f3a41348e2a054a266a3

C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdateCore.exe

MD5 dd5dc945cd848bf503862d0a68c3ea5d
SHA1 9b277a0c733ed5698b0656da8c3b99d2f90c7ef8
SHA256 8cc98345e367b083f545ace66d93bf69e03a4fa08b84805a9925fa4c94ef3f8f
SHA512 f6eab8422bde24d89a7723c6175b4197a50e18aa0bb5b8f419e5a23b265d85dcaacaf136b8f6ef6bbf2bd6c0eaecd8f86093f594fb98e596f4b39e9c6ff227e1

C:\Program Files (x86)\GUM5525.tmp\AVGBrowserCrashHandler.exe

MD5 f73e60370efe16a6d985e564275612da
SHA1 2f829a0a611ac7add51a6bc50569e75181cdfd58
SHA256 9cf076866935a0c64366efaeff2ec76d45ac816030ebd616fd5defb1870bc30e
SHA512 2e44e87c285bb7b72d45c8119d08ea6f2d13cea77cf0005a3cf530790bb86c7f2df7c5edac9d86c9d7214abb224738c3bf6b31f6bf104051512bb1de133042dc

C:\Program Files (x86)\GUM5525.tmp\AVGBrowserCrashHandler64.exe

MD5 deef1e7382d212cd403431727be417a5
SHA1 fac0e754a5734dd5e9602a0327a66e313f7473bb
SHA256 7d410e9eabd086827b16c89ee953a643c3e2f7929616c0af579253fd8ca60088
SHA512 6b472a57fb89b128aad9ab6313a9ce8b171f7d73264c67f669adc5cf1f0421d81f654dad1419b620476abb59dd54e1aa03a74a26c5c93813f6fb8575fbd97d4d

C:\Program Files (x86)\GUM5525.tmp\goopdateres_ca.dll

MD5 f951cf3ca93e5ae5fc1ce2da93121d98
SHA1 15bc869406857437babe41cd3f500c356913499b
SHA256 eb00cad19ed1d16f52928962f2cc6231d65eb74b2314976ebeb1ec860103e746
SHA512 b77086ad2b39723d697d7839d9243c1c0769a2cb0f6287cd3f2d64eabd6a48d8fc2d253e9089c6586637ed5dc5970c2608615fe77cef5003f0c4d53401ef73bc

C:\Program Files (x86)\GUM5525.tmp\goopdateres_bn.dll

MD5 aedf6d96ccb64f488379bb1fe65f697a
SHA1 901bbb7873d8f698f49c4b6be74fb50b353d7b5e
SHA256 941d22186ef1bfe27052e78d21944d6088cea152d1ede51452f04fb032c92f90
SHA512 d1d889a1fe75924f3569e07d9ee3f552afc02165210f5c439d4697be898b72db397bb89e7d0706259f92c1cb5759009f9e1ba5c52f764e63514b3da41dada1cc

C:\Program Files (x86)\GUM5525.tmp\goopdateres_bg.dll

MD5 c0b41217fc33a6a53ec69ae7399460f2
SHA1 d7dd8d543b7297f1a1e138efa1806972c9489c3f
SHA256 d75a1a41ad7e5277576e3bdf35a858be3a6f540d21c8ab4156c842d8f1b3295b
SHA512 37abb726b78421aaccdbc94b358cda6b581e89ac519258eb39c6a7f0706cfc64c3a96f5c29539ba67c6e2d2afd6f10b6b0c063b54366c03376ce234d132a8253

C:\Program Files (x86)\GUM5525.tmp\goopdateres_ar.dll

MD5 9c77be0843f0fe4864a04f8d5f24a593
SHA1 be03adb4d3c33520e652c7a6ee45f09d5ff54a54
SHA256 39547fa5d7b93856235288b1021699b4f36f0bea10b10d6b89ea184a3ad77bb1
SHA512 f504c98b03a5d72c078b38a2cc4fdd94dbed159f5a2ed47c2c4a53fc6ec8a3b1fd969d5ad85fc7503e64427a36adee7a14f15f1275a9194103e43c8a8ee45d28

C:\Program Files (x86)\GUM5525.tmp\goopdateres_am.dll

MD5 ba03b29d5d44341084eb06bea8f1e702
SHA1 7d8dd7556ea5e299b55ddc7477ca758fe2c64f48
SHA256 6a6aad33e2910c29a6d919aad074d89359c5e6723ced7ba4e215a62e9513749b
SHA512 29f902587b7078deb12bee6bf9993748109749ec12e6490d5f84bc9c532a5a1f414149d5760641ef052611bf2d441423d115dfb5a4c4c6f5e6d6a1f386924cf2

C:\Program Files (x86)\GUM5525.tmp\goopdateres_el.dll

MD5 0d15748f01df49dae986f1e27dc098ef
SHA1 35a435bdaaf47795977b28cdae2e4ea1fdae73a3
SHA256 df13c38061cb0b02dd8a9023a17da0bbe1cda6fdedad5203129fc702c7fdd9b1
SHA512 290e9936f50e3bd11c1b9d28decf3b43f5e23bbff16801e7b0491690773d057b6bcdcf48c48a7ee16fa2400723b3e974e2b74e3899590a8e660c2e9c78b9d141

C:\Program Files (x86)\GUM5525.tmp\goopdateres_es.dll

MD5 5f8ea18786d5ef1927cd95537abc3ae0
SHA1 5530650ecc719d83b7aa89e0b326b5698e8adda2
SHA256 fa416294b078226a8919dbb8f75533a6ef96d63d5bd17aac854eae68791433cf
SHA512 577dc7d19e4443e8aede759a781826c091c17d12fb06e89b1306133f21e01dab919045183a916e1b5647ddf485134a8459745a9199df5c7e36abe192645d8e25

C:\Program Files (x86)\GUM5525.tmp\goopdateres_en-GB.dll

MD5 02465169cd873c4492196e03457f2771
SHA1 837ca5e54a8c12577d0d05a32996dfc04067c5ea
SHA256 4eb9edf550bf1f66382e5d8bd4958438891cd2ca46557d14f4b945dc176ec025
SHA512 e73b5f3951050f2903b80b89d2b9fd9ebf69adb922eb8238ef4c01f413ae67727d7598d4ac15f7ac8b9257aef0139e0924c70c5898357142a303d7e2b15394c3

C:\Program Files (x86)\GUM5525.tmp\goopdateres_fil.dll

MD5 5ed0105f4043466a99557dde1f70e97f
SHA1 c57c935cc4b25b6375ab3fcdfbb265f4c586ec3e
SHA256 cfbe0120ddf8d5574f7c44c85488f53aecec4df9bfb25f1cefbabcad5af46096
SHA512 4fa641810f758e0031388ec146467fc130780e2f2cc8495b6a2fff0679d7bcbe7526356f85a97b5338e84d791ba14e812b2c182fdae01763640be3324fb59526

C:\Program Files (x86)\GUM5525.tmp\goopdateres_ja.dll

MD5 0cfc5b7b3f86d6bfaec9a0713da74df3
SHA1 81a278fdee9edc302fe4e7a88c9addb230ce6df2
SHA256 1d7fd1b6a614538530385e7a40efc95d3b8be75057ae03bf999aa2419d1f9f24
SHA512 8b8f834ccee41c69c581f0b80f26b0cdb536f87bebd5a6b1f02cdf6f1aea5cf5b29c356e82c7a8fd591bb16c0938a790ac8f90f6d27edc95fc48a5aa3c30cbf0

C:\Program Files (x86)\GUM5525.tmp\goopdateres_mr.dll

MD5 390c8645cb5e0f93054c063c5e5928f4
SHA1 0d17ac3976b3219750853715c06baa34e8ed751c
SHA256 98ae5da68f38dd4e43e307543d3218d4180c09433ae72c3b661eb73591a7a589
SHA512 b1bf09a5111890fa61dd944dbf0cf2804cdd96c5fee3193a80fb15cdc6fdb455fb4e535e8aec337ca4595623bef29c7f6784e53e222c7a5df400dc61965830f6

C:\Program Files (x86)\GUM5525.tmp\goopdateres_pt-BR.dll

MD5 97c200cbd682c1b4bd28222437d7f630
SHA1 6bed6312571ea79df6deda2934d328683674b059
SHA256 3adc3bd14d6a1ae14de42ea501fa74ed651b197a7c8912b43d31fa92f500d630
SHA512 8e1af6b73729f5f6e3015c3890e8ad28ed851d1615fe0ae2b7997f3ae48958fbc90e74ce70ce4ef35aeea35a810de0699494d5b913f4774416acc1aa8ef0a9d6

C:\Program Files (x86)\GUM5525.tmp\goopdateres_pl.dll

MD5 5215164235c7dc3d72bcd0f832ddcd22
SHA1 bde57f57953bf119b6767e0b56380dbf0e4cad35
SHA256 c997f4bad6082c5d2483684b6a72d22153c502df6575e28cc1bf02789d08547b
SHA512 721423ea189d096764088fd8079988cbbcd98503ae2b82b0f485cb71bc81cb367588a9fcbdc9c5d09f20067f5ec8744572d252500af034edf900243e096526c3

C:\Program Files (x86)\GUM5525.tmp\goopdateres_no.dll

MD5 5a19716ac62f7b636d666ba166d00a3e
SHA1 0fa31113684f879e259f8521be08ff87286724e4
SHA256 94365146ae8320732dad96344dcf6fa83d9eaf65cb7bf30e50613964f5a33e66
SHA512 accfbfd86c4648fff856fafffbe7317907e19261ed81ce5e6cd9e5ad59ae9abbe677730527704a1b0ba898195dcc6a5081a136b4d95563863f05a8eb9fbaf9fc

C:\Program Files (x86)\GUM5525.tmp\goopdateres_nl.dll

MD5 ccadd45844090d479f00d8707e962f35
SHA1 0654501881968cb2d954cb95da6150047c49c0c7
SHA256 854804cb86a3059bec32d10f44123ff93060aae05eaa72821148a4e2764ace3e
SHA512 098a384baf41a11a6e50b2d22e1c1e1cb2d9f5897776afa676b235f075c9ed3f404a92d4593c229e6ededab4da614b25e5cd0c73f3cb7e0ac02231cce800f7a4

C:\Program Files (x86)\GUM5525.tmp\goopdateres_ms.dll

MD5 d9999c911f60a32046d1a4c559ae5de3
SHA1 e84c1c32708a97a81358dd8adb3fb40681f5a7aa
SHA256 31a64ff7f0b1d8bb81e83680c3391c0dc5530c798b9322d11e62e2389933b548
SHA512 eefb62c906c85a94025d79a0dd35b634a08b457fca57e2b97d514f1b5f0b9ea8450c9d387b4d9683c5d01d0088e03fd106b530470aa88229ab4123edf00032aa

C:\Program Files (x86)\GUM5525.tmp\goopdateres_ml.dll

MD5 74e24332295807ca5ab8be9f37dd19dc
SHA1 82feee443e0c8342ef830c182fc2a3c98f57faf7
SHA256 4675474b7ccaf45c9fca9c4d141260f233807ddc68cf854d0900bb1f58522b67
SHA512 6682d18ed66b06f07bb6b1dc227808d5c872685ed271ff4b34a57d4ec7c7fe5316b6207d1094327db4e3166fc2288e47065cb72a275666a4b403dde8e33379af

C:\Program Files (x86)\GUM5525.tmp\goopdateres_lv.dll

MD5 83c356f6310d51f8ffc1d67d580f5914
SHA1 f9bc318975f288fa47e8426b4c450a93b10af45c
SHA256 98e35cea7cddce15191594a70f8e15ff2dd1c02bde87225af0331441c65bca26
SHA512 28a26cb1d88d072d7898ed27c3e9d056efedaa2cd9eccf951429f41df2c0162be3c14e58cfb4cf50b633d759825fa815a9249e7690d2ab75f60424b30dbe0424

C:\Program Files (x86)\GUM5525.tmp\goopdateres_lt.dll

MD5 38606bfb6c9bfdf74503f833ee2733e5
SHA1 670abd1279f642ec7b19f663e53f2813a716331f
SHA256 df6c4228da3bf66929d81b99cb35df4a4389418490144630e1d9d5f422b56b38
SHA512 6cc6f2fb0e5bf0241656cce5dc7311f05b8d79633f2176f8c172a9fcfa9813e3963576363d539fa1a8a58fa6bba138dd0baa7562274fbe99be5cda60f4671747

C:\Program Files (x86)\GUM5525.tmp\goopdateres_ko.dll

MD5 dd2f783c0017630f9a2969957f4eb84e
SHA1 d42218de12a7c1c48fb5e7d60e61e32ce0cd9ac6
SHA256 07e63e0e3d23f192ac131efc459c2d9f79a4ecdc39403d43fbff320c4b5fa261
SHA512 689f625df8aec45a6343249739ec094cbb1245a9dd8847ffe6bf62fd2d7042d529f77216dd22e8b33830cf21b158f0ef6ea42af2248051c8d97205eb0229a22b

C:\Program Files (x86)\GUM5525.tmp\goopdateres_kn.dll

MD5 49000b4a101e635b05123f21b360b492
SHA1 635f697f41c0591168e0eee10930728d9dec5a53
SHA256 a2aab58a4397c040bff69d45bef4ede6842034bf897799a9347232c4b6c9c7a5
SHA512 9b62c2048e9c132089cce7da02ea5c95b5856f1c6e28d5581f4a0b1748e681bdd78c7d537d273a64f9d476e4ec62da5c6021cc1ccb69f7bee216e7bec6ddc6e0

C:\Program Files (x86)\GUM5525.tmp\goopdateres_iw.dll

MD5 31227325c8617b308ccd268c2be7e72a
SHA1 71e369f26e644e643fcd538d933e4087dd593f1f
SHA256 4a98e34a528eff04c2baf4e9e50489086e58d2e32e1851f33674abbe5e104c68
SHA512 ba8d94dde5b7b74a39ed54a5f3e47a558e0c1deb632018c82423c06806071143851bb1d8c7a7bada6f13e71734e7a29457f3741266972b777cded41c953a9645

C:\Program Files (x86)\GUM5525.tmp\goopdateres_it.dll

MD5 3ae3106694098f8420b182ad5e3354ab
SHA1 bc9dab621b03d4126b97c260becd7f4525255462
SHA256 59b406b29538c3c3d0f060b5fc0ccd36556f8a6278327935a5475c6b21741dc9
SHA512 f3625be57976083d642b01a41a53d6db6cad3bfc584a50de3565fe10975a5d7d2cf4f8b41bcdaa5ac70f8fc4ada113084de07e2ed45f26401dc2d4f8f4c322a9

C:\Program Files (x86)\GUM5525.tmp\goopdateres_is.dll

MD5 dae35fa037b6248876347521c5298566
SHA1 8358fc05a675ea56f720052fbb4b384d97b94d86
SHA256 ce0652b8dfaf21b6192b66bf75e140b3d72aa545e0edf62d9e82e9b0878ac5c5
SHA512 4158b8fef0da76ead12b5d6e421c5709664ba84d1ddde44ef6bbd1023084cad3820a37abea03b206635a945a2435b301234cf5bac3c8e2861a852b2699036ade

C:\Program Files (x86)\GUM5525.tmp\goopdateres_id.dll

MD5 7e7deef6ac35c9d52410fc356391c7e4
SHA1 43b3d918867a93ba109a3e4eacb45f3cd5c40b93
SHA256 963f4d2ad7ddcdcfb6185521c0590a92f2014897d5f5f525471ac81f3807fc5e
SHA512 9eb0e9be0a973693b4bd167f6c1118dd9d702b1951a90f0a3a6103e77c43ee6afa173b79d3ab21fe94a98c320b17ab0b787cf5b6ec47d9dde9e3e8c14b8cadc7

C:\Program Files (x86)\GUM5525.tmp\goopdateres_hu.dll

MD5 114cc594fab2e564ccb24a826f3623e4
SHA1 c3c3fb4ef6ea6ff0e7a1e0289320b2fd2788b03b
SHA256 c89e223a42d7173f915dd088ebc84b0048cec772bd4221b4b90ce4c0e419ffe6
SHA512 9a7eb5710340cecb2d32de26322dc862812e185b6d260d76c0c7f642f30cf9e43c88aec76b515148ef986db0c77fd0e31f71c8fd26d56a4cc72dff0d023abb5d

C:\Program Files (x86)\GUM5525.tmp\goopdateres_hr.dll

MD5 27c0dbd61a71420bb4d1a0be2373a175
SHA1 47b4c107b711caf5a6b2978bd6fd6b53ebdec5e3
SHA256 43191a4c507a112e96e06f959b6cf78406bf970b021ad8d7db59d1b9c52779bd
SHA512 d1f20e9a628bdcbd26b8d5de89b87bdbc8dab871651c86d47c023daea86c7ada0a565fdd05b48c7643a63db044639f4eb89d1640e58c9b32722e4926c3c5e72a

C:\Program Files (x86)\GUM5525.tmp\goopdateres_hi.dll

MD5 38525b8a1b15a8aeb4fcfc8bee8358bc
SHA1 ac2ba33b8ad778a8165c87b579dad0dbef5bed75
SHA256 271e83bc86e490cd5b6cb9cb34057c7684d233c56a53f4f553aa07507c9dae52
SHA512 ad8df196174ceeadce4588dcd365066665267b922078d92b328ba661a4ebfa6d06b4263a4b8a28e4efb4d86e1140d71a3c3bf4b7b60970aa20552aa7f0c73acb

C:\Program Files (x86)\GUM5525.tmp\goopdateres_gu.dll

MD5 a4061e8408cc59cb898adfdc4f173278
SHA1 ae34e3058a40449481590bb3a63aa0225b4f6f98
SHA256 e033c950ecc6333dfcb944e70622e77a6498ba0e23fd144117dbe9a2a0c15be6
SHA512 d8a847e9a21c86c7b9b072e16914f42185e3c0e1d99f6ea5259382eb0fb89578c7a7f9f62f892f1d20be180dfc327bc076ea038057895c8b92cb1f0c053e0b2a

C:\Program Files (x86)\GUM5525.tmp\goopdateres_fr.dll

MD5 8ddc3f7276c12ac407cadcda6e2a3e12
SHA1 78c5e802f67c8b6ae3fe13202e6a54d3cca69df4
SHA256 7f2f0f9f443a022f5aedacc40c28d0654fec488f34435c75979118464256a8b7
SHA512 0d05bdd2d5e9f36eb09182e8b13507ba03e256c4aadb77bbfedf29584a47fd1e0733a825a3f687d3058e53c8075caf6dd9d24ec93f1bdd58ca97106827323540

C:\Program Files (x86)\GUM5525.tmp\goopdateres_fi.dll

MD5 57dad7c22bd635a5af8fcdcd63d4e530
SHA1 8aa11ea5c1cacd9b23c29989f22e82c43c827d0e
SHA256 1e0d05927a455115265db9308e0f78ffb7bbb5442f36b8483549efbe415454a2
SHA512 4236609e37ec41bf46d0f45e228c9021c1624e2f98a642eab513d290a4482da13764fcc2d044f78ebdc09e0cfc63a251678d169cb33e251d6f6d5de9b96c31b6

C:\Program Files (x86)\GUM5525.tmp\goopdateres_fa.dll

MD5 8564514501256ff045cf7aa6c1b5a797
SHA1 40b9aa8d04c48fe2ecf193c2089418ccc938676d
SHA256 f3f46a6da6c8ccb3ce7fdd0cb5882f45523decca95852b8c775bb90f8e92c1b3
SHA512 701077c8a1c70c1bd0c35f54aa838dba7b7b6f832e0ef2776673092fca546276166c3638676451c9655086b740b9e193cd54f952fd5fca481b964083b881bcc2

C:\Program Files (x86)\GUM5525.tmp\goopdateres_et.dll

MD5 5029406d9202d6f2f279fdd3a06f55a1
SHA1 dcca8bf9392faa0038c6cb5d25929726b16804af
SHA256 cac545e04d701c39f4a730aec4c3dad177d8ea4baca10651f150925644874864
SHA512 519538e05f8e21966e4878291692cf25057bba3c993c0034a33b1da7c9eb0a8fb881565717ceb6c1139fd601b73b1f1e2aa46e20aeb6b93f897cd2ef93172934

C:\Program Files (x86)\GUM5525.tmp\goopdateres_es-419.dll

MD5 3e5971e8559c77e8901ce30d14034730
SHA1 04cc21ac4a84abd29f7d7585282345881fd81721
SHA256 613418b8779f7440b88f1734d6c514706df9dc9a58a623966cc1c9ba4e29c28f
SHA512 b4592b25cf676db6d6de1be811c39bdeecc24bbfd4dc72fa4b3f97de866f9b0fec7c85f7d56f048f61829c1d8b4109e4a0c7e14a9e410e30a6a8da702941e00e

C:\Program Files (x86)\GUM5525.tmp\goopdateres_de.dll

MD5 1c15851d9dd22e4ae3f3bf249da79035
SHA1 60fc5652b5e1c55056c961d4d3b961492cb3432b
SHA256 a9dd72a08c0c58a71b2289d76efae681a5c8eb5faf73e49b873f15ba4050baa6
SHA512 6da386c35b317f39613da73340631f927606bccd0a8c626537eda896eb32c9a2ed1d71c7cf838f1a4b90553f3f788eeb5e02fe84774fb0ad2f574bf4e4d7e248

C:\Program Files (x86)\GUM5525.tmp\goopdateres_da.dll

MD5 9a421423686559027e4301d36bcf58b2
SHA1 9669424f4e7c765ddb917a515d5a8b1486f87daf
SHA256 9d8ff148793d99974fab93f38027e1999323a48620b303f82170751be5dd6b69
SHA512 f5d62fe17a820323c4b1832cd3bd9c8fa291d44dceb88a8a1a8f94c6166e550ab9baf9357c5ec3388230bc75f0ccd3aa2d5247fa5d242013d22c61001128a951

C:\Program Files (x86)\GUM5525.tmp\goopdateres_cs.dll

MD5 7f3dcd851645d3d75f636c8440fb057f
SHA1 85debe41ddcb46555a0d00795e41e460a35583c2
SHA256 0b31785d1931580cad5ef16d4ff5723802d12c38b56746e70fcf91d71162e043
SHA512 d0d21c397899aaa6a718b77195a6af1556309615616fd6583ecb84b04aa7087e76eb5fdd6cae0a4ff1c0f85bf72e1f51ae002042078095f640eb95da363889e4

C:\Program Files (x86)\GUM5525.tmp\AVGBrowserUpdateComRegisterShell64.exe

MD5 2a3ad7362e6c8808fbb4d4ccaba4ed4a
SHA1 3f896f7df7fe202f4a717713c503665bb4dcaed6
SHA256 4dcd341907880c8dea840819628b19c5ea42ca2b5c61ad57147d0ac7da9b6759
SHA512 892042ac713e4d5b488262a584355dafa18d967035788799c1773eb39a4616461beb9d79a230d9f85cdefd1b4076b8a5e1d4bde17254bff1f08c3eba56469679

C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe

MD5 0dfa65976da7822db99118abf2a50cc9
SHA1 a06feeffd56b3ef7a227e64099fc0213514d7879
SHA256 f9f61393559bb1d76ab630b11953ec20c7a0d5979e48f27279e7bb0a92abda26
SHA512 41cb3ccc7a2aedb2b17517de1dac905adaf9db797e1fd487e7853438c2936096212582b20bfefe03e267e0e1650af503b802a13c43f0a55a6b803beb1f93ee56

memory/4792-579-0x00007FFF2CA50000-0x00007FFF2CA51000-memory.dmp

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Local Storage\leveldb\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Sync Data\LevelDB\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

memory/4792-578-0x00007FFF2E400000-0x00007FFF2E401000-memory.dmp

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\4f2fcaed-1ce6-4667-a1b3-55aaf40435cd.tmp

MD5 fc07ecae96473eb238d9570ac145b9c6
SHA1 40e791064c6ab7fed561242fe76cef504e9d67f5
SHA256 7f1d458d061048520ff23161194483cdec65a85a83176afdf570f2e8af441c42
SHA512 14eb4c3fb47acb4684545a3ab7a4f3488c18b25d8342c34e32da4c9b25b8c62806b06baca5f6aee834284de45325680a5275f06077cbb6761a2386550fa5ac84

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\GPUCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\GPUCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\GPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\DawnWebGPUCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State~RFe5816bf.TMP

MD5 85dde7f58ca8a94ccca034adabb3e9c8
SHA1 7eb9e40a2910a5daaba4b7480e3660eab9e9d4c2
SHA256 25e9c70ac539e5ccb3ae2b07afe76805447b5eb73f7cacda46a0b30a126aac86
SHA512 21e41ed7a1ede6607a54c64d33a546d95f5f6815c30fdd79b63c7c01197e6b109bd9c330e92f76317d6c15974344f0c931b50944f5aba36cdadefd4b4a8d04c0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b6e1b8ea83cea880aecc5d9c1b53629a
SHA1 fed216928f75e7a0097353b91ee3fd3548a462d8
SHA256 7c7cba0b8bac34a428802cb581ad0c871b062520022512469cba640cb98a02cb
SHA512 2472c611ae4ad4ef8045e9247966f47d524bb889ef8026c9f204f44f98605ed33e48f22f43a52a64f14b1f29a4f69ba26bb1b3a05b1c764f6e68d09290c99487

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c139d4894057434315d56dbaad518cb7
SHA1 6eb840fe6a9470a80a9c3723f189015c6a9008d5
SHA256 b631318bb4b76a362e898baad37f63a7a37e3345837249fd63ceacbfd6a1be5d
SHA512 edd5db5a49d46e72740d1cd323e6f235b7d8babbe64dd8bb0f1964140a097e9c78a01703dbcb4361050e2d02e7f3cee468b39ffa09af1c0a69556dba7f9776e4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences

MD5 036a8b07f3477431d0c46cea36b931a2
SHA1 611b6e5a62430b1d8f55327bf3c9f12b5709ffec
SHA256 14d3b49b2d2fb29be087c2fcc2f0ecd8f28e1b412c060645ebcfe135d56113d8
SHA512 6f79f5d08d147aede6f39a7ecddc0df2ab198712bf1ce0c7158074b61916ce7207f096eb3cb6bae6ed59ee893c0ee3fbfbf6811818d18ed28f9a9ea9023c8c74

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences~RFe5816ee.TMP

MD5 b39f9461ee4ad2b1251a8bbf287cd5d8
SHA1 ea4fa055be8fd505cbdff1a046a8d7e5975d6b4e
SHA256 906468b76d8f14a80f0eb5fbf472aa01bdf037e753a844905e94c69b6849923c
SHA512 352b66051298b9fa53fb7ab6447b6453ecd7f7cb6fc302d5f1638ef1e2e5b6bec528d12e43bf9d4c6be137ab849dadbd49298c7a26ae7bba8f7422eb8bed4fe9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State

MD5 77693bd841dcaf4ee41e663dda089e0c
SHA1 1261a8c5cb0ae7219c011c98f7769e7a16de39d1
SHA256 4f6da4842d694267b2d33ecd646bf66c627bebcbbd0f69a60090fdf0a91f6688
SHA512 c0ac23dbfc145c8512ef4cc5c531f05c9c64979c1cae8aa430ff891d3050ecbfc9d080c16bafd22a066777b0c4778ba881665677b603354e0a9539d77dff87a9

memory/4460-889-0x00007FFF2E730000-0x00007FFF2E731000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\f65caf59-b5bc-4a39-9f51-3dc07ce7f1cc.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\bc0825c6-b897-4121-a955-7f6626668e80.tmp

MD5 21b06e448a0bee23eb6b80dfb39f1e82
SHA1 d60b3a9021a704247af4ba58bd539d42f780661f
SHA256 3cad9f24f2ec2bee7bef2410ef713924640bda964e865096db6dde37103481ba
SHA512 9678b1302eb289f04c0fad0a60455da7d24da4bb72177561f8668f0995d695485eba915bb222d7231a8188ac6ff3b4b0ffbbfe3b725b9c0112ca6af9465f5709

C:\Users\Admin\AppData\Local\Temp\9ce0c5c9-771a-4d64-9266-ec42feb3b943.tmp

MD5 d343a7167bf2962f27b54de17ec166a9
SHA1 cec2497d5ea819f05be656b8e15f79a6eaf27acf
SHA256 a00f73fe6dedd17fd34252c40d89c6be5524027ddb2c0effdbb298d7d7065de3
SHA512 64ada12e0bbd202c2f4817bb804d7583baaac469eaac0fd8db0df6bbc9d8d33603feb0cbeae6830b205fa056765da835b0e35b0733e3ce8964b8890aba382a4d

C:\Users\Admin\AppData\Local\Temp\0d39e002-f1d0-4ac0-a50d-410062711ab0.tmp

MD5 65a028a0d2831eed0228ecda4ab9ef2f
SHA1 86d5eaec3e1c7ecde3f37ab36a017599ddcb2138
SHA256 5cae2b06bc5525e26e08cfaa43be7a5f8df88053397676cf81a5402a1ea0059a
SHA512 edad812dffcc0c8b399d3c5c216973bab2fe9e9dbc0d2c6efffc8cca5f1c58e126b83046c4c90febf003f3afd3d3c12c9ba46ad9d18975f2a6c5094643ca4f87

C:\Users\Admin\AppData\Local\Temp\f9bb76c6-5f8b-4b87-8095-e7288a5e575a.tmp

MD5 06d466a1cde4306356506b35153c5ebd
SHA1 c43850528e8150e1f0e253653d2f0155d00585fd
SHA256 6b1205e9b435c6241ab9c244b1dc3c309c1d82211268501e71e43c4425fbf590
SHA512 5d79ae61fea7097ddf4b5f2c639ddd1ebdffb7d0e69b74aac47e166afbe94e88e3a4dbd1cf34d55c6c8b0fcba3c30b676c8460b120470c17278caf22896b0b33

C:\Users\Admin\AppData\Local\Temp\770870df-8d3b-4c4a-97e1-67c43e282741.tmp

MD5 79e1a051e0bb64259538622f94be9988
SHA1 9b53e95bdb4a0923ed84a69972dc7168bc2fc942
SHA256 5bbcdbe935746ee78233c06331293ccf7a62f359cfd2d88a910cfcb8d9ec65f4
SHA512 6beb6aaf5afb4b5f36cee371a149ce5dab8a4553446553a1341996affe10f888f6ec2de19cf3ef355552d71287844fa8cf988d90bf050008f4a7591cfaa31511

C:\Users\Admin\AppData\Local\Temp\55a36b16-8ea9-41f4-bef6-4703f621ec78.tmp

MD5 f50e00df362d5a597b9e7f549df2587c
SHA1 cf6aafdc3f25bcffdcabd3a5db2e40d1cf42dbc9
SHA256 1518106d36a5770684ce0cd86279e19ee601225d9222f7f555421990a130eebf
SHA512 4691ef983c58d2f027bb0a283ed0a3b11da972588c4c4ab3462fd2e4546f0df85ed1c1f56a481cd86470e3ed02ee8859f22bd04c75a47ce1fe5cb5c983e64577

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1994558152\CRX_INSTALL\css\fonts.css

MD5 222b7ccb780369911363033e77ee7aa3
SHA1 4b583b94fd1fee73a39b28a0aca1708b99adc260
SHA256 06ffeef3e678be1a8c9fd3907510165a13c782ce9f1c01364ca5f6b6f2c8a9ce
SHA512 907f9b8ee33cf37a577e89eff48d18af3b1b8473d1da0ec1893c5de7f060943cd54000adc24ff9a775996f17886be20a6d3dd761ce27c7f63f36434ea7408140

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\icons\icon16.png

MD5 f71dcda95ea1980fe79935dd4846cb20
SHA1 6a8b5fdf8ea8efbc2f9830baae5d701564927451
SHA256 e65d2384d36851b6d1be712ba196a9ccdf1fe6c18897c002f483845032690ca3
SHA512 f15f0b6fb5589d17c16d4d39d4e463c0e0e61ceafdec2ba17948f577c3ced6891b98b81dca41676d7881be44aba78a953e1fcb9902ea5e8b6a6a26b12f14fdf8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\icons\iconDisabled16.png

MD5 df7761005c523247ebe938c66ab20403
SHA1 e99d95269092fcbe49221f896f6d657ab9b7ec5c
SHA256 79998c3321ac60a48a7a83f848622a1fbcd5bf18251a69c7b74edb67181d1bba
SHA512 1bf54b9526fa22c417c88f84df86eb054540db926492d21699b194999a727830912c1fcb53450fdc737bc0b3d9662e249ebaf813cc077e84b6758326d328726b

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_2060590958\CRX_INSTALL\img\icons\icon16.png

MD5 74d658682a89aedc22582c15fe8d8583
SHA1 d0320a5c085a96d7f87a8f07e2045ffabb56449d
SHA256 7f4b72bd4bb72d574b516de85126cb91d9e9492af939f3a9bae80a8ccfd53b56
SHA512 cf62c3b790ac34bc07411ea158bd5a1d3e3549738aafdae6202fc37a2b429effda94ab2569f3314ad48d05c0fcf99ba97dc65b5faa1e5b92d9da41f548f0acb1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\img\icons\icon16-active.png

MD5 7305121e28476f6b440fc21199bcc987
SHA1 d23ac11334ffe6ed2a4c068c88f48ed3056fba1d
SHA256 5887411ffe405d0036d5ae35f733dce33c58552933fa298cc78fb3466864464b
SHA512 ed7dbd8f1617b7d4c1b8b09939ce8e5b4be2271892dbe5ddf68b43b326a28d48ca6ca46c53dd81fd9f98065f2a61cff7fe22cd98ad4dc7b8c1cf0acfe4b4dee6

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\img\normal\conversation_logo.gif

MD5 f60650fe7b3877775ae8afd4b10a0eca
SHA1 f52e039b04feae15427a4c63e62d7a696d76e135
SHA256 d0ac91261837e30849d9f5acc504b96a3098221707368e53568afa96f665fc30
SHA512 555166a6c05d3114a9ffab094f5bbe574f71af08c41497293de8a38dc9b4b09c7484717f3054ee5d92a8aa9a87ebeb7319d43a112d09cabd494f824b02f2eab3

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\img\normal\arrow.png

MD5 050233502f7d33dc45f3e736048cdf8c
SHA1 ddbcea0c91b33e0731fc1291fb7681be2f339eb8
SHA256 206f2884087b9acafe2dc11e63cf01532952621d8c582a126886a634de70f67e
SHA512 05d5ab80ad326f81af1c052161dbcfa399423449ca6662ddbe0fbd8f04d11703e1f5f6b63108f0141e16c39c91b63ce1d7559d2d1c38d40d0e0103bd044f8f58

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\img\normal\ai_chat.png

MD5 9c21a12f0231ddc489109fb74bebf5f0
SHA1 4b8b5bad011ad1c631a24e56b4c7e6baa7328332
SHA256 100ac276247b996bc7b9d4a39dde865e86fb09d6b1bf9c5347d8eb0a48bf1b59
SHA512 62874757ba359de0003cb63aa4d4b67db36b8ea910fca925aa3c0fa244298d6cf83a4958ab404a7eb5e5b9177ad7319a94a15490dabc877544c0108d10e5fbe5

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\js\ai_chat.bundle.js.LICENSE.txt

MD5 6b2a0fa5f16ff4d01b1e1e48265d95ca
SHA1 b5d53160f6e2ab8360891660e2a7d8fe8d5e9990
SHA256 e8fa043825358bbd424fae5a843b2a6f38e1f7ee557c93300f92423ded8a3be4
SHA512 651a5a25303760e3ea6e2906b4a4db8d797f6c3e2338af90d1e2e098f7cfde014e6abaee159652b386c3197c567d20ecda83d0f570ee98eca3095485d63586b8

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\app.html

MD5 c5199f9c2bf3ef2eab91521d51dbe31a
SHA1 818de832a3a7b38c1ae7dc19a4ad82860a3d788d
SHA256 cbe351f968259195b8b06b6eb84005f66199fe2d3753b272231e98309bc0f022
SHA512 5c78f0688a2f9ec47e0b3f2d20202eccc6a71a71cec98ff1253f5f4c51d8246ad34507df67b433d585fb7d9eb0d061f2ba32b74b37d951b5e0fe8d33e50a5a02

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\img\icons\icon128.png

MD5 6a26cb923b8a415d07c30e8b74ccd136
SHA1 d51efe6a0c87537874de4e6d1aab53bdeae5929d
SHA256 adc7ed578516e060e17cc37241d1fc058777cb0fc808def60d8bfa2309bbbead
SHA512 58b57af5d6b6755b136e1fcb32e5a97302c473c560b69b5c2c1500bf204a5092ab0b143a10a50e4bcf0a2cfc926a98f1d63f9964097dcac5bea7968624d47789

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\img\logos\avast\icon.svg

MD5 91a7c3ec0467f0e288f6afa178656bee
SHA1 e631f3800708f0ba1436200342726a3cb588f119
SHA256 88954d793a1c88f81a124b6cd9455bb7c99727ba49f99a437ae21aa1471dae92
SHA512 040cf05168ef32067205a34daa863720d698bf2aa8fc7a9243b5854de2080b51ed03164933ec67f5edd8d9a5ab7b4bad09551f100b5ddffbd164141ac8ad2a7f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\img\logos\avast\icon.png

MD5 94a73def8b7e2c9ca07b0d974acae57b
SHA1 5dc258192300325ade68e7ce5079006e7ade23f9
SHA256 a0ea771f573c37d239707dbe484aa1de5764f77581f6eabe4c856a01d84445a7
SHA512 b5c3bbf626987c3b7f80e534d889430235a7950a1d9e1df48d67b9e3d7d9824eadc6d7871d46e0ab4875edaca8c7dab7d5109b658d8ea0a98ccbef9e47b0174a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\img\logos\avg\icon.svg

MD5 44b895cde80fde31846a76eb84925017
SHA1 0a7bab1bc7f7c05e53e78ccc0000cbd0ec763689
SHA256 98f371676bb73135c55eb5e40262bbfeadefc717d0bf175b8da627136bf07164
SHA512 009db3c97f0112966efc9f17ec3e66c74c4ce9eaaa404a5c356c3e201d2d5e7ae62225423f176cbb1c826d13abe7b589a43e40b461b7deb3a5a4a6ec0de7b5a8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\img\logos\avg\icon.png

MD5 06918658a5144d15920ce3089802bbdb
SHA1 58df1500c80c86c68f08499d636679cc13090021
SHA256 b2cfb79adc45a5587a0b187580a72fe778ac14c4c073bd624efee07de9c27785
SHA512 e5da10ec6ad6161b9757fdc37572c405283512ae14b8cb431358d72da295fdd3cb2ebcd0e5ba414dbd84bf12aec5eb229ea8111f0509f9d008cb5098f9605953

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\img\logos\ccleaner\icon.svg

MD5 53d3147175fffe2d71eed5db7ab21138
SHA1 4f3c397950706342b86506e33229fad0592747bc
SHA256 fd9001d35b016899e7b80302ce3f754508390a5d5775a337aeee12d0cb1a919a
SHA512 4b0160e80c258e43cd9087380876ec7815d30dff1954dcf2662ef2a4085dfe564fe7b998044832afac26c902fe5f744fd7507ddda7ddc37be956a25265de23b3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\gjcfnponmdkenfdibginkmlmediekpnm\1.26.0.854_0\img\logos\ccleaner\icon.png

MD5 e173f076151ecaa315777a1cdc6394c5
SHA1 0c3423744ac9c011d4f40b9e416bf9bd0748c753
SHA256 ee060039ee5d705cad81a871f1678864a801f91a2e800f93985eb00a0d23a16c
SHA512 069f004e642256f07dc078164dfd02912639d803aff32337080b4e78fb71e84965a1c01ab16357bda0eab50b1382aeebc172c2fad9d11b68028d055ba9e40bfc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\_locales\en\messages.json

MD5 c01bda904507ad435bc35744985c4ef7
SHA1 2c298313661fef987782c54829d0f16dd8b129f2
SHA256 661505cb11e4b456a6eff122a081aa95e742b405de833106761a90193b2789ba
SHA512 52870e5b03ab7db71a9588e775b379bacfa34a4d6afa856d4b09902ceb86b8f92b5b610c4e6db164a13a8fa92241030bc110fc6688a612185902af6e24d1aa83

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\gjcfnponmdkenfdibginkmlmediekpnm\1.26.0.854_0\_metadata\verified_contents.json

MD5 0e7bfb2084dd49ad6bd4b927d594794c
SHA1 ba3bf3c75cce643968c7a3cb9fe15f9010d938c3
SHA256 e281d85bb3163e6ec3ead28efb084400207b64e690c8302d87f7924b821e0064
SHA512 2f10dbd08b917c8c674cb658e9911202d6f601d089ee66f05972bf03e27ff48c2b02bf691bbd30da83ed9a4aa0f8b9f72dc3c0fad4d3754833713b8489484060

