Analysis Overview
SHA256
20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2
Threat Level: Likely malicious
The file 20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe was found to be: Likely malicious.
Malicious Activity Summary
Modifies Installed Components in the registry
Downloads MZ/PE file
Sets file execution options in registry
Reads user/profile data of web browsers
Loads dropped DLL
Executes dropped EXE
Checks computer location settings
Checks BIOS information in registry
Registers COM server for autorun
Adds Run key to start application
Checks installed software on the system
Checks for any installed AV software in registry
Writes to the Master Boot Record (MBR)
Checks whether UAC is enabled
Checks system information in the registry
Drops file in Program Files directory
Enumerates physical storage devices
Program crash
Unsigned PE
Modifies data under HKEY_USERS
Uses Task Scheduler COM API
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Checks SCSI registry key(s)
Modifies system certificate store
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-04 15:21
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral11
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win7-20240508-en
Max time kernel
117s
Max time network
118s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$_106_.dll,#1
Network
Files
Analysis: behavioral12
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win10v2004-20240508-en
Max time kernel
133s
Max time network
126s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$_106_.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 144.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| BE | 88.221.83.241:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win10v2004-20240508-en
Max time kernel
136s
Max time network
129s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 228 wrote to memory of 2516 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 228 wrote to memory of 2516 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 228 wrote to memory of 2516 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2516 -ip 2516
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2516 -s 676
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4252,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=4400 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.56.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| BE | 88.221.83.232:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 232.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.242.123.52.in-addr.arpa | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win7-20240508-en
Max time kernel
119s
Max time network
119s
Command Line
Signatures
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Windows\SysWOW64\rundll32.exe | N/A |
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Midex.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Midex.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1932 -s 220
Network
Files
Analysis: behavioral9
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win7-20240221-en
Max time kernel
119s
Max time network
120s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsJSON.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsJSON.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2084 -s 228
Network
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win7-20240221-en
Max time kernel
119s
Max time network
120s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2932 -s 228
Network
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win10v2004-20240508-en
Max time kernel
134s
Max time network
126s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1052 wrote to memory of 1172 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 1052 wrote to memory of 1172 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 1052 wrote to memory of 1172 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1172 -ip 1172
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1172 -s 632
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| BE | 2.17.107.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
Files
Analysis: behavioral10
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win10v2004-20240508-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 3580 wrote to memory of 2260 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 3580 wrote to memory of 2260 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 3580 wrote to memory of 2260 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsJSON.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsJSON.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2260 -ip 2260
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2260 -s 620
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| BE | 2.17.107.128:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 128.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| BE | 2.17.107.128:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.239.69.13.in-addr.arpa | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win7-20231129-en
Max time kernel
150s
Max time network
151s
Command Line
Signatures
Downloads MZ/PE file
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
Checks for any installed AV software in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_bn.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_no.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ca.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_es.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_hr.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_pl.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File opened for modification | C:\Program Files (x86)\GUM2CEA.tmp\@PaxHeader | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdate.exe | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_bg.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_fi.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ko.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_es.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_pt-BR.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_el.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_sk.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_tr.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_en.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ml.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\psmachine.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\acuapi_64.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_sw.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdateWebPlugin.exe | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\psuser.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_en-GB.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_iw.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_iw.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_no.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_sr.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_th.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateBroker.exe | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\psuser_64.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_hu.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_it.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_ja.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\psmachine.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_sw.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ro.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_id.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdateBroker.exe | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\acuapi_64.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_vi.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_pt-BR.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\npAvgBrowserUpdate3.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_fr.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_th.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_uk.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdateSetup.exe | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_gu.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_zh-TW.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdateComRegisterShell64.exe | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdateCore.exe | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_pt-PT.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_ro.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ru.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_el.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_es-419.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_is.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_zh-CN.dll | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserCrashHandler64.exe | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_en.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_ta.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_zh-TW.dll | C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppName = "AVGBrowserUpdateWebPlugin.exe" | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\Policy = "3" | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077} | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppName = "AVGBrowserUpdateBroker.exe" | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\Policy = "3" | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498} | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AVG\Browser\Update | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\AVG\Browser\Update\MachineId = "000058d4b27a012b9e3e4541471e6c69" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\AVG\Browser\Update\devmode = "0" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\AVG\Browser\Update\endpoint = "update.avgbrowser.com" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\AVG\Browser\Update\hostprefix | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\ | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AVG | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AVG\Browser | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AVG\Browser\Update\ | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\AVG\Browser\Update\MachineIdDate = "20240604" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{59577BB5-F97B-4880-B785-510238C5C5CE} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVG.OneClickCtrl.9\ = "AVG Browser Plugin" | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C7E81D6-0463-485E-8DF5-2ADAD81FAF40}\NumMethods\ = "8" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{079CAB07-5001-4E71-9D5A-B412842E5178}\ = "IAppBundle" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B02B2F29-8637-4B78-892A-CFD7CCE793EC}\NumMethods\ = "4" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5CCD3788-C8CC-4EE9-8DF7-944B7D9674F2} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D37D106C-CDD2-4821-BC7A-F08990DDCA74} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A42B2494-93AE-44E1-B76D-BA8509A5167D}\ProgID\ = "AVGUpdate.Update3WebMachineFallback.1.0" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D37D106C-CDD2-4821-BC7A-F08990DDCA74}\ = "IGoogleUpdateCore" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C0BE1521-7935-42E6-B606-058A559910BA}\ = "IAppCommandWeb" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{925547A3-663F-4673-A7B7-3FCACCDC4879} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C7E81D6-0463-485E-8DF5-2ADAD81FAF40} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E21E991-301D-47FD-AB7A-99FBE864EF65} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C9E6B2FC-34C6-435F-BC66-1EA330DB1270}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{41A025DF-6171-460F-B9A1-29ECE33E754E}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C32E10AE-6600-4A1E-8BEA-EF89A3072F93}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{67F69D86-C3AA-4CBF-A536-C73B5D785FFC} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5CCD3788-C8CC-4EE9-8DF7-944B7D9674F2}\ = "IAppVersion" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ = "IAppBundleWeb" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{67F69D86-C3AA-4CBF-A536-C73B5D785FFC}\NumMethods\ = "6" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C8159E37-5EDF-4E6D-8E6D-E558E8DDC2A0}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{28E08968-59C8-4A77-BEBA-12C9394AE077}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640} | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C8159E37-5EDF-4E6D-8E6D-E558E8DDC2A0} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C7E81D6-0463-485E-8DF5-2ADAD81FAF40}\NumMethods\ = "8" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{45F7CBA5-258D-4852-AD0A-B18F3FB214F4}\ = "IBrowserHttpRequest2" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.CoreMachineClass.1\CLSID\ = "{23AE0B95-20F3-4632-A2AE-C3D706E1D5D9}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C7B73E65-20BA-407F-8A89-DF649EF82559}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E21E991-301D-47FD-AB7A-99FBE864EF65}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.OnDemandCOMClassMachine\CLSID | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ = "IAppBundleWeb" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6CEBE594-0680-4815-86E1-615A6BE65E0E}\ = "IJobObserver2" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.CredentialDialogMachine\CLSID | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A27F7BCA-118B-4330-9B07-9092E8F047E2}\InprocHandler32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E3700FAF-2DC2-4322-99B1-D6A51203AF77}\NumMethods\ = "4" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB785069-B832-4423-B813-47F7422BA6E5}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BAAD654E-4B50-4C9F-A261-CF29CF884478}\Elevation\IconReference = "@C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\goopdate.dll,-1004" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{40C1C1D3-AAEA-46EE-AA2B-79A2CC62F257} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\AVGBrowserUpdate.exe | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{633D953B-278A-4DAC-8E4B-D15296A1C845}\ProgID | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB785069-B832-4423-B813-47F7422BA6E5} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3A708F91-06A3-409E-83BC-4A5CF10C8025}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB785069-B832-4423-B813-47F7422BA6E5}\ = "ICoCreateAsync" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{925547A3-663F-4673-A7B7-3FCACCDC4879}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{41A025DF-6171-460F-B9A1-29ECE33E754E}\ = "IGoogleUpdate3" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.ProcessLauncher.1.0\CLSID\ = "{E37D9308-A3C0-4EC3-87C5-222235C974E3}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A42B2494-93AE-44E1-B76D-BA8509A5167D} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{633D953B-278A-4DAC-8E4B-D15296A1C845}\ProgID\ = "AVGUpdate.Update3WebSvc.1.0" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5CCD3788-C8CC-4EE9-8DF7-944B7D9674F2}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6CEBE594-0680-4815-86E1-615A6BE65E0E}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0C0BAA6C-52FD-4A3F-8731-F588C5E8F191}\ = "IRegistrationUpdateHook" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E21E991-301D-47FD-AB7A-99FBE864EF65}\ = "IApp" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{804EC8ED-BF49-41ED-BCD0-CA1D716D3E98}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C9E6B2FC-34C6-435F-BC66-1EA330DB1270}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C8159E37-5EDF-4E6D-8E6D-E558E8DDC2A0}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C7B73E65-20BA-407F-8A89-DF649EF82559}\NumMethods\ = "24" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A012A499-D8A6-4F6C-9E05-B02D58E3781A}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{59577BB5-F97B-4880-B785-510238C5C5CE}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436 | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d43190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13\Blob = 040000000100000010000000410352dc0ff7501b16f0028eba6f45c50f00000001000000140000005bcaa1c2780f0bcb5a90770451d96f38963f012d0b000000010000001e000000440053005400200052006f006f0074002000430041002000580033000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000c4a7b1a47b2c71fadbe14b9075ffc415608589101d00000001000000100000004558d512eecb27464920897de7b66053030000000100000014000000dac9024f54d8f6df94935fb1732638ca6ad77c131900000001000000100000006cf252fec3e8f20996de5d4dd9aef42420000000010000004e0300003082034a30820232a003020102021044afb080d6a327ba893039862ef8406b300d06092a864886f70d0101050500303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f74204341205833301e170d3030303933303231313231395a170d3231303933303134303131355a303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f7420434120583330820122300d06092a864886f70d01010105000382010f003082010a0282010100dfafe99750088357b4cc6265f69082ecc7d32c6b30ca5becd9c37dc740c118148be0e83376492ae33f214993ac4e0eaf3e48cb65eefcd3210f65d22ad9328f8ce5f777b0127bb595c089a3a9baed732e7a0c063283a27e8a1430cd11a0e12a38b9790a31fd50bd8065dfb7516383c8e28861ea4b6181ec526bb9a2e24b1a289f48a39e0cda098e3e172e1edd20df5bc62a8aab2ebd70adc50b1a25907472c57b6aab34d63089ffe568137b540bc8d6aeec5a9c921e3d64b38cc6dfbfc94170ec1672d526ec38553943d0fcfd185c40f197ebd59a9b8d1dbada25b9c6d8dfc115023aabda6ef13e2ef55c089c3cd68369e4109b192ab62957e3e53d9b9ff0025d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e04160414c4a7b1a47b2c71fadbe14b9075ffc41560858910300d06092a864886f70d01010505000382010100a31a2c9b17005ca91eee2866373abf83c73f4bc309a095205de3d95944d23e0d3ebd8a4ba0741fce10829c741a1d7e981addcb134bb32044e491e9ccfc7da5db6ae5fee6fde04eddb7003ab57049aff2e5eb02f1d1028b19cb943a5e48c4181e58195f1e025af00cf1b1ada9dc59868b6ee991f586cafab96633aa595bcee2a7167347cb2bcc99b03748cfe3564bf5cf0f0c723287c6f044bb53726d43f526489a5267b758abfe67767178db0da256141339243185a2a8025a3047e1dd5007bc02099000eb6463609b16bc88c912e6d27d918bf93d328d65b4e97cb15776eac5b62839bf15651cc8f677966a0a8d770bd8910b048e07db29b60aee9d82353510 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54362000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 1900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd90b000000010000001200000044006900670069004300650072007400000014000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd155090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\ajE56.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe
"C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe"
C:\Users\Admin\AppData\Local\Temp\ajE56.exe
"C:\Users\Admin\AppData\Local\Temp\ajE56.exe" /relaunch=8 /was_elevated=1 /tagdata
C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe
AVGBrowserUpdateSetup.exe /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome"
C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe
"C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe" /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome"
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regsvc
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regserver
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgb21haGFpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHVwZGF0ZXJ2ZXJzaW9uPSIxLjguMTY5My42IiBzaGVsbF92ZXJzaW9uPSIxLjguMTY5My42IiBpc21hY2hpbmU9IjEiIGlzX29tYWhhNjRiaXQ9IjAiIGlzX29zNjRiaXQ9IjEiIHNlc3Npb25pZD0iezgzNzQzMjc4LUQ0NzAtNDY0My05MDc2LUZFQjY3NUEwM0M3Qn0iIGNlcnRfZXhwX2RhdGU9IjIwMjUwOTE3IiB1c2VyaWQ9InswMjg4NzBENS1DODQ5LTQ4RjQtQkM5RS0wN0E2ODZDMDU3QjJ9IiB1c2VyaWRfZGF0ZT0iMjAyNDA2MDQiIG1hY2hpbmVpZD0iezAwMDA1OEQ0LUIyN0EtMDEyQi05RTNFLTQ1NDE0NzFFNkM2OX0iIG1hY2hpbmVpZF9kYXRlPSIyMDI0MDYwNCIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiB0ZXN0c291cmNlPSJhdXRvIiByZXF1ZXN0aWQ9IntGOUIzREQ0RS0xMDc4LTQ4RkUtQjQyRS00QkM2RUVCOTA2QUR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjYuMS43NjAxLjAiIHNwPSJTZXJ2aWNlIFBhY2sgMSIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuOC4xNjkzLjYiIGxhbmc9ImVuLVVTIiBicmFuZD0iOTI0OSIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iNTkzIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /handoff "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome" /installsource otherinstallcmd /sessionid "{83743278-D470-4643-9076-FEB675A03C7B}" /silent
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | stats.securebrowser.com | udp |
| US | 104.20.86.8:443 | stats.securebrowser.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | update.avgbrowser.com | udp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| BE | 2.17.107.235:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | browser-update.avg.com | udp |
| US | 2.17.251.26:80 | browser-update.avg.com | tcp |
Files
\Users\Admin\AppData\Local\Temp\nso782.tmp\jsis.dll
