Malware Analysis Report

2025-03-15 04:00

Sample ID 240825-db43tstame
Target Screenshot 2024-08-15 at 17-44-21 TiVo T6 Bootup (Hydra) - YouTube.png
SHA256 ed0aaa82ae8286f4f1a44cb3736674e9f3ca48b0a01d94b4d95e12f2ed5d0922
Tags
bootkit discovery evasion execution motw persistence phishing privilege_escalation spyware stealer
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

ed0aaa82ae8286f4f1a44cb3736674e9f3ca48b0a01d94b4d95e12f2ed5d0922

Threat Level: Likely malicious

The file Screenshot 2024-08-15 at 17-44-21 TiVo T6 Bootup (Hydra) - YouTube.png was found to be: Likely malicious.

Malicious Activity Summary

bootkit discovery evasion execution motw persistence phishing privilege_escalation spyware stealer

Downloads MZ/PE file

Stops running service(s)

Modifies Windows Firewall

Reads user/profile data of web browsers

Checks computer location settings

Loads dropped DLL

Executes dropped EXE

Checks installed software on the system

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Writes to the Master Boot Record (MBR)

Adds Run key to start application

Drops file in System32 directory

Enumerates processes with tasklist

Drops file in Program Files directory

Launches sc.exe

Drops file in Windows directory

System Location Discovery: System Language Discovery

Enumerates physical storage devices

Event Triggered Execution: Netsh Helper DLL

Browser Information Discovery

Suspicious use of SetWindowsHookEx

Suspicious behavior: EnumeratesProcesses

Modifies data under HKEY_USERS

Checks processor information in registry

Suspicious behavior: AddClipboardFormatListener

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious behavior: GetForegroundWindowSpam

Modifies Internet Explorer settings

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Checks SCSI registry key(s)

Suspicious behavior: LoadsDriver

Runs regedit.exe

Suspicious use of AdjustPrivilegeToken

Modifies registry class

Modifies system certificate store

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-25 02:50

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-25 02:50

Reported

2024-08-25 03:11

Platform

win10v2004-20240802-en

Max time kernel

1180s

Max time network

1181s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-08-15 at 17-44-21 TiVo T6 Bootup (Hydra) - YouTube.png"

Signatures

Downloads MZ/PE file

Stops running service(s)

evasion execution

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.511.1001_amd64_native.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Windows\SysWOW64\WScript.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Bootstrapper.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\HD-CheckCpu.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\HD-CheckCpu.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
N/A N/A C:\ProgramData\BlueStacksServicesSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-ForceGPU.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-CheckCpu.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-CheckCpu.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe N/A
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.511.1001_amd64_native.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-ForceGPU.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-CheckCpu.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-CheckCpu.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A

Reads user/profile data of web browsers

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\electron.app.BlueStacks Services = "C:\\Users\\Admin\\AppData\\Local\\Programs\\bluestacks-services\\BlueStacksServices.exe --hidden" C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A

Checks installed software on the system

discovery

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Desktop\MEMZ.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\system32\storage.json C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
File opened for modification C:\Windows\system32\storage.json C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Enumerates processes with tasklist

discovery
Description Indicator Process Target
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A
N/A N/A C:\Windows\system32\tasklist.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\BlueStacks X\language\vi.qm C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\translations\qtwebengine_locales\it.pak C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\translations\qtwebengine_locales\ta.pak C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\www\offline_cef.html C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\app.ico C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\image\banner_default.jpg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\image\MyGames\next_disable.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\image\MyGames\Shadow_under_those_cards.png C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files\BlueStacks_nxt\QtQuick\Window\quickwindowplugin.dll C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\image\email.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\plugins\access\libtcp_plugin.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files\BlueStacks_nxt\EULA.rtf C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\image\MyGames\muti_on.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\image\TypeIndicator\AndroidGame_hover.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\plugins\misc\libxml_plugin.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\translations\qt_nl.qm C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\plugins\audio_filter\libaudio_format_plugin.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\QtQml\WorkerScript C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
File created C:\Program Files\BlueStacks_nxt\msvcp140_atomic_wait.dll C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File created C:\Program Files\BlueStacks_nxt\resources\icudtl.dat C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\Assets\installer_bg_blurred.jpg C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File created C:\Program Files\BlueStacks_nxt\HD-MultiInstanceManager.exe C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File created C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\id.pak C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\image\LocalAPK\icon_add_normal.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\image\radioButton\unselected_hover.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\opengl32sw.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\plugins\access\libattachment_plugin.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\EULA.rtf C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
File created C:\Program Files\BlueStacks_nxt\swresample-4.dll C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
File created C:\Program Files\BlueStacks_nxt\Qt6WebChannelQuick.dll C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File created C:\Program Files (x86)\BlueStacks X\image\Search\History_ButtonDelete_pressed.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\image\settings\remove_disabled.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\api-ms-win-eventing-provider-l1-1-0.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\plugins\misc\libaddonsfsstorage_plugin.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\Qt6Quick.dll C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File created C:\Program Files\BlueStacks_nxt\resources\qtwebengine_resources.pak C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\bg.pak C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File created C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_hover.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\translations\qtwebengine_locales\zh-CN.pak C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files\BlueStacks_nxt\QtQuick\Templates\qmldir C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
File created C:\Program Files\BlueStacks_nxt\HD-EnableHyperV.exe C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File created C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\en-GB.pak C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\image\Optional\Icon_Help_Default.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\BstkDD.dll C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\QtQml\WorkerScript\qmldir C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
File created C:\Program Files\BlueStacks_nxt\Qt6Svg.dll C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File created C:\Program Files (x86)\BlueStacks X\api-ms-win-crt-runtime-l1-1-0.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\plugins\misc\libaudioscrobbler_plugin.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\HD-DataManager.exe.config C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\Qt5Compat\GraphicalEffects C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File created C:\Program Files (x86)\BlueStacks X\image\TypeIndicator\Marketplace_hover.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\www\images\msi5-noNetwork.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\msvcp140_atomic_wait.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\Assets\installer_logo.png C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\image\MyGames C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\translations\qt_gd.qm C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\plugins\mux\libmux_mp4_plugin.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files\BlueStacks_nxt\BlueStacksUninstaller.exe C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\plugins\video_filter\libripple_plugin.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File opened for modification C:\Program Files\BlueStacks_nxt\zlib1.dll C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\plugins\aws\aws-cpp-sdk-transfer.dll C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files\BlueStacks_nxt\VBoxCAPI.dll C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
File opened for modification C:\Program Files (x86)\BlueStacks X\plugins\misc C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
File created C:\Program Files (x86)\BlueStacks X\image\checkBox\checked_normal.svg C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Windows\SysWOW64\mspaint.exe N/A

Launches sc.exe

Description Indicator Process Target
N/A N/A C:\Windows\system32\sc.exe N/A
N/A N/A C:\Windows\system32\sc.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Event Triggered Execution: Netsh Helper DLL

persistence privilege_escalation
Description Indicator Process Target
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\HD-CheckCpu.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\WScript.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\ProgramData\BlueStacksServicesSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\mspaint.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\notepad.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\HD-CheckCpu.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-CheckCpu.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-CheckCpu.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\notepad.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\tasklist.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regedit.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regedit.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\find.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-CheckCpu.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-CheckCpu.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.511.1001_amd64_native.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
Key queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\BlueStacksInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\BlueStacksInstaller.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690279354276321" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\BlueStacksX\shell\ C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3001#immutable1 = "Sync files between your computer and network folders" C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-2#immutable1 = "Manage your Windows credentials." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-1#immutable1 = "AutoPlay" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Rev = "0" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\FFlags = "18874369" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15300#immutable1 = "RemoteApp and Desktop Connections" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-2#immutable1 = "Change user account settings and passwords for people who share this computer." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-300#immutable1 = "Sound" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\WFlags = "0" C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\BlueStacksX\shell\open\command C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12122#immutable1 = "Windows Defender Firewall" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-52#immutable1 = "Set the date, time, and time zone for your computer." C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\BlueStacksX\DefaultIcon C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\BlueStacksX\shell C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\bstsrvs\URL Protocol C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\bstsrvs\shell C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\bstsrvs\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\bluestacks-services\\BlueStacksServices.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-2#immutable1 = "Configure how speech recognition works on your computer." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-3#immutable1 = "Region" C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-103#immutable1 = "Customize your keyboard settings, such as the cursor blink rate and the character repeat rate." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-602#immutable1 = "Change how Windows indexes to search faster" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-2#immutable1 = "Protect your PC using BitLocker Drive Encryption." C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2392887640-1187051047-2909758433-1000\{0E2AF745-4590-400E-80AA-4DFCC165B6E1} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\bstsrvs\ = "URL:bstsrvs" C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-101#immutable1 = "Recovery" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-1#immutable1 = "BitLocker Drive Encryption" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-2000#immutable1 = "View and manage devices, printers, and print jobs" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupView = "0" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\BlueStacksX C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-2#immutable1 = "Conserve energy or maximize performance by choosing how your computer manages power." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15301#immutable1 = "Manage your RemoteApp and Desktop Connections" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4312#immutable1 = "Internet Options" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4313#immutable1 = "Configure your Internet display and connection settings." C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-1#immutable1 = "Power Options" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-1#immutable1 = "Speech Recognition" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-101#immutable1 = "Backup and Restore (Windows 7)" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307} C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\bstsrvs C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-2#immutable1 = "Check network status, change network settings and set preferences for sharing files and printers." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-1000#immutable1 = "Devices and Printers" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\IconSize = "48" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-160#immutable1 = "Uninstall or change programs on your computer." C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 = 14001f706806ee260aa0d7449371beb064c986830000 C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Vid = "{65F125E5-7BE1-4810-BA9D-D271C8432CE3}" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\LogicalViewMode = "2" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-1#immutable1 = "Default Programs" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-4#immutable1 = "Device Manager" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-601#immutable1 = "Indexing Options" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\HotKey = "0" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5 C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\bstsrvs\shell\open C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-2#immutable1 = "Customize settings for the display of languages, numbers, times, and dates." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Mode = "6" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000_Classes\Local Settings C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 0f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a2000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 190000000100000010000000fd960962ac6938e0d4b0769aa1a64e26030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a1d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e76200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb65809000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6502000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A

Runs regedit.exe

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\regedit.exe N/A
N/A N/A C:\Windows\SysWOW64\regedit.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\ProgramData\BlueStacksServicesSetup.exe N/A
N/A N/A C:\ProgramData\BlueStacksServicesSetup.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\SysWOW64\regedit.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\notepad.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe N/A
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe N/A
N/A N/A C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Windows\SysWOW64\mspaint.exe N/A
N/A N/A C:\Windows\SysWOW64\mspaint.exe N/A
N/A N/A C:\Windows\SysWOW64\mspaint.exe N/A
N/A N/A C:\Windows\SysWOW64\mspaint.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2204 wrote to memory of 320 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 320 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 4228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 4228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2204 wrote to memory of 3088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-08-15 at 17-44-21 TiVo T6 Bootup (Hydra) - YouTube.png"

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc4306cc40,0x7ffc4306cc4c,0x7ffc4306cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1832,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1828 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2204,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2244 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2300,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2440 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3196 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3308,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3432 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4072,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4588 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4756,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4796 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4476,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4940 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5076,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4828 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5328,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4836 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3432,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5664 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4908,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3480 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5804,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5796 /prefetch:8

C:\Users\Admin\Downloads\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe

"C:\Users\Admin\Downloads\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe"

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe

"C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe"

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\HD-CheckCpu.exe

"C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\HD-CheckCpu.exe" --cmd checkHypervEnabled

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\HD-CheckCpu.exe

"C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\HD-CheckCpu.exe" --cmd checkSSE4

C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe

"C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.511.1001_nxt.exe" -s

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5048,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1228 /prefetch:8

C:\Windows\SysWOW64\WScript.exe

"C:\Windows\System32\WScript.exe" "C:\Program Files (x86)\BlueStacks X\green.vbs"

C:\Windows\SysWOW64\cmd.exe

"C:\Windows\System32\cmd.exe" /c green.bat

C:\Windows\SysWOW64\netsh.exe

netsh advfirewall firewall delete rule name="BlueStacksWeb"

C:\Windows\SysWOW64\netsh.exe

netsh advfirewall firewall delete rule name="Cloud Game"

C:\Windows\SysWOW64\netsh.exe

netsh advfirewall firewall add rule name="BlueStacksWeb" dir=in action=allow program="C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe"

C:\Windows\SysWOW64\netsh.exe

netsh advfirewall firewall add rule name="Cloud Game" dir=in action=allow program="C:\Program Files (x86)\BlueStacks X\Cloud Game.exe"

C:\Windows\system32\notepad.exe

"C:\Windows\system32\notepad.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe

"C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe" -versionMachineID=e8927d80-8690-4f61-b4ae-5f57a1b673ff -machineID=4e363561-3f2c-46dd-9cd7-1825136d2f04 -pddir="C:\ProgramData\BlueStacks_nxt" -defaultImageName=Pie64 -imageToLaunch=Pie64 -isSSE4Available=1 -appToLaunch=bs5 -bsxVersion=10.41.511.1001 -country=US -isWalletFeatureEnabled

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe" -versionMachineID=e8927d80-8690-4f61-b4ae-5f57a1b673ff -machineID=4e363561-3f2c-46dd-9cd7-1825136d2f04 -pddir="C:\ProgramData\BlueStacks_nxt" -defaultImageName=Pie64 -imageToLaunch=Pie64 -isSSE4Available=1 -appToLaunch=bs5 -bsxVersion=10.41.511.1001 -country=US -isWalletFeatureEnabled

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\BlueStacksInstaller.exe" -versionMachineID="e8927d80-8690-4f61-b4ae-5f57a1b673ff" -machineID="4e363561-3f2c-46dd-9cd7-1825136d2f04" -pddir="C:\ProgramData\BlueStacks_nxt" -defaultImageName="Pie64" -imageToLaunch="Pie64" -appToLaunch="bs5" -bsxVersion="10.41.511.1001" -country="US" -isWalletFeatureEnabled -parentpath="C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacksInstaller_5.21.511.1001_native_9e052ad8ab19cd60955332baea0a8ee0_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe" -md5=9e052ad8ab19cd60955332baea0a8ee0 -app64=