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\popup.js

MD5 d678d1c275e66e2a2049c30745d6f0a9
SHA1 f47d058e0050194882f2313231cd25d7efaf5d62
SHA256 12ffab848cca31b75f8c838491c4d5285d5193af8d84b75cdcad358e20af1125
SHA512 79aa3784daa6fad44d920110893833fafc3a3dc04c22d26712475cf3b8006446f924bf15643b105476e087b49e401f56c7d3ac26086334d72c1b0da9ec0cf4b5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\gjcfnponmdkenfdibginkmlmediekpnm\1.26.0.854_0\popup.html

MD5 533e314c6b3d2d31a1d89f8885c80983
SHA1 64605122a9279193b2465d88dede450471935779
SHA256 98050462e9480795ab7e63cc3f097a4bf6b8292e1fb27eaadfb0e4ca6e7adbd0
SHA512 1696447537d7f0370a7a1c296e59f709021ddf0eacba62de33c9fb794309aab1eaee3a5c9534a26c0a10d6f7ecf81a707c932346fc90c8c147e905c5bd560f77

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\overlay.js

MD5 2e139f8901f0224cdf3c8282de49eb99
SHA1 6296747c5a575f79367231f1787409df1a88244d
SHA256 9a72fb36f88ee3cdec265e68d9483c86e0ce4966d9c236a5c3d05e6d463ae51f
SHA512 018421482734e7d68b817c2370af79715bfbb9299bbc0787f4a785395b97e397ffaead19716065ec1264fcc77297b904156b440c3d0a8b7e5a117658507a2d00

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\manifest.json

MD5 ec4cdef7fb696060841f410da00579a9
SHA1 2057908c60420c6f5656c06cb87caef2af9421bd
SHA256 cdb802e0c9f2bcc8d12b708081d2690a42cf9b8c60109a8853bcf609b3dd1082
SHA512 bf314d4f27529992d65a30f2985a2e08d6f7edf99e7056d68804f455564bf2409aaa7ff19eb08b73eb2a625bc7d08685201f76ddae970edbb7a678142817c6d3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\contentAPIs.js

MD5 230487d1a334dd93e1e58776b649e666
SHA1 9c4f5f40d18bbd7e8743e3a169013c496868680c
SHA256 1b6a880411a56415ba5c81776a8f3126f638b6f555d8303aed6c9e0124275018
SHA512 100c1d272b8eec8501cfab0167b9e46e417c7bed6fe78824a22bfebe48727c77661854d17925600509b65399b1fe345d142c6ae1d36dad4b56ffaa5d04dc941d

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\img\common\toolbar\icon_32.png

MD5 f94cfb3164c4d0b4c061aa474b982bf7
SHA1 b30ca8f1dd51eb2966b7d95844abfa94e5d88933
SHA256 6a0dce0d6df4e1625778aef1457220fc28e78c95fd789d9b88c94c56def05958
SHA512 c01c2d9645e0000fb1e3cbdbbb4a86c663a98129f40b1c088823e49f8d5e06cbc9d85d3bbf5de362e54fa227c4a46c9bb7541dc851862fe4041385d29470c84f

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu7mxKOzY.woff2

MD5 182ee6a4872ca8fa78048951b1561a5c
SHA1 f8c3c7692ff285bac213ac0bb28d2b59ec10ad16
SHA256 f2b770189d05bc3da6d684147175a1f2ab4f8f030c520f011252df8f7d6201f3
SHA512 aefbd6f0b82d1cf81632b0fad08f2c20ad0bc3984cf30beb62ea25df115ab5c5f4df15a3964dd433e64dc6524a124af5c30dd67fa8f56b90ebb1fd03d879ce2a

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu7WxKOzY.woff2

MD5 a8be5b46d06bb541b0968196ee5e6bb8
SHA1 8bf73bc09e50908cdba9b5f808d26eeb083269ae
SHA256 67afba35bed24f3ccf531a6bfd2c71ee2c6e5de74a3f28fe2b6188a8699f4e04
SHA512 a29d0f79b7ff1b259e705bb118f21dea6f8422e140bd943e311019e6d09ce10422d5ac8d0a375740bd12e456d83485bbfaefbaf152efc837cc8e6fd353871b7e

C:\Users\Admin\AppData\Local\Temp\085e1950-a949-44f7-a8c1-2060c0c00456.tmp

MD5 ffcff8e2ba102530ce54f9ea1529ce48
SHA1 0d3ebcf3ca535032d825b6a0c5a4c5e45733033a
SHA256 bfaebcbdaf420eac93d20ad94680fd13fa391bb8d4f7a29603b5172628fc093f
SHA512 e5c8aeccc919a8b07442bb291b1da38a0f82f5a1352b8ac1edbbf9b471675b92cfae53d118c819ed32dc8992ef8efb943e8ecea73d28706a7c88b8d83fd025ec

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu7GxKOzY.woff2

MD5 455200cb007fe1212c668721d827c691
SHA1 cfac52972c0f5bf3ea1152fe02ed3093c2217350
SHA256 4c84629456a70df1137ab4bdcddba32050a2524568912630c2538746cbbcdc51
SHA512 a1d5f9b2f52355648cb35fdb8aa58133a61a7a57769ae084ca109a0017a52b323e7300ed500f8ecf2ebf137994de067c6d47f4d1382197b84430704899622096

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\mjcjbfohnabnpeahjjdeiimbinifjmad\0.0.136_0\_locales\en\messages.json

MD5 d2b4e5065db794c7e4111d37655bf9b2
SHA1 8cb165a7abaaad1c4d8b8c5da5a83341b3b95edf
SHA256 9ead70fec4077da4a68262a13a83b5de1dc12f8de0ff1306dd87ed2f3d072f5b
SHA512 b81662a2ad76b2bc304347db546d3f59587100cd258345a0b8824ab6300529a014d01a7dfc81d7b8632a3c0d3f6f21dc8da6e6233aae96439e3aa59e175708e9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\mjcjbfohnabnpeahjjdeiimbinifjmad\0.0.136_0\manifest.json

MD5 e909fcc79b6cf94f68c458100c8b76d2
SHA1 1b3152d7282f9549b60ed738da53acfbf4cb2af8
SHA256 36855b0d40a1bb5538b09f49d6c33a05a4e34279ddc8e6f5c4b6a85807a39300
SHA512 ad557c55a5aafbb5e34f25fe3b876e082647b389f54187abd4f92059f25fe6a8e27741c9182a6dc78bdd3335ccfdb5f9a52fb61d11ad59e44ecb4e092ba6158d

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_675395002\CRX_INSTALL\js\sidebar.bundle.js.LICENSE.txt

MD5 4e994bc011dc4913520bd9f4cefd135a
SHA1 de9aa409a953bce76c488dd9b7297a23f63eb909
SHA256 923090b15eca2d9a8c7f02431cbc23961b45e34a33c6ca0df8c162abc6f91688
SHA512 2d64ebcf3b135c6249d4883c54de3f9bc0cef36c9c071b1295816ee416481659ee1f62d06c92c1b4a92e48c88cb29312398d8cf4e54d3dd5112d801ef3b080db

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\_locales\en\messages.json

MD5 9764406c182b5e377dc9e8023968e82e
SHA1 53999b0d5620d8e80f357edf7230560feec1d40b
SHA256 d8254fc7b70c9f3f5e16176f6bfba0fabf44e10de59b4a32ad53a5fcabf15b2c
SHA512 5b6595aec0cf73c52bb74f5b97ed92cb21fa68649911027328dfd89a0445d03bf26322fc98e410f9eaa748c01128058dfa55ae912ea5b6db6a73a433327efc8b

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu72xKOzY.woff2

MD5 4743c758a952f2bd4a35d4e42afc002b
SHA1 394a00a8ed0de504af13ec49be0f0884dfdac1c9
SHA256 7aa3c7e43ee40c94ef77505e7da7dc587b0ebb3dd261a2c176a5d17cd0cdda5a
SHA512 bcb9d877dc286dbffc397713010fd2cdb6926c3233a439cf4c6bef0c0e5c0fa62349dc621fc673bc0f415d8601b7f76164311106e1eaa96c1eeabf7baa0ef863

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu5mxKOzY.woff2

MD5 8bb64952764a884d67019b3486296ab9
SHA1 7541837ef0d1a0e69be10243488c3f2141fd632d
SHA256 491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291
SHA512 1eeb9c017cef91b6bd309bf5f9a1cf71ecef7d2fd667d66db2ef52cbf39d61dbd96c996d9c151742c628e0c28ce73c107a3071522839c0b8734168566c5c6856

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu4WxKOzY.woff2

MD5 c1e9793c84cb26c44ef2a2cf8b6f49ce
SHA1 16ac6efcfa07f298d6ea07f523d48cbbdb38a840
SHA256 a223f1cb930ff49e86d7a550fb70d89526b89358f5649efbf5d0589aac159357
SHA512 4b81bae4e9bfd128ae8869e6471abff66ffc636932a326d2766395898270b5e9d7254f7a29830401c93d0815fc5520abb609730eead20af26e66dd699ec821d0

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu4mxK.woff2

MD5 479970ffb74f2117317f9d24d9e317fe
SHA1 81c796737cbe44d4a719777f0aff14b73a3efb1e
SHA256 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
SHA512 13f6b2ecc2407445c1f97109ededcc8ac64fae89fc90432a28ffdaef233b373089be25731718408c32ff3cf632afb260d0035f85fbd8b1b4e068a0d7baf9f6a8

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2

MD5 484cddf4a27f89deb619b0c5c38bdcfd
SHA1 6b2379ecd2e6b3a47992dd34bb23f6a36f15928a
SHA256 14b442bf8304eea6709138641397ce44aa9cf4bcd64d5ede30872cb64bcc9f7f
SHA512 11dccd74b33972d71cfc543bb30dd99cb335a73b6baa7b584168b42da4bdeb1dd8ef8583d67bdcaf576103379966d959129f16cdf506f20d7ed660053e2cdc49

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

MD5 e83b8f976d12362b33c7047c09ef586e
SHA1 c384951b54b76b3fb5ebdaa6ab0872c42114cb8f
SHA256 996da6758e09cf9382a091845b1fc4c5d786fac4f2825c2a2996270620c4883e
SHA512 c8d699fcd4123ef8fb81846eb4fa71526a784efc24a10d683cc40213b81c855a7476d9e7487da917a1bb69e6d6a4d07d9e9035e16678af1faac9d3793fd844c2

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2

MD5 f7059272fd8e0226350501393f4450c0
SHA1 db1507e881285b8edd0304ca22dd8881e983957d
SHA256 dd1862ad2a625679ff58e3992323a22aed59222fbba034f911a9a99afe76f1d8
SHA512 4a05dec036f9a930e0a74e01a29b786677c68999546785a87c9107c616fe3470d1e9f1995a2e39ff34b93449b07ce5a99594079e0c4e47c53144c957dc88b257

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmSU5fBBc4.woff2

MD5 ef7c6637c68f269a882e73bcb57a7f6a
SHA1 65025b0cedc3b795c87ad050443c09081d1a8581
SHA256 29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
SHA512 d4e7de23aa4a93be278bdb2531122ef27d29b05d78d7c3223be712414bdd9562e9574d4f5187c93efebeedbd62a92c2e6bd08a4ddac035ce861df8d0ff169001

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

MD5 16423fb4da5bb6d54592839d6cd8e1be
SHA1 7860418d3d14f6b685b4d1635860be2b987d3291
SHA256 66a6ef379881e3124e20f6dcecdc16672b1a7c3e415a305995621e40a075624f
SHA512 fc7e0351f5625b9d47aff79171a5b2374d5618a4f68aa8cfd2ada66e635e3e90ce492570390ca0e3ce2e3a5b08686f61b7e2fb3e1d831216d661d17029a1acc8

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2

MD5 378698af3b6776fd1e3ee0a51c3d7b87
SHA1 194bafea8b9e842fbb94fc2edc5f4c38acc5592b
SHA256 1f083966aceeee42dd217e2018d68b3e63fb9beea41f717ce4fa34a4df88b3a5
SHA512 a5bdfcd011027ac1bfbee373b1e187153cef8798987c3c480b00bdce8ee77c46a228e89e14f35569c73ca91362dcdccc36afb296af99878725ae0f5b1c3c1018

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

MD5 b1b808436b5eafe9a683fff584d80fea
SHA1 4c64586f861b4a42528d33a687dbd4d562312cae
SHA256 9c7063e4ddf4fb376fa7af3b9caf9845251f6224dffd38f1a369278c47e4b4ec
SHA512 d91b6437203d1d34dbd6402fb74d5c960446c8397d47722850a5cf70a15bab71514a958bf5ab3fa0aa356cefda26b989165bdd28c8478ea387db42ceca6b2ce0

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2

MD5 0f80978b9a5916929ecd5e1e21bc4169
SHA1 ec212b8b243aa4a9af8b1b04362bcfe7edc602e7
SHA256 675b01281adf2cd36d2dbb9abda799bfa9dffc2178576654de53699bbfa09171
SHA512 313f28d65cc4c1f86667fe93680b10722d9667653b4bbdd9ad380e8847a5b6336d18edb62b8d24bdf96adbfa0e87ddcc3a1d5905b47165d4dd4d894fa124b990

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2

MD5 665639f6a0519416ad2904f1c218ea30
SHA1 f4eed37334ad7da3aa91a555462d669cd5e140e7
SHA256 da6e676db98d451a0d583e78cb5509bceab7b1b33b3b56f87cd2fd62be5516d7
SHA512 972252b77c09f21580cd81f3d471f4e2fc381f2c3ea782de435bfc28f46beb81e78f52003b2a5cb00c568d42f953a0a83dc93bffe9811b6f751bb305c650b579

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fBBc4.woff2

MD5 020c97dc8e0463259c2f9df929bb0c69
SHA1 8f956a31154047d1b6527b63db2ecf0f3a463f24
SHA256 24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
SHA512 0c2d5d9fd326a1cf4cb509d311ee2a5ef980e951a8996d6811d401b7ae154cfb80ae21dbb03adcb9171ab24d42a35424cd90c6966f584110bdd1c63dec099a13

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

MD5 7fd643e63fc847f47521a2604072ce9c
SHA1 3c94bb8e0036e871351aedcc91b1d53e9b1ca146
SHA256 e6bbcc62f3b6a3ada1215006f0f6c04dbcc035efe815caf60e6a26eafc335b7f
SHA512 4d5f543cda0bcd2bf7dff79e9332a5551f59a3d4a54d5cddc93f1d322b7729c8ad7147decc72f5df26fb8585ddcbfc5c517c5d69c0eb331bac8522875f342867

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\css\options.css

MD5 1579c20d9fde5f86c0f018803add39ce
SHA1 77ac9a44e22bafe7fd8100c12b26cba5c524403a
SHA256 41a91d07fc983893014d75c4da16f5cbf5e60a71bcd683467ad03e5f83410447
SHA512 fdecbebca608cbe86c5638781de0d734773e0993ff549022f602a425fab965bcc09ab3510b395d5315b6c17caf1375d3822b0b6d7ed818516f5daf34d290f809

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_648964657\CRX_INSTALL\img\common\extensions_page\icon_64.png

MD5 26f3f68bd71e22ecda91c7e0165dec00
SHA1 6eac07ad6b5036d6eb0f412985a40939401b5f77
SHA256 6fb9a84ba27d24dede2f51acb3a2923d9b88b4422e3fc6d5dd32a301e3956e63
SHA512 e95d52a5600f9568011a2ebafb7b7a33337cf2a5c92abb2e6832445baaf040dd5260f920b0de69d6e6e5b4b5779774a19776db7432564e2be8eb3820afd26228

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_648964657\CRX_INSTALL\img\common\extensions_page\icon_24.png

MD5 b6a0f60c497fb42242139f5b9b3a3081
SHA1 8d828c1d17b7f225579ff7d1b45fc4647232f73e
SHA256 96bee38ebbb4f08844a180888bf594ad58aa35f0b2ae90d03d077447ea22ad2b
SHA512 283705226f6ca707a208f92dbdf195b3acb0e69efdb684f739cf5e7a52b5d32730efe539e43fb138f5563cb89f9df99ce69d2c6354098af961911c1d8e751837

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\img\common\toolbar\icon_48.png

MD5 c8776530aca58cea0e0a9bd89705125a
SHA1 7a2d904c8e6660f852e3335015eec7ace324ee26
SHA256 0641a5d15d4af8c9dc133b5ed9d556e57ac3c95aa13035dcce923634a908ac9b
SHA512 af457d4ac421c877798a3ab109cd64b80c119aca3e97d2d5cd8c4d8df18c1c10e2eb32282ace622273873c225b6e8bc65a7a6a3684c2707b0a02c9d5ba2fb886

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\img\common\toolbar\icon_16.png

MD5 1b63b8126b1ae1de5e1dc006ccd8836b
SHA1 f879b3bf77296870c06c65c0cae5ad15a418e67d
SHA256 4286eeaedd25c1872310ca1762bf613ea71312aaf39384095c9068f98ac0a3f4
SHA512 25c1def3be7c6b6436493ba81efde1d789ccd3a9c921cd140c19fe72172270e1995469a170e679834d7715f0256665ab475323f9738fb677d066b23be4be811f

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\img\common\toolbar\icon_128.png

MD5 aa2b890cb5e01587076e740536d83311
SHA1 dba841da5976c6db5eba026cea5fb081186ce867
SHA256 b18d15fcfc00b15aa098b66664bffb4bb61efe22711a19f37012bfa370cfa8e8
SHA512 fb887d881f71c92b26f6a4d1c441bb27847781ab206691a72f096d7b34c23b9f6c316085ac87e93c12b62d4cd90b35bec94638cf549e5e844e4a9e204f995415

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\img\normal\messages.png

MD5 973a3752820436fae4dc4adf635a62b9
SHA1 506c9cdb7be2f839d260898fd0b60bd896396d58
SHA256 310735c3263dcd061946e2271416731d0a64142595b3630c297dc350eefc7ae4
SHA512 c82acb2a123d7b86aa6aa87b601c826aa869a4d5449ce0a98766d6c1cfb6397e0c7289333a45bcc76bd003255adabe5afdf3e97701f785ced08dcf258676dc86

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\img\normal\genie.png

MD5 16e5f7724c201a66def56447c58186ba
SHA1 52fae2e93c908204eedd3018194f268f4db4cae6
SHA256 989f12ae53369158d290c15730a29054d15514769d8bd58b208d63d6e0c6d94e
SHA512 c8ad87667182b981de485a10b50750ba8db8eb91a82cc7f6d16316f48cffd52d2a9eac0428ecfc75770728adcfed79da81cc2e47bea092fd4cda17c5c12afc5f

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_826905569\CRX_INSTALL\img\normal\conversation_logo.png

MD5 10d776ff8b108cd41feb700559add658
SHA1 afe167043fd5d7a2f3ff9b79bb7963e5468f3b41
SHA256 acf6c98bf0ca2e609ddd98be04baf3de6e7f67a070c9f8318ca0d4403a156e5b
SHA512 f346f48680c60c3e89249663ba16ad2a937480ece284a849005a680e1af0dd26c7f1a9d013fbee7a7efa2d7e5ce018cdeaad098e04323658d2cc405b55dfdbdf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\content.js

MD5 748826ee616784ea761c6b2efd8cce27
SHA1 e407d92ea2aed385d144f4bf32f636c562f0fbf3
SHA256 f971751d14373439e79c62c5fb48c5e4b1859e4318bb15831a94fe499cd206f2
SHA512 bc6b139c1ec9495c8433e9de2c7aa09b268d9ff9c2e7e6eb1523e9d41a7657cff763cb0cb9f3afe3fd728e38f6d596866f42c3ba42295b8b2cca6e00297aaad9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\background.js.LICENSE.txt

MD5 275fe79abee3b697f1673c8bd9c58856
SHA1 cf2b1a01feb5dba1eadb49e8fe087675fe70a7fd
SHA256 d33efbdf4d309bfa4448199551371ff81d5f57661b781faf79d256554e038595
SHA512 f6c93cc7bb4d678fcd51ba4024371915d614621b0f526130ae0a51ac4711c8cacc8881282538674867c11b0e37c1f0cfb5a64bb047c92594e0a4d4c25b26a932

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_730623439\CRX_INSTALL\background.js

MD5 d0d58c54aa20e17a2fc7c90c5cbe97d5
SHA1 59de8f3d461128d40634dd9359eb8fd54d47fd7c
SHA256 c533093e78dd57b7358b779dc5a8f1ee2b2fb0d79e3a38d4f3a9d8cc0b9d7149
SHA512 c3c83771a5d3dfcb8cd03ef10bac4d55408444b17aaa1e6c88746a9950c8fd4051545260b8bea5c01e8f7572a470b6da862fd861e8e12be9bfa235487b0f8aaa

C:\Users\Admin\AppData\Local\Temp\60206b38-574c-4e14-9310-ad8e3417e7a5.tmp

MD5 f75cbfbb5eaa5f46574955ed6651da78
SHA1 4ce276c03898e57667b401761fe1df5f11304a68
SHA256 643962e7cc16bb8e9edbea5f05473764199c7179d06a65bd88a0d101d1d5a9bd
SHA512 287847c5caae39fc80e90ae105a5fb0c9349f402872721c599eb9c9ccaf171437879f0ef8bdeae923bf4520befa316b60acd3e975caf8496f05dad24e1b34e40

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_2060590958\CRX_INSTALL\img\logos\norton\icon.svg

MD5 2ee58c8732aea4203ecb92e16e5ac68c
SHA1 f8cff9d53e57833e10ad2cb2489fb75a57ea7003
SHA256 cbd20bdea1a73d4cc506fbafb729d201d01fa08f1884f4495289672f34f398c8
SHA512 f6deeb2e330be99e4d5ac63625f7b7f2a052ef2f778c99657714245e9b2ad912dae5029e8dfcd5affc13bc4c892d4ea508db471f009d6c550030c477ee98d87d

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_2060590958\CRX_INSTALL\img\logos\norton\icon.png

MD5 75e461d8925e8468b3994dc838bfb68d
SHA1 40a05fdacfcc9f153cd3df62a95c75fe148fc0fe
SHA256 fef31cd788c1845647cb739db304cb65fa21129a93500f51d8865ce52f75a0d3
SHA512 880c83b8414bd441d20d61360b7018b4f6fcb68c2affd8b1e32b1d9317e86dda8f9eba925df31b552011d5158eee2f30970756b26b2e77f3cb91ae35c8c37cc0

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_2060590958\CRX_INSTALL\webstore.js

MD5 ff713828113f6377533d41a36bff5ebd
SHA1 7157c2333be0a6df2db2dc0c25d36738acc823f4
SHA256 60657bad3b62a195d588178203e25df302ecdb8b51fcc49cc4f628aed8998dfb
SHA512 b55bd6b59b57003785db6a8f7e0f46b2ff4db619b4ea143c09f1e456ff1c5efffa46226984849cd8da98f48c06a79a4d00edccba3b7e1d4423e448f1be001113

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\fonts\Roboto-Regular.woff2

MD5 73f0a88bbca1bec19fb1303c689d04c6
SHA1 463a07f5c66bf14e6d9d6e0f6d5e3fd3cb11f4ec
SHA256 47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
SHA512 18b8ec54deb993702689b44e269b1c9fa38e2bf3c8053bfd778da4cfad821a1d8455ace8085f65788a5ec8bf71339cf1446c845c23c5f59e5086bf44e468eda8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\fonts\Roboto-Medium.woff2

MD5 3ac5d40d1b3966fc5eb09ecca74d9cbf
SHA1 a69f32357765dd321519889aeacba5e9ca893bb0
SHA256 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
SHA512 a88b87d2b8e141236118243f66dafac6c9c06fa7858e56fe36b59c7079e8c5969ad46aa7a0eaa81ee79276404fc835f7107765618179d6036d38a263390f02aa

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\fonts\Roboto-Light.woff2

MD5 d26871e8149b5759f814fd3c7a4f784b
SHA1 6b773b76e0a6708ee4040733cd0c83278543864a
SHA256 1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591
SHA512 65c8a0aef476ff5cf8aaa29b2a315801417a0347ec5f99b6a8e1229328ad551c0733cafe6520fe916b01672ae7fd52dced963ab98f38f195843ab9aa9462ccea

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\fonts\Roboto-Bold.woff2

MD5 b52fac2bb93c5858f3f2675e4b52e1de
SHA1 977c5749fd06192dac5224811ed69e53a6b2b47d
SHA256 8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2
SHA512 ca31f9be22a3c5ea802581a63e29d4f205a4fc5d1d7f6ef4bbcfcedf7c3689b1d46a2145b0eb424e3671c40e55136d25551a77c9ff05bae03c69ebf1a4f9cdfd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\fonts\Roboto-Black.woff2

MD5 59eb3601394dd87f30f82433fb39dd94
SHA1 6610089bd2ab6cfd41d16777ad1b15994d429bb3
SHA256 41e55c257815e19c8e2384b6d1d5180590599a56f23f3eab417c5fc7aa553511
SHA512 e039c0f2d3c7879f551ac66f967cf0b26f16ddb6d9fba3283805104ec9ed183f8c8c19c448e640164a635e45a113473d89066e4dcc0839e9c210e619589b425e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\icons\iconDisabled32.png

MD5 10fcac9e25146799f631fd4836a592e3
SHA1 fad31ddb5705203a28d3d3677b1219ac3c3755bc
SHA256 07e74e96aef7c37a0a8fc29d0f9e79deaf698cc8de13a766a00ad40ca41d4b0c
SHA512 2e828b1222ac00cd9a21c7ac74b5103cbcbe297fc61c2b778899efad36539a41e287e59ab30e546d0c80c30a3ec886f5303f6742cbccd53cf4dcfb9a44d69d8c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\icons\icon48.png

MD5 3d0c230db3f52326a0a102654d2fd5e3
SHA1 07d164472540e7e1c56a151b405255729479c1de
SHA256 2af2fbb64a452becacc419bd4aa8270905570ee3769a4bbb94e4fa3367e2c877
SHA512 1b1324f6748630374fe9143da01efff3aa3ce60df6dd75e2d45b431db318ea59146d8589090e3b2d50c58287618cf55177f0120c3e2fde9d239e3b94ed292e45

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\icons\icon32.png

MD5 ea1c06120bca8bee757c97a719208631
SHA1 a015ea87e1a683a1b189b589a33a908bbf250514
SHA256 93b175666922007b14eebcdaa6794e03cf2b0630e2cb4bf86675b4cf3e9c40f9
SHA512 9c6540d0ceac5105c38a171fe5a3af8f81a163dbe60ec151e6ca1fdda58aba02fbf8bf99c49ae2c6cb3b038737712a15f2b6fdbcd913e9d3adc1e86b49a31200

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\icons\icon128.png

MD5 cbd7c61d6da977fdd2dc2658d3a3e4e1
SHA1 d74fd35f16988c89537f035a916abb8f5c36108d
SHA256 2ccf7819424891f8ef61859479d0808a3b90cd0cbb20e4f6cc95187e70744f58
SHA512 2867869d82e74b5fdc90ae65146f7373ddb67df44646b95992d730e24e82348159c3e058dfe48bd260e2a2b3a7ba456688b2599907c5b79039472ad5a6978251

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\_metadata\verified_contents.json

MD5 670c300e76c376d4070ecfa9ce9ae637
SHA1 7de97044bf1011ef55a448ddd3cc169d2e40b296
SHA256 4fab6735a4d779a411c78cb10461a91cd3200bc1ee49b3527cb795ecf715cf39
SHA512 93ce0575cca6cfbae55b1bf24c4c68c7b0ac4268bbbe33e766c1352ad313eb5f664b8fe484a9d87ee5a43c23e1086ca8333e2b56430a0d549440c614a7e92203

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\siteScript.js

MD5 033e8d56471cc105586ffa81455653bf
SHA1 e4bd3edc321d1c9feb0839ecb5a2f57731bc0e52
SHA256 b4843e615ffaf5802d1f553bf182d79a99b59921aa2f3f6c84d28dae5b9f2b0c
SHA512 1ad02dcc24f11a79a0591dd2ba3433d7f3832bcc7edad085794be17d64e965b554ae5b44d0476a2b4cb939e834f9d3d6c459ac0765f3ecc886c7d9f7a551924a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\popover.html

MD5 49a7b2740cad481349629fdada7cd28a
SHA1 c4cc9c878ca6a036ce273ba743ed558a62fc0b83
SHA256 d8a1e2839a14509c2f61845849a2397b8ba3aa4762416dc335b879a812a60305
SHA512 074dddfea2b17b03d3663257f4bc68912d41fe504526edceab5583499c62c59e83c69d20f51be115b9a9fdb8c4cbc14e3011704d5745b347e83389f0237dda7c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\manifest.json

MD5 bc320552e209e176ef2827f5c1fec4b3
SHA1 8ca2592223a29f302416e9c477482bbe561004f5
SHA256 6cef503d8225ff2623a9b95d513e5c3f46647f651b3109bfe137c2be26b7ae76
SHA512 560a2aba05dc0f08033c917e084cca6088d1fafed15dca8f4da1c545b3f33fb6a58071e3b7a55ce5e5208edbcf1c8a82783357fe5b0d2a4cf2577792a94a578c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\contentScript.js.LICENSE.txt

MD5 85d0072ce63601702a8aac69046392df
SHA1 75cf9b16f86a3de6104d44376bda6c96720c121c
SHA256 b420cba7020a3d8223942c1c867ac29f40b917406ea6b722639cb9f3d539f39d
SHA512 a5b04a7f191b9203cfc69e39d6535199b79d0f8e2749366c0a4c7427af8dda11dcd9d3954077b4a5d4f1a939ce7cbbd5d3ec98167f5392d8dc61cbb2938569c9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\contentScript.css

MD5 1c78d4d465c2ee05f45c478f3b26a809
SHA1 be04c109c4e3cec8f95d10c05dea1206ef92d9b4
SHA256 ebe2e84bb9a91d983335f4f9fb8d7366ed17e4c969885244b98ad2d40fa97178
SHA512 ad8cb15b75540aabe7c5e212dac4ab6b503462c9d9d38b19df54e2f45fa1c2e3d48c42050e4aae54870ce3490c07076b482645314a1ce10ecbc6bdcef4499bc7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\background.js.LICENSE.txt

MD5 76e4242185e4dc5c685b94177d7ab7dd
SHA1 f8fa99ee4b5d70e0f72b61493390fcb4a282c296
SHA256 9145d7b004e4f8e7894b2ed612440eb45d756a46b5cfd66e3784b904c057dacc
SHA512 c4f6fb1035a25aab15982de501857dfe3bb6c70515303abb598cae9ffc29ca0fcd0eae67bb05340954cfecd80dc9342dd0348cc1afa6882a3b4b3794d4fe5b80

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_860018844\CRX_INSTALL\background.js

MD5 c288ca276316ee0bb6cf111e6ff664de
SHA1 a1c83764319f122a88b7274985c4d34e6e073e5f
SHA256 9d4625f1d8edd3a0682f86e34b606b1a9a66a9b2f36f9439fdb470af85a48f42
SHA512 cd6a0e95df19e184e383e5403177a96bbdb29fd2c8c471705a9cedbb7f55c0469e807c376a52b16f6eda437780d4263b19f617c8fa47899cc8df47c28de57673

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1994558152\CRX_INSTALL\contentScript.js

MD5 1d61d5c9b26317049a3146f54fba151b
SHA1 5c99e0a7a24edec1fda4efda3da699f23af3b496
SHA256 2bca9c8754de24fb5e6202f72c8ca085d2d82d04cf4a74006ae6d2583cbcf005
SHA512 575704a8c97b61ca66d7e419c6764ab5dc6738a2811f30e8ef293b5b28b3e4b780a62b3ba678922450b6b486f5365aeab54f195c12f58176db19282e48eb6280

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\js\background.bundle.js.LICENSE.txt

MD5 9945d9516ea6d73afd16fd7dc2691701
SHA1 24d86c681055bec68457f4353553ebe5a13860e3
SHA256 7bedb81de9bb9d9382b0fa036c6ba2d09d3583ba15b9744d58a5b3199d41f32a
SHA512 6e3896324068130f2927e40dc1caf930bfebb2a274a86fdcf1e09ebbaf0d911b1bda1df34bca52c07a0c3ef1b72fd37f7ff43b5b47db5a9df17ea29e576c839a

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\img\normal\logger_table_icon.jpg

MD5 e90e5deda1c50ec222eb95e8a01b0944
SHA1 1a7b456677ce61aec40fb37830184af2f975e804
SHA256 6f2fb146e6e7cac9c5634663605b6ca6318f5264587af5dd0713b04556bf53db
SHA512 bf8213038767d164b6a9a8e73cebdcd0415a44f2ccd115c93f5c09e8213aae2f2bf38bd461bff87b8c331490b60d797527dca20b1746e79bcfd20591d6df700b

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\img\normal\warning.png

MD5 2c5397bd7a1dfd8dabfb46bdc53a9203
SHA1 2b80882640e83038a377ad9936e842375fa65961
SHA256 6f22c135d9518b7e2f5b19c2d12454620594cb6925e1869dfa206aa31abc7d53
SHA512 431b3ca97bc398e341491ea389757f2c2694474be043ed1a639504776a99452d6e6f557c2dfecbe7f2e241533dc9cc3d0af0d99cda0387e1aadbc9d92728e75d

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\img\normal\table_regex_icon.png

MD5 25881ceeccbc9c4811fcb3fd27f7293e
SHA1 11e7931e1b0a8a685cdae2b3322eece073b17195
SHA256 438036b862d153a25a63e4681b87b3fc03201d1dac9278be0401ff6d27c69c06
SHA512 a2c7505fe6b936af88b4787c0456cfab304832aae73017a69141685a2209a7288d3837c6bc950c49e504f327fe6509b21b718f00a60b055f99e940c8266e59be

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\img\normal\table_list_icon.png

MD5 c5375879372df0cc99a68f5df816a231
SHA1 15bdaf45007394c57bd04f5608d4a029a045ca15
SHA256 9342bc0b79fcbb310c8b87bcbd7c7b8fe2926de73d517e44a107c62be8d3e8fc
SHA512 0417898f95b623e125ff76ba506a94aecfcb4f1c1dce0d9ef217741e550a706848a256efc0f251cf263d0da8313006dd6a27ecfbf0020bd743b0d96ef4ba1176

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\img\normal\pro.png

MD5 16edb603cf8b20ac9fd88cef8d1c902f
SHA1 680774dd3f5554b5f3801116532acf2a2e79ba04
SHA256 c8a059b78c2e4bf67afd1be5bf217236136b37388b5b236168ff51aa77a9fa2c
SHA512 7c66c9b0a6a3ef962ce12dd757a4fae4401219ca2e0c6551fb1e1da4f6686376bcab541b707352fa3383353d65be0477cd53ca1bfcefb4b0545e5ab2e680299f

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\img\normal\logger_icon.png

MD5 70b8782333cd514d136052bd5bd11dbe
SHA1 ed55be7868aad61d3bcfd626d439780b5afa8731
SHA256 b3ab89cc16fbae38b4dfb36ab1f99d10e076542d5eb8c2edd9db3b1d1b721824
SHA512 5c54e3180ffc13064eb8e744faa12ab5225a18da99dd54105c759c74175d6de1ec6f8ea45933fafdf3a8f6bce0604ac2e3a25e0a4a33df8fd93a9237d3649a9a

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\img\normal\icon_close.png

MD5 55054c3a7a61162423844dd2c568bf28
SHA1 c9ecde134d44be4d386f3c78ad3d49f7c453d3ed
SHA256 fa374fb5a21037211bbf15277fdcd87c30acdc2e1cdc5f2600fea674f0394bd8
SHA512 766c328ccc325d3852fa3503e3e7a4bf6f7e2a9289adbadb6fd19f53c4cf803bbe492315951d8401754cfc48a3b014e079802e27446466580e6d790661c95875

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\img\normal\blocked.png

MD5 8d1763050160343e774a05ecfcecab6f
SHA1 6590bc6f21e90a7c7d0880201b40cf868de1bcec
SHA256 2e9c44dea5527888048883f0558313247049bf86809f4a2fe86f5e86912a9916
SHA512 7f5cf621a248aa3ece2fcda0c0820009a660b9f6d8fb781c9056527d75c236ee6b7330323f08746a85f48515a3f3b8a920fc1529f2f293f44ce6b81afaef5c44

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\img\normal\allowed.png

MD5 659d696b05fd116ca3316067d7d3db92
SHA1 59ac6d66b9f37aca2d7073308a99809a14fdbb6a
SHA256 3c7721fc41b7c3dd694ebefac4533e6a71e85cd0bb18bc66f57fc3910bcda8fa
SHA512 0eae3e619e9ff32474b8094b0319066795c6dd5d4e4e757dbdae5dc1fec9fcb22b4e9d857b73e0adfbf710abada04a51e957184a107133aec1a3d9a8ae8c818b

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_1175310109\CRX_INSTALL\_locales\en_GB\messages.json

MD5 b8645df606dd756306208ec441e9c0dd
SHA1 8ebd4f5103dc792b6a563768d1c3d6e3b4729c54
SHA256 6dde990f4e64d1ecbde90db9d3939f33b3b5c3d1b89704dbb8ec84df8f046de2
SHA512 25b256e3ae975c4928d1ab696e821a4be3d5534090902573136f9cb9e3c8005e77e159918d418eb6d6a2c6c7156564d7e7846fb4ab923494ff0d2b0df1304011

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_675395002\CRX_INSTALL\img\common\extensions_page\icon_16.png

MD5 67816b9f9f56727c41d64793d0eb4902
SHA1 99dee423dc2ec6ddb923208240b2fd13409c8ca5
SHA256 7b9847ea5d27c37df0430ff4056ecf18b2248d18a10d7ee1cd7f8908f0a82d5d
SHA512 6fab420866894593620e95ce3cd988e6a9525b6bdb0b4577f8ee5fe513f3ba187996ccbda9d0b54b493122136e52c7bd179da22cd8106725f24401816429a3c7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_metadata\verified_contents.json

MD5 8812b25c089f19967e2fb3bf69f61bbd
SHA1 f71bc3691f99e3c89831c5902f3bc14f67b85127
SHA256 a4211fa0704d1a9bf664d7cf309d8aadd2374f212fda1b21fb09118aa0eb2afc
SHA512 67f509e96fbc6eeb17c452603ec69838f988905522816458e1848d604b118b755fe427001a222244fa108b22717c506d29e69ca804451f7f8c0c237e83b7e6ee

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\manifest.json

MD5 6cc920abf60346e198664c936036a1df
SHA1 cbba173ea81c93df2e6d3dd0aa21a6717da6c2c6
SHA256 4a3ac96c6072cbf12d825c0f43192f4c2815d9c8dc9a9c0ccb43173d41a8eb71
SHA512 2aaf7123c6862083ec69a99570991cd883f8c75ad8befb8acf7d050a34b6fe8378e3b586bf8b1455ebe03034e24fee0b2c0f176ea3fab9ffe62f9f6a111f0c15

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\options.html

MD5 c2bae0478950a19eb0a3fd750229de41
SHA1 1145a62c01e8934db9c975f4bed06932d15677c4
SHA256 8576d68cdb2a4750417514ec2e74c132cd8bb022bbc2862426dce2b89e91eacb
SHA512 4dc577cd5b9dc7660f1b93b32de28e833c53bad3df1310add30846052ec589212bb9c4f37a296c8b533e0074f2917d085bbdcc5a1b2b2618eea563512bdd26c7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\logger.html

MD5 80b6a5bbf1150447d68a8f5ad9f029dd
SHA1 793b13cc98e9c3351b514066717930cfc1e6c344
SHA256 15ab759b9df7241d8fd183c53613dfcb418e2bb94b669a2a90b8ae824f1bb654
SHA512 a6aed0e2da7bcb7da1fd782e9f701d4105544bdfc4559b20761599894c98337decc31402fe9855d3b091040e3ed226eab3c724f10fa530b431ca201054392173

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\js\popup.bundle.js

MD5 033a7220a61c108ce0efb2ad1c7cd4f1
SHA1 b4ed264f3b7b71332e4af0a544f91b8a20a00f77
SHA256 5d2be53e234ee00bd81e194927edee747d6bd2a52d072ad006904f7df3ca4445
SHA512 80ceb945f900f7ed1fa3b962ee52bf3a4be5cab4271a1009cfd55b4eea0a13974260c1d2ea83e89c3f89a1552db3ebd6cbaa9eba3c15763627a8b4045d155a89

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\js\options.bundle.js

MD5 3a3fa55cb830723e58fdcc949c51fc50
SHA1 c6af8c4e4f8987f2fd909036d571b89db1212c35
SHA256 b5693fdc5ff654efb19e0002c9c83881d4ef3e4970b6ce8fdd3624307a2542cc
SHA512 4630248f2a6c4c40d75cf1d678191bff21a49cd499101650d3a7389f09615aa15a84ffeff2fe6a042ff8bffd18d20f4a40907604d99596a682cbe7884c8e6dc9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\js\logger.bundle.js