| MD5 | 4b27df9758c01833e92c51c24ce9e1d5 |
| SHA1 | c3e227564de6808e542d2a91bbc70653cf88d040 |
| SHA256 | d37408f77b7a4e7c60800b6d60c47305b487e8e21c82a416784864bd9f26e7bb |
| SHA512 | 666f1b99d65169ec5b8bc41cdbbc5fe06bcb9872b7d628cb5ece051630a38678291ddc84862101c727f386c75b750c067177e6e67c1f69ab9f5c2e24367659f4 |
\Users\Admin\AppData\Local\Temp\nso782.tmp\nsJSON.dll
| MD5 | ddb56a646aea54615b29ce7df8cd31b8 |
| SHA1 | 0ea1a1528faafd930ddceb226d9deaf4fa53c8b2 |
| SHA256 | 07e602c54086a8fa111f83a38c2f3ee239f49328990212c2b3a295fade2b5069 |
| SHA512 | 5d5d6ee7ac7454a72059be736ec8da82572f56e86454c5cbfe26e7956752b6df845a6b0fada76d92473033ca68cd9f87c8e60ac664320b015bb352915abe33c8 |
\Users\Admin\AppData\Local\Temp\nso782.tmp\JsisPlugins.dll
| MD5 | bd94620c8a3496f0922d7a443c750047 |
| SHA1 | 23c4cb2b4d5f5256e76e54969e7e352263abf057 |
| SHA256 | c0af9e25c35650f43de4e8a57bb89d43099beead4ca6af6be846319ff84d7644 |
| SHA512 | 954006d27ed365fdf54327d64f05b950c2f0881e395257b87ba8e4cc608ec4771deb490d57dc988571a2e66f730e04e8fe16f356a06070abda1de9f3b0c3da68 |
\Users\Admin\AppData\Local\Temp\nso782.tmp\StdUtils.dll
| MD5 | 7602b88d488e54b717a7086605cd6d8d |
| SHA1 | c01200d911e744bdffa7f31b3c23068971494485 |
| SHA256 | 2640e4f09aa4c117036bfddd12dc02834e66400392761386bd1fe172a6ddfa11 |
| SHA512 | a11b68bdaecc1fe3d04246cfd62dd1bb4ef5f360125b40dadf8d475e603e14f24cf35335e01e985f0e7adcf785fdf6c57c7856722bc8dcb4dd2a1f817b1dde3a |
\Users\Admin\AppData\Local\Temp\{D0A730A8-A0F9-46EB-95B0-5D0B19B5A921}\scrt.dll
| MD5 | f36f05628b515262db197b15c7065b40 |
| SHA1 | 74a8005379f26dd0de952acab4e3fc5459cde243 |
| SHA256 | 67abd9e211b354fa222e7926c2876c4b3a7aca239c0af47c756ee1b6db6e6d31 |
| SHA512 | 280390b1cf1b6b1e75eaa157adaf89135963d366b48686d48921a654527f9c1505c195ca1fc16dc85b8f13b2994841ca7877a63af708883418a1d588afa3dbe8 |
\Users\Admin\AppData\Local\Temp\nso782.tmp\thirdparty.dll
| MD5 | 070335e8e52a288bdb45db1c840d446b |
| SHA1 | 9db1be3d0ab572c5e969fea8d38a217b4d23cab2 |
| SHA256 | c8cf0cf1c2b8b14cbedfe621d81a79c80d70f587d698ad6dfb54bbe8e346fbbc |
| SHA512 | 6f49b82c5dbb84070794bae21b86e39d47f1a133b25e09f6a237689fd58b7338ae95440ae52c83fda92466d723385a1ceaf335284d4506757a508abff9d4b44c |
\Users\Admin\AppData\Local\Temp\ajE56.exe
| MD5 | acb51434fd82eb460b052f05950b8dca |
| SHA1 | 707d192db2ce7cefdefce3037dfb85a18b8811f3 |
| SHA256 | 29ffa251cb267969af445eb664df04d1a7badbcade61a7f754de42b6d4340055 |
| SHA512 | 013dc0abcc9760c6298b7e48007eb1ac4bc2e453f06c1ce4aff218f50cd1e2c4bb44ad6bc5687edb057df8b0e38fa0aaada7a8d045ed08412278d3031527229d |
C:\Users\Admin\AppData\Local\Temp\avg-securebrowser-web-tags
| MD5 | 4c94408946d796a8b19c17df5cf0562d |
| SHA1 | 89056150d90683f9548dadc308eb2789a67c2a47 |
| SHA256 | 68042cb47d900c4110ffc5f46e5f8395b35f42d33fc75e58ee34c7f5d8726de7 |
| SHA512 | 96a31f0b7254f42fec787233e2d11991709bc0b2514d163dd1f7696015e7318f9810d9811473fc13d6782d65e40f6a94fe6a7ffef3cb962032cff3bfe8b99a29 |
\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\Midex.dll
| MD5 | 581c4a0b8de60868b89074fe94eb27b9 |
| SHA1 | 70b8bdfddb08164f9d52033305d535b7db2599f6 |
| SHA256 | b13c23af49da0a21959e564cbca8e6b94c181c5eeb95150b29c94ff6afb8f9dd |
| SHA512 | 94290e72871c622fc32e9661719066bafb9b393e10ed397cae8a6f0c8be6ed0df88e5414f39bc528bf9a81980bdcb621745b6c712f4878f0447595cec59ee33d |
C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\CR.History.tmp
| MD5 | 90a1d4b55edf36fa8b4cc6974ed7d4c4 |
| SHA1 | aba1b8d0e05421e7df5982899f626211c3c4b5c1 |
| SHA256 | 7cf3e9e8619904e72ea6608cc43e9b6c9f8aa2af02476f60c2b3daf33075981c |
| SHA512 | ea0838be754e1258c230111900c5937d2b0788f90bbf7c5f82b2ceda7868e50afb86c301f313267eaa912778da45755560b5434885521bf915967a7863922ae2 |
C:\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\FF.places.tmp
| MD5 | 4a20152560726c963e9c777030638741 |
| SHA1 | 9c633496231903c8a160c4a209ed07be33edf780 |
| SHA256 | 01adf05f70f2f29804b71223067d65de1de51e578a1885fd17448b0e8c1d8c46 |
| SHA512 | 77908a3cf41c2d93b4d9e5776e407d7a3efd86470d48aa117dcb0d130795c49991e92e884402cd0387622007937c50132bca9e67f1e58398cdbdf0a1683e0aa5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
\Users\Admin\AppData\Local\Temp\nsdF2F.tmp\AVGBrowserUpdateSetup.exe
| MD5 | 9750ea6c750629d2ca971ab1c074dc9d |
| SHA1 | 7df3d1615bec8f5da86a548f45f139739bde286b |
| SHA256 | cd1c5c7635d7e4e56287f87588dea791cf52b8d49ae599b60efb1b4c3567bc9c |
| SHA512 | 2ecbe819085bb9903a1a1fb6c796ad3b51617dd1fd03234c86e7d830b32a11fbcbff6cdc0191180d368497de2102319b0f56bfd5d8ac06d4f96585164801a04b |
C:\Users\Admin\AppData\Local\Temp\Tar1AE9.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdate.exe
| MD5 | cbcdf56c8a2788ed761ad3178e2d6e9c |
| SHA1 | bdee21667760bc0df3046d6073a05d779fdc82cb |
| SHA256 | e9265a40e5ee5302e8e225ea39a67d452eaac20370f8b2828340ba079abbbfd3 |
| SHA512 | 5f68e7dffdd3424e0eb2e5cd3d05f8b6ba497aab9408702505341b2c89f265ebb4f9177611d51b9a56629a564431421f3ecb8b25eb08fb2c54dfeddecb9e9f2e |
C:\Program Files (x86)\GUM2CEA.tmp\goopdate.dll
| MD5 | 04a6438c50564146e880c5eb9d57905e |
| SHA1 | edf5d454de99159d832cc9bd0d8dbe132d749804 |
| SHA256 | 26109d47bf9960e531888e6c545ca8cfc24fee2202b549df29fb8bf9c58e0812 |
| SHA512 | 8705d0ab2f8a6c1ef567ad00b33ff2cca01391b105eb0ade201d981f091e4ba87e709860ab9849bf9781698fb42ab8efe53ea731af310781766bace1eb1dc19d |
\Program Files (x86)\GUM2CEA.tmp\goopdateres_en.dll
| MD5 | 418853fe486d8c021d0cca2e85a63d63 |
| SHA1 | 9504500a7b5076579d74c23294df4bdb1b7c517d |
| SHA256 | 4cbb2591c1eeda32bcf295685c993ce4d16acc968697fa12e2a00a1b7c4b37a3 |
| SHA512 | dc2ab4e2056e6d73a274d700bc16f75c7c687b35874029c1908b183428dec010373045d4a52eb3f5745f8b91d624cf5d40cd7f37e353f3a41348e2a054a266a3 |
C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdateCore.exe
| MD5 | dd5dc945cd848bf503862d0a68c3ea5d |
| SHA1 | 9b277a0c733ed5698b0656da8c3b99d2f90c7ef8 |
| SHA256 | 8cc98345e367b083f545ace66d93bf69e03a4fa08b84805a9925fa4c94ef3f8f |
| SHA512 | f6eab8422bde24d89a7723c6175b4197a50e18aa0bb5b8f419e5a23b265d85dcaacaf136b8f6ef6bbf2bd6c0eaecd8f86093f594fb98e596f4b39e9c6ff227e1 |
C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserCrashHandler64.exe
| MD5 | deef1e7382d212cd403431727be417a5 |
| SHA1 | fac0e754a5734dd5e9602a0327a66e313f7473bb |
| SHA256 | 7d410e9eabd086827b16c89ee953a643c3e2f7929616c0af579253fd8ca60088 |
| SHA512 | 6b472a57fb89b128aad9ab6313a9ce8b171f7d73264c67f669adc5cf1f0421d81f654dad1419b620476abb59dd54e1aa03a74a26c5c93813f6fb8575fbd97d4d |
C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserUpdateComRegisterShell64.exe
| MD5 | 2a3ad7362e6c8808fbb4d4ccaba4ed4a |
| SHA1 | 3f896f7df7fe202f4a717713c503665bb4dcaed6 |
| SHA256 | 4dcd341907880c8dea840819628b19c5ea42ca2b5c61ad57147d0ac7da9b6759 |
| SHA512 | 892042ac713e4d5b488262a584355dafa18d967035788799c1773eb39a4616461beb9d79a230d9f85cdefd1b4076b8a5e1d4bde17254bff1f08c3eba56469679 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_da.dll
| MD5 | 9a421423686559027e4301d36bcf58b2 |
| SHA1 | 9669424f4e7c765ddb917a515d5a8b1486f87daf |
| SHA256 | 9d8ff148793d99974fab93f38027e1999323a48620b303f82170751be5dd6b69 |
| SHA512 | f5d62fe17a820323c4b1832cd3bd9c8fa291d44dceb88a8a1a8f94c6166e550ab9baf9357c5ec3388230bc75f0ccd3aa2d5247fa5d242013d22c61001128a951 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_de.dll
| MD5 | 1c15851d9dd22e4ae3f3bf249da79035 |
| SHA1 | 60fc5652b5e1c55056c961d4d3b961492cb3432b |
| SHA256 | a9dd72a08c0c58a71b2289d76efae681a5c8eb5faf73e49b873f15ba4050baa6 |
| SHA512 | 6da386c35b317f39613da73340631f927606bccd0a8c626537eda896eb32c9a2ed1d71c7cf838f1a4b90553f3f788eeb5e02fe84774fb0ad2f574bf4e4d7e248 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_el.dll
| MD5 | 0d15748f01df49dae986f1e27dc098ef |
| SHA1 | 35a435bdaaf47795977b28cdae2e4ea1fdae73a3 |
| SHA256 | df13c38061cb0b02dd8a9023a17da0bbe1cda6fdedad5203129fc702c7fdd9b1 |
| SHA512 | 290e9936f50e3bd11c1b9d28decf3b43f5e23bbff16801e7b0491690773d057b6bcdcf48c48a7ee16fa2400723b3e974e2b74e3899590a8e660c2e9c78b9d141 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_en-GB.dll
| MD5 | 02465169cd873c4492196e03457f2771 |
| SHA1 | 837ca5e54a8c12577d0d05a32996dfc04067c5ea |
| SHA256 | 4eb9edf550bf1f66382e5d8bd4958438891cd2ca46557d14f4b945dc176ec025 |
| SHA512 | e73b5f3951050f2903b80b89d2b9fd9ebf69adb922eb8238ef4c01f413ae67727d7598d4ac15f7ac8b9257aef0139e0924c70c5898357142a303d7e2b15394c3 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_es.dll
| MD5 | 5f8ea18786d5ef1927cd95537abc3ae0 |
| SHA1 | 5530650ecc719d83b7aa89e0b326b5698e8adda2 |
| SHA256 | fa416294b078226a8919dbb8f75533a6ef96d63d5bd17aac854eae68791433cf |
| SHA512 | 577dc7d19e4443e8aede759a781826c091c17d12fb06e89b1306133f21e01dab919045183a916e1b5647ddf485134a8459745a9199df5c7e36abe192645d8e25 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_et.dll
| MD5 | 5029406d9202d6f2f279fdd3a06f55a1 |
| SHA1 | dcca8bf9392faa0038c6cb5d25929726b16804af |
| SHA256 | cac545e04d701c39f4a730aec4c3dad177d8ea4baca10651f150925644874864 |
| SHA512 | 519538e05f8e21966e4878291692cf25057bba3c993c0034a33b1da7c9eb0a8fb881565717ceb6c1139fd601b73b1f1e2aa46e20aeb6b93f897cd2ef93172934 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_fr.dll
| MD5 | 8ddc3f7276c12ac407cadcda6e2a3e12 |
| SHA1 | 78c5e802f67c8b6ae3fe13202e6a54d3cca69df4 |
| SHA256 | 7f2f0f9f443a022f5aedacc40c28d0654fec488f34435c75979118464256a8b7 |
| SHA512 | 0d05bdd2d5e9f36eb09182e8b13507ba03e256c4aadb77bbfedf29584a47fd1e0733a825a3f687d3058e53c8075caf6dd9d24ec93f1bdd58ca97106827323540 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_is.dll
| MD5 | dae35fa037b6248876347521c5298566 |
| SHA1 | 8358fc05a675ea56f720052fbb4b384d97b94d86 |
| SHA256 | ce0652b8dfaf21b6192b66bf75e140b3d72aa545e0edf62d9e82e9b0878ac5c5 |
| SHA512 | 4158b8fef0da76ead12b5d6e421c5709664ba84d1ddde44ef6bbd1023084cad3820a37abea03b206635a945a2435b301234cf5bac3c8e2861a852b2699036ade |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_iw.dll
| MD5 | 31227325c8617b308ccd268c2be7e72a |
| SHA1 | 71e369f26e644e643fcd538d933e4087dd593f1f |
| SHA256 | 4a98e34a528eff04c2baf4e9e50489086e58d2e32e1851f33674abbe5e104c68 |
| SHA512 | ba8d94dde5b7b74a39ed54a5f3e47a558e0c1deb632018c82423c06806071143851bb1d8c7a7bada6f13e71734e7a29457f3741266972b777cded41c953a9645 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_kn.dll
| MD5 | 49000b4a101e635b05123f21b360b492 |
| SHA1 | 635f697f41c0591168e0eee10930728d9dec5a53 |
| SHA256 | a2aab58a4397c040bff69d45bef4ede6842034bf897799a9347232c4b6c9c7a5 |
| SHA512 | 9b62c2048e9c132089cce7da02ea5c95b5856f1c6e28d5581f4a0b1748e681bdd78c7d537d273a64f9d476e4ec62da5c6021cc1ccb69f7bee216e7bec6ddc6e0 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_lv.dll
| MD5 | 83c356f6310d51f8ffc1d67d580f5914 |
| SHA1 | f9bc318975f288fa47e8426b4c450a93b10af45c |
| SHA256 | 98e35cea7cddce15191594a70f8e15ff2dd1c02bde87225af0331441c65bca26 |
| SHA512 | 28a26cb1d88d072d7898ed27c3e9d056efedaa2cd9eccf951429f41df2c0162be3c14e58cfb4cf50b633d759825fa815a9249e7690d2ab75f60424b30dbe0424 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_lt.dll
| MD5 | 38606bfb6c9bfdf74503f833ee2733e5 |
| SHA1 | 670abd1279f642ec7b19f663e53f2813a716331f |
| SHA256 | df6c4228da3bf66929d81b99cb35df4a4389418490144630e1d9d5f422b56b38 |
| SHA512 | 6cc6f2fb0e5bf0241656cce5dc7311f05b8d79633f2176f8c172a9fcfa9813e3963576363d539fa1a8a58fa6bba138dd0baa7562274fbe99be5cda60f4671747 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_ko.dll
| MD5 | dd2f783c0017630f9a2969957f4eb84e |
| SHA1 | d42218de12a7c1c48fb5e7d60e61e32ce0cd9ac6 |
| SHA256 | 07e63e0e3d23f192ac131efc459c2d9f79a4ecdc39403d43fbff320c4b5fa261 |
| SHA512 | 689f625df8aec45a6343249739ec094cbb1245a9dd8847ffe6bf62fd2d7042d529f77216dd22e8b33830cf21b158f0ef6ea42af2248051c8d97205eb0229a22b |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_ja.dll
| MD5 | 0cfc5b7b3f86d6bfaec9a0713da74df3 |
| SHA1 | 81a278fdee9edc302fe4e7a88c9addb230ce6df2 |
| SHA256 | 1d7fd1b6a614538530385e7a40efc95d3b8be75057ae03bf999aa2419d1f9f24 |
| SHA512 | 8b8f834ccee41c69c581f0b80f26b0cdb536f87bebd5a6b1f02cdf6f1aea5cf5b29c356e82c7a8fd591bb16c0938a790ac8f90f6d27edc95fc48a5aa3c30cbf0 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_it.dll
| MD5 | 3ae3106694098f8420b182ad5e3354ab |
| SHA1 | bc9dab621b03d4126b97c260becd7f4525255462 |
| SHA256 | 59b406b29538c3c3d0f060b5fc0ccd36556f8a6278327935a5475c6b21741dc9 |
| SHA512 | f3625be57976083d642b01a41a53d6db6cad3bfc584a50de3565fe10975a5d7d2cf4f8b41bcdaa5ac70f8fc4ada113084de07e2ed45f26401dc2d4f8f4c322a9 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_id.dll
| MD5 | 7e7deef6ac35c9d52410fc356391c7e4 |
| SHA1 | 43b3d918867a93ba109a3e4eacb45f3cd5c40b93 |
| SHA256 | 963f4d2ad7ddcdcfb6185521c0590a92f2014897d5f5f525471ac81f3807fc5e |
| SHA512 | 9eb0e9be0a973693b4bd167f6c1118dd9d702b1951a90f0a3a6103e77c43ee6afa173b79d3ab21fe94a98c320b17ab0b787cf5b6ec47d9dde9e3e8c14b8cadc7 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_hu.dll
| MD5 | 114cc594fab2e564ccb24a826f3623e4 |
| SHA1 | c3c3fb4ef6ea6ff0e7a1e0289320b2fd2788b03b |
| SHA256 | c89e223a42d7173f915dd088ebc84b0048cec772bd4221b4b90ce4c0e419ffe6 |
| SHA512 | 9a7eb5710340cecb2d32de26322dc862812e185b6d260d76c0c7f642f30cf9e43c88aec76b515148ef986db0c77fd0e31f71c8fd26d56a4cc72dff0d023abb5d |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_hr.dll
| MD5 | 27c0dbd61a71420bb4d1a0be2373a175 |
| SHA1 | 47b4c107b711caf5a6b2978bd6fd6b53ebdec5e3 |
| SHA256 | 43191a4c507a112e96e06f959b6cf78406bf970b021ad8d7db59d1b9c52779bd |
| SHA512 | d1f20e9a628bdcbd26b8d5de89b87bdbc8dab871651c86d47c023daea86c7ada0a565fdd05b48c7643a63db044639f4eb89d1640e58c9b32722e4926c3c5e72a |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_hi.dll
| MD5 | 38525b8a1b15a8aeb4fcfc8bee8358bc |
| SHA1 | ac2ba33b8ad778a8165c87b579dad0dbef5bed75 |
| SHA256 | 271e83bc86e490cd5b6cb9cb34057c7684d233c56a53f4f553aa07507c9dae52 |
| SHA512 | ad8df196174ceeadce4588dcd365066665267b922078d92b328ba661a4ebfa6d06b4263a4b8a28e4efb4d86e1140d71a3c3bf4b7b60970aa20552aa7f0c73acb |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_gu.dll
| MD5 | a4061e8408cc59cb898adfdc4f173278 |
| SHA1 | ae34e3058a40449481590bb3a63aa0225b4f6f98 |
| SHA256 | e033c950ecc6333dfcb944e70622e77a6498ba0e23fd144117dbe9a2a0c15be6 |
| SHA512 | d8a847e9a21c86c7b9b072e16914f42185e3c0e1d99f6ea5259382eb0fb89578c7a7f9f62f892f1d20be180dfc327bc076ea038057895c8b92cb1f0c053e0b2a |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_fil.dll
| MD5 | 5ed0105f4043466a99557dde1f70e97f |
| SHA1 | c57c935cc4b25b6375ab3fcdfbb265f4c586ec3e |
| SHA256 | cfbe0120ddf8d5574f7c44c85488f53aecec4df9bfb25f1cefbabcad5af46096 |
| SHA512 | 4fa641810f758e0031388ec146467fc130780e2f2cc8495b6a2fff0679d7bcbe7526356f85a97b5338e84d791ba14e812b2c182fdae01763640be3324fb59526 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_fi.dll
| MD5 | 57dad7c22bd635a5af8fcdcd63d4e530 |
| SHA1 | 8aa11ea5c1cacd9b23c29989f22e82c43c827d0e |
| SHA256 | 1e0d05927a455115265db9308e0f78ffb7bbb5442f36b8483549efbe415454a2 |
| SHA512 | 4236609e37ec41bf46d0f45e228c9021c1624e2f98a642eab513d290a4482da13764fcc2d044f78ebdc09e0cfc63a251678d169cb33e251d6f6d5de9b96c31b6 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_fa.dll
| MD5 | 8564514501256ff045cf7aa6c1b5a797 |
| SHA1 | 40b9aa8d04c48fe2ecf193c2089418ccc938676d |
| SHA256 | f3f46a6da6c8ccb3ce7fdd0cb5882f45523decca95852b8c775bb90f8e92c1b3 |
| SHA512 | 701077c8a1c70c1bd0c35f54aa838dba7b7b6f832e0ef2776673092fca546276166c3638676451c9655086b740b9e193cd54f952fd5fca481b964083b881bcc2 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_es-419.dll
| MD5 | 3e5971e8559c77e8901ce30d14034730 |
| SHA1 | 04cc21ac4a84abd29f7d7585282345881fd81721 |
| SHA256 | 613418b8779f7440b88f1734d6c514706df9dc9a58a623966cc1c9ba4e29c28f |
| SHA512 | b4592b25cf676db6d6de1be811c39bdeecc24bbfd4dc72fa4b3f97de866f9b0fec7c85f7d56f048f61829c1d8b4109e4a0c7e14a9e410e30a6a8da702941e00e |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_cs.dll
| MD5 | 7f3dcd851645d3d75f636c8440fb057f |
| SHA1 | 85debe41ddcb46555a0d00795e41e460a35583c2 |
| SHA256 | 0b31785d1931580cad5ef16d4ff5723802d12c38b56746e70fcf91d71162e043 |
| SHA512 | d0d21c397899aaa6a718b77195a6af1556309615616fd6583ecb84b04aa7087e76eb5fdd6cae0a4ff1c0f85bf72e1f51ae002042078095f640eb95da363889e4 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_ca.dll
| MD5 | f951cf3ca93e5ae5fc1ce2da93121d98 |
| SHA1 | 15bc869406857437babe41cd3f500c356913499b |
| SHA256 | eb00cad19ed1d16f52928962f2cc6231d65eb74b2314976ebeb1ec860103e746 |
| SHA512 | b77086ad2b39723d697d7839d9243c1c0769a2cb0f6287cd3f2d64eabd6a48d8fc2d253e9089c6586637ed5dc5970c2608615fe77cef5003f0c4d53401ef73bc |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_bn.dll
| MD5 | aedf6d96ccb64f488379bb1fe65f697a |
| SHA1 | 901bbb7873d8f698f49c4b6be74fb50b353d7b5e |
| SHA256 | 941d22186ef1bfe27052e78d21944d6088cea152d1ede51452f04fb032c92f90 |
| SHA512 | d1d889a1fe75924f3569e07d9ee3f552afc02165210f5c439d4697be898b72db397bb89e7d0706259f92c1cb5759009f9e1ba5c52f764e63514b3da41dada1cc |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_bg.dll
| MD5 | c0b41217fc33a6a53ec69ae7399460f2 |
| SHA1 | d7dd8d543b7297f1a1e138efa1806972c9489c3f |
| SHA256 | d75a1a41ad7e5277576e3bdf35a858be3a6f540d21c8ab4156c842d8f1b3295b |
| SHA512 | 37abb726b78421aaccdbc94b358cda6b581e89ac519258eb39c6a7f0706cfc64c3a96f5c29539ba67c6e2d2afd6f10b6b0c063b54366c03376ce234d132a8253 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_ar.dll
| MD5 | 9c77be0843f0fe4864a04f8d5f24a593 |
| SHA1 | be03adb4d3c33520e652c7a6ee45f09d5ff54a54 |
| SHA256 | 39547fa5d7b93856235288b1021699b4f36f0bea10b10d6b89ea184a3ad77bb1 |
| SHA512 | f504c98b03a5d72c078b38a2cc4fdd94dbed159f5a2ed47c2c4a53fc6ec8a3b1fd969d5ad85fc7503e64427a36adee7a14f15f1275a9194103e43c8a8ee45d28 |
C:\Program Files (x86)\GUM2CEA.tmp\goopdateres_am.dll
| MD5 | ba03b29d5d44341084eb06bea8f1e702 |
| SHA1 | 7d8dd7556ea5e299b55ddc7477ca758fe2c64f48 |
| SHA256 | 6a6aad33e2910c29a6d919aad074d89359c5e6723ced7ba4e215a62e9513749b |
| SHA512 | 29f902587b7078deb12bee6bf9993748109749ec12e6490d5f84bc9c532a5a1f414149d5760641ef052611bf2d441423d115dfb5a4c4c6f5e6d6a1f386924cf2 |
C:\Program Files (x86)\GUM2CEA.tmp\AVGBrowserCrashHandler.exe
| MD5 | f73e60370efe16a6d985e564275612da |
| SHA1 | 2f829a0a611ac7add51a6bc50569e75181cdfd58 |
| SHA256 | 9cf076866935a0c64366efaeff2ec76d45ac816030ebd616fd5defb1870bc30e |
| SHA512 | 2e44e87c285bb7b72d45c8119d08ea6f2d13cea77cf0005a3cf530790bb86c7f2df7c5edac9d86c9d7214abb224738c3bf6b31f6bf104051512bb1de133042dc |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win10v2004-20240508-en
Max time kernel
149s
Max time network
149s
Command Line
Signatures
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\Localized Name = "AVG Secure Browser" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\IsInstalled = "1" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\Version = "43,0,0,0" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982} | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\ = "AVG Secure Browser" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\StubPath = "\"C:\\Program Files\\AVG\\Browser\\Application\\124.0.25069.209\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\aj575A.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32 | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32\ = "\"C:\\Program Files\\AVG\\Browser\\Application\\124.0.25069.209\\notification_helper.exe\"" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32\ServerExecutable = "C:\\Program Files\\AVG\\Browser\\Application\\124.0.25069.209\\notification_helper.exe" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AVGBrowserAutoLaunch_2539D9FFF1F40C0A976762D6C815D3E3 = "\"C:\\Program Files\\AVG\\Browser\\Application\\AVGBrowser.exe\" --check-run=src=logon --auto-launch-at-startup --profile-directory=\"Default\"" | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AVGBrowserAutoLaunch_2539D9FFF1F40C0A976762D6C815D3E3 = "\"C:\\Program Files\\AVG\\Browser\\Application\\AVGBrowser.exe\" --check-run=src=logon --auto-launch-at-startup --profile-directory=\"Default\"" | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