C:\ProgramData\BlueStacksServicesSetup.exe

"C:\ProgramData\BlueStacksServicesSetup.exe"

C:\Windows\SysWOW64\cmd.exe

cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq BlueStacksServices.exe" | find "BlueStacksServices.exe"

C:\Windows\SysWOW64\tasklist.exe

tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq BlueStacksServices.exe"

C:\Windows\SysWOW64\find.exe

find "BlueStacksServices.exe"

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\CommonInstallUtils.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\" -aoa

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\QtRedistx64.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\" -aoa

C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe

"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --hidden --initialLaunch

C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe

"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1624 --field-trial-handle=1748,i,17874195027311794674,6664372159464473105,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Windows\system32\cscript.exe

cscript.exe

C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe

"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --mojo-platform-channel-handle=2004 --field-trial-handle=1748,i,17874195027311794674,6664372159464473105,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKCU\SOFTWARE\BlueStacksServices

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-ForceGPU.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-ForceGPU.exe" 1 "C:\Program Files\BlueStacks_nxt"

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKCU\SOFTWARE\BlueStacksServices

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe" 1 2

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe" 4 2

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regPutValue.wsf A

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe" 2 2

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regPutValue.wsf A

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe" 1 1

C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe

"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --app-user-model-id=com.bluestacks.services --app-path="C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\app.asar" --enable-sandbox --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2628 --field-trial-handle=1748,i,17874195027311794674,6664372159464473105,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe" 4 1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe" 2 1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKLM\SOFTWARE\BlueStacks_nxt

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKLM\SOFTWARE\BlueStacks_nxt

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-CheckCpu.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-CheckCpu.exe" --cmd checkSSE4

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\PF.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\\HD-GLCheck.exe" 2

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\\HD-GLCheck.exe" 3

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\\HD-GLCheck.exe" 1

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\QtRedistx64.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\PD.zip" -o"C:\ProgramData\BlueStacks_nxt" -aoa

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe" x "C:\ProgramData\Pie64_5.21.511.1001.exe" -o"C:\ProgramData\BlueStacks_nxt\Engine\Pie64" -aoa

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKLM\SOFTWARE\BlueStacks_nxt

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"

C:\Windows\system32\cscript.exe

cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKLM\SOFTWARE\BlueStacks_nxt

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\SYSTEM32\netsh.exe

"netsh.exe" advfirewall firewall delete rule name="BlueStacks Service"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\SYSTEM32\netsh.exe

"netsh.exe" advfirewall firewall add rule name="BlueStacks Service" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\HD-Player.exe" enable=yes

C:\Windows\SYSTEM32\netsh.exe

"netsh.exe" advfirewall firewall delete rule name="BlueStacksAppplayerWeb"

C:\Windows\SYSTEM32\netsh.exe

"netsh.exe" advfirewall firewall add rule name="BlueStacksAppplayerWeb" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe" enable=yes

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-CheckCpu.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\HD-CheckCpu.exe" --cmd checkSSE3

C:\Windows\SYSTEM32\cmd.exe

"cmd.exe" /c "sc.exe delete BlueStacksDrv_nxt"

C:\Windows\system32\sc.exe

sc.exe delete BlueStacksDrv_nxt

C:\Windows\SYSTEM32\reg.exe

"reg.exe" EXPORT HKLM\Software\BlueStacks_nxt "C:\Users\Admin\AppData\Local\Temp\tushkdw0.d0z\RegHKLM.txt"

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\7zr.exe" a "C:\Users\Admin\AppData\Local\Temp\Installer.zip" -m0=LZMA:a=1 "C:\Users\Admin\AppData\Local\Temp\tushkdw0.d0z\*"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe

"C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe

BlueStacksWeb.exe --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=3 --mojo-platform-channel-handle=4584 /prefetch:1

C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe

BlueStacksWeb.exe --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=4696 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x46c 0x344

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe

"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3652 --field-trial-handle=1748,i,17874195027311794674,6664372159464473105,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.511.1001_amd64_native.exe

"C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.511.1001_amd64_native.exe" -s -defaultImageName Pie64 -imageToLaunch Pie64 -skipBinaryShortcuts -appToLaunch=bsx

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Bootstrapper.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Bootstrapper.exe" -s -defaultImageName Pie64 -imageToLaunch Pie64 -skipBinaryShortcuts -appToLaunch=bsx

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\BlueStacksInstaller.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\BlueStacksInstaller.exe" -s -defaultImageName="Pie64" -imageToLaunch="Pie64" -skipBinaryShortcuts -appToLaunch="bsx" -parentpath="C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.511.1001_amd64_native.exe"

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\CommonInstallUtils.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\" -aoa

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtRedistx64.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\" -aoa

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-ForceGPU.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-ForceGPU.exe" 1 "C:\Program Files\BlueStacks_nxt"

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe" 1 2

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe" 4 2

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe" 2 2

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe" 1 1

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe" 4 1

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe" 2 1

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-CheckCpu.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-CheckCpu.exe" --cmd checkSSE4

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\PF.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\\HD-GLCheck.exe" 2

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\\HD-GLCheck.exe" 3

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-GLCheck.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\\HD-GLCheck.exe" 1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtRedistx64.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\PD.zip" -o"C:\ProgramData\BlueStacks_nxt" -aoa

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe" x "C:\Users\Admin\AppData\Local\BlueStacks X\Pie64_5.21.511.1001.exe" -o"C:\ProgramData\BlueStacks_nxt\Engine\Pie64" -aoa

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\SYSTEM32\netsh.exe

"netsh.exe" advfirewall firewall delete rule name="BlueStacks Service"

C:\Windows\SYSTEM32\netsh.exe

"netsh.exe" advfirewall firewall add rule name="BlueStacks Service" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\HD-Player.exe" enable=yes

C:\Windows\SYSTEM32\netsh.exe

"netsh.exe" advfirewall firewall delete rule name="BlueStacksAppplayerWeb"

C:\Windows\SYSTEM32\netsh.exe

"netsh.exe" advfirewall firewall add rule name="BlueStacksAppplayerWeb" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe" enable=yes

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-CheckCpu.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-CheckCpu.exe" --cmd checkSSE3

C:\Windows\SYSTEM32\cmd.exe

"cmd.exe" /c "sc.exe delete BlueStacksDrv_nxt"

C:\Windows\system32\sc.exe

sc.exe delete BlueStacksDrv_nxt

C:\Windows\SYSTEM32\reg.exe

"reg.exe" EXPORT HKLM\Software\BlueStacks_nxt "C:\Users\Admin\AppData\Local\Temp\2cff1wke.bk3\RegHKLM.txt"

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe

"C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\7zr.exe" a "C:\Users\Admin\AppData\Local\Temp\Installer.zip" -m0=LZMA:a=1 "C:\Users\Admin\AppData\Local\Temp\2cff1wke.bk3\*"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultb2539acdh5613h4352hbe29h11d7a9dcb170

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x124,0x128,0x40,0x12c,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,12263876188601355338,6640685823889837377,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,12263876188601355338,6640685823889837377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,12263876188601355338,6640685823889837377,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2728 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe

BlueStacksWeb.exe --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2492 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5796,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5460 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5768,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3040 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3412,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1308 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5208,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5404 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5656,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4460 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5284,i,11752334674727713041,12249502709105734736,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3236 /prefetch:8

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc4306cc40,0x7ffc4306cc4c,0x7ffc4306cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2128,i,11646347288243601125,4731549990325057603,262144 --variations-seed-version=20240823-130058.581000 --mojo-platform-channel-handle=2136 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1832,i,11646347288243601125,4731549990325057603,262144 --variations-seed-version=20240823-130058.581000 --mojo-platform-channel-handle=2092 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2296,i,11646347288243601125,4731549990325057603,262144 --variations-seed-version=20240823-130058.581000 --mojo-platform-channel-handle=2492 /prefetch:8

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,11646347288243601125,4731549990325057603,262144 --variations-seed-version=20240823-130058.581000 --mojo-platform-channel-handle=3168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,11646347288243601125,4731549990325057603,262144 --variations-seed-version=20240823-130058.581000 --mojo-platform-channel-handle=3212 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4644,i,11646347288243601125,4731549990325057603,262144 --variations-seed-version=20240823-130058.581000 --mojo-platform-channel-handle=4592 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4884,i,11646347288243601125,4731549990325057603,262144 --variations-seed-version=20240823-130058.581000 --mojo-platform-channel-handle=4904 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4352,i,11646347288243601125,4731549990325057603,262144 --variations-seed-version=20240823-130058.581000 --mojo-platform-channel-handle=5028 /prefetch:8

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe"

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /watchdog

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /watchdog

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /watchdog

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /watchdog

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /watchdog

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /main

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe" \note.txt

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2268 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4360 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3924 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3924 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3708,i,11646347288243601125,4731549990325057603,262144 --variations-seed-version=20240823-130058.581000 --mojo-platform-channel-handle=5136 /prefetch:8

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=mcafee+vs+norton

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+create+your+own+ransomware

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2004 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2388 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x46c 0x344

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=bonzi+buddy+download+free

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4916 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5488 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:1

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6640 /prefetch:2

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=what+happens+if+you+delete+system32

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\SysWOW64\regedit.exe

"C:\Windows\System32\regedit.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7860 /prefetch:1

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=minecraft+hax+download+no+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8800 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13504 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10684 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\SysWOW64\regedit.exe

"C:\Windows\System32\regedit.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\SysWOW64\mspaint.exe

"C:\Windows\System32\mspaint.exe"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=bonzi+buddy+download+free

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12372 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11968 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe

"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"

C:\Windows\splwow64.exe

C:\Windows\splwow64.exe 12288

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13384 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13528 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12336 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x12c,0x130,0x134,0x108,0x138,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7800 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq BlueStacks X.exe"