MD5 871381404981ef06dde087ec116eadad
SHA1 b096a6cee1991ef5143cc9cf0dd9342c6ca1bad2
SHA256 a4e5fb53d11931e13bc386b416b448ae396eaf294d775059a093b74ceac75cce
SHA512 6854dad8f88a911e77792187b777a678476611388346b6ca4e10433eaa48e9489286b243337c88768a9853201d7c08a43eec66ccfacb870591fdec4a1bea4a98

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\js\background.bundle.js

MD5 05ed183c17d89384a512f93c9c204747
SHA1 85ecf2e55ca4ea86b12db86b8a419e1bff4ab78c
SHA256 0419ccf87645934744afb4c783236ee31c08474107f2c6e385e2c811ee0ac330
SHA512 6cf98f9539ec2337ad37f19cb8a6d7b1ec2e11379e61d0e722342ca962adaa820c5b76c0838a0a60dae1f0813c5ef310cb79043470de864b821fec6525e0aaee

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\whitelist_action.png

MD5 4da3c2559efe5d0823bb13f084ac4e87
SHA1 41678d1f6351e06a07471b6672dd0de70cf1f6e9
SHA256 9d285efc6353c83b797cc385ec6e7949d7353abe61c82e436a3040b58ce675b5
SHA512 f8a5d6a60efc89e7901a67730d4d9bcb4f8174e687faafe773ff4352fc6c998a2057bb78c002864c3c92531876b4bcabea92c5cf320099d9d5baf46533c91b31

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\support.png

MD5 cdc643a02f2c22f369f0392c43eaa449
SHA1 8d06553644f32a965fd0ad2aa1cfb8f28023bdb5
SHA256 7525e2594a549419a2fa1b10f218391daf6297a150fe10c80650743ca73c07be
SHA512 a29921aad97ad950f3f02a35fd64b11056f5892820e21107122ec78880651a5343fe2be5690f0b1e35e63574497f53201e7e11173c3eb9600e33283176d401c8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\strict_mode_active.png

MD5 8d585f10fea1e633dfb0825afce28df9
SHA1 b80caa85e5728061fe20c8987f787218c66a6b71
SHA256 0f7b390c06f5cbfd20766ac39c008025eb1023d506e242f6670091ef3792b20b
SHA512 196e700821049de4c34590aff9e782fd8294637f5d8867ca99ae7203d095cfb693676dffe9dc3a2e9ad07a47c9b521ec33541f7b6dea6d035fcef1f68bae20a8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\strict_mode.png

MD5 d62a0d8adbae8a957593bb8a05366176
SHA1 e847612c6bb4845444ef3c332b82b5ae8261bbd6
SHA256 bbb4aa74d989afda0cde8d3c5cfa0dbad75102134a88ce3a96b7d1328d9145c2
SHA512 39cd949751b344d1d81484ae6fb7b5e9f514db403769f813fc0176942e7b0f8d757d4627387010a9d157db462bf220ff79c280e577ba8f371bbc3846643676fd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\strict_close.png

MD5 14d53ee25d0edcd1fa3e2092188ba313
SHA1 71bffb3fa6e340e59959bc685e9cf9f0b360b6b5
SHA256 a6847fb795955f299057ccfc3e57416dba7beb94f85b833ef722b9e7e23f929a
SHA512 2d24540deae230eb78c58a56a666cb0ed05c099afa81990d528160cf49599a4c046820ab7dd589e9ae69e8e93f40f3fd94bb65e4ddb60687e78f7207faf76550

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\settings_icon.png

MD5 a42ec1a98ce45694dd96acfedaae7453
SHA1 f9bedd4f4bf3a07f428b7c2ceec6d8d948e87fb2
SHA256 983115adb80e943f25399b4fe105cfc8e0eae5dc7b3711156dc68a8b3cde8c78
SHA512 de527e5de73c1de50aad9c7b5f809cfdf5844a2c0aa59052cdb7ac3508dd6039f4a2f52f2935786d6779858eea8a87ad47a10c5ee0348b1e864ffd1b3c1dec21

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\pro_strict.png

MD5 cbbcb10198c09a795005ae3ff2ec6dd8
SHA1 7fbb967bad8ecc591973b1ab8b78131eb84e6efe
SHA256 49d962a876232dc9816a19c3f3fb572c4b53cd40e15cce1225d9779aebe3f729
SHA512 ca4b14d081b3471fb41cbdea03c767232d29272a2fed252470eb03c0dedccf4ac94bd3528364cb93c21cf08170a99fc304a3322be4e922e98c47a614b61f35d6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\options_logo_off.png

MD5 73be8ae98b532c988cf52711dd009535
SHA1 0723b5b7d89c8788fd717d77e251c2a6d5f3b247
SHA256 e620e1b7b329ade7185a6dbba26d8379f4a5ea0358d62d477967c61f98dcc452
SHA512 2181e147ed68fcc46c0e59dee6fa4e676376ebada3dc18714819baeb2fb72f695c07d24c443b861f637a1d8c7bbafc4230b7a1c4c2468dda7cabe612be6f25b4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\options_logo.png

MD5 c59708a5be365e67d09e8df5fb55d006
SHA1 1f19d06e5dc903e77622ceffa63abd08a248e6ad
SHA256 3849be136e8b29c485019aa95976fb9d99bef0cdd32b8fa2a006498e6e039eeb
SHA512 80e61ae9b4e1549feffcd66e2cdebb0e448d59cfde2bb969fb4a39888b8f2cd3004369b939e5bb15825426dbf7741509812ecccb11d5373ba92d0bc1a1697a62

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\open.png

MD5 06740a0862d41ca771a2645800e68603
SHA1 1b04e2ad2854980f237342e00afb4e41e797cc7b
SHA256 8ca11fe6f921440b8a6e537728a14bae0410b267e4a849be9fd26ffbc9690ebc
SHA512 45fdfeb902201439d1429d9569aeb8a2d8e489f51c226d0fa8b4dc2f2aebf87018e8c046e6dfe887b0fd9a8599cd7d0dcfe4eab2b9ebd7c1b36520a9ce666497

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\info_icon.png

MD5 f720acda93556bf2d44caae93db857ce
SHA1 3c73c272da866e17c89d747d2bdc1f4df739a1ea
SHA256 209002237e277255b3339dcb819bc2d4cd2d15a2b8e7fa81d6165e318b335e0f
SHA512 c6114744f4f0f5fa9ec314313f18be7a4868291ae931b043cceb780da34939b69a5c84cd8f4be757f82346c42bca7b1faf3844e9e26607138405e4571b3b8cfc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\header_logo_paused.png

MD5 d91d737171b7db69a483c7c1cf29da58
SHA1 f20fe54bc07912b921b83bf04eaec8443ad3e8c9
SHA256 5e2a7adadc0cb57b60d4abdd58003a7ee89763fc6f1f40659d88d7aa657a25fb
SHA512 343967705ac5bf76fa78a2642df10a5a7ba4df0bb8c83a8d2ba760e1ee8aefb6130d3ca84528943d166e24ee2fdfcea79c4cc7b74a61ed615894e92a7d558ce4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\header_logo_off.png

MD5 22af76d5a6cb92a7f0be21261048733e
SHA1 c5aaf5e51b458826c61e694e03f1a4ac71213a32
SHA256 324967bf4044275f7cb7c8f8e76917a2f903e42ad96bb392f8fd87b1869dfd5c
SHA512 6ee316d3a316e277b83b90477ce2a9a7b1c8eb6fa30ff722d7baef1c697daea27a8e1f18b770c4285e8f91b76483f235d2c4290103d5ad88ee12fcdab510bd8c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\header_logo.png

MD5 78be81acfd37f376ded796aadcb4ad50
SHA1 39f47b546e84ad22945f102b33f4f66bbc2eb5f1
SHA256 772709acd3d871ca808ca9755db46d6e5c5f2141a2f4b672b1b6d0f95f4f6ac3
SHA512 51bcdb9d146183b91b4e4fd9816d18d577331598f899124a1240badb324b6adaba896d6d8e631d8f8960b412f95cf5c2ca3fdb37655b2936d4d959bd9c28d9b6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\header_background.png

MD5 3d7d1af168250aa331fcc65fe95c66fe
SHA1 1e593c3ec189752032969541c57e654c6051dbe7
SHA256 df70c33cff57c6015104ef9b7cdb233f6f42b2903580581700fa94cf18647b1c
SHA512 79690dcbbc89b16272f03c5b1f6a97ff35b64689449a64614b28bfa22641a246037ea8e57318c8e5dfa96be025dd7b432b794bfd8c6bb63b222fb1722631140d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\gear.png

MD5 289430f0f405273df21a11b6cdbd496e
SHA1 c1fa310db5d03a456ff272ef1feeee281dabbe7c
SHA256 aefb86d5a8c31390b3156118c070a667c8136ac88955c0063041daf8ad0b5d07
SHA512 e7d57796db7e61908bf52afa98359ddf70f4f57e89c1f7910b0ee22432944c6b21924ebe22efd3e77b7901918901f2b2278fdd97231caa8a9e548c17326ca210

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\expanded_icon.png

MD5 1b81496b3ab1f9e15f3c79a5ff4352a8
SHA1 8045a299ea176d0f040666e8c4e1c3fceb0e8bba
SHA256 ab30dcdd18248b0211d265ae35a38ddf81dbd7da77cc9d723f786a71a9dd1624
SHA512 5b8ac48f6835fd1b870b517dc5db05c0bfd40721fb21725bd71b8d90147eb8b7729fbca2437b7c99e30a40b607018960ced2118dfdd6eb573a4baeecf7a3b5df

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\essential_mode_active.png

MD5 303b1c714a891c4416d5c3bbb333eb83
SHA1 f42e209ac531630b8c9aa118396a9e6650021e83
SHA256 5e92c4b2a77af99fe7bfe23b19d003cd3f423150e3acb2cfc8c85d95c35c0b5d
SHA512 95a8846306bdd745446d832fa332f972ad37837eb29b89e9ab7adcc3d2ecda98aa501574236c3552250cad9d81b7d05f4a8be4e6bac627a56c3a44db9b0f5ad9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\essential_mode.png

MD5 4b5f1a3195264b12c60e51ab663c3e48
SHA1 a01e65805503807a7c863394641aaee6cfda6257
SHA256 9629f7f257dfa17b8ffb7e8fd9ca35346064606472bb9c96fc37416446961966
SHA512 9c1e050ba1e66d4abb03f406f92ea6c470aff09913ce9323bf6ac8366ef0e8da6dd97af497845bd17aa3a7fa6577d36bb0c706c99f205cb01ea88a5ca8cddba8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\balanced_mode_active.png

MD5 420b457f965dbd5bc55d3b95ba660c0b
SHA1 82965a2dbd3d46c81134ca167aff3206a9f8c7c4
SHA256 4d8f719c74974a1422e8614a92d829721a8e37f254c6b121c77712a63f5ebd9d
SHA512 b582dce0cfaf1875aae41907dbbdd3c1a275b413083a0cea4b4be8d984eb9c5daa392063ed5ca533023d64722ec4b2f50c516c233f6acf56593035f0316749ca

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\balanced_mode.png

MD5 57a25cb063d1a2b4b132b0ef5e3defac
SHA1 e096ec70551459bba37d10f21995ca771a1f832e
SHA256 a6d6b5c6e693cde868905857a09e855ad2ced432d2512a0044dbc241771a7f7c
SHA512 36b62b1ba86a5eaefe34ab557bd9f099f7952c8278149fb6eb3d68fe730721b285ff73ff106599ce4c311c188bbb4bf739c2b90447dbfd09fc38ac63e853b842

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\normal\arrow.png

MD5 b499d222f55b7c81feb861a9428e079e
SHA1 ba0f1bf04886200af659e6f1a70e195c11615ada
SHA256 2801de75b870a2f278d98ddd818600846b94a4456527e22e19d71518261c94f9
SHA512 80516bef42df9949dea8333f7c43fcf03e9a4071bb9390b35df2c64148db4e9526c61626c44f672cb7ed57fac2eded5e83d8c0f3c81b76ea0f913b271584ed25

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\whitelist_action.png

MD5 a0d2121449df13ac82551e23b053c033
SHA1 21a0ce940970044470074bbcab8d5b34e2698c2a
SHA256 d8cca0b6ddd4eb1c1172bfe26c9d46e74337ee0aea87f4378d725338a662e633
SHA512 90add1e518b7c2bd93d66e8df1faa381d94ccf2fbce4a8ceed109914dd9c9e70ce41ea3eee0ce5b535bf3b1150a5926d8a68536c8ba8adaaf28c9be715264099

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\support.png

MD5 2d6fa11d7ce9c7cdb0dd4880fee807f7
SHA1 167bb158e4410403ca304d89dc7bb6866ab6a1e9
SHA256 3919c88a9f7e5b15acd692f47d7c81113f501b4d46a7d78d412cea7dede8ad6e
SHA512 3dc8c4cee4ed8102afc3085a89f61e8c58fb54d79f33e7b442a7b4d0a2fe0060736da858f8dbeef2099192d254a3f4ee63da21ec418584dcccd3e67cb35e5878

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\strict_mode_active.png

MD5 239c8c0bd22c04b2d7dad129de68965d
SHA1 8f76a5e826a09aa6d793ee4903f49292adcb0504
SHA256 a69a0873260ab007f94c3ef7f4d9dcac6dc97912db83906c3aacd6ec5817d904
SHA512 a21eda73afe86da2cbb40fc875171632ea22a7361a194bfcf07f88685005bc5d4771422a5926ba5da2ab9600f79e879008a2ebb171aa6a36fef6b7b4209f8aba

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\strict_mode.png

MD5 58fa2e1e38e35cde4f8e0b3896ba9826
SHA1 04d450bd1cfc98d5da1607ef8031c9a3ce9b7173
SHA256 5168ed31b97fef54157104479b5ad47f9c067c00df13ac59c15cc8e17b304734
SHA512 35c8fb39ce0c76d60de9773b304ed68c7d27871b1924f45aeed60f8f728d7715883dc072b1e20c358c781d5178c38734dfb9ce46c38c121aeb47ff5f9c01fb34

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\strict_close.png

MD5 e8ae1ce99f62e695b6120bd950cc0b78
SHA1 9c0d7556f8f7b14b2eeffc4d548ed8ba0987dbc1
SHA256 96900b0c4ecd08f39b2d4a9931a607791de7f2a1e4f3c0574e34d68ed1999225
SHA512 36c392b1d8e731b6ac652d626a38c0a5d5e2c27ab988cd1f0b1c343033d4fdf8fffafcde1f2df00ab5b1e3907ae472dcb8d4869ae93484243d84c462e21a5a3b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\settings_icon.png

MD5 fca6d30fc40a5426b7cc37a19d3a54a8
SHA1 3e2f0bce845182a638dca1ca7d1908e035e6f05a
SHA256 41b595eb8052d879c6c521aab7fd2d41a8bf9b1f3d15916ac71177648463974d
SHA512 e124bfb53b7b107dc5f17e4e15b8f33f17eb553fee61fc562eff2ead5647db6afa197a27fa0895bae701d5377ce58bf6db78ad49988191be9ab42800fa8940af

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\pro_strict.png

MD5 e7bfeac6c7d0cdc6a2dfede2d36bdf78
SHA1 cb0f45cffd8ba660cbf90e93efdcc9dc8c8df794
SHA256 3b20d6ab5ff4b5aee32143cd0bebbac92c2ca0e34e94b393b3b669597ef63080
SHA512 ae70258dc93787e20f0c9427e4b9503e5c6c2b455927d86e5866171c343c96b89de41a9ca978dd25a994c31dd943b57518ff58a15815818cb0e8fcd02c5610ec

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\options_logo_off.png

MD5 f84963dda43a2e82bf6c0a185a6dbb24
SHA1 e0131fe336af15088bf0420320fb93d7bb3d3b9f
SHA256 5b28a72ecccc38bae85652dd086821ccab4e68ea0132ac13f12bd59d510e5b29
SHA512 877240e878f80fc08084a7303f98eec09221e7f5f50f5fdc58cd2c82b3de092c4fe58113d56af3d05d4b75140d1bf4582efb7961c4132cbf4d8b2946db21994a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\options_logo.png

MD5 5037ea3f310b3a642a9fd22e91aaa5e5
SHA1 ee9fdeb294a6d7263a7527a72f3e5dfc82e387ec
SHA256 5dd7fb4507a3bdea02b3f667d7900ef90bbfbc91d3b672e051b7a6893f7ae17f
SHA512 519a5ce2501cba5a3a0e4fd169eb6258cbddfeb8c25f286d44dcd147139e5b3589dcba6067ff61645948d4584d442a4fb1f57d1ffd352f7e4916550f2297eb41

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\open.png

MD5 b9bf4c0f29f04acc59d554bf2eb80270
SHA1 9c304b9222f9ab522afe47b7ab4e906aacde9e67
SHA256 3ff71bf736635b31252e339c1277b31f9bad69494624c37ee0430d229afdb9b1
SHA512 d13afaf9b639f472139c49cfbdbccdddba5c70dfde4da6272d5517d25618d85d2d35adb783ce44dad8dc24ccee46c48b331303f9b0fcadeee594796f48005459

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\info_icon.png

MD5 84700e82113b2b4a772cad6f736a2bbc
SHA1 da6fb8f5315189a259487db42dd4cb03e1c89c1e
SHA256 80135ca992a06617e34cbc80aef922f49b77530c80d41168f96d8564b9de09db
SHA512 721499aabbbcbb948191e23c5f1e572d49488320c878c8d9d43c2601211f831b9f560fb95094ccb2f6d5e254f427f6595efe94f08aec505fd07ac426e009a23b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\header_logo_paused.png

MD5 5d54e3d632e9c35682ac590bd8c707a8
SHA1 64249f9bbe480fe2516172702a95ace7e38ca408
SHA256 dcd8e976ca3178af9ff1b84fac46461e228f2ede94c29f74ddc27ed49fc23df1
SHA512 211df572d97e8778e3516e335169183a345949302bc44370464cc3d2426d8b3cf433d199b51eedc2c392f84023cf4475a4cbc102668560a97e5ba58029e78b82

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\header_logo_off.png

MD5 59ab2e67d5ffddf0b5cf2539dd01a1dc
SHA1 7dbd314e447a948663d2a8eb57d726c05a341885
SHA256 e67e47b7bc2d042441fd059422cccaf4d415cebbae1c2b2fb59beba16c5a9188
SHA512 bc7a69f18ac7ed83b5b1ac3829a4e717075a61d1efda95dfa051903aa4787f3b1eb756a34815c94cf97f9810d0ca5388839567dc5e9a0bb0e32ceb170e7c6b80

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\header_logo.png

MD5 e8e3eefe5f490e48d845774bbbb4db25
SHA1 98228597f4414364db6aea5c8c9185f3b3476166
SHA256 c779095c66a0925bef8ceb674d96936c96fc408c09c041fd85ff0ba743791d2f
SHA512 748f5340aba5987459f0c26ca1a424c50c2b2b9aab98ac23f6fa32ce6e127d03ae4b409da9fcd32c87b0e008aa8f5e09146f87c80117816323d47f9e9cb02575

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\header_background.png

MD5 76d521090f4bd63fd00b0e9aca566772
SHA1 ce2131bdc369bc12fa7e2f5b5591f8cd9a06fcb8
SHA256 6c46d890e518e328f0d06578bfed8cc8b9e3b3f25e7500ca7e9afcf5ed1fd18d
SHA512 df4b8b24f87c70110322b266f9e79cf69a347b4de417ee9cb92ed1565f3c6356ec544d3d0c65f0490bd275493429ae2a3cc0d77aacc21fd4ae044d36b2b3d708

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\gear.png

MD5 164da2e0b0a38eb1d63d6e52b44cd89a
SHA1 2677d3b8caa89f3784bcaa4f9b8c78abbff79be4
SHA256 592c5476720fb27f6f725a1475a89e74a118454a3ac26127099dab2d650fc50e
SHA512 606427b79770341972f4bc905125bc6b31351d0a45ae7eb76fd2cb512a94368f0dd488ea609700ff955418110eb29b9f24a559340a9e7cd47c216371cd060b76

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\expanded_icon.png

MD5 fd153d4aa72eb1bc458d87e52100871c
SHA1 355ed469a7cabe15f9e30260ef794073ce7bf3d7
SHA256 e6b759174c91b25629126404b221c4b4105927eca1b40d136b738a1738872d83
SHA512 0f4b573b006f0ef14bc6aa0dd3a2322cbc54bc8ba29f7edbc9bcdf01378facd69f23bc88c4e2d627616566ef9344ea299cfe402342bef0d76e9de632e7000433

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\essential_mode_active.png

MD5 72dda861c776ce110260496860b0eb7b
SHA1 37a79b9ad9756c621f39ccef8bc8dbe966c2697d
SHA256 59b99d82d9e8eb5c3287b48ca5a202aed31cffce4675601242b4ed3f0cd56662
SHA512 b35d251b7caaa027063d93923f165cc65aa3db3df5e7915bd4023f4c4c32dbec97b97264c4f047796e1f7abb9f4d5e05426cc039e613cf348914e362f0ede0e9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\essential_mode.png

MD5 d31bbbcfc4d455dcd2079b1880c56ba2
SHA1 105fd3db64ff54a41d5ae54414ed37121c449536
SHA256 005148984e6912540bbd4e9f1aec52f0b574b540e6a5dff42d32b7d2d73accb6
SHA512 aa8a7c9f2749a09abbd331f586d6f3b5334d45df3d4c40811e550afd023d47ce36ff1dd6cf13b9cd0f6b0c8cdb0175895ae3fbc247ceae08bcf37635a9cae234

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\balanced_mode_active.png

MD5 a56a44a13db644a86019a57e87bdd989
SHA1 15425f919f65b69207e0d609901d0291ef07e9b8
SHA256 f08095cf0839cbef9e4789ee08fa5beb5b649db3e75cbc7658bfd4f17ff020e5
SHA512 3a5bf4c57c4cdecc1272548dede30964a5e1a9b015f066c0b4aabd2e7ec5e72708a0ac49317bcb367fd8f935ecc4dfa02ab521174aedbbe8bf5ef518a54b96d8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\balanced_mode.png

MD5 559c879498dab97a040fe98e381d9f58
SHA1 f51fe8d3ab3ead95e5d97d008815227fd8710ca3
SHA256 0204320dd5dfb0a87ff3c810ffce576d14aa888a6dcf145d2862baa10c6d8482
SHA512 1e9ff99dc988b196208213de582aab9632868c9c193c4cc44d50f8394986e61a5a0987fa374dc1e4ca8b09aa6f61b3f33926ead453dc69e96706b8f76a20770f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\dark\arrow.png

MD5 46bfe3643445521bd70bd3fffb2eabb3
SHA1 daee9131eb5f3cf2edc342e44acdd0408ef8c4d9
SHA256 30221ecece051585c12b13451a455924ccbadab5c4e22ded408b622e0112e17d
SHA512 c0f13ed6631e30db9e01390512a55f7c70b0cb46507e57e957543d9f6eb59f6fde8610d6eb8e74f76afcf0ab40bf26cb23ac45178df9624f0b7fb676e02b1e0f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_64.png

MD5 2eb7d5e08d58659942f644af998216cc
SHA1 3169cd50796534273950a8e2df5e9bfc1a31bcce
SHA256 8d608e382c5af36a63a9c63b8ec12efb5edf62b7db39621cc6359ded37378124
SHA512 f30d59f1ecec09534bae48c2bd3f13d577ebd400b937e31fecaa7ef0525db17bd6d208548e7f32ac894090347fed40af2b5914cae6acb5b9bc472b029a100277

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_48_paused.png

MD5 6adc67c3920868a34fbaf3eedfe25813
SHA1 ce7e43afc687d702ad19ed8770060f6e40b74b1d
SHA256 60e7397fa6b6c46c6330f1ebe026672d6cdd0728f6d66beeb752fca1881a2b9c
SHA512 b649d290a244a9731dfd4e6d79f4ee19a65481dff79811e02f22bdca6bf54aa9049f6a7fb7d462a536347c6cf2ac8f0f56202d4704780f253008d48633e9089f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_48_off.png

MD5 a87ab64560c34fc04e84cc8620332a73
SHA1 c84db6a0c7463ccbc9d5661616f1d13fe0d230d4
SHA256 895646aa8332c9dfc43735f45777599ad52652ae5c18ca710092e663e84559fc
SHA512 053422efa8c1653b6d70fe92742db3e0f71a064eafe543375e64599308d7a52f856ed6aaeb8a123a569da98a707b15eb33b8a5ffe832393f9f95de4def78adb7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_48.png

MD5 52c2c5fe2a39376ba6f34591aaf8e121
SHA1 7e3a5a5a92137db8bf573f72a6143f53059c4d08
SHA256 52c15a4202dd3971c82c75705c2a2303bd496dc09acb0fb508cd6960c1735f27
SHA512 98c673a034725a39b965cbe7aab0b6897cad951acd072652d109f30f51812c054c0571ec8140877695987e2999b70a9d08cf9b995791054bb7cbabc0e38b7db8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_32_paused.png

MD5 e0b20d45ceda4ed438268179f813f8cc
SHA1 5f77946d6bab01fbbca78a43004c897d08db921a
SHA256 43a9ca0268ddb8d69110fd6032f2dffb9c519be194539123c69122e29ee06e37
SHA512 8d44281d770061b63b94f2c96d91b136819e407c03c3bc5887f1032de4c8c7800f14a2e2e50774cf75fcf67ed8b0ea4938f41be81e020cab342143c8ed53f1ab

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_32_off.png

MD5 e45f74df67a69284ae8ed875b3a88a06
SHA1 6cdbc91535778357e7f8d0d53327b5b8195fed09
SHA256 422649440bce77f0368e93e3fbe3972be623b88b01486563b749ccec5701a57a
SHA512 31d24ca7c86e72a4c99de9bd834b4c9ead8840af8b733b77b752d6b0ef907ba4ca856fc8b3112b0776428f511b9798d81c27a69b30670cf5b8e4c62cd38eae71

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_32.png

MD5 863fcd28886f4b7f640dca69e7147028
SHA1 262defbe1444ee757bd288416f48c08d384601c3
SHA256 2080c7b405b43c9d669cdb149d9751ce7649585f1e97a757d1c9909d76cb808e
SHA512 504501f86ac404f6631b8e6ebeb4ea7162d6802dca10f42a679d03d7ddf49905ba9f83340cb0b9e2fdf20cff4b0ec834fcd60b8b68faf7e70f6aa9ea20fbb851

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_16_paused.png

MD5 70949c9021e36b807038c5491ebbf11b
SHA1 96be78e1e5840c4ae70d0d4b76ab6b1dffd35d50
SHA256 16e9e74afebd421776f1a58d2be4e6166e4e8299057c56b36db8203c717e1627
SHA512 a1c4f84ba2ffdeef022669f28d1c8866da1975908a13e33daa197b841b37cdb814dff47cc476580f5932d20c119b3f294b6378114761c3d20cbc3290a9228811

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_16_off.png

MD5 0769189f4194e12f0314b2a97e9ec5c2
SHA1 dd33374f0ec1acbda8be2e9a8d332f8b67b6e025
SHA256 ae1acf4e701116e89527eb4c1fd98ff0860589d00ef0092cdcc936465d73ffcc
SHA512 e698eef62aac58e871b6d5121f33153e60556accbe7fa632a7a412f37c391dfed9a5f64f87ad972641f31f0f084db70ce91b69afdffd12da62deb3646795d3e3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_16.png

MD5 8c4b2ac20e95e00b20a33e7ae83e32ec
SHA1 7ee28fee7b6027129ba3b078c2facf13a97df4ce
SHA256 f3be19b8428ea3cd9b7611250a8064a4eb067a5a4479c3ee6fd7157208bd6962
SHA512 aaa49308d5149d5d15f7a93fd5f4e65e36a23a28c23e48e2adf2481d92cb6e4639408d84c5a980245efe58cea052dadd4f66163d2a9e57ec1439091eafc384e0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_128_paused.png

MD5 c5c9ccd58afc323933c5619c214eff0a
SHA1 e3751d75a1213205c2740a215f7469a9f8283cc5
SHA256 288f308bc2cf450dc633c791fc6b781e552a742ff50331f8d88b82a61fa7b98c
SHA512 c60f717769a7060d1160dfddaceaed5bfa920cea7a15b8d9390337560990f057f006b95063357e3c888ffca03cfd7f61e7f2f761f7a9338b1d28107bae154e40

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_81637103\CRX_INSTALL\js\content.js

MD5 0fe343f25f391db514d2866658ed3dc3
SHA1 3b7f2308cb5ed9e9ab46a440ca6db12713df68bd
SHA256 65c60616a95eed6880733fafc420edc0c6db609712801d797851637a0ab41c22
SHA512 7ab5b87b504457619e55c58f295084d6e3087ced8b3df677e4de9fbd42cc2cf75bfa31d8a854d0c6449d7b84def74348629991458e3293af3e14ba73567a1fd8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\_metadata\verified_contents.json

MD5 8ca60681b947bb417e0e92de2f1417e9
SHA1 515e4349c1ffbd1513f87180f3b07a6605e4688e
SHA256 3f21c2a6ebdc2af0d79dcbe0ad97b96084cf73619df239e6a20eb129d4b4b32d
SHA512 826c81f8ee01ca700d664953e735b96c4fe9e73c4b8788207788e2400fdb9d92bcb3d2b95a94e8beb908d8020a1e39fa7f863f7e2284ba3aab5285a2247ca603

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\html\privacy-policy.html

MD5 376d8be16a145363adaf574da2b672d1
SHA1 48d9662d8ce2f4be35d835ebd375c1ddf59f0892
SHA256 0d857c0d6deca83d46501c267774d1fb8a72ce86ab0227ea6ff71f68e7ded8ec
SHA512 dfb6255fed3992fcc525a1d635ac9aa6b943251983fbc7caa86b0efd9ec2f000276ddf20b9b179ea8273e22fc444d45ec8b93ee5cd0f85ff8b4282c2d350e202

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\html\popup.html

MD5 2334cfb11014399c8db4f69b014fcb18
SHA1 e23e6db2340a558e0e0bb98826aa59c7c928378e
SHA256 6bb75eb60b35383ef30d6c45fd9d8d148162297ef717f26969aef939b2838dc6
SHA512 f115431c18932ebdc5680edb162689d85a867941a763574c7b305a5bded31fad36d7e364214d332bc66ee19745467eabdd2f79b349217b613a0b6fb101888ba0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\images\icon48.png

MD5 dbcd4cce9af34a045e5c0eb545995989
SHA1 50d40d2836d1c8a4d3695df338b227100c199f1a
SHA256 e15bf8291497ffb08dc7e3dd0b76dd050eafe6dfb7f0464240303538d981a3b1
SHA512 7e535a70c207ea16944ce47c2ae39fa9ef1e0a88cba9c221854f5e130126ca83beddcc6561dbc75407a8cb061779bd246a9d3fda5a5fe5791d898ff5f7a40889

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\images\icon16.png

MD5 77764cf85912647978f12a6b65e8a46d
SHA1 f95b78085dc60456fb4751b9b30637f176ae8698
SHA256 ff16de8bcf3194608559789e109d85fef81e4dcd24dee4e6e40a7df57e1b97eb
SHA512 25b7e4d8dd5fc02c07c2ff74c3d4d33121610e02273b6018398d78e010dc45c5c9379199e510b3b2f6051dc8de6cec9f95f167ad98605a8c64f6b16c29777570

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\images\icon128.png

MD5 025d8ad058f18588c7e212d9e69e90e0
SHA1 ecc58b2554faa651e47e0c2e0d3636d79d6910f7
SHA256 220292bed2a85099aeb4fbf96b6b29b66ee9136f76576a7a92c3baed63374c95
SHA512 0150c26193eb8acd4e27ae7b833fac1b0ade008db75a5652c155b597ae92d4dde80546809b60452bd44acfacd6e061c7bbedcb9099137d65a4a56111f89c9625

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\images\icon.png

MD5 6faa43eac32e83cb118659d318ac347a
SHA1 d55c244f488629756ab1ace2af9964b1e9bf93b1
SHA256 4b736b7baf1248ddea6055755204b3fd9c908f1be1ac168066a204149eb21c8e
SHA512 362039a9b4a5e2a2c3feffa232316be287962661060f839b1cb42faa9b71bdb6b62ac348f0f87eca67eb37544f69aa728fca5d52adc0dbea3c78c71ebd3500dc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\images\cross_bold_32.png

MD5 8700fa509bb04d3439b6d7ef765d37b8
SHA1 a1ccf88303db1032e768ba02117c8af465dfbb9f
SHA256 9f2fd5eb65300915a114741c84d0c182ccb6753d12bea3fabb3021f0794d9765
SHA512 d356327006e009e7c699c37c1ffd0ea076cface1a13df6d76606de8a44cbb68541e1e116b18f1564a2a7c91ff85eac348fcbad1c5d52d259d91b80e283e98880

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\images\cross_32.png

MD5 74a937332a0733a531ba6cfc44851f23
SHA1 54e339e3369125f25eb89f6982c452f41984912c
SHA256 9be12d0c6f86dc0852b6f2886d70ec259b8a61ae4b3b214e40c136ae4ff900f8
SHA512 dd4c3a8be8a68b28cc860395639bb3582ceb65c0a021a6de4aa8b84c10ef0947a09f08b5af4e25f62ba02a95ee729f9d9817ed7f4dd827025f870b56739d4809

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\js\popup.js

MD5 1fba2a51b1c640a3d2705cb5e233e32e
SHA1 38cfb5bb67ca4be6ea735fb7d1d1877f57cdd178
SHA256 cdaaabb9dc5bdc015a0dbfeaae8d8e4dcaf8e38e85f1799d655efb726a39ec48
SHA512 ce434dc5e473bede1cd2c31361d5f4509088bb9854544796ea4560a25ceb69fe09f41d9b0779285342305aa5eed6580901adeee9623b956e5acdb04f16fe021e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\js\background.js.LICENSE.txt

MD5 94ad18a298e8f3c03e16245453d05879
SHA1 f630a6be9dad59904c09a8a1c88fc96c3bca2d5e
SHA256 843c744616c171f24616375dfbdbc61c8c66f37e7dfd33f901bba90842db8b24
SHA512 55e83620f9a2c61ea50536ebab97eb99002c5bebfd4ce75694ff2eb5b570679ec50f5c0dddf2d3ce7de79496c5dc8e8fd0bf1423d1f4adc2ee9949cf7a6fdee4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\js\background.js

MD5 071f800c21da32c48d5f581a3736912d
SHA1 54bf821cf8d7518c4a78bfec3191ce7124cdea08
SHA256 b2895afec7b11c937c14a5458162550f80fc03820f016644f7b0a89c46080148
SHA512 acd07070fffa4d882fa21eefd0f514cb0e7dcdd5dd1881ce0356a816e5ecdc1a95ff5a65eb75868a2233dfa4368f07f3e98b4e2282eddd330a757547abc2ad60

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\styles\privacy-consent.css

MD5 c83c747dc806cf7847fd56e0d18a0994
SHA1 966f918d64a703c2bb0b2e7ee2e23664940c6950
SHA256 9e4fc8a1ad5e978814a08dcc74edc423a3e98aa84111b14f9b3af2f846bcdb0e
SHA512 13ee1c9ebdff58dc8eaae04dcf55497e02ba1f1d4a41129fdf1bc8aaa2442662291396c75f157b82c42eebb900068e51ee4155fe1b7e5193de4c71d06d8f7828

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\styles\popup.css

MD5 9e9c56fe382a26a2238ca89489d163a9
SHA1 0cb73066124627a88e25d75a27f58a97109a0e4d
SHA256 e026f4b6bfba94b4f5a4ebcb0cb2ab216f8131780f245abfd6d17daec365cf46
SHA512 72cad108c43112dda3b483a5d3b29d44bdd1266a4364b8cfb69b2591c81f1a3f099920e8f72b492cd5e11c003be53d07b32e6ba960460486b2589be4b26f7c0d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir2948_799557300\CRX_INSTALL\manifest.json

MD5 2ef3e81554d0d9dd1ea05ae7eed6e047
SHA1 8fbad7d1d00796d85c9339f3a612417bde9ffc04
SHA256 d4208b59d3dc968b5d276eca1c109d749e709d6a1cac7dab152f6c2c2c421d1b
SHA512 780d32b8c21ae19b8feecff2afdbeb1124e0c7aebdc40b27c45e56f4fd568d9752d824c9616cc631604b021dec0afff0baab801cd7ce8b3d6870095422ba05c3

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_81637103\CRX_INSTALL\styles\content.css

MD5 01b51cecd3ccae18b19885a3b0ae1635
SHA1 dd13c7d1f2c9162fb1ee4bc2bfca14488087c528
SHA256 60a4f99fb6a1ee65d31e56a2d6d0d27c3f58c676c56ec440de3c3a6ab6567d66
SHA512 f901a1d111849e9419bc11004c260693edb48f6a01a7652396e969829b62be3ab6ae3c6ae11c5818438233bdf149ba1c8b7d4922885799de2f00b03fa2a1b1b9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_128_off.png

MD5 ef8b6289a2b60b3a0b95a889164c02a7
SHA1 0d86100c366cc55043075754e0a0eeb0c8b067b5
SHA256 cc7a3f40ee3c8ba98cf7ad8375ec7f9d5f951f0a3b3d7cada232e793d3cd3bb4
SHA512 3b298feec1c8de2e0764e0e30c6a73208ab8a73152a9192ae243435ccace6da19a4bfe64d39cf3cc88c6b8842d501584c3e545799c38d52d37e598a8675a3440

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\toolbar\icon_128.png

MD5 8eedb5b767113927bfb788d7bb7b0cb7
SHA1 cb1bcb19a09146c1ac62168386338584314431bc
SHA256 a50dbdc3779bab3852929d6c8c63bef7f575efbee81bdf35e7e76d67ecdd038c
SHA512 0f69f4d837fbaa6d7b413a5f933aaea00d10af0d3c332d239168ad7a7b7900ffc86532ac41f64f33b468d6a78d2101d8deac39475217b15d2f9b892e203140aa

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\extensions_page\icon_64.png

MD5 4d7ea649781fd8c612cfbd0da491c4ef
SHA1 e687980a5e51bdbae20874300f374cfe0743d130
SHA256 197089f1ce0680a0d29c728d045636b532dd211aefdf3a6911e472fe43278ab4
SHA512 2ae5fa477bc9fb4e24416d26d2303ef447544b4a24b0366a0324365ee6ec70da55750e373145f67f96e8b516843c73edfdc7741123663f8485fb3659b908eb37

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\extensions_page\icon_48.png

MD5 5a133031420678b7f888d0dc18554b4c
SHA1 fe9ef26ae91e76c7ea0baf2b1d3f7236add9131b
SHA256 8664b5aa30d5557a7c8195a351c6885728bdcd059d9cd6129fe51431047d4488
SHA512 840ba69df8ee28d53a74aaf1b92a8c062c48952aaef3b495a5465ca511c346dc686b24cc8d8f11735ea4651b859292cec4c8d93fb21d8f06ac4231bf4b18d1e5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\extensions_page\icon_32.png

MD5 e12ca85b97e826d347709e812dfa592a
SHA1 b66d099a9775a8c8065f593b0c286bce90c615fb
SHA256 5dddecd0958c2f8eaac670431f32a8193631cbf2ec93861618130ac07b5fff7e
SHA512 3fd198b1364e10a0e9e6f445a62ab2cb4f6ee27bcbbc24d1616b27424ab2595a6b5a15f2c4dee04a353d49c2ca523d9f6ac425d1c5c2dcbf1ecf2983b777db08

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\extensions_page\icon_16.png

MD5 94e729739ff424d4de44ff87f84d4492
SHA1 2112bb951c6d8cda2b73d9b2a9f67d8ad44605db
SHA256 45173f67af90032506c4b2eed3a0d46a1f9cc6a31bd2d804ed4b5f964c44378b
SHA512 5961bd9d2df10e25eb32afa70361805c3d982e5f5ae3a960de688443fc10deaeb80f20781adf87d989761da4aaffb32307d9b6cb420524d72e74792aaadf9e9e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\img\common\extensions_page\icon_128.png

MD5 6f353bfc415e901805c6748e0427c15d
SHA1 7bfb10116fb42d46b7ce8b087002d19cf1eb3615
SHA256 8899fabb8f15ddc278db067136f8ecc6f7583b08e06e10ff590d379fc8565354
SHA512 11fb9409ca8718d91442390c5bb1cc178dfd9039123fce995635aa5dc8167160dba7d961c2b1f845c330853a0e518330f8f7861de5ace78c5cf848f458b6290b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\css\app.css

MD5 5551e2ef3be5fd9adf599447389e5880
SHA1 72a4cfdb919c8022df14dc44f222b56d417aa6a9
SHA256 d3507d42e1fb12c4513f762d1599191bab5304446de5dffd2f8a802ff034721e
SHA512 f71f7642245f94769c2100b9540cd5be4f7dc80e7f208071fa71405d5fe501fcc6c5c4afc9de39e66c52758e2e19c795412353dc07412941a2f8d3813f91fd19