Checks for any installed AV software in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\aj575A.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\aj575A.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Software\AVAST Software\Avast | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Software\Avira\Antivirus | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Software\AVAST Software\Avast | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Software\Avira\Antivirus | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\aj575A.exe | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\aj575A.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdateBroker.exe | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdateCore.exe | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\goopdateres_bn.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\goopdateres_ko.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\AVGBrowserInstaller.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Extensions\external_extensions.json | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_et.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\af.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\AVG\Browser\Application\debug.log | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| File opened for modification | C:\Program Files\Crashpad\settings.dat | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\Crashpad\metadata | C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdateOnDemand.exe | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\mr.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\goopdateres_am.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\goopdateres_lv.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\goopdateres_nl.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_de.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_el.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateOnDemand.exe | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\chrome_pwa_launcher.exe | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\kn.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\pl.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Application\SetupMetrics\5a6ac0be-7cc2-4a4b-9639-1cef07e0ad39.tmp | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\chrome_100_percent.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\chrome_wer.dll | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\it.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\th.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_id.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\acuapi_64.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\fr.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\vk_swiftshader.dll | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\psuser_64.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\goopdateres_fil.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_pl.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_vi.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\gu.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\MEIPreload\manifest.json | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Application\AVGBrowserQHelper.exe | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\goopdateres_pt-BR.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_fa.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\icudtl.dat | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ms.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\mojo_core.dll | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\VisualElements\Logo.png | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\psuser.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\goopdateres_te.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_it.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserCrashHandler64.exe | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_es-419.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ml.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_pt-PT.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\bn.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\es.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Application\SetupMetrics\c74ecf8d-959d-4b80-9802-fc542a967e8e.tmp | C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_hu.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ur.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files\AVG\Browser\Temp\source1580_326246364\Safer-bin\124.0.25069.209\Locales\ml.pak | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\goopdateres_es-419.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6448.tmp\goopdateres_hu.dll | C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_th.dll | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\aj575A.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\aj575A.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppName = "AVGBrowserUpdateBroker.exe" | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\Policy = "3" | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498} | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppName = "AVGBrowserUpdateWebPlugin.exe" | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\Policy = "3" | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077} | C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\hostprefix | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\NGC\SoftLockoutVolatileKey | C:\Windows\system32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19 | C:\Windows\system32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE | C:\Windows\system32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\ | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\endpoint = "update.avgbrowser.com" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft | C:\Windows\system32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\NGC | C:\Windows\system32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133619881910501053" | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography | C:\Windows\system32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AVG | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AVG\Browser | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\devmode = "0" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\MachineId = "00009bb098663592a3a6086bcc2909e7" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\MachineIdDate = "20240604" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.OnDemandCOMClassSvc\CurVer\ = "AVGUpdate.OnDemandCOMClassSvc.1.0" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D37D106C-CDD2-4821-BC7A-F08990DDCA74} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E3700FAF-2DC2-4322-99B1-D6A51203AF77}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{59577BB5-F97B-4880-B785-510238C5C5CE}\ = "IApp2" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\AvgHTML | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C32E10AE-6600-4A1E-8BEA-EF89A3072F93}\ = "IAppWeb" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{925547A3-663F-4673-A7B7-3FCACCDC4879}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C9E6B2FC-34C6-435F-BC66-1EA330DB1270}\ = "IJobObserver" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\TypeLib\{358EC846-617A-4763-8656-50BF6E0E8AA2}\1.0\0 | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvgHTML\DefaultIcon\ = "C:\\Program Files\\AVG\\Browser\\Application\\AVGBrowser.exe,0" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E21E991-301D-47FD-AB7A-99FBE864EF65}\NumMethods\ = "41" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6CEBE594-0680-4815-86E1-615A6BE65E0E}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E21E991-301D-47FD-AB7A-99FBE864EF65} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C32E10AE-6600-4A1E-8BEA-EF89A3072F93} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A42B2494-93AE-44E1-B76D-BA8509A5167D}\Elevation\IconReference = "@C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\goopdate.dll,-1004" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{30612A81-C10F-498E-9163-C2B2A3F81A14}\ServiceParameters = "/comsvc" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8C50E3A4-12A8-41FB-9941-E8EEB222E07E} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C7E81D6-0463-485E-8DF5-2ADAD81FAF40}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C50E3A4-12A8-41FB-9941-E8EEB222E07E}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6CEBE594-0680-4815-86E1-615A6BE65E0E}\NumMethods\ = "4" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.MiscUtils\CLSID | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.CredentialDialogMachine.1.0 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithProgIds\AvgHTML | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C8159E37-5EDF-4E6D-8E6D-E558E8DDC2A0} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.CoCreateAsync.1.0\CLSID\ = "{B80EC6B9-55FF-4E4F-B4E8-9BD098DBBAA5}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5CCD3788-C8CC-4EE9-8DF7-944B7D9674F2}\NumMethods\ = "10" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{41A025DF-6171-460F-B9A1-29ECE33E754E}\ = "IGoogleUpdate3" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FBDC15B-BBCD-402B-A45F-1853B01A9E3C} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.MiscUtils.1.0\CLSID | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FBDC15B-BBCD-402B-A45F-1853B01A9E3C}\Elevation | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BEBC1D02-EC16-479A-83F6-AA4247CA7F70}\Elevation\IconReference = "@C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\goopdate.dll,-1004" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ = "IAppBundleWeb" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.Update3COMClassService | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{384098DD-AB6D-412E-B819-2F10032D9767}\AppID = "{30612A81-C10F-498E-9163-C2B2A3F81A14}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB785069-B832-4423-B813-47F7422BA6E5}\ = "ICoCreateAsync" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C7E81D6-0463-485E-8DF5-2ADAD81FAF40}\ = "IGoogleUpdate3Web" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E21E991-301D-47FD-AB7A-99FBE864EF65}\NumMethods\ = "41" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{358EC846-617A-4763-8656-50BF6E0E8AA2}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.Update3WebMachine.1.0\ = "Google Update Broker Class Factory" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C0BE1521-7935-42E6-B606-058A559910BA} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvgQH\Application\ApplicationName = "AVG Secure Browser Helper" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D37D106C-CDD2-4821-BC7A-F08990DDCA74}\NumMethods\ = "5" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{45F7CBA5-258D-4852-AD0A-B18F3FB214F4}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8C7E81D6-0463-485E-8DF5-2ADAD81FAF40}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.OnDemandCOMClassMachine\ = "Google Update Broker Class Factory" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FBDC15B-BBCD-402B-A45F-1853B01A9E3C}\LocalServer32 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{45F7CBA5-258D-4852-AD0A-B18F3FB214F4}\ = "IBrowserHttpRequest2" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{59577BB5-F97B-4880-B785-510238C5C5CE}\NumMethods\ = "45" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0C0BAA6C-52FD-4A3F-8731-F588C5E8F191} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{59577BB5-F97B-4880-B785-510238C5C5CE}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{633D953B-278A-4DAC-8E4B-D15296A1C845}\AppID = "{30612A81-C10F-498E-9163-C2B2A3F81A14}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0C0BAA6C-52FD-4A3F-8731-F588C5E8F191}\ = "IRegistrationUpdateHook" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A725D612-7D72-48B8-857A-4777781F415C}\LocalServer32\ServerExecutable = "C:\\Program Files\\AVG\\Browser\\Application\\124.0.25069.209\\notification_helper.exe" | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\AvgHTML\Application | C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.Update3WebMachineFallback.1.0\CLSID\ = "{A42B2494-93AE-44E1-B76D-BA8509A5167D}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E3700FAF-2DC2-4322-99B1-D6A51203AF77}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B02B2F29-8637-4B78-892A-CFD7CCE793EC}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2DAE1732-F855-42A3-9D28-B7F6E291ECCD}\ = "IAppCommand2" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.CoreMachineClass\CLSID | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.OnDemandCOMClassMachineFallback.1.0\ = "Google Update Legacy On Demand" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{804EC8ED-BF49-41ED-BCD0-CA1D716D3E98}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe | N/A |
| N/A | N/A | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
| N/A | N/A | C:\Program Files\AVG\Browser\Application\AVGBrowser.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe
"C:\Users\Admin\AppData\Local\Temp\20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe"
C:\Users\Admin\AppData\Local\Temp\aj575A.exe
"C:\Users\Admin\AppData\Local\Temp\aj575A.exe" /relaunch=8 /was_elevated=1 /tagdata
C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe
AVGBrowserUpdateSetup.exe /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome"
C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe
"C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe" /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome"
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regsvc
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regserver
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgb21haGFpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHVwZGF0ZXJ2ZXJzaW9uPSIxLjguMTY5My42IiBzaGVsbF92ZXJzaW9uPSIxLjguMTY5My42IiBpc21hY2hpbmU9IjEiIGlzX29tYWhhNjRiaXQ9IjAiIGlzX29zNjRiaXQ9IjEiIHNlc3Npb25pZD0iezI4MzhDNzBFLTAxMkEtNDA0Ny05RTY5LTJGM0Q5M0YzRjJEN30iIGNlcnRfZXhwX2RhdGU9IjIwMjUwOTE3IiB1c2VyaWQ9Ins5MTgxM0YyOS04M0NFLTRDMEYtQjNFOC05RTAxMkYwNUVENEN9IiB1c2VyaWRfZGF0ZT0iMjAyNDA2MDQiIG1hY2hpbmVpZD0iezAwMDA5QkIwLTk4NjYtMzU5Mi1BM0E2LTA4NkJDQzI5MDlFN30iIG1hY2hpbmVpZF9kYXRlPSIyMDI0MDYwNCIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiB0ZXN0c291cmNlPSJhdXRvIiByZXF1ZXN0aWQ9IntFQkFCNUMwMC01REIzLTQ4OEYtODM0NS02NTI3MTk2QTRBRDd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjgiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuOC4xNjkzLjYiIGxhbmc9ImVuLVVTIiBicmFuZD0iOTI0OSIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iNTQ3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /handoff "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9249&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome" /installsource otherinstallcmd /sessionid "{2838C70E-012A-4047-9E69-2F3D93F3F2D7}" /silent
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc
C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\AVGBrowserInstaller.exe
"C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\AVGBrowserInstaller.exe" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data=iexplore --import-cookies --auto-launch-chrome --system-level
C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe
"C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe" --install-archive="C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\SECURE.PACKED.7Z" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data=iexplore --import-cookies --auto-launch-chrome --system-level
C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe
"C:\Program Files (x86)\AVG\Browser\Update\Install\{60683D37-D392-488F-9391-D67E16E9FB94}\CR_030EB.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0x268,0x26c,0x270,0x244,0x274,0x7ff60d0ba3f0,0x7ff60d0ba3fc,0x7ff60d0ba408
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe"
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe"
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
AVGBrowser.exe --heartbeat --install --create-profile
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0xf4,0xf8,0xfc,0x80,0x100,0x7ff8f545dc40,0x7ff8f545dc4c,0x7ff8f545dc58
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2000,i,8785005948342461342,13055380804338233290,262144 --variations-seed-version --mojo-platform-channel-handle=1996 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1880,i,8785005948342461342,13055380804338233290,262144 --variations-seed-version --mojo-platform-channel-handle=2524 /prefetch:3
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1904,i,8785005948342461342,13055380804338233290,262144 --variations-seed-version --mojo-platform-channel-handle=2664 /prefetch:8
C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe
"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3312,i,8785005948342461342,13055380804338233290,262144 --variations-seed-version --mojo-platform-channel-handle=3536 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3472,i,8785005948342461342,13055380804338233290,262144 --variations-seed-version --mojo-platform-channel-handle=3292 /prefetch:1
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3480,i,8785005948342461342,13055380804338233290,262144 --variations-seed-version --mojo-platform-channel-handle=3920 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3608,i,8785005948342461342,13055380804338233290,262144 --variations-seed-version --mojo-platform-channel-handle=3944 /prefetch:2
C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe
"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4592,i,8785005948342461342,13055380804338233290,262144 --variations-seed-version --mojo-platform-channel-handle=4668 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
AVGBrowser.exe --silent-launch
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0xf8,0xfc,0x100,0xe0,0x104,0x7ff8f545dc40,0x7ff8f545dc4c,0x7ff8f545dc58
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2112,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1988,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=2564 /prefetch:3
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2164,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=2572 /prefetch:8
C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe
"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"
C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe
"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3428,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3600 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3740,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3736 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3424,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3612 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2908,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3668 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3636,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3752 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3676,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3708 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3880,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3892 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3616,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4052 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4080,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4192 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4044,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4336 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4076,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4492 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4500,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4640 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4520,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4516 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5040,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5076,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=5240 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5164,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=2900 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3760,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3736 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5656,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=5756 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5780,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3868 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5764,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4800 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5776,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3956 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4120,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4196 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4448,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4444 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4108,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4132 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4252,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4832 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3800,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4052 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4352,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=6008 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6140,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=6156 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4824,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=6312 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4212,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=6468 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5608,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4632 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4940,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=6308 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5668,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4324 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=4560,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=5344 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4196,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=6616 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5592,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4404 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5744,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=6884 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=4496,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=4728 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=4660,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3404 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4672,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=5804 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6780,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=7100 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=6452,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=6344 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6592,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=6464 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --enable-protect