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq HD-Player.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc428846f8,0x7ffc42884708,0x7ffc42884718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2260,13668146641896657931,5142669135381309267,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10656 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 150.171.27.10:443 g.bing.com tcp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
GB 95.101.143.219:443 www.bing.com tcp
US 8.8.8.8:53 219.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 192.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 227.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 170.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
N/A 224.0.0.251:5353 udp
FR 172.217.18.206:443 clients2.google.com udp
FR 172.217.18.206:443 clients2.google.com tcp
US 8.8.8.8:53 206.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 chrome.google.com udp
FR 216.58.215.46:443 chrome.google.com tcp
US 8.8.8.8:53 46.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
FR 216.58.213.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 74.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 52.111.229.48:443 tcp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.28.171.150.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 35.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 130.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
FR 142.250.75.238:443 play.google.com tcp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 238.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
FR 142.250.201.174:443 consent.google.com tcp
FR 216.58.213.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 174.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.bluestacks.com udp
US 8.8.8.8:53 webapi-cloud.bluestacks.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 cdn-www.bluestacks.com udp
GB 108.138.233.47:443 www.bluestacks.com tcp
GB 108.138.233.47:443 www.bluestacks.com tcp
US 34.120.235.88:443 webapi-cloud.bluestacks.com tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
GB 92.123.140.8:443 cdn-www.bluestacks.com tcp
GB 92.123.140.8:443 cdn-www.bluestacks.com tcp
GB 92.123.140.8:443 cdn-www.bluestacks.com udp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 47.233.138.108.in-addr.arpa udp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 88.235.120.34.in-addr.arpa udp
US 8.8.8.8:53 8.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
GB 18.244.114.118:443 cmp.inmobi.com tcp
FR 216.58.213.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 118.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 200.20.217.172.in-addr.arpa udp
GB 18.244.114.118:443 cmp.inmobi.com tcp
US 8.8.8.8:53 cloud.bluestacks.com udp
US 8.8.8.8:53 api.cmp.inmobi.com udp
DE 3.123.67.172:443 api.cmp.inmobi.com tcp
DE 3.123.67.172:443 api.cmp.inmobi.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 8.8.8.8:53 172.67.123.3.in-addr.arpa udp
US 8.8.8.8:53 181.86.160.34.in-addr.arpa udp
US 34.160.86.181:443 cloud.bluestacks.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
FR 142.250.201.163:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
BE 74.125.71.157:443 stats.g.doubleclick.net tcp
US 34.120.235.88:443 webapi-cloud.bluestacks.com tcp
US 8.8.8.8:53 163.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 157.71.125.74.in-addr.arpa udp
US 34.120.235.88:443 webapi-cloud.bluestacks.com udp
US 34.160.86.181:443 cloud.bluestacks.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
US 34.160.86.181:443 cloud.bluestacks.com udp
US 8.8.8.8:53 ak-build.bluestacks.com udp
GB 92.123.142.194:443 ak-build.bluestacks.com tcp
US 8.8.8.8:53 194.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 cloud.bluestacks.com udp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 8.8.8.8:53 cdn-bgp.bluestacks.com udp
GB 92.123.142.210:443 cdn-bgp.bluestacks.com tcp
US 8.8.8.8:53 210.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 ak-build.bluestacks.com udp
GB 92.123.143.217:443 ak-build.bluestacks.com tcp
US 8.8.8.8:53 217.143.123.92.in-addr.arpa udp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
N/A 127.0.0.1:57499 tcp
N/A 127.0.0.1:57507 tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
N/A 127.0.0.1:50370 tcp
US 8.8.8.8:53 wallet.now.gg udp
US 34.96.124.47:443 wallet.now.gg tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 8.8.8.8:53 wallet.now.gg udp
US 8.8.8.8:53 wallet.now.gg udp
US 34.96.124.47:443 wallet.now.gg tcp
US 34.96.124.47:443 wallet.now.gg tcp
US 8.8.8.8:53 142.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 fcmregistrations.googleapis.com udp
US 8.8.8.8:53 106.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
BE 142.250.110.188:5228 mtalk.google.com tcp
US 8.8.8.8:53 188.110.250.142.in-addr.arpa udp
US 8.8.8.8:443 dns.google udp
US 34.96.124.47:443 wallet.now.gg udp
US 8.8.8.8:53 storage.googleapis.com udp
FR 142.250.178.155:443 storage.googleapis.com tcp
US 8.8.8.8:53 155.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 88.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 cloud.bluestacks.com udp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 8.8.8.8:53 bsxplayer.bluestacks.com udp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 8.8.8.8:53 x-api.bluestacks.com udp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
GB 79.133.176.223:443 x-api.bluestacks.com tcp
US 8.8.8.8:53 ak-build.bluestacks.com udp
GB 92.123.142.194:443 ak-build.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 8.8.8.8:53 bsxplayer.bluestacks.com udp
US 8.8.8.8:53 dev-x.bstkinternal.net udp
GB 79.133.176.223:443 bsxplayer.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
SG 8.214.38.30:443 dev-x.bstkinternal.net tcp
US 8.8.8.8:53 223.176.133.79.in-addr.arpa udp
GB 163.181.57.235:443 bsxplayer.bluestacks.com tcp
SG 8.214.38.30:443 dev-x.bstkinternal.net tcp
US 8.8.8.8:53 bst-launcher-sgp.bluestacks.cn udp
GB 79.133.176.223:443 bst-launcher-sgp.bluestacks.cn tcp
GB 79.133.176.223:443 bst-launcher-sgp.bluestacks.cn tcp
US 8.8.8.8:53 30.38.214.8.in-addr.arpa udp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 8.8.8.8:53 cloud-api-cdn.bluestacks.com udp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
GB 92.123.143.232:443 cloud-api-cdn.bluestacks.com tcp
US 8.8.8.8:53 now.gg udp
US 8.8.8.8:53 232.143.123.92.in-addr.arpa udp
GB 18.244.114.85:443 now.gg tcp
US 8.8.8.8:53 cdn-icon.bluestacks.com udp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
US 8.8.8.8:53 85.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 43.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 57.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 cdn-bgp.bluestacks.com udp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
US 8.8.8.8:53 211.142.123.92.in-addr.arpa udp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
US 8.8.8.8:53 cdn.now.gg udp
GB 92.123.142.145:443 cdn.now.gg tcp
GB 92.123.142.145:443 cdn.now.gg tcp
GB 92.123.142.145:443 cdn.now.gg tcp
US 8.8.8.8:53 145.142.123.92.in-addr.arpa udp
GB 92.123.142.145:443 cdn.now.gg tcp
GB 92.123.142.145:443 cdn.now.gg tcp
GB 92.123.142.145:443 cdn.now.gg tcp
GB 92.123.142.145:443 cdn.now.gg tcp
GB 92.123.142.145:443 cdn.now.gg tcp
GB 92.123.142.145:443 cdn.now.gg tcp
GB 92.123.142.145:443 cdn.now.gg tcp
GB 92.123.142.145:443 cdn.now.gg tcp
US 8.8.8.8:53 cdn-bgp.bluestacks.com udp
GB 92.123.142.210:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.210:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.210:443 cdn-bgp.bluestacks.com tcp
GB 92.123.143.232:443 cloud-api-cdn.bluestacks.com tcp
US 8.8.8.8:53 cdn-icon.bluestacks.com udp
GB 173.222.211.51:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.51:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.51:443 cdn-icon.bluestacks.com tcp
US 8.8.8.8:53 51.211.222.173.in-addr.arpa udp
GB 92.123.142.194:443 ak-build.bluestacks.com tcp
GB 92.123.142.194:443 ak-build.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
GB 92.123.143.232:443 cloud-api-cdn.bluestacks.com tcp
GB 92.123.143.232:443 cloud-api-cdn.bluestacks.com tcp
GB 92.123.143.232:443 cloud-api-cdn.bluestacks.com tcp
GB 92.123.143.232:443 cloud-api-cdn.bluestacks.com tcp
GB 92.123.142.210:443 cdn-bgp.bluestacks.com tcp
GB 92.123.143.232:443 cloud-api-cdn.bluestacks.com tcp
GB 173.222.211.51:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.51:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.51:443 cdn-icon.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.211:443 cdn-bgp.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
GB 92.123.142.210:443 cdn-bgp.bluestacks.com tcp
GB 92.123.142.210:443 cdn-bgp.bluestacks.com tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c55.gcp.gvt2.com udp
CL 34.176.211.24:443 e2c55.gcp.gvt2.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
US 8.8.8.8:53 24.211.176.34.in-addr.arpa udp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
GB 173.222.211.57:443 cdn-icon.bluestacks.com tcp
US 8.8.8.8:53 app-page-details-prod.bstkinternal.net udp
US 34.111.56.14:443 app-page-details-prod.bstkinternal.net tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 14.56.111.34.in-addr.arpa udp
US 8.8.8.8:53 play-lh.googleusercontent.com udp
US 8.8.8.8:53 cdn-www.bluestacks.com udp
FR 216.58.215.46:443 www.youtube.com tcp
FR 172.217.20.214:443 play-lh.googleusercontent.com tcp
FR 172.217.20.214:443 play-lh.googleusercontent.com tcp
FR 172.217.20.214:443 play-lh.googleusercontent.com tcp
FR 172.217.20.214:443 play-lh.googleusercontent.com tcp
FR 172.217.20.214:443 play-lh.googleusercontent.com tcp
FR 172.217.20.214:443 play-lh.googleusercontent.com tcp
GB 92.123.140.34:443 cdn-www.bluestacks.com tcp
US 8.8.8.8:53 34.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 214.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
FR 216.58.214.166:443 static.doubleclick.net tcp
FR 142.250.201.162:443 googleads.g.doubleclick.net tcp
FR 142.250.201.162:443 googleads.g.doubleclick.net tcp
FR 216.58.214.166:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
FR 216.58.214.170:443 jnn-pa.googleapis.com tcp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com tcp
US 8.8.8.8:53 yt3.ggpht.com udp
FR 142.250.179.97:443 yt3.ggpht.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 170.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 166.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 162.201.250.142.in-addr.arpa udp
FR 142.250.75.238:443 play.google.com tcp
FR 142.250.75.238:443 play.google.com tcp
FR 142.250.75.238:443 play.google.com tcp
FR 142.250.75.238:443 play.google.com tcp
GB 92.123.142.194:443 ak-build.bluestacks.com tcp
US 8.8.8.8:53 cloud.bluestacks.com udp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
FR 142.250.179.99:443 beacons.gvt2.com tcp
US 8.8.8.8:53 99.179.250.142.in-addr.arpa udp
FR 142.250.178.155:443 storage.googleapis.com tcp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 8.8.8.8:53 57.110.18.2.in-addr.arpa udp
US 8.8.8.8:53 67.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 23.62.195.195:443 cxcs.microsoft.net tcp
GB 95.101.143.201:443 www.bing.com tcp
US 8.8.8.8:53 195.195.62.23.in-addr.arpa udp
US 8.8.8.8:53 201.143.101.95.in-addr.arpa udp
US 34.160.86.181:443 cloud.bluestacks.com tcp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.100:443 www.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 100.179.250.142.in-addr.arpa udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
FR 142.250.201.163:443 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 id.google.com udp
SG 142.251.12.94:443 id.google.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
SG 142.251.12.94:443 id.google.com tcp
US 8.8.8.8:53 98.179.250.142.in-addr.arpa udp
FR 142.250.179.86:443 i.ytimg.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
FR 216.58.215.46:443 www.youtube.com tcp
FR 142.250.75.238:443 play.google.com udp
FR 216.58.215.46:443 www.youtube.com udp
US 8.8.8.8:53 86.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 94.12.251.142.in-addr.arpa udp
FR 216.58.215.46:443 www.youtube.com tcp
FR 216.58.215.46:443 www.youtube.com udp
FR 142.250.179.86:443 i.ytimg.com tcp
FR 142.250.201.162:443 googleads.g.doubleclick.net tcp
FR 216.58.214.166:443 static.doubleclick.net tcp
FR 216.58.214.170:443 jnn-pa.googleapis.com tcp
FR 142.250.201.162:443 googleads.g.doubleclick.net udp
FR 216.58.214.170:443 jnn-pa.googleapis.com udp
FR 142.250.75.238:443 play.google.com tcp
FR 142.250.75.238:443 play.google.com tcp
FR 142.250.75.238:443 play.google.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
FR 216.58.214.174:443 encrypted-tbn0.gstatic.com tcp
FR 216.58.214.174:443 encrypted-tbn0.gstatic.com tcp
FR 216.58.214.174:443 encrypted-tbn0.gstatic.com tcp
FR 216.58.214.174:443 encrypted-tbn0.gstatic.com tcp
FR 216.58.214.174:443 encrypted-tbn0.gstatic.com tcp
FR 216.58.214.174:443 encrypted-tbn0.gstatic.com tcp
FR 216.58.214.174:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 174.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
FR 142.250.178.129:443 lh5.googleusercontent.com tcp
FR 142.250.178.129:443 lh5.googleusercontent.com tcp
FR 142.250.178.129:443 lh5.googleusercontent.com tcp
FR 142.250.178.129:443 lh5.googleusercontent.com tcp
FR 142.250.178.129:443 lh5.googleusercontent.com tcp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
SG 142.251.12.94:443 id.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
FR 142.250.179.86:443 i.ytimg.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
FR 142.250.75.238:443 play.google.com udp
US 8.8.8.8:53 archive.org udp
FR 142.250.179.100:443 www.google.com udp
US 207.241.224.2:443 archive.org tcp
US 207.241.224.2:443 archive.org tcp
US 8.8.8.8:53 polyfill.archive.org udp
US 8.8.8.8:53 athena.archive.org udp
US 207.241.225.195:443 athena.archive.org tcp
US 8.8.8.8:53 2.224.241.207.in-addr.arpa udp
US 8.8.8.8:53 195.225.241.207.in-addr.arpa udp
US 207.241.239.241:443 polyfill.archive.org tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 241.239.241.207.in-addr.arpa udp
US 8.8.8.8:53 ia803405.us.archive.org udp
US 207.241.232.195:443 ia803405.us.archive.org tcp
US 8.8.8.8:53 195.232.241.207.in-addr.arpa udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 analytics.archive.org udp
US 8.8.8.8:53 ia903405.us.archive.org udp
US 207.241.230.195:443 ia903405.us.archive.org tcp
US 8.8.8.8:53 195.230.241.207.in-addr.arpa udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.100:443 www.google.com tcp
FR 142.250.179.100:443 www.google.com tcp
FR 142.250.179.100:443 www.google.com tcp
FR 142.250.179.100:443 www.google.com udp
US 8.8.8.8:53 chrome.google.com udp
FR 216.58.215.46:443 chrome.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
FR 172.217.18.206:443 clients2.google.com udp
FR 172.217.18.206:443 clients2.google.com tcp
US 8.8.8.8:53 google.co.ck udp
FR 142.250.178.132:443 google.co.ck tcp
FR 142.250.178.132:443 google.co.ck tcp
US 8.8.8.8:53 132.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.100:443 www.google.com tcp