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\background.html

MD5 e77b5973274a700db856a649c24baccf
SHA1 f113d9988778bef55e2b78e247a30423dd6e2451
SHA256 7f8c53c687138a9807b7911890cc186d45664f59b4c8f644561f4ddc59d7393c
SHA512 4aad265ff8e37d026bb75568503ec780e907d295a910ef8cfb8ed6ab8f51c47b3e044bc3576b1d5055551d55eb03d38cbc521613d8c33bfb3e11b0f617fe64f0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\zh_TW\messages.json

MD5 dff7aac6c2369dc370aaa47c2f99d3b3
SHA1 cdc8e7d712ae2ed0f1cb01be8c3e9182aecad682
SHA256 97a1208d7dc54ab112581557ec348977e932b755e467f0a68e5ab52f0cf302a4
SHA512 fdfaecfe8c79807b1ca3dd7ae758a31668ffa6dc9fff51ff4d49ab8f378719cf8c45584c805d904a03268e375b20f13e76db5a62ffed7374c453741a15d1d287

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\zh_CN\messages.json

MD5 61ab8dbd962b6da3f16f080a65a57e4a
SHA1 c931cf969f1b4b0254b76c6acbe0ca19ff666b11
SHA256 a4d2d3787c2255afeabc2db94abab36417e72e334a903a69215c172e669a6433
SHA512 c3e4132c2cf981abd3431e1eafbe36d8a8bcf3421b433263e68f2e2d43ef90dee57e19f86682af3ffb698331d96c4d4303409c6954c47879d1d2bfc4ad66950d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\vi\messages.json

MD5 7e56c43693a8d7657ca3f40f5396f56d
SHA1 3fbc2219df565301b75ef8d3e45fe96e1e4b273c
SHA256 c1946c6f14ff53483644763d00733f7cdcf1ddd5287a287927c26d495c3761fa
SHA512 2bbcbbf51d426b14d99368c51bb83f6add404d403d30acf5d2680f28e07b52fc8e0f08dd3f054d3341fe96ce37e3394e9ef5eaac8dc7e13ebb23aba632ad3133

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\ur\messages.json

MD5 d3e3ede899cd40534ddeae337a43022d
SHA1 ec9fe1b045fe6d7c3c2120cc138c730b1389c02b
SHA256 a5ded924c38bed6d9b09821a7dde4431d04f3f20da4de87277d830f82479fd21
SHA512 237aacaf486c10d39ba123125ee181d906d14b45183698796be8f2808c249085b070e9caa347e8076446b73e1ae56c424dbae2e96db601e4aa19427e0f737f84

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\uk\messages.json

MD5 6db1c3b4e5938435e45cc8e90d3baaaa
SHA1 5689b628c3adf89a4d19c5cd19ab9b6206560640
SHA256 cba5eefa9faa7347ad98d1afeceae3fc5db42efa4c8408f35496dcf431304533
SHA512 e300060116fe6fb69f6f62708fee41a6e282f4d4b3c09c4ce9f26516e9c2a4768fd1f5f9470293928ea45a2dba22ac99d71865331a80c2f79d247934914d02a8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\tr\messages.json

MD5 14cb2de66d573768f6ff9cab96c400cd
SHA1 c3eabdc9b778be25210dcdadeca214453957b686
SHA256 4ce902abffa76397a8370bd01eac687d301e2ed4d81e00191e66d04d83b2da8d
SHA512 28edb203eec685e1185d5482bcff76f80f9a0588450cec6b8c5776b8c49a00c905308e55aea6e56e61c4f79f11c71c55c64226d8918ecf69f4085537c6e92cf7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\th\messages.json

MD5 4280b9ce51454aec225d05e59912202f
SHA1 f2853f3668d1663e791acbc6e2b64ca0a4fdced7
SHA256 f8cd2509caeb97a2d03aabad0066e765ae1b8f9661d5b637a5b62bcce35d2bcd
SHA512 a4460144525049b71f9de264caafbb05c41dad7c97173d2b19e00aa90335d45d1ca5de1063478025c158fbd7383cf71091deca8f3eabb1c0aa40856fb4df1ef8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\sv\messages.json

MD5 a5b18ab5d81a8b455585f164690044a2
SHA1 e9ad69a6fd8f2c3549192e7334304e0fc7534f71
SHA256 3a5bb1a65cd59348b7f08e51df5ecabc0b90dda55e1fba9a8a7a22289a0f8dd2
SHA512 c8ad7bebef69177b98127608adccaddc2fabf6994fae10f0411fdbc13b0e030d0d04dc988d978d232138ce008699cfdae13f215574b2c7ce61f8b7a4af5e3f32

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\sr\messages.json

MD5 20c999b9a9b74b3469222ff08f75c3ea
SHA1 9b335722addbef9c7e2c1ba7cc25d63e776a5cf0
SHA256 07a3af371cd2f03d3e900820dae661a1dafa0622b1ec4275a3a89a4e373cd627
SHA512 80e6990799b432d474cb781145810ad9954092e334c03f1e5aea881fad50f039868106910067d01c84d45254050c47f7d7e8a4508c48151f0960678954d78ae3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\sl\messages.json

MD5 a6d4fe43eb63bfe30122108a9576f31b
SHA1 d1adba5b437652da1573d61105d4b3029f15b9cd
SHA256 ace6ce075ef716b0d8c963c55b28b9d033bca05c62e667f0e99620affe7c1304
SHA512 c02203ad3cc82607e204e715f816425101a9999a1cfe93a8cb8a6a2ce6ba0aee6f8528768febb0c954a16610e9484a9e1f1901d7bc667072068358940c8db528

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\sk\messages.json

MD5 2a430d827ec839a1786efb246693d5e6
SHA1 bf2617519899ab91e31ef331196b4ad2f96c0be8
SHA256 4ca48885d3d1c0e426774e4de941e041c531291253e6f97ec53f9fb3b057c866
SHA512 e5088a0fe2e4924bcc681ce2929862eb30b3b44165eb388128fac3ad790a89063dc433ea095914846d8ed5acb6f523aa80936884a5bc5611efae705cf8607f71

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\ru\messages.json

MD5 bbcdfa5b9387e8b6b80c4f4d30a89d1a
SHA1 bcd706291baf0bbbbb9055474afe335f6a2c4c5b
SHA256 bac067e2e7ac645444397f7f814ce8fadc5d529e5fc808ef178ea505d3281334
SHA512 eb93d89995380d28cd57ff65f41023255adf2527ee14b30e155337a7bd518f17d4555bf6b3724085d67a3845bff78d08c1d34ca26797e053c9ec98c36f6ec9dd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\ro\messages.json

MD5 178c7ed90c03f20f19c71e9b5705f3b9
SHA1 470896ee040a674614bb6e4cc0062d4111f42eb3
SHA256 311db1d0381c412c13d92f5337bde5345e4716d0e43bb3e80d7d688c9aebd5f9
SHA512 c98fc7e6bd862a5b69260f8d3d4c825f0ca0828b63d644857e5ca7ed68336c82695ff8b49198e53a609f55d7731bbbfb39b3af28926a719f8af9deddbd755508

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\pt_PT\messages.json

MD5 99a9a28a0b5665a1a8e3fa8b85076cf0
SHA1 fb644e756930c3216c9effd585236e87f690583c
SHA256 518747e12bec5a7a554b7deabefbf510beda3a96cd04427e123e85c123eedf52
SHA512 cea778cf5b844aa800676c5e47a91367827abef833519512c402d87c52471020558535aca2983844f6ed4d033abf6011755d424ab921b4592cf82ed95ee17ca8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\pt_BR\messages.json

MD5 f2103f500d00f5fde8db4955abb58f3b
SHA1 5854297898c2419ab8494673d38da1e776cc6c11
SHA256 2c41f5777cd7c2655047d9e44f75e87a9ce841d43a3a7b51abf995d263b79682
SHA512 05fcd0621d38f90823d055161dec53b149265fd9d06b6d17619e098dd5465252c9fddb52ddd77295d27f88f87a2e314e444bd8be857fbff7789f9d68192225e8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\pl\messages.json

MD5 2384beddf9cefeb6b74c8194b85aa64f
SHA1 1dfe0ef3bbed37db403e7dfcd26ce5ebaa3d50b6
SHA256 5db5dc96d4c219ddd62c048f990481c9d2fe7d1e05a5355aae3f59c1f6cc8bd0
SHA512 b9868ba844e080feadd0457c8d2c278a01a244aaa3012b710966acab5bbace7d60975a3f8e552cebe7782df2eeb89dcb4eff4dd3788a3685699df4532d4867f1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\nl\messages.json

MD5 d14bf464a408d844a4078c8c94eeb101
SHA1 d070b860bdf4a4fb7a9c40336f01d356bca3bb1a
SHA256 268db7247b53f3646f80ec609f02b371cc9258fe8e262c7665c59fd90f69cd83
SHA512 740f107d123ecee56185eaac63fcc1be84c7c771725b2b499113efde034ad696c0c8ed528a38f256a3c160806b3047de7e60bc4f0f99327d4298da368fafdbe3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\nb\messages.json

MD5 dae032b502afffbbcd36ebcae55b7d45
SHA1 5eb9a2113fd3c1b68b68c42d94050ff29fc6fdc3
SHA256 e0cd094bd5f3aaf84855e318f103f67c880d43e88b7d83a9bcb0a8169d48e4ad
SHA512 ac43c3fc8479a5195f0cf785e096f7da933eeef448d31a4d1a572159195e1e5ed428438f38e19fd5b6eb99a9ff377f1f1c9be62a5a3799a30e089bb9ac88a0b8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\ms\messages.json

MD5 604320e154e4e6c571e0b4e2d1620856
SHA1 a7090dd860a4c256a34bec7d16f17a982d65f5db
SHA256 2ed159fd59fb3e847b59f02bf7f564ba198852392e03b718826ef13576fd2d79
SHA512 c61a3c469fa2e36575923cf919341c840149010956f74ba24454584b36514d5f0d2ea35e991bbc363b8c285686d5e6920a3a3041a5c9abd93a6adaf30e652cd3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\lv\messages.json

MD5 c560f29de746bc4d180288699afc5261
SHA1 827a6b7f4795cd7d6d97ef06157831d24c787c5c
SHA256 0a8e0b35738b25c8f703535e9a346997c9018be665f2bab3a5188929be0443cd
SHA512 994fd4a885ca66fad54d247d33c2b4c4e6f053c9d1fa8d4adfa60300b768bdfc0b1872492ab25a28a7ce3a76c21b58b0a8f049295a34e6a8363bc4efa5cb7dbf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\lt\messages.json

MD5 1bf3e47117852de7becb596a35e52840
SHA1 3f1d5f0da70c5f201c1f635e38358e1433edbf05
SHA256 2e9a6baae1c42603ac2b2be6ac4d700cfe2fcb0d6ab7da69e28b8574ba5aa6c8
SHA512 3fae121200137a1083fa2b939d75a80c5b1fb42e3dd8c2d312ae70d97fc9d17d4b6c7aa589600f3167bbba1215d15235eaab65b12037fc2a49d53787dbe4ee63

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\js\content.bundle.js

MD5 97adfec6bd687e9709445afc0c573c39
SHA1 1186a12a096465da449f1b0df7270dbc5283f4b6
SHA256 c103fc2d0a2484f40fa091e188ead5757b737bd86d2a926488062436df8cdf50
SHA512 e242f0673a8cd0f565a4dc79937bf8280421e2d90a0d7ac6cc18ffbc0b54a692edb714d9edf49d096c88cddc6465df086c98203d1abf960ac66e1186730bd009

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\js\fpattr.bundle.js

MD5 7580759316acf0e6d7a16da84559e6ab
SHA1 f17ead86d623eb3527243ea6c6f5512a66fe7186
SHA256 f11caa7844dac279cb19b87a7704e4982804a131b5893ec436aa092df587b2c0
SHA512 181c4f78dd497539f010eb75e529f9fb48539d559eed5376860e4292cce86ac69b698d7791d64262cfc43454a98552a8a9bcfbf0c777e7e92f7cc67d035e59c6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\en\messages.json

MD5 70c7984777731215a65a737b98c49dfe
SHA1 60da2b4e5a80334aff5cab61d67fa0facc62f2f8
SHA256 fbc68d0c4ed3346ae2a84580168d43b8ce12bc97564e04131ce47a0c3328f1b3
SHA512 2609a01feb2f4aac8edb180d854dbb5c93e9b053791d2bfe9c1bc3d7baacb8fcc75c0953d7e150b2203ee1a2f4e65fffdd281bcbfc2fa29326576d7b887052b6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_metadata\verified_contents.json

MD5 2bdf4d8c93eed2de85525f1d49b9f427
SHA1 7b2e62fceca17a6f3167b0bc6b13a9284ce7dc33
SHA256 d6b8ce4560018a0ea71c49e2fd9e539e2ea2fac775762d14277d55e47f503658
SHA512 4715bfc6e9ca088eead36c2420476a5f0c5cf22f69d3895cd13a4cf25dd1208fa329ee3149563f2b4c4e9210d3feb05b51380ea946772ea9fca4ccc999b8cfcf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\ko\messages.json

MD5 af36e3adb0f63a6c4fdf6b5f2af1e94e
SHA1 b60c40e8794ea88eb3a84894d1c084ac4becbe47
SHA256 ae4a6aa408b41ef1f5938190d6210b08ac844fab0f6a74b5d6d44f6ec202af06
SHA512 0b0cc1d2f242a1a5e535831dc5e51420ce23e7096d6a36cc15f9592374b58ea4c2ffe2a98428ea0f76b50c177b913c3a2d9bd229a9d328f1f191b90f7752a2a1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\ja\messages.json

MD5 8eb4d9be37b492c63a0b090b5e2fbb62
SHA1 176bd8bb7db544f310679c8db575a5559b135945
SHA256 21e61a02ca0f8e4769343fc8b0fe9bfaa864da087b8a06464ea88463469b9fee
SHA512 5d0daa0f241ba21ef3c99fbf5857b271893aa22adc8bc445362f82c33a394fcd3efbdeb63e84e457039d401ab440c7bcb0a57857eadd4d1a03c69ae9fbc43995

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\it\messages.json

MD5 b446075f5bcb7e584206ad9f27891fff
SHA1 c680f72341547f56afca4430e476b5a85c69a182
SHA256 7857568ca469f49a68beda8d7ef100d3d95091d5fff05e3d2b43e1c4c9fdfc06
SHA512 fac1ac769b7c190f55e6a8563875c236071cbbfda981bd6ef71fcfb64c7cc4e84db8b3ebf8b41a6dc5a38b83679444120b8d559c879f7beb1c6c137300a177f2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\id\messages.json

MD5 03feaccbd0b71609899ac2f6a9dd95c4
SHA1 67c6ba4031259c611dccfca779e5c0b8fcf6d66b
SHA256 8285c9db88e40419224f8b8f0093a0b98a9251b3a8162b251f6b393065021e5d
SHA512 89945a6df189b7ee82c6aff6eb8d8c627a4ed6c98920bdbd89f326053d7f12d85b0804a6c4c4e09d275837b1bb40b014a788621efc9d5f3738d7371f7c5ec11d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\hu\messages.json

MD5 36fd009ed08b2e84ea92e595788d195b
SHA1 24b040431a6e054744cd921eeab083a0279bf60c
SHA256 5943cc216e37f2482d9a7bc524012d43df231364f75913ecbabae25710c0fcfd
SHA512 e50da64338808c0fc607cb039ec725c93b7b51b450a932130256af3161fd9b5a985e41f124f76586741b84adb558ac35027dd265528d49d420f55e645d0668cf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\hr\messages.json

MD5 f0638d1835e23b63c8581d03dfe01117
SHA1 3f9c3b05be78526c5671a75eec3e31d3b6fbedd5
SHA256 3cc3467a403b776c954112a7aad8bef07922ce2ea8f933c44a9214fde5939958
SHA512 09f6884005ea485c1207462f3169b08e4761f34bf1d870e08b82ab6186b874812e210bdd9cd448b5050d6a90a3e288b3782e1fc488d3b5afccdac4db00f64a80

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\hi\messages.json

MD5 f2aca748a99d5a2ef6b6a3cc4a077ee6
SHA1 cb3a46500431796c69a9432a8acc022e06f8938a
SHA256 78e14410a9d03388c5ff486b6cf5d8ddb02d0e76c5115ff28366522ed880d5b2
SHA512 c0dc8780824ce66fd705d299aa6d864f37abcaa50ab9e5dee3cdcee7cdeb1192941e1befd31528aa8823119d3ebb174e2fc5a41c43f145580fc0fd53b4becdcd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\he\messages.json

MD5 25e1459e54ff339d78a89e7380726de6
SHA1 e8db6a0ffd2e59652d94fa80e01f0f644dd11895
SHA256 51b4795f15a0aa4d4b3406c11351dbc8554c6e06fe3290d71d68af2c40f2768d
SHA512 d3ac86e599080cd58300cdcbf7fd9e7044b9b90f514e432869350ad47af671858c7ee9b61f8007222ea29f60048519c92fa8681e8af324a695f85891bbea3098

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\fr\messages.json

MD5 e58a3488583b6f86e7743718f520d743
SHA1 bd3df6b4ed7a40c5e1b74313998440ad9f4c0033
SHA256 6dda27dce77ca995b7111e23f41a7352cbed3d6374cbf1c1ec05c2192cf2fd3b
SHA512 4a1d62a1670c98c0554b4cacf10ea3fa17a5dbd2e78d748a21c0fd52d2b137df03775e7fee4585974ee3a022c2da0f5d0ff2954c1a0d5ac1e08d2140ff7a1a90

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\fi\messages.json

MD5 19a72da82e07a19f52f6186afc084723
SHA1 fed5d943b7df36fe9c92a4b876f9ec03e990573b
SHA256 f18e7993d30c8c57549c607d361748492d5f05f018a248685cc97e5dff9f267f
SHA512 8cf6facb3318133d6a06c2e77051ff6e8657fcbfcdc3f08349b9fcc4c154fa37128f998ec2765e2f59daa91286d786f586fa0b3e65fb4b7155909c7e5c72b0f3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\fa\messages.json

MD5 475b6f3881ae62e195aa0698de10dcb1
SHA1 f177e9cbd97fd717c28f5ea6ec19ec4446c947da
SHA256 f8344512c8e412eee939b1af58e8de07a8b1d43c696426339f79f6004c0d70d4
SHA512 d5df319f0a634fd043a06084470346f43e1ff262ebf1586ba75bac1c81e11372ba3b91c8800e1840c95b7141489d3729bad723c2b561a3e461cbb512f0c68d79

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\et\messages.json

MD5 8139cbfd87e33568537e3914b4d2962f
SHA1 ccb90ec9e3a3295f89b26cff3eff00d479d0d133
SHA256 5c83d5d3f58ab3b79278912d16bd83303d21ff3135f455c1461fbbc71ada1854
SHA512 6db29541032efe2552247e0a37357774ae648b6f5072bd2ad9e3804516bcb704232675df385c1c915d0780c5208282a56564c3f0292b3ceda951125e78f0fd82

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\es\messages.json

MD5 ff1745fb4069cb8509293c143e0859d3
SHA1 ee7719465094059ac5c6541480f5455095db7940
SHA256 5e10ca0981d3df4362ffc8ee8d1ec994ef2f77837d72921438a465a802741224
SHA512 c3b4c8c21899a240f9f14b89f790b7f29048017114c9be5c0ddda8cae00cd5f5305531598976c3be33b877b7f7e12f90fe0bb73b960fe8437d0c0e6f912a048b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\el\messages.json

MD5 61f5181bb7c1eb1ae27596e72a036223
SHA1 52686268d5b660553c65be04f200547c583059a4
SHA256 ed82be15a0c4998ac449735b401540bf8584a4f3cb1d22a72c212e6bb4809286
SHA512 0c470401dd7fb661ce489c54872703fef3ab1b01738ecc76bae9081d08fc9a8fbc55bda4c4244b85ab84d4a86518137e69a2361c3a94240e3129fe46bcdd58f1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\de\messages.json

MD5 9fa83219f81610984db871e107efeb61
SHA1 8d74a55337d18e0a168afd4aa558e6fcd14ca751
SHA256 b0a16d127b6c676a1246a49066c82578da2453aeb7cf64dc17f51a45cf172a7a
SHA512 e0df03e320c3be49c28a55f6695880ab634ef1fc2986265877877beae1daf899ed7f1a5e9d3cff8ca7fb976d8c20d77c9e6c0fe14e470fbf6bcc76e6fdeb5035

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\da\messages.json

MD5 a5b1ac58490654469ca10f205d36d6d4
SHA1 17b2eacf01b18270c682c45bcc8f5f4dcf8c8bf8
SHA256 c709fbc0f93bd19690a772ceddfe18b797ba0b8325c2f3443cd9ec9322cef682
SHA512 4c6cbc0aef050962bb600c719fde74d15b3e6cb83d96fa2d92ed98669df7ca278a9a93f591b47aea57628fee691e885c8e9e71429ee8b3e5b000ce436a02f4ee

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\cs\messages.json

MD5 728e0805d53c78f377e26af11cdf8c77
SHA1 31f1653fd38b737a300f527a23a69db675154c23
SHA256 e65ffe37b59dbb1f900138daa0d2564769dbb61604cc1b5d439db38b21a00569
SHA512 7ea2b8864f7299f8c38b6adfaa33e93bb15d746d97408f2378fbc9024299a3b95763f44185d27110027b4364e9d0fca593d47d783f5b16c98636cf39e09b4c8f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\ca\messages.json

MD5 40aa326c413101583f94fb70b3fb48ea
SHA1 45710a74e0f8fe50ff3a9613c506000d12128021
SHA256 9d91105b9caa8357e97019b8863baef095450cf9bf09dbe9dc66bf3097d34bd9
SHA512 d1afe54c6adaca1f3f4e5ba8216327657d4e63a55c4ac4512113b91efb78af454cb8e991df2bbdb07f3781d915b56c294af5969d2699acc2d8cc44e369cf0f33

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\bn\messages.json

MD5 716032e2d00772c2649ffa87f3aa3ea1
SHA1 ad3ad641292bcad54e88d31903b8290bc5bb8b38
SHA256 a6f6a6b5c4766d44bc911010906d9c725f2424db8a44583e7cfdba1c18f7e4f5
SHA512 c0b32a247e1cc72713dc83e6afeddc9521d3a2fc2537755139687efe535b4384c9a3874c2c52972f50e7b52571f873a35781fb0add92036c2cad077b0de5ed8e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\bg\messages.json

MD5 016d8f12ba72a575e6f72190cef95a36
SHA1 41bf0fb4cf2391963d756f09a2fe10c2eba86706
SHA256 9c8fc1275db7686234c012fd52f66ecd82f465066280bf9b104fa685de2ba39e
SHA512 e834e42c8155d8aa9a074cac9ef57c42b7498f209d2a2da2552a8291c4b9c46ea8809402131e326815dae6facb0bbedb62c018d48933f7c24c8ee240262681f1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\be\messages.json

MD5 9699d91659fb6f3bb8cd28e49c3cd437
SHA1 3250e58f0359c1b08ceff548a6fd0c4974e97774
SHA256 d75e19a17f0a1bc3e2e04d95ce9c642dfbabb53a96d97e93370de5796e3adb5c
SHA512 a343ba71e2813f59a21fe776b84d39f9fc58446fdf51cd697a6529397fd0661a8f69a399d2a8d351656af2276d338311b04fe4ded2fe48a7a504afbf6b0b4b2a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\ar\messages.json

MD5 bb7da78e2baadd645581eac61d1f08a5
SHA1 a7b0fb3e6b61d67a6d8f05859783c90ce128984b
SHA256 5efa3a780f484c8f277389e3e66ddf308ea9c6b7ea3d172922dc24b092f802cf
SHA512 fdb2f2388554329a16ae9df2eeae3e9cca1a9b939835033c48b4b0ab0692f45d228d8b74f6510d525aedc814d2bf97ecc685218d82cfb922b4d3704f3c7c49d2

C:\Users\Admin\AppData\Local\Temp\scoped_dir2948_49894449\CRX_INSTALL\img\flags\gb.svg

MD5 3e47b0e38d166b5928b6a59cada3a61b
SHA1 02071bc3bcb9cb6cd55a4cc31acd92413af799d8
SHA256 da96876139ecff7bc411c18ad82f4d328c9abc06b70d8deea4da6c4851b9b084
SHA512 0072caeb8aef881672bc4ec6b67fd4e73e8203afb48f2f772f62401f5acfb09e54f1b8e1a05894560cd8d13304927da434fe1f96dd877733d836d7844c57c69b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\en\messages.json

MD5 6d5e76084c6a0a7cb86266076d008f66
SHA1 8779caf904bbf4b0e19423511fd4a3ed7a92883e
SHA256 d5ec69a6394640ad458b698dab3099632dbdadb25e20dcb002430229e711b386
SHA512 8286efad1963598817ee38236b1b9db150365e55823fa50f67f2a0f8ad29b8369705881f4767c8401a3228209e7cac919cd25aef4e5e10162d4bf57676020241

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\manifest.json

MD5 67b63ded74a7b4049a35a6ea56190c67
SHA1 b78656b175221b19be29ed9673a52ccc5cbdfbda
SHA256 d277b7b94af93ca66d33529dc67d47559ccb9f5ba76de0eba85d70a09f75517c
SHA512 60fa30e034a10f91f3ca8a043bfce016ecf1fff85d55779c5dca9bb199bab9745e2573fec82c8484c7e72b303048858d1f15c3dac999aa18effd820db9f54653

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_metadata\verified_contents.json

MD5 da75d62a54c62f3b76eaf5a8dfe0e732
SHA1 36207df1be4d0455d7c143eb6dc2deda7d3d6c4e
SHA256 944d212eba8738de04aa1675e140b64a7019257ea57b97fd780d93f14e3007ad
SHA512 f9cd02d1a42f7d47ead1b769bc318239bc775dd0869bdd64f19a8c0c2ba7f96591e71231e1f21d87133574acf721d213691bc923666999bdd664399adfbdc515

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\uk\messages.json

MD5 53e02c914486d1f0b84c2c8c0d142581
SHA1 72ebfa2e8cbfcf3437c71f307d725d5dbf6534bf
SHA256 2db72ef83c684016302211e7e21edd729a55d34220d7f8521b2aaefd8b4cde71
SHA512 be080d75857639128d425ed8728409fa5a16bb9de2419dfea49ef488614388016ae4d5892fd2483cf9f6736f5c44abe4f9e2d701d86f91e92605bae8149d8579

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\a1.svg

MD5 bee3b16882a32c534ab55daedca82f7f
SHA1 07a9ba0349ed60c0285075a43912936e38b9447e
SHA256 b2022fb08c28fc7669a2585a915dcc55b04b434318499d8a74225fa7c23d7887
SHA512 b992df865c2bc95f2ca1fe6f180441ade4136edf846a667d2172579affa81adac155b756ff1225bb97d6c6cd8168eaad05568ca8b259b9153d9ef75b5582a891

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\es-cn.svg

MD5 54efa515ef5e0c041633f779090c269c
SHA1 c8b7ef5cf5bf2793a59bf8f1c375f0947baa36c9
SHA256 4537f16c475da0c6c00912d3759a1bcc341c5879e3b1c8c7880661c41c793315
SHA512 54c8b5d55c2f383aa1bb7b7968d14ca3271accb5ed313e8e20b76e323b58c92ea6a5ce792113de4798a804f83aaff7bad401abd7eea2988648251201e50673c7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pf.svg

MD5 e42f4cca9dba490c4d9667232ce42782
SHA1 0829d7649e52b1c1354c332d6b9d8d074dd5cabb
SHA256 fe77fa4e0db535d53b1e3c7a0aa5537b2569fe12d5ef894b902ed127f6850f82
SHA512 4a7f970a244ddf17d25cb79845ed21c3b141c440386db26a8b7b8c1c57bf452d4c00f16b4ac9fe0ecf5e38bee0c22235f1a70af5c9afa9d96b75688d746bc2fe

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pe.svg

MD5 a29827d273f7b286e256f8e439dc134e
SHA1 41b216426579a7b344da11e876b6a5d25b9bfbba
SHA256 ade2c76b53a76a70137478917a4b2ccc9347bd8a1b892fd30d64035bb548e037
SHA512 9fa7c2b94298c556863001d6ba065d11203876524fb18ce5f964135ff6d67de3e0b7c18f9e8fd80b1804454a6ccb0381cddb751ec4a654b0e39583396428af7f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\js\background.js

MD5 f56afeed27f1f068f19597f20755b19b
SHA1 4a3e6244cc8b10c08c871dd54b2f1e608c228b79
SHA256 b5c27d2c7c2dbfbe06d8e0a9381d16e8afa28322e4f8f3ca6921026b58e8dcb3
SHA512 6a445cc07463285eb6f080493c22fade1a1e6806d94353fbf3125bd7c5e3e30c1f03a6f8fc8bf97e34c8f0eec75669cb87155ff91d610c242a0bd279fce9b053

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pa.svg

MD5 8fd05cbab86704748a78f064e89977c8
SHA1 002b20958fd11de6b1b06e0cb23e1e40ca1fb844
SHA256 9998e7a2aea18b4442aef0928764dd325c2ee28a3626c8c797e96579a453498b
SHA512 bf478f041270b97b490f935224bb1232ca6abbdc2019ea524caa76ec2fcdb18f7415c8a6fd6d39e6336fd5ee7d46d3969412067e3fae61ac6db011e18b02a4e2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\om.svg

MD5 9f2d9c47739bae4f07e51d6c33854ef9
SHA1 348f3ba6cc4c998a6bfb4ba324c1700bc9454acf
SHA256 8f32cda0e9d78d7c17685fc11665270f7e8e1df7517320f028ef83b5b60d7b53
SHA512 3b2bb79d5b7d2f05b0331b7084becbdd10897c2444f85733fb1f9ba4d24f3953ac326a7afb8352681e5221a3cb559baf956837746fea1eea08a041bcf147ac54

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\nz.svg

MD5 44995a52f7c8b90c3632c97060ab6165
SHA1 532e4bb2bf9408c30cc771814fe9e02bec8dc34f
SHA256 59c3cdc3574409f636de2578a9e9cd94936f6016888bd27b79255e2f73aede3c
SHA512 a3e8cefb32ec0d1a9fa89251b3dd6c2fdca31ada2e31d74eff5953aeb7c437b94c23e84c45cb570906eff474aac8a063b275da4f8695508112b74ab4dc78ce8e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\nu.svg

MD5 38185385369afc795ee17f266ac17f81
SHA1 57369c4789169702a1a99213f41e271593e4a5ca
SHA256 3c3d731e5c7b25ea64477935a0694ab076efa7804bf147a574265b74e49a547e
SHA512 84099dccd25e4308a854b55f55729dccf766b964f8922c4c9bf9483e7d09e52c8a563198d6ef504a18827290e32ad28d20615ef6a29754250cdcf74d9b6d7785

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\nr.svg

MD5 b56d757ec660665209bbd965194f5b0b
SHA1 234864258c7310483b8bd10c0094ada80d8bc469
SHA256 8c52f0a3a16324f3ec387a24e65deace09596dde052d4cd0c9a0506a6276cf0d
SHA512 7363c81192990ae9321f4ff65af3a2db180ee4c73610f1066e641773b931a0f75ed63aefa230054584d35cada7d0ea1f359eea7a2c6b2d11ff36a23bd9445804

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\np.svg

MD5 c28e24f1abccd54a5e0a62c05d43d975
SHA1 c67944df0a8e4d251308c7d59c6eef1a7f14f068
SHA256 88d7a5d29aac41318cdafb90cd641fc20f449b7c8ef0d6934d6269d8281dda49
SHA512 4b6a7311b61ff623b9c8ee51a481d26bd6be2a870d053af0400abf03e31a3943fa1560a69fa9ec0360c1045cfb09b88e5937e37d5ff39c2b9e0d117e20c4fc18

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\no.svg

MD5 ce9b4a121660ddfe68459dafe79958ec
SHA1 98f598e60054c3818c9c36c2a30ba1df8d9bd927
SHA256 c670b245a34d15973234d163f6bd33268303d46c11ce0e526029734bbf28f097
SHA512 a52d38dc02f703e7ef3169a1a804624b862097664fbf44dde191535e70576cd377e43e4668f2d02ccc2380666f64008b9c954031c80cc255b61ed85e4c1a465a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\nl.svg

MD5 0a3e71c682efb72ea9c97e9746fc6fef
SHA1 73580a093ccef4dd0df200f255d07bec202ad958
SHA256 d9441244253811c8dcb84f365444f1e9649be789612d38eb01832cb0931c87f8
SHA512 07a8045b11a6766808867725b24257d9d3479fcbb6c86b9f7fa06f3d284609ad4e37f92073f58bae9847a3efa3ecac5165e4c0f79a0bfa5e92119ddd62aae5d8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\nl-bq3.svg

MD5 6ac059291f53fc5fd9ff94d70c7dbe52
SHA1 a735237ab7aeae619f74c88ce6a8482141a5dc13
SHA256 7df5cd25166ee5db21182cc1668546b2aa4b2b7465a2f4409ee75646037080d3
SHA512 1bf07cab3e7edca25b1bc2bdda140188b0e1a0bdc402216e02c311ef946dcc08ee7fcc2d3b4fec97ba6b709df2705c954ab98b7b9c1a1563ac75aee7a5c49ce7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\nl-bq2.svg

MD5 6685bda4818530ba225e34fced48558d
SHA1 81fbdae6376d7dad5370f46e97b276ce98909090
SHA256 095d8f5e04d44e591fe4c8e545de3eebd74633a31f881a26c8cb5e5464dfef61
SHA512 86bbbb7c9bb650399f414ada559e6d78918b2a42b95d0b830cfb69e4af9f43d2851661343b44ef6ffe2f66a4dbb777e5712d6078b629b4d1b4a13a5af2f43e7b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ni.svg

MD5 6424a293319f36acb02fa4b0fa65ea7b
SHA1 40c0225680799b0b95416902d5e36ad7cc3cc18c
SHA256 1babd82af65eadec04e53bd43d96523affa6bdf17d34cbb4da5a3c213113157e
SHA512 e5af1699cc01f69efa06ff64658a1912c7eb4b5d70168ba98b8f6345083cec7e5d624cf3487a372fd42f3041fa6cbcbdb23d094a46302ed1bd37b43a74cce1c9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ng.svg

MD5 139da59240086b91c705ac8c154d38d7
SHA1 e5a63c2bbd9bf1eab80730f8a0a3af2ab35e5924
SHA256 53c88a9282f15b460ec0485cd42c30484c1fbfb641ed506a60443551659bcd7f
SHA512 70a9b998eaecfc1347a39ee6a2dbdd72c522011504358816b2ab8921579059b08bdaec6619b9d36596a9c3e540e052ac082f75e0f5d32b699911f399ee7e276f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\nf.svg

MD5 1b90242015051465254b2427dbf07d60
SHA1 b16a9afff391ac47d33543a87d0b270706dfe9eb
SHA256 4d49c71487cd743c45fef6dad516db010c79f40eb90492b434bcc5464e2742e5
SHA512 6efdcfb58c346ec93aedd01ebb05ec02ad6de980b275b68f049c3dc1ce721030d3c2491cbadedb1157c1fcc7c8853be54c4849ae767d39e6880652c5e31ace9e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ne.svg

MD5 99fd1555e1d31dab56a9358abd579b56
SHA1 10fe9e4bdf71a1b466f4d8660e789d3d4ed16999
SHA256 4957820b02300235107160ac7e71bdb61ab46360f1a6ea73d1a00aa8e3596025
SHA512 52b25e0f07e01ff9aea01a97efaeeab669653e1f5890cee86a8496ef74fdcace9aa8b9014c28c9359560f678c735e6a0afcd7a815b0205f83269cf8582cc186a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\nc.svg

MD5 63b5ebdfb9ba9f71034ea76e20d9ecef
SHA1 9d072ce12e23fe1ea9c511510c7ca7a96133bc5c
SHA256 d645d520cbf9d315daa73122339777ed38d6fbd7d8e8c81300c133b98f0c5457
SHA512 edd9395d4b79758251196c3b0bcd96e148b9e38729cd823ed6dfe281c25afe8b936cf823e0c17c6532258a2f3d36b73a84ccb7b66efef940a4417017a221488a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\na.svg

MD5 68db7322a655b2933d17a23b2d6fdcb3
SHA1 e86b0c9b6b3db5f55709e0b0fce31e53159944c6
SHA256 60cab0db90a32de957ea7862380c9110150ed61a473c5b5db307192d21203ffd
SHA512 2dc309511d1f2f3d95d411546aeb63fd50d3f936a57b7380142933437f02294cfbf129a2ea93aeccb853fe478eaeabc017ffeba3d415381a7ddbefa12028d8c3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mz.svg

MD5 815f3a6557733acd054f4aaca8a335a3
SHA1 88737aae82f7ac44944e349f64cfed5f608e44ea
SHA256 a35b08d09e8ddafdd199d9d2a2ca4107b1e9d7b09fc8d976a683fc93f34e7235
SHA512 ee89201af27c43617a20d8b400825eef3b94467f22ebb32290e3a3163fd9986e3a3090e596245bff74e92102a5da35c3effcda381d2f891d02da9f908a63651e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\my.svg

MD5 81f212679713a69a655d2848d8f397ed
SHA1 0b16d70d8be0af6c474504ac19cb7b38289bde22
SHA256 02187a68fd72aa0af2e0a4c7f5b16707c49cfaee9b80ecae2feac4e62470f841
SHA512 5b4e48403de51777722ee38ba367a991e4d5236fc65adf5f7c62c5c7aa33a4947a28ac483a6b90fd57ca005446e33f989383a75ed9a266918e74d6b5b874f2a3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mx.svg

MD5 03c4eac3ca7bf6d24ad7ac75b697875e
SHA1 a6f49ea812c5068dc1ea5cd01b876b0a09a77e08
SHA256 2de22f8f2601820cb9062eb5f48a71d0dd672f19cc9a766e759860b2a93f4b95
SHA512 e8deb876909b5a6d029b397187f2a48e342bf96df8e444b9748823bcd2316d4255546ab7de92f9cee56ea65160772aa21eaf1b178f83b349ceab38e138a59a2e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mw.svg

MD5 d503d1cfac4aeb75429cc34d760e33b5
SHA1 6101fa430ca96b1c3cd8bf374978c2d9a53db0fc
SHA256 dd656a4dd7666475dd7f8901a1518e012880082782140a82e14d949653ca0613
SHA512 826bda52e39c0cbe531b6b44f33a2dd5a361f408a976d463a10fb82192de387e4bcd06090f7d4b2324b4c0a7771af9e7b361ae76e368fba4519029867d99650c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mv.svg

MD5 12f7124aa17b15ce747e4ee451850a72
SHA1 aeaa794c1710b9d52a712c19d68d04801fdf7c4a
SHA256 4e279f7e791ea4e2cf0dbf120bbe9c53ceecf0bf78c44b0efcb99ae858c110c8
SHA512 12338d7a26540d73724c04a65a3085b0ac738136d07b8e8d692a37ebfae06c4345734536e7df4efd84f49d16716bbb11b1d8c5e8c217dbf76777f3dc6a71c2aa

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mu.svg

MD5 48880e843ebf21a187fa78f41edbffc3
SHA1 5037812dbc79e3aa953954a0d2d70296888c21b5
SHA256 c6bd54a273693b1b24e05b178d2025a65e0bd5b57ff002bc1ede5726397deb87
SHA512 37d47d16832eed7be49b8f2948a0527796c79e8c420b7dfd188da4f260c22d7bca70b1acdd64307857edf511de62d464c5322d2dc9dbdad10f71b4b3c0025089

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mt.svg

MD5 73e0c1ec193b6f9297734177db691873
SHA1 ffdac0ebbc34be9b254c8940ca224c8291ce936f
SHA256 21e2159feabc5dd8b4dbdbc5d6e620014df5251ac3dad5cc359353b00e3a1573
SHA512 32688b32a67749e5e50064bb037726e09279d961df9497d73be1a031ad31f2a3a910a8da68a503d80e98e47aaf3c682500a440007359c5a417cc78a90da3b325

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ms.svg

MD5 d9ea47dbb35d06c07b669e13fbb98a7c
SHA1 baa1719fc9781dec37e3a21e771e567daf6ef8fb
SHA256 c7a2040339c7a21b7ca02a0d723dd10e31968630c05834835285eebed36c2a04
SHA512 2b8d2ee50ef6efda62508e79e9cd1449ce7fbf68cc17a4e7f12916d9122004a0ef377f4b5c0bcd4461d707b3949d06319a5a7633919361a4f109fe1acae84052

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mr.svg

MD5 151d1713a7f6defcd71e7d8258f3e12d
SHA1 4520c29bd6fe891f62551db93418dd1f15d74198
SHA256 74d42c7f6ef0302ead9b965a0ecfa07e3144cf586abb54d1a2556165dff5e443
SHA512 2eb46ef679cc32ad400f257f9667094a392c03e1bdd0a2ea79a98b418da46bd0df0193e09b0d2a34b97b7158ea0b002251a84949251dba2fcd419c7fb47787f8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mp.svg