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8f545dc40,0x7ff8f545dc4c,0x7ff8f545dc58
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5996,i,2711390527648634762,7794022815970723376,262144 --variations-seed-version --mojo-platform-channel-handle=3892 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowserProtect.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowserProtect.exe" --registration reg-task --taskintr PT10M --runonce
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe
setup.exe /silent --create-shortcuts=0 --install-level=1 --system-level
C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe
"C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0x260,0x264,0x268,0x1e4,0x26c,0x7ff62a61a3f0,0x7ff62a61a3fc,0x7ff62a61a408
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=shortcut-pin-helper /prefetch:8 startpin "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk"
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
AVGBrowser.exe --check-run=src=installer
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8f545dc40,0x7ff8f545dc4c,0x7ff8f545dc58
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2172,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=2056 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1916,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=2268 /prefetch:3
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2396,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=2584 /prefetch:8
C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe
"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3196,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=3276 /prefetch:1
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3204,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=3300 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=4260,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=4300 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=4624,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=4644 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4936,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=4900 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4964,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=5052 /prefetch:2
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5036,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=5220 /prefetch:2
C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe
"C:\Program Files\AVG\Browser\Application\124.0.25069.209\elevation_service.exe"
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=shortcut-pin-helper /prefetch:8 has-startpin "C:\Users\Public\Desktop\AVG Secure Browser.lnk"
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4616,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=5336 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --enable-protect
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5884,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=5896 /prefetch:8
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=124.0.25069.209 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8f545dc40,0x7ff8f545dc4c,0x7ff8f545dc58
C:\Program Files\AVG\Browser\Application\AVGBrowser.exe
"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5352,i,12443798936367346061,4134929069282605396,262144 --variations-seed-version --mojo-platform-channel-handle=3200 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stats.securebrowser.com | udp |
| US | 104.20.87.8:443 | stats.securebrowser.com | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.87.20.104.in-addr.arpa | udp |
| BE | 88.221.83.185:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | update.avgbrowser.com | udp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| US | 8.8.8.8:53 | 145.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser-update.avg.com | udp |
| US | 2.17.251.26:80 | browser-update.avg.com | tcp |
| US | 8.8.8.8:53 | 26.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | update.avgbrowser.com | udp |
| US | 8.8.8.8:53 | update.avgbrowser.com | udp |
| US | 172.67.41.145:443 | update.avgbrowser.com | udp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| US | 8.8.8.8:53 | stats.securebrowser.com | udp |
| US | 8.8.8.8:53 | stats.securebrowser.com | udp |
| US | 104.20.87.8:443 | stats.securebrowser.com | tcp |
| US | 8.8.8.8:53 | config.avg.securebrowser.com | udp |
| US | 8.8.8.8:53 | config.avg.securebrowser.com | udp |
| US | 104.20.86.8:443 | config.avg.securebrowser.com | tcp |
| US | 8.8.8.8:53 | browser-update.avg.com | udp |
| US | 8.8.8.8:53 | browser-update.avg.com | udp |
| US | 2.17.251.40:443 | browser-update.avg.com | tcp |
| US | 8.8.8.8:53 | 8.86.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s-install.avcdn.net | udp |
| US | 8.8.8.8:53 | s-install.avcdn.net | udp |
| US | 8.8.8.8:53 | update.avgbrowser.com | udp |
| US | 8.8.8.8:53 | update.avgbrowser.com | udp |
| US | 8.8.8.8:53 | stats.securebrowser.com | udp |
| US | 8.8.8.8:53 | stats.securebrowser.com | udp |
| GB | 2.21.189.79:443 | s-install.avcdn.net | tcp |
| US | 172.67.41.145:443 | update.avgbrowser.com | udp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| US | 104.20.86.8:443 | stats.securebrowser.com | tcp |
| US | 8.8.8.8:53 | browser-update.avg.com | udp |
| US | 8.8.8.8:53 | browser-update.avg.com | udp |
| US | 2.17.251.26:443 | browser-update.avg.com | tcp |
| US | 8.8.8.8:53 | 79.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | shepherd.ff.avast.com | udp |
| US | 8.8.8.8:53 | shepherd.ff.avast.com | udp |
| US | 34.160.176.28:443 | shepherd.ff.avast.com | tcp |
| US | 8.8.8.8:53 | 28.176.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 104.20.87.8:443 | stats.securebrowser.com | tcp |
| US | 8.8.8.8:53 | ip-info.ff.avast.com | udp |
| US | 8.8.8.8:53 | ip-info.ff.avast.com | udp |
| US | 8.8.8.8:53 | config.avg.securebrowser.com | udp |
| US | 8.8.8.8:53 | config.avg.securebrowser.com | udp |
| US | 8.8.8.8:53 | update.avgbrowser.com | udp |
| US | 8.8.8.8:53 | update.avgbrowser.com | udp |
| US | 8.8.8.8:53 | easylist-downloads.adblockplus.org | udp |
| US | 8.8.8.8:53 | easylist-downloads.adblockplus.org | udp |
| US | 34.149.149.62:443 | ip-info.ff.avast.com | tcp |
| US | 104.20.86.8:443 | config.avg.securebrowser.com | tcp |
| GB | 2.16.34.16:443 | easylist-downloads.adblockplus.org | tcp |
| GB | 2.16.34.16:443 | easylist-downloads.adblockplus.org | tcp |
| US | 172.67.41.145:443 | update.avgbrowser.com | udp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| US | 8.8.8.8:53 | config.avg.securebrowser.com | udp |
| US | 8.8.8.8:53 | config.avg.securebrowser.com | udp |
| US | 8.8.8.8:53 | avast_browser_tiles.tiles.ampfeed.com | udp |
| US | 8.8.8.8:53 | avast_browser_tiles.tiles.ampfeed.com | udp |
| US | 8.8.8.8:53 | ip-info.ff.avast.com | udp |
| US | 8.8.8.8:53 | ip-info.ff.avast.com | udp |
| US | 8.8.8.8:53 | shepherd.ff.avast.com | udp |
| US | 8.8.8.8:53 | shepherd.ff.avast.com | udp |
| US | 34.160.176.28:443 | shepherd.ff.avast.com | tcp |
| US | 104.20.86.8:443 | config.avg.securebrowser.com | tcp |
| US | 34.149.149.62:443 | ip-info.ff.avast.com | tcp |
| BE | 104.68.91.91:443 | avast_browser_tiles.tiles.ampfeed.com | tcp |
| US | 8.8.8.8:53 | 62.149.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.91.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.34.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | engagement-content.avastbrowser.com | udp |
| US | 8.8.8.8:53 | engagement-content.avastbrowser.com | udp |
| US | 8.8.8.8:53 | api.accuweather.com | udp |
| US | 8.8.8.8:53 | api.accuweather.com | udp |
| US | 104.22.78.87:443 | engagement-content.avastbrowser.com | tcp |
| US | 104.22.78.87:443 | engagement-content.avastbrowser.com | tcp |
| US | 104.22.78.87:443 | engagement-content.avastbrowser.com | tcp |
| US | 104.22.78.87:443 | engagement-content.avastbrowser.com | tcp |
| US | 104.22.78.87:443 | engagement-content.avastbrowser.com | tcp |
| US | 104.22.78.87:443 | engagement-content.avastbrowser.com | tcp |
| GB | 23.200.147.42:443 | api.accuweather.com | tcp |
| GB | 23.200.147.42:443 | api.accuweather.com | tcp |
| US | 8.8.8.8:53 | 87.78.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.147.200.23.in-addr.arpa | udp |
| US | 172.67.41.145:443 | update.avgbrowser.com | udp |
| US | 8.8.8.8:53 | stwleprodwus.blob.core.windows.net | udp |
| US | 8.8.8.8:53 | stwleprodwus.blob.core.windows.net | udp |
| US | 20.60.153.225:443 | stwleprodwus.blob.core.windows.net | tcp |
| US | 8.8.8.8:53 | eb.nextgenshopping.com | udp |
| US | 8.8.8.8:53 | eb.nextgenshopping.com | udp |
| US | 151.101.1.55:443 | eb.nextgenshopping.com | tcp |
| US | 8.8.8.8:53 | c.nextgenshopping.com | udp |
| US | 8.8.8.8:53 | c.nextgenshopping.com | udp |
| US | 52.24.71.181:443 | c.nextgenshopping.com | tcp |
| US | 52.24.71.181:443 | c.nextgenshopping.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 225.153.60.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.71.24.52.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 216.58.213.10:443 | tcp | |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 216.58.204.67:443 | tcp | |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| GB | 216.58.204.67:443 | udp |
Files
C:\Users\Admin\AppData\Local\Temp\nsc4DB4.tmp\jsis.dll
| MD5 | 4b27df9758c01833e92c51c24ce9e1d5 |
| SHA1 | c3e227564de6808e542d2a91bbc70653cf88d040 |
| SHA256 | d37408f77b7a4e7c60800b6d60c47305b487e8e21c82a416784864bd9f26e7bb |
| SHA512 | 666f1b99d65169ec5b8bc41cdbbc5fe06bcb9872b7d628cb5ece051630a38678291ddc84862101c727f386c75b750c067177e6e67c1f69ab9f5c2e24367659f4 |
C:\Users\Admin\AppData\Local\Temp\nsc4DB4.tmp\nsJSON.dll
| MD5 | ddb56a646aea54615b29ce7df8cd31b8 |
| SHA1 | 0ea1a1528faafd930ddceb226d9deaf4fa53c8b2 |
| SHA256 | 07e602c54086a8fa111f83a38c2f3ee239f49328990212c2b3a295fade2b5069 |
| SHA512 | 5d5d6ee7ac7454a72059be736ec8da82572f56e86454c5cbfe26e7956752b6df845a6b0fada76d92473033ca68cd9f87c8e60ac664320b015bb352915abe33c8 |
C:\Users\Admin\AppData\Local\Temp\nsc4DB4.tmp\JsisPlugins.dll
| MD5 | bd94620c8a3496f0922d7a443c750047 |
| SHA1 | 23c4cb2b4d5f5256e76e54969e7e352263abf057 |
| SHA256 | c0af9e25c35650f43de4e8a57bb89d43099beead4ca6af6be846319ff84d7644 |
| SHA512 | 954006d27ed365fdf54327d64f05b950c2f0881e395257b87ba8e4cc608ec4771deb490d57dc988571a2e66f730e04e8fe16f356a06070abda1de9f3b0c3da68 |
C:\Users\Admin\AppData\Local\Temp\nsc4DB4.tmp\StdUtils.dll
| MD5 | 7602b88d488e54b717a7086605cd6d8d |
| SHA1 | c01200d911e744bdffa7f31b3c23068971494485 |
| SHA256 | 2640e4f09aa4c117036bfddd12dc02834e66400392761386bd1fe172a6ddfa11 |
| SHA512 | a11b68bdaecc1fe3d04246cfd62dd1bb4ef5f360125b40dadf8d475e603e14f24cf35335e01e985f0e7adcf785fdf6c57c7856722bc8dcb4dd2a1f817b1dde3a |
C:\Users\Admin\AppData\Local\Temp\{D47ECE9C-9324-4F16-AE52-A95D2689DDDC}\scrt.dll
| MD5 | f36f05628b515262db197b15c7065b40 |
| SHA1 | 74a8005379f26dd0de952acab4e3fc5459cde243 |
| SHA256 | 67abd9e211b354fa222e7926c2876c4b3a7aca239c0af47c756ee1b6db6e6d31 |
| SHA512 | 280390b1cf1b6b1e75eaa157adaf89135963d366b48686d48921a654527f9c1505c195ca1fc16dc85b8f13b2994841ca7877a63af708883418a1d588afa3dbe8 |
C:\Users\Admin\AppData\Local\Temp\nsc4DB4.tmp\thirdparty.dll
| MD5 | 070335e8e52a288bdb45db1c840d446b |
| SHA1 | 9db1be3d0ab572c5e969fea8d38a217b4d23cab2 |
| SHA256 | c8cf0cf1c2b8b14cbedfe621d81a79c80d70f587d698ad6dfb54bbe8e346fbbc |
| SHA512 | 6f49b82c5dbb84070794bae21b86e39d47f1a133b25e09f6a237689fd58b7338ae95440ae52c83fda92466d723385a1ceaf335284d4506757a508abff9d4b44c |
C:\Users\Admin\AppData\Local\Temp\aj575A.exe
| MD5 | acb51434fd82eb460b052f05950b8dca |
| SHA1 | 707d192db2ce7cefdefce3037dfb85a18b8811f3 |
| SHA256 | 29ffa251cb267969af445eb664df04d1a7badbcade61a7f754de42b6d4340055 |
| SHA512 | 013dc0abcc9760c6298b7e48007eb1ac4bc2e453f06c1ce4aff218f50cd1e2c4bb44ad6bc5687edb057df8b0e38fa0aaada7a8d045ed08412278d3031527229d |
C:\Users\Admin\AppData\Local\Temp\avg-securebrowser-web-tags
| MD5 | 4c94408946d796a8b19c17df5cf0562d |
| SHA1 | 89056150d90683f9548dadc308eb2789a67c2a47 |
| SHA256 | 68042cb47d900c4110ffc5f46e5f8395b35f42d33fc75e58ee34c7f5d8726de7 |
| SHA512 | 96a31f0b7254f42fec787233e2d11991709bc0b2514d163dd1f7696015e7318f9810d9811473fc13d6782d65e40f6a94fe6a7ffef3cb962032cff3bfe8b99a29 |
C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\Midex.dll
| MD5 | 581c4a0b8de60868b89074fe94eb27b9 |
| SHA1 | 70b8bdfddb08164f9d52033305d535b7db2599f6 |
| SHA256 | b13c23af49da0a21959e564cbca8e6b94c181c5eeb95150b29c94ff6afb8f9dd |
| SHA512 | 94290e72871c622fc32e9661719066bafb9b393e10ed397cae8a6f0c8be6ed0df88e5414f39bc528bf9a81980bdcb621745b6c712f4878f0447595cec59ee33d |
C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\CR.History.tmp
| MD5 | 73bd1e15afb04648c24593e8ba13e983 |
| SHA1 | 4dd85ca46fcdf9d93f6b324f8bb0b5bb512a1b91 |
| SHA256 | aab0b201f392fef9fdff09e56a9d0ac33d0f68be95da270e6dab89bb1f971d8b |
| SHA512 | 6eb58fb41691894045569085bd64a83acd62277575ab002cf73d729bda4b6d43c36643a5fa336342e87a493326337ed43b8e5eaeae32f53210714699cb8dfac7 |
C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\FF.places.tmp
| MD5 | 9c34915861c2e79553978e4e7dbc9362 |
| SHA1 | 35ee86260b81a873393d14917587e853f9b166cf |
| SHA256 | c20169b50d6c1614926522e70e3f1c2425c63b20df9767012c611c9de5cf4907 |
| SHA512 | 5a3da721dcbb62d0191967d65c41e24162c7b36bdc04e518d585c570e8d2053a91eb1a5eff21ccb6cf79fb096d6625ccd986863235bb772c9a83b275002295b7 |
C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\CR.History.tmp
| MD5 | 9618e15b04a4ddb39ed6c496575f6f95 |
| SHA1 | 1c28f8750e5555776b3c80b187c5d15a443a7412 |
| SHA256 | a4cd72e529e60b5f74c50e4e5b159efaf80625f23534dd15a28203760b8b28ab |
| SHA512 | f802582aa7510f6b950e3343b0560ffa9037c6d22373a6a33513637ab0f8e60ed23294a13ad8890935b02c64830b5232ba9f60d0c0fe90df02b5da30ecd7fa26 |
C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AVGBrowserUpdateSetup.exe
| MD5 | 9750ea6c750629d2ca971ab1c074dc9d |
| SHA1 | 7df3d1615bec8f5da86a548f45f139739bde286b |
| SHA256 | cd1c5c7635d7e4e56287f87588dea791cf52b8d49ae599b60efb1b4c3567bc9c |
| SHA512 | 2ecbe819085bb9903a1a1fb6c796ad3b51617dd1fd03234c86e7d830b32a11fbcbff6cdc0191180d368497de2102319b0f56bfd5d8ac06d4f96585164801a04b |
C:\Program Files (x86)\GUM6448.tmp\@PaxHeader
| MD5 | fff923ad95071fe3344ad46d21d3449a |
| SHA1 | 0a6460ba82d4f4af0284400fc68962eadcb735fe |
| SHA256 | cad218ba3e990dfbe024e5b733bccac9750b17abf792260ba8c5ae7b68ef9f69 |
| SHA512 | 2812e3d793824ec7857c7f1214cf61595cccca4e1dc98e7aaad815bca0cb6b700b9bc9e4f751f3cefffc9fb8aebd5655c1fb3da4856a2867e69c9866ab829848 |
C:\Program Files (x86)\GUM6448.tmp\@PaxHeader
| MD5 | cc10315d02849aa06303ede042fcea7c |
| SHA1 | 6807356ca02f634bfe43d32350efec4c711a421f |
| SHA256 | 639978a0f066ee0f9501ea0c948abcbdfe4a459d45bd57eed5630c5dd466eff7 |
| SHA512 | 135c897657c18cc28be80eb2951cbeb764e5f08c12b5099e499d380502aae4277acfaa8f070857e86c7b3013a3e1b8307e30bbe283ee8b62ca00e6fefe7f3ac0 |
C:\Program Files (x86)\GUM6448.tmp\@PaxHeader
| MD5 | 2354fd14dbe8037a57837cc5468d30d5 |
| SHA1 | 4c7244f427d9a96ad7ad532420d3c35fd8347f0d |
| SHA256 | 1bde4ea8eb002aaccbc0d233fe071edb968782c955adc1101397bfc420c7efce |
| SHA512 | 2fdfde1e09cd6df0c38364e9d9a32850f21b004c8d6536b44d6c4f78c5f8014a5e2df41f9c58760bce625cb3fb095981df05f46ba812fe1c1a41833fd630139e |
C:\Program Files (x86)\GUM6448.tmp\@PaxHeader
| MD5 | df33d8ff73bd1c480379bf3ff89363d0 |
| SHA1 | 68bca50772fe1c8970aff550720ff82f21c24e55 |
| SHA256 | 0c965ed8e0a4774d2e073885ad7df7dc920576cc7acfb2522db2155f75d4e13b |
| SHA512 | 3b9e6440412333fe1ae469d7fb902810bf56dac92bc5b9c8fe122628993b04db842bfb30e94c8c60fe97d6db8ea460d002b99981a5abafa6c8484ed597032a34 |
C:\Program Files (x86)\GUM6448.tmp\@PaxHeader
| MD5 | 1a1236535faf938fe7787f1f7076c14c |
| SHA1 | aa95b2d2e09f9fcf09b2d60c1e1501f03825e917 |
| SHA256 | 644825a4d1272a49c3e6c423172bbeefd80fb86d1f0598068c8daf17d8da9bd9 |
| SHA512 | 0c7114ed03435f05b882ca09242da6412c7fefce1f3b16854aa1b831549af169081748d9e8e2db1aaeb341ea1b6514e59c88091be8bdd41ce94e5a3855c9e62f |
C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdate.exe
| MD5 | cbcdf56c8a2788ed761ad3178e2d6e9c |
| SHA1 | bdee21667760bc0df3046d6073a05d779fdc82cb |
| SHA256 | e9265a40e5ee5302e8e225ea39a67d452eaac20370f8b2828340ba079abbbfd3 |
| SHA512 | 5f68e7dffdd3424e0eb2e5cd3d05f8b6ba497aab9408702505341b2c89f265ebb4f9177611d51b9a56629a564431421f3ecb8b25eb08fb2c54dfeddecb9e9f2e |
C:\Program Files (x86)\GUM6448.tmp\goopdate.dll
| MD5 | 04a6438c50564146e880c5eb9d57905e |
| SHA1 | edf5d454de99159d832cc9bd0d8dbe132d749804 |
| SHA256 | 26109d47bf9960e531888e6c545ca8cfc24fee2202b549df29fb8bf9c58e0812 |
| SHA512 | 8705d0ab2f8a6c1ef567ad00b33ff2cca01391b105eb0ade201d981f091e4ba87e709860ab9849bf9781698fb42ab8efe53ea731af310781766bace1eb1dc19d |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_en.dll
| MD5 | 418853fe486d8c021d0cca2e85a63d63 |
| SHA1 | 9504500a7b5076579d74c23294df4bdb1b7c517d |
| SHA256 | 4cbb2591c1eeda32bcf295685c993ce4d16acc968697fa12e2a00a1b7c4b37a3 |
| SHA512 | dc2ab4e2056e6d73a274d700bc16f75c7c687b35874029c1908b183428dec010373045d4a52eb3f5745f8b91d624cf5d40cd7f37e353f3a41348e2a054a266a3 |
C:\Program Files (x86)\GUM6448.tmp\AVGBrowserCrashHandler.exe
| MD5 | f73e60370efe16a6d985e564275612da |
| SHA1 | 2f829a0a611ac7add51a6bc50569e75181cdfd58 |
| SHA256 | 9cf076866935a0c64366efaeff2ec76d45ac816030ebd616fd5defb1870bc30e |
| SHA512 | 2e44e87c285bb7b72d45c8119d08ea6f2d13cea77cf0005a3cf530790bb86c7f2df7c5edac9d86c9d7214abb224738c3bf6b31f6bf104051512bb1de133042dc |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_fr.dll
| MD5 | 8ddc3f7276c12ac407cadcda6e2a3e12 |
| SHA1 | 78c5e802f67c8b6ae3fe13202e6a54d3cca69df4 |
| SHA256 | 7f2f0f9f443a022f5aedacc40c28d0654fec488f34435c75979118464256a8b7 |
| SHA512 | 0d05bdd2d5e9f36eb09182e8b13507ba03e256c4aadb77bbfedf29584a47fd1e0733a825a3f687d3058e53c8075caf6dd9d24ec93f1bdd58ca97106827323540 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_ml.dll
| MD5 | 74e24332295807ca5ab8be9f37dd19dc |
| SHA1 | 82feee443e0c8342ef830c182fc2a3c98f57faf7 |
| SHA256 | 4675474b7ccaf45c9fca9c4d141260f233807ddc68cf854d0900bb1f58522b67 |
| SHA512 | 6682d18ed66b06f07bb6b1dc227808d5c872685ed271ff4b34a57d4ec7c7fe5316b6207d1094327db4e3166fc2288e47065cb72a275666a4b403dde8e33379af |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_pt-BR.dll
| MD5 | 97c200cbd682c1b4bd28222437d7f630 |
| SHA1 | 6bed6312571ea79df6deda2934d328683674b059 |
| SHA256 | 3adc3bd14d6a1ae14de42ea501fa74ed651b197a7c8912b43d31fa92f500d630 |
| SHA512 | 8e1af6b73729f5f6e3015c3890e8ad28ed851d1615fe0ae2b7997f3ae48958fbc90e74ce70ce4ef35aeea35a810de0699494d5b913f4774416acc1aa8ef0a9d6 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_pl.dll
| MD5 | 5215164235c7dc3d72bcd0f832ddcd22 |
| SHA1 | bde57f57953bf119b6767e0b56380dbf0e4cad35 |
| SHA256 | c997f4bad6082c5d2483684b6a72d22153c502df6575e28cc1bf02789d08547b |
| SHA512 | 721423ea189d096764088fd8079988cbbcd98503ae2b82b0f485cb71bc81cb367588a9fcbdc9c5d09f20067f5ec8744572d252500af034edf900243e096526c3 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_no.dll
| MD5 | 5a19716ac62f7b636d666ba166d00a3e |
| SHA1 | 0fa31113684f879e259f8521be08ff87286724e4 |
| SHA256 | 94365146ae8320732dad96344dcf6fa83d9eaf65cb7bf30e50613964f5a33e66 |