FR 142.250.179.100:443 www.google.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
FR 142.250.178.132:443 google.co.ck udp
US 8.8.8.8:53 64.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.co.ck udp
US 8.8.8.8:53 34.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
FR 142.250.75.238:443 play.google.com tcp
US 8.8.8.8:53 pcoptimizerpro.com udp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:80 pcoptimizerpro.com tcp
US 50.63.8.124:443 pcoptimizerpro.com tcp
US 8.8.8.8:53 www.pcoptimizerpro.com udp
US 8.8.8.8:53 124.8.63.50.in-addr.arpa udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 8.8.8.8:53 www.jqueryscript.net udp
US 8.8.8.8:53 www.clarity.ms udp
US 104.26.4.155:443 www.jqueryscript.net tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 8.8.8.8:53 cdn.jquery.app udp
US 104.21.66.214:443 cdn.jquery.app tcp
US 8.8.8.8:53 static.hotjar.com udp
GB 13.224.245.87:443 static.hotjar.com tcp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 155.4.26.104.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 214.66.21.104.in-addr.arpa udp
US 8.8.8.8:53 87.245.224.13.in-addr.arpa udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 script.hotjar.com udp
GB 18.245.253.99:443 script.hotjar.com tcp
GB 74.125.71.154:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 99.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 154.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 151.64.8.51.in-addr.arpa udp
US 8.8.8.8:53 c.clarity.ms udp
IE 13.74.129.1:443 c.clarity.ms tcp
US 13.107.21.237:443 c.bing.com tcp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
GB 92.123.142.137:443 www.bing.com tcp
US 8.8.8.8:53 137.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.142.137:443 r.bing.com tcp
GB 92.123.142.137:443 r.bing.com tcp
GB 92.123.142.137:443 r.bing.com tcp
GB 92.123.142.137:443 r.bing.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.138:443 login.microsoftonline.com tcp
FR 142.250.178.132:443 google.co.ck udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
FR 142.250.75.238:443 play.google.com udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 ts1.explicit.bing.net udp
US 8.8.8.8:53 ts4.mm.bing.net udp
US 8.8.8.8:53 ts1.mm.bing.net udp
US 204.79.197.201:443 ts1.explicit.bing.net tcp
US 150.171.27.10:443 ts1.mm.bing.net tcp
US 150.171.28.10:443 ts1.mm.bing.net tcp
US 8.8.8.8:53 testfamilysafety.bing.com udp
US 8.8.8.8:53 ts2.mm.bing.net udp
US 8.8.8.8:53 201.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 ts3.mm.bing.net udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 orig00.deviantart.net udp
US 35.164.23.224:443 orig00.deviantart.net tcp
US 8.8.8.8:53 vignette.wikia.nocookie.net udp
US 8.8.8.8:53 media.sketchfab.com udp
US 8.8.8.8:53 images6.fanpop.com udp
US 35.164.23.224:443 orig00.deviantart.net tcp
GB 18.244.114.14:443 media.sketchfab.com tcp
US 104.26.10.178:443 images6.fanpop.com tcp
DE 74.120.188.204:443 vignette.wikia.nocookie.net tcp
DE 74.120.188.204:443 vignette.wikia.nocookie.net tcp
US 104.26.10.178:443 images6.fanpop.com tcp
GB 18.244.114.14:443 media.sketchfab.com tcp
US 8.8.8.8:53 preview.redd.it udp
US 151.101.129.140:443 preview.redd.it tcp
US 8.8.8.8:53 pre00.deviantart.net udp
US 8.8.8.8:53 224.23.164.35.in-addr.arpa udp
US 8.8.8.8:53 14.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 178.10.26.104.in-addr.arpa udp
US 8.8.8.8:53 204.188.120.74.in-addr.arpa udp
US 8.8.8.8:53 140.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com udp
US 34.117.88.159:443 images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com tcp
US 34.117.88.159:443 images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com tcp
US 8.8.8.8:53 comicstud.io udp
US 104.21.23.213:443 comicstud.io tcp
US 34.117.88.159:443 images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com udp
US 104.21.23.213:443 comicstud.io tcp
US 8.8.8.8:53 i.etsystatic.com udp
US 151.101.65.224:443 i.etsystatic.com tcp
US 8.8.8.8:53 159.88.117.34.in-addr.arpa udp
US 8.8.8.8:53 213.23.21.104.in-addr.arpa udp
US 8.8.8.8:53 cdn.comic.studio udp
US 8.8.8.8:53 224.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 104.21.9.48:443 cdn.comic.studio tcp
US 8.8.8.8:53 48.9.21.104.in-addr.arpa udp
US 104.26.10.178:443 images6.fanpop.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 92.123.142.114:443 www.bing.com tcp
GB 23.62.195.195:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 114.142.123.92.in-addr.arpa udp
FR 142.250.178.132:443 google.co.ck udp
FR 142.250.179.100:443 www.google.com udp
FR 142.250.75.238:443 play.google.com udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 173.222.211.40:443 aefd.nelreports.net tcp
GB 173.222.211.40:443 aefd.nelreports.net tcp
GB 173.222.211.40:443 aefd.nelreports.net udp
US 8.8.8.8:53 40.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
US 34.117.88.159:443 images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com udp
US 8.8.8.8:53 static.wikia.nocookie.net udp
FR 142.250.201.182:443 i.ytimg.com tcp
FR 142.250.201.182:443 i.ytimg.com tcp
US 8.8.8.8:53 182.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.142.137:443 th.bing.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 battlefordreamisland.fandom.com udp
US 199.232.212.194:443 battlefordreamisland.fandom.com tcp
US 199.232.212.194:443 battlefordreamisland.fandom.com tcp
US 8.8.8.8:53 194.212.232.199.in-addr.arpa udp
US 8.8.8.8:53 services.fandom.com udp
DE 74.120.188.204:443 static.wikia.nocookie.net tcp
DE 74.120.188.204:443 static.wikia.nocookie.net tcp
US 8.8.8.8:53 www.fastly-insights.com udp
DE 74.120.188.204:443 static.wikia.nocookie.net tcp
DE 74.120.188.204:443 static.wikia.nocookie.net tcp
DE 74.120.188.204:443 static.wikia.nocookie.net tcp
DE 74.120.188.204:443 static.wikia.nocookie.net tcp
US 151.101.130.91:443 www.fastly-insights.com tcp
US 8.8.8.8:53 script.wikia.nocookie.net udp
DE 74.120.188.204:443 script.wikia.nocookie.net tcp
US 8.8.8.8:53 dev.fandom.com udp
US 8.8.8.8:53 platform.twitter.com udp
NL 192.229.233.25:443 platform.twitter.com tcp
US 199.232.212.194:443 dev.fandom.com tcp
US 199.232.212.194:443 dev.fandom.com tcp
US 199.232.212.194:443 dev.fandom.com tcp
US 199.232.212.194:443 dev.fandom.com tcp
US 199.232.208.194:443 dev.fandom.com tcp
US 8.8.8.8:53 www.fandom.com udp
US 8.8.8.8:53 beacon.wikia-services.com udp
US 74.120.189.205:443 beacon.wikia-services.com tcp
US 8.8.8.8:53 25.233.229.192.in-addr.arpa udp
US 8.8.8.8:53 194.208.232.199.in-addr.arpa udp
US 8.8.8.8:53 fastly-insights.com udp
US 104.244.42.72:443 syndication.twitter.com tcp
US 151.101.2.91:443 fastly-insights.com tcp
US 8.8.8.8:53 bare-v4.pops.fastly-insights.com udp
GB 151.101.190.91:443 bare-v4.pops.fastly-insights.com tcp
US 8.8.8.8:53 c6d5a87c-239a-433f-96d3-30488197b1e9.eu.u.fastly-insights.com udp
US 151.101.130.91:443 c6d5a87c-239a-433f-96d3-30488197b1e9.eu.u.fastly-insights.com tcp
US 8.8.8.8:53 hyd-v4.pops.fastly-insights.com udp
US 8.8.8.8:53 91.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 205.189.120.74.in-addr.arpa udp
US 8.8.8.8:53 72.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 91.190.101.151.in-addr.arpa udp
IN 199.232.106.91:443 hyd-v4.pops.fastly-insights.com tcp
US 8.8.8.8:53 klot-v4.pops.fastly-insights.com udp
US 146.75.82.91:443 klot-v4.pops.fastly-insights.com tcp
US 8.8.8.8:53 91.106.232.199.in-addr.arpa udp
US 8.8.8.8:53 muc-v4.pops.fastly-insights.com udp
NL 192.229.233.25:443 platform.twitter.com tcp
NL 192.229.233.25:443 platform.twitter.com tcp
NL 192.229.233.25:443 platform.twitter.com tcp
NL 192.229.233.25:443 platform.twitter.com tcp
NL 192.229.233.25:443 platform.twitter.com tcp
DE 199.232.190.91:443 muc-v4.pops.fastly-insights.com tcp
US 74.120.189.205:443 beacon.wikia-services.com tcp
US 8.8.8.8:53 c6d5a87c-239a-433f-96d3-30488197b1e9-pdata-v4.unique.k.fastly-insights.com udp
GB 146.75.74.91:443 c6d5a87c-239a-433f-96d3-30488197b1e9-pdata-v4.unique.k.fastly-insights.com tcp
US 8.8.8.8:53 secure.quantserve.com udp
DE 91.228.74.244:443 secure.quantserve.com tcp
US 8.8.8.8:53 astral-v4.pops.fastly-insights.com udp
US 151.101.66.91:443 astral-v4.pops.fastly-insights.com tcp
US 8.8.8.8:53 seg.ad.gt udp
US 104.22.5.69:443 seg.ad.gt tcp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 a.ad.gt udp
US 8.8.8.8:53 js.zi-scripts.com udp
US 8.8.8.8:53 cdn.adsafeprotected.com udp
US 8.8.8.8:53 cdn-gl.imrworldwide.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 pub.doubleverify.com udp
US 8.8.8.8:53 b-code.liadm.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 91.82.75.146.in-addr.arpa udp
US 8.8.8.8:53 91.190.232.199.in-addr.arpa udp
US 8.8.8.8:53 91.74.75.146.in-addr.arpa udp
US 8.8.8.8:53 244.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
GB 18.165.227.10:443 b-code.liadm.com tcp
US 8.8.8.8:53 prebid-server.rubiconproject.com udp
US 104.22.4.69:443 a.ad.gt tcp
GB 18.165.242.125:443 sb.scorecardresearch.com tcp
GB 108.156.46.127:443 cdn-gl.imrworldwide.com tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
GB 18.172.153.15:443 cdn.adsafeprotected.com tcp
US 104.18.37.212:443 js.zi-scripts.com tcp
DE 162.19.138.119:443 id5-sync.com tcp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 elb.the-ozone-project.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ads.servenobid.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 s.seedtag.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 104.18.166.224:443 pub.doubleverify.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 8.8.8.8:53 man-v4.pops.fastly-insights.com udp
US 34.120.63.153:443 prebid.media.net tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 104.18.34.190:443 elb.the-ozone-project.com tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
DE 18.157.230.4:443 tlx.3lift.com tcp
IE 34.254.33.22:443 ads.servenobid.com tcp
US 8.8.8.8:53 www.doubleclick.net udp
US 34.149.50.64:443 s.seedtag.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
GB 199.232.54.91:443 man-v4.pops.fastly-insights.com tcp
FR 142.250.75.238:443 www.doubleclick.net tcp
US 8.8.8.8:53 rules.quantcount.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
GB 18.245.187.38:443 rules.quantcount.com tcp
GB 18.154.84.60:443 cdn.amplitude.com tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
US 104.22.5.69:443 a.ad.gt tcp
GB 173.222.211.58:80 apps.identrust.com tcp
IE 34.252.24.164:443 pixel.adsafeprotected.com tcp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 p.ad.gt udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 ids.ad.gt udp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 image2.pubmatic.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 pixel.tapad.com udp
US 8.8.8.8:53 marketingplatform.google.com udp
DE 37.252.171.149:443 secure.adnxs.com tcp
US 35.155.200.48:443 ids.ad.gt tcp
US 35.155.200.48:443 ids.ad.gt tcp
GB 18.172.154.232:443 aax.amazon-adsystem.com tcp
US 34.111.113.62:443 pixel.tapad.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 35.71.131.137:443 match.adsrvr.org tcp
GB 185.64.191.210:443 image2.pubmatic.com tcp
FR 216.58.214.162:443 cm.g.doubleclick.net tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 172.67.36.110:443 cdn.hadronid.net tcp
US 104.22.5.69:443 p.ad.gt tcp
FR 216.58.214.78:443 marketingplatform.google.com tcp
US 8.8.8.8:53 adl-v4.pops.fastly-insights.com udp
US 35.155.200.48:443 ids.ad.gt tcp
AU 146.75.102.91:443 adl-v4.pops.fastly-insights.com tcp
US 8.8.8.8:53 d.turn.com udp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 8.8.8.8:53 dpm.demdex.net udp
FR 216.58.214.162:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 69.166.1.66:443 sync.go.sonobi.com tcp
NL 46.228.164.13:443 d.turn.com tcp
IE 54.228.186.105:443 dpm.demdex.net tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 launchpad-wrapper.privacymanager.io udp
GB 108.156.39.15:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 91.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 10.227.165.18.in-addr.arpa udp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
US 8.8.8.8:53 125.242.165.18.in-addr.arpa udp
US 8.8.8.8:53 127.46.156.108.in-addr.arpa udp
US 8.8.8.8:53 9.223.224.13.in-addr.arpa udp
US 8.8.8.8:53 15.153.172.18.in-addr.arpa udp
US 8.8.8.8:53 212.37.18.104.in-addr.arpa udp
US 8.8.8.8:53 229.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 119.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 224.166.18.104.in-addr.arpa udp
US 8.8.8.8:53 150.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 190.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 141.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 22.33.254.34.in-addr.arpa udp
US 8.8.8.8:53 64.50.149.34.in-addr.arpa udp
US 8.8.8.8:53 4.230.157.18.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 91.54.232.199.in-addr.arpa udp
US 8.8.8.8:53 38.187.245.18.in-addr.arpa udp
US 8.8.8.8:53 60.84.154.18.in-addr.arpa udp
US 8.8.8.8:53 58.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 164.24.252.34.in-addr.arpa udp
US 35.155.200.48:443 ids.ad.gt tcp
US 8.8.8.8:53 149.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 232.154.172.18.in-addr.arpa udp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 8.8.8.8:53 137.131.71.35.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 110.36.67.172.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 162.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 116.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 78.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 48.200.155.35.in-addr.arpa udp
US 8.8.8.8:53 api2.amplitude.com udp
GB 54.192.137.41:443 launchpad-wrapper.privacymanager.io tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 id.hadron.ad.gt udp
AU 146.75.102.91:443 adl-v4.pops.fastly-insights.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 54.69.157.141:443 api2.amplitude.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
GB 23.53.174.156:443 secure.cdn.fastclick.net tcp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 pixel.quantserve.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 pixels.ad.gt udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 launchpad.privacymanager.io udp
IE 52.95.125.22:443 aax-eu.amazon-adsystem.com tcp
GB 18.245.143.83:443 tags.crwdcntrl.net tcp
US 104.22.5.69:443 pixels.ad.gt tcp
FR 216.58.215.46:443 fundingchoicesmessages.google.com tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
GB 108.156.46.68:443 launchpad.privacymanager.io tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
IE 52.211.24.199:443 bcp.crwdcntrl.net tcp
US 151.101.193.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 d3774c6668bf51692e9aa3209107c1f1.safeframe.googlesyndication.com udp
US 8.8.8.8:53 geo.privacymanager.io udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 cdn.prod.uidapi.com udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 cdn.prod.euid.eu udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 connectid.analytics.yahoo.com udp