MD5 f04993f5ee2d5080de1bc01c21285880
SHA1 5516e9a10dbfa4b06d4f332179a3da05fa75ec74
SHA256 44508953d33c83955854310fc582a28333080e914ecd8ed62a41fef97d6b1175
SHA512 18383075b47bf16f32b4a05f1044e981e25f7bcf4dfcf70088cae5fc9eeb717c457c1152b31b7755cb39eb0568d178751734cc910ae393e69d211aec87156fd3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mo.svg

MD5 1aabf83234092a3dacf0026c4fd33dac
SHA1 29dee6782288e8c9eed986c2498fcffeb57800cf
SHA256 f062d7163e1cbfd7e0730bdcecd5d112ef19e0001ee163e5f8ecba428bd3c631
SHA512 3c7bf34aa4e44ad1f8ae4ef01cc0321e6b59c2e7e1ef1a2b8dae927798125ed2948eae1ed38271ca69057c5f7f08abf55308686c672693ecf0f1e051fb3277af

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mn.svg

MD5 49e39a7896949c6a612646dd06a9a49d
SHA1 2a87fafe15d636b35cb6094ced941146dd98a513
SHA256 1517a313806392b854c75b93fb8b6941fdaceb7d2f579bc8b8a12f61a6c70b90
SHA512 4465e8149b47e4c4871ff4dff251480a352a9ef4964cee5b790bd8680ce0e527f4d6597f10b9a0122b89c1e2d82118ed5942e4313cb0b700186e82a3cf012694

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mm.svg

MD5 595a8ae5707a6cdfa86d6dbf29a91e6b
SHA1 9138da096add627676fd4c21a95cd24fa78da71d
SHA256 851fd8f02592dd9b163f1b89d761fa2666d67faaecf7f5b1e63c4dbb5135f7f9
SHA512 5d67e157d5584379ba7d507d86e08fee1f2ffdef6c80ee29f606188aeffecf30be226379995dba9fc58e64f14286d367382c8c0f8064e57cc2794929b5dca1c0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ml.svg

MD5 10a35bd67030a4646548934e8e0f66dc
SHA1 8fe0f52b00da4ef495049932a4f44af03cd2bbbd
SHA256 3feac2488814887bae388a1f22e40338cadc6fe1e4145081d8755be7e11b7d39
SHA512 7407c058fc0c89e81c8150c23dcc958c02bc935029e96c5e6a117ef7a41b1af7ca5998197adba032cad93fb46d2ae31e6e00364b38759ed27485c9b12192ede0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mk.svg

MD5 e47f8f6e75859e790b835a17c2d7f3fe
SHA1 b64486d365c72b368746267bd75419f7813c69c0
SHA256 986fb062e1a6380ae4f9f06703d3d9e4ab823eb606f019bd456a446153f1eac1
SHA512 b61c467858e7a8cc37d3006d5ddb1d09db9ce533491627efb54a8a5a821476e73568c0ef3d26f30dcea2f35f7e4465f330bec4870fa951a2d2ae705602f02eef

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mh.svg

MD5 ff9f090e37c919a46b27ee2f76dd3429
SHA1 0b7d6c1c9c201dc09cc34ce11d40d798e353fb5c
SHA256 b56bc86d6da9b67e37c60171464ce8b4787c28d813dfb118371bdb9e832e7646
SHA512 8861c3ef6161a5e764d4d3ff2e32a9a9c8f8f696196f44bcfe86afc1629dc1f49c3b388d74afd440ba09f3ad5c8c321178d5ca385d475a2bbde0d3389767f66b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mg.svg

MD5 20a1a9326e133da382d964631a33968f
SHA1 fe5096e20faf849dd51d1340df02bacb98af1649
SHA256 5a7447829630819ac6887c259a608a37e2ff4125c519e3b1f741bfa35b8b5d9c
SHA512 570caa4c3d54f964041e8d378b6846d58e62a00c0fe83a87e947041304a83ea078711f328accc05a79440856f602159238077be13d070b21aab5a5362b7f9aaf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\me.svg

MD5 32f198213cbf52fdb39115a192475355
SHA1 cc054dcfa5e076d30f1cb9cf63c659ff8158991d
SHA256 cef19d880d86570d990378e860ffabd1919826fa16fd5125d78e672e39379ec7
SHA512 eeceb34a946524679261551c58f8da91b45768c2b59aa270eda093547f249e807f65f397f032d9d0c26d5d6b13441f38f6b79477cba119f7b1ec4d4df1f36651

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\md.svg

MD5 93d9029c75b19327f25762dda4c15e82
SHA1 4793726bf51bbe1087e10f4568d1e933f881a465
SHA256 ea70c575249783d44cbee132b0b0edd2741f48c0cfafcf31358030fe6a622716
SHA512 4230d375289fdd10d16f2c7c8e7c1acf58f45e8cf2003306f02150664be2ac24fe84772327ab64bd402884b28a420cd82d432337e9e790d13a54310fafe0b2e6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\mc.svg

MD5 60e8fa0c728352ceccf1c30760350810
SHA1 1f7d24bb51be12927f353805e89e6aeedf1bc470
SHA256 05f07950d22cd001589f57645d3cfd5a00b2a4bc3a18d2c56202e80b28542420
SHA512 0dc3eba76bb767fb79359d1de566a1b09b396f625031154806fefad6a79444f4381552844b4a35e600d94bbd27bf436c3dd4a9ac5ef8a159c867209c8d25bb9c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ma.svg

MD5 92482363928c8846491a0f305e4296b6
SHA1 db44a04354549b0282313fe6814825469374d10c
SHA256 8c536ddd1655d7048d0c4a0bde8e1acf65576e91f51c77859a09a1499a516099
SHA512 8001e542077ca051f01a3dd6ed51a472e711716b3df20ea7b5a5cfdbbdec796ff24c1dfe5743c64edc52effbc6883f8d5c86069ca614ba06225474ad8f2c5aa6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ly.svg

MD5 1bd9a96a26d326f61417aac6978071b1
SHA1 6c3ee042d2063fc0a7dcef49c599339294eac921
SHA256 2e177175714f457ad33d8835c750f64657e0c1a347e60d99eb53b7e7a5229b44
SHA512 8e33244047ce538dc43edfd363bd857708b4b412484f6225a292720eb981a710a7375e33a099ea1332cad55adabad6ec5f355237b1ac4d48ddffe81bdba490eb

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\lv.svg

MD5 1c7a24c41cf6ebce17eea526bddd6347
SHA1 f338c9fe48752b7da08d40e9da97a5adfbf9fb8c
SHA256 fb57ed5fed9ebfb06fc5c5431749e8c427b6974d473de3b44b6b656f36a9adf9
SHA512 edaabb21dd02215a9b2478999e9d1daae51a17704d1ff66e2e5e98d051a765dfc2c1a1c4557500fb7fc06dc0d96cf1ae00256f2a9e7194d74ca9cf6cbf065025

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\lu.svg

MD5 800f0ddc8aa015c0770289249e80c52a
SHA1 57f32c69afbbdaede5e2ec42c98a14e1584a1d19
SHA256 e3f2531ff17e7aba1bc785d856c2471e29964259b216b595e761f4cffd7bf84d
SHA512 2854be48c96a63e2dfe40135e0d0bd9ce765cab09d18cbfb08bf40de0fec3bc898de61469ae40b803f270c8a8b9ca42fbc63e9fe17fbe103aef59e41a3241c96

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\lt.svg

MD5 1205c707def6427c3b0b28b7a095bc6e
SHA1 3a237e548577ae537de206cdbcab3312bbc727a5
SHA256 5dc6d3edf75f12d24fa9d06fcfd1c8e08c450429e91c01f187e5b943394aa783
SHA512 f902e749e6d8e48e62a7a39db68c36c7de2c95fb0195591a04d320713314d802674244702a3fd5d0493844acc434657054bbdb6759e6ba770904d25e36936c54

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ls.svg

MD5 aa1134cf45b4ab2a410936e19327ce78
SHA1 0b151feab2b9ef5bb8de9b1603d4af099ed8a05d
SHA256 73f6d1eacbecbe58c7752ba86eb6d62a05d21cc67a6876f5049705a98c5adea7
SHA512 6a682be547bbeb980227daa4861880eca3f0f22795dd90941c71c1aec6b2de131aeead09f84649370f236bd8e9e989141f01862ed0f42c087fabb10d3fc694ac

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\lr.svg

MD5 6cee2c41412da6071a3af26ea257bd69
SHA1 a109325dbcc2a528a537c116752c75fafe2caa57
SHA256 bdd48c7afecfddb69fec14de264259683818bc977e2e9034c6426c27cedc53fe
SHA512 581c724a47ff8a568d0251552408a71f6ca4d3c8a1bab0d24ecc72e8a5239ce22b3e4c5bbe0629edb44e962b2c901bfd8450751fee6f3e18d54b2d39f61a498c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\lk.svg

MD5 25db64cea4e114a2257cea7364988e89
SHA1 e8705b89bba9647e32e6f21008685514c3725ec0
SHA256 b8d90ff0705ecce92bebb1afa7fdbd1e18c16ca0e242f7c0f54571f809698ca6
SHA512 4ba2e99ba95adf3c94ced1ab32273ffdff929272391124fba3540c271f9df6676408ae20d0536ac07b0cd44ba189d3d8da42bbfe565443888241845f16166434

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\li.svg

MD5 251376b983fc4d99651ed6f85a2a2b73
SHA1 62d4801f15c298410b1bd21766c47b011512ee3d
SHA256 f9333fa615d45aeb45ea3aee8b05f6950d7357097ce414ca311d3d375ac02819
SHA512 5882d06792e45aa9932c4f7cdbac1e85c553117e40ecb35ef904c2ff800ce1ff78f992357058343ac6e36e12ed15b68ac76d5a8be346889c6c5c230bca77e2a4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\lc.svg

MD5 220ea07f8a15dbe1f97c07a8dd60d2e8
SHA1 093119de4ba79d4825cb7538675e9936b5e468b9
SHA256 64e45485e3e818d57bc67b76904c91eaab7637bf775fb5a5728ebfaee01f39cc
SHA512 a10eaef05184f1cb1c12d05ae416403e1b8b49567a18c3d4f5f96e51f3c1a702e0af1f8a4ad0ebff94138debf557bd329c4d4b0a4529483e47394cdf3525883c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\lb.svg

MD5 2413c6746799e8fdf4833150fa58dc9b
SHA1 2e623753c98ba251acf420435d5e6a887a1af4f3
SHA256 89c822b1555e98a96caccc5f27c28ffb58bc151fb30d01fc40f5d3a83db2b69c
SHA512 d86ad81bb86a8014931e14fa4c7aa6d0885238ccae36b3c037ea858a6a0cf72a7530a4faf56236ac9c3495c80e86c73a6e2febcf3f2feefb2e673a6f27ef8a15

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\la.svg

MD5 16b0aeb9a574c859b7c627881d9e0811
SHA1 82be93f9ee2735b6a353347c8f620654feb3c483
SHA256 bdf0fe8e2247cbc2706e8939982561739b2ee347ee1be5e76a07a4d7149dbdd2
SHA512 233836cb0f76c80ee14985302913af2a88b384a16c844502fe2535544f5e2da2deeab5c27152b7ed0cc6b307ca504e0b89c5d41bd430bcc16be1dcc2574708ba

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\kz.svg

MD5 6b9669b9233d2d7c4c9539ea1d1c3579
SHA1 4a55bbf7c98ce298219b065510c1c544481ab80f
SHA256 ff75157ec546afd71068dc7d8aea92d637a14d5eb1027171020eda68dffe1cc4
SHA512 0fdbe5e990ecb2c8f4e6305f1b4564b0e3f61a7493a1ddeeccac1426d43dad119b87340f4db880da21cff246db92150d79c0eb2b1221d483bc06eacd4ab484e7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ky.svg

MD5 08f72a7de9769c145eccdf496257a82b
SHA1 854890d6e69a574f2e4289b5956fe82a09aaf5af
SHA256 4d365ba03bd2b15daf67de7b3841d8035c035161103c76c934dede42dc87fbff
SHA512 df1a659018a44f54e73063478648fc27ff0238aa503706e114afa6844d13868203c167b4a12473bb4ae1eb71396bb6ed66e15add36f32caa0527084dc50d66f4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\kw.svg

MD5 544db9594bd6bff693ce88c5878a13b2
SHA1 07a25d907e7968af815ff69ee14e513815c0afba
SHA256 c6e1652083665faa76f67f3cb613b3098f3291f5e5e276b730d6f10ee9d825a2
SHA512 3362727d9048e1f9c7e56ea295ecdaae9d5b43aefd1397db0cd147853064e0ee9a429cb363fd8d003284c9ba65dc90d6f5b24f278885c048b9e9bae8054465a5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\kr.svg

MD5 cf957671475308bf652ace8c92927630
SHA1 a9a1e7e720067db791eed257cb9951b781f51382
SHA256 7d38ad1fd625858501ea6401ac25f0dc431117c29112b058ccec58efec9b9b3e
SHA512 846e30567ff3c74ae88b15f7327b32d9f89340a7236f01282c3a732c9a01bd5592cd9dbd1d6459cd668c2b3b52908460afc15084ab53b18ad173aec501728143

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\kp.svg

MD5 6a5a896b2590e6021226cd75c7536e3d
SHA1 eddd22dc7577f3edb21e86f5c3ca3318092c19ec
SHA256 0267019d26c425d5f46ccb3ad1ea872aacb96b3f76e3737258491cede9e6ef32
SHA512 ec9eeebaff4d659e01b503dbc6ad3f39ea8e813f5d3f3b36468991a6e8a4a56e1e9769f47ac9316a4355cca56e22b177c2e8bb1f36814036c1eb62f481240cb3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\kn.svg

MD5 c422b869b75fa995434ec39bee0df607
SHA1 570267b887aa3b419e6bc0334721f08c3975d797
SHA256 80f514fdab0c7c1149e403422e3ac381eff99dc65b24c9aaf4a8a3d55f661dc5
SHA512 6a885a7c9f42586b7205f1256258d48d70b1de07e36bc3c5dd1f7e207663f5bfd8ab2d8486dd3342aa67bf230bacb0e5c4381c75aeebc59f8d155febaa57f386

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\km.svg

MD5 722d1fcb49414d16591bb32e408c4bc3
SHA1 7d4fe5a3f91601bee96b9b7c0bbaed8bc1397b20
SHA256 9212840f3c26fbc9b9f9f101e10e575f6353f10c72bfae5eb3209246a3265249
SHA512 cbcccf8fcb885a83151c4c52a80b95e9bf24dc1cfbf11be8c1bbf50e47956f67aad3836c5a2d7ba8d69635a54d3bc53046eb5485e8f7673a4eb24024e25039f1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ki.svg

MD5 792b9e26244fc9bc6d7418ece928b101
SHA1 a0123a4bf74d27609d257d0471e736c64b537357
SHA256 7bfeded25b75583dc987c9877e6852a5abe61b3fca31e9a72e89a604aa48c59e
SHA512 ae43fb9fe103e689df97ed501e0ca9b53291f71e75127ed6aa8fe9bea72083a1518c0d7688ac6d569a8dd64be67f800a7036dc0b208f35c7366aef914f38702e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\kh.svg

MD5 6d550e954f70fc5493198bbc0e27a0a0
SHA1 6ecbdaf6e3efaf49d2f0b371337b1775c2fa1307
SHA256 74751dcc8f537298e513106fa71981996a4a68d9971e2966f7eaa4bfb2ec4b03
SHA512 ab4f71224f896866ea5923ab4397b6a58aeb7868aab49340f5c9de5f011541f6ec41490e35d69b08b9bfd26a448f9d2711b99f37cf79469b984a605794fa82fa

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\kg.svg

MD5 262541a8d8f82735d59795516fae4608
SHA1 10a378c587e05877600e2e1a829c1e0675a6ca90
SHA256 e5113939ee9e828f51c68aea3f49c49fdb285ff115c203e78b0f72c82b1d425c
SHA512 048e83e63ea2ba431349d2c4bd527e937d994a5929d4c20597957e1ffb3dd9d2b060ed78bb78dbd1a1d3d6c41abc1548b8e50f2440922db3bb41721320a73e77

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ke.svg

MD5 f75731687457451f933104f4eec051be
SHA1 7db05f0850b01a2ae890affe8918617a653da161
SHA256 5d93924e58f3aa9f0f1bc4a34fe1acf1da4f58ad4327092729884f7f4e2c8f6f
SHA512 b036e45a210c33a5c70f228218045110772336028d49d31bee2662ad6d6c713fe0b15e0f553674892b78365f5144bd2e67ce709ed15ec289cf0a9220dbeb489a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\jp.svg

MD5 3a4d13ab6001eb17ef08de4309037232
SHA1 6745dd6b81661a47ac2c0ab1832486490ea155de
SHA256 9619879af2e77c48e6830a70311baa9536e4e2357ceaaa0e900369bae8fee80b
SHA512 9145912e1354748a4d0df2ac397632b110fdbf94678d1227d9eac2acab39ebac8aa5dc055f012a5c5772a5ddbea6fd04536614f8c91a13154f5faec15d8e0a4f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\jo.svg

MD5 3b75987056c3a60adbebacda0f886240
SHA1 f74f5c31cfb33f2a9bc5c847afc9337c1a3adda2
SHA256 57b1384ce99ad0d4665558b8fce5ad617bf4255ec12dc0925c9629467ea819ae
SHA512 1ea70fab9c11893cf2c63e47ff4c4874b33aa6dcdfeae601a14cb1561cbbd6c68b61dfa4e9b6507ba67401e0e2e6e9d0627a16f4d0e828a5b28077747e8dac6d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\jm.svg

MD5 c3c33a2c665c4b6d11e970ffc206b5c4
SHA1 a6e174c5353d70b5d587a9cf7b546e23f13c6f08
SHA256 8fac6b15c38c268fed20b8d636715c6135caec1daf3e2ba2d1b4672a211a3e18
SHA512 2130a2736487e01c8b205d73039b7bfaedb48b6e2ce93befdef52868332e4931a12ae9be5935ae8cc4574fdb2989233a690c049efa50d02bcadaed746f18d8fe

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\je.svg

MD5 b51c771eb8ecc275c15aaf094d981b8c
SHA1 9a711314f253a198d1faa7df76aa7a02bba84184
SHA256 afc40af0642f6998a2ec843a8a64acf1de390608acfb294d390a7d0750d6bbfa
SHA512 6b244cee08ea3cff94948759153056a83f3920c8030c86d8c31e37b29883954ace6109e216db69938a3d7a2c92b40ea2e92dc7f03ff043de623a6968c54ff5f3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\it.svg

MD5 225d7176ddc1fea492e8c4f9f0893b6c
SHA1 4f7442c5b67963dbbfaa427fb2c88916839b2a18
SHA256 6577acf7100027a27dc10fcfd4c212ad48b4ff12603b5e3a42396779659c47a8
SHA512 7b69af70e67ddf07fa64647592171bb8d6f8fed6364b51f9dae2434ae09a8df8dbfaaba93f4ad6ecbfa94bcbc6da77270453678710bd295adec022e24bb0404d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\is.svg

MD5 b6bb6952a198e04fde5d48b1142a82b7
SHA1 c10695158c3cdeab6610da8f9fe6449aba517794
SHA256 081970c20d2b30bd3a494caa1bad7fa29d5b7e84a42372c0bf9f898877e75502
SHA512 2e5a3256f6b58d1eaf47d649acd1ff7a8127ccdbfb66f2e5f098cf97ad9987c4d5468394b3baa1d4b9649cc4df8b4a34bbf9f96f0534ce72c2403c7b9473cd9b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ir.svg

MD5 cba38134e9194eda962f28f44c7274d7
SHA1 d6e2302cdf37c2e7b3dbbed664aad9b3e91c33ff
SHA256 5225e35fcac65afbdce0e348725568b49f1511c849e4c0d77a4e0c575bb20a94
SHA512 e2f02d3de6a67146617fbc711c3e0c674565fd942d83c65c8cfe9ea94d95e81622d9c8656e3709a17c3d7b713020bc3186738abb54e7610edde3874269036e54

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\iq.svg

MD5 e8247010fe68260a0618961a96e34f01
SHA1 c9eccb3451555a9422acb2ec25033a2122f9f5c9
SHA256 214a5201aa99c0310844b2bf10539c62b885d9cc4207fe5515d3348dead89538
SHA512 62aa1d17e44a17a07c1aeda726d3c4a7293aa9922e0328f472cace09b656aa494c8c0b779fc66ff2171df8451227b036c5755bb5c9df58bf1c17adced0d5e64e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\io.svg

MD5 7491cfaf22491acfccacb3c22cb59d05
SHA1 eb343fd868f6d21a13f1f13b4c9673f9797cfd12
SHA256 3f831b85e4a5ac8e8159c3a1e415fef59510de935e115cb8ee35e877b7b853c4
SHA512 cdbc270d62a7841357d49489e86c82caedc6c35c5b29e3ed47addf869a0783ce7cff833b9097b3eaa21780c855e52562bc352caed3735012114939366f2f34cc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\in.svg

MD5 b1f25dc1258c8840baa4397d417f841d
SHA1 a75b188183566f25e93ada8fb71463ce9efe20db
SHA256 278c1cf4cf4ee34f3a648f24094bf9b1aac3de89d09f62ba325de9b4d74ac5f8
SHA512 9b1817039dd6a04e0b5688839d48285ff12422788b325efc7890ce6a8f34d6d91782ef57725e20fed47cbd1d1157139bbac197a3d7f60812a305214c292a4e15

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\im.svg

MD5 1dfe8a4f36565a8e3615019d04003c7f
SHA1 c190e34e412d655c9da623503ef9383396ce518f
SHA256 62c69d3029703157b8185b4933133833c6119a8f71763483748401d8dba34774
SHA512 8c3d59b1059f9be3318129824bfffdcc4819d2032de99c933f9917e719830238a7422e11de953518d7847b340842ea81fdb436bd4c6748e4262a91563b9d95ea

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\il.svg

MD5 0e04436bbee037a3059a75420c7680e0
SHA1 443615db0133680441a3fd3047188fccd1aab258
SHA256 f122fbfb3ec0d00bda227858cd7580c6da25dfcd002ba843a21027cfacfa668b
SHA512 bdbcb4b1f6cef5b8aba18751c7ac7f25a64211bb4d0a0dd65cbe12d27c1a71fb91f37a3ea46d1eb4a6c9e6cef84d34d8822cc75bbb39d4b7328cca6e317bec58

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ie.svg

MD5 ac43641e90e1e787969e4da4ba61dae9
SHA1 a02181456b29361d0d2fde2fc8985285f8511c59
SHA256 89c366ee299e022a5b7d5d3e0760dbd44249b57072d15761dc7005de7db32d08
SHA512 f6689103e171701f79a065697593276027f6f9265d42d760b97f10fa605b5ac13e7b8f93bbaa792391013d841ddefa73e955865d0f3f73b77e074acde54fe31d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\id.svg

MD5 629378d371a7e1cef231b29240e829cd
SHA1 6ed61d1c579db5272d71ea1a4ae65bfbd081efc6
SHA256 f10b0dbc5ba0833e4b3a6f60a7594badae1e96f9558c5306fa9f96d1afb3a282
SHA512 23229c616babd9e05e07b4ccf3c1e0cc2010c450b19ec92142088f48fb53a7a633a6affc6f7d0776d5dc61b2cdc33fd4f3730ea90104f50acb3d13ae3dca22cd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\hu.svg

MD5 6adead3ade6eddce0dd49fc614b6e51e
SHA1 59819b40bfeb9ef9a8e803534f1f0832a40d298f
SHA256 3b5148f6872eb41986380be1e988022b772f331884c634b9e94efc9b051fc3a7
SHA512 7fcb61ba8867ed63843ccb45eda0324a4de2346b664b99c6ccfb281b5e3d490d03f97ceee0ecde8e8e9a1eaae70b6850cd9510597649215955b7b4abf0e2a124

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ht.svg

MD5 5e2517895b669cac31f6c1c6272834f4
SHA1 d5ced7fe30ee35c6d1f5fba5930bc88c73227cd4
SHA256 292d1f0f3b84374b0276cb8040228bf390b1e75eb7ef78fa5bec437e0fad0fed
SHA512 6dd5950ba0350900e25e9b5d31f43b4d4b3c396e6653661acb7cb2cd8c199260f99bc0dcc0cc195a6daff055c1b65fcf69e127c1410e67f99be4d9492f5c8d02

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\hr.svg

MD5 47181f378c3a8c98682d142329d1e573
SHA1 dc8567c3c43c4da7993855cb3167f5a3095a3655
SHA256 2c2e68c8050c1478d72a83e9ee26041561e2ade613e68fe77e685125ae0e0a28
SHA512 99712a80936453921731ac42a4804d1380e394263e413a44ffc015deed6df3ab4dfa8bcefd63ae66c218856e9b64b038d57000194d52eabc2908292305c3c704

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\hn.svg

MD5 db4cc23ff63ff247f88f6c60e0abdd78
SHA1 aeaa052158a905239efd7fadff79726fcaaaa836
SHA256 22a8b5aaf82484569503931853d4538f6ba0e85d18bbfe3750fdc55e5879abcb
SHA512 4ea801d8ec497e42d9feda03df9335f35c44e8b3e62175219037a439d59f6d72928d71356cf09f9cade81a1b697c9a02f548996cf0c756ff7b6ce30b880f982b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\hk.svg

MD5 3df364fcc0d4c4c18db02df71d0434f7
SHA1 ede04835894f1dd8a808296acbfefbef1f328dfa
SHA256 c30a1938942ce3279374125a2fa6b5ec61eae474154dc317031b3773f5c40a22
SHA512 765ad59ba05e2f3613321e9cb086dcaca3c94bcd76e90c96360c52c3e5b2d8e02ab955faf4c4ba12996c19173f58ed2f25c1f7b94c1e812ae47fab310d082d6f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gy.svg

MD5 443c4b17ab32b190106ea7791191583c
SHA1 391ffb50d9b230fe8861f7f97aec58585dfeaf22
SHA256 ee44734d30b72557147e19dd051eeca0826b8612363fbd7c7a4aefc9f9c6e7a6
SHA512 469555196af1050565a38879c61a9f604b5580bcdfda02c6bb954ed55361fa823369ff2228c7787ab42765b51400349fd6cf3007dcb4925c61fea7aca6200c83

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gu.svg

MD5 2c1d9fccb89db561d27cae915c0b7bcf
SHA1 db113051b0acc448c95af833090ba08fc87a0713
SHA256 5b3c0c15074a33e8d419d9cd8c8d2b8505891a6123c500e01f805b227315aa40
SHA512 ef4cdd5d0cc56cf357f011bcec899dcf90e5024765a6f1e5aee9d27a710b0116fd95e6f7919a3e25186ef091c9b0c8719093b2199f884581a88f91cf58b54150

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gt.svg

MD5 4e2883a647da403c391c12f8f7e701a4
SHA1 4d5118641c947a6cf635fae8be11d0273fd4aa4a
SHA256 8880b113bf49d3ec6a6d8a8032caef5e2b4fb683cde1cc61d32e7d270e81f5bf
SHA512 2a4afe085fbb17f729eb1ceb75b6df49c971279a1bc1e7ef97cec4c4d16aca949807c069799911c28328abcb431a00904532a30e77a9159bd02af59ad5019006

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gs.svg

MD5 c313ff7b4ff69eecc8682a74a41f7ea4
SHA1 e33ee445b6578acf0fac12137bdd59db17eea145
SHA256 8c02a0697f547d73938e391f041e65f16c95b8235d2e96357c63d18ac4a3e3b7
SHA512 00e808043b1d5681fc6e775c635396cf921dc771e0234d8ec52d978be13c7acb3cdf9f69d296f6f1b6953d38f39c3ec704ca05b9b5a30a42b827b5c4b4dcffcb

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gr.svg

MD5 de5de6f9032955612baf1d23163e1eab
SHA1 ccbcc1d0e4adf6a55f5f9f4b0e25a8c7c70d23af
SHA256 48364b20cfff389cec9a985dc8c9475a840b945a4046ca9c518520438e77516d
SHA512 56742073072835b9919c20db74e8befda2c3fca1eecc68a0450049a5e5f5edce2bc62a9d39de25373121b0727f0769ce392c5375ff4d123cc1e01af1171343d0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gq.svg

MD5 1039bdcad5ae1e13bb01f8261bbae080
SHA1 136308fc1b846675c084fcb5208558855bf9bfab
SHA256 defc3fb1e3bc2d4a6f82e2179aab47ae74d1f09b831398079e150c10313cf113
SHA512 140c65782a00bdbfe86c94cafb35561ae675a8919e96ffdfad845583379f408bfebbced4638753f13090ca0ab50db702936c780d566decad3a859ac207dda1e0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gn.svg

MD5 7d52bdc79b16f293b1b873969bb8c33c
SHA1 7b5637baed35080b73cc0904eb87fdd4bb8c4beb
SHA256 cd8b97aa14cfd954987d73ca95e31ce2ca00026a762d89a2a3cb1ab4d28fae2d
SHA512 e41996989e4fe67959b9a30a447779ae37db09969cc30d956178419daa67cfa6eaa94715ef6e18d9b535166c10051bf31ceeb4355b2957ed45ab721c806fd0c8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gm.svg

MD5 715b7b707d7628ed977f6fe79948aff6
SHA1 c69337242138426486c6998b2fb31014309cbd73
SHA256 88d71c538f46710cf85ccf994cc9f46dfc63516dc38afb85f2f80c05a594d7da
SHA512 ecd565d3480d5f6c66ffde403afdfb3bd87417526c10d224bcb08e78c58a530c6d2c807ed9c7aa7b77b1f5dab104014d5c5bd6736f121330a32e0ed8a789eb43

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gl.svg

MD5 fd37d84913487df7641877714e6b5ce7
SHA1 663a60f8691e18abd3ee598b24d2b785916736d1
SHA256 847c91a8f13d03b5ebe2fe91b4137e1582bd09197290ce388b78ef5b9196d04a
SHA512 18086584d7eaa31cc52a31b0e8887156269e449db8f5fdef1e76393c796e34e2712563ae930d8addeadc0acf50d3c65a3d260bcbd4499fc215b8724e3601d298

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gi.svg

MD5 403999654b25898012737db6c603827a
SHA1 842ac825160b87b849f7dcd789da2b85eefd8f43
SHA256 46d3c8a8e492c2dd4be53ffef9d4ebc6704b68992f54a96ee92de1efcad936cc
SHA512 e668c6ff3246dbf6f125456d6a273bec6ff419e97a1397efe695dda905d70bb02098377843b751b4c967273702b0f374c9fae4b1edbd40f7f4d197aceb56dbad

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gh.svg

MD5 0db957cb7a95c725ea048a3b568b16c5
SHA1 1cf91851743cf61338da3ca9e4566b3f2e730896
SHA256 4f0c15971a7c8647aa00933e80bf9ebf16715bfb7588cbd831eda616377add9e
SHA512 58749d74499d5d6a43a7a42d3f1ffa62de60c4cb7207f620f1e6e2d8914a1f20873bbee7b2b95474e462a3ba4759887ceb4a1baeae0e1abe3987a863e4cf0a2f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gg.svg

MD5 2ec565f48550895f1af5067faaedb4f0
SHA1 cff3cf2008edabfe0d1a16c21c8fa34c39992274
SHA256 08653223d831f13eea3f16afa8c2bec6503d5c202021b1e322b6cc575d474067
SHA512 446a6ac10d4b0e977e04be9641e611453eb77c681dc6d223bdafec0937dd1e51f8d411e81678a2dbde4663ef116a8945cb25a6e73857d294ccae73215ce815c0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gf.svg

MD5 dd3682c1b2e51aa5a6a5562cf115c09a
SHA1 18634d8138d29d1299d031b520915403a2437b73
SHA256 6ea7a15d80f7cc8f90670dbb022232481635d33b53847efb088ecbfe16b268d4
SHA512 7308f3238db5a12e5ce86d144c43e18e2dbd045953dea9f533023d603f4b8aad0ef7ba19b3fbd43b1471b7b8c9a9fc8abbefe0b717303763032c324bf8cfb2cf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ge.svg

MD5 9ae75e53f904cbe1844e498c0c490fc2
SHA1 cf6e77509f16ea06a51e6dedc7da80c664b69a0f
SHA256 6809ba6f7eeea967ac9b820dff81302152b38470d567763551720e97015e3c06
SHA512 359436b28a3daf9f2fbb7fa4d82697181705631792ece2ca2df31861a4083c083f62e2f3c46dd8bad505b714d9542aaa738dfbc7facb65eed48f0b7e2be3cc7a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ge-aj.svg

MD5 c28b640227a2b009154e3762d168e1fb
SHA1 924e023e1316d84ee586035507f899f8ed9362db
SHA256 3f263ab6182d3ea2f973eb87df1eeac0efcabdd11d254b841ae5e0631aeea777
SHA512 1eb2b5aeec8b57afa847b0580edd3cba6f2ccff5fa23bee44bb7433f8f20d2ad9371d0526739cc6cd81f3af8bb96a6c0cf5b81605a4b8855f1f00688925e374f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ge-ab.svg

MD5 385772795a96573825e59269acde77b3
SHA1 95109f9dfa76c07069f28b81bc462fa4c7cf76cf
SHA256 88fdb9d322a2552d44f4188bb58d8f34efeddc02c4b70097bc1694d7cf429e11
SHA512 d37ba62266de7de81e135661b07abdc85f7f4f0c85cfb3c9eca26aac8143d9bff96bdb092975e8ed21784b497b823e9adf327eadc47e7bd3f1fc0e4cc259b2a7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gd.svg

MD5 40653c086c6d8c6113840d7dbf97ca50
SHA1 696261e854cd9b81934eb9b051a5c3d506957c9a
SHA256 de43aab326f27791ff01c8cda7f5eccfdf066ca6bc17899e4a881dcb7137a37c
SHA512 6370b4bb54a4028cb28704b19ec26db5ca94367a1f6f5cd6c67067c7292c5f3801ad48e1e3680f8c45c308ab4e3a773988e689d82c7d106790d19f825ee17352

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gb-wls.svg

MD5 c560ddbec941067b60f079183e79b8d2
SHA1 e7452c2882c3aa63a15c22625ce9c291543274cc
SHA256 be4e3137b933ca04212b4823272f63feaa3fdeef63b7a99b771972c7276f856b
SHA512 9d96b2359727785743a7a0eb974d0f418949ad11d4c77ccf5093eb851322e65ea2c46ad5079e4f8fcf6ef351ca40a72b881fb22cd5e387e2b0205604cdb1131d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gb-sct.svg

MD5 e1951471750a07a29cadf9e24892d085
SHA1 d19524323e2d63d312c1ce947795f81b23eaaa76
SHA256 e2c74d87d669c48f11b329e016d589a53eb66cec5e0d73ebea43985bc6d276f8
SHA512 d889b8a89ca4a889feccda8cc5b414da33d97b4289fc6ed025286536357f4030a02f42763dfd9a4bf6274837f30d0a0d99673714965fca52ba9c1ef2a1e0246a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gb-nir.svg

MD5 2034ddcd4261f8fa84685929c8b4433a
SHA1 20ad21e3fd1086ef29ac49ae579b3cd81d2bd1b8
SHA256 72e171a4ff52c51e356ab744d73917bf570ec6f0b2a69d5e17ce9a3958db57c2
SHA512 d666ab4cd541f22a4c4b26de530f169ac60358747ddf3375c0d944f696812055541ba9e82e245db5844bfd4b4858d2993236607fdc72abea88a24e9846243303

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\gb-eng.svg

MD5 1e40cb291d24ef20ee7fbf078ae50c8b
SHA1 f8b14da0f99c6ab26feaaf7364fb9bfbb21f423f
SHA256 8bbc5d1161456cdb57d8b96a1a3ae505970d2fcb27d14b5d8996c68a0fb71d7a
SHA512 f5837e5dad5c50b1bb00ff3e3cd5086e07acec37a593ad01f3c5502d46f4d9f4010f2984606fabdc350ac610044dedcfaf451aa2430ecff7f217fd2a09470a66

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ga.svg

MD5 7b1241987969846bd04d46166f925311
SHA1 fc6f358185ae3d18571a445e5f87a8f6b5ec6c90
SHA256 a6a322785ca1847c1dd190575d7a159ff76dfccaf89fbc98f29219378f384304
SHA512 15c1e2a86405b1465d7b1e59b6f88a9752780dddc3160b64b8f845d6ec516c7d7fd275f72bd5baec8c87f2a71a99cd46b6553ae65924512d17ae63609710f49d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\fr.svg

MD5 80605a43c2aa31d2f704600fb973fd12
SHA1 58222ca52f71caf472189e5267f31bd07bf57dbd
SHA256 db5f1f41402597b8489c3e3f6e3faa6a49592c1db69a68a14f18d7d01b772c61
SHA512 fa6601ae9b3655db80170d707dcc8088c76a1351843694bff4ca94b06c876f28c8d1f33e7e8c6a9469ea91c5f42ed95bb39b0f35f852f5e567d5464bff0e94ea

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\fo.svg

MD5 429cb9460ae85ac9d1bff83410c80e23
SHA1 a61774344226089542b46db1f49cc0b2b704c949
SHA256 d301c29c4dd239391bb8d65ecea22593f2488cdb9d08703f6c141cd8abf84ecd
SHA512 cf980635589111eaf060b08dd38e1699c6cc512a6a3059245062125adb5f206b604bad28e1d63c8bca4a44d475d9dbb2010a51f904fc18d72a87ea9eaf7eb1e4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\fm.svg

MD5 bdffc1865ed3e1bd092909a52e388a9f
SHA1 a71629465fdf71cf4279f0675f58b776dae838fe
SHA256 3f4c3131db6388051f06724bdf236a11d490fe474a95bf5ff45564a0c1d577ab
SHA512 7d57cc4937f416516bd556441db7c2b3abf468099f6195b25e1a770c31d17f02bcdb889f49a1af471991e088f14e0e2182f538d57fa004c10d6d4980d6b822e6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\fm-yap.svg

MD5 da480216d23a34159ddd63bdd375df41
SHA1 dca8cf4296f57644b7f354c72d3c7acbb24f62c7
SHA256 f246b53ba63ef080cd3801ea1902d7184af7b97c90f22382ec95f8a3682e207e
SHA512 d0af657e44bcb95be4214ed8150e8487e5b14aad923e7bb900235b949b8a7ffcfbf1ba96c337619d32b0e4484aa71c3226c469ef9464940795fad96f91bc1ac5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\fm-trk.svg

MD5 a63d7ef511df6050784861c3818f612a
SHA1 ad4a8206ba29cf8040bee2a3a11c3665df2c8d49
SHA256 4af0d094fffe81fc7abd9245ccf19d919a49a566b208501735b40fabe81882e7
SHA512 4b49d60396d0b4a27f9481ea1aabe9de7c8ac3e3f30c0d51550e6cc3f95d497f9a7ad36e3e0c6f2fd7a9adbd294c5621f49411c613ff63282c3382a722ed81cf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\fm-pni.svg

MD5 9fd1fe39edb6a49230d8048d84330b0a
SHA1 0d1a62bf1158e5e9093a122e295cbe4a6578b992
SHA256 ee05a97ec713de2139349469496167ac04a94e34a0fe6709c39970cb703328d6
SHA512 4df91e88632846c0bfb15bf776c6332faa22407a9127d651633c6ea8407594ae7fc09549ad025a413784073ea420c394dcdb12bd04ab28c3b05540fdbcbad7c3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\fm-ksa.svg

MD5 bc1f8957346ee6ea21cce95d27a2df65
SHA1 20caa32133dc1312e72bc54bbd0b54a6570d4588
SHA256 9eab838fc3c9f1c43ebc45e1fb97152e333c89399e1b8e59d2dc665d374da83b
SHA512 f404e62387f20111c90e526e05fd759449f807a62d3480f980cc4c6531700471cd29311be1b1d2fca891a4d88e00958c338b01d1397120e4b3caea4191838800

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\fk.svg

MD5 8b4bd2a76bae999a4ca9a5b2ae20b98a
SHA1 f3b07d91c248c08847cbc146b4b490f509bbe51e
SHA256 f3c86a28b102a9bba1b3699ee8ae80a1be56889d38484147c133bf161d5fbf07
SHA512 7b695b2335440500618892ca0b49b3955e5f813a5c901b58ca2f4ba99cd8c8b4ff6d9bd9d6deada622a9329b1086018f2ffd57f9dbe73d8b7f77428e02cb409c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\fj.svg