| SHA512 | accfbfd86c4648fff856fafffbe7317907e19261ed81ce5e6cd9e5ad59ae9abbe677730527704a1b0ba898195dcc6a5081a136b4d95563863f05a8eb9fbaf9fc |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_nl.dll
| MD5 | ccadd45844090d479f00d8707e962f35 |
| SHA1 | 0654501881968cb2d954cb95da6150047c49c0c7 |
| SHA256 | 854804cb86a3059bec32d10f44123ff93060aae05eaa72821148a4e2764ace3e |
| SHA512 | 098a384baf41a11a6e50b2d22e1c1e1cb2d9f5897776afa676b235f075c9ed3f404a92d4593c229e6ededab4da614b25e5cd0c73f3cb7e0ac02231cce800f7a4 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_ms.dll
| MD5 | d9999c911f60a32046d1a4c559ae5de3 |
| SHA1 | e84c1c32708a97a81358dd8adb3fb40681f5a7aa |
| SHA256 | 31a64ff7f0b1d8bb81e83680c3391c0dc5530c798b9322d11e62e2389933b548 |
| SHA512 | eefb62c906c85a94025d79a0dd35b634a08b457fca57e2b97d514f1b5f0b9ea8450c9d387b4d9683c5d01d0088e03fd106b530470aa88229ab4123edf00032aa |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_mr.dll
| MD5 | 390c8645cb5e0f93054c063c5e5928f4 |
| SHA1 | 0d17ac3976b3219750853715c06baa34e8ed751c |
| SHA256 | 98ae5da68f38dd4e43e307543d3218d4180c09433ae72c3b661eb73591a7a589 |
| SHA512 | b1bf09a5111890fa61dd944dbf0cf2804cdd96c5fee3193a80fb15cdc6fdb455fb4e535e8aec337ca4595623bef29c7f6784e53e222c7a5df400dc61965830f6 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_lv.dll
| MD5 | 83c356f6310d51f8ffc1d67d580f5914 |
| SHA1 | f9bc318975f288fa47e8426b4c450a93b10af45c |
| SHA256 | 98e35cea7cddce15191594a70f8e15ff2dd1c02bde87225af0331441c65bca26 |
| SHA512 | 28a26cb1d88d072d7898ed27c3e9d056efedaa2cd9eccf951429f41df2c0162be3c14e58cfb4cf50b633d759825fa815a9249e7690d2ab75f60424b30dbe0424 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_lt.dll
| MD5 | 38606bfb6c9bfdf74503f833ee2733e5 |
| SHA1 | 670abd1279f642ec7b19f663e53f2813a716331f |
| SHA256 | df6c4228da3bf66929d81b99cb35df4a4389418490144630e1d9d5f422b56b38 |
| SHA512 | 6cc6f2fb0e5bf0241656cce5dc7311f05b8d79633f2176f8c172a9fcfa9813e3963576363d539fa1a8a58fa6bba138dd0baa7562274fbe99be5cda60f4671747 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_ko.dll
| MD5 | dd2f783c0017630f9a2969957f4eb84e |
| SHA1 | d42218de12a7c1c48fb5e7d60e61e32ce0cd9ac6 |
| SHA256 | 07e63e0e3d23f192ac131efc459c2d9f79a4ecdc39403d43fbff320c4b5fa261 |
| SHA512 | 689f625df8aec45a6343249739ec094cbb1245a9dd8847ffe6bf62fd2d7042d529f77216dd22e8b33830cf21b158f0ef6ea42af2248051c8d97205eb0229a22b |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_kn.dll
| MD5 | 49000b4a101e635b05123f21b360b492 |
| SHA1 | 635f697f41c0591168e0eee10930728d9dec5a53 |
| SHA256 | a2aab58a4397c040bff69d45bef4ede6842034bf897799a9347232c4b6c9c7a5 |
| SHA512 | 9b62c2048e9c132089cce7da02ea5c95b5856f1c6e28d5581f4a0b1748e681bdd78c7d537d273a64f9d476e4ec62da5c6021cc1ccb69f7bee216e7bec6ddc6e0 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_ja.dll
| MD5 | 0cfc5b7b3f86d6bfaec9a0713da74df3 |
| SHA1 | 81a278fdee9edc302fe4e7a88c9addb230ce6df2 |
| SHA256 | 1d7fd1b6a614538530385e7a40efc95d3b8be75057ae03bf999aa2419d1f9f24 |
| SHA512 | 8b8f834ccee41c69c581f0b80f26b0cdb536f87bebd5a6b1f02cdf6f1aea5cf5b29c356e82c7a8fd591bb16c0938a790ac8f90f6d27edc95fc48a5aa3c30cbf0 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_iw.dll
| MD5 | 31227325c8617b308ccd268c2be7e72a |
| SHA1 | 71e369f26e644e643fcd538d933e4087dd593f1f |
| SHA256 | 4a98e34a528eff04c2baf4e9e50489086e58d2e32e1851f33674abbe5e104c68 |
| SHA512 | ba8d94dde5b7b74a39ed54a5f3e47a558e0c1deb632018c82423c06806071143851bb1d8c7a7bada6f13e71734e7a29457f3741266972b777cded41c953a9645 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_it.dll
| MD5 | 3ae3106694098f8420b182ad5e3354ab |
| SHA1 | bc9dab621b03d4126b97c260becd7f4525255462 |
| SHA256 | 59b406b29538c3c3d0f060b5fc0ccd36556f8a6278327935a5475c6b21741dc9 |
| SHA512 | f3625be57976083d642b01a41a53d6db6cad3bfc584a50de3565fe10975a5d7d2cf4f8b41bcdaa5ac70f8fc4ada113084de07e2ed45f26401dc2d4f8f4c322a9 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_is.dll
| MD5 | dae35fa037b6248876347521c5298566 |
| SHA1 | 8358fc05a675ea56f720052fbb4b384d97b94d86 |
| SHA256 | ce0652b8dfaf21b6192b66bf75e140b3d72aa545e0edf62d9e82e9b0878ac5c5 |
| SHA512 | 4158b8fef0da76ead12b5d6e421c5709664ba84d1ddde44ef6bbd1023084cad3820a37abea03b206635a945a2435b301234cf5bac3c8e2861a852b2699036ade |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_id.dll
| MD5 | 7e7deef6ac35c9d52410fc356391c7e4 |
| SHA1 | 43b3d918867a93ba109a3e4eacb45f3cd5c40b93 |
| SHA256 | 963f4d2ad7ddcdcfb6185521c0590a92f2014897d5f5f525471ac81f3807fc5e |
| SHA512 | 9eb0e9be0a973693b4bd167f6c1118dd9d702b1951a90f0a3a6103e77c43ee6afa173b79d3ab21fe94a98c320b17ab0b787cf5b6ec47d9dde9e3e8c14b8cadc7 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_hu.dll
| MD5 | 114cc594fab2e564ccb24a826f3623e4 |
| SHA1 | c3c3fb4ef6ea6ff0e7a1e0289320b2fd2788b03b |
| SHA256 | c89e223a42d7173f915dd088ebc84b0048cec772bd4221b4b90ce4c0e419ffe6 |
| SHA512 | 9a7eb5710340cecb2d32de26322dc862812e185b6d260d76c0c7f642f30cf9e43c88aec76b515148ef986db0c77fd0e31f71c8fd26d56a4cc72dff0d023abb5d |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_hr.dll
| MD5 | 27c0dbd61a71420bb4d1a0be2373a175 |
| SHA1 | 47b4c107b711caf5a6b2978bd6fd6b53ebdec5e3 |
| SHA256 | 43191a4c507a112e96e06f959b6cf78406bf970b021ad8d7db59d1b9c52779bd |
| SHA512 | d1f20e9a628bdcbd26b8d5de89b87bdbc8dab871651c86d47c023daea86c7ada0a565fdd05b48c7643a63db044639f4eb89d1640e58c9b32722e4926c3c5e72a |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_hi.dll
| MD5 | 38525b8a1b15a8aeb4fcfc8bee8358bc |
| SHA1 | ac2ba33b8ad778a8165c87b579dad0dbef5bed75 |
| SHA256 | 271e83bc86e490cd5b6cb9cb34057c7684d233c56a53f4f553aa07507c9dae52 |
| SHA512 | ad8df196174ceeadce4588dcd365066665267b922078d92b328ba661a4ebfa6d06b4263a4b8a28e4efb4d86e1140d71a3c3bf4b7b60970aa20552aa7f0c73acb |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_gu.dll
| MD5 | a4061e8408cc59cb898adfdc4f173278 |
| SHA1 | ae34e3058a40449481590bb3a63aa0225b4f6f98 |
| SHA256 | e033c950ecc6333dfcb944e70622e77a6498ba0e23fd144117dbe9a2a0c15be6 |
| SHA512 | d8a847e9a21c86c7b9b072e16914f42185e3c0e1d99f6ea5259382eb0fb89578c7a7f9f62f892f1d20be180dfc327bc076ea038057895c8b92cb1f0c053e0b2a |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_fil.dll
| MD5 | 5ed0105f4043466a99557dde1f70e97f |
| SHA1 | c57c935cc4b25b6375ab3fcdfbb265f4c586ec3e |
| SHA256 | cfbe0120ddf8d5574f7c44c85488f53aecec4df9bfb25f1cefbabcad5af46096 |
| SHA512 | 4fa641810f758e0031388ec146467fc130780e2f2cc8495b6a2fff0679d7bcbe7526356f85a97b5338e84d791ba14e812b2c182fdae01763640be3324fb59526 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_fi.dll
| MD5 | 57dad7c22bd635a5af8fcdcd63d4e530 |
| SHA1 | 8aa11ea5c1cacd9b23c29989f22e82c43c827d0e |
| SHA256 | 1e0d05927a455115265db9308e0f78ffb7bbb5442f36b8483549efbe415454a2 |
| SHA512 | 4236609e37ec41bf46d0f45e228c9021c1624e2f98a642eab513d290a4482da13764fcc2d044f78ebdc09e0cfc63a251678d169cb33e251d6f6d5de9b96c31b6 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_fa.dll
| MD5 | 8564514501256ff045cf7aa6c1b5a797 |
| SHA1 | 40b9aa8d04c48fe2ecf193c2089418ccc938676d |
| SHA256 | f3f46a6da6c8ccb3ce7fdd0cb5882f45523decca95852b8c775bb90f8e92c1b3 |
| SHA512 | 701077c8a1c70c1bd0c35f54aa838dba7b7b6f832e0ef2776673092fca546276166c3638676451c9655086b740b9e193cd54f952fd5fca481b964083b881bcc2 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_et.dll
| MD5 | 5029406d9202d6f2f279fdd3a06f55a1 |
| SHA1 | dcca8bf9392faa0038c6cb5d25929726b16804af |
| SHA256 | cac545e04d701c39f4a730aec4c3dad177d8ea4baca10651f150925644874864 |
| SHA512 | 519538e05f8e21966e4878291692cf25057bba3c993c0034a33b1da7c9eb0a8fb881565717ceb6c1139fd601b73b1f1e2aa46e20aeb6b93f897cd2ef93172934 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_es-419.dll
| MD5 | 3e5971e8559c77e8901ce30d14034730 |
| SHA1 | 04cc21ac4a84abd29f7d7585282345881fd81721 |
| SHA256 | 613418b8779f7440b88f1734d6c514706df9dc9a58a623966cc1c9ba4e29c28f |
| SHA512 | b4592b25cf676db6d6de1be811c39bdeecc24bbfd4dc72fa4b3f97de866f9b0fec7c85f7d56f048f61829c1d8b4109e4a0c7e14a9e410e30a6a8da702941e00e |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_es.dll
| MD5 | 5f8ea18786d5ef1927cd95537abc3ae0 |
| SHA1 | 5530650ecc719d83b7aa89e0b326b5698e8adda2 |
| SHA256 | fa416294b078226a8919dbb8f75533a6ef96d63d5bd17aac854eae68791433cf |
| SHA512 | 577dc7d19e4443e8aede759a781826c091c17d12fb06e89b1306133f21e01dab919045183a916e1b5647ddf485134a8459745a9199df5c7e36abe192645d8e25 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_en-GB.dll
| MD5 | 02465169cd873c4492196e03457f2771 |
| SHA1 | 837ca5e54a8c12577d0d05a32996dfc04067c5ea |
| SHA256 | 4eb9edf550bf1f66382e5d8bd4958438891cd2ca46557d14f4b945dc176ec025 |
| SHA512 | e73b5f3951050f2903b80b89d2b9fd9ebf69adb922eb8238ef4c01f413ae67727d7598d4ac15f7ac8b9257aef0139e0924c70c5898357142a303d7e2b15394c3 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_el.dll
| MD5 | 0d15748f01df49dae986f1e27dc098ef |
| SHA1 | 35a435bdaaf47795977b28cdae2e4ea1fdae73a3 |
| SHA256 | df13c38061cb0b02dd8a9023a17da0bbe1cda6fdedad5203129fc702c7fdd9b1 |
| SHA512 | 290e9936f50e3bd11c1b9d28decf3b43f5e23bbff16801e7b0491690773d057b6bcdcf48c48a7ee16fa2400723b3e974e2b74e3899590a8e660c2e9c78b9d141 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_de.dll
| MD5 | 1c15851d9dd22e4ae3f3bf249da79035 |
| SHA1 | 60fc5652b5e1c55056c961d4d3b961492cb3432b |
| SHA256 | a9dd72a08c0c58a71b2289d76efae681a5c8eb5faf73e49b873f15ba4050baa6 |
| SHA512 | 6da386c35b317f39613da73340631f927606bccd0a8c626537eda896eb32c9a2ed1d71c7cf838f1a4b90553f3f788eeb5e02fe84774fb0ad2f574bf4e4d7e248 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_da.dll
| MD5 | 9a421423686559027e4301d36bcf58b2 |
| SHA1 | 9669424f4e7c765ddb917a515d5a8b1486f87daf |
| SHA256 | 9d8ff148793d99974fab93f38027e1999323a48620b303f82170751be5dd6b69 |
| SHA512 | f5d62fe17a820323c4b1832cd3bd9c8fa291d44dceb88a8a1a8f94c6166e550ab9baf9357c5ec3388230bc75f0ccd3aa2d5247fa5d242013d22c61001128a951 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_cs.dll
| MD5 | 7f3dcd851645d3d75f636c8440fb057f |
| SHA1 | 85debe41ddcb46555a0d00795e41e460a35583c2 |
| SHA256 | 0b31785d1931580cad5ef16d4ff5723802d12c38b56746e70fcf91d71162e043 |
| SHA512 | d0d21c397899aaa6a718b77195a6af1556309615616fd6583ecb84b04aa7087e76eb5fdd6cae0a4ff1c0f85bf72e1f51ae002042078095f640eb95da363889e4 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_ca.dll
| MD5 | f951cf3ca93e5ae5fc1ce2da93121d98 |
| SHA1 | 15bc869406857437babe41cd3f500c356913499b |
| SHA256 | eb00cad19ed1d16f52928962f2cc6231d65eb74b2314976ebeb1ec860103e746 |
| SHA512 | b77086ad2b39723d697d7839d9243c1c0769a2cb0f6287cd3f2d64eabd6a48d8fc2d253e9089c6586637ed5dc5970c2608615fe77cef5003f0c4d53401ef73bc |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_bn.dll
| MD5 | aedf6d96ccb64f488379bb1fe65f697a |
| SHA1 | 901bbb7873d8f698f49c4b6be74fb50b353d7b5e |
| SHA256 | 941d22186ef1bfe27052e78d21944d6088cea152d1ede51452f04fb032c92f90 |
| SHA512 | d1d889a1fe75924f3569e07d9ee3f552afc02165210f5c439d4697be898b72db397bb89e7d0706259f92c1cb5759009f9e1ba5c52f764e63514b3da41dada1cc |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_bg.dll
| MD5 | c0b41217fc33a6a53ec69ae7399460f2 |
| SHA1 | d7dd8d543b7297f1a1e138efa1806972c9489c3f |
| SHA256 | d75a1a41ad7e5277576e3bdf35a858be3a6f540d21c8ab4156c842d8f1b3295b |
| SHA512 | 37abb726b78421aaccdbc94b358cda6b581e89ac519258eb39c6a7f0706cfc64c3a96f5c29539ba67c6e2d2afd6f10b6b0c063b54366c03376ce234d132a8253 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_ar.dll
| MD5 | 9c77be0843f0fe4864a04f8d5f24a593 |
| SHA1 | be03adb4d3c33520e652c7a6ee45f09d5ff54a54 |
| SHA256 | 39547fa5d7b93856235288b1021699b4f36f0bea10b10d6b89ea184a3ad77bb1 |
| SHA512 | f504c98b03a5d72c078b38a2cc4fdd94dbed159f5a2ed47c2c4a53fc6ec8a3b1fd969d5ad85fc7503e64427a36adee7a14f15f1275a9194103e43c8a8ee45d28 |
C:\Program Files (x86)\GUM6448.tmp\goopdateres_am.dll
| MD5 | ba03b29d5d44341084eb06bea8f1e702 |
| SHA1 | 7d8dd7556ea5e299b55ddc7477ca758fe2c64f48 |
| SHA256 | 6a6aad33e2910c29a6d919aad074d89359c5e6723ced7ba4e215a62e9513749b |
| SHA512 | 29f902587b7078deb12bee6bf9993748109749ec12e6490d5f84bc9c532a5a1f414149d5760641ef052611bf2d441423d115dfb5a4c4c6f5e6d6a1f386924cf2 |
C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdateComRegisterShell64.exe
| MD5 | 2a3ad7362e6c8808fbb4d4ccaba4ed4a |
| SHA1 | 3f896f7df7fe202f4a717713c503665bb4dcaed6 |
| SHA256 | 4dcd341907880c8dea840819628b19c5ea42ca2b5c61ad57147d0ac7da9b6759 |
| SHA512 | 892042ac713e4d5b488262a584355dafa18d967035788799c1773eb39a4616461beb9d79a230d9f85cdefd1b4076b8a5e1d4bde17254bff1f08c3eba56469679 |
C:\Program Files (x86)\GUM6448.tmp\AVGBrowserCrashHandler64.exe
| MD5 | deef1e7382d212cd403431727be417a5 |
| SHA1 | fac0e754a5734dd5e9602a0327a66e313f7473bb |
| SHA256 | 7d410e9eabd086827b16c89ee953a643c3e2f7929616c0af579253fd8ca60088 |
| SHA512 | 6b472a57fb89b128aad9ab6313a9ce8b171f7d73264c67f669adc5cf1f0421d81f654dad1419b620476abb59dd54e1aa03a74a26c5c93813f6fb8575fbd97d4d |
C:\Program Files (x86)\GUM6448.tmp\AVGBrowserUpdateCore.exe
| MD5 | dd5dc945cd848bf503862d0a68c3ea5d |
| SHA1 | 9b277a0c733ed5698b0656da8c3b99d2f90c7ef8 |
| SHA256 | 8cc98345e367b083f545ace66d93bf69e03a4fa08b84805a9925fa4c94ef3f8f |
| SHA512 | f6eab8422bde24d89a7723c6175b4197a50e18aa0bb5b8f419e5a23b265d85dcaacaf136b8f6ef6bbf2bd6c0eaecd8f86093f594fb98e596f4b39e9c6ff227e1 |
C:\Program Files\AVG\Browser\Application\124.0.25069.209\Installer\setup.exe
| MD5 | 0dfa65976da7822db99118abf2a50cc9 |
| SHA1 | a06feeffd56b3ef7a227e64099fc0213514d7879 |
| SHA256 | f9f61393559bb1d76ab630b11953ec20c7a0d5979e48f27279e7bb0a92abda26 |
| SHA512 | 41cb3ccc7a2aedb2b17517de1dac905adaf9db797e1fd487e7853438c2936096212582b20bfefe03e267e0e1650af503b802a13c43f0a55a6b803beb1f93ee56 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Site Characteristics Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
memory/3748-579-0x00007FF911AD0000-0x00007FF911AD1000-memory.dmp
memory/3748-578-0x00007FF913010000-0x00007FF913011000-memory.dmp
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Local Storage\leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\10f9c414-1c51-4853-928a-99d51316eaa7.tmp
| MD5 | fc07ecae96473eb238d9570ac145b9c6 |
| SHA1 | 40e791064c6ab7fed561242fe76cef504e9d67f5 |
| SHA256 | 7f1d458d061048520ff23161194483cdec65a85a83176afdf570f2e8af441c42 |
| SHA512 | 14eb4c3fb47acb4684545a3ab7a4f3488c18b25d8342c34e32da4c9b25b8c62806b06baca5f6aee834284de45325680a5275f06077cbb6761a2386550fa5ac84 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\DawnWebGPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\DawnWebGPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\DawnWebGPUCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 75730b9cf0447342456b06769e544e64 |
| SHA1 | f1c065396a7c9833743f184a07026ab6a56402f8 |
| SHA256 | ab31245c9a65d41886a1325253d5a1d54870b56e857e7b1087736d81eedae57a |
| SHA512 | 5522651a95bdad90e6e778a803d98dd665af760135793ac9eb02d422b427a34df493804282fdae5b7b2ce6c04fb4d7d35089d85c61fbe4d28ecf02025b387be7 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State
| MD5 | 282b7223aff4e44a26f77e740ba88962 |
| SHA1 | 8c66d924dd448854b45c6652382b514cee299acb |
| SHA256 | d1418dafb6d4a79b5a4e293e469f16911d37f20277084958672a64f9ff546333 |
| SHA512 | 09184831fcd5d1ab780658fd9a22224553d5f6fe923a4771c283fd4c2f6e347cb4a406323a3c90655c3d83fd1dd253e6b106092acdc62d86e7301e271b202c57 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State~RFe5848cc.TMP
| MD5 | 1371db58a1f17d0c46cd780ca5f61647 |
| SHA1 | 5dcf8c98bb77e9b813f66e607210253cc3f4b0b2 |
| SHA256 | 72c615a652096699d36affa0b94adde3b0b88e4afcf2ebc63260c72a15891a8d |
| SHA512 | e49048d8d65c2383e4a7b390b442c1d9328073f5c824316670330a532201807be93aeb5aecd15ade83eaaae1f7339b13d22f12c064c40eb54f055a0aef626453 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fd52e3d0b739ae2a108b10511e378f09 |
| SHA1 | 11c78af06662f8e4a940a3c571bb3272d428d4fe |
| SHA256 | a9909c512fe8cbb65e48f447f16cbad09cfc7d35eeecca4127ebe111aa238436 |
| SHA512 | 6a1f83e817bd3cbd297088a36d9ee76334b08ccb34e65d79ab914ffd2656cc06869c688d5e722db8fe8e87950bb4d8577b7a67ee6638647616e7ed2d1f00966b |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences
| MD5 | 895bf176ceee1f9c661c904b30cf5c7d |
| SHA1 | 7b208f7fda25cc46b553bbea8ae9b9f77f0dbf36 |
| SHA256 | 5ed9fb3df1bd699fda071cfc7ef4935f56130b465070952b1774c9db4ed604e8 |
| SHA512 | 5c4e1f15862eee1381cc9095ecc2d5a5244c62d1d4d721f3a5444546ef959c357f2f067d0e848949779277451ef47fa3830c07b4608dd9aab7f8522c7ee062dd |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences~RFe5848db.TMP
| MD5 | c5bd17c907d1a0b0b733701ea39382cf |
| SHA1 | 0322408fc9faf0e3de8f630fc7fe5796431798e4 |
| SHA256 | 11b3dbb7ec0b93c2b46c98dd3afdc04944631f07c7d470126d96a09b1e02d9dc |
| SHA512 | 8e076acd02ac42120a7a12d2cc2670ae3c9acee6801bc55f8106b01f92a35ffde008efadfd9a118dd27e0b23dcbe18f6023bc371babc578ff71d339b0f0bae6a |
memory/1212-874-0x0000013629E50000-0x000001362A579000-memory.dmp
memory/2696-882-0x00007FF912C90000-0x00007FF912C91000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\b2632690-e71a-455a-a28d-f373696bc928.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_671477911\a17e08a8-1624-4c96-82f7-09d14ba38caf.tmp
| MD5 | f50e00df362d5a597b9e7f549df2587c |
| SHA1 | cf6aafdc3f25bcffdcabd3a5db2e40d1cf42dbc9 |
| SHA256 | 1518106d36a5770684ce0cd86279e19ee601225d9222f7f555421990a130eebf |
| SHA512 | 4691ef983c58d2f027bb0a283ed0a3b11da972588c4c4ab3462fd2e4546f0df85ed1c1f56a481cd86470e3ed02ee8859f22bd04c75a47ce1fe5cb5c983e64577 |
C:\Users\Admin\AppData\Local\Temp\c00cb1ea-4cdc-4838-b773-6ca73c11a7a2.tmp
| MD5 | ffcff8e2ba102530ce54f9ea1529ce48 |
| SHA1 | 0d3ebcf3ca535032d825b6a0c5a4c5e45733033a |
| SHA256 | bfaebcbdaf420eac93d20ad94680fd13fa391bb8d4f7a29603b5172628fc093f |
| SHA512 | e5c8aeccc919a8b07442bb291b1da38a0f82f5a1352b8ac1edbbf9b471675b92cfae53d118c819ed32dc8992ef8efb943e8ecea73d28706a7c88b8d83fd025ec |
C:\Users\Admin\AppData\Local\Temp\fd0e50f7-86b2-492b-b8a2-17725d5f4317.tmp
| MD5 | f75cbfbb5eaa5f46574955ed6651da78 |
| SHA1 | 4ce276c03898e57667b401761fe1df5f11304a68 |
| SHA256 | 643962e7cc16bb8e9edbea5f05473764199c7179d06a65bd88a0d101d1d5a9bd |
| SHA512 | 287847c5caae39fc80e90ae105a5fb0c9349f402872721c599eb9c9ccaf171437879f0ef8bdeae923bf4520befa316b60acd3e975caf8496f05dad24e1b34e40 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\manifest.json
| MD5 | 253d12f545c3e24d1129e5f98c68f98a |
| SHA1 | 8a9d8c90400ec9b583504f5be98fb1d4e2e26000 |
| SHA256 | a14d2edf37826c68af6f4be85da450820c168cd4cf4b64be70b1bee8989d342f |
| SHA512 | a7944a3527ce651dcb5aeb4861651649ec0e498a0ec616fd081f033ce7dd1235150b0fae046ef7b3006b2953d265ca8ce0ff324518ed732ae6dcfa0b58598261 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-600.woff
| MD5 | d90dc5001b28fd92491e2240ba90fd91 |
| SHA1 | c50363443e57440d39d47e1c126e38785e24ff7c |
| SHA256 | d44d59ec2328d3dce4046b23380c9f9506db2e31a99cfa1caa207d41485a5cd5 |
| SHA512 | 63279222a2d6d7a58958ebb9932ccda537d1e0ca008915d3a1fd5dadd35e8102cfc5fd9343d9386ac71c0f5418bda2d022d52b8a909f60d410039fad4dcaf46c |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-600.ttf
| MD5 | 5613b984da07ee40456c6bc790ca2f21 |
| SHA1 | acec6c48759b9a14a56371ae0027c1577f05dec9 |
| SHA256 | 8d0e99cf50d6d7ac44bbceaa8062697392b9f71532d8e9716ff9cd2bf5a78103 |
| SHA512 | 7f65f9f5574b2a8b1f35f3e5636f8d6e20f57137b878e143e092739dc585518cf2bc4f151a171e952d48d038b1fd0b44f703acd7f20e33c88e45e0a02efe9674 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\views\popup.html
| MD5 | e3709558c6998c808e07553bdd7e60b0 |
| SHA1 | ead5e2d02fdbb83b75f9a40c445184847d07c027 |
| SHA256 | 5b5d11aab7f8844b6bab4497f82caf4a736f565301c4866c9f9b3f259a604437 |
| SHA512 | bc5df31470e49854d556fe8712d0393dcacd8c790804a6ffc0a41e95ab55bf5d964e3bad4156c37f06f4a2d68a3660be1a5683bc11b3b7fffe77a9735859dbb8 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\views\options.html
| MD5 | 268dbab3d2bef14c65aceb15ec0037e3 |
| SHA1 | c40f859765f4e32e07b29c5cf675b571a49388fb |
| SHA256 | c10a217d93d9db7f3e50328b3f8a9314d8fd0376da88c00f5d5b9f2924326820 |
| SHA512 | 010ee0ccc0518d0f00d8f14a03080b4507eff1c80e15acac5407ed86d09d82ad9691ae4354dbb23988e6ef8226709ccf083a02d67b0142b97d9d5b997cbffc75 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\js\background.bundle.js
| MD5 | f8a8d9dbf5fe7367770fa891e647e7aa |
| SHA1 | e7b208ceef2d60a34a24b5e680b740eeac0c272d |
| SHA256 | 029d7a6b0044eee1b1f7a936e159dfecba10b318de7e05ecc3f6795525dbcbe4 |
| SHA512 | 8e62b23c1de1ebc0d34f59ed795021b4b4116fc7c49bf1da365ad4895616ba8403403d45bd2c14ce58f967b5e266e550971a0157833884a58a913774b82942bf |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\img\icon-on.svg
| MD5 | 7d6f6b27842ae1bcbfa45f04669ed7e5 |
| SHA1 | b58d4e18d1de9e869a457520353e73384376b2c1 |
| SHA256 | cb5031b92d05a40fbbeba5c22fcbee49542826602a8ebc5aa2de6084755bfd6f |
| SHA512 | 69734737316105daa385a22944e31542f424e2f217d2f94ff8f6469c12f34577f7def6ac0c74fc4b0e13079791731afba23d273df95e5e0fbf7fb326f99c0163 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\img\icon-48.png