FR 142.250.179.65:443 d3774c6668bf51692e9aa3209107c1f1.safeframe.googlesyndication.com tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
GB 18.244.179.114:443 geo.privacymanager.io tcp
GB 18.245.162.54:443 connectid.analytics.yahoo.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
GB 18.245.255.11:443 cdn.prod.uidapi.com tcp
GB 18.239.239.233:443 cdn.prod.euid.eu tcp
FR 216.58.214.162:443 ep1.adtrafficquality.google tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 cdn.adnxs.com udp
US 8.8.8.8:53 ams3-ib.adnxs.com udp
US 8.8.8.8:53 13.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 105.186.228.54.in-addr.arpa udp
US 8.8.8.8:53 15.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 66.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 156.174.53.23.in-addr.arpa udp
US 8.8.8.8:53 141.157.69.54.in-addr.arpa udp
US 8.8.8.8:53 22.125.95.52.in-addr.arpa udp
US 8.8.8.8:53 83.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 68.46.156.108.in-addr.arpa udp
US 8.8.8.8:53 23.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 199.24.211.52.in-addr.arpa udp
US 8.8.8.8:53 65.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 114.179.244.18.in-addr.arpa udp
US 8.8.8.8:53 54.162.245.18.in-addr.arpa udp
US 8.8.8.8:53 11.255.245.18.in-addr.arpa udp
US 8.8.8.8:53 233.239.239.18.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 41.137.192.54.in-addr.arpa udp
US 8.8.8.8:53 oajs.openx.net udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 esp.rtbhouse.com udp
US 34.120.135.53:443 oajs.openx.net tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 35.190.39.111:443 esp.rtbhouse.com tcp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
GB 92.123.142.144:443 cdn.adnxs.com tcp
US 151.101.66.67:443 quic-v4.pops.fastly-insights.com tcp
GB 92.123.142.144:443 cdn.adnxs.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
US 34.120.135.53:443 oajs.openx.net udp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.100:443 www.google.com udp
US 8.8.8.8:53 etou-v4.pops.fastly-insights.com udp
DE 146.75.122.91:443 etou-v4.pops.fastly-insights.com tcp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 34.98.64.218:443 google-bidout-d.openx.net tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 cdn.doubleverify.com udp
US 8.8.8.8:53 s0.2mdn.net udp
US 151.101.65.108:443 acdn.adnxs.com tcp
GB 173.222.211.11:443 cdn.doubleverify.com tcp
FR 142.250.178.134:443 s0.2mdn.net tcp
US 8.8.8.8:53 194.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 53.135.120.34.in-addr.arpa udp
US 8.8.8.8:53 111.39.190.35.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 144.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 67.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 37.62.75.3.in-addr.arpa udp
US 8.8.8.8:53 161.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 91.122.75.146.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
FR 142.250.178.134:443 s0.2mdn.net udp
US 130.211.44.5:443 rtb0.doubleverify.com tcp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
FR 142.250.179.98:443 googleads4.g.doubleclick.net tcp
US 8.8.8.8:53 secure-dcr.imrworldwide.com udp
US 8.8.8.8:53 tdco1w6jctixzlkwcuscebx1lezdk1724555324.nuid.imrworldwide.com udp
US 8.8.8.8:53 cdn.pathtosuccess.global udp
IE 54.76.19.184:443 secure-dcr.imrworldwide.com tcp
GB 18.245.218.86:443 tdco1w6jctixzlkwcuscebx1lezdk1724555324.nuid.imrworldwide.com tcp
GB 18.245.218.20:443 cdn.pathtosuccess.global tcp
US 8.8.8.8:53 ad.yieldlab.net udp
US 8.8.8.8:53 ad.sxp.smartclip.net udp
US 35.186.194.101:443 ad.sxp.smartclip.net tcp
GB 2.18.109.192:443 ad.yieldlab.net tcp
US 8.8.8.8:53 108.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 11.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 134.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 5.44.211.130.in-addr.arpa udp
US 8.8.8.8:53 86.218.245.18.in-addr.arpa udp
US 8.8.8.8:53 184.19.76.54.in-addr.arpa udp
US 8.8.8.8:53 20.218.245.18.in-addr.arpa udp
US 8.8.8.8:53 101.194.186.35.in-addr.arpa udp
US 8.8.8.8:53 192.109.18.2.in-addr.arpa udp
US 35.186.194.101:443 ad.sxp.smartclip.net udp
FR 142.250.179.98:443 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 rtbc-ew1.doubleverify.com udp
US 130.211.44.5:443 rtbc-ew1.doubleverify.com tcp
FR 142.250.178.132:443 google.co.ck udp
US 8.8.8.8:53 eb2.3lift.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 public.servenobid.com udp
GB 108.156.39.118:443 public.servenobid.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
GB 2.18.108.192:443 ads.pubmatic.com tcp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 118.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 hb.trustedstack.com udp
GB 92.123.140.75:443 hb.trustedstack.com tcp
US 8.8.8.8:53 cs.seedtag.com udp
US 8.8.8.8:53 contextual.media.net udp
US 104.16.184.87:443 cs.seedtag.com tcp
GB 95.100.244.20:443 contextual.media.net tcp
US 8.8.8.8:53 g2.gumgum.com udp
IE 176.34.91.67:443 g2.gumgum.com tcp
US 8.8.8.8:53 pixel.33across.com udp
US 8.8.8.8:53 onetag-sys.com udp
DE 51.89.9.254:443 onetag-sys.com tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
FR 5.196.111.69:443 ssbsync.smartadserver.com tcp
FR 142.250.75.238:443 www.doubleclick.net udp
US 8.8.8.8:53 192.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 75.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 87.184.16.104.in-addr.arpa udp
US 8.8.8.8:53 20.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 67.91.34.176.in-addr.arpa udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 69.111.196.5.in-addr.arpa udp
GB 104.82.143.163:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 3.210.110.24:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 cdn.dxkulture.com udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 104.18.42.227:443 cdn.dxkulture.com tcp
US 8.8.8.8:53 ce.lijit.com udp
IE 52.214.122.99:443 ce.lijit.com tcp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 lg1.hb.trustedstack.com udp
IE 52.16.250.207:443 ap.lijit.com tcp
US 8.8.8.8:53 sync.1rx.io udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 p.rfihub.com udp
NL 193.0.160.130:443 p.rfihub.com tcp
US 8.8.8.8:53 csync.smartadserver.com udp
DE 162.19.138.119:443 lb.eu-1-id5-sync.com tcp
GB 92.123.140.91:443 csync.smartadserver.com tcp
US 8.8.8.8:53 163.143.82.104.in-addr.arpa udp
US 8.8.8.8:53 24.110.210.3.in-addr.arpa udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 227.42.18.104.in-addr.arpa udp
US 8.8.8.8:53 99.122.214.52.in-addr.arpa udp
US 8.8.8.8:53 207.250.16.52.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 8.8.8.8:53 sync.richaudience.com udp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
DE 162.55.233.29:443 sync.richaudience.com tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
DE 51.89.9.254:443 onetag-sys.com udp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 csync.loopme.me udp
DE 18.197.30.174:443 match.sharethrough.com tcp
DE 162.55.233.29:443 sync.richaudience.com tcp
NL 35.214.222.169:443 csync.loopme.me tcp
US 8.8.8.8:53 match.prod.bidr.io udp
IE 34.252.6.15:443 match.prod.bidr.io tcp
US 34.149.50.64:443 s.seedtag.com udp
US 8.8.8.8:53 cacerts.rapidssl.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 69.166.1.66:443 sync.go.sonobi.com tcp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
NL 89.149.192.73:443 sync.smartadserver.com tcp
US 8.8.8.8:53 c1.adform.net udp
NL 145.40.97.77:443 prebid.a-mo.net tcp
DK 37.157.2.228:443 c1.adform.net tcp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 91.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 174.30.197.18.in-addr.arpa udp
US 8.8.8.8:53 169.222.214.35.in-addr.arpa udp
US 8.8.8.8:53 29.233.55.162.in-addr.arpa udp
US 8.8.8.8:53 15.6.252.34.in-addr.arpa udp
US 8.8.8.8:53 73.192.149.89.in-addr.arpa udp
US 8.8.8.8:53 tg.socdm.com udp
JP 124.146.153.165:443 tg.socdm.com tcp
US 8.8.8.8:53 creativecdn.com udp
NL 185.184.8.90:443 creativecdn.com tcp
JP 124.146.153.165:443 tg.socdm.com tcp
US 8.8.8.8:53 ssp.disqus.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 54.197.92.238:443 ssp.disqus.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 usersync.gumgum.com udp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 hbx.media.net udp
IE 18.200.89.214:443 ads.yieldmo.com tcp
US 8.8.8.8:53 us.shb-sync.com udp
US 8.2.110.33:443 us.shb-sync.com tcp
NL 35.214.222.169:443 csync.loopme.me tcp
US 8.8.8.8:53 77.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 165.153.146.124.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 228.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 238.92.197.54.in-addr.arpa udp
US 8.8.8.8:53 196.205.247.34.in-addr.arpa udp
US 8.8.8.8:53 214.89.200.18.in-addr.arpa udp
US 8.8.8.8:53 33.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 player.aniview.com udp
GB 92.123.143.216:443 player.aniview.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
NL 89.149.193.120:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 ced-ns.sascdn.com udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
GB 92.123.140.113:443 ced-ns.sascdn.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 8.8.8.8:53 cs.media.net udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 ads.dxkulture.com udp
US 35.244.159.8:443 us-u.openx.net udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 54.235.220.110:443 api-2-0.spot.im tcp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 64.202.112.223:443 b1sync.zemanta.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
NL 35.214.149.91:443 x.bidswitch.net tcp
IE 52.50.71.3:443 pr-bh.ybp.yahoo.com tcp
US 8.8.8.8:53 sync.aniview.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 216.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 120.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 113.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 71.126.55.45.in-addr.arpa udp
US 8.8.8.8:53 110.220.235.54.in-addr.arpa udp
US 8.8.8.8:53 223.112.202.64.in-addr.arpa udp
US 8.8.8.8:53 3.71.50.52.in-addr.arpa udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 172.240.45.78:443 sync.aniview.com tcp
US 54.144.14.120:443 sync.ipredictive.com tcp
NL 35.214.222.169:443 csync.loopme.me tcp
US 8.8.8.8:53 match.deepintent.com udp
US 8.8.8.8:53 ad.360yield.com udp
US 169.197.150.8:443 match.deepintent.com tcp
IE 3.251.24.2:443 ad.360yield.com tcp
US 8.8.8.8:53 ssum.casalemedia.com udp
US 8.8.8.8:53 cm.adform.net udp
NL 89.149.193.120:443 rtb-csync.smartadserver.com tcp
DK 37.157.5.84:443 cm.adform.net tcp
US 8.8.8.8:53 image8.pubmatic.com udp
DE 57.129.18.121:443 wt.rqtrk.eu tcp
US 8.8.8.8:53 cms.quantserve.com udp
GB 185.64.191.214:443 image8.pubmatic.com tcp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 tracker.open-adsyield.com udp
US 8.8.8.8:53 bttrack.com udp
US 172.111.38.111:443 tracker.open-adsyield.com tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 192.132.33.67:443 bttrack.com tcp
US 8.8.8.8:53 bh.contextweb.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
IE 52.49.168.145:443 jadserve.postrelease.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 120.14.144.54.in-addr.arpa udp
US 8.8.8.8:53 2.24.251.3.in-addr.arpa udp
US 8.8.8.8:53 8.150.197.169.in-addr.arpa udp
US 8.8.8.8:53 84.5.157.37.in-addr.arpa udp
US 8.8.8.8:53 121.18.129.57.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 145.168.49.52.in-addr.arpa udp
US 8.8.8.8:53 111.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 67.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 id.rlcdn.com udp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 8.8.8.8:53 eexsync.com udp
US 80.77.87.108:443 eexsync.com tcp
US 8.8.8.8:53 108.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 abs.twimg.com udp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 abs-0.twimg.com udp
US 8.8.8.8:53 pbs.twimg.com udp
US 104.244.43.131:443 abs-0.twimg.com tcp
US 104.244.43.131:443 abs-0.twimg.com tcp
US 104.244.43.131:443 abs-0.twimg.com tcp
US 104.244.43.131:443 abs-0.twimg.com tcp
US 104.244.43.131:443 abs-0.twimg.com tcp
US 104.244.43.131:443 abs-0.twimg.com tcp
GB 151.101.188.159:443 pbs.twimg.com tcp
GB 151.101.188.159:443 pbs.twimg.com tcp
GB 151.101.188.159:443 pbs.twimg.com tcp
GB 151.101.188.159:443 pbs.twimg.com tcp
US 8.8.8.8:53 141.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 159.188.101.151.in-addr.arpa udp
US 8.8.8.8:53 131.43.244.104.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 clients2.google.com udp
FR 172.217.18.206:443 clients2.google.com udp
FR 172.217.18.206:443 clients2.google.com tcp
FR 142.250.178.132:443 google.co.ck udp
FR 142.250.179.100:443 www.google.com udp
FR 142.250.75.238:443 www.doubleclick.net udp
US 8.8.8.8:53 play.clubpenguin.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 play.clubpenguin.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
FR 216.58.215.35:443 beacons2.gvt2.com tcp
FR 216.58.215.35:443 beacons2.gvt2.com udp
US 74.120.189.205:443 beacon.wikia-services.com tcp
US 74.120.189.205:443 beacon.wikia-services.com tcp
US 8.8.8.8:53 ads.servenobid.com udp
US 74.120.189.205:443 beacon.wikia-services.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 185.89.210.141:443 ams3-ib.adnxs.com tcp
US 34.149.50.64:443 s.seedtag.com udp
US 34.120.63.153:443 prebid.media.net udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
IE 34.254.33.22:443 ads.servenobid.com tcp
IE 34.254.33.22:443 ads.servenobid.com tcp
US 74.120.189.205:443 beacon.wikia-services.com tcp
US 74.120.189.205:443 beacon.wikia-services.com tcp
US 8.8.8.8:53 ams3-ib.adnxs.com udp
US 8.8.8.8:53 battlefordreamisland.fandom.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
FR 142.250.75.226:443 googleads.g.doubleclick.net udp
FR 216.58.214.162:443 ep1.adtrafficquality.google udp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 cdn.doubleverify.com udp
US 8.8.8.8:53 a5063.casalemedia.com udp
US 8.8.8.8:53 cs.lkqd.net udp
US 8.8.8.8:53 acdn.adnxs.com udp
CA 185.170.62.85:443 a5063.casalemedia.com tcp
GB 173.222.211.11:443 cdn.doubleverify.com tcp
US 8.8.8.8:53 226.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 85.62.170.185.in-addr.arpa udp
US 8.8.8.8:53 rtb0.doubleverify.com udp
US 130.211.44.5:443 rtb0.doubleverify.com tcp
FR 142.250.179.98:443 ade.googlesyndication.com udp
FR 142.250.178.134:443 s0.2mdn.net udp
US 130.211.44.5:443 rtb0.doubleverify.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 tps.doubleverify.com udp
US 130.211.44.5:443 tps.doubleverify.com tcp
DE 74.120.188.204:443 script.wikia.nocookie.net tcp
US 8.8.8.8:53 js-sec.indexww.com udp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 rtbc-ew1.doubleverify.com udp
US 130.211.44.5:443 rtbc-ew1.doubleverify.com tcp
US 8.8.8.8:53 tpsc-ew1.doubleverify.com udp
US 130.211.44.5:443 tpsc-ew1.doubleverify.com tcp
US 8.8.8.8:53 play.clubpenguin.com udp
US 130.211.44.5:443 tpsc-ew1.doubleverify.com tcp
US 8.8.8.8:53 play.clubpenguin.com udp
US 8.8.8.8:53 google.co.ck udp
FR 142.250.178.132:443 google.co.ck udp
FR 142.250.179.100:443 www.google.com udp
FR 142.250.75.238:443 google.com udp