MD5 3bd2b8c843b422637f64afab9c913c01
SHA1 f80c2b195430a1541f2b463228958b6e9e10f9f7
SHA256 27e44871db775f5732fc3ab5eb318fb2f07e666447616c7ac1b9855efc757932
SHA512 6415020d084f77622ee8cf5097173930f6bd9132867fc731001e3e9ed7a5b54c6eacabc038dc1ebc8392d79f6ffb795bd73524e69aaeaac8dc31e20f41136934

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\fi.svg

MD5 2000ba0fb7567ae5c5141a293c0a959d
SHA1 44d95e0e5b21d1e3b0490ae13c2860e689bf18fd
SHA256 a4a6a02ea714c57e652bd5e755503bdbbb3e7565ce3e5c57dfce78efd1ce6b64
SHA512 52474d89594ea802bb1e366464540665077970e8403ed4d0bf1833f4b9a2bce2c30f990c8c3678a5602b11f6f778da2698fde2a9d6e3c29924942cd4a8bef8b6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\eu.svg

MD5 7ed73c3305127cf5b977ede731eb3976
SHA1 905fedab2821ce155cc624eae2e52ef4ada44fbd
SHA256 d141ad8c590a30cf093e08204804c19724553ac18b908353af02649c835adfd3
SHA512 1d9612c7f65986bfe11b9e70eee08a601152bc5cef2da7b62e9f11ed8bc3056eff1c96e7681bf7ebe4d863722dc76f51ad8c21ecf90029fc11c9fa1253a21b7b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\et.svg

MD5 7cb0a5e90275c4ad5e6ae6e1c8e33d5f
SHA1 6a7ac5f7650b26ee3cd725d141b728a0e5f6003b
SHA256 7445ffa4fc17b511b6d81d0c32ce40fcba48d9388243aa795131b2700b0a6ce8
SHA512 e75ff5037626d6c6f17e525ce9ce99be4410afa2290cf07634689e8545ed957ec597f5395059cb5dfec2ac036c0126a80d7a179bfb82a9ee92c69205dd6de953

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\es.svg

MD5 6bf2519d14bd60ba48371f76d9dbe8da
SHA1 9e1bfb365abef261461f024ba5a0369de8aa7ef7
SHA256 44500403a176773c3dda8537d5bb2b1dc6c511d81d05f8bbfcca5b79a31d8dc1
SHA512 3c07bede6d05b4a4916a2646e525b4f3a3b878e05abc7982241d096c773ed820f97ee08f858b10b2fea90544c52309f9ce9b26ec7c20bc46aa05897634e24fa0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\es-ml.svg

MD5 98486952c626c93fee12d0731cfbbe42
SHA1 fa3494062e3d790c94eb5e6166f4a775077e62b3
SHA256 656e66414e4c8c2825702d6f349caf4ad260bf05bff61e01ee761ec5ce1413f2
SHA512 9d9f2cdfa345c571079bd08503e2ff2f19dcba09c6028b631fcd8ffcd2cc9e3f9df2d00f4f49a37df790c3ebf5969014a633042d0fc6975c38c9c3793214fa58

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\es-ce.svg

MD5 663e24b917f072d7b0cb1f5fe88a4810
SHA1 89bd8d181e8bc0f8b941b9ab7c8d3007f714db45
SHA256 ff90458bde7349288dcd2fffe2baba2282447f759a3d2c6577822e9fa34ed8b8
SHA512 696e2eac62a63ef8262d6cafd858b6407011d2af2eabf2b424d86fcfd47060d8d3b2a47e861bac79dc8e79fd84aee1d045f72ff188765e40dc44f7b617ca62ab

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\er.svg

MD5 d244cdc6fe2018ea929e5e087a91ec9f
SHA1 6d320c6c23511ae58499bbbdd0bb6fb6ecfa683d
SHA256 22e672ee87491e45984186f9e97fd7db9f61c42002a80cbab3c0af3811b1f2ac
SHA512 ab9f0c744726eccae78c0897ee1cd6c107db897771c935daa55c542d75c70aaed9e7a0c7e0adc246182863fdb05b300579aec55f503323a169e999cf0c29a10c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\eg.svg

MD5 565ae2c3a98ed0c2eba911fb9c179efc
SHA1 5810f9b137bb407d8a3c00cbae3d550ccc220256
SHA256 570fae06a95da1b363d25359120bea95934d0e85c311a87869f06d718fd54011
SHA512 e44f290df275568f7073e1717fadc3f63333c9cd601ea3a5883b337455119d58ec7adf938f35d4d603608a501f7377238e3bb91ee1318afac5e11d7f7e4e72f6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ee.svg

MD5 af3cba0a64a598d79758155439ea41c7
SHA1 d454a2d075f1d34c943353b6f3f82d58b7e64037
SHA256 ccba5814478b8e06e063742f52c804f9a2322676cb5b2aa6f64f06fbdcc727f1
SHA512 6259f27e0c1f6e2c85782eb0af27930302b634375849ceaaaf427137e9487446f0e8d0efdec5f8b443b23bd473ca45c8335ad7a81d59baebef5ea117178b57a1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ec.svg

MD5 24a36b604377ebd472647d56ce59345b
SHA1 c3b57986f4c20179492fd16ef00a49b5de775eab
SHA256 444e586d89a4009ee7f5b36305997c9aad648bc4df5d6e3e57d47dfef21f2d51
SHA512 8d903e168a4d60b13c3d9e931692903b6aadfe6f0849a5b221fdd428214901b85401d3cc7152878d96af7f6c0a3ca421b572bb0ff5c4c2b8edd4aa8b6dd59737

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\dz.svg

MD5 54b76932861b15801b6bd091f7782b6f
SHA1 c7c23c9d1a36b33618b2000d129fdb5d46b3057e
SHA256 c1745462380e297dbbf493775a025d51cccf54f71c5d855e84d23059aa12e12b
SHA512 1773f5a67a7510dd96b0065f5ef2b4760bf40908e90fae39d442704669c33ac12d8fa9889b5586c751bc2358caa0960f9567bf821cf038ecf4c4475514a999e8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\do.svg

MD5 69849091a40a43f7e26f3ff60a59be55
SHA1 139ca3a534d78f6ea3ef9c2bd9fbf03b2d63bbc2
SHA256 6be8170c7c2a7bcee46291e44530b3dc9747179ff52fbfb1121ef5ada6ae4443
SHA512 7d0927737443606757f373525c3844dfb5213596671afd189eab548b237f9890d8ffc27b7f15977081bbb6a96b301109967ef7d07b81684fe53ebab3a4ab7a33

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\dm.svg

MD5 f0c30777e122b845f266f117f1dbd0b2
SHA1 42df33cb8a346b98cddafddb2bc9a6e66a75a2c4
SHA256 4d2a93ff92cdf7b3921d86df675185707bf839a65c4114e357c27a7289b6bbee
SHA512 649b0d42fe7cdb96adadb0b927da842b27a8dcbb6d968c2477c79234b99c18c929d6802ccaf1a2d3b1ad4e547d0769072bac490367d308dcf3bf24731aabbe7f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ph.svg

MD5 0e71cf85738295a6171c4f75fcb76e80
SHA1 ad19ade8b9869974b73f92958bc57a0bc35731e4
SHA256 985222ae8465a0ebbf16398d254b0e014e4f1ab91041926d8e013f3de4234b59
SHA512 666cd6b28670b1096c461266d7041e7b6297a37683253f4750bd20f47288e11c72157123bc04a405ae298fd5f2b42d5ad3cca84d294330d028d757c694cb0252

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\warning.svg

MD5 e4b5d8b9f3ef86aede4189b79f094ad6
SHA1 551b7ae375efbcec6d9f370aabb59732aaa3f156
SHA256 a9b81d569fc48deba60531e8d24ef61c67f5d5a0969fdbd5095054ebd9d63212
SHA512 fe7cde63afe90c9593dbe22cd11907fbdae01ea92bd71ffc01959fe429f2447f2202875bf16f22ba5af7a5ea5abcf8391c9b6fd4b34b48ac9ca74ec9a564c563

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\upgrade.svg

MD5 063023f570716d656156b98f36f1322e
SHA1 5d080f93f77edc07773289e1838372d9d8ec3772
SHA256 07e7c36032ee095b56fc94178abd96614053621efa3dc4bdf6df804d20096e90
SHA512 e2b0486366901348dc7978a4d09472e4b59c57bdb2698b92fc796541e2bc044080c3eaa360138d36f16183c4a3cb42bb40670dfd0c290a017731b099cb070d87

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\sl.svg

MD5 acd4adaba977c938c3bfd3429fe5d51f
SHA1 5fe27a2da9d1888bf7416f06a249c03a602e5e5e
SHA256 7e331352b5e6c6895a3b8c4a57de56e981274081b5ba612ff188711f0a337e16
SHA512 fdb4f9db7decbaf6ac7706e7f6ad621f451ef90f44ab21131960e39ef124cc8497e1b3e2d4891ba2adf9d416ed4f8e4aa76a97fd3780e6f8f23e5b4d2c449c26

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\processing.svg

MD5 6f387a551cf96109d2574b94b13ddb34
SHA1 188d53f8a1f2670912098eb79a8611a017c1492a
SHA256 785777373b4bada6ad70d48993de11483114b57f9b498dca49fc8bd83c8c2f89
SHA512 542da314868851cbd7be10bf16a6693159613799de2f911c37df7e82fd3a1a505158cb5dbd38239051c77d82c59cd43670be238e64e657c61a667a8c4e61ad61

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\offline.svg

MD5 dc766fedc194e7b0438c1ce39ebd92e0
SHA1 9e86de1ae1fafbee3dab973dc322a250c422a059
SHA256 841e7c512c9a5e6a173a39f287b18eaf87d6cb7ba06f368457fe25874680644a
SHA512 8362064090627a50da32ff82561ca9ace8839fb98ce25e7a94bfd20cac0ae9450fafdbb42d675a9319c85fac31277a7846f5a7a41dd922198c4cce81625f9d0e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\markerRed.svg

MD5 cc80b0670fb659ba5b568d5e089f3966
SHA1 afe617695abfd0bb2f2c88a9c91a2060fbabe554
SHA256 d8fb6257136fd0c50a9a040fb274e875e32c937a09692ecf46fcf55a169ec41d
SHA512 251ede6f9d75c591bb780fc41507d25463f05145d34b9516552855e9e07ec3e8ee9aa1e5a488809cb0e8ed25aaea575c62c5a5c625a1488aa1155f1d54992134

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\markerOrange.svg

MD5 8fc6e5264c61216a211994a5c94975e3
SHA1 4dc2d27ee1a5b0dc7cd7ffd9c1607f418a5858e4
SHA256 544ba4faec0b218d8a6aad9518f6e1d3b085cf904d0f462caa7890ec7e0fb2e5
SHA512 2c641ade16791e721a32d48e38d920e843cf46a555f51ca76d6fcd99db2eabce1143b51227d0d69e6e3024e5a9d7a9f3a2ca8d8030d6fd36c6c9b385e3680565

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\markerGreen.svg

MD5 496aca41a0bc91c41f32905b5d7707af
SHA1 79ec1c035cc0e51e2a47d6991b1bf483b35830cb
SHA256 cf1ec41ccd4a13eae80ea1fe2f6c2eaaa294e3f825c196ef9fd69bf2074a15ea
SHA512 2e3d7c842ac8e250d41834aeddf9585c4e6e1590224e2f66d076c562921536e8fc8d05d9296cea4508dc74d366600a1660b95aa6c6f898db0532a492d943ae83

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\lock.svg

MD5 0ec08fbea546bc456e3c3dd51bfa89d8
SHA1 6ab9769c07fe6701883a266c15abbf62c1f97714
SHA256 7669dbefd2aeec12c5c0df0f3fca2150b6a6f19660f4eaa5e9d784ba2157bd97
SHA512 8a3cdc365a99e4b2191fb00445738d54fc7b0c3bc9391a960eec737abf508e629b97b223f18084b2f8053d0ea04cc64f6128335fd77efe91e5a05e72fb3202fb

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\ipInfo.svg

MD5 7b0634c22af8a42b57793ce61ef7cbde
SHA1 08ad00b702dcdbc219a7587dbb5d5a901a983e2a
SHA256 0d42e24db52b25c7d553ede12b55a7354f41dcb05a50076f0521199d4c7b94b4
SHA512 58117e01e729056dd0db9e3f2dec14e14e85b7bc253f261ef348cf4a4bc45e2915d937cac59a792949aa56083eab16ce534e65ed4f0d96be821135cba8d8fc44

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\info.svg

MD5 baa0cafbf37666a7da757a25b28c59d8
SHA1 24c962ba52436428e488e269ee8f2c4eb023a330
SHA256 6849f5889ddeceeef9fe4043121888fd12801a242ca00965a8ac17a97bc17cb0
SHA512 d8ff9aa7888ab769623e24cd72c63e703234bc4c0cf28e6f9239e712fe343a5557cd3083747856cc2469732f58430770aa7142700e6ab66dfe7cf57433078957

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon64.png

MD5 aa43695c290196bf5054f8e2ac9340fa
SHA1 549bb7058d8acd9f5cdcf6b8a3f986965d8c0710
SHA256 90a8e2da9d093e40a36509c546abdab01f353c9f8ea784ef1604c9aa97c40957
SHA512 5cc4e33cd059f3cc13f45686d12055ea0925f0e8d7ffb1c84418c0a66945502eb62ccc31bfbac43360f00e379e70700208e18129528c80ff04d22e4969e78668

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon48.png

MD5 56bb53b65a886d4e879534b54775394b
SHA1 93a09c844fa652ec763c9b206632e37da7551777
SHA256 843b5f0f1e60fe521daf707296b60bcd392e8731375310f2f77c511eb91e91dc
SHA512 1d844e9fea2d0a0340b874eee5c0c209994d690c5a83bba50ae500e45d48689bda83489063a5b4e712a24c134033dc5325f4a8a67387b76411078795a700fd03

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon38.png

MD5 f3b57f7f94d28f1c84c5912767f18f18
SHA1 f56e68f10575c68b068f93b05cee9db5c39318fe
SHA256 fd6bdd405eb5e8c4ce661d7e6719679f81f8cc5b27bb74a1f4c154638c9a3d27
SHA512 eeaa9da7f80d086ec30513bc4cbfedc8686cdfa69b5f0283a1fb1d83fde3406fb9155c13b7e3644ab227f0d8638cf4dadb2dfe9ac075807258d35b5eed47d0d4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon38-active.png

MD5 ce880f3a3f590aaf55d9dd7a440802b4
SHA1 b4ba6354d3a8f741d9f9fda318b98637e5b7ef6c
SHA256 d173bb4482524dcc2b85217fe85c4f8d485c9ac3614dbe4c71a112a88625629d
SHA512 b855402e8e6cc1d19bd85ee2ef09bbb7ca7610bbaf1bedce7d1294643e85e7087d368df2cfe76ae55522629a87a29e3e1ef6639671e6036fe1961c6c9ff1fc13

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon32.png

MD5 f8a72c930e57b41bd35e69f0e59f55b9
SHA1 5e6346bef7b4321dd9a7fbdb1e982a1f5112c32d
SHA256 66f34d6e9bf8fcd174e99281cd07abfcacfa5ead89214d2efe879edef476a733
SHA512 742d49e1bd4beebe3c41cf6d6a3501c6a32aedeb119932648798b6ba50f128dc88c2c6f67fd94de874bcd394d5cda882e11daf8a7acf4c157adcd8b53e964fcd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon32-active.png

MD5 9ff76fa49f371af8339dd36e84157297
SHA1 2d960baa213da9e72a26afb2ec2ec09bd498aaac
SHA256 78242dd0a3fb2d1e2cf0c98987fd9e48c4376c1d394a2d492aca95062f271137
SHA512 b889584b66bbce571185331985cd941747f78c31e512ddd8965b945ac5ec9def93050adfe66a26f045f3e73e0655573a0186114ae47fdc80cc93bb57fcc953cb

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon256.png

MD5 1428909e5ff2e6f37e1e94e03cec6a95
SHA1 3a7bde6d697691cfb3b0af0cff88e2f71fe7e60a
SHA256 debe564a09d380014902de64cf98b00f5028d6b3470e1bac3b1ea3c5e4aab28d
SHA512 4123830042ea1ce9a0f1827f76e0a1156846c4ccbe3bab82ef5a9cfe0b23db045ce4882a0c3bebfc4889eabcb9d56f8eebc1ed87f2a29083d740269138dabb13

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon24.png

MD5 b4a532664244febbdcc5c041f2edc8e9
SHA1 f6c0df178fad20ffdba11f78cbfef9802cd73fbb
SHA256 1b2345f1cea156a5f898f61c6e533f9ca2c6e0dc445bd1bf7665f538274ea2d2
SHA512 a0919d132d494a3710037b7b675a37e392a5ad3d789187e907c80a784446e59a15425ff33e40e1cff06c38a87cef89f4e63dfe06b108ee54275366130f38d109

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon24-active.png

MD5 0dd90d447e26fa6b072024544af22a54
SHA1 bb215f2e509ea8d740d57fda379200a7aadb3507
SHA256 c0a41a5d2fc1e1f5105cfa6924d3b8b99a0ea8c072a5b02bc08a386e0b36e7c4
SHA512 c9a5bee5bdb2081b575241dad90874373099f683898b3c0c6b89252772effe43fd6e0d620c3dadb425c3d7f70546c42bd4321b25282ad23d47cbca3fe87293e7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon19.png

MD5 dc53396db94a908e0a248e082146e87d
SHA1 26ebd7550c2f5c0532976b0bd658f9b80c3c747f
SHA256 7476860ca12048de3b06e90361baca5aa5ecc193fd874a147f84781cc93cb5bf
SHA512 bc6f0f63dd1886c89459975528416967e01cb6a2e5ea44f739fbc953de0c3bc4b944d0d0d9df77fac25aed6b1023210c52dcfb95836f7ce55e8e00f8e7f829a8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon19-active.png

MD5 ec03bd25c8452128e96691ab61b5f4dc
SHA1 9491d4fc63844aa044a8e9d9afa52d1986f48daa
SHA256 87c6efe4c8cf54b3111a08da5bccb7d5734b64f3367925f4c371789effbb1c84
SHA512 23056c4a0e6e441b10097dbd87da5ff0383b2509485fd92bd36d06cef9c9851f02fd44ed1d046e93779fdf977d18482c653edf75d8b21a1b16620bc65ca89ae8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon16.png

MD5 5d7efe855fdc3a653bcd1437f3aea5a4
SHA1 e6f4f7bac2a2a93bd472f79f2b1c15d5365bc5a3
SHA256 3591255dfd5262179148032ddc27083694aebcf322c7f28c0ea03de434de85f0
SHA512 f81436986a74ab337a16a7bc2403411933141b16955baded2c9854034d53e3a97e919237dce578829df3f68191926e555506f3b046f5ce29f179649c9a11f385

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon16-active.png

MD5 b5ce22e1c3571e2248218902ce3f01f4
SHA1 bb498e12861301aff9c6e23ee164a22caf7f6d77
SHA256 d4ce28eb59a65a7113a23b8cee037da46ed99bc9231dbe44ebdbfee0ba04a7d3
SHA512 4cf3d606c8c7b5872ad56f524fc81332e2686e81886efdcbc1c0cd6deb09d014bd4632fe25bf2c6320acee2460d4745dcfd121810cfc5c3ff10573d1c1532dd6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\icon128.png

MD5 ca661e9288c71ec73ac075d9125ae8ea
SHA1 abb4708fd137697d1e2a89fa279d2e09c39939bd
SHA256 ac6fb8960280423278452d9064ee0a0003b14675fa360ac065730a06d77aa38b
SHA512 d18dc15f7e29107d6f49d8d2cbd10f002a7a01fef0a970c3544717be3fa5e6958c2a7b2846b889fd7407f397832830067b5ad60f0574fc8bf218242e4815f4b5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\zw.svg

MD5 82243b8a367eecab2678df9d63113cf2
SHA1 b136747392304599118d12bacea4b25b43d49570
SHA256 abb1475124c718438f8ee4e128914ef5f50ef34344c3756bdf94f2b2c11a2e8a
SHA512 b417f9c6e89849d260b70f0a32c3b4d6e295d7f755fdf7fa36a357be9c2ca162fedb459df068890f94aaf9e115cc3c2456e6d221530cc5b25c4d94a538104395

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\zm.svg

MD5 c23e385ce6e6556badd4bf19fb4440ca
SHA1 0f3410d723418d3d3b51086e09d7f1c1532bc748
SHA256 dc40951526559a731601917a6f7d40a0679e1a6aa5c732e8dc1ec60fac45fbae
SHA512 ce8b89f8fbab9727ce5d1b89d72353cff6326af48c5a428bcaea83051b2d8031ab45d0ffcc0ff4b630fc980257946883809251dad458097301d3c0fdfe436fd1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\za.svg

MD5 3f4359b81c14f000d8e5078902e2dd50
SHA1 e1a0ad31acc3a05d87c93db50116e716b76e42de
SHA256 92327b31261741c7a64d9b72cce995dda619465ad421cd5dc9528b2c9232bde1
SHA512 83cbb60458cbdc662fac5e2bd54a178e2c240200e0dccc1bd57e67dd6428614fb95698dcf0a6ba121e17b7073c8d611f546675ef8764047cba0e2840638dab54

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ye.svg

MD5 918f64f1399c95ada081b2531f86d229
SHA1 b288906c98b77170c3c0b239f05aa284accb8006
SHA256 c80d4cb3d149f37d03ea37a312655cdc1bbd861ec56b230b3c2a25495a012fe7
SHA512 2b09f9ab00061cc0ed585a18f89a82d822c954fc90c5445bbace07f9a0c3587ae11ecd2fb4db4db2f16475258a9be89e2c9b3f78262fe898dc8292c1235da0dc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\xk.svg

MD5 13bde020d5663434bf37bea367a6e799
SHA1 397f6cc3e43b272bc4d34d2766a48f9af11118f2
SHA256 a63bae4eecabecc77e7a970358c28b40cf79089acd3c869e6d077c6752921715
SHA512 5c048200e0fdff634b8aa964e923f1d4da15bdbd07d816e4653bdb0b8da020e0685fc874053e0ddfdb9f0c48baffb4403ecc4a4c14cbc51fd6e962df06074cc9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ws.svg

MD5 5538db802ac0b3936d27868186578ff2
SHA1 53d2102154ee1b55f574fda1730fed987644f982
SHA256 ae65a353e104b47c8dbcc55f8dcf62572bea2e2027b2d7cd3d77a3b34cdd0e32
SHA512 1d8217242f956f3b5fe2db2a6d63ad2d79b429d6c5a82e16d78b5498b9635392f7fae499def7c242e64c3c0fedba0b37cc15905f1025a6ba48ccca5a52813075

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\wf.svg

MD5 9c81df52769cf1c851d4bf08aa10a66f
SHA1 284cd1b841c98ff599cc49f2e22ec3a839d009ed
SHA256 ba7664742b272907314d56050122b7b5f11f3c922b1b0fb626d1c4e96d460471
SHA512 05b5e8d5f3fac27a6b2df819fb7dd5aebd3d991f7730a02c1012a8b0bc5a6fffb090f3e98e99787b100d62d845acea9d6ae2c5bdb1c533e40ea45924d6c12ac3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\vu.svg

MD5 35fd2aeeaa15632f74f5021c92ea5195
SHA1 d1426a9cb4acc3f663383b832128df9848b310d3
SHA256 ecfc18c83e5af4abe979927ba429ebb8572cd7c9354a642a3c6192f6c89f0a4f
SHA512 298e747bb6d08c1654921a92713b7cba6aea136149c2bcee08040788fb6bd49eb5f595a654b4bbab8382a14a3efb938e9e71adeb7430beb9195922f454880869

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\vn.svg

MD5 3e2c6d03dd51416ce5bb2359b2d6611e
SHA1 1f793b36306b85f8855a1845a294465f9f547a12
SHA256 b3338b79bade58160b622c1c11e4be362674fe628bc825f010994be319dfc727
SHA512 66231664436bfe5ecff4d31491e11620455ab6494f871b9f8e6988fa4629f324a114181be2d46d8cd636054230dc77993169dc914ddabc59e320a5d6bb3d7327

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\vg.svg

MD5 dbab6d7ecf70f7ac320c7d42930830c9
SHA1 d2ef84bf102c2c45c9ba4ae343ef0acc1fc5f85c
SHA256 e981da79c54d570a84e2def7c6976cb146530b813ebf540a172216167e8da957
SHA512 fa4b61e6fe24ec788e99250971ca4dcb101b82fade8764c6940559ce185dfb2daa548c20e7905b9afa80b52556c8ed096c8f1cb704b7ff813e73ee5a326e1303

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ve.svg

MD5 3318fb640a91cfb6b6512410c42764df
SHA1 9597aa90761b3e84d40fa24adfa1b9d5de1f6a1e
SHA256 123b442bef4dcf8e2c93a22882e273cc29412fb89c21a4836d0f4aad757e7fdf
SHA512 88839b4eaef862e578d7fefc036596cc19343785f41b199e87adc562f6881eaacbefbc258c3ae267560ef3b4b3ac2d066dceb70ec80c395238d5c1d510e1436a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\vc.svg

MD5 aed60576b1983a8d299a38167d8f643a
SHA1 81988f89645da66fd805f3374684636fa66f6a60
SHA256 ef3b08b14ce05f842513ec127ed3ea5a472bfc504023cd73dd87222cb5f00ad6
SHA512 7b8cf6b4681e3689c9b67439970e67f26b31ad07836a8bfa50ddf05d22db7cc9d620f32ba8566ea834a4f03a173c3e3a3e55ffdda8287bf722f078bc83a2a71f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\va.svg

MD5 55d0b5a5078cb55aee0eb25b13e1f843
SHA1 9f408ad35c569cc10db1a514968281ff0f2775b7
SHA256 93a26fe774ea5d24ad3e2bdf5de706066c0f0001624c345783fa45f409f8e7b1
SHA512 6edafaa990f0b7e32f69656b8066e77616cf22a8a49147c5b146d34286662ca944220955eaedd1f5420979108b04b3a91ef120b960a7850b6f28504af06738e0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\uz.svg

MD5 6d7e10d88af54610989a5021d8b03658
SHA1 05a4b06b326d812c55a139c3603fa53a16a87c4e
SHA256 397a952ad8a8b91ab04033a8c9e975cec778f05c5413f30feb67c9aebc3edd1d
SHA512 876771de636330f1b5331ff2dcba0aad7ded07d465275e0578ef767d3227175ebd5931f428dba80eb67f706bf78f784c53dd85e003bfc2bce1c8bff069083954

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\uy.svg

MD5 9ce0c4fa86b982830024f697578d668a
SHA1 5bbd545fdc75e4c15a6c193fff6f23dc7adc7dd2
SHA256 fe465045866a9c9e4cc48e8b7e510fa81bb5033be2bb62d2ef00d8503010d082
SHA512 29a4fa3532fad74eebc6b3fe7344a3fe946b57f105f3b17f119e29d3f83016fe4f07695298c9fa67f2c6d87f56f0d66d4ba5f06f719748a85b4fd492d2804c7b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\us.svg

MD5 75a70b49ce15fe80ceb0c5bfda423cdc
SHA1 d33f73c8fc041dbc3c2a3c74a1d57ff9bd26fd40
SHA256 e50ddd062268a1c83cc4cc29fb473a883ed3f361c13b31fbe14e3d7553c0535f
SHA512 2b0c362bd827c40c0ce204352200d7d0f5bb55131ddc8e9e7fadb4a0d6da6989fc02425ad097250c8dcfc1b3043c4b30cf82070b15b6a53d032d4ba99a2b2e0b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ug.svg

MD5 366c327829821108cd75dc56e83e91cb
SHA1 27ec09141ce0ee9d2391aaedf4a3fa29bf408bfd
SHA256 862cabc8e021addd21c455d765945f25a3bc6ce14a82a160389d0c70a1c8c9c8
SHA512 0d291b5384b9e5585a29f6222cc9259a5dc9e92ac4599d8001ec33cd81990a74bf8a2490865aee41567c096fafb947fd390287b57877936bd4f8223aa2d3c16c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ua.svg

MD5 cfa5f0ab0ff1b5eed0de8df4c1b5b158
SHA1 ef5784bc322a02758f80c0e3aa5527f35d925f46
SHA256 73514715dac15db6ec0a7fbbbaaced15949806601bc13fff3f9651e8129b08e7
SHA512 5381b6db7f47cfce004dcd56ff4f830aa9cb4ce61a06a752a3a78cf42e0e88f5170fabee040606cf0a823bb448ac4c141971980330ff0604e46ba6b287ae06ee

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tz.svg

MD5 e6214cd0bf0a8edbe70edb0598b7c22f
SHA1 b3aae635b92e51b1011366b966c7f0569a27294f
SHA256 1b94f724218440521f24fd47b0740247520193a8b9bd2e9ef335a47f15dc2e4e
SHA512 ffbe0712686881de00fd78fa385d25cae6687951441315ade6fe5cbb5766cfab6f53e13eb6de9ed1a6561f18cb291ebe918e7e7530cb8e3148d261556be23f5f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tz-eaz.svg

MD5 040b3d8122b5f3afc3c04789fa8e8d3c
SHA1 c1ce64a548e5a487c46543a66aa0a06910f18e82
SHA256 d8870079766e21764508fea2a6bd1742a57c84fd839de10e36f898eda67c1da7
SHA512 ce7891fcee37e0cbb7cf3ee55d7fd7a9a5fbec4918b1425934973ef5a613c61c367ec352cd91682f77f63d99b452b950c97dcb84fa6b90a7b9c218df32d2a2ff

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tw.svg

MD5 6cbeb991e4ed93b2f7654a30f5dece7a
SHA1 bd693f1a0a7499abfca27b83dc77b95c9dc58791
SHA256 0a0e69b275efa22132473001854a66862d6ae09eb4e6cae2ee202f7996b0cb50
SHA512 54b250c1b7f8b22a5e1ba1ca241927b80cfbc77e8857e607c786a47c2cc37f6eccbed30f8db7151aba3ab14e560e0ae5283aab7fe5845492af139cc8bac0f2d2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tv.svg

MD5 b34b52dd02c30d9e1af6ca6d066b3f7e
SHA1 7c9175817b13b0ea7a5e11403b3603ba27d7b6e8
SHA256 f14353a4a6afd2a75602b8caebf62c0068b0d22d45788448a7eb0cca46bc946b
SHA512 2edee3641e20a3e81484205f5b3a06357f49c4b22a750e12bd2a88509898241df074f92830a618aa10fe7d0f6c2c28af8bf6a1d9f6e4172f26287bc25a989931

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tt.svg

MD5 4963bf39ea94911cd15a0cc067c6c6c0
SHA1 7ed4e47870f7cf588c370e7dca1f4a195fff3bb7
SHA256 301bf45f932c8c6f80e831dd301cdc29091aee64f86b7125d63cf955e6606a97
SHA512 0a5582c9fecbbd3f0223abaea3c93060c027a5245616eb3db5dfaf8cc81793c93aa0210231dfeea2554991d68658d9dd3c0060b67fee7e92deee16eb980aa2b8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tr.svg

MD5 065cdee8671b9e86e83861b44455e391
SHA1 f585c590fcb9f4936b45828857446154df2702f6
SHA256 e3696a3cefb1ea5c035991149a66acbdcad018eaf364b358134de4bed07bda84
SHA512 1da7c7e27eeeaec659bd87ff37d8f5325d6d7a3971baf186e3c87d94cc5936a98e9f3a4fb730213b4c64c5ae4b7383c39f9be00528cb60ee41ea84af4c927d4c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\to.svg

MD5 82354d7a13e6dc8b9c7be6b2eeb1f6ac
SHA1 4caeff751dd099be31571bc5f096cac4f42726bf
SHA256 24277b38b6d7730a8671e3f07e234e73433f75cd513e5c6c5712bb048d536138
SHA512 1de79d8ea18f3a9d855e33ecb1bf8d874979b684bace6db75c66f1d7674b49d7d0694021aec0afd86df8be020e744b021c157150d5a78a4064a880ec2a64a575

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tn.svg

MD5 427f230eeff100757a4d65d124898715
SHA1 6981281d810cf7eb0b54d418139bf951fca47ee1
SHA256 8e2faa8ed2c5d85289d4c86b2cb12bb9708713fe29c5f0b3b4d6a15106ae7e7b
SHA512 4fff228295ea6f5d5b8b212ae2a73f52cb18154c442396755b0395f49e7178b43b8a88ef406a72f4e0c6c4739217624ba39e78c4cd005bc8382e4f6be3563fcb

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tm.svg

MD5 5cd7dd24e12e92b4efd3d59226469f37
SHA1 28f6fee68ee7c8b2bbf853aa6b8141c9f19a3a40
SHA256 5f4e4ce1ca090566b900f76dead764dfc9cecb8268a5c016f3393892cd9199b7
SHA512 8f540fd85e0ad367bf1c1dc3d48d9eade3fa2e0feb9d50761b51d1f3f89b58fffbc760097c99c0a4469279f715f86a093f751b91a96ab981e7e5e027b97c908b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tl.svg

MD5 013e50f42cf5d5e21a5fbc37c9b8fd34
SHA1 623aa91e7ac99030aadcce2c1baf48ad34fe3cc0
SHA256 9d506a44f1fd96172ebbd55306276de9efc8ed7e06de8fd523104e375647619d
SHA512 173d3f894afa1b7b59fdd52fb56d5978d53f9e1b3b32a176512286bba23d191697ecff25e4c08ef011d3a70808c8ff7f2fd2303102bbbc559708c72e3d6f09c9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tk.svg

MD5 f3ecccea7f1e2104a9e11220e582afa5
SHA1 8ef1bc8345bb8537246dd17e13b91c8a3c5cf2d5
SHA256 1ed762638573260e8f4dc0c49fe972869d2afc6a08e54ab8a0e2f85a52836d39
SHA512 5f8b9f44092519446286950f67399ef32d21769f3b36775776cb46b30761f2ddfdfa304a7cbe34d1fad0b5b52ab9e00a3dc72370906a37e1b12523917e98dc3b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tj.svg

MD5 0177de89806aadde1283b694485c7e2f
SHA1 2a82d855f5203cf1320c81dfd1e22f815446c45e
SHA256 b9502b63d79f8c0cdf3d87fcf8494583409a636da0b3490b84cdfdaf1059a015
SHA512 8e7504a3a03820a78e6dd5ee9af8141fc4d4e11e80b6e7210837e0aec2090a57fbb3942d933a58f857865940f18e12b0813eca007aab99372f41f624a15ba261

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\th.svg

MD5 00bce11d677629da7c34908d9c653513
SHA1 9b1bfbc9a6cc76addcdea35bcd95b9227dca69b1
SHA256 bbe18835e75b806d7db495cc2f4cbaa14fa8e800016c3ea3010b390f51bff96b
SHA512 2c251dca63f5a45a7945bdf74568852c85f43e7d6891af7ed7a10e40564fbced026705c46d24d22b12a42301b05752f0a6b273089db1f491d92495dbcdc677e9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tg.svg

MD5 3a400c719ca6e8b327645f9a32fc1319
SHA1 6547b14d5f15c3605f9c9a39389f2e5f9b4abe1a
SHA256 f8c318ea857b6cdc48a1f114f268d55a8e4b40d82dd5d76373287f933259517d
SHA512 ce7b0651edc6bfb11beb22d13fe733e85b19f7c30e19b5516cbc25b5fe1f4262ea482da6eb8e6fcebe108c32a2ed3d2099ed29f94321f55438aa75855dcb0a55

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\td.svg

MD5 a235395c471c4a94ed8c165f5fc91dd4
SHA1 f7530f143ff2149cbe4742f0304e25677ec0b034
SHA256 260287094c2c7215da51bb68fa23355e93377572dfa3dd33fc320613a768dccb
SHA512 fd50f634357eba06f61cee29e7e2a2cda4d9b281c01727a4e3f8edf1c10a97e958dba4b8d253cb61252bf586c2c64acb4a0bb2aac3c0258aa8166c14470ad075

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\tc.svg

MD5 84e07069cd798afbeaa5b0eefb609262
SHA1 eb1d0ff671407d8e7bb604526b65eb8b780be989
SHA256 ee5fc4c9a3f2023cb2346d046e535b7802bf2525648e9cc4b9d8c81c1a2ee9d7
SHA512 05cc1509e47e7dfe0d9b1024e8b5129bbc03e7e01306c4f729016881311d828a02c81745b468f99988eb04a24a15dcb245413a4beb588d53aecfeaecc1c5d5b7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sz.svg

MD5 e92a72dd8a32665b33c7ce2a68100fb9
SHA1 a7d6d3e4afa20aeb9d3cd0175cfbe9bf32fa8ae6
SHA256 6d614261ada8c27cfb3998d99e22afa6c2c8953804581cc1d6a7653e9eb0c004
SHA512 017c5bbf51b665ab376e3d18b6d144dfb3145fae22466d4dc7903f9ad0284e68f89da6caf46371fb92a4fd92f7861d644ae465f42e003d1354e21761ab730b46

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sy.svg

MD5 0a1ac96b4ed7670160c0d832d2fb48a0
SHA1 03bf41e890793753bbf316fcc26252a7646e6ae7
SHA256 120a66f6a7cc1b901281c9e1bb17afbf4869e310a036aff9e13f7e442bd7d009
SHA512 75eb9f1f2ace26a063cc2a8aba4a84bfc22df4cdce20c8eaec9edfbdef3067826bdcb375d6ae2047837655bc9e2fd980bf139d2ff45af34212e43add259a12da

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sx.svg

MD5 f2b9f061c673a9c6ebd394973a2c04ea
SHA1 aa8591ab0d1e554fc255ab3ba7f1f1ee5577c458
SHA256 7d0287f61c18b4c584de17abd7218e910daada8eb28ce57b30073c8e01284c9e
SHA512 a51ea51b0a23991ebd19e63fcf13b3b3ecea38541346457909b9a8b98f53c064c742363d412521d5a40854bd19c7cf5622bea354cc3472e3c1c9c2a989f6e490

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sv.svg

MD5 31e518af89a55d29ff15acb2cdb6e11c
SHA1 e92831bb92cd9e4cf18f8e2a3e15a8b00eed3d1e
SHA256 d601df055c5caac575c29a576cb5de1a0cb42479f5d21e65a0ee0c52c5087e36
SHA512 21efdc73e67b8fdf18259a224b6524a71496446c0f88f3d909b6aad16ef044def80c1271b5fbb82801fc92f8c9610f79b76501b18f27cf710ca592a598566304

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\st.svg

MD5 05200030cf5143eed03779db71e71ae5
SHA1 ccef794f7b81ff77f5ad1ae1dde6f84796414bd8
SHA256 2b4462bc3f6ec3dad0d7b491b508d9ee8cca5761248506fabfa035d760bc26f4
SHA512 e0986d07187572aa4fcb77f9b9fa229a810cab79cf01e3f3340a3ff7d92dfbb7c657ca7bbe615052c0f04c9ee73d6f91a136623b6d268143bc23bba0d05cc779

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ss.svg

MD5 ae4430935087ba88a35d43cd589805dd
SHA1 da8ebb5f54febc81655fdca18a6cab9cd50a5f7b
SHA256 a6b0e88e9b2cba1d50d8477d99a69838edf92260b5e139a542a6e7742530d95c
SHA512 229d07da46b53d6f9b74cc791b49ecb10c41b30e9f1a44fc0550c921e1d13611afcc217ae2c929ed6043daad2f5e71a58fe2e56d7863a050977057ecedddcd87

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sr.svg

MD5 48b81fe723ba1ddc7b0616b313205fb9
SHA1 5a3c9b38910b15d97632161461f64da239f3ca6c
SHA256 2ade3446be416d4043fc8cfac75de0d4a232506a7b52c061a5d3aff70aa6bed2
SHA512 ef1df52ad22eae8c90d6b855e26308b587e781b634258056eac70ca656d0d3380ca6cbd25f3162e4ea19e711e5c817971e8b1e8ca41c84de9cf66289efd3f206

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\so.svg

MD5 b4a66b5b750aa9185546ddf85c523226
SHA1 16e3fbd87a1592b02f76307cd73e56f6c18226ac
SHA256 d5ecfd134ba59c394ae3c8c9b95a6b00b5ee7810f5bd95b3e0546b695b22e5b4
SHA512 c25624137275bcd42419d91b7df75ee037554d5114656a84c534fb102e438d7cbcf37af2a242d47e82299327955d899a61b356107a93f42497f1ca0a8f3735dd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sn.svg

MD5 c920a5fa6b4e5290643f55d04340403b
SHA1 34a13b984254dce90a80bfd6725d5f5c22bbf415
SHA256 6bb25ce31516196132043c2906d8a533ead4b0ccef8f99838ed68e3c94d6828d
SHA512 522646763d1755c5df93bb73dcdfbcc1a7d91e6e0c6ffc9464e777b01c58625cec2b0fc650956d962b08d8bb85dadb82043a29d9d47dce80da51199bae553c00