| MD5 | 455726b96e7b10bc519d8f68ca0ff700 |
| SHA1 | 7c6cc22d7f5959a398a12c95071b031247f87b60 |
| SHA256 | bc6f6111cc2973f49b0305f79d5c33debe50a2d2fedf3ee612faa207896a725f |
| SHA512 | 1ca5db8466a4310d127b70eb8674851a814fa5aca8682f1f771a946e71e5bbd4ea4f2fba281ba6ad8921cdeb07e4947179144538c70b560dfe5d5f7791737245 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\img\icon-16.png
| MD5 | 964b18181490248e5d4b6ec1d37f8d56 |
| SHA1 | d7f7d12fa39bd48220f4d8158f05f39706a1cce9 |
| SHA256 | 22f8515513e91b308c24b0f3acd2dfe1c1ca62fbf795d4dc1f688099d96f3cbd |
| SHA512 | 444b56391f4c87a569fe5a8b7928826462e15e2c5308e8b7fbe95260a1781f313e7e4b2c0a3295d1ea39c16debbb7eb08f32feaf478d27706de5729de143d983 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\img\icon-128.png
| MD5 | bb04d9216907d7ce3552f5269ed56943 |
| SHA1 | 8f38bc15605438f28f10f3a7b19405ac264a00a3 |
| SHA256 | 5255543e412b35d417acbf1a36d40d593d30cb2d00e8aa54806edc2876b018d2 |
| SHA512 | 4daf0e01d69da1f92b66d8093f30284f27fb4e0c18a9e86dd3aa281df2adce038d7878de3fe024d5627ea5980eb79a814b4f800370f4e4312100f3ef330155a2 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-regular.woff2
| MD5 | 81d0487ba73afd292730e6f89e83c2ea |
| SHA1 | 20f0b5b7cac1d9a707d3cce56b7a4c16a5a11d46 |
| SHA256 | 557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b |
| SHA512 | f069c794442a237d55a31a4f17fbfbf5d8c4d82c12508ad45371641dfa177f03b7ef59360d2e91237d5d3c38cd11b0f3a145317b58af8d0cfc0e19c65eb313c7 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-regular.woff
| MD5 | 2b6f63fce9104d1223d83dd12cd6038e |
| SHA1 | 1ac49ab02668c5deb14a497faefcb7bfa6c15731 |
| SHA256 | 32ad89cba217fa7f180d331f6e43d87a75e8eb1b97ed102d178c534fd6e51038 |
| SHA512 | 1ad5b9865a50dce57ff6571352ecb4467ab7c6821fb343f4afbfc85c7cf35a4c84a8ea4357fa7878919947ad913aa2d8b8318277373fabf2297e78ef20117aca |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-regular.ttf
| MD5 | abd464fd52dec0108904f062f30b31d4 |
| SHA1 | f51881b3732bcb7aac9592f50184720e7d726ccf |
| SHA256 | 0c4595868d57ebb5f2793e22e8493bfe2606cd8c628a039d2d1a4fa79f642b05 |
| SHA512 | 7ed6d565101bdd3e15596c7cc9ba8cb4c4a7be57333fec06bb01492360b409194f0ae6a8db1c368a1b1880ae260c122d1f0f551b74a6ea18e932d07687ccaea5 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-regular.svg
| MD5 | 7aab4c13671282c90669eb6a10357e41 |
| SHA1 | 4ca4e88a77a4d81138206a10793507cde43e31a8 |
| SHA256 | f8396d832e2b270319c4e17df620c06f77293f5c4e7ffdce337c9b90fa75d133 |
| SHA512 | 08a74874f74c1b75f7a93e94faa632d1bf21c2d42c85fb66c9b11138e60aeafea8874b7bf33facf7503d19dc7965142d78e5015a0dbc340da2b4550d232d7116 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-regular.eot
| MD5 | 916fcc0b03b40457b311609ac7226183 |
| SHA1 | 193e96a3b8ed9720bdd05d56f81dfd9dea43b5c2 |
| SHA256 | 6ffc257b02167f060ce8c84cf4137f896b812a814ecbdbf9e85bf3af99428dcd |
| SHA512 | 974b5ade776b0915c3cca3dc4f0b5dd6b635f0053f10658fe63145e16de623023ede0ba3571caffb1aa6e4adcb9d3b3ee3dfd3d58d00028311621372bcb78b48 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-700.woff2
| MD5 | 15df1fb3e82321d94a0ca758c62e25d2 |
| SHA1 | 9fce105a87ee8b8bef404942cf48c42ba5ea1ac2 |
| SHA256 | b41570405890d4f995da7b265ceb5cfb50246a940f9489525a8f526cfd160356 |
| SHA512 | 6e18ebebd7d7101cd04394595e4243abaebac2894ec303978b8fcb892a2922539c945ee5c549470ce79e44dddb25ccedc03fff272fcda17883c29b504e5de2d0 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_206982167\CRX_INSTALL\js\content.js
| MD5 | 0fe343f25f391db514d2866658ed3dc3 |
| SHA1 | 3b7f2308cb5ed9e9ab46a440ca6db12713df68bd |
| SHA256 | 65c60616a95eed6880733fafc420edc0c6db609712801d797851637a0ab41c22 |
| SHA512 | 7ab5b87b504457619e55c58f295084d6e3087ced8b3df677e4de9fbd42cc2cf75bfa31d8a854d0c6449d7b84def74348629991458e3293af3e14ba73567a1fd8 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\manifest.json
| MD5 | 2ef3e81554d0d9dd1ea05ae7eed6e047 |
| SHA1 | 8fbad7d1d00796d85c9339f3a612417bde9ffc04 |
| SHA256 | d4208b59d3dc968b5d276eca1c109d749e709d6a1cac7dab152f6c2c2c421d1b |
| SHA512 | 780d32b8c21ae19b8feecff2afdbeb1124e0c7aebdc40b27c45e56f4fd568d9752d824c9616cc631604b021dec0afff0baab801cd7ce8b3d6870095422ba05c3 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\js\popup.js
| MD5 | 1fba2a51b1c640a3d2705cb5e233e32e |
| SHA1 | 38cfb5bb67ca4be6ea735fb7d1d1877f57cdd178 |
| SHA256 | cdaaabb9dc5bdc015a0dbfeaae8d8e4dcaf8e38e85f1799d655efb726a39ec48 |
| SHA512 | ce434dc5e473bede1cd2c31361d5f4509088bb9854544796ea4560a25ceb69fe09f41d9b0779285342305aa5eed6580901adeee9623b956e5acdb04f16fe021e |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\html\privacy-policy.html
| MD5 | 376d8be16a145363adaf574da2b672d1 |
| SHA1 | 48d9662d8ce2f4be35d835ebd375c1ddf59f0892 |
| SHA256 | 0d857c0d6deca83d46501c267774d1fb8a72ce86ab0227ea6ff71f68e7ded8ec |
| SHA512 | dfb6255fed3992fcc525a1d635ac9aa6b943251983fbc7caa86b0efd9ec2f000276ddf20b9b179ea8273e22fc444d45ec8b93ee5cd0f85ff8b4282c2d350e202 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\images\icon48.png
| MD5 | dbcd4cce9af34a045e5c0eb545995989 |
| SHA1 | 50d40d2836d1c8a4d3695df338b227100c199f1a |
| SHA256 | e15bf8291497ffb08dc7e3dd0b76dd050eafe6dfb7f0464240303538d981a3b1 |
| SHA512 | 7e535a70c207ea16944ce47c2ae39fa9ef1e0a88cba9c221854f5e130126ca83beddcc6561dbc75407a8cb061779bd246a9d3fda5a5fe5791d898ff5f7a40889 |
C:\Users\Admin\AppData\Local\Temp\0ab67cff-1da1-424f-a31e-0341ebabc81d.tmp
| MD5 | 21b06e448a0bee23eb6b80dfb39f1e82 |
| SHA1 | d60b3a9021a704247af4ba58bd539d42f780661f |
| SHA256 | 3cad9f24f2ec2bee7bef2410ef713924640bda964e865096db6dde37103481ba |
| SHA512 | 9678b1302eb289f04c0fad0a60455da7d24da4bb72177561f8668f0995d695485eba915bb222d7231a8188ac6ff3b4b0ffbbfe3b725b9c0112ca6af9465f5709 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\html\popup.html
| MD5 | 2334cfb11014399c8db4f69b014fcb18 |
| SHA1 | e23e6db2340a558e0e0bb98826aa59c7c928378e |
| SHA256 | 6bb75eb60b35383ef30d6c45fd9d8d148162297ef717f26969aef939b2838dc6 |
| SHA512 | f115431c18932ebdc5680edb162689d85a867941a763574c7b305a5bded31fad36d7e364214d332bc66ee19745467eabdd2f79b349217b613a0b6fb101888ba0 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\images\icon16.png
| MD5 | 77764cf85912647978f12a6b65e8a46d |
| SHA1 | f95b78085dc60456fb4751b9b30637f176ae8698 |
| SHA256 | ff16de8bcf3194608559789e109d85fef81e4dcd24dee4e6e40a7df57e1b97eb |
| SHA512 | 25b7e4d8dd5fc02c07c2ff74c3d4d33121610e02273b6018398d78e010dc45c5c9379199e510b3b2f6051dc8de6cec9f95f167ad98605a8c64f6b16c29777570 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\images\icon128.png
| MD5 | 025d8ad058f18588c7e212d9e69e90e0 |
| SHA1 | ecc58b2554faa651e47e0c2e0d3636d79d6910f7 |
| SHA256 | 220292bed2a85099aeb4fbf96b6b29b66ee9136f76576a7a92c3baed63374c95 |
| SHA512 | 0150c26193eb8acd4e27ae7b833fac1b0ade008db75a5652c155b597ae92d4dde80546809b60452bd44acfacd6e061c7bbedcb9099137d65a4a56111f89c9625 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\images\icon.png
| MD5 | 6faa43eac32e83cb118659d318ac347a |
| SHA1 | d55c244f488629756ab1ace2af9964b1e9bf93b1 |
| SHA256 | 4b736b7baf1248ddea6055755204b3fd9c908f1be1ac168066a204149eb21c8e |
| SHA512 | 362039a9b4a5e2a2c3feffa232316be287962661060f839b1cb42faa9b71bdb6b62ac348f0f87eca67eb37544f69aa728fca5d52adc0dbea3c78c71ebd3500dc |
C:\Users\Admin\AppData\Local\Temp\b42d4dac-a0d4-4afd-abf7-369a9bda81fc.tmp
| MD5 | d343a7167bf2962f27b54de17ec166a9 |
| SHA1 | cec2497d5ea819f05be656b8e15f79a6eaf27acf |
| SHA256 | a00f73fe6dedd17fd34252c40d89c6be5524027ddb2c0effdbb298d7d7065de3 |
| SHA512 | 64ada12e0bbd202c2f4817bb804d7583baaac469eaac0fd8db0df6bbc9d8d33603feb0cbeae6830b205fa056765da835b0e35b0733e3ce8964b8890aba382a4d |
C:\Users\Admin\AppData\Local\Temp\4aea1c33-841a-4562-a2de-80f9f5d6bca6.tmp
| MD5 | 65a028a0d2831eed0228ecda4ab9ef2f |
| SHA1 | 86d5eaec3e1c7ecde3f37ab36a017599ddcb2138 |
| SHA256 | 5cae2b06bc5525e26e08cfaa43be7a5f8df88053397676cf81a5402a1ea0059a |
| SHA512 | edad812dffcc0c8b399d3c5c216973bab2fe9e9dbc0d2c6efffc8cca5f1c58e126b83046c4c90febf003f3afd3d3c12c9ba46ad9d18975f2a6c5094643ca4f87 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\images\cross_bold_32.png
| MD5 | 8700fa509bb04d3439b6d7ef765d37b8 |
| SHA1 | a1ccf88303db1032e768ba02117c8af465dfbb9f |
| SHA256 | 9f2fd5eb65300915a114741c84d0c182ccb6753d12bea3fabb3021f0794d9765 |
| SHA512 | d356327006e009e7c699c37c1ffd0ea076cface1a13df6d76606de8a44cbb68541e1e116b18f1564a2a7c91ff85eac348fcbad1c5d52d259d91b80e283e98880 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\images\cross_32.png
| MD5 | 74a937332a0733a531ba6cfc44851f23 |
| SHA1 | 54e339e3369125f25eb89f6982c452f41984912c |
| SHA256 | 9be12d0c6f86dc0852b6f2886d70ec259b8a61ae4b3b214e40c136ae4ff900f8 |
| SHA512 | dd4c3a8be8a68b28cc860395639bb3582ceb65c0a021a6de4aa8b84c10ef0947a09f08b5af4e25f62ba02a95ee729f9d9817ed7f4dd827025f870b56739d4809 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\js\background.js.LICENSE.txt
| MD5 | 94ad18a298e8f3c03e16245453d05879 |
| SHA1 | f630a6be9dad59904c09a8a1c88fc96c3bca2d5e |
| SHA256 | 843c744616c171f24616375dfbdbc61c8c66f37e7dfd33f901bba90842db8b24 |
| SHA512 | 55e83620f9a2c61ea50536ebab97eb99002c5bebfd4ce75694ff2eb5b570679ec50f5c0dddf2d3ce7de79496c5dc8e8fd0bf1423d1f4adc2ee9949cf7a6fdee4 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\js\background.js
| MD5 | 071f800c21da32c48d5f581a3736912d |
| SHA1 | 54bf821cf8d7518c4a78bfec3191ce7124cdea08 |
| SHA256 | b2895afec7b11c937c14a5458162550f80fc03820f016644f7b0a89c46080148 |
| SHA512 | acd07070fffa4d882fa21eefd0f514cb0e7dcdd5dd1881ce0356a816e5ecdc1a95ff5a65eb75868a2233dfa4368f07f3e98b4e2282eddd330a757547abc2ad60 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\styles\privacy-consent.css
| MD5 | c83c747dc806cf7847fd56e0d18a0994 |
| SHA1 | 966f918d64a703c2bb0b2e7ee2e23664940c6950 |
| SHA256 | 9e4fc8a1ad5e978814a08dcc74edc423a3e98aa84111b14f9b3af2f846bcdb0e |
| SHA512 | 13ee1c9ebdff58dc8eaae04dcf55497e02ba1f1d4a41129fdf1bc8aaa2442662291396c75f157b82c42eebb900068e51ee4155fe1b7e5193de4c71d06d8f7828 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\styles\popup.css
| MD5 | 9e9c56fe382a26a2238ca89489d163a9 |
| SHA1 | 0cb73066124627a88e25d75a27f58a97109a0e4d |
| SHA256 | e026f4b6bfba94b4f5a4ebcb0cb2ab216f8131780f245abfd6d17daec365cf46 |
| SHA512 | 72cad108c43112dda3b483a5d3b29d44bdd1266a4364b8cfb69b2591c81f1a3f099920e8f72b492cd5e11c003be53d07b32e6ba960460486b2589be4b26f7c0d |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_954644709\CRX_INSTALL\_metadata\verified_contents.json
| MD5 | 8ca60681b947bb417e0e92de2f1417e9 |
| SHA1 | 515e4349c1ffbd1513f87180f3b07a6605e4688e |
| SHA256 | 3f21c2a6ebdc2af0d79dcbe0ad97b96084cf73619df239e6a20eb129d4b4b32d |
| SHA512 | 826c81f8ee01ca700d664953e735b96c4fe9e73c4b8788207788e2400fdb9d92bcb3d2b95a94e8beb908d8020a1e39fa7f863f7e2284ba3aab5285a2247ca603 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_206982167\CRX_INSTALL\styles\content.css
| MD5 | 01b51cecd3ccae18b19885a3b0ae1635 |
| SHA1 | dd13c7d1f2c9162fb1ee4bc2bfca14488087c528 |
| SHA256 | 60a4f99fb6a1ee65d31e56a2d6d0d27c3f58c676c56ec440de3c3a6ab6567d66 |
| SHA512 | f901a1d111849e9419bc11004c260693edb48f6a01a7652396e969829b62be3ab6ae3c6ae11c5818438233bdf149ba1c8b7d4922885799de2f00b03fa2a1b1b9 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-700.woff
| MD5 | efe9ead0aecdedc597ec9d4e745e0a58 |
| SHA1 | df6a1ea1917ea01c1f53f73cd9412afcfd254875 |
| SHA256 | c173db3aba8f65231290d9c956253e0f8bbfb12750e1c4c56b26cf64fdefa735 |
| SHA512 | ec781dce0b93d82d4096f8fcf1b3397b686d2415abadf543dd00ddb55a5aa49a87d063ed4fde670eca3ffb0c97c72df506265daf73c4b03f4d6d9a98996e9109 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-700.ttf
| MD5 | 81ca5af45045261f536c71baafd77298 |
| SHA1 | 4f613dced987f67dd32883fa0cd9298a20c102f2 |
| SHA256 | d123a1a00d692830f1f5276c64edfbc7abc9d0640bbb02596f83e10b14f89c0d |
| SHA512 | 2156c44e95f51c8a56ca2aca1d5b6127a9e76ce709506ddda2df37cac554fd04303f14a11232a18ac6098c8502ed515d2ccbd1f8671a180490acf8a573457284 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-700.svg
| MD5 | 2e00b2635b51ba336b4b67a5d0bc03c7 |
| SHA1 | 8338e3159cc9c5ff55cac72674afb7e90118ff19 |
| SHA256 | 7e40ecf3b9b2ded5a267a3fe330eda6d71c10a1fc716d12237812322057411cb |
| SHA512 | 60979ca59776caddff6cad8d391d8191aa37f838f50c2c1343749060e88aaf40db8216e30e6bf00ac164be967a12c0221d72b6b60416cf455a15b5501ec4d969 |
C:\Users\Admin\AppData\Local\Temp\31731476-dd96-4da8-8838-4b1510c80a3b.tmp
| MD5 | 06d466a1cde4306356506b35153c5ebd |
| SHA1 | c43850528e8150e1f0e253653d2f0155d00585fd |
| SHA256 | 6b1205e9b435c6241ab9c244b1dc3c309c1d82211268501e71e43c4425fbf590 |
| SHA512 | 5d79ae61fea7097ddf4b5f2c639ddd1ebdffb7d0e69b74aac47e166afbe94e88e3a4dbd1cf34d55c6c8b0fcba3c30b676c8460b120470c17278caf22896b0b33 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-700.eot
| MD5 | e5abc8bf8bd5635024706adffbed5846 |
| SHA1 | cde58bdbef093f6a589a69188bbeffa23708291a |
| SHA256 | 602e36025f912400eb552f0f522bb8a75e9e9db6a825695c89dcb49a5828aef9 |
| SHA512 | fda634368a61e4c22a0d8cda09e0c94feccf1579a9c3d20d2faa8567422c4a44ef9ae139a5efdb05619adfc78d2f6f4e5ebcfed40e7a0beb9ce0117eaf183a9e |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-600.woff2
| MD5 | 0dd0a359a053b2b5bb856a9580da9780 |
| SHA1 | 4f8481415cbf3e5900f926e0f1b2822ce991c36e |
| SHA256 | 784a7423298c587ce89819cd81d6e225877b32605b4b40eb3ccafb3f3f3e5750 |
| SHA512 | b7e09a097632e2c1a06eb08c7610b715bd2aba83e35468ced16256de4b96acb113f1946de74998ed1f246ce8e8e8f2a7a780b18aca2e0b56130c5c087e127c54 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-600.svg
| MD5 | e16f375be3c2a73b58255a02f6d3a9ce |
| SHA1 | acc429c1bb8c8748b9fa1d00722401c8d8a8c007 |
| SHA256 | 4a464102b4370f93e3f5d492dfdabc3a8d7f8052cb817d4fec0542cac04c30b8 |
| SHA512 | fdfa163b25cc25042cb34159cc357e3337b32630643c39bdf1b37a13c486ea3c02293dbcd2be790b25438e6f116566adeeaf7b437e85ae4cf410e117100b767b |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-600.eot
| MD5 | 1d509ef7e31a881f30ea87aae524fb10 |
| SHA1 | 9682d47dc55e2f2722c939524855168ac2ff1d8b |
| SHA256 | 41cbd2cce0e80cc929588af21c12ebcfb92d98ef90d681899c4a2d275818d7f4 |
| SHA512 | 03b7992b965977602a2a301e46d27fc6cf41fd2b8c95afc733212697f5ae155e15dcfdf3100274a7085b551e6ad465762e77e40f228038b0af4c42cf67f0dc04 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-300.woff2
| MD5 | 83c3deca5df9e979b477c60c55772d98 |
| SHA1 | 86332ac5f59a4f86a4c736b1b923a4a904743750 |
| SHA256 | a6c5ec600dfa7ca47ad224a89eb4b5ae06797927da4a03e54bd105cb1cc482ae |
| SHA512 | 6de271d508d7a7a96a21092676965aa1a3c7fd5615e70f36debb8662e4f92b03997e87a5c636f9f63a2afad0dfb4d2f3e3f54b926908fdb2d4ade616de9977b3 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-300.woff
| MD5 | 3afbb2a57bf45e649851c02e8b8903de |
| SHA1 | 87af1ba8c716ef612137987d750b2a27ea17c439 |
| SHA256 | 19eb6a474121fafad38c135802d788ebe347a0e1f9438e7e24477e52c458df87 |
| SHA512 | 06fdcd6c03a06d270fdbfaef3cab801b9fa8429478c4e99e11b02969bea293e78181a64facc6e853cd98c5656fdf1b739466a02fef545836e82b506d05bf332b |
C:\Users\Admin\AppData\Local\Temp\5bc27eb0-2211-421b-a460-c34253b28e7d.tmp
| MD5 | 79e1a051e0bb64259538622f94be9988 |
| SHA1 | 9b53e95bdb4a0923ed84a69972dc7168bc2fc942 |
| SHA256 | 5bbcdbe935746ee78233c06331293ccf7a62f359cfd2d88a910cfcb8d9ec65f4 |
| SHA512 | 6beb6aaf5afb4b5f36cee371a149ce5dab8a4553446553a1341996affe10f888f6ec2de19cf3ef355552d71287844fa8cf988d90bf050008f4a7591cfaa31511 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-300.ttf
| MD5 | 8c3dd994987820cc2b171e629be201ee |
| SHA1 | 39d6e91a35dbc4b4d588e400b0d20923ddfcfcaf |
| SHA256 | b5f97120805971ceb303f56728f4b940e88a0b0ca8a6185b9561613faa510acb |
| SHA512 | fefdd89cf660e389a573d7c576a788811eaea735e23153784ff718cabda78cf4624d0c273e43dbfebbc2325b5c0e5e6f3e7cae09eae55d8b1d6eacb2ff4f722a |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-300.svg
| MD5 | 27ef0b062b2e221df16f3bbd97c2dca8 |
| SHA1 | 1183c2939f6cad1ac69dc16d4a0b943d546e4b2e |
| SHA256 | 74df0c40c70eaef5c8fa9f3323b60940931240a3ac6b1623fdcafb1c4bed5185 |
| SHA512 | 0eaf53651f23745292e64b346ff097bb6fb0294e351a4701dc304541de65926b8b8d7bb5de8b8be5ae8279a178f4f977a39190ae29443acdbb7819881f1fff64 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\fonts\open-sans\open-sans-v15-latin_latin-ext-300.eot
| MD5 | 2d728b382ba4d5774b5cd3c985af6e63 |
| SHA1 | f9f17bb74029bfe8a12c82f1a528da926e78142d |
| SHA256 | 790fa6f6cdfda35b03950836a557d186a65f7c50cfbcafbd15c2fb8004bc11cb |
| SHA512 | 6845c0ba03c194b63aa3908ddfcef66259575c346ed1ba0b5662a3a08e8e3a0304a6f49ea9ecda12e4c2e0cee899c1c72ab9cfa15426b8506a8749e98bdd1137 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\zh_TW\messages.json
| MD5 | 46b65c0271c694dd6fb28eb690a007e9 |
| SHA1 | 7480cb94f90ac788792b3d4c077986a4a784fb04 |
| SHA256 | e86135fc21e9a5090399003977062b1ef42ef50ab134081c178642c1f9cb1386 |
| SHA512 | cfcde69635feb1cc78446bacbc6ef4fd4ac4eafcee22a2fa29f81040d6204cf58a15b82dbce40098a25ebff6ba1e66541aeedb734ec8469963887fb8c13a18e6 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\zh_CN\messages.json
| MD5 | 79dd279b4fa24a31c0267fa5b58962a2 |
| SHA1 | d32bce6872dba9065a3f22ae5e7ae5d4fde38855 |
| SHA256 | 944b3c946452b0f12c39a13c3d44d5836b22e6939be6d90b21fa07d91a87e4d5 |
| SHA512 | 79d6dc7cb201019b78ca52ac04a0f3080322003e858725a730f5ae6e8cbeb938c06a26078519c0ac5b6f4057955d919de2f37050bf7bc74ecd4f325d3cb2aab9 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\vi\messages.json
| MD5 | b5f18b94d6479fa84715a4245f6f25f6 |
| SHA1 | 54800434c74ac6a2e0fd8a1672dd8242b6f39f69 |
| SHA256 | a41883d12892ffb1d888ce4cb7057db2b6d00ffa8f037ea6e962927c3f095739 |
| SHA512 | e3ca50a862cc890157346600201c92bdc0fc67eb412cd0eccb4d3b90ef467788a32b84413ad3ba567313554076c5acf677a5f438e6a2147423dffaf23a4a2acc |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\ur\messages.json
| MD5 | abe5427813da3a1efdd72859f8ff9f68 |
| SHA1 | a6366cb5d6d0d08b43cc2dc54e6c66c48cac195c |
| SHA256 | 82ad8bc296bfa1ecbca8866d1f6c078aa987346e3a37c609b22f202b53a5cce2 |
| SHA512 | a4dd9ff6eda79604826b6c03b983dba837e99fbf085e832b93d47fe225df07406ab9cf6296ae3093e7b37b6137b3122a2468447cad7d1703f8f5d33987840149 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\uk\messages.json
| MD5 | 5e024d5910e23c1c2052b560a8ae62aa |
| SHA1 | edf5ba60588876ac2fbc1787ec519dfbce9308cb |
| SHA256 | bb3582dbdafca749ea74eaae270b5c61d61cc1961c2f33fe3a4e45e1b2306e26 |
| SHA512 | e465fdd296ae049def59e7856bb44cb087c1585de36db98505e8a15f909a92523098c4eaadd750a8aeb5d90065cb60521bfac4721042c80ba7ac4a76b0689dae |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\tr\messages.json
| MD5 | c6ac0d250d4483dea83ff01fb1dfada7 |
| SHA1 | 15c863f7380fa277ae42da5514d73cf5af0fe503 |
| SHA256 | 945b2841f8b7db64cfa9738e1d4e9ce652d0e54a2bd174cbabc94e494f44ab7a |
| SHA512 | 33a43f0c98b46af15021d09facc4d29f6413ec9276b2e70733573dc96c2f28877a7bb5e2ed52f57e2b22f975037482b84fd76fa793674cd82768b43636f92754 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\sv\messages.json
| MD5 | de263878f8f7c10d670221567d9ecb24 |
| SHA1 | af91e39c90f1c06de18791893eaf1af1f34e04fa |
| SHA256 | d0ff3826cae2bff8238c84f3a6f6870874e8fa93c65e73d896db9cc3c3f14922 |
| SHA512 | 59d1a6f5c7e487cbf9d23cfd207bacf7aa20ff1f8616a3431370b6e1db2752d2b23fc5d3cc4b260804d3d98f1e61c2f5b5fed39440358f2dfa458e4df4db1fde |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\sr\messages.json
| MD5 | e29a2d569b43e93a63de075bba9b51c9 |
| SHA1 | 619fe39b5197f8a17090db232efe565338ad823b |
| SHA256 | 32c9be85fe0871d2acd30aaef4434f3369eaa1b3b12a39141754f98d9d7d181c |
| SHA512 | 421a01e0a27e39e56427eeffea01777cc2ac2368dcfd42df6adc368bcc6a1dcc5e07a26209e88c57f106dfb64f255e218cc1bb95e77e5b9cf85dbf11a1d68180 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\sl\messages.json
| MD5 | bb93e260e7e2c75d4591c678ee93f81d |
| SHA1 | 942289144564a5db6d9eea6aa2c37cb0d83af037 |
| SHA256 | 03371b65cd719a56ae34e00c3d05d20739eca452c0895c214847724cfd401c99 |
| SHA512 | 5acd8afc440961ae342a3235ad94244f11f26f486d69086cc55d4e991c205dbc9b19fc82ae918a3fa64326ccad844596d70adf8abab81b212c11903d24308fab |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\sk\messages.json
| MD5 | 5cf9cd122e26346effd48db0c8fc75df |
| SHA1 | 21dca1f8f552ab09c765d80da60ff87e937af76c |
| SHA256 | f43aa954098a6d72d3d5a9dc74c131b10f59eb111b5217913db0c0d68b7a4019 |
| SHA512 | f5819a66bc5a7f9dc9a80a0d3391ae68c9d6f923f90f8f8713ce96155ef95b726ed36fa71e6afd0d03a2466c9154cc9085332fb61263a4ed610761851c8d69ff |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\ru\messages.json
| MD5 | 12a9ea240df3a579c96e6aefeaea0ca8 |
| SHA1 | 749ad7498f904f3ae4b7fd91db3b674df72855db |
| SHA256 | 4efe5990080b6388306f12b74b31c493701d45794e8a300a41f6a90ffb0591af |
| SHA512 | cff032611e8ad4e66a404d8eae5951775c0c730fd9a0e668c56615cda7bb5c25359c2987820294b28999dbebb39905526299ce656c0887c9009c88caecdb5dbb |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\ro\messages.json
| MD5 | fc0c0aac29d05eddba3b1aa1c974f426 |
| SHA1 | aa176688c93ccebc58ed53c344bed5c25e33900f |
| SHA256 | f4a86eb6a5a67178bfa24255874090e9c80a5acaa458f14dbed91c8e9c3da1f7 |