Files

\??\pipe\crashpad_2204_WLVOQPWYPIGXOGSO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 6e572ea96a0bbdf4d1614fe61b1c277e
SHA1 8e16dc458d6fc3f857d2d4f15921b3cc14a0950a
SHA256 63fd21670d3fe58c711cf73327123cedc6eff57655c711f00b66cd4ea78a34c1
SHA512 cc3bee122b12879fac6c756208b39fa309e90689f614a3e76f0cb827f87d691a2539eb7ab184b8adc36a90b8608f0fa1b8e060c18a770628681c8c556f522d4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6cc9203e7b6b58d6169d77660889c52f
SHA1 b31dee0aa6eee1bcea2eeba7b1355d1ea296d73b
SHA256 ca2104699a2d162b2231df3e784faa34e04bba0c506f9e791a12508a54d44756
SHA512 4d1016d0880881dff9a58af671bf51a651048cb75ffa25ec9a154b3c29cc2c2e6dab117f8f8258de1b8848f7fee870245aa9c83453f8010a67a630eb8a081f6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f41a51a0d43a8c3fe4c56bec523d4312
SHA1 83030753f4bbd3deb8a6e911f2da4528c99b1fee
SHA256 0b42d798640662ad8ac67168fd59783321044b1494295c220c9e9d3b89a6d8c2
SHA512 f1815b4b71d288b1e64b76c1ae20bc1be85af3d1a8452e071a043c2751c282359b5e1363af826faadf4d5f50235d830caa7e6bae81458f39d84c287c432f0f19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cadab3e9fb9713dd8ed620bfcd595547
SHA1 730287cb64c63e97bc773283e4b27b05788a1fba
SHA256 fbd1bc0a721bffb6dc48c8f85f472ae0f57eb3398c9de154127fb6ac842d7c78
SHA512 294caefd8a959b98eff706a680b17cf3486570ce236f91da4c68bdf1917434291b1fb981c843d04425352763fa9df104b67dc90fb077f4a59e1961bea3f2955e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 2257803a7e34c3abd90ec6d41fd76a5a
SHA1 f7a32e6635d8513f74bd225f55d867ea56ae4803
SHA256 af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174
SHA512 e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 49141bda2ac9ebbef1030189bacd05f3
SHA1 f203c7be247414f8ae2cd502b331c4c121d9bff2
SHA256 a8336702b11d1dfd12f1f1c78f3e10519e29f4b404b933670da820f59ece0a81
SHA512 3a59ab61af6922e81486dd0a90b820b9c0ee2d6a99985d64a7e7c4d124554c40dc466bd9ba2e9ffca44fc8b641522e280bed19fcc43e6446515223c20f49672d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 98a1fcf0f256905f78b8c977540066f0
SHA1 b36b0836dc1ebd014a6fe5493b06c8cc9d5805f9
SHA256 b9f262cab0fcf93dc0c525c2a98cd0ce8eefe4bd4aa2b339cf417190a6c6e458
SHA512 2405b7a174bf7403c1e222fd7bb2e321082cda988b86b5f26816efb7d7b4b4c159a7a86d5ae11d055e1aaf83a8e8cdd1e440bbdfb516b2b041fbb0603bee4e2c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 16a149b566a39f2122c774c767ba1c2a
SHA1 5d1bdd33a813c2de874f859a54c30a92158e59f0
SHA256 46a6fed4334052398956b41a050108b8eafcfd84c67a3ab719251ec895ff06cc
SHA512 18803466c1b2d891703f32a56a40a598b357abefb958df6ccb45bc908370f39f648fbd3a3a9cad5d7528d4b192a0792673acfea3b1ea9e87400928b732fc9146

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2dd73dafac717500be5802fc1713295c
SHA1 11e24f7810033b03ef79d3a8bf1a3681a467310d
SHA256 4db990b52fe5600c0bd342d6e6ad3d5a34389a2e3f4f305c77aebdfd7b1dee83
SHA512 b2571569c184a4cb293b701edb1311c14aa7c275b003890688270709bdaed9fd26b76fe780183dbd346a596fdfe5c22130a7a625b1652f102cd2fe039289f66f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 298f2923ba06a9d9af485b62223f5bb4
SHA1 66fcc357bf8e78fc53408612b35251461377966e
SHA256 c9e48492b6c847488f5b7822b836bc9cf90d67649f24e1964d38181aa2c12d95
SHA512 88c915498b16dc90f5c937c17935ce674984b99f7ee0c921e3e69ca80096e7d8bf4fc4907bdfeb37588bcecf54c483b0ba103bee77143d46ba2422d4c05862cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4d5ccda2fbd7068a692e512aeb977272
SHA1 4567bf4028f632022f888063e7b4aa3516b09f28
SHA256 a8d16721206e08e77489a566d7e290d88f445b51d9028a753f9ac45f957d8e04
SHA512 3d51559d19bec88a2295388bfd9d89129e7a2391c8b8a89a84df63650337d49ec267fd1b56da97715c040e421c78e9ec310ede91569528b94f210f71479cadd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e552748bc5157de1204811008517c71f
SHA1 d57829ee90c407776caf32c061bd497cd4dbfe10
SHA256 4c0d15bde6d20aff12b0de552feb117fda5f78d0bf067d90c6c6f26dcdf5a469
SHA512 597c352e453ec507f31e96a6ecf9632b7f9a3085d0e20eaea8d52696a9a23ead3ca89410bdec2c4efd3393bbd52d07bd6e1bea17f36f7d61c61a588ad83989de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8cfdf490851bf51b54f4bf9d90660852
SHA1 afea408957a0d95027eb02f7c12be84e55f8e190
SHA256 222a4b7775e9f3fa8b1bf39bae47f656e906bd9480efa9753a1a483017989292
SHA512 d2df6f0e9be872401f6530776a10dee9e10526516ee52536e461157823898d716925d7f44b0bf3a1501aa94749a07af10a3ec37cc621ff42b9bbe0d1fd904d0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 788beafbb36dc647215d9422bef1a94f
SHA1 abb4fc14ba37da663b4bf66968a11b6edf35b0e9
SHA256 cfb7870898521e5e791dc798e75e54eafff164a533e0e4ad1286a2413f890b8e
SHA512 aff9360b8a6441250c72357a2afc1168163d8085f0aef2d572f361532ab967ac42ca12f0e1165f8394f29b8891655f4ffe14d5c846b80235fd9f5b96f3de7317

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d16b62280e60f650786de9911afb5fdd
SHA1 3765a1a7539a528121d3106b6a9ad4cc7d655cf5
SHA256 d7d076e9ad6ef649de1782a877b56379952e1a2553df2da608b434233ae8e647
SHA512 c9ed4925357540dab802a2029f4ff4cedfe60835ff5aa7c470696e5531ce44042bcb209119111a00365ed349cfc0cd8a5c718ab5766c9dfff2abe39c9191bab2

C:\Users\Admin\Downloads\Unconfirmed 935906.crdownload

MD5 ef14e6415b7a7f12d64b60db8105a3b8
SHA1 a0fd10b29ace0fb8e8f44f1a1935b70c6f7967e1
SHA256 778b36140159e0a3f3b7a77c83f4ac05125092ae3df5fb1f8e89615de02f8a7e
SHA512 5370293a62063419edfa51d78e21cf0298196df76750f36be2c3530dc4ddbe64e7f1b4a22786a870e7f1589dd8a339e5661b7d24449974636808a60c814fcfca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4e6e144b48d6bd1ca3c8168c62ffd32
SHA1 dfed868d370566bf2f813bac899853aa9eb532eb
SHA256 363c8802e0d3482eecf10831d6ad9abfa29234f49041348519f4e05f42ada1e3
SHA512 37b7139e1a219b0f371e0c839f21c5e6c1b6d22cd0891e2d3375f1ab0204b1a5359fdab7f8c9e4b4bd7f4567e5d25caefbf877bc26be9b9f234a0864d7cd0e73

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\Assets\change_hover.png

MD5 57092634754fc26e5515e3ed5ca7d461
SHA1 3ae4d01db9d6bba535f5292298502193dfc02710
SHA256 8e5847487da148ebb3ea029cc92165afd215cdc08f7122271e13eb37f94e6dc1
SHA512 553baf9967847292c8e9249dc3b1d55069f51c79f4d1d3832a0036e79691f433a3ce8296a68c774b5797caf7000037637ce61b8365885d2a4eed3ff0730e5e2a

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe

MD5 f6e5bf32766d65c95c6ad00a889aa271
SHA1 4e08f41e20c7bfd8c6625f377c20b7388b8844ea
SHA256 46e0b420bc074db714601f670e22d26690c9d51da1a0acd0c2b8b85c43574e84
SHA512 fa1a27a2578f4037e108bec31b49fddd64dae7356e5d69546ee9ee252efd87d02dee71fa3eeb125471e7ae53b53a2157896bfe50bbdfc7e4dbc620f6d7da5dda

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\BlueStacksInstaller.exe.config

MD5 1b456d88546e29f4f007cd0bf1025703
SHA1 e5c444fcfe5baf2ef71c1813afc3f2c1100cab86
SHA256 d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb
SHA512 c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6

memory/4008-457-0x0000000000ED0000-0x0000000000F70000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\JSON.dll

MD5 f5fd966e29f5c359f78cb61a571d1be4
SHA1 a55e7ed593b4bc7a77586da0f1223cfd9d51a233
SHA256 d2c8d26f95f55431e632c8581154db7c19547b656380e051194a9d2583dd2156
SHA512 d99e6fe250bb106257f86135938635f6e7ad689b2c11a96bb274f4c4c5e9a85cfacba40122dbc953f77b5d33d886c6af30bff821f10945e15b21a24b66f6c8be

memory/4008-459-0x000000001BAC0000-0x000000001BB28000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd5e82045cab7c95d2126829d57a1d26
SHA1 a8f8a657e3d135f27c13e0f36ca6cf0caa9cb3ba
SHA256 90a26e69e198bff1f6d4fa1de2da8ca7c4ae7f871b51a2a2776aad54de5da7f6
SHA512 a7889f44d16b79f5432d9166180b598129132879837b0b552a50bee1cb81e0e8a00d5043f58f31a216f050c8683d91eda5c333cbd2944f64ca0d288170dc69f5

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\Locales\i18n.en-US.txt

MD5 a1e3293265a273080e68501ffdb9c2fc
SHA1 add264c4a560ce5803ca7b19263f8cd3ed6f68f0
SHA256 1cb847f640d0b2b363ce3c44872c4227656e8d2f1b4a5217603a62d802f0581f
SHA512 cb61083dc4d7d86f855a4cc3fe7c4938232a55188ad08b028a12445675fbff6188bb40638bd1ce4e6077f5bfc94449c145118c8f9b8929d4e9c47ed74cf7bece

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\HD-CheckCpu.exe

MD5 81234fd9895897b8d1f5e6772a1b38d0
SHA1 80b2fec4a85ed90c4db2f09b63bd8f37038db0d3
SHA256 2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c
SHA512 4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

memory/4008-475-0x000000001D0C0000-0x000000001D5E8000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\Assets\loader.png

MD5 03903fd42ed2ee3cb014f0f3b410bcb4
SHA1 762a95240607fe8a304867a46bc2d677f494f5c2
SHA256 076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1
SHA512 8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\ThemeFile

MD5 c3e6bab4f92ee40b9453821136878993
SHA1 94493a6b3dfb3135e5775b7d3be227659856fbc4
SHA256 de1a2e6b560e036da5ea6b042e29e81a5bfcf67dde89670c332fc5199e811ba6
SHA512 a64b6b06b3a0f3591892b60e59699682700f4018b898efe55d6bd5fb417965a55027671c58092d1eb7e21c2dbac42bc68dfb8c70468d98bed45a8cff0e945895

memory/4008-477-0x000000001C7E0000-0x000000001C818000-memory.dmp

memory/4008-478-0x000000001C7B0000-0x000000001C7BE000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\Assets\installer_minimize.png

MD5 38b539a1e4229738e5c196eedb4eb225
SHA1 f027b08dce77c47aaed75a28a2fce218ff8c936c
SHA256 a064f417e3c2b8f3121a14bbded268b2cdf635706880b7006f931de31476bbc2
SHA512 2ce433689a94fae454ef65e0e9ec33657b89718bbb5a038bf32950f6d68722803922f3a427278bad432395a1716523e589463fcce4279dc2a895fd77434821cc

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\Assets\installer_logo.png

MD5 e33432b5d6dafb8b58f161cf38b8f177
SHA1 d7f520887ce1bfa0a1abd49c5a7b215c24cbbf6a
SHA256 9f3104493216c1fa114ff935d23e3e41c7c3511792a30b10a40b507936c0d183
SHA512 520dc99f3176117ebc28da5ef5439b132486ef67d02fa17f28b7eab0c59db0fa99566e44c0ca7bb75c9e7bd5244e4a23d87611a55c841c6f9c9776e457fb1cbf

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\Assets\close_red.png

MD5 93216b2f9d66d423b3e1311c0573332d
SHA1 5efaebec5f20f91f164f80d1e36f98c9ddaff805
SHA256 d0b6d143642d356b40c47459a996131a344cade6bb86158f1b74693426b09bfb
SHA512 922a7292de627c5e637818556d25d9842a88e89f2b198885835925679500dfd44a1e25ce79e521e63c4f84a6b0bd6bf98e46143ad8cee80ecdbaf3d3bc0f3a32