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sm.svg

MD5 4f75f3c0c183bb05953992b383b92dda
SHA1 0d2971d9c5e5835090ab88e1ac1515e8bd764450
SHA256 f7704a217f14803f688f0993473ebf838a26816235d970d656932215276671fe
SHA512 d03c6117ba18abe2ce22872788c9418b1e8e21f6559ccb0fd6a8c627bcc550543b35908787657e92a95519f7e02efea0124b48c8744570474730a8606c018e6c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sl.svg

MD5 c70a7728eb0f2b3ef1b293e24814a0e1
SHA1 bcc0d53498798e0b6a877a5ddf921fed2f5420a7
SHA256 841ad6f4ab9cfd5e6624768984a918e0a62fb8c7a11a2329883655e1fe33d25e
SHA512 4977922e246c502ee2c20fb341893a05c5bab8590f177a3b90400ab03c1f754bfefbf8c0638a068dfc51a01797f71a751ac7cc375a425fe9a34b3589d745facf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sk.svg

MD5 c4ac2d7cfb76fab4beb752e19a201bff
SHA1 333cdbe5debb60a3c09e0a8725d159a031efe8fc
SHA256 5e9fd33a73f754bb1f69924924ae5a0ebbaaef0b81ae9e3337847a5564c69ac0
SHA512 53f60733e20e81920fa718b1998b0762dcfbaa3da682c329b1a29fcc455d1b6f4d4f95dea98d491b98cc665a89b2a1d29a44fd7fd68c1747aa8dac3476c892f8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\si.svg

MD5 d7871a8fe7b00b855424dba347c2afd5
SHA1 8cfd44926de4afc7940cccace0f8a13e639e4c00
SHA256 6737c5f067d9ab4c7edc8d8635597d996c54bca4444ad9d72fa9ce67eb7f6c31
SHA512 dfc8b862bdf206008d23a81c76eb1b230b9c271ebb7b8fc84736e131a747cb61e026d50dc39a5bff11a18ec332bcecaa7712d5ebc880406d89f069b9bae4f9df

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sh.svg

MD5 dcaa04761eb1d9207f602e2d654e67ea
SHA1 1b790ff5d72bf7dadcfca9c82e5cc11307ab5170
SHA256 cf955f83a95fc3912f4a4b599f556fd894d388f0ae9eddef2d4dc509ddea0a0b
SHA512 3ef10cf62ad7f67e97b1be64147aff3ea3be00de2c95d5b702fb9fc291a520c78214beb301842ee6c65230c68a79d5e0ade29d1172882c4ed415ae463aaf7654

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sh-ta.svg

MD5 725fce6353246ac536a50f4dedb45c27
SHA1 943ee4a536119c2526a8b6f675caffe8b59529a9
SHA256 87d42fe064b0e7fa18b8237bc238f4713445563de78492a071857d2eb3502310
SHA512 9104117d27830494ac013b37dd49d3a57d9678094a64ad020ce9fee4ed4eb7eb76706ba4ceaf73e7c2f638fc936efa17063e833f90e768e0ebdaf8f988e6d9c0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sg.svg

MD5 72271e77cd53def1330473d0d0266f4a
SHA1 63d73573fff3468f456281732e12cc9b89b45feb
SHA256 4d1a011f0aaf665719f9a2d4db5a39352b72956cbcb6b4568d72b075f093f979
SHA512 4d7d63e79adcbf2dcbe0999035c6b1a56dd24dd71a478c39f3499876f6dc7509ba05bfc08e55b11985a9a6eca8af52b298d3319c355f030b1a508b259709e254

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\se.svg

MD5 1824ad03843f9748840759c90970021d
SHA1 3cf875ced0a54482230afe9c95f9e3bfc5502190
SHA256 2f36c37e5ad03d68b8107bbf4c53b62df72d0b53e58097f6fcb4034597a047d7
SHA512 429d1df4ffa62dc8d38cef663b0e175c84aff0e3dc76bcef886fe79a295ac4050633696e438a59b396965089f84a5c6475e38184ed5e2448da199a292f911ae1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sd.svg

MD5 5ae8ca9fcda124d74a60695d992cb8bd
SHA1 1f63a26aac7c307856957caa1c8c06e6ca87f85f
SHA256 3f1cd82d119a9b0f26b75737bc4a0ebc031299cfa58834848f1f7af8d00487e5
SHA512 f9e9c918b3489670c12e613cb1fc5b1de17d447c84483125a9d4a3653bd3f6860a0f278f02d859a93f26b30d7dda681d2514b34df30cb870e041589b3d404c76

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sc.svg

MD5 ded37ca0f96b7bbfeb80e31f360e21c4
SHA1 2318b8de49517e00d72c0aa53b33fb8ef5aedf37
SHA256 c2a0939e3bc9478b5dc2dbeac63df0d4cd4cf28e9c635ec885b1c4e65202b7bd
SHA512 6a040f1cd2a5133546882b950d65ab8786e473ecbc99c1e990a2a906ea52e392de027cbbd929891fda65abde087c3735aa153b4a7c89f1a578c6284519fd1c82

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sb.svg

MD5 29c00b327787eb48ed61112ac2a174b4
SHA1 5948cfda32899bc979a202340dc298bba7a055b3
SHA256 eafe31348c4c3609a80763beefebf44fa2e9f0e3ee643ba58b6c3e6b182d4e70
SHA512 bd314482ed252b4beb7fec4d235cfb6e672b591857147a379995cb5f37be8f42f88e11e85120891557e392cdf30ca0f34aa0b0ea4ce5542f942e723062a410dc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\sa.svg

MD5 fabc84f94cbd075219c640358aaa71ac
SHA1 8628ee761ee8ff6b11cdc25ae3d50f1bd7acb667
SHA256 263c9fd4827ab964e8fe93b3c4c55df858b45ff216b43e799921f9547819af16
SHA512 707c74579ba0daf53e6fc8e1cba97dff6202a13c48bdc7a996f3badc33cb33dfa496b7fe8644e69c81addd3697cccceb8deb1ea1383e2ebca6a65bc2e82bd2cc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\rw.svg

MD5 e46a01cf8b0bcbf41eeb57334241b25c
SHA1 cdc547bad84c7ec7e8684cfb85d3ee8582a6e74e
SHA256 0aa8a4f94d80fec4851f2c3c0176da49b0bf16c71de1d1ee20f721a046f3986c
SHA512 49ff05c88d45436cf28f7a6c75e03e134a8d1aec41ccf410fcbc6a3df90c72bc1d0263217e8fc9a3fe4bec843e37a68dc45906c0763649f0eb1d150743f7fdcd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ru.svg

MD5 14e1f034d1d5b100a6c231bbc37eda6b
SHA1 d5c47764601a68f87430395f250b579b992f0b24
SHA256 93a98308e636aed89f8956e61114b3c6bb65ea37297771445bc0eb00565a759c
SHA512 9b2b1e337a13d3a7cb23b2f4933ace1445f01d33939b26e1fb43f6b3e7dfba1aa76e38e4648bc478eafe7af8a4171a134a0407a0c97c649d2e3cf0dc70af6c7c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\rs.svg

MD5 7cf39871c35754b60c72ee7cb2bab776
SHA1 5f005ef57e0ff9cc1eb401eb052851e3d2df0c91
SHA256 65a2f2cfd04e19abed37889f399caf8c7943316592fe5a3cb7b7ef782c67b4fe
SHA512 ec56d2d6f0b1d72756d9d22f1c6a905e206da58a55f71304108128bb969cb453d3868d8d0101b9f4b1be600bcb4177b3b0eb472a63a6190114ac807bfdf88328

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ro.svg

MD5 3a86d98d42cfc4e35c16d79deea197bc
SHA1 1b987e70db2e3cd9ecdcd906d274951193dac48a
SHA256 8829c7ee2299c65044eb087ed38dfb23e6c0a06686802b4edd61ac3b8bf0eeaf
SHA512 f8ff9b5859cdb29a035a21e674279ff28272b21a61be55c0d824cfb0f3d347e9b6b469370c99a96c17e021dc4306a4f40db444fcb3e94ff3860e60ea5ea488eb

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\re.svg

MD5 a477b5c09381d16264ec6e2923e1ab0c
SHA1 00ec28247779e99f9728b0205717040e746c7ac3
SHA256 3733dd634e984d1a33977d8aa3b0628f500cbe7a0fcb58be80600b33dbe0a383
SHA512 d29195b9becd855f4b64beb8dcf3fefc9e8aebcc751f15d9b5788afc180ee6ace16eb623ebb95f2e1dfe8e046bdba20764cf55f0658e856f5ba0495369c23b51

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\qa.svg

MD5 23912a12a90896c8fb468c78f36e3520
SHA1 12c6da29c954cc0bb18ce98e554601ec54039290
SHA256 489f75d8f894e5c159ddbffc5bc54c067169adf9ed7ae457f9a6b7d8dc95795c
SHA512 bcb6964c276a5641323693da25cf2c61940cb25f97a5c164cf80e41edd7fbebb4b016ccd575802f670855f1e2ff8d390967b627a06eadbb6605b173f8bad70ce

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\py.svg

MD5 608c177ae11e52066abf3feae376b459
SHA1 abf91d151f001cf2c5bda0db69c6a8fc7ec60cd9
SHA256 da95c6c372b990feb6ba57bcd10f53c2b263e46590e766bfe50f5cb5578b257a
SHA512 d6a885154918e4ff2193440c999d5bfbeef069582a9184d2b519bb18090e3ea942a726d7ffe2c3a7faa44898e312871af9cd7750f2c78b3124f6f4f300920856

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pw.svg

MD5 2ea99db256873905b3d922a060070bb9
SHA1 3a6f20a40a0fc3079915404a829367e19545e01f
SHA256 03398f01eb41b45b52220032702229b084cb9d0d3bb83cfcb1ae9ddcd1ce8125
SHA512 049081b39dec1216f4adfd7b1fabc3c1f2d77de03853fbc1d116d74f75692f4d15cb845da7de09249d9961bcf6595589671a5d3b66980f2030df06c0c2fbecfe

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pt.svg

MD5 323e399d2405fdc99fe7531edc4dd602
SHA1 eccf98cb1ce77f936b8676824bc23218713ecbb9
SHA256 b1fe4d9ae96047ba50b6aaa14dc76f8b4120cc4bfb5ccff0b4e03e7c6eb285bd
SHA512 1a1811b588184289186786dc3d45a8981f285f131c6cbc724d2f84eaeb9c9720283a7b1d32a006bf7d058c55a8f091a5955ceae1791982db533742408083fe9d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pt-30.svg

MD5 032c5589579ec20710886a240c1acad7
SHA1 b5ded6ebc83e7a880f1ba6738cf0d66cc2856b11
SHA256 7e343f1f3e291982341418a755dde4e336407937ad733cdd838c4f8a163ae401
SHA512 cf9ccaf0e5de8d6b69168ed878f43b609747e98fe556d23f1516e89c93eeaf02c301d85716f399cae5c809a5196028b0134032f096163127c2a517a8599f67be

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ps.svg

MD5 132d6a6b63385c9a699f2e4f60e56a9c
SHA1 06a0bb6056833e361f74c039815a80e78fac6af5
SHA256 87549f29820c6ebb84f04f900eb2e52338dbe8b9ee9a1476a0fe49ae04b3195d
SHA512 46548f4264836abd51ec20b6a919831ef3b8c227bc3a60d3bfe29e4b19f2c86e01f0c00d63b86e0e22f0fc97d0dbf6065aeb9b92d67f44bc5afbebfb71aa3746

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pr.svg

MD5 95f5e3473db22c681b87bc8205dd97a4
SHA1 d39f831a0665f489379503e878c9c99dff09b0fe
SHA256 c197ec9a73a5c52b6636005eaac85c2f7da26f38c6bb51d6cd13ae848dd2016a
SHA512 c536abcb8a37651d170950bf8b8eee094f71b7986426af19cb14a78d1631ceb4346c199c024ee7a22fa4db084719e47e956cdafd18173dc3a1ad5e5564ceca34

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pn.svg

MD5 4824405a890bd8d4816a40463f8dc5ab
SHA1 8809d33446cb6e1fba588b6efdd9d399baae79f9
SHA256 7afb0e0c66c738a9a0084e7eb2cdfcd8af59fb32f594e838cfd1c9d2d7ff2110
SHA512 343418e02910de1b20b6d946cd2d6a773ed79362cdf3b0267ca301bb14aebdcf40a6c5d823ef552ab6c9d8b49bb95abc5f440768b09aa41cb8d6767e3d49fe81

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pl.svg

MD5 0608d1d18c52e9043ca051cf7cba0de0
SHA1 e62e21f97d7f21579664cc51bec4b08b5cf98359
SHA256 77907d2519bb526169454303f0944a8b778d5f2d68959e3685efec1643b029b1
SHA512 64cf531b5e463e24b788d8ad209b3d6d2c951e082fc488f4a85ac22677abc766ed1d6a894b94866ec2d704fe3e4c5faff7547b81791837be26cf31529ccf416e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pk.svg

MD5 aa38e7aa0d2f1a12b244e80c29c1756f
SHA1 d9394cadbc50ad06a6638510c5a2fd4103ed15c3
SHA256 892a35b3b1797e68327d29dbdd39f8413f31f7767562adf19177c7c7d29db011
SHA512 09742e65b694f959f9803cc406d7b467541d5761d0ff11e22277751fe0cabe86bdddc1560a70451863d2ca6591adf52ba5d0576e3598bd74a2e0bc1bc99681c3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\pg.svg

MD5 d6e348f4d662f74bd1322756aef7fe6f
SHA1 6a2335f052ca9ca65d6b8a78994a7d9b8f3a7f92
SHA256 9db675244709e29f227d21fb86e5195925941a950626a14f50d9134b2dfef5b9
SHA512 39a0c98b0954c1a5e846f77646b10c35b072ac3476d4ccc79cac2f742ea3bf77d01a5cf0aa9828622610c6cd8b5dae42ced2ea389df422300980cecfca3f9139

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\dk.svg

MD5 f1b01f89af358a61f971ea3c96af7a5a
SHA1 3a10cd1501901fb4c5829d12e997cc81cb11dbb0
SHA256 41ebaa648872f67a47689cf7d96a36bd5e8a9963288ca8b6153e79e0526032d5
SHA512 d235061b08c4b90507ec57005e84400749d292d60ac957b3aafa2dfa3315f711cad7a37eea5ece4aa80f2a154dd337e6481a45a9c34ea1cdda0e53eea005a567

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\dj.svg

MD5 06eff4d16ea1ec3eb43aa68da68d7d37
SHA1 927745efa859233845cfcd51c34fc25d77857698
SHA256 fadd297dd65f193cb2d1a309cb58a1504ec47555682e5912e0b55192f7a072f3
SHA512 f84b093b68d5fb4910e087a41d4467a761be6f8a0f0e2b3dd0a1a4dee7a8cadb1cfe3326d98b2d4bea1a9cd2f3ef8c3aef699c58a61d3aed13933e0218a07eac

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\de.svg

MD5 04abd41da5fe93831f029c6e870b2017
SHA1 d38c2373225fec1a9d8af5f2c5fdba90d82a508f
SHA256 8824aad5c6a436c682a9301e78212dd833835f4ddd4fc51565896ffc218990d1
SHA512 93e41f9257c8ef013df913982d37ca9a2562ee09529cc606497eed0250c2794f9ad2828eead6d6aaade00126720d4b5ab106fb76fc965408fb72ac2960b1b922

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cz.svg

MD5 dc829819a990dbb81925388342e7d743
SHA1 d4579afd423db426dc309f5b81516aca94bee541
SHA256 f391b29587ca717d96ff94764a37ef60552484356ae3a8ea2455ef89e87b2667
SHA512 6b782bc0ad846b4dde35629ebf4305960806fd6809d11d8bf36469d7e6f987b1eaf04c1a03ba4b7425d76abe101658ad11b897920e48d1f2d78ce6f9efebfa7f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cy.svg

MD5 b43c6b2e9b550836874147233f285e3b
SHA1 b18140e4824e19eec95cfbb18157723d5eec44fe
SHA256 f1497b60e3ef8493fbc1d8dc4545a6edb9f58ee34a8dbcd7b699b6a5dce82086
SHA512 a5cf1d1a480d0ff681e741d59baaa0c59b503399a779d2bd4799db5445851b7fbd408e3061ccc5e1d0e6fcbf0f66d2257a1eb802715a8dfd40e6cb1992505212

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cx.svg

MD5 e9c5fbeb76b331c73e2ea5fc6b558193
SHA1 ce045393940a3fc89d94cdbca33a69343e8d9d2d
SHA256 fac94eaf5a6a93a0e6f5bae0dee98c5a2a3a9ecc85ecd59ea3c18cd17610036a
SHA512 597f1fb31840554e9783edd18b2c61e584ee07946ed46466d3dd36d6c3cf8fa3206fa79f2ed2c4fa54cdd2f79d5ceeaac1fbb1369625f1a0c12503a25befa87b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cw.svg

MD5 b502c013b0ff3f5f7681a23489344d30
SHA1 9865358add513ea009e83ab4157c9bd5d3dc7b87
SHA256 a0b1cfc22cf8c0b137cc18954a5dea89628bb48d977233b93dcb963afd0a746f
SHA512 a40ebc6f9dd832332e32a0fdf110f4b97ff8cf5a519e671aecd08179c72a6abc9d8128a988c242879a7c91681c165d28a61709a75491968a396bdcfcc4671cb3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cv.svg

MD5 662c1f78569adcc7750f2a21524da5e7
SHA1 7f965c07819eb33964de8186574dfb77e1ece8af
SHA256 79e1515e2994be491d704dec46967565dff17aca8c869d58f95365965ace3462
SHA512 839e9553139a841ba295022e6c4ac3a391db4a8e2105cc662671be3e4270c02cca18eb8ef6af75e5f7dd3f11207daabe25d8e1472ed606f389efb53fc68877fb

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cu.svg

MD5 6a5d29c63cd18e758fd93507904fb226
SHA1 468b3ee9e1fe9ba37aac137843fe9adec01e05b8
SHA256 8ee62bb7a31987418fcb63742a176f90e7b5e6739769123b020fbcb5bcfb3417
SHA512 d710821c0aa23ceaccd92beefd7a3c3636922a9d816beea69072ddd32d51ae6f84268054af001caa5a3fe442f2c3755740dc17cb749c477df6721d4f5cc9a7dc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cr.svg

MD5 ae0cfd647748f279238b0be6d552c0cd
SHA1 bbd41ad433a4a39ad10463e8addebc07d2da42d9
SHA256 e99d0a1207c921738d065b1634e12ba6a134c4a3b03e8b7c16bba1be0b5a8902
SHA512 8bef293ba86fb42e70075cb5825ec3db1ea445fbf6e7e52cbf417ad13dd6fd103330b22493d579e8896dbf27bcfeef1c96d050504c3013b18e6fb6ce541cd3c0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\co.svg

MD5 b70774fe119f405494070dad679f7af3
SHA1 6c6e47ad6dd1dd7a1ecce4459b430d5208879071
SHA256 4184e44670fd618c1fd950274f31fdde42d10ee41a5ccf09b3862097975645c6
SHA512 e0234c4ad90b1e9bf01255023515f6d58ebc9ddb6f859a92d2ea8e51639d5034ef808f2b8179459711c6e02de9638c35f689d4cc965d0f942576e469b4bf743d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cn.svg

MD5 d66b937e2845d9a86405f867a96f602a
SHA1 000d4638f46bb0481cdee83314c3aea819265ff5
SHA256 a18b64ac1972ec357864e3de87cd39bc3f1c86337f4a015cf185110f7c8e1316
SHA512 10dd316281330ab018d36682e245f290b650470b03f8a7fb01ad2fc4cce950bb4bfdea37776a659615264268e74faf1627b8af9339b32ec68c278b90f0f90a59

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cm.svg

MD5 a137f2a3b587ac662a409c8050ba4c1e
SHA1 03c9d147fc04331cbe1f39fb39c3ebab387d7e51
SHA256 a06ce34d8c0f694de10d6333a7dd648d1ca8dd72fee020480c3af56ba0e87fa7
SHA512 d9a4599b6a44d4634ddc751691bfca3d705290f102cb98f983d0ce7945e82ef529b343f4d7b5fcf7d08fa46c6678171c2a61b3e76296dab9811687503c40653e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cl.svg

MD5 f5b71766678282d55454069228fb9443
SHA1 2606994957a237531a8eb636e2a3d6c6aa5bd8d5
SHA256 bf4c9e9a743df4d8c61651e520c3a22535e29ad1eab66f85fef5a904750dbb8e
SHA512 e95cfedfc21fa9020f26900a1b8a1a7865038b8fc95840edc995d2a141070256b42a923c10abb1e709f1cb05db7de17148cf1248baf30a1cf73126870472b0bc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cl-vl.svg

MD5 b2ef25701779700467d225a2ebe095b3
SHA1 218e24cde72603f40237aed965c6cceec2444b1c
SHA256 37020a1c3f4fc5028fe4abcd82d78c44b46c69d3335b150ffe2f323bce9f2739
SHA512 35e73fff2da6785980a291b004413ae0b216ff8f44e2cec4d1101d7a739c6837a0218baca97fdfd3401f8c1d6e8bf4bda0fcc87852a38a548fa2aaa0cb79205d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ck.svg

MD5 0b18fd0a1057a881a98b213f798aaa82
SHA1 d4952efe9705c47528ea9b431af311eb3b9f7aaa
SHA256 3684c694dcd75f2653425439683f8b684fc723be0e39ea98de2e4591bb56975b
SHA512 80611af9f490a32a635c3e9b109e7fd9faf32bfd904ba09d9820ae0008da0dcd097345b586b2231e500befccf1127dcd1868aa8d55369493882f2d91e5d37b45

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ci.svg

MD5 f881dbe9d2f4d17189d7469457bc40d5
SHA1 c8b18e849e68ef151ac0552889910c9036c9eb4a
SHA256 e727a0b6767fbdc1715023e0658a8e4e6055ff4fb7fcdcb4970c10b690554eeb
SHA512 29c78c0fa4d7120f53f196f9af807a53f50b8357e2698eda49e4ca0a77d33467a6d6834b61fa3704d9916511baba70d7b7ad32f303878248aef41731c0aedf64

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ch.svg

MD5 e3832c55462eafe1e34f7f58fdb79f41
SHA1 68ac1ad76199c0142f0ce039d6cbbbfa60353984
SHA256 0831a70e90565d1727858ecea9823a8d9fc7394628652258f20ae48403d5bf14
SHA512 1c35bc288082f8daa41d039dde62b85099e4b368da7cbdb100b6e110768c8f2f06fad40b475c3b72d60220ce684fdb13018f5bba1673eaec083b7366b80c8e3c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cg.svg

MD5 2ca678587e130287d23e35a7ed89e789
SHA1 edca94bf12087190b78308f21c6020c4cc99f86a
SHA256 b60f20ff021bf32dec4f6d3da473eb1320b4a5a728c024ace041b2abc80aeb58
SHA512 84a2fcae8a23ce4f7812b0e9476f8f92e74ecdfe00ad75a3c275de7a332d68a279b6e4689f683dd0caf847a922e64f5648818f8685a076b5f10cf1f23fe5de6c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cf.svg

MD5 0beaa1c6193aed7872e06b559d201a9f
SHA1 3942f025c775b4cb48fd3a9f3a367a455d4efe32
SHA256 28aeae9c18cf7490f19b34a1126b9a4c814681027622dd603cf8cc87bb1e0fbb
SHA512 9881066f643c23ec7bd60fb2d79a688fb66b796961930d99c85cb63f11596dd61bda6d6cbf8b99927bf5ee9e9e235c838e2efc836242b6ce7fc445c2fca8df6c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cd.svg

MD5 6da121f34e24604f4e1f549ae6564cec
SHA1 e49faf3c600248b9c408f26c0b640b4e5e0ac20a
SHA256 4444ed91bd8d0102ee2ae52c74ffe78cb7cfd57118895172372f9fedb5724976
SHA512 6c7ca4fd2ccd0f4e9440e636357141956b36557ee9dce1411d7dde849855ae027218294c8d0d68720a5cf5e8ed358449afcc31a62300579c4f2c3786244c719d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\cc.svg

MD5 9f99b19cc3bfd025b1aa07e50d71d840
SHA1 b0e24aa6c7f1d9cdb8733897bcecf8c95b198222
SHA256 494f8b6fe3feda6788ab8b8b58b3e09edec23fa70e42792d03449efa51be4f4c
SHA512 c4409af7198d82a7eddab9e3610647fcd168a655f851903f350e9eee9ca599b51cbd28137b6a7eb952671c731f2cfe4a9c5007b6d884a1e7437d72de01befce5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ca.svg

MD5 9731127e4d0abddbc0c2126413d23757
SHA1 7b97ac78daef1c83e6f01529fe9fc82c107fe944
SHA256 b787f4428dd708debbd86003c52a738e72a53bcb67258b3e88ae624659415c0d
SHA512 db23a48371a4b1b47244c6bfc2a9e6bfcec7ff4cc9cf5dbbeee34eebacf6ffa159d382e670ab6ab86fa0ac0f4f4a8775f377d7b58d69f718fd7c233f2f7bb331

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bz.svg

MD5 8c276e3364328660a2971cef9259f7f3
SHA1 53068b3a27d9d3a36d8f7860e2a6157c4421f677
SHA256 2a7744b42e82a516a96df1cf0fb8977a43e4394c151d122c69c1814a74eae85a
SHA512 df192cfed1c4607c19ab26a02005ac00fffc21ae24d0878c84b85f1c3f92f4666a7b4dc64c0bce8f9631f963eb98584323102c8e6c491d84d6ea60cf10379c50

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\by.svg

MD5 81564b194567745f441d5f69d5381270
SHA1 cbebb293371473bce9ffc59a408260fc0f469cc2
SHA256 5dc8c2b9a6b2c637cb1aaf6a86a625fd1af8d3a55c10c88821f847037c6d6d7f
SHA512 5f2ae4750493e1662eb58d4d048171bbbf64b89374ca105ce0ec7f3ddd388fde2b0914e54d86b7ffdabc71785a6e19c4e7f2e404bbfdeb27f5317dcdc0711e32

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bw.svg

MD5 f1915bc46086dbe93644a1eb6bf7faf3
SHA1 eaca02301ba2328955af2d723aa028d4a19f61e7
SHA256 32c082eb63428f346f8c6a2252c7d6b492287211ca79f2058ee1efa6feb5630b
SHA512 5e994e76b9b2cb132cecc71c2633fcaf53e3403368a60b3c80708b70d582857c793920924883dbb747d6de820a31f455c8e68a6f1298f0be140610a88e435893

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bt.svg

MD5 8a4f5ead142d1b08be0e685ec11bf42d
SHA1 f05f42d470b30b0c9990fb4f0e6a5ae46d889599
SHA256 84a902f887971deccf21ce83f548890738701ac1a3ca47fbd16c39cf219f4075
SHA512 15f20a0e006a4c2f379d734fe2fd9015281973731f10f9ab3ab34e07772980115158cd3984be25cf9c5df06abc936fc8fc8c8fcde90d3a9789ecb1e0d0da6071

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bs.svg

MD5 7dbec68fb387b30856e5c098a90fe0c4
SHA1 21dad3b9f9d8410325d016bfd6d025aca7b8af14
SHA256 30b35f8569cbe44ed481d75acf8895c56fbde0d817ce2910bff766012b812b33
SHA512 71e1d22dccbc6da1b8b860436563a7e75eacf11d83a589e6a6ed8a9b3368fc417b244da2cf989882886a719065d399c5212b045149e21c374e738bc4db25bcde

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\br.svg

MD5 95d0c67d61f2e1514b77e264a79dc88a
SHA1 c3f8c046bc82be763f18ea7ea03bc904df26ce17
SHA256 bdda7b2f66de63f2af620543e0c6750d712dbd20bbd2c66da13bcefaceeb9613
SHA512 59986f90b5bd05a0a37ec9a5cd492a44858cf87d7d719cc92a45df945b315be1afd1c048dbeeb5c6105e7384eebf2f945b37176708d6ea4e1244d491a129ae64

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bq.svg

MD5 21e1609218d354d6853438b3bf7cbccf
SHA1 e8fba5a9633eb70a9475901bde9fd6a7e5f2cde6
SHA256 5b7a27025efed9ec896393e17b18d802826d805b557d7f561404901755b9d203
SHA512 0c2c1911d9feefed8e6ef1c49e9990d225aaf1d2c3e59985f27191055c0f981e305565d4ca690cf4fd1cd6fdd619b4ec0be4dcb29c155b443a127601206e237b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bo.svg

MD5 195666e9cb08d03314a86878354eb343
SHA1 8518d14a686f01e434cc3523b77ba573d5037f32
SHA256 bee58a996bd1e62565827828441800ec0e99c87a7abec6ed2b42eb75b2f4e55e
SHA512 53d2293d28506d53db030e932371fdaba411561e48ef3eac842a16ca50867006ef8d990a8a9029e2d17bcaca9600003c38dbf70ca2f563f6f0e6ac86371e15fb

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bn.svg

MD5 e01e15368bd35cc14210601b2790b167
SHA1 36290c2b31eb096f7abb89a7074b8cd9e835e336
SHA256 aaa353b211713e8fdecc73671228e5f1d840d42d7abcc0d7e9187d8c4384f88f
SHA512 1e72520622c83e6fe9bf0f3a16cd88e55d47e04817d9ac7d4287365496d0f693f3b1c9f8a0f80d0e4c1f0de843409ab18ab45cd0f2da555599660741a381d590

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bm.svg

MD5 a531cebe891f69bee154394ee0fd0b0a
SHA1 d98d1f51edc20b835a8045c82c4f54430903a26c
SHA256 adfd69646e6d9db79dcfe4a408d3f44ec659f4ee791f6f6d835c903acb116eef
SHA512 0737a7c2f0de2d8a9bfbb89c72f6c4bd8fde36b865f6bea125a448f77be1391f0452a8bbaccf70458a7b445baff9f359aae10215282c51066dd9528620ac0579

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bj.svg

MD5 c46a4fcf6216013d4022d3891d369454
SHA1 2ba3f9a1aad6b3131ba4e5300c4433f644e996b2
SHA256 81864abb5afbc537baeae340acaf0c603b98d9d15704d1941f4ddbf241e26e62
SHA512 51c674fef20e976a63d116cea0b467925d1af45ffdb7029085dcb20738c5385c0f8113fbb555ac5b292ceb4bdb60c9731a5e40d48f63dc6bb5b955486dbacdf8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bi.svg

MD5 4af53e68edf555d998c422a045b94993
SHA1 c095c9e58d4a5bfca628ef58a0e9b98411af3e9a
SHA256 fa63e097d86f2fdd91eaf5287d9fbfbc28a1f920765c6f3348f6678657392ae7
SHA512 98684e4730aad0e8a71ff85d1b160b54edc3a98289c80274eaae5d7cdf1e20a5f5560354ece8eb93cf313876d7059bcf6aa2827ed0912744abd7b0185d57f02f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bh.svg

MD5 a86baa6e5d4dee5ddff055f527c11d2d
SHA1 e11c2dc3076b4c6fe2b311d8a48e70588301defc
SHA256 18820426ceedb578ab51cb030b354ffaf7eb04293401ea520a01511970b780e4
SHA512 dfe4c6ae4c6e2c36ab9c563906d003c118838e72f998f937e154e72065e6d02ec920d09f693906197c632c7f72f53c57f480d6926624cb420978f87f59dd3ae8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bg.svg

MD5 0f0538aaf88865c8a74fe05037437f22
SHA1 59f65367b041977fafb29988912e6c78668bb8f6
SHA256 a0bfb57d45fd79916a6b86f7fde5a9a2281685f22ba45d2bef1bca3ed09ba481
SHA512 8c40acd99f7533e9c1aad19a8491a66ee57b82385c414090c74cc3d2ae22d7ea8ec46136d4b128a97c07c05b6f332caaa955e3c433230406a7643a7a717ff5cf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bf.svg

MD5 dd66d44b24d92fe2edde663951c218c0
SHA1 0f73e468025697f39c1ac4eeb1c5f3c1709dd1f8
SHA256 fa2d4e4d9cdf8dddebd64770e459e3b2ee3ea0893cfee38dc402cb2d78a6915b
SHA512 ceab29336a3994d2eb765e6104ce50ff2bdc61b1d36820c86ac47d70c083479974cb89532e33e92fef1619a6eb096a152cdde4be35b07656e9f8c14bc8afbd44

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\be.svg

MD5 73173cc0137512ab8db991dd8cdecffc
SHA1 3e42c390750f18b2919a3b2a79d2ba4d63187f24
SHA256 2cfb286216b3060ebe6187f4af67bb7cfcac402d9adde6297f123b416d08f388
SHA512 229865b46ab3b172a41289853991d18ecd8c3ad67ca432172ba4707c4fc0e9b5fb5fbc13e8bbab9f3a2ae1592615a9be654538c0842a2ed6c056209aaaef2494

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bd.svg

MD5 5bca8025b32984a89bc574613d6c6dbc
SHA1 d838f9f5c417acb8b5f5b3875beaf0d7a4dac2c8
SHA256 1fbf7d323094f4e54b6a78e4608967bfcc15a82f8842f2bd901202ab3b870398
SHA512 b63aa39ce89b81e5c01a99fa5056a0189b1ea922e54229e6191469285de9792b19b874d554b7fa3526bb4f3ca008cc74c845c534bdd004f97ac342d0f7f2b703

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\bb.svg

MD5 586f25a6760a437224238f8002a52d46
SHA1 cbee53c755d447300f1ecc6933dc7e5fc58e48ca
SHA256 77c0c60ee690b69e31d05aeda4860b7a7bee20091e98a204595ed484fa14b2ad
SHA512 cbac5e8104a50caeb13f564f489a8a75be031fe40b78fd8e6e894dde80aeef210b7c71ed26d13e5d8ff8355cd5239fa46b255cabc5fa292d94356f13c408d1b7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ba.svg

MD5 7819f30a3db3409a87cc8b88c941d502
SHA1 3074d193a1380f8b0d51a61aa587a867e6c20e03
SHA256 20742c109470b324680bf2a85f38a09c46f47d6ffa662a0eeb2e568a2c6a3502
SHA512 b6308164b77eb7ef9665b27cf4c0952aef818d1aaf010e15d0358593a60018c78dfe05d87ca594e603b156b7b37316b1b40d74253298ac5e6429dfc34862e26e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\az.svg

MD5 444f125277575a98fc1ef83197480501
SHA1 f2b6ac293d5f1a470a4109dd9f6812595b7ca77a
SHA256 fbec0febac32eff9fc8012393409d1acead3f7938941f5f0f8fbfd54e43001b8
SHA512 fefce5c6251b29680cc06a3265979111008f7cc08152b0063e8c1876bf8b60853c7e342a98f63f9320b27ea96d19a24d90e35edca292bea39ea1168cd7101ec0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ax.svg

MD5 2f348a2be045c22c7c7a66726f11d05c
SHA1 0e79b7275fedef26e2b71841c73a6868ba8f387d
SHA256 c15fef9cb021d2b80b421d0811c7fc1bfaddc76cedf2d66bba9bcbfd5520a62a
SHA512 7862e317ca8d987374b1c6a27917205422a691607c238d74370a41e759f4a66702d26938ab0ff9621a7f80ecdd11555d315b0e4d096b1616342fc86790d0a49f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\aw.svg

MD5 082b448ac6898675fdd3f3ba5b3c0d4a
SHA1 ada6ba933c24ceb00d48e34934b4ba71ad06868a
SHA256 472d7abe071dfc21b9d525e79be7800bb35ad607132b1e7f33004b4156953895
SHA512 6e11905688ccee166e0319250e50c80830c15a4e2ea1204dd4eab16aa82cae2f91e6beb77deb3580e29b3a613f8eb01ad367d8a1705e77b5c8794ac92e00e077

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\au.svg

MD5 95fb298c92def45fa297ae63427ee617
SHA1 fe52b5ccd30b8300af0cb7f275c53d60c2537de3
SHA256 95817864234eeec6dd3b685913002be252b7210f9ba129ba21072ca33892ed55
SHA512 ff1b34e9effc9e158b543a16a04db15957be40b82edaedd74996011b54a0354c101c5c363656fc34dcc13bf92e368e5e6c3db0a38e5d3e681f7f8c43f229ed52

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\at.svg

MD5 4fc5567ba8baac03111bae60d90b6e3d
SHA1 84bd1d2af83c86182a003f59352c3e924ce77e2f
SHA256 a71c7afc6fb23d1197282754b30b711d382d8bf11447f87b8ead54df71f38508
SHA512 423461e509c24cc662bad31b8cd30650f5631a96bd653aebe70c9b1ff67667cb21ba964f3d6c8b119d12b9f5b0d9d0eae3cd1bd4e40260898171ba6ae3ae6f80

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\as.svg

MD5 e721577125f768ea2c531388272dfa8e
SHA1 e2d7430710fdf355ee8d9defa483f87eea16af9f
SHA256 0c9c84787af9da87a5a1a82fcd6d78b48e06745d06b7ba4d70e36b1a40450938
SHA512 6b5f7fef348ca75ca2ff2e28034e9dbc19dea99cd89ac2313b3ece409f0346fa6cabc30535cb8c8cca1c7d96a28d387c770b34922d8e3332d4c35ca0c309226a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ar.svg

MD5 c958c07c676166d4db0734cbe87d48f5
SHA1 948af1d7e3c9401feb0c1fb4aef08da090423364
SHA256 a037ba0a588e45e4925f69593e24c95760a8604899a4758615a53e799d97f586
SHA512 55b6fb3aeea046eef19db81f7f8805988f0a3bcb730757760b92ddaf5007c3844023cd14afb93780b1c9977039007fb0ae477b6d05fe10c6a71db5db8d25059b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ao.svg

MD5 a8244ae1e3a42c6674cf6fa657d9cfb7
SHA1 aa2247e243eed5dcfc6aba1729868bb3e9956d42
SHA256 ee7a569e6d5c6a2a275ebd317a9fb72bb023de97917e4466f230f6ed84c60872
SHA512 92b61b50b0a0254a97410d6fa7f572f6fcfdc205c9b08c696e1fc2e9c1dc1a50c831afa6d966b5bb8bbbbd90fde60fb11143d221ba76e53e0c1a317a2b44de06

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\am.svg

MD5 595cfcd16bd1bc28ff79b1c444eb4633
SHA1 230c24b74aa5edf712a2494324ae352a31eab7a1
SHA256 5263471b006826658bc2607c060cd9bc50c415a38c2cd0f47eae2b53a1d0dd4a
SHA512 6960bd42cb64ef42b897bc4730f93b87b44f5a3bc5817cade90e2721a73a526c672bc267ba27942ebc83e8017c10fb93ccfdcf8335c9dacb0aac58eaaab06959

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\al.svg

MD5 ebd21b99047d3cd7483a2e4ff7ac30bd
SHA1 33caaa066c3fe3f1c00f26db9946a6ae67c64c00
SHA256 6ebd75724dfd938b8cc78c2d15578ce1887dbc969fec226e703ff62c06a5c3f8
SHA512 60fbc2281b0d639eb344b34fdced0d288586f4bde83e8822d5d7eb90a9db1279c5c2cb9468ee239a32c3b7e012d041cf185ccd6b8b33e9af23eed6440a05e863

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ai.svg

MD5 887bec59684b723881dc55d821fb427c
SHA1 65dd6a8b1aecd3d23f635eea3956091b37ef48bc
SHA256 43947ad00617723fd022c79a37e134394f7498bd1f9eaf0384863e0e165c6b32
SHA512 e2df20e6d6d10a9722e3fabd6d2183e6410e9a9e58f1c3c4142620f9652e565ced6fd0ff02fecf940fe2160bbb54532dd7591f3a3d5602d3017f5bde44078985

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ag.svg

MD5 0d821e5c65e5345db4a72d85ba8aa869
SHA1 303d821e4d7fcdb83ee9620deeec5a7a73c29300
SHA256 a4b83bde3b6bf0921e56ee4a9991b5abeb5af8b07239e856283ebfe8eacdc84e
SHA512 cda936ffde7e97baca95c2df5163eab9c25244b46b4bc4d4dc420313728fb07a6f74db066604ab93554bfe8a3fa88fb1a5d0faae1782b4b5995d7cbc2ffd2184

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\af.svg

MD5 d9c87e8d81fde12de02a4031f66b3e1a
SHA1 be31e2af57594794d41fda9017caa734bec32344
SHA256 182a6dc42ae0a337aae2521da60846279a1283325b1b662fc0aa1e7f37a9f0f8
SHA512 c578ba160bae1d1f422936c7287258225602ec9df0ed55ef2583da330df77f359a744ac6fbecac5b8fe0abb7349561dc859d98c1744302d30e24709a32f305f3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ae.svg

MD5 d2871b94d72b805efa21004fe0c65950
SHA1 f609c3e751159ea9d4ce97748a07f94c904e7672
SHA256 142a9e62fa375c9fe00788262d23c455964517aa9021971fdffb1bcdc3a08af2
SHA512 d68dfca3c5556877f266c2c568e2eb7a3cc730e5705314e720373854540ff248c5bd577638ff594fe99a5216595dabbe2a644513d8edcd15f321ae21b6f83181