| SHA512 | 640e4b745e08d23a4bb0146054e99ab5a66552509f20d9afecbea42c2b0c67f402f5bb9bd3ca73a5ce788dc75b2af36cdaad36322f297017383f07fa0ba31937 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\pt_PT\messages.json
| MD5 | 7ba365deba378a383155a74a11ebcfed |
| SHA1 | 2c5e66dcc18e9178a0e6a25f79ff545af08abb1a |
| SHA256 | 381877c8038b80afe11865a00b82dd78e9676da2511bd08087257d8ffe8f27df |
| SHA512 | 19f2f5fd60334bbdec5a8a1facb15521c4ee90d60458fa42a8331a1f7dae9b0ba1d5c0d2a5386f160b157af0dd7cc33488e93fb6407623ba5fb93ad689eb4973 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\pt_BR\messages.json
| MD5 | 8dc02b40c5afd3142d3701e850dcb50b |
| SHA1 | 9af12b26f0ade1657e3d10063f44445de356b6a9 |
| SHA256 | 9d407d8979bb58d330157be475c619f27ec2bf15c3530805b4b7518c714c4c0b |
| SHA512 | 8d9dea428da9a6bbe9b3f8b631541aeb97e4ec890cace542ca09a04474f9ecd20f31ba6ae7d421a54582eee8da1715a077f77cc855796ddfb3aea30457ff39f8 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\pl\messages.json
| MD5 | e6e130f30085ad6b55886fcaad73741a |
| SHA1 | d30e6de45bae3ff58cd05ae6e75b45dc66fa7b3d |
| SHA256 | 8691f6363c4aa7fb4bd1fdfa0a2413dbf992eb942d719692f42b68ac26b3430b |
| SHA512 | 9c144743939659318894389dfb97184ab29f05a9b2b0cb823f2414c61c2129ec8f8cca0208db534024b7b96332a3e7c8452afa66043c03b1c2d27522d72c32f9 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\nl\messages.json
| MD5 | c33749fd231abd98f45fa1bd4d18275d |
| SHA1 | 2c30b01fc6f2a71f86d58832acffba4eb7646e99 |
| SHA256 | d0b6b9c8bd7c7805ea6dd883dc29ebb8d42f499ae40ce9dd7d9b1082d105b375 |
| SHA512 | f085bc98930b28117d33c85b34973317d24d6784601efde34db0f877251e506e9c345b0e4fcd9d8aca7b8d754f8692b5ef920f6c75f5d476917b32e8e4d1f2e4 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\nb\messages.json
| MD5 | d7e7129b526af85ee114ea293636ef3e |
| SHA1 | 8726f0da967ba7c66aa49ac8133528bc12948a7e |
| SHA256 | 8c2f8c2e708da78b2039f7ce7a6c825852b22f8f865f1ef7ff8250ea475b0361 |
| SHA512 | 9a46dedb87fed4ddb699c289f3f1b67c7cf1ad3ca4f66b65c326aba6b74afb155fcb11a7688219c427ea6d93a9a09b3a1f2c9747d7c2fb0b5317fcc990047d93 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\ms\messages.json
| MD5 | 29d96f05a391ef594b04b9da43133261 |
| SHA1 | 86fc11af431d61dc229810ff04815caa90d5250b |
| SHA256 | a0395e1dfa50f0ba8bbd6118424fd1303ce19a3ca32972f5eee012ad850d6901 |
| SHA512 | 1672fb73c5a0f73c7bf776fd9189e1e47ad8f2af17bfb49a6d299e01098e0de5761900ec909da31770fe86636ac8e667236490f0f612d5e59d9bedf182b90935 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\lv\messages.json
| MD5 | e6a8020d78b58be2ac40858986057522 |
| SHA1 | 1b63a5f1c26ae7d01da0a2eb28eec39d28819e0d |
| SHA256 | ec31919a5adea04160d6f722b434d6ab3e3ec72244f330fb3e671b3d4816ab1a |
| SHA512 | 3ba8933e42fefdf9a07aa666528c6e380bf025bb0a4d5fe7c18a404192d45493d68224dc51af9904c604775547b814ce00b49a8b132250fd2b7bcef9907d055f |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\lt\messages.json
| MD5 | 416f2b8ffe43a7f035f41007d50fc2d1 |
| SHA1 | b9628abd0b6bef289b7d9539611577c4460005e7 |
| SHA256 | c960852e7e43057f6ceb4acb07d0a9f2a8601d44c5bfb67d69211bb2354b988d |
| SHA512 | 67f0dbea7f8616b1bbe30d1ae30e2bc8d4f4334aa33904728f093afe1672feea55abb15ae375787a2e9dbb6e246b33ac1ed74fe4de79f68c75e93f81cb3251ba |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\ko\messages.json
| MD5 | f19d786e8a7bdb0f3bbc0f9e6d8455fe |
| SHA1 | 5473f500aa1b5d0cf6ec618cab463010e8386a70 |
| SHA256 | b45b7a2b28bbe59db53e26486cdedfe5aa5ee19dbd01ab94fae8d124cc3de826 |
| SHA512 | 31d5fa959f6551cfc822c0b7d8e4d68baa9f7a3e2866f383bc1cc4e3cbb6e485da1491d811fc27d57e17bcb3774bf384c9b84da1cb3c5bd705a56551669a801c |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\ja\messages.json
| MD5 | ed7a51a91db6521ea2eb3fcd488b5f40 |
| SHA1 | 2f981947fc94d1c310a58a182aaa251bfe86e882 |
| SHA256 | 8a0aaf8ed4d59ade98354e5f596b6b2c4a03b5065bc3b09d6c13e9c983a527a6 |
| SHA512 | ee065a401a6d65312c12afe604dad9137a9247b96bb6d6dc01d14fcc9fa2c6c299eb5d0e8f1d30abe4b46f8b9af85e6cc935566c6b3ac2225666cb2628de53c3 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\it\messages.json
| MD5 | 3a40212d09511cf73a9abff33ff23553 |
| SHA1 | c0c592b1875794e1f086b116799d91fe03552a67 |
| SHA256 | 4bc03d2796dda350fb148d6dccfec14e818202e79775a1711ff538dc3cef312f |
| SHA512 | ca0492bfe61585c8c0c50d41a35573fc26657bfd7acde16d15326bf327bf04973c730e96ffc18ca83e05b365f0730c5d41faae1feb0717046e919332e1d781b5 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\id\messages.json
| MD5 | b664a816e55958ad35e9fc0bba1a72c6 |
| SHA1 | 38c3c869bbee7f6e013dcb79a6b78e658079083c |
| SHA256 | 80242d7f7b07846e4dc49ee6b25c8f1cc71c7d161038e2a939f4bc8d09b22bb1 |
| SHA512 | 6ef9ccdb7411cce478b82ed40d8d7d87b2ee185f368e49ed5ea8f3ca6e77e83e3198a27ebd8e05c2c9147d8ac57bada682b094b0490ea162869959e61c5859f4 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\hu\messages.json
| MD5 | 830f778ed7e5c02342d67feff9abd3c0 |
| SHA1 | 793d0aefa539d3fd0f7dc4ef57d9daceb4713911 |
| SHA256 | 0f2c4646e051b466bbbe8e28f4366d0cedeee9ce9d7646ef6155494ff7c1aa70 |
| SHA512 | 44ae829af29acc1200fe4c8ba151b19d1e816450f45a7614ce40f72e544812f5730b4abd09de1ecf6310d918818535fa4e1360335263f4d2eaa428f96eb02457 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\hr\messages.json
| MD5 | b0aaaef3224face221502b9be35433af |
| SHA1 | 352016e75d370e371ed85806e0e524b1189b0901 |
| SHA256 | 3fb11705f9aaba63084e8159172b07af10c30ef08fcf1c26cb9a7af6c501ddab |
| SHA512 | 2282da110bf4937e848e03c22832a6a68e5022cca5b98b176d6f1b9abc924299d58c5eb6a3b6c441c30d36d0346934f763c1f16183e3bd0e931d332e5519d04f |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\hi\messages.json
| MD5 | c3954827ca16d49de136110caf6f4129 |
| SHA1 | a1ed0910d1b12f2a2e5bd88645ac214b02f2c953 |
| SHA256 | 7a1039337aadca607c99a392ad2558d16e3f39c048c82e2216c094ab26770d37 |
| SHA512 | 6f8567ffac22f1fecd101a96bcfa5bbfec79cdb1ba0e305c1366fdab519df096b826d6c54c07ce4fb1c8520f2baabf008357d9fd7e18a92f35987131cdc49147 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\he\messages.json
| MD5 | e3333278d6a92406f8aa1da627b7ec25 |
| SHA1 | 02b0d6f2e9547795e4240e6819948dbb9b4481e1 |
| SHA256 | 10921f5fcc54a5bd0ca546b2ebdf2c65a4c062d96fdfd8b6b6adff4228b9e758 |
| SHA512 | 6d02737934a77fac4fcfb1e489f9c1164a8aa3111a324acb4754cdb9512a0111a004ade9c0cb9f858efac9543d9263fa393bb1d751f4a61c8e3bc741ff826149 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\fr\messages.json
| MD5 | f53ac5863deb7bde23e127995c086f25 |
| SHA1 | 99a4f59892d06747b51b363de267f466a72e8008 |
| SHA256 | c7f83f037f2a9561a79b66c7c5ba6ec230ec038b01ed0442832471d2c4a4ac08 |
| SHA512 | c93e65ec1a08d792997cb13676ad40539dfb2bc1fde18b8759534f47b6908f7f4d84a2108b579fddfb8edbb4de00b1eb50adbcbb209296a91ba38b0f19bd9d13 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\fi\messages.json
| MD5 | 99bd1faef0a8d04fc945c3e11d31b151 |
| SHA1 | f5ea3cb156598052b99efce4eab2e9b64ac37518 |
| SHA256 | 106d6f20de82ab642b825be080855448835e59fca46f6d6546c484502f8e6637 |
| SHA512 | 3e652b08ce58f6f6f212fe62329cd441ca0fa362be464ddecbbf9a98c090082c69347820c7c8dde213061afbe5f12b98f7d76ca7bee135a757d10fa44d320601 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\fa\messages.json
| MD5 | b37406066b6b248a9ae6be6d6b94c838 |
| SHA1 | d488c6e65357596a9178cb86db67183e9a7dbfd1 |
| SHA256 | 84dc48a25f3697a1455743d80430def6027553ac41579e621e232ae3e153f46b |
| SHA512 | 259f9bd6619e44413a9110cef481f64b043dd820ccb8fa73893f32e71b3f33c357c6ab2dc981eef9a9f444051d8caa1fcb6128aaffd1fcd285a2724b28f6ed32 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\et\messages.json
| MD5 | ef87cb0ac7a3b415d75cdd36be6f4828 |
| SHA1 | f68f606d8d6ea71240ea1bc88d04f5b0ddd9b170 |
| SHA256 | 0e56ef46d2c21ac8e1870f178b91f45a4726baa3424b2e89bf1d35ee01e25da8 |
| SHA512 | 60f98c8feb52eb35a995edc1c840847f27fbbe666b894551ae41dd4121a8679e5b84002a1e8e932ea7d73f3826c46b10b31dff4c06b38d158a690c045bd220b0 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\es\messages.json
| MD5 | b87f24a632f1394f2b4d953eb851d522 |
| SHA1 | 06b230390c38da48e958e38927c4f27bf4877c4a |
| SHA256 | bb68ef6c46d390012368e42a08314c4653697cf0e4e6c4c8f76b788056d4dc87 |
| SHA512 | 6126293d7917220d8b28ad13df87d1cc0757444c139058d144282bb4763527e0a1abbc86225448dd7f315807c3808e513670d81092afe6cc801f2f83379e9424 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\el\messages.json
| MD5 | 9288729963e1230a74efbbf071de1fff |
| SHA1 | 17a438183e94c336a9a50e631074fd43b7d852b8 |
| SHA256 | c647435b41dccaa5f77620a0f4d423e1f777f5f0738ad706de86571f7ad76482 |
| SHA512 | d4d2dc015cb0a4cecd456799044c31958e4d281adf6216db6f73c24eef4e06e7f6aa3320c1abee96a63f978f5c09897f8e0b78237efe472d50ca087db38bccc6 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\de\messages.json
| MD5 | 3c651f7432afe9d495c57abc69c30b62 |
| SHA1 | f0d6d0084a2b54b8ea2fa9f21c047341e42c762f |
| SHA256 | 0cf5f828601348cdd46fb6c260099d1846edf1b6f4a009e5c719a55e50ed3bc7 |
| SHA512 | 2193461a027d5ab8df2defef283a36362e845068faafa7ef040c308532a4894c40dd6b47a121739ca7b6fd683df9443053bec46e3073ef573da2dbfb270b4fd5 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\da\messages.json
| MD5 | db729316339e408f888da652d099e6af |
| SHA1 | 747689da330277dbabbd2dc219febe22df744375 |
| SHA256 | b715724bba10ff50273fb7ac3685c5472ab01fc7c3024e7b457841881b7c8707 |
| SHA512 | 5c52b71bf8f1a832d8e04f7f8be3e88ff8798632a3aaf89ce3550adc3aa41d3ba10f020e0fa9d95aa96b490827d900f8e2d4228ab79c737d2157268b31e09700 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\cs\messages.json
| MD5 | 3b971c847376f49c17fddd94d99ee14a |
| SHA1 | 06f57556597827c5f11fd80c335c055d83c0c63d |
| SHA256 | 162a9f2cb434afc1093581733aa643a1b0263f21c01deb24f26d4a3fed0274c0 |
| SHA512 | b2e1cde93cfeb327cf6e78d8b1a4bda800881e5f345d7e50fe7ec0359a422b2ec80be61f3b248b4230c72a07d55db8264ead7c0757c1c16b38b3d3ca94bd408c |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\ca\messages.json
| MD5 | b1d37ded9d6e3569f955ddd213101059 |
| SHA1 | 6cc5fa9f49c6bca83fe862a50b2f8e9eaf838e42 |
| SHA256 | 1b20cc3de4bc55aa1af9a31618f5d07e630605774c7c92fca0862427b5a5de94 |
| SHA512 | 095461240b28552b730ad24dead2b7b5191ba8c77703a1758e60c6097dde41834a3f6147cda5880bec52a363b2772025a55245f7138b515e87f9a64553b09d0b |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\bn\messages.json
| MD5 | b5af23ced9a7a5b995c9fcb1119dc2b2 |
| SHA1 | be85158410ab3c36673d5b8fa14d5da07d9530ee |
| SHA256 | 4cb40cb8eb1f2c1fc2a6691ac0d2b7138299d6dcb0c1836beeee8a43af12f7d0 |
| SHA512 | b3ffc042c7d4246e87a1c26f0fd31a6130347f8097a07fb64be57dad22d7b5deee9ed922be647edd049dedfe00c8f4c066fcda8481ad65b3b7f32ddbd1bac547 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\bg\messages.json
| MD5 | d945e162c3b5842b29e7a11f22479f97 |
| SHA1 | f0c697a96f230babb3198b445ddba14a33c6c846 |
| SHA256 | a18a2d8484517ed9584229d5cf58f6ad7618926210249261c29af14c6326a025 |
| SHA512 | 48a1f5e071892b7ea6c54293595948d9858d0a725f7ee4f3ae6bec16cdce9116402f2272cdf06eb9ae3f8a53a45f3c490428fc5591f59331ebd082cc56e15b56 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\be\messages.json
| MD5 | ab74027d0eaa6447c64c50c29168ac28 |
| SHA1 | a6e65c6362c4e80ad2b5f28f8a6eb377af2938b8 |
| SHA256 | 00ea40f1306a99eaa642e3b613ce277411d53d88920d5deca5b1d0798b51d30e |
| SHA512 | 055c2bdef9f06a90ea2d2b10cf79318ec9c185fc334a70d8cf4551cde947958f5881c3a50c4b5715cb3a4585722b92bbb4a5f59156762bf819c0e6aadc5bdaff |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\ar\messages.json
| MD5 | a5d85d08654dacfc837f7b6f72e6dbce |
| SHA1 | 2cc8f59d687cf8b686a7349f9235a80328b2e354 |
| SHA256 | b8598beb9b2fc91a17f86ef9609f0d49cf016ea48f7d5d0535b163df9bfdb673 |
| SHA512 | 376cefdff2af3e597eca7bebfcf2dc579058a92220df2fcd9786d4514bfe8c9f9436939d9c432693665f9262cee375b68e96d1dc9027f73f7a5a330af3b81171 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_metadata\verified_contents.json
| MD5 | 2bdf4d8c93eed2de85525f1d49b9f427 |
| SHA1 | 7b2e62fceca17a6f3167b0bc6b13a9284ce7dc33 |
| SHA256 | d6b8ce4560018a0ea71c49e2fd9e539e2ea2fac775762d14277d55e47f503658 |
| SHA512 | 4715bfc6e9ca088eead36c2420476a5f0c5cf22f69d3895cd13a4cf25dd1208fa329ee3149563f2b4c4e9210d3feb05b51380ea946772ea9fca4ccc999b8cfcf |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_671477911\CRX_INSTALL\js\options.bundle.js
| MD5 | fcf662e70f2981ea9fce846985a3db9c |
| SHA1 | fb458741fd44ef6394418f2c83fab11955dd14f6 |
| SHA256 | e0b4c21430222c675ca600d1aeab56d0546549c760e44052cd7277dc3700e9e4 |
| SHA512 | 28f564d0c6f3fb3dd08dada6b93cd20872e77f87ceffa3ba3c41ae8ffec89330b4397557408cca03737b7426255a23293bd20f6e2a6a72bb84eaaf8ea3830496 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_671477911\CRX_INSTALL\js\fpattr.bundle.js
| MD5 | 7580759316acf0e6d7a16da84559e6ab |
| SHA1 | f17ead86d623eb3527243ea6c6f5512a66fe7186 |
| SHA256 | f11caa7844dac279cb19b87a7704e4982804a131b5893ec436aa092df587b2c0 |
| SHA512 | 181c4f78dd497539f010eb75e529f9fb48539d559eed5376860e4292cce86ac69b698d7791d64262cfc43454a98552a8a9bcfbf0c777e7e92f7cc67d035e59c6 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_671477911\CRX_INSTALL\js\content.bundle.js
| MD5 | 97adfec6bd687e9709445afc0c573c39 |
| SHA1 | 1186a12a096465da449f1b0df7270dbc5283f4b6 |
| SHA256 | c103fc2d0a2484f40fa091e188ead5757b737bd86d2a926488062436df8cdf50 |
| SHA512 | e242f0673a8cd0f565a4dc79937bf8280421e2d90a0d7ac6cc18ffbc0b54a692edb714d9edf49d096c88cddc6465df086c98203d1abf960ac66e1186730bd009 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_671477911\CRX_INSTALL\_locales\en_GB\messages.json
| MD5 | 70c7984777731215a65a737b98c49dfe |
| SHA1 | 60da2b4e5a80334aff5cab61d67fa0facc62f2f8 |
| SHA256 | fbc68d0c4ed3346ae2a84580168d43b8ce12bc97564e04131ce47a0c3328f1b3 |
| SHA512 | 2609a01feb2f4aac8edb180d854dbb5c93e9b053791d2bfe9c1bc3d7baacb8fcc75c0953d7e150b2203ee1a2f4e65fffdd281bcbfc2fa29326576d7b887052b6 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_metadata\verified_contents.json
| MD5 | da75d62a54c62f3b76eaf5a8dfe0e732 |
| SHA1 | 36207df1be4d0455d7c143eb6dc2deda7d3d6c4e |
| SHA256 | 944d212eba8738de04aa1675e140b64a7019257ea57b97fd780d93f14e3007ad |
| SHA512 | f9cd02d1a42f7d47ead1b769bc318239bc775dd0869bdd64f19a8c0c2ba7f96591e71231e1f21d87133574acf721d213691bc923666999bdd664399adfbdc515 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\icons\iconDisabled32.png
| MD5 | 10fcac9e25146799f631fd4836a592e3 |
| SHA1 | fad31ddb5705203a28d3d3677b1219ac3c3755bc |
| SHA256 | 07e74e96aef7c37a0a8fc29d0f9e79deaf698cc8de13a766a00ad40ca41d4b0c |
| SHA512 | 2e828b1222ac00cd9a21c7ac74b5103cbcbe297fc61c2b778899efad36539a41e287e59ab30e546d0c80c30a3ec886f5303f6742cbccd53cf4dcfb9a44d69d8c |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\fonts\Roboto-Light.woff2
| MD5 | d26871e8149b5759f814fd3c7a4f784b |
| SHA1 | 6b773b76e0a6708ee4040733cd0c83278543864a |
| SHA256 | 1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591 |
| SHA512 | 65c8a0aef476ff5cf8aaa29b2a315801417a0347ec5f99b6a8e1229328ad551c0733cafe6520fe916b01672ae7fd52dced963ab98f38f195843ab9aa9462ccea |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\fonts\Roboto-Regular.woff2
| MD5 | 73f0a88bbca1bec19fb1303c689d04c6 |
| SHA1 | 463a07f5c66bf14e6d9d6e0f6d5e3fd3cb11f4ec |
| SHA256 | 47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562 |
| SHA512 | 18b8ec54deb993702689b44e269b1c9fa38e2bf3c8053bfd778da4cfad821a1d8455ace8085f65788a5ec8bf71339cf1446c845c23c5f59e5086bf44e468eda8 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_438401782\CRX_INSTALL\webstore.js
| MD5 | ff713828113f6377533d41a36bff5ebd |
| SHA1 | 7157c2333be0a6df2db2dc0c25d36738acc823f4 |
| SHA256 | 60657bad3b62a195d588178203e25df302ecdb8b51fcc49cc4f628aed8998dfb |
| SHA512 | b55bd6b59b57003785db6a8f7e0f46b2ff4db619b4ea143c09f1e456ff1c5efffa46226984849cd8da98f48c06a79a4d00edccba3b7e1d4423e448f1be001113 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\_locales\en\messages.json
| MD5 | c01bda904507ad435bc35744985c4ef7 |
| SHA1 | 2c298313661fef987782c54829d0f16dd8b129f2 |
| SHA256 | 661505cb11e4b456a6eff122a081aa95e742b405de833106761a90193b2789ba |
| SHA512 | 52870e5b03ab7db71a9588e775b379bacfa34a4d6afa856d4b09902ceb86b8f92b5b610c4e6db164a13a8fa92241030bc110fc6688a612185902af6e24d1aa83 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\_metadata\verified_contents.json
| MD5 | 0e7bfb2084dd49ad6bd4b927d594794c |
| SHA1 | ba3bf3c75cce643968c7a3cb9fe15f9010d938c3 |
| SHA256 | e281d85bb3163e6ec3ead28efb084400207b64e690c8302d87f7924b821e0064 |
| SHA512 | 2f10dbd08b917c8c674cb658e9911202d6f601d089ee66f05972bf03e27ff48c2b02bf691bbd30da83ed9a4aa0f8b9f72dc3c0fad4d3754833713b8489484060 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\popup.js
| MD5 | d678d1c275e66e2a2049c30745d6f0a9 |
| SHA1 | f47d058e0050194882f2313231cd25d7efaf5d62 |
| SHA256 | 12ffab848cca31b75f8c838491c4d5285d5193af8d84b75cdcad358e20af1125 |
| SHA512 | 79aa3784daa6fad44d920110893833fafc3a3dc04c22d26712475cf3b8006446f924bf15643b105476e087b49e401f56c7d3ac26086334d72c1b0da9ec0cf4b5 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\popup.html
| MD5 | 533e314c6b3d2d31a1d89f8885c80983 |
| SHA1 | 64605122a9279193b2465d88dede450471935779 |
| SHA256 | 98050462e9480795ab7e63cc3f097a4bf6b8292e1fb27eaadfb0e4ca6e7adbd0 |
| SHA512 | 1696447537d7f0370a7a1c296e59f709021ddf0eacba62de33c9fb794309aab1eaee3a5c9534a26c0a10d6f7ecf81a707c932346fc90c8c147e905c5bd560f77 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\overlay.js
| MD5 | 2e139f8901f0224cdf3c8282de49eb99 |
| SHA1 | 6296747c5a575f79367231f1787409df1a88244d |
| SHA256 | 9a72fb36f88ee3cdec265e68d9483c86e0ce4966d9c236a5c3d05e6d463ae51f |
| SHA512 | 018421482734e7d68b817c2370af79715bfbb9299bbc0787f4a785395b97e397ffaead19716065ec1264fcc77297b904156b440c3d0a8b7e5a117658507a2d00 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\manifest.json
| MD5 | ec4cdef7fb696060841f410da00579a9 |
| SHA1 | 2057908c60420c6f5656c06cb87caef2af9421bd |
| SHA256 | cdb802e0c9f2bcc8d12b708081d2690a42cf9b8c60109a8853bcf609b3dd1082 |
| SHA512 | bf314d4f27529992d65a30f2985a2e08d6f7edf99e7056d68804f455564bf2409aaa7ff19eb08b73eb2a625bc7d08685201f76ddae970edbb7a678142817c6d3 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\contentAPIs.js
| MD5 | 230487d1a334dd93e1e58776b649e666 |
| SHA1 | 9c4f5f40d18bbd7e8743e3a169013c496868680c |
| SHA256 | 1b6a880411a56415ba5c81776a8f3126f638b6f555d8303aed6c9e0124275018 |
| SHA512 | 100c1d272b8eec8501cfab0167b9e46e417c7bed6fe78824a22bfebe48727c77661854d17925600509b65399b1fe345d142c6ae1d36dad4b56ffaa5d04dc941d |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\content.js
| MD5 | 748826ee616784ea761c6b2efd8cce27 |
| SHA1 | e407d92ea2aed385d144f4bf32f636c562f0fbf3 |
| SHA256 | f971751d14373439e79c62c5fb48c5e4b1859e4318bb15831a94fe499cd206f2 |
| SHA512 | bc6b139c1ec9495c8433e9de2c7aa09b268d9ff9c2e7e6eb1523e9d41a7657cff763cb0cb9f3afe3fd728e38f6d596866f42c3ba42295b8b2cca6e00297aaad9 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\background.js.LICENSE.txt
| MD5 | 275fe79abee3b697f1673c8bd9c58856 |
| SHA1 | cf2b1a01feb5dba1eadb49e8fe087675fe70a7fd |
| SHA256 | d33efbdf4d309bfa4448199551371ff81d5f57661b781faf79d256554e038595 |
| SHA512 | f6c93cc7bb4d678fcd51ba4024371915d614621b0f526130ae0a51ac4711c8cacc8881282538674867c11b0e37c1f0cfb5a64bb047c92594e0a4d4c25b26a932 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\img\logos\ccleaner\icon.svg
| MD5 | 53d3147175fffe2d71eed5db7ab21138 |
| SHA1 | 4f3c397950706342b86506e33229fad0592747bc |
| SHA256 | fd9001d35b016899e7b80302ce3f754508390a5d5775a337aeee12d0cb1a919a |
| SHA512 | 4b0160e80c258e43cd9087380876ec7815d30dff1954dcf2662ef2a4085dfe564fe7b998044832afac26c902fe5f744fd7507ddda7ddc37be956a25265de23b3 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\img\icons\icon16-active.png
| MD5 | 7305121e28476f6b440fc21199bcc987 |
| SHA1 | d23ac11334ffe6ed2a4c068c88f48ed3056fba1d |
| SHA256 | 5887411ffe405d0036d5ae35f733dce33c58552933fa298cc78fb3466864464b |
| SHA512 | ed7dbd8f1617b7d4c1b8b09939ce8e5b4be2271892dbe5ddf68b43b326a28d48ca6ca46c53dd81fd9f98065f2a61cff7fe22cd98ad4dc7b8c1cf0acfe4b4dee6 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_1746507158\CRX_INSTALL\js\options.bundle.js.LICENSE.txt
| MD5 | 4e994bc011dc4913520bd9f4cefd135a |
| SHA1 | de9aa409a953bce76c488dd9b7297a23f63eb909 |
| SHA256 | 923090b15eca2d9a8c7f02431cbc23961b45e34a33c6ca0df8c162abc6f91688 |
| SHA512 | 2d64ebcf3b135c6249d4883c54de3f9bc0cef36c9c071b1295816ee416481659ee1f62d06c92c1b4a92e48c88cb29312398d8cf4e54d3dd5112d801ef3b080db |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\img\icons\icon128.png
| MD5 | 6a26cb923b8a415d07c30e8b74ccd136 |
| SHA1 | d51efe6a0c87537874de4e6d1aab53bdeae5929d |
| SHA256 | adc7ed578516e060e17cc37241d1fc058777cb0fc808def60d8bfa2309bbbead |
| SHA512 | 58b57af5d6b6755b136e1fcb32e5a97302c473c560b69b5c2c1500bf204a5092ab0b143a10a50e4bcf0a2cfc926a98f1d63f9964097dcac5bea7968624d47789 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\img\logos\avast\icon.svg
| MD5 | 91a7c3ec0467f0e288f6afa178656bee |
| SHA1 | e631f3800708f0ba1436200342726a3cb588f119 |
| SHA256 | 88954d793a1c88f81a124b6cd9455bb7c99727ba49f99a437ae21aa1471dae92 |