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\Assets\setpath.png

MD5 b2e7f40179744c74fded932e829cb12a
SHA1 a0059ab8158a497d2cf583a292b13f87326ec3f0
SHA256 5bbb2f41f9f3a805986c3c88a639bcc22d90067d4b8de9f1e21e3cf9e5c1766b
SHA512 b95b7ebdb4a74639276eaa5c055fd8d9431e2f58a5f7c57303f7cf22e8b599f6f2a7852074cf71b19b49eb31cc9bf2509aedf41d608981d116e49a00030c797c

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\Assets\custom.png

MD5 03b17f0b1c067826b0fcc6746cced2cb
SHA1 e07e4434e10df4d6c81b55fceb6eca2281362477
SHA256 fbece8bb5f4dfa55dcfbf41151b10608af807b9477e99acf0940954a11e68f7b
SHA512 67c78ec01e20e9c8d9cdbba665bb2fd2bb150356f30b88d3d400bbdb0ae92010f5d7bcb683dcf6f895722a9151d8e669d8bef913eb6e728ba56bb02f264573b2

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\Assets\backicon.png

MD5 7ff5dc8270b5fa7ef6c4a1420bd67a7f
SHA1 b224300372feaa97d882ca2552b227c0f2ef4e3e
SHA256 fa64884054171515e97b78aaa1aad1ec5baa9d1daf9c682e0b3fb4a41a9cb1c1
SHA512 f0d5a842a01b99f189f3d46ab59d2c388a974951b042b25bbce54a15f5a3f386984d19cfca22ba1440eebd79260066a37dfeff6cb0d1332fca136add14488eef

C:\Users\Admin\AppData\Local\Temp\7zS473F03E9\Assets\installer_bg.jpg

MD5 3478e24ba1dd52c80a0ff0d43828b6b5
SHA1 b5b13bbf3fb645efb81d3562296599e76a2abac0
SHA256 4c7471c986e16de0cd451be27d4b3171e595fe2916b4b3bf7ca52df6ec368904
SHA512 5c8c9cc76d6dbc7ce482d0d1b6c2f3d48a7a510cd9ed01c191328763e1bccb56daeb3d18c33a9b10ac7c9780127007aa13799fa82d838de27fbe0a02ad98119d

memory/4008-487-0x000000001BCB0000-0x000000001BCB8000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 666293f041ba051d48f436fc0e7506f6
SHA1 2092c4238b6c95f3b8a3cef9de98577c83c42764
SHA256 760727f17961b5b13610c099dbaa3115ba103db5c1fc130a0ae1567534fecea5
SHA512 c922f6b855468ff09e9c129503aa0e40bbfe9d0e43a12282e6dc572dca01ebcceeaece59df31e9a76e2d7cdb169ec39a3c6978ff7efcffdfa7916570b5117709

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 040d2536742f1220ccfaab32057e4522
SHA1 693f289a728314883da47e79b253da5662c28728
SHA256 e4f060000a7dc32e1d484b3fefbe5064ef931bb2df3ab2d155106421694f3042
SHA512 f3095d4f346eba4175343918fb858bf008b4699a6a7bc373ae12fa105c802fdd2f76e944a891451be3be15f7b00cfe76a44321aea71dac3de7b9bcb3c88596ac

C:\Users\Admin\AppData\Local\Temp\nsu3F0F.tmp\nsDui.dll

MD5 9e2c8c07c3d9c74363dc3af3dc63753f
SHA1 27b145e650de7949748a98a089e905d70aaf2417
SHA256 4b446d4fc576f45943017d7d93b76b220307414a1aa894593f5c9299fed1ee29
SHA512 ad5caaf2a419dccf475e7b389a6a530d8c27c620f680ecbf8d5ce7e75b95e0c67cc133b4b1418cd7dc7f2a1f0cfd14a0fa64d3b0e5dec48d2c02dd7cba4a0182

C:\Users\Admin\AppData\Local\Temp\nsu3F0F.tmp\BgWorker.dll

MD5 36c81676ada53ceb99e06693108d8cce
SHA1 d31fa4aebd584238b3edc4768dd5414494610889
SHA256 a9e4f7ec65670d2ce375ffaf09b6d07f4cd531132ca002452287a4d540154a38
SHA512 1300de7b3e1ac9e706e0aad0b70e3e2a21db8c860e05b314a52e63dd66b5dffdf6be1e38ab6ede13bfd3a64631cc909486bf4b1403e7d821e3b566edc514c63c

C:\Users\Admin\AppData\Local\Temp\nsu3F0F.tmp\nsDialogs.dll

MD5 f7b92b78f1a00a872c8a38f40afa7d65
SHA1 872522498f69ad49270190c74cf3af28862057f2
SHA256 2bee549b2816ba29f81c47778d9e299c3a364b81769e43d5255310c2bd146d6e
SHA512 3ad6afa6269b48f238b48cf09eeefdef03b58bab4e25282c8c2887b4509856cf5cbb0223fbb06c822fb745aeea000dd1eee878df46ad0ba7f2ef520a7a607f79

C:\Users\Admin\AppData\Local\Temp\nsu3F0F.tmp\System.dll

MD5 959ea64598b9a3e494c00e8fa793be7e
SHA1 40f284a3b92c2f04b1038def79579d4b3d066ee0
SHA256 03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b
SHA512 5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64

C:\Users\Admin\AppData\Local\Temp\nsu3F0F.tmp\nsis7z.dll

MD5 95f6f6ab9509bc366ab9215defe4251a
SHA1 e3f4a6effd6ca5838cfe91a01967cb72edcc7b0b
SHA256 a896a9ece055d334d431cd0f856113ab925d9ee86d2dee383c0bfbbef11a5b50
SHA512 a853f70d2ea7f384df99be067724bf3ca73c63f3c3573c112f5528fc86a96bd34509d934b038e2a81833f3abb3eedbc5894921291139100e01df6e35696c0ecc

C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_pressed.svg

MD5 dfddf8d0788988c3e48fcbfb2a76cd20
SHA1 463bb61f0012289e860c32f1885a3a8f57467f2e
SHA256 9585f41eb6202e89f2087266fa31852d7f41ca8cc659b907c96753fe165f937d
SHA512 e708c5114c60f7574589d6a56c9faedda26ee4a40f0eeb25f5e12eadcf790f24fdbf393fa0aa6ad449b5337d625b092d6f8822472fa8a6ce1339aca59c50c3ca

C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_normal.svg

MD5 3221ac69d7facd8aa90ffa15aea991b0
SHA1 e0571f30f4708ec78addc726a743679ca0f05e45
SHA256 92aeae68e9e0973d9e0dc575941f1cb2e24afd0574341a46b870be7384eaa537
SHA512 5e2de0abfe60a4db16ea5e8739260c19962fbfc60869a77bde6ab3547ad8ee3ad88e74e97da31fa23be096afddad018e431d152d6d0fa21a75357a11dacb1328

C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_hover.svg

MD5 76166804e6ce35e8a0c92917b8abc071
SHA1 8bd38726a11a9633ac937b9c6f205ce5d36348b0
SHA256 1bca2e912184b8168ee8961de68d1d839f4f9827fde6f48ab100fb61e82eff90
SHA512 93c4f1af7e9f89091a207ab308e05ddd4c92406c039f7465d3b8aca7e0cc7a6c922a22e1eee2f5c88db5e89016ef69294b2a0905d7d6a90fd32835bc11929005

C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_disabled.svg

MD5 e7fdf6a9c8cae1fc1108dc5a803a1905
SHA1 2853f9ff5e63685ebb1449dcf693176b17e4ab60
SHA256 8ee5aa84139b2ea5549f7272523aeb203d73954c5ccdcf6f7407bf1a3469f13e
SHA512 a6388b24926934e20ccf7fcab41bd219dc6c0053428481d7f466bf89f26bf1a36fdff716a9ddd9ab268df73b04dff1449c6bac1f5c707e31ae2ee71c2087e0d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 69c942696e65696b04a236a3a5736ea7
SHA1 8fd74191f8b4392f5ede1ab3920950374b78aaea
SHA256 56443008ca69c9b9f03db3a930d4b3545ec4d514bb6bc5afaac70824d78555c1
SHA512 1c77f0e7f4ba017a20dce6d40add9543ece0b0825d2158b97477b678ae91f36a35c41d33ceab30e24c1f820b70d4310425f2d83bb0cbf8fe321d4271c89ce208

C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe

MD5 fd6484b5da5bd9b6d101c3ba71955a24
SHA1 fdb7a50db21e17a072994796fd55c7987bd74abd
SHA256 e62c42edd6f08f89d88018a74aed441f52cb7be43abb7142382133e0ad4f7c11
SHA512 daad46b56fb09a40e6b32f3ad056a70461e55f3109699bd3d24bf504f95cd54b87f7e53242b86544c13513b5243244705a816851ec518e99ba1ba566e6c2bdad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 edecc15c679258dd75f98221d92e7a2f
SHA1 4f07924a4dcf6b8ffa0c1068d3fdf465a2e67426
SHA256 0b5b6e477f3582e00539d36695362e78da01133b4064493c9671b437cf231aad
SHA512 c13effaf4bfe920c5d335260f81aebed176ca40df9202a45faeb269b3fbee7ee91f62f9c2d8cc23d371fb113ffe7086e4a6df8290afd7ae56f5d02dd6fc8bba6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 936214bd9d1bacd81ad920f3f49d3e7e
SHA1 d10cc100504e43014ed929e05ebf0ddd23e5935b
SHA256 49fa3649c6319a776f7e2d428717bd0996a33e599d72d3f65256cb737baace8e
SHA512 c1194c8a9928ad3394f9e6247ab635d5e889ec3dec3b7ed1ca5cdffff887bf339509a3fc0a863368562b11156966102bcbe368c3a34a2e22be713d16024b1da2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fa410b535f7506fef75da159db8fda2b
SHA1 9b4fd8f0e141af4da0876617e9216dca1b191675
SHA256 2f6b4a7cf9cb06b83b01bb49fba63f4391778848332669fd6149daf38050e5d7
SHA512 7e55dfa5598c52942fafa96c390483cb1806395a8a074e24b8e1feceecba3657c7047b1ed1da032966ab1758f645b4bab54106b622fa653a6e8d009436667b80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 519ef3f09fafbf2a7ce45a57de3a1483
SHA1 019ecc36b0e97e2041f8a8d2b258dd8a2b9840ab
SHA256 de294fb66c2f5fa171eb131d75014a41741637788825c02ffdb2511f2a6b1246
SHA512 b8759581cd250abb328e0738a2166e548c1db012e58e37bc448af41722055ccbdab6e5c8808872ed14c480de7926110f426f087e6d93eb26ae8b5c5239d677d7

memory/2012-9825-0x000001E371120000-0x000001E371121000-memory.dmp

memory/2012-9824-0x000001E371120000-0x000001E371121000-memory.dmp

memory/2012-9826-0x000001E371120000-0x000001E371121000-memory.dmp

memory/2012-9836-0x000001E371120000-0x000001E371121000-memory.dmp

memory/2012-9835-0x000001E371120000-0x000001E371121000-memory.dmp

memory/2012-9834-0x000001E371120000-0x000001E371121000-memory.dmp

memory/2012-9833-0x000001E371120000-0x000001E371121000-memory.dmp

memory/2012-9832-0x000001E371120000-0x000001E371121000-memory.dmp

memory/2012-9831-0x000001E371120000-0x000001E371121000-memory.dmp

memory/2012-9830-0x000001E371120000-0x000001E371121000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Assets\exit_close.png

MD5 26eb04b9e0105a7b121ea9c6601bbf2a
SHA1 efc08370d90c8173df8d8c4b122d2bb64c07ccd8
SHA256 7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157
SHA512 9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Assets\minimize_progress.png

MD5 1504b80f2a6f2d3fefc305da54a2a6c2
SHA1 432a9d89ebc2f693836d3c2f0743ea5d2077848d
SHA256 2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6
SHA512 675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94

C:\Users\Admin\AppData\Local\Temp\7zS8CDF1C3B\Bootstrapper.exe

MD5 1261136beed4817ed5de7e8e8ec73a72
SHA1 382376ba0a54561739faca4f1207ef5ca35740e9
SHA256 96bd9c64e2fe56a9fae556a92fe008b012e854710f42043c1584ea6cac2bb98c
SHA512 0cd28540ed1432be1bf4d3ec32640a1f40a9569da17af7bd5d6bfcb2b662c5efcaf176d77f6d9482451d8f2370df280163440b57d8bab68f5f52125fe97d2147

memory/5964-9995-0x00000000001A0000-0x00000000001C8000-memory.dmp

memory/5964-9996-0x000000001ADD0000-0x000000001AEB4000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 927a88b6f33b7a35735660a7374cd0a8
SHA1 42ee06644704a58e12867d8934ba6a01aece0635
SHA256 8c2c9da93392e916b185d5b52b68765de9940219e076b95b00a1469e77ff4fd6
SHA512 ce1acb89d9400e98f8ffb911361afc7532867ef62e4de0e85225518ea1e45fff16f919e8cf5e4da59e7e896f056c19bc05d7a976e51afceab454236a4c441bd7

memory/6048-10006-0x0000000000250000-0x00000000002A6000-memory.dmp

memory/6048-10007-0x000000001FDE0000-0x000000001FE60000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\nsq6649.tmp\StdUtils.dll

MD5 c6a6e03f77c313b267498515488c5740
SHA1 3d49fc2784b9450962ed6b82b46e9c3c957d7c15
SHA256 b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
SHA512 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

C:\Users\Admin\AppData\Local\Temp\nsq6649.tmp\WinShell.dll

MD5 1cc7c37b7e0c8cd8bf04b6cc283e1e56
SHA1 0b9519763be6625bd5abce175dcc59c96d100d4c
SHA256 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
SHA512 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

C:\Users\Admin\AppData\Local\Temp\nsq6649.tmp\nsExec.dll

MD5 ec0504e6b8a11d5aad43b296beeb84b2
SHA1 91b5ce085130c8c7194d66b2439ec9e1c206497c
SHA256 5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962
SHA512 3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