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\flags\ad.svg

MD5 25e05ab70d55f3a2310958e9344c2944
SHA1 21005c95aaeab01de13a62b25d13c1d2fc703028
SHA256 7038077534e52144436af39a24be3876dc157af0f903c5f84451401076ba4318
SHA512 3099edb8d07f12e3b48a21cd0f46b040931bffcbde82adf45228db0c7b8a4ec47d38e3512006f5eaa540baba0d1a44aa67b4ccae75888921ef8a3b3e666fff3a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\fingerprint.svg

MD5 88cb4e11d7a10bf4da514cf1d7223177
SHA1 dedb721ac1e75aa82dcf74b384e6a444226d091f
SHA256 7beed988a43add783813fa1ae6b14111fefef441bbf26eb2c55284e50bd6c5ed
SHA512 2623a4bd4f0c0094b0e03a120828f049711bb036c7349c1fc644a4e8c5fd96d315c3b177d666ec556a05576369e98f66ebaf2a61a30aed865ff1b6d85085ffc0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\eye.svg

MD5 ae1170a5e17e860921445b342cf761ed
SHA1 24824ffa73751c07f85b0338c30fb879087041af
SHA256 2d2bb6664ea432dab86db2ae8294fbfc1454ba224e7e1715af83a6faa43d40e9
SHA512 d6a9523697e007295ca464cee8e9953476746ceef857118bca1f2dd216c690a6307f5432a59c2b3d11578fe66e33d4c1550ae1d19ca0cc6707f16fb56214176d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\cross.svg

MD5 01a14ae857fa8e8d7d8a9d57bf243a15
SHA1 a644ae36625385de83879d688e6b278a8dd4e79e
SHA256 264ad66b38deb17a172e15a3df10177e40cbe358f05bfc7fb06f4449f3d2ad1f
SHA512 0e479545586a6a81967fe7a00ad871e8857f7cbfcfaa61b45f79da74fbbb118c0a9f46a03a41bd0374d87a3346a51e518ddc27e0555ef2f9ad31feb4a2f4e090

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\close.svg

MD5 82ba43e0c737b5bc77509997b4f856d1
SHA1 f1f4f8cc0bf12c6fd9c663f85f7bb4e438a6bc71
SHA256 305bf0876e90cb24d43132462eae5e613bb294be646feb7174e431d3b0e2a083
SHA512 ef4dc4fd3b79fe535f38faa1e7b4bd57f2a1b80417ea8b24c4e60585b6ae151fcc8f077a6b028513b00ca59a66a900d3c7de3d32c034fb048bd11a4900792a01

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\chevron.svg

MD5 639bde20f68d0b5d638b43ebd0e99a71
SHA1 b9a3733881b211433451453a73db082533535c99
SHA256 5b3a6938026a3636a5e0c10b2756ac3dbd4d0dd0ccd20ff59750c5b433e191d5
SHA512 a04916a45b627c67c4a03bdc79757550a1a96b2d3f033983795fdc881f2c7ff15288baf6e4855c16126b6429c941c3c343f29a208f0e4ab60309a841fa4f6e30

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\checkmarkSmall.svg

MD5 d027e2c52525e3f97e0696e0d1ed68b4
SHA1 85df08a794ef6757747ab181e763af51f12410b0
SHA256 6903361f48900121f3f57119c6c048bf7b2852202552ae407273a586b2c278ba
SHA512 263d34ccd93c3123e9d8fdbfcd99219c1c288105643cf2d408229845069285752b4e46fd740b308dfc63956ed918e763d31ed855a1f9055efee1bcd59c69f81f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\checkmark9.svg

MD5 795932cda5da8c7f8376de1c1ae3c64a
SHA1 048a2e140e59b6f09e501f48339f1199ab84808c
SHA256 f8c132d35f7bcfd54d3d060da84823e1b494171ebc1b4fbf5b9fbb89c0b0c223
SHA512 a78e2f3d49551843990ff9af40559e80250dc73d0b40b1293420ad33c3d6fe504ce84cd439556905d4df6abe97d0d81de1b23d3bc357040068f1d8426817b781

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\checkmark.svg

MD5 972a03dfdd2da53c9fca944700b63898
SHA1 009e695d765ffc9a14974665e1d0c1bbff71a0f1
SHA256 940acf5c7c870826477bdbf105ba53c9150fffd86d4a7dc593bbe0550a09f4f4
SHA512 4c094a0b3269e6d206244fa4f240c8f22dfc06eb54d632661d18706a5ff4c3c5b98f770f56070f7e061c9781b027a9c1fcaf907b3360349c27d6dda20fae18f6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\arrowRight.svg

MD5 a0de42224848d86604f7530d0598a8a6
SHA1 cbf29088591d4c7bed2c81b716abdb1b1b86ca5c
SHA256 f7488d877c62039b267ee2ceb11aad3e077123becd8d0618984b11d3e2e2c3b5
SHA512 c961e111b1579bbec7c47c6d3c5964855b002c36faf65e074f1c19d4d735c9f0001da36bea8034b1ac48999e158661088bc136250cc13fd37d83158e2140fb27

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\img\arrowLeft.svg

MD5 989ad4a58d7a6fe53be0b0304388e0d8
SHA1 0830c4819c8c4f0d51ddd1126a022d26d039ba87
SHA256 8bf8831add5335de0af0a809c503e10974ef1097a9ead8556089e2e980bcc075
SHA512 50557eea2a2a5ee7bae97633953002fbb8ec721b8b029276206bd0d31ed7ced17db60466cac6a1331a6b2ec2770d9835a4296612594b58bd16fc109672a901fd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\html\vue.js

MD5 f1fb103f167f23555157e0aaa57a683e
SHA1 2fa3db99f3b38b7abe255b2935a6fa217cfc8ce1
SHA256 2b74f1358dc139e71c2132bba19c3b2058f5f8a250017b6343cf6b598dce0a2a
SHA512 f4784d26fb2fbb718e039efaf0872f2c786d5f9a64ec1a9b05eb07a5729c6da323c09805a12b06c6dd0e024e9e556349f11c1867a98066b3b20354ff20f67b5d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\html\popup.js

MD5 798447288c6661bfb9379fc93b4a5e24
SHA1 6b4c847a5286f735564b99587140d68f14a937da
SHA256 b9de988f5e57801b051e1199dc556793e0e4caf6fd1c0ec3a0b62a6e3554c2e8
SHA512 33b1cfa03001e869aa8b2aa85b2fdbb52ee8cfd4ce4bdae9d719fa6fef81883d320534998be2233901f60d48e5890f3d2fbe67377bca7144ea0115433438e975

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\html\popup.html

MD5 3b9c1e382e86b3dcc929ac8a9ed97bcc
SHA1 bbe20c8d71eb65beaf4610778ad3d6282ea73f3c
SHA256 e67d45f38c67794187849c97d55a6277744cb9d55b7b3667a3610886d070baee
SHA512 ddbc65201c34da957b000968c7d8739d8b3b49790a00ab99e33a533021d8df1692cf18ad7d00d32f4c5855e49aaab2ea57f28247103bc79f6249febcc31dc6aa

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\html\popup.css

MD5 782fc247adb23da996f0e8dea81af623
SHA1 79080b7175e34c7c9ca7c309dc37bb5686ca5a42
SHA256 f277fb6a39b77e23498c6687163512e5af4545246dccc9842025c3ce9122f9ef
SHA512 eb67f0a6ec9862d077712b83e7a4977e8c4262b8d52fd7d4ec214e70bdc7f65e0503e5f4319bdc4e3d47080adb7bad2b96d702408590e0a3d3202b93c9864c44

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\roboto-latin-ext-700.woff2

MD5 6f4d4a8899ee0298db1717070ae4761e
SHA1 44f0f6b77e5ab005e6f74c4ec65dc7600503b4e2
SHA256 cc3dceb979b73443783e4e0837a1609009cbb7f6c31683b5171bc9a930f7d7ad
SHA512 9a53e083804c3d53a95337f07832e9c59b14f2a4974fa11074cf04ec427bd19be7eac368d27ad30ef1bc7aaa4e2dd5a19e3f27e45fa4dbb10a368356a60d0ac5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\roboto-latin-ext-500.woff2

MD5 16aedbf057fbb3da342211de2d071f11
SHA1 fdee07631b40b264208caa8714faaa5b991d987b
SHA256 7566a2f09ff8534334b7a44f72a1afaba6bdbb782209be8804636ee8b963c75f
SHA512 5cd45dfb0d0ee44afd9b3ffd93c2942c2f04e359d067d4631edd67a2ee09149766294b29c75aaab7436dacc775a8ca02392c5e4cfb8d7fede19c028448507e0e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\roboto-latin-ext-400.woff2

MD5 15d8ede0a816bc7a9838207747c6620c
SHA1 f6e2e75f1277c66e282553ae6a22661e51f472b8
SHA256 dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
SHA512 39c75f8e0939275a69f8d30e7f91d7ca06af19240567fb50e441a0d2594b73b6a390d11033afb63d68c86c89f4e4bf39b3aca131b30f640d21101dc414e42c97

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\roboto-cyrillic-ext-700.woff2

MD5 06c49c7c2354ea523af5292b6ecd46c3
SHA1 1f51dd04b8d154380f7c88da41f87d2d97840068
SHA256 2011916ba0b8389cd420f0c9045f5e9fdbd841bad7e0916173ea139ce8b134d1
SHA512 4ca28ce43b1b830b4deb15fa41326903b5c43947a768bf6744f5f13898e7b681eb67596e375ed20a5580c946e898cf6eba977e62a263745543785d996bfab57a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\roboto-cyrillic-ext-500.woff2

MD5 79c7e3f902d990d3b5e74e43feb5f623
SHA1 44aae0f53f6fc0f1730acbfdf4159684911b8626
SHA256 2236e56f735d25696957657f099459d73303b9501cc39bbd059c20849c5bedff
SHA512 3a25882c7f3f90a7aa89ecab74a4be2fddfb304f65627b590340be44807c5c5e3826df63808c7cd06daa3420a94090249321a1e035b1cd223a15010c510518df

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\roboto-cyrillic-ext-400.woff2

MD5 e3836d1191745d29137bfe16e4e4a2c2
SHA1 4dc8845d97df9cb627d9e6fdd49be1ef9eb9a69c
SHA256 98eec6c6fa4dcd4825e48eff334451979afc23cd085aea2d45b04dc1259079dd
SHA512 9e9ec420cf75bf47a21e59a822e01dc89dcf97eec3cc117c54ce51923c9a6f2c462355db1bc20cdf665ef4a5b40ffcfa9c8cee05bb5e112c380038bfef29c397

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\MierB03-SubsetLatinA-Regular.woff2

MD5 267056467184d5f07f4dbac8f0545d6f
SHA1 fa23a399d8cfa79e6f1f45667a61952d6543fb75
SHA256 0b03d661daa30296a3ff0f57879c993a9d9eb4c3ca6338a1ea690b2d2854adcd
SHA512 1655448a1d2465bb47291fa334060061e1da4515b171a09379e1de9d053cc36a5efd01b0edec2833cb34c8571663252f82214293dac5d2a81eb75e95095c1013

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\MierB03-SubsetLatinA-ExtraBold.woff2

MD5 1ab8f43be6e17bffaf8c91032d4209c9
SHA1 f80e500fdc46d373025cf968eaacc9bd9b190eac
SHA256 a823e9baff2fda57ac9dd1498ac6eb5d922295d79c56671af3f3c238a9b0a99e
SHA512 5da472f58060dfefea77f4a3c25e86875563af095d84a4aaa0678b59bb1f464349ab9d35f8addec9dec7b50a54e0832ff789ed0ffd1731410346b42c83b5688b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\MierB03-SubsetLatinA-Bold.woff2

MD5 d77e00797e8e19f0a5bbb7ece8036f1f
SHA1 2072ea9e9c63cee1e2e68dde7c40149132636c5d
SHA256 bbff811a1b612f540264a2c22f981231463387b4d9a9e6b136f9a0a2d4e71e66
SHA512 33ef11b8a9bf1e9f763f935730f2c5cb15839f736b4c839a7169473398750dd7c4395a72ead263e920e91a8b6141445257f16930965ba54382f1807b9cfe3809

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\MierB03-SubsetCyr-Regular.woff2

MD5 0a5a64b6f8df82e569e5edfbebbc8814
SHA1 fc05c24d2b4d33e580408db49b6f962bdd785309
SHA256 8a3333fc183795c170dd7c454df29726a6e9e5a129719d69553424330c4f0cc5
SHA512 f10ef01b6470865b83af359d146d5ed7d5d5c4b3c3e25bf669dfb726b460bd31941ec9926af23a32b85aa48dab5607453027afe0df107454b56a48dd1b58a760

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\MierB03-SubsetCyr-ExtraBold.woff2

MD5 e9b72d32dfd54c1200b7bd3283f07591
SHA1 cdcfbcc2907262f750f12f5e02a523ae75ce634e
SHA256 c458dc2e7d9c422924dbccc56f273ed5bec1375d18bb3c86cd793fed99fd554a
SHA512 57721047823aa69c4d2bec628fc6aee6dd3e89c8ce98ac8391c9dc9b9b3b2c18ecf07d70c784ab7a16eb898d4699e751c273d7794fd9a70c8e85c3616edeb475

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\font\MierB03-SubsetCyr-Bold.woff2

MD5 c7316ec6ba0f1d277f6612ec3f2feb7d
SHA1 dfb2758a210febd9f774c36ad4ea0554c472612e
SHA256 9756fea3027d1e3645dc9090926b4776c0f965470ceb5729f3eb77c3ad28b249
SHA512 09d25338681ad5c652f584ab279d78efd9a72d05ff0c00f95effa10d2804407456ec2f26ab2eb77149347f71536c7369bc41d496cd230d93f8a13ea99c32cd9d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\zh_TW\messages.json

MD5 67c32efc1212bc6671e5801dc472cc80
SHA1 95a09102b1fe55952bc440ab2dd3033e16fa5cf6
SHA256 0d7daa9afbfc8d5d394c67073bd406b09e8d1d42f78266fe7239adc2264607c4
SHA512 fe94280296a166bb02c2150d3621af7cb293f268f5cf178a251251bb99f0b95ef2240172139bdda2ecddfbd9a8bea7c41b8355ee5f0a531d24f577196a020233

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\vi\messages.json

MD5 ce6fad5c2deb454079d7068e34ea1040
SHA1 cf398ca483384517e990d62a961b046e8f949307
SHA256 7dbe08c3f61fa1e7bf61c48954e72210a28c326ce7a0cecc811e0d0cb6c75acf
SHA512 631b700940635aa427f7952a779e7997a13de36c5702d70ea362d5ae4333a341fd49df164812a398f25589fa3f0bdc033e68347b381b296c6a16e511562ba4aa

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\tr\messages.json

MD5 985092954c99936eec046bb46ba51531
SHA1 02f9260d9aaa9e9315010d1549144eed21d585f2
SHA256 c317453bdabcaa91024f10c49f25d02da834b4ca341f3666bd03b366e24241d5
SHA512 cd27e892a9e937981ea2f6b4f5218fb2d17b83ff164f87c7ebd6564227e5a0f34df4bb8f371cc1cb83b72cdfc8eb571f82a6d39f35e296a12790918d27d89ed3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\th\messages.json

MD5 e86af8e70d233ff183a0073583b6cebd
SHA1 ac86a327d9ad77a3e994809627867c7f90d58aa6
SHA256 ba62a41d69a71a1bb796cc6a29ff2d1b61042fd0b1802b9bed69f5ab3c658d51
SHA512 f203ec51d92831dd064f5085eca1ccea17e3b90d1eeeae0ccc012929bcf8d66043755196a25652562ebbf65327fdcb3e4628c1325dc363ad864279a2b86a66d5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\sv\messages.json

MD5 df1def6a4cd4d0a23146b67202a56e90
SHA1 30c36563a0e13b9acdbb0dcab94d095c2fc67e54
SHA256 96e0345f610776d6a3088b77c9e190e4d07cf6d4bafc0014db132791ba73014e
SHA512 0c9921e178ac43f131501314e8ad333fc0a39c28d196cee6fe4a56f1d07ad5e7ba258aefe9341e54229126c96a5f919f72c968eb87c14e117a9290f0a1cf8357

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\sk\messages.json

MD5 d40f695b35d3d75b565b3b88b478def2
SHA1 000176b5347483b2824c9492bee65227c4053667
SHA256 e8878e8f25ea36151389dea78fc3ede6e4abba40c70a316b4ece17d0ad508cfd
SHA512 595c856e03b942e3acf07e07b3d39b19fc162d9ac7daf3ed14b1ae30ae36b51b0d701f208a3ede0af95ad2c00d6f93393bb19636449e2476ca261bed4daf6a18

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\ru\messages.json

MD5 3c251c62a7d3c97316da0cd85b3604c6
SHA1 85421fbe98ec1ca900792614b5e047dbd12ebe7c
SHA256 0dbe785f531b6d1bfe0778dfa2e7a8c9c9ace22d242bf0026589116bcf8fa76e
SHA512 dff4be59ba15cfeb03d83bb8e6c7fc402bb3df4296b59b5f0f9aef5713546593314901f4163adce21e0b2ec819c96cba2801994e55b96a58a10df35e65f19261

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\pt_PT\messages.json

MD5 eff02f762e9c10ab6ab2bfe2dc88a3bc
SHA1 7329163202e19d6d5caf5a5abd831e9a26cde910
SHA256 8c39cb2c9c7e33d6eedd8ec8880ada7b090af064f7365a7333fc4da5ea55b6ae
SHA512 2f741c798e6a8ae19a69bd7fe10213786781b216170c76cfcce085d1f89b64bb7b1f43853486b4f176dfa6dbe0e9a18707a5c5321eea5aaf75d499a25d6aa676

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\pt_BR\messages.json

MD5 f2b921577db81defa65bf45d0174a9b2
SHA1 a37b3716b925c52983a8c52070c5fc9d53cfde2f
SHA256 e8e7c52bd2377c4b616ca3236a5e0cc3ee962a6f9b80c26bda6864ef1076813a
SHA512 d981974da96d684a373ce868d2a891c91257ae147ee971c54ddd3d649a9ccdd283d08a96669e18b66ef729094aaf085de86d9a9531cf18d0e64d0d0c521bc692

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\pl\messages.json

MD5 562c30c979a26627b8e0161754ad7ade
SHA1 835c2f21e91a975f53bc3cc508c3b158f327b009
SHA256 fbb36232d35e4276ff90c1e31db6b7808b59a8fe7800c98134fc58c4a525bdc6
SHA512 30d130d46d650216a363d32a7b7cbc5def7220c2654cc9cc20f246d6b90d6ab90b59a3f3a4bf0735af82317b05ee5bf04603a9bb57360d89293dbeceec8436a4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\nl\messages.json

MD5 248689017004a3b476b2ebe72bbd34fe
SHA1 8af002c53875811267c4458cb7707c54c1354c74
SHA256 9f3a8803b10912707529566085372e9a4a0ae9be8e1f3bc22466da23e427c823
SHA512 ccf74b229b18551f0de8669765d33342e3a4e475210bef1e1067a118cbc37e1e4d28521891819d4a462210c2dcfc985457c4a68bd60646814bbb93ddf47592ca

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\nb\messages.json

MD5 907c79684f718c1826ad34aff99c2ea6
SHA1 2d6f01657022fb0e88f78a31c436b846f45c9840
SHA256 0caaddd9b0fbbaae3c856afabad9c34dba7a8e8071d3dba0229c81cd67540b99
SHA512 5dbe87fd977fb219376f27fb4b362b4373c39ed24f0d933dabe2fa23e7b0c690068e78d0fd1600d07be3b78938d4ba791b925b64f6e9e805615a37644f4ce23f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\ko\messages.json

MD5 b8a192e128ad53f6787070b9286e7f5b
SHA1 199669c8ee43dc22317974df4bfe090d768f98f5
SHA256 28acd9ce6d0e7a6f0091a83c1dc4a5a159a00f6bebbb320db0c1d72d1ff2b06c
SHA512 cb12875709564c1b4f79d0fcee5d1da12f2359444edbe14ab1d2a850aa1d5a3d086f98a4a5c27119c19604f23f4ca0089fb3cad711b8d27e68c2e9ca6533b57d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\ja\messages.json

MD5 eedd0fbfa6fa3de0e68237565a241e0b
SHA1 b12508f38f2a6515f28d61de5e508e861ad097a7
SHA256 59bdf5cd690d4454cfa7d5db2aa17fdc382b246fa6df945c963d6fbd34452ae3
SHA512 eb697fca136169159724e8a3bdfa459afd233e7d2d80ef710520ec03268d22c00e1e070a7d57e71e102110faf08e2c9eafbc36bac522e0e3e1efd6ce12b2d734

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\it\messages.json

MD5 a5b05aef225b096c2aabcd53a7df34b8
SHA1 36797d170ca6901e8cdc83d6494789f618db3a4a
SHA256 11970db4a651dbff5cceda498b583ad8a41f1a04c10c182a603963a446c66be4
SHA512 4850d96c05e9c6e14a66e64cdbadf17ea6ce796c8774a435563bdf0c32b72ace9ba25f7f94a2c8a6be07e314f6fbfc2808362447123130e7180f48f6231aeba9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\hu\messages.json

MD5 925d1b1ed73ed352dd09ec4ecda77a78
SHA1 dc9683cc8d3ec309827b52051d087f8b2cd35049
SHA256 5b3c2bb90bd6ef7920e18a980ef4b558414b4faef9c84a84fea9b0422b31ea41
SHA512 79ba8e17b0a864754d70a7ea235c8e5cf8bc7c8d900420f4de8686bdee998ebffb607f9fb2764d92664d938eb95a952821c69efe7cf27d6b71ff249318d8e284

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\fr\messages.json

MD5 68321003618b71f75434b67427a3b94e
SHA1 71f7253d70d3b9f41d28c588978eb3c44db0a3fb
SHA256 964f8dfebe5acfbdc2f5c848d9db4c79c1618e05cb5a94374e02834526b47c21
SHA512 e47669146739ea52ac281f8544e147b15022140b09aed6ace324a7456612b3a52226e2de011e1b9335d827aa49ddf87a9165529363920ecdad9931b502746e19

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\fi\messages.json

MD5 77417fd8ef764c89c0f1921279c55fc8
SHA1 01ba1549f6903bb827b4c4bbf4d101780d6ff1b5
SHA256 bf77fad5e601c2df5242ca6b415670ea07f15c077f39425a707977fea03fa97c
SHA512 dcf017215bea7ea518220da88045dbeb8ac3559f11370273e9a13f2e81b1ea49b3ef4b9be947bcc9d66e8b5c0c70409fab3f395ed3687cb2ddbd1d40d39088fd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\es\messages.json

MD5 e43aac171b1433fbb8c33cdfcf933742
SHA1 b551891e937cb4a7e96a39261ed6f89e5b4ff5c2
SHA256 bc5c96f3feb3a0fc5dde5faedfa57d6fe89a35de722035b97cdddf00b36d917e
SHA512 fcc9d8852f1dcb34d662a74a75ed9cdb2c759f29927e0872936c06a2f2f108611929ed09152e5808ded54b4e9c69ae3ed1619f9251a7e18a7bf38637d03f3d78

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\el\messages.json

MD5 f026f6266cbcf477dc34c42fc564ddbd
SHA1 00b1adfe2e83e92df03c8a7b2ea829b8a65a2a44
SHA256 44807bd8b73ffc870cebf375e6aa98a04c23016366651be0ed339adba1cde8c2
SHA512 bd3a2de2eefa3d830d08f08730f8af05b1d49de9113e46fdee6d2a1ebc196219a1c3a19cce3ac9590c026e79a9adb78ab9f556131803a04d558ed69b04443ab3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\de\messages.json

MD5 4141fb860baabcf381e5f461440e2a27
SHA1 b9044f6449599dc4cc3f28a7feddd1f0a2848873
SHA256 579b46ece6e5670e8c42f50ff78de08792b771a34d9a2580bed552ddf6498adb
SHA512 6e38bb76bd94ac84f73b8dfd1c7977eebe4da40919968ea6b12375c4b0c96b8f46e0ca5848d46e247c3184aad0cf9806f2a523c8405ede71b3b3908614b630db

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\da\messages.json

MD5 976ae09d5d11de200248cce4e809e98e
SHA1 be0060d97ae350be49522f6e0acca99e53433ca1
SHA256 c954311802339663722c40c2390468a94eb9c369081d805d1c136f33c5530175
SHA512 8f79e904e2f130966d830ab4a056917f8e0e5c1d89b86016ce336f9e2773415580728cf2040e68f1b7a6f19a92fc51471c7d170aa624d482d9e6d974bc103e15

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\cs\messages.json

MD5 9e3a9adedfdbf2599648f99a7d2aefa2
SHA1 0ddbcbba3d65779c6a5ff496faa824486786f537
SHA256 a14bb520f1d28310901b99958f9fe0d33b05955f89292db8059a0233394fe328
SHA512 6518700757873ddcd60d634768681a3cfa55e7ee94cb6e7601fe482143e4321962f9feb1e1e262e16cfdfdd4d5f8b53955641ba613e042d1ccd49ef25f98a0b3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\zh_CN\messages.json

MD5 dcac9cc2b21998f042a784df0c000022
SHA1 58ade31baf59e0a0ddd09ca0023528f9b68600cf
SHA256 8af62c67e76fb7e7dd935a4edff8b571a80c537cafcd5129fff1c38e08e1cbfe
SHA512 460868cacfa06281a5cce8fd06cc0bf66eb747a165c5ce5c05168834bc1a02baa4720e16c0b53a0389e289a598b44ed40f41fadff51eae3147b6d0d0c73a34e6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\ca\messages.json

MD5 152d01fe6e6c6ea944d6b874c8c269a6
SHA1 8c638556e7dadde247a6af6d0900b9bcdfa87436
SHA256 e5e699508a865400a56596f5932bf8262cde12f2f71104df45b16359ba487cc2
SHA512 6bc78bc77428387f78a7eca384ad277fb9ce2ca98409d5a0f80604cef2b22c676865c2a2aed1b778296d7cafe40c572b0337fec18afba65c6ef873a60e476b62

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\ar\messages.json

MD5 328fb4352227c29dca69a85a0d302cea
SHA1 c3fc97982b9ae598cdfe3ab907ee14f9c59fa8c9
SHA256 10f3f5d10f2361a822a746e934692fd5399243c192d4dc3d47a5d4062101ef2e
SHA512 86a1b6e9f6db4e58a5b07b42cb6ef31d19473549a2b8267501bacc2cbf21e55b0ea1a4668c318f4332b7d47a1a66f1c304adf9fe43766970cac04702489fca46

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\bg\messages.json

MD5 f0ec2895c437a41892b6f5d7d196b341
SHA1 deccdd1df628139b76e0d46c9054e358d8a060f7
SHA256 9bd26e76c609fd409287b4fee4ad3e48530c209b428bc4d116137373cba00a47
SHA512 d73c234661294381323eb29e8e71c359df0125347331da73dc1a06a26b11039a84061742be3bc4fc07e66e8fd262ce1f921a807b69897db97f3f77bf135ab86d

C:\Users\Admin\AppData\Local\Temp\6fc3bdf5-00a0-4f2a-9c51-f24bad968d60.tmp

MD5 23905ea78979b66c6d307de1ba55cea8
SHA1 73c187582cf3a843367751b565180dbdd88498fd
SHA256 d3e2dd4dc06d3f0feeeb44ca24cd60d076931ff6c0ac1692b509f40f58d8595a
SHA512 a32f59e91c5be60eb032f33a5ff799e125143e9da4d93ae0b57abdd80b778ff0001ea28d553a947560b54b9d214ac96e5d0ce98d36d655b26f1b6d4ec64dbeae

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 c02483f57eace6edd48947e58f9dae66
SHA1 02cc58b45166e2be3f63b93afdf7c641524e0f3d
SHA256 9dbda00c2380378508d7d895200e312f74c73c49c356245cd1fced3d78e912f7
SHA512 7ee508005691f49c0250025242e6c786138f53a6128abf260226cfb7956a080685703479a4c20e9a0ccf624d7562984b5e5185e253b470d9e63a38aef808eb91

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe583fa4.TMP

MD5 d4ca2ca7fb98b37e2938de067dc56aef
SHA1 65bc43a6fb9303218a02ee9fca09f5ab0bc093ea
SHA256 22e284a5639ec2af065eb0ffcdb1e73c5e898e415fbf51c53c88b907d25f387c
SHA512 dfe1f35b0a736ea60f78dc9560ea809865187158738a0b79204b4639bfe138a5811dcd2e138881975525a726092f254a54bbf5db68da74012aeb8dd7e9d4e5a2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 72d3e5adc6216a40bd3141215fc91929
SHA1 a0bd35ab65bfd55b66bbb0c0f74dcd54141733d1
SHA256 0a526239780bd6ee8dc8b4e2bf7433fc97640833d500052c9f918774190dbe2e
SHA512 b45241c465bef9691445bf0f25ab309e0a507601daab8767a1471f0503a2013c3e2e54d10319f78dfa76ac6ff41f524d7b35df63611badb709866295f8b37ba4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences

MD5 b816a79fdf80c720bbe7bbbfdc8b7e4f
SHA1 d1bf02e553873b645d17d17cbd38c449e5d41c51
SHA256 2db329b77924a7a43b1b9e1dc7f86bc1a695b503afcde3f0736fb9c98a048786
SHA512 5f6c4d9f0053cd2e20c6a09a95b28e4bc1fbd9eb3df9db065e48fca1167610f18b2215165ba21bbad9d23790ac3c0f1b1aa6534680b9105725a6d0b753ed94cd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Secure Preferences

MD5 2f597e0275c0b75512ade44fff1e8837
SHA1 0346cbf0c93fc7b29cb89cdb5ab060bfe45a9a98
SHA256 d24c40b43555a6f4802e68e9dc72e5ef16836e8688cc27ee9b774ce0d4be84aa
SHA512 839906e21c010aa740d15d61cf8ab2013f85c311d7468d0f82deefca80e7d8a13ab0aa28b3886d7a3e735400d2d599ba46a6952bad54807c51c521273132d2ae

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State

MD5 ce774ccae0ad8bf08d1837fa4b738e17
SHA1 a70ef4c691bc35739252e621e12b5eaa08a61174
SHA256 5041f8477404771bfb227606c32d942c99715481cbf8e3c967d44a2ef0992f8f
SHA512 63e758600979b3ba70ba490bbc8cd6840695f5c1bc2ec77b9ae104781e5d5ec99ffeb77be0adf2f97c0d0258c9f965e272e41e7c49d6929b178a0161d6f26884

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\Network Persistent State

MD5 d8a39709ba64fcf3f82fceb0a90e80bb
SHA1 7fdc4812e7808325e584d572ba333caeef55671d
SHA256 097ea7d169fccbba7409408a4853b2662ecd51be4ccb818315e6313997f62915
SHA512 c08735e960732e6ef6ce0a62fd9e292a648bfb4a6f9eb978ff94c7446e5fa76a107eb3dd9a8a86f1e1da9307b2fb536b98c25bd0f762012b2467b05e3abe3f95

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Bookmarks

MD5 04808a31a3bba7554ec9cbb617f4390e
SHA1 dea4b906623752c947d5b71e3821b36940c47bb9
SHA256 3ed9a6da27c0ff562b8a78724bc2b2e29021656fdd2bbaad39ce91414b8c2f01
SHA512 95a15acb0aca897d4fe8833069cabeed92b7e96031b5b86998588352a359705d0147aca0ade5243050f247189b01e8582b7ce6484cee5cf727b32bc29eead8db

C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AVG Secure Browser.lnk

MD5 a76ad1be954f73c54e521c272300f629
SHA1 dd296ec5126bc2bf0d2ecfbf0af505148aab9d02
SHA256 a0f3db3863a2c7a5dc598b05d85f65642dbbd7333933a6ea72cf7edff1b40882
SHA512 5d4aaa20d1af620b8967acf18efc927cb0f416906877554ac3e8b025535f10c9e4473de5baa5a61697532d5de024459d62ac9bc482314cfb3df467458bf4cfd1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad\settings.dat

MD5 791de535076e25b572671ac9d2960106
SHA1 e9727adb9b10066896afbf24d5485aeab931ab94
SHA256 387aa9bc4f8f560ceb7e86c6b980fbf6364a8a182470482dcc64f2e7f2479048
SHA512 1feb28337088f24443f5427d2f6f5adcbf1bb1ec34edb45039162b339f505e6eea1ba42a0383df9953ba9d5c861bd4ea038d4e2f6b94aaafeeb31092ecba4207

C:\Users\Admin\AppData\Local\Temp\nsg4A2A.tmp\AccessControl.dll

MD5 c36eb8336b91d277dfa8575eb00d6364
SHA1 9ec81b49e7675548449e010950bc50bff7cbc960
SHA256 4336e05960fee8c775b343209911f14acbfdde1e8d5aa9d1f0ea680fb4407307
SHA512 0abe6e367d1c934fec8a89617b5fbfea5ab7f8e557ada7a667aedb495f637c8782a2f4723c2d68b9edae4f426deb5bbc0536f643fc65ecc2cd33295078474394

C:\Users\Admin\AppData\Local\Temp\nsc3EE0.tmp\sciterui.dll

MD5 f40c5626532c77b9b4a6bb384db48bbe
SHA1 d3124b356f6495288fc7ff1785b1932636ba92d3
SHA256 e6d594047deecb0f3d49898475084d286072b6e3e4a30eb9d0d03e9b3228d60f
SHA512 8eabf1f5f6561a587026a30258c959a6b3aa4fa2a2d5a993fcd7069bff21b1c25a648feea0ac5896adcf57414308644ac48a4ff4bdc3a5d6e6b91bc735dc1056

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State

MD5 52010afd9dfde9b6fa62015485e8ab7c
SHA1 94e3b1b8c4edbc2ca4cbe1b570c403f035774679
SHA256 8ccabb4674d807f722829c47f98a609ebcc530876af83fb4820fabcd13abf900
SHA512 e16b6d5fe28faa5041f8c7a1da95fc0bc21d61b030cc7c0d32cc128bc732e22dda49c7e4f27129abfbbab5b0cb93280833e5b7f954a1cd734ffe3b0ba50c2f64

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences

MD5 d71e0a55cabe42332833d204cebacd94
SHA1 aa1ea06b1a444fadeac6791f2bd632fdfc49e1cc
SHA256 ce44d5b76ccd80a8b0241ff15dbc8f5b69be851c520667f119a4ea41af532666
SHA512 8803a0f317324ef0c9f90d53a552892ff9d1c11967bad9aa5104abdd8969870ca6d4644f674a948c288cb4da920d689d8df8220b3074fdbe91ae11c05d4302e5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Secure Preferences

MD5 1f4e7e06d252875a2ac2e37d8b7f3a1a
SHA1 a453c45eda90f27b9daa8605f54b089dcb1200fd
SHA256 75baaea0f750e63c0e4dfe808149262fd5a4ed9f6844e982bd9b6311ae489cba
SHA512 0ca3f4585fa918762eaf6f4d78bf0d80b057a2f067d195e33d9bd3e01501751d66ecad576ac24724b7fbf4f7a26421271a65c706a2b795d449229030699fbb86

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\TransportSecurity

MD5 65282b738577a00c9d2ad7168218d7e9
SHA1 8ce17a53f03a8d185156f355f306dc3166ab90ba
SHA256 cb218dc8592ac8c8a68e90180a040e6bafd38a718377893fb2b7b2a1a988c522
SHA512 69e9d79b087a09d6fdc58016905589e3f42c127579fe890a284076891f2ae348233e4bdfa805dcc822adaa6db415703a58a1943ed4f655ae5998901cb940a6b8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d96ad6c997ca866b2871ce9037e21ddc
SHA1 f724073bb6a50af969a09e28040a5f790ecdd0a3
SHA256 cb7dd15620822cf4f07df62fd311f98f7616e15a38bfb9240a800359bd23a315
SHA512 3987c9edeca21cb05068c5e4428d4bd9b10e246306cc5b6241c5fb69f43c30182cbea82477789ee11c8d6b0fbbf0e9254184ccbc2cf3ef3f5777b4b7653afe60

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 cff0b657416fb782493e1383b2455981
SHA1 76cf1a4cc0e2a0beff08225e973e10ef6b49cb2b
SHA256 396156c6f56d349a069f57e41c9aa3e69681fe788b212c575886fc1d51e10581
SHA512 c27b1b0c8dde182ac2c56f30cf3ca33546212967903f26f2c05ba14fe7e75c23d5597bf289b40ab2a23bd3a2b54405a9b4eb39393e1f45535a31a541262c5cba

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\Network Persistent State

MD5 cf5b1c6c29a0baec7e15ff4e155af726
SHA1 8e0dc60d5aa24d0264fac6fd96cf5168acc3f03a
SHA256 4992191769a472b841ef472bac0ec4cc61c63a2f5d8396693d0094304ce89d11
SHA512 331e26eb388d7731302d224264ebb5811634e40bf27fdf09aea939d08a15a45c8e877d54d749d486b6008405fe2a8881be58f46b24b2941af87c16d75e1fa132

C:\Program Files\chrome_Unpacker_BeginUnzipping6872_2085923162\crl-set

MD5 c80fc5373bf46716dffe60c4ad1b2e35
SHA1 d86e2fcf4fd2d8ed67700720938d5c89a449379c
SHA256 0e30d824b78921687c17c4cb075cc8189b9e4fa83484fd6a8df34f0133a713a3
SHA512 9737f46b1f56ab96fbc3a3eceeb6a4f833584f1440a7815d8cce31098ebd86973f12189cd4c4d8690074a1eed7ef6410c2621b2a25ed6d35ddc7d0c079f13bfe

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\CertificateRevocation\8814\manifest.json

MD5 fc64ca08848969ccd74309018566d6c6
SHA1 8971f2753075b0942e2e3b913053bb9777f68086
SHA256 8ae6e4a93192a7ab3a441d56a9dcbca3454bf7e3caec98ed7332c82e9d071af3
SHA512 4b7f6e4dc6cf677e1cd4a5e43f6119a33842031e2fc7c214db7533ea250201855e6fb08bc3d9a6054fc18c5806ba93db086292d96630327931e0f1d7c8822a55

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win7-20231129-en

Max time kernel

118s

Max time network

123s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1

Signatures

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1664 -s 228

Network

N/A

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win10v2004-20240508-en

Max time kernel

134s

Max time network

103s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1

Signatures

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\rundll32.exe

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1412 wrote to memory of 1520 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 1412 wrote to memory of 1520 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 1412 wrote to memory of 1520 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 1520 -ip 1520

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1520 -s 632

Network

Country Destination Domain Proto
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 43.56.20.217.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win10v2004-20240426-en

Max time kernel

149s

Max time network

152s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsJSON.dll,#1

Signatures

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\rundll32.exe

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1724 wrote to memory of 632 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 1724 wrote to memory of 632 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 1724 wrote to memory of 632 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsJSON.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsJSON.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 632 -ip 632

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 632 -s 620

Network

Country Destination Domain Proto
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 27.173.189.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win10v2004-20240508-en

Max time kernel

149s

Max time network

156s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$_106_.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$_106_.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
NL 23.62.61.129:443 www.bing.com tcp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
NL 23.62.61.129:443 www.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 129.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 45.56.20.217.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 104.193.132.51.in-addr.arpa udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win7-20240221-en

Max time kernel

121s

Max time network

122s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1

Signatures

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2584 -s 240

Network

N/A

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win10v2004-20240508-en

Max time kernel

92s

Max time network

94s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1

Signatures

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\rundll32.exe

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2428 wrote to memory of 2416 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 2428 wrote to memory of 2416 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 2428 wrote to memory of 2416 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2416 -ip 2416

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2416 -s 672

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win7-20240221-en

Max time kernel

121s

Max time network

123s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Midex.dll,#1

Signatures

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Windows\SysWOW64\rundll32.exe N/A

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\rundll32.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Midex.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Midex.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1804 -s 220

Network

N/A

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win10v2004-20240508-en

Max time kernel

134s

Max time network

124s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Midex.dll,#1

Signatures

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Windows\SysWOW64\rundll32.exe N/A

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\rundll32.exe

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3392 wrote to memory of 2172 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 3392 wrote to memory of 2172 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 3392 wrote to memory of 2172 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Midex.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Midex.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 2172 -ip 2172

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2172 -s 600

Network

Country Destination Domain Proto
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 100.58.20.217.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 31.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win7-20240508-en

Max time kernel

119s

Max time network

120s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsJSON.dll,#1

Signatures

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsJSON.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsJSON.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1216 -s 228

Network

N/A

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-06-04 01:06

Reported

2024-06-04 01:09

Platform

win7-20240220-en

Max time kernel

117s

Max time network

118s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$_106_.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$_106_.dll,#1

Network

N/A

Files

N/A