| SHA512 | 040cf05168ef32067205a34daa863720d698bf2aa8fc7a9243b5854de2080b51ed03164933ec67f5edd8d9a5ab7b4bad09551f100b5ddffbd164141ac8ad2a7f |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\img\logos\avast\icon.png
| MD5 | 94a73def8b7e2c9ca07b0d974acae57b |
| SHA1 | 5dc258192300325ade68e7ce5079006e7ade23f9 |
| SHA256 | a0ea771f573c37d239707dbe484aa1de5764f77581f6eabe4c856a01d84445a7 |
| SHA512 | b5c3bbf626987c3b7f80e534d889430235a7950a1d9e1df48d67b9e3d7d9824eadc6d7871d46e0ab4875edaca8c7dab7d5109b658d8ea0a98ccbef9e47b0174a |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\img\logos\avg\icon.svg
| MD5 | 44b895cde80fde31846a76eb84925017 |
| SHA1 | 0a7bab1bc7f7c05e53e78ccc0000cbd0ec763689 |
| SHA256 | 98f371676bb73135c55eb5e40262bbfeadefc717d0bf175b8da627136bf07164 |
| SHA512 | 009db3c97f0112966efc9f17ec3e66c74c4ce9eaaa404a5c356c3e201d2d5e7ae62225423f176cbb1c826d13abe7b589a43e40b461b7deb3a5a4a6ec0de7b5a8 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\img\logos\avg\icon.png
| MD5 | 06918658a5144d15920ce3089802bbdb |
| SHA1 | 58df1500c80c86c68f08499d636679cc13090021 |
| SHA256 | b2cfb79adc45a5587a0b187580a72fe778ac14c4c073bd624efee07de9c27785 |
| SHA512 | e5da10ec6ad6161b9757fdc37572c405283512ae14b8cb431358d72da295fdd3cb2ebcd0e5ba414dbd84bf12aec5eb229ea8111f0509f9d008cb5098f9605953 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\img\logos\ccleaner\icon.png
| MD5 | e173f076151ecaa315777a1cdc6394c5 |
| SHA1 | 0c3423744ac9c011d4f40b9e416bf9bd0748c753 |
| SHA256 | ee060039ee5d705cad81a871f1678864a801f91a2e800f93985eb00a0d23a16c |
| SHA512 | 069f004e642256f07dc078164dfd02912639d803aff32337080b4e78fb71e84965a1c01ab16357bda0eab50b1382aeebc172c2fad9d11b68028d055ba9e40bfc |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_1770147157\CRX_INSTALL\background.js
| MD5 | d0d58c54aa20e17a2fc7c90c5cbe97d5 |
| SHA1 | 59de8f3d461128d40634dd9359eb8fd54d47fd7c |
| SHA256 | c533093e78dd57b7358b779dc5a8f1ee2b2fb0d79e3a38d4f3a9d8cc0b9d7149 |
| SHA512 | c3c83771a5d3dfcb8cd03ef10bac4d55408444b17aaa1e6c88746a9950c8fd4051545260b8bea5c01e8f7572a470b6da862fd861e8e12be9bfa235487b0f8aaa |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_438401782\CRX_INSTALL\img\icons\icon16.png
| MD5 | 74d658682a89aedc22582c15fe8d8583 |
| SHA1 | d0320a5c085a96d7f87a8f07e2045ffabb56449d |
| SHA256 | 7f4b72bd4bb72d574b516de85126cb91d9e9492af939f3a9bae80a8ccfd53b56 |
| SHA512 | cf62c3b790ac34bc07411ea158bd5a1d3e3549738aafdae6202fc37a2b429effda94ab2569f3314ad48d05c0fcf99ba97dc65b5faa1e5b92d9da41f548f0acb1 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_438401782\CRX_INSTALL\img\logos\norton\icon.svg
| MD5 | 2ee58c8732aea4203ecb92e16e5ac68c |
| SHA1 | f8cff9d53e57833e10ad2cb2489fb75a57ea7003 |
| SHA256 | cbd20bdea1a73d4cc506fbafb729d201d01fa08f1884f4495289672f34f398c8 |
| SHA512 | f6deeb2e330be99e4d5ac63625f7b7f2a052ef2f778c99657714245e9b2ad912dae5029e8dfcd5affc13bc4c892d4ea508db471f009d6c550030c477ee98d87d |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_438401782\CRX_INSTALL\img\logos\norton\icon.png
| MD5 | 75e461d8925e8468b3994dc838bfb68d |
| SHA1 | 40a05fdacfcc9f153cd3df62a95c75fe148fc0fe |
| SHA256 | fef31cd788c1845647cb739db304cb65fa21129a93500f51d8865ce52f75a0d3 |
| SHA512 | 880c83b8414bd441d20d61360b7018b4f6fcb68c2affd8b1e32b1d9317e86dda8f9eba925df31b552011d5158eee2f30970756b26b2e77f3cb91ae35c8c37cc0 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\fonts\Roboto-Medium.woff2
| MD5 | 3ac5d40d1b3966fc5eb09ecca74d9cbf |
| SHA1 | a69f32357765dd321519889aeacba5e9ca893bb0 |
| SHA256 | 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c |
| SHA512 | a88b87d2b8e141236118243f66dafac6c9c06fa7858e56fe36b59c7079e8c5969ad46aa7a0eaa81ee79276404fc835f7107765618179d6036d38a263390f02aa |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\fonts\Roboto-Bold.woff2
| MD5 | b52fac2bb93c5858f3f2675e4b52e1de |
| SHA1 | 977c5749fd06192dac5224811ed69e53a6b2b47d |
| SHA256 | 8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2 |
| SHA512 | ca31f9be22a3c5ea802581a63e29d4f205a4fc5d1d7f6ef4bbcfcedf7c3689b1d46a2145b0eb424e3671c40e55136d25551a77c9ff05bae03c69ebf1a4f9cdfd |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\fonts\Roboto-Black.woff2
| MD5 | 59eb3601394dd87f30f82433fb39dd94 |
| SHA1 | 6610089bd2ab6cfd41d16777ad1b15994d429bb3 |
| SHA256 | 41e55c257815e19c8e2384b6d1d5180590599a56f23f3eab417c5fc7aa553511 |
| SHA512 | e039c0f2d3c7879f551ac66f967cf0b26f16ddb6d9fba3283805104ec9ed183f8c8c19c448e640164a635e45a113473d89066e4dcc0839e9c210e619589b425e |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\icons\iconDisabled16.png
| MD5 | df7761005c523247ebe938c66ab20403 |
| SHA1 | e99d95269092fcbe49221f896f6d657ab9b7ec5c |
| SHA256 | 79998c3321ac60a48a7a83f848622a1fbcd5bf18251a69c7b74edb67181d1bba |
| SHA512 | 1bf54b9526fa22c417c88f84df86eb054540db926492d21699b194999a727830912c1fcb53450fdc737bc0b3d9662e249ebaf813cc077e84b6758326d328726b |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\icons\icon48.png
| MD5 | 3d0c230db3f52326a0a102654d2fd5e3 |
| SHA1 | 07d164472540e7e1c56a151b405255729479c1de |
| SHA256 | 2af2fbb64a452becacc419bd4aa8270905570ee3769a4bbb94e4fa3367e2c877 |
| SHA512 | 1b1324f6748630374fe9143da01efff3aa3ce60df6dd75e2d45b431db318ea59146d8589090e3b2d50c58287618cf55177f0120c3e2fde9d239e3b94ed292e45 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\icons\icon32.png
| MD5 | ea1c06120bca8bee757c97a719208631 |
| SHA1 | a015ea87e1a683a1b189b589a33a908bbf250514 |
| SHA256 | 93b175666922007b14eebcdaa6794e03cf2b0630e2cb4bf86675b4cf3e9c40f9 |
| SHA512 | 9c6540d0ceac5105c38a171fe5a3af8f81a163dbe60ec151e6ca1fdda58aba02fbf8bf99c49ae2c6cb3b038737712a15f2b6fdbcd913e9d3adc1e86b49a31200 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\icons\icon16.png
| MD5 | f71dcda95ea1980fe79935dd4846cb20 |
| SHA1 | 6a8b5fdf8ea8efbc2f9830baae5d701564927451 |
| SHA256 | e65d2384d36851b6d1be712ba196a9ccdf1fe6c18897c002f483845032690ca3 |
| SHA512 | f15f0b6fb5589d17c16d4d39d4e463c0e0e61ceafdec2ba17948f577c3ced6891b98b81dca41676d7881be44aba78a953e1fcb9902ea5e8b6a6a26b12f14fdf8 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\icons\icon128.png
| MD5 | cbd7c61d6da977fdd2dc2658d3a3e4e1 |
| SHA1 | d74fd35f16988c89537f035a916abb8f5c36108d |
| SHA256 | 2ccf7819424891f8ef61859479d0808a3b90cd0cbb20e4f6cc95187e70744f58 |
| SHA512 | 2867869d82e74b5fdc90ae65146f7373ddb67df44646b95992d730e24e82348159c3e058dfe48bd260e2a2b3a7ba456688b2599907c5b79039472ad5a6978251 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\_metadata\verified_contents.json
| MD5 | 670c300e76c376d4070ecfa9ce9ae637 |
| SHA1 | 7de97044bf1011ef55a448ddd3cc169d2e40b296 |
| SHA256 | 4fab6735a4d779a411c78cb10461a91cd3200bc1ee49b3527cb795ecf715cf39 |
| SHA512 | 93ce0575cca6cfbae55b1bf24c4c68c7b0ac4268bbbe33e766c1352ad313eb5f664b8fe484a9d87ee5a43c23e1086ca8333e2b56430a0d549440c614a7e92203 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\siteScript.js
| MD5 | 033e8d56471cc105586ffa81455653bf |
| SHA1 | e4bd3edc321d1c9feb0839ecb5a2f57731bc0e52 |
| SHA256 | b4843e615ffaf5802d1f553bf182d79a99b59921aa2f3f6c84d28dae5b9f2b0c |
| SHA512 | 1ad02dcc24f11a79a0591dd2ba3433d7f3832bcc7edad085794be17d64e965b554ae5b44d0476a2b4cb939e834f9d3d6c459ac0765f3ecc886c7d9f7a551924a |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\popover.html
| MD5 | 49a7b2740cad481349629fdada7cd28a |
| SHA1 | c4cc9c878ca6a036ce273ba743ed558a62fc0b83 |
| SHA256 | d8a1e2839a14509c2f61845849a2397b8ba3aa4762416dc335b879a812a60305 |
| SHA512 | 074dddfea2b17b03d3663257f4bc68912d41fe504526edceab5583499c62c59e83c69d20f51be115b9a9fdb8c4cbc14e3011704d5745b347e83389f0237dda7c |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\manifest.json
| MD5 | bc320552e209e176ef2827f5c1fec4b3 |
| SHA1 | 8ca2592223a29f302416e9c477482bbe561004f5 |
| SHA256 | 6cef503d8225ff2623a9b95d513e5c3f46647f651b3109bfe137c2be26b7ae76 |
| SHA512 | 560a2aba05dc0f08033c917e084cca6088d1fafed15dca8f4da1c545b3f33fb6a58071e3b7a55ce5e5208edbcf1c8a82783357fe5b0d2a4cf2577792a94a578c |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\contentScript.js.LICENSE.txt
| MD5 | 85d0072ce63601702a8aac69046392df |
| SHA1 | 75cf9b16f86a3de6104d44376bda6c96720c121c |
| SHA256 | b420cba7020a3d8223942c1c867ac29f40b917406ea6b722639cb9f3d539f39d |
| SHA512 | a5b04a7f191b9203cfc69e39d6535199b79d0f8e2749366c0a4c7427af8dda11dcd9d3954077b4a5d4f1a939ce7cbbd5d3ec98167f5392d8dc61cbb2938569c9 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\contentScript.css
| MD5 | 1c78d4d465c2ee05f45c478f3b26a809 |
| SHA1 | be04c109c4e3cec8f95d10c05dea1206ef92d9b4 |
| SHA256 | ebe2e84bb9a91d983335f4f9fb8d7366ed17e4c969885244b98ad2d40fa97178 |
| SHA512 | ad8cb15b75540aabe7c5e212dac4ab6b503462c9d9d38b19df54e2f45fa1c2e3d48c42050e4aae54870ce3490c07076b482645314a1ce10ecbc6bdcef4499bc7 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\background.js.LICENSE.txt
| MD5 | 76e4242185e4dc5c685b94177d7ab7dd |
| SHA1 | f8fa99ee4b5d70e0f72b61493390fcb4a282c296 |
| SHA256 | 9145d7b004e4f8e7894b2ed612440eb45d756a46b5cfd66e3784b904c057dacc |
| SHA512 | c4f6fb1035a25aab15982de501857dfe3bb6c70515303abb598cae9ffc29ca0fcd0eae67bb05340954cfecd80dc9342dd0348cc1afa6882a3b4b3794d4fe5b80 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir4400_665214244\CRX_INSTALL\background.js
| MD5 | c288ca276316ee0bb6cf111e6ff664de |
| SHA1 | a1c83764319f122a88b7274985c4d34e6e073e5f |
| SHA256 | 9d4625f1d8edd3a0682f86e34b606b1a9a66a9b2f36f9439fdb470af85a48f42 |
| SHA512 | cd6a0e95df19e184e383e5403177a96bbdb29fd2c8c471705a9cedbb7f55c0469e807c376a52b16f6eda437780d4263b19f617c8fa47899cc8df47c28de57673 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_361087340\CRX_INSTALL\contentScript.js
| MD5 | 1d61d5c9b26317049a3146f54fba151b |
| SHA1 | 5c99e0a7a24edec1fda4efda3da699f23af3b496 |
| SHA256 | 2bca9c8754de24fb5e6202f72c8ca085d2d82d04cf4a74006ae6d2583cbcf005 |
| SHA512 | 575704a8c97b61ca66d7e419c6764ab5dc6738a2811f30e8ef293b5b28b3e4b780a62b3ba678922450b6b486f5365aeab54f195c12f58176db19282e48eb6280 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\en\messages.json
| MD5 | 6d5e76084c6a0a7cb86266076d008f66 |
| SHA1 | 8779caf904bbf4b0e19423511fd4a3ed7a92883e |
| SHA256 | d5ec69a6394640ad458b698dab3099632dbdadb25e20dcb002430229e711b386 |
| SHA512 | 8286efad1963598817ee38236b1b9db150365e55823fa50f67f2a0f8ad29b8369705881f4767c8401a3228209e7cac919cd25aef4e5e10162d4bf57676020241 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_361087340\CRX_INSTALL\css\fonts.css
| MD5 | 222b7ccb780369911363033e77ee7aa3 |
| SHA1 | 4b583b94fd1fee73a39b28a0aca1708b99adc260 |
| SHA256 | 06ffeef3e678be1a8c9fd3907510165a13c782ce9f1c01364ca5f6b6f2c8a9ce |
| SHA512 | 907f9b8ee33cf37a577e89eff48d18af3b1b8473d1da0ec1893c5de7f060943cd54000adc24ff9a775996f17886be20a6d3dd761ce27c7f63f36434ea7408140 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_949030302\CRX_INSTALL\img\common\extensions_page\icon_16.png
| MD5 | 67816b9f9f56727c41d64793d0eb4902 |
| SHA1 | 99dee423dc2ec6ddb923208240b2fd13409c8ca5 |
| SHA256 | 7b9847ea5d27c37df0430ff4056ecf18b2248d18a10d7ee1cd7f8908f0a82d5d |
| SHA512 | 6fab420866894593620e95ce3cd988e6a9525b6bdb0b4577f8ee5fe513f3ba187996ccbda9d0b54b493122136e52c7bd179da22cd8106725f24401816429a3c7 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4400_1746507158\CRX_INSTALL\_locales\en\messages.json
| MD5 | 9764406c182b5e377dc9e8023968e82e |
| SHA1 | 53999b0d5620d8e80f357edf7230560feec1d40b |
| SHA256 | d8254fc7b70c9f3f5e16176f6bfba0fabf44e10de59b4a32ad53a5fcabf15b2c |
| SHA512 | 5b6595aec0cf73c52bb74f5b97ed92cb21fa68649911027328dfd89a0445d03bf26322fc98e410f9eaa748c01128058dfa55ae912ea5b6db6a73a433327efc8b |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\en_GB\messages.json
| MD5 | b8645df606dd756306208ec441e9c0dd |
| SHA1 | 8ebd4f5103dc792b6a563768d1c3d6e3b4729c54 |
| SHA256 | 6dde990f4e64d1ecbde90db9d3939f33b3b5c3d1b89704dbb8ec84df8f046de2 |
| SHA512 | 25b256e3ae975c4928d1ab696e821a4be3d5534090902573136f9cb9e3c8005e77e159918d418eb6d6a2c6c7156564d7e7846fb4ab923494ff0d2b0df1304011 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_metadata\verified_contents.json
| MD5 | 8812b25c089f19967e2fb3bf69f61bbd |
| SHA1 | f71bc3691f99e3c89831c5902f3bc14f67b85127 |
| SHA256 | a4211fa0704d1a9bf664d7cf309d8aadd2374f212fda1b21fb09118aa0eb2afc |
| SHA512 | 67f509e96fbc6eeb17c452603ec69838f988905522816458e1848d604b118b755fe427001a222244fa108b22717c506d29e69ca804451f7f8c0c237e83b7e6ee |
C:\Users\Admin\AppData\Local\Temp\6f405ca0-065a-4757-b423-ce54656ba7a5.tmp
| MD5 | 23905ea78979b66c6d307de1ba55cea8 |
| SHA1 | 73c187582cf3a843367751b565180dbdd88498fd |
| SHA256 | d3e2dd4dc06d3f0feeeb44ca24cd60d076931ff6c0ac1692b509f40f58d8595a |
| SHA512 | a32f59e91c5be60eb032f33a5ff799e125143e9da4d93ae0b57abdd80b778ff0001ea28d553a947560b54b9d214ac96e5d0ce98d36d655b26f1b6d4ec64dbeae |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 25de1f8a3c880c7e327db3cd68a3a0be |
| SHA1 | f80c286270dd7985e0df679ce8060ca7fa1089be |
| SHA256 | 8f0b4932f67078beb083eeb6d7dbe06a2e6d6d19003932ab4d05111032dd120f |
| SHA512 | d29bfaae9daf375e81d15c3ea577d5c3243b17f455eb9dce9eb65149fe72c557ac24811544ec8e6b1e5cd58bb26bf3c25915f400196a6d4d0908e8c7a97119a0 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Secure Preferences
| MD5 | 9acea55fb99bc7c4e88366256887bb51 |
| SHA1 | 68ada506a36a3a632cd998076bd5909fbdfe9aba |
| SHA256 | 8d2baa2ae4e78e4e795627aed288a014a652edd164c95e841cd8ace65a102c1e |
| SHA512 | f5b54b750dca48e94e73ebe4f3c39bdf9509a75c28e48ff860aed1cdf48fb6db89c1d38c27fdd482142f4f2fa250b883b3c449ba94e86c2b1ae9d6975a1c2c4c |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 68a10370cf952040dd2e981269bc9a2d |
| SHA1 | 8af882f95113fda55be182eea2a5cb8b6e0bbcf9 |
| SHA256 | cb6fa69efc50d81c236db6fc5905e566cb013e9505b5df86823eb82390ee4f5f |
| SHA512 | df41d78ac0b410f78109d47477b2af09ec829578fee8596719cc29475f717428507600d400a3c53f2823d1bab7ba3c2d75f63d07dca3a0af9b23831eeb3c2ba3 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences
| MD5 | 10a29f06e6f231fef0eb58c1e94b8c86 |
| SHA1 | c076afc8204c43a87d8cc3ce931ec5a888d00e39 |
| SHA256 | e9bdbf2f7d02a7de314dd7865d9575aa29326868d9e16d21f9dfdb800f1974ad |
| SHA512 | aa80db8d6dff6211308ddbffd3d85bb5f856a560799b7cc56999e1927fa91bfeae6858231ec4a21bda16a3d04d4026725917d2fb72395dc14022d0c99dcbb7ed |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5864ef.TMP
| MD5 | 35155d383526244bb40bdcb047ea5d2c |
| SHA1 | dbbf72ebb635d48ff47b54953f337bca6f74a785 |
| SHA256 | c1052e650a34b885abcc9cc1bbf0214bf1f18d9001ffc287f1907d1dcf0ecbbc |
| SHA512 | d8d59f5a3f8052321177540d2318aed3b559aed98feae03bb7de1d055820cf35ff23f7d6a113caf4c0937d80e5d789259e36923d1851403ea9fc605197c0033d |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State
| MD5 | 121bc1b3354d0b5c09ebd779a5614d09 |
| SHA1 | 573dabdd52d00d0ab36ed07ee110a345ad1c7ac9 |
| SHA256 | 79446c5569766feb1ff7c946a1657acbe608cd1126028c7530efe37f473a9e8f |
| SHA512 | a7c1ce1ab4d938a787c9bf27f34476b2a0a965844b7822b98e5ec27cf97e4a5f80b542d7fa203ef9a7a52171521db5bc402fd7600bd77accf9348e0a81f8aa9a |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\Network Persistent State
| MD5 | 673f6cc71b88c7ab12ab10d515518285 |
| SHA1 | 05a627cc8c17d4473e54939a9d7907acbf2a541e |
| SHA256 | 2ab75f442e55a222921f9b4cd23c69e383eaaad66a5106b5b1db8ff3029445cb |
| SHA512 | ab662a9222f7229f30d2a11b28a70c862833d9d904c37755139f4f39e9d00a26638fb08523f965af382ef1d044ea517c832e6bb09350ed7761678c4c780c0a52 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Bookmarks
| MD5 | b43507ad36173c35b1b7518b438b5391 |
| SHA1 | b5f03a2e8b85f199bfea7a0d4a65e665f9ce98cb |
| SHA256 | 40ec339a3abae43429d0e71231d104a52477147c477a46531375dbdaac5b3eeb |
| SHA512 | 1c32c82d7ceb3e3c1f70ae4c64986f30e339dce6d96c20b8adbaa6d02202cdb2395a2260a0957040200767a00cb91cc78b890824262ca93200a045236ad98644 |
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AVG Secure Browser.lnk
| MD5 | d8f9cd0c3ad96f072c3fbb134c0ffc81 |
| SHA1 | e2f611fb73b41321958363d002caad98258d7aa8 |
| SHA256 | 54f422cb9f3be784375c4f9e3fc308ca650fc10e257b21ae5634bfe3f87a3142 |
| SHA512 | 65e44c38a6c4297b81390b0f99fe250fa4180768a27dcbbde6030617f112a77fffc21eac302a4d7f5088d24e3d18011aa0eef07536e2030270aca3707d770804 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad\settings.dat
| MD5 | ab39f4e5a46a0f1d8099bf474c545179 |
| SHA1 | 52a339114143b2e89536a609b9a6974e44c9832b |
| SHA256 | 8d8c7ff5389da498ed945261749a8776383e20bc3447efab08f5ba15d9c183fe |
| SHA512 | 95e4b0c55121f14d7ddcb80e43cc55e87aca834a6d17980a40b3ec9d81e7c9a87d3b7efd7c44fa54bba4ffd49b33137d3ed57d6dc539212c96ea168bd07f02c6 |
C:\Users\Admin\AppData\Local\Temp\nsm596C.tmp\AccessControl.dll
| MD5 | c36eb8336b91d277dfa8575eb00d6364 |
| SHA1 | 9ec81b49e7675548449e010950bc50bff7cbc960 |
| SHA256 | 4336e05960fee8c775b343209911f14acbfdde1e8d5aa9d1f0ea680fb4407307 |
| SHA512 | 0abe6e367d1c934fec8a89617b5fbfea5ab7f8e557ada7a667aedb495f637c8782a2f4723c2d68b9edae4f426deb5bbc0536f643fc65ecc2cd33295078474394 |
C:\Users\Admin\AppData\Local\Temp\nsc4DB4.tmp\sciterui.dll
| MD5 | f40c5626532c77b9b4a6bb384db48bbe |
| SHA1 | d3124b356f6495288fc7ff1785b1932636ba92d3 |
| SHA256 | e6d594047deecb0f3d49898475084d286072b6e3e4a30eb9d0d03e9b3228d60f |
| SHA512 | 8eabf1f5f6561a587026a30258c959a6b3aa4fa2a2d5a993fcd7069bff21b1c25a648feea0ac5896adcf57414308644ac48a4ff4bdc3a5d6e6b91bc735dc1056 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State
| MD5 | 86b85a8d0a6265ef1a914b272f6996c2 |
| SHA1 | a0ad814f0e1c6dd0f58db7e1a1706f37ea43c961 |
| SHA256 | 1b12692342b850e1f70f64915213ef1087df40e2edfe1b275eb188529da7a2cf |
| SHA512 | c7cec3916fc114d9340954c0204de2963911f6bce6a77b679d7998f72e34c3c2f1036e483bae4470f2eae086c6d05ed9f2f619ef836eac1f37f4edbfac96fb02 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences
| MD5 | 297a4fab754bbf0262fb986ada2f28a6 |
| SHA1 | 08188ba1c0c38a3284ae31dceae1b05a02c677ad |
| SHA256 | c93f9c66143aeadfd1f7a07dc3b30538c31500eb1f4fec871dde597129a56341 |
| SHA512 | 741162090d9bbe7c4cb44282cf595d51e1bf20d478df200bc59191fa5b98db185f0c04a54b231c00c7f0bdee50c357cd4463d2d7777f80c54adf988d1fb5690b |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Secure Preferences
| MD5 | 95e9e2dd81befc90f6016889891868e8 |
| SHA1 | 2e9c1f80d595950643c415e65fad1d33b7e5992f |
| SHA256 | 2ca055a1dd153d48aaa5a514acf3c03d46db8a806d7cdcfa04dc73a6397f2796 |
| SHA512 | ec2d91b38d28e07f8d126dad48fe8093f3a2531bed6f8e6d72129eb7c93ebe47c920d665cb27471e3c718b0c77a79915f51408a45ff54991e8174494e6047b99 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\TransportSecurity
| MD5 | cb1a9b9e83f8c980a885a158c5b395fa |
| SHA1 | cab1f1c9ed66ec76bc93d9d48287c8691769e0ae |
| SHA256 | 0d022ca578d3ce6c81550cb9c61156c4e2123f4ac17bac290b24080641e07a81 |
| SHA512 | 5e2ede1a048830d465111e39ce27a9841507854b2b9b186f8151163a94a2559850b5c150799d8e364ed2f7992555390fb7eea197cbaaa6325e0be8cb70d7ed6a |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 98afbc4d17c2f04cc37ac52f434c3d4a |
| SHA1 | d20b64fd487e5aa2b3ffddb4c7edf0e9c233f960 |
| SHA256 | d8b8e6d4e925819ac2adc6d1109c2d2abfac11ada69f43ffc47cafa76ef41d67 |
| SHA512 | e4f0102fa38d43d48bf3a3ad9ac095d2523cad5f5f9b967ce92da90cb02e7fded09e6ff4c68e63064b41f931f766f4e3abebe2538d50d5ea1325fd10e1a43632 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 07c614e601c4fc7c70921f34603187bc |
| SHA1 | f829f1e72e5745da1109d186e8f6c88cdaf12934 |
| SHA256 | 80c0541ccd5418081442fed21a428d6f1f6b81b44d8c0c10da6601c249b6850f |
| SHA512 | f74e049f993989499e423a7b45684e60a18ff3878a42202e23694881ebcfc10e82e02b769f259406ef164da976979d602c3f504a2241f059994eddb24e402af8 |
C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\Network Persistent State
| MD5 | 562515852b61920a3ef629062615e26c |
| SHA1 | 7523fd8f7fc6ed4db62cca50142c9243e0925df0 |
| SHA256 | 0d894b51c7c993de263360317ad78a475aae3a4220dd781b02c060688a7499fc |
| SHA512 | 846286beb98e34daa995b62affc7e34bf3a12402ee2df1d632191c9132dada84291714df1252fa2eac636fae0071adbea29d4a8a80bd85df9965bc8b6f3aba56 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win7-20240221-en
Max time kernel
121s
Max time network
122s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1244 -s 240
Network
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-06-04 15:21
Reported
2024-06-04 15:24
Platform
win10v2004-20240426-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Windows\SysWOW64\rundll32.exe | N/A |
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 3456 wrote to memory of 4112 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 3456 wrote to memory of 4112 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 3456 wrote to memory of 4112 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Midex.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Midex.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 4112 -ip 4112
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4112 -s 600
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.179.89.13.in-addr.arpa | udp |