C:\Users\Admin\AppData\Local\Temp\nsq6649.tmp\nsis7z.dll

MD5 80e44ce4895304c6a3a831310fbf8cd0
SHA1 36bd49ae21c460be5753a904b4501f1abca53508
SHA256 b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
SHA512 c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

C:\Users\Admin\AppData\Local\Temp\nsq6649.tmp\System.dll

MD5 0d7ad4f45dc6f5aa87f606d0331c6901
SHA1 48df0911f0484cbe2a8cdd5362140b63c41ee457
SHA256 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
SHA512 c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

C:\Users\Admin\AppData\Local\Temp\nsq6649.tmp\Registry.dll

MD5 2b7007ed0262ca02ef69d8990815cbeb
SHA1 2eabe4f755213666dbbbde024a5235ddde02b47f
SHA256 0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d
SHA512 aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca

memory/6084-10748-0x00007FFC61C70000-0x00007FFC61C71000-memory.dmp

memory/6084-10747-0x00007FFC600C0000-0x00007FFC600C1000-memory.dmp

C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json

MD5 c34d0419e942281a154afde4efa981fc
SHA1 3b256977505da25d182b459af65de62c7f3babc1
SHA256 04ee2991283ebc11ab4a1c51e07e820e08900621da32a7d61155a839396a0cdb
SHA512 ca78472aff87c6200ac55f01f773fc765e6bc9b7b54c739599725dd33ab89f10a15b337b9decead049d6c48a28e3d71fbc527f88bbbb0091dbe4e08f7658deb7

C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json

MD5 85f756e157ed9217c138289f8b341366
SHA1 4cc4bba83ed0b40c7fb3dd244dda714eebf27b9e
SHA256 927ef2a2a8e66aa786f48a05b5544cdbbfab893ea0df1ab64a375816e640ab8a
SHA512 c27b508ea81540a81471d42fd168cb1b2f6cd1221131518a60c28dfbab3f0cd6bb0277fe745f432c45b992b23eb91a1588da8a47749a7f2660e39a834b29c8c9

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Program Files\BlueStacks_nxt\7zr.exe

MD5 fbaba140f30a11e5ff4f97d921de6d45
SHA1 d12360b79d9fe7ddc5380a22539dc7d4768ff5f3
SHA256 4889c0826c633c0291264d37834363be90ee39d07fcea228494ed151386dcb16
SHA512 cd18bb1b057b1b077fde372ca5f98701614b196b692ac42ec56e5b839535022d884a2cd9b6bf644a520c6f48f12f673574a24e60580c70c695067b66442ea7a5

C:\Program Files\BlueStacks_nxt\Assets\close_red_hover.png

MD5 5ceab43aa527bc146f9453a1586ddf03
SHA1 88ffb3cadccb54d4be3aabf31cf4d64210b5f553
SHA256 7c625ae4668cc03e37e4ffc478b87eace06b49b77e71e3209f431c23d98acdd0
SHA512 8a5c81c048fb7d02b246ed23a098ae5f95cdf6f4ca58fd3d30e4fe3001c933444310ca6391096cfaeed86b13f568236f84df4ea9a3d205c0677e31025616f19e

C:\Program Files\BlueStacks_nxt\Assets\close_red_click.png

MD5 6db7460b73a6641c7621d0a6203a0a90
SHA1 d39b488b96f3e5b5fe93ee3eecb6d28bb5b03cf3
SHA256 d5a7e6fc5e92e0b29a4f65625030447f3379b4e3ac4bed051a0646a7932ce0cd
SHA512 a0e6911853f51d73605e8f1a61442391fad25ff7b50a3f84d140d510fd98e262c971f130fb8a237a63704b8162c24b8440a5f235f51a5c343389f64e67c1c852

C:\Program Files\BlueStacks_nxt\Assets\checked_gray_hover.png

MD5 ea22933e94c7ab813b639627f2b38286
SHA1 c5358c5cb7fb1a0744c775f8148c2376928fb509
SHA256 d7c79677d2ef897fa0ad1efc90e916c46da29f571208f78f24505603b7165c20
SHA512 ba447a1aedec49419e2b4a8de85c6047886f1a5ebb94f1c45e205a3780c6826f412a3892e97115b35e43839f43e346f3c72ffbf0c57d57f6d26b360ae61b3964

C:\Program Files\BlueStacks_nxt\Assets\checked_gray.png

MD5 ce144d2aab3bf213af693d4e18f87a59
SHA1 df59dc3dbba88bdc5ffc25f2e5e7b73ac3de5afa
SHA256 d8e502fab00b0c6f06ba6abede6922ab3b423fe6f2d2f56941dabc887b229ad3
SHA512 0f930edd485a0d49ef157f6cc8856609c087c91b77845adeb5cc8c8a80ebc7ec5416df351ffa1af780caad884dbb49dcc778b0b30de6fb7c85ffef22d7220ebe

C:\Program Files\BlueStacks_nxt\Assets\powered_by_bs.png

MD5 7a2e5c21140aa8269c2aafd207f5dbaa
SHA1 4e0d9e7e1b09e67eba10100d73dc51623517821e
SHA256 3d2afe5236ec813d9e8063bc43eb34b88c2155784e1bce19c6a533c32767af35
SHA512 63f512559f2068a9702c7c527c126f6017cd8d1d16af52e41b884aa9a64ff4294a57243ec78c3a416f70fb6178a79877d68345357725ff92c935709a2ef8adde

C:\Program Files\BlueStacks_nxt\BlueStacksUninstaller.exe.config

MD5 ca0a329097316832e4a6ea5d870c9268
SHA1 4a36b93361d3dc9df9b00313f2c2b394be9e1e72
SHA256 4b7df915d706af6459c38d75b09c5e14f951842ae0678078400f204ad1c7a7c2
SHA512 51f9a874e84f130be4fa29fcc4bc934105318234b5dd9ceedaf569e3f0e6b38e29f3bec056044724476ae24295a510b16d8a737b994fd6f1268609defa315271

C:\Program Files\BlueStacks_nxt\Assets\unchecked_gray_hover.png

MD5 62d7f14c26608f8392537d68f43dece1
SHA1 add4f30e7c3af4f7622e6bc55d960db612f3bb0a
SHA256 a631e26bd5b6ea19c8c65b766a056c92ba8a47e1483768dcf12b05293c9a7a0d
SHA512 e41210a78e6076954f75a2f73c0f7628e8604a09ecbb1d2ee0972741d4ef1d814b366828977c02944736b03ed116bc559a2ae47ddb7cbc6f4e54578c8263edf4

C:\Program Files\BlueStacks_nxt\Assets\unchecked_gray.png

MD5 e50df2a0768f7fc4c3fe8d784564fea3
SHA1 d1fc4db50fe8e534019eb7ce70a61fd4c954621a
SHA256 671f26795b12008fbea1943143f660095f3dca5d925f67d765e2352fd7ee2396
SHA512 c87a8308a73b17cbdd179737631fb1ba7fdaeb65e82263f6617727519b70a81266bb695867b9e599c1306ee2cf0de525452f77ce367ca89bf870ea3ae7189998

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c560c294e181230d0c384f8b13d4a4f
SHA1 ac0095a9582f429f9ff7e6568a42d981ff443e04
SHA256 5d50ca399d38cc5136585392a09d352f66777f151bc7c48a4f4f279fbd6dcdee
SHA512 91c47b34deee1f6ca63d46b0023a8d5b5cedcbd55946d696251bc442909a942ecfacaa1be500446f800f5ab5a499dfc799177a36f6a5415d37455ae4f851a87f

C:\Program Files\BlueStacks_nxt\HD-GLCheck.exe

MD5 f11e28b802e6bbe49e64db3d06d7001e
SHA1 d374bde6b42f272aa389ca222baee445b30e4046
SHA256 2860a2aa337be29fab6e3f43e9e0c394f2fa58741701f42076922711b879a5c0
SHA512 f2a3436a5b90a07fa97c95707f5b14927b7d384ec735d053711cc3165d18b5d8d036652be2b648b4c7c241bbee69c8a6b864b52c10e66739441a443f0bdda8ba

C:\Program Files\BlueStacks_nxt\HD-ForceGPU.exe

MD5 7ba39e19020951b4021dc1c5c74bac74
SHA1 18b0282a1e6d3ce28079d5b7079dfcf59510d986
SHA256 92dcc6c225ccf1c9b964d59527ec21f469d15cb80cb03c225b1b9bb804b1c567
SHA512 165c85bcdbfc4a6cb29285be3a5812f2e890fca64b0f2caa03d68cc4c3cfe6061cccc7c894d7a7d2b2ac586f3f49cda8d82bf49d6518460ce6e93a66a9ecb1a7

C:\Program Files\BlueStacks_nxt\ProductLogo.ico

MD5 169706218f98a42594a8c5c5a65771fe
SHA1 b8ded94180212578d86a031eb71ef93dcffe1a26
SHA256 3803045963af064936d7071c178de8e40854968b3d3f9171c57a182c869f3697
SHA512 1c3f18ed0a24ffa78fe938826eb88531eb8be134d6f209b87d7af5d0e8c4829f01947d7b0048996b9755562bbb7f52e000bcd15d07d646cacb2989ac881ce448

C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json

MD5 549c881d24826c50d7e70cc1d0d2e68e
SHA1 f5f6d6be7283df2d2bf7f2af475fdb47e09a191d
SHA256 e9fcd5ee44d3633f5e478578f65684a9196147d0080d70b24c841c667b357ab9
SHA512 e61dcb49d11fdfb20ab6858895d2c4f2d25afc7c50aff60b7f6e88ea9a3f61c80ec9d10ee9e627abc02268c49200ea0ac3482494996c44aae5ec2245bbffba12

C:\Windows\System32\storage.json

MD5 aa9ab927f7bc1bc84ada9519e58f9650
SHA1 a9515474d15f9cd43c4f1c30b2c7041d6c6b05c4
SHA256 3cb23b535845ddd6fd6160dbb5fb6b14096161d3e632e0dc424a788875c85094
SHA512 b5bb47ea20ec20587e29dd3b6f8f68e7f8ac567e087b1e432320c3264769ae5e03b16693f5c9d4ba38a0c67d2f2a071b3ee7d104e75cbfaa0aa9342515f0085c

C:\ProgramData\BlueStacks_nxt\Client\Assets\exit_close_click.png

MD5 b09525b48c0023f893d6b64d06add4b1
SHA1 10ecd439ea04e02eefe17f6c110d0c0a78a1db21
SHA256 caa2a8fe9b282939a21b86f8f61fb0c9452222cc3409f06cbb0dcc45613aca8e
SHA512 c6f5a7014c24133eb576708ca17d15becf2b45ec278b3f94e5275e47c78cf0f2eb8bb1a17d277d1a665039f38f2e25faf830e275f426b0a94c6a3da096b6204f

C:\ProgramData\BlueStacks_nxt\Client\Assets\radio_unselected_hover.png

MD5 22efccf38e15df945962ac85ac3aa3b7
SHA1 b94a8615dc92982e1637680446896080f97c2564
SHA256 0ec39ed4bf89a341f1b5aea56d0e99ff5c923b9c3a6a81adeb9ff21764136f92
SHA512 41a4dbb57abed1a16aa84c72c202da461ca45cbaf68f69a10cb3e5529e8dff659e89f7f4459d1e2e8f3549c6fd51f23fc8422f86667577ebed5ab5df149c79ee

C:\ProgramData\BlueStacks_nxt\Client\Assets\radio_selected_hover.png

MD5 47ff3e4cc15b8c4a07e3ceb6cb619b62
SHA1 0318e54c613b8ff00f54d843e90ef88310c1a96f
SHA256 4786cfb7c98edcf01d6b670abf19c50891d56a4de87b96a5e17be142b1af666a
SHA512 0212bd7f6cee390d3bc221a22189b75407fa660a0951c7f768645bf97e7b61ee86fa9b1de6f546ff1151560dcb3b071db8c14a7b08b0e771b539a817b31b154e

C:\ProgramData\BlueStacks_nxt\Locales\i18n.ar-IL.txt

MD5 9fb07e066cc2f213a64d35a97a8c2922
SHA1 a70db989f5c562bc69caad89a1402c8ad7c9b80e
SHA256 65e7b0f37b5e2aa805ac8d57969804d803430186f34e9703ca9fa09ba908ef90
SHA512 81680bff55b475a62a4bf29a8c219230b84894c1165f60e372209a5aacdba8e4819c3dfb76f3b55c15d472ababeabf0cd4b30c04e7daa26df63c8a5101970c3c

C:\ProgramData\BlueStacks_nxt\Locales\i18n.ar-EG.txt

MD5 7dc7a16b5e42818c9249db888ca17075
SHA1 42f6b065b90017078fca7161cc4c26ae530dfbdd
SHA256 e696f4f231acef534d62ec9d99a3f4fc7b74a1c1deb3f9bbbeb4e94194bd9747
SHA512 f2706e0bb348a691d3cdc9d05ff4f71979804628547a41386aab068b008fe4933b8689500b5e45abf6afa6b6f1db3024ade2846659b2664b37b724fac5416a74

C:\ProgramData\BlueStacks_nxt\Locales\i18n.de-DE.txt

MD5 defbcf66edf5e18b0b13c8062fdfeff8
SHA1 8c807de19b131831b72325455f1bcc3ead0a09cb
SHA256 a9d87275086fd2d700d588f45c3121eb6a75c64a2e6c4a8714a61032403cdb03
SHA512 a30e142679e942932d82fb8179a9f8ca2cd5882577de64e8e4c38eb84c99e359235346c35b6237133159288261b0f6e9032dc6b14f512e2a431f093187e1447a

C:\ProgramData\BlueStacks_nxt\Locales\i18n.es-ES.txt

MD5 412ce0feb5a656c908775da52043c31d
SHA1 54a35431dc77d66fde2c828f10372142926b4c47
SHA256 7db48c44d717c50011a2fe2d8f5eb0214c817c7eef5bf1f656feb70270a53458
SHA512 2209d911c91d21ceb44a8e9375fefa9b5ea55cb800f49f709a7baaa56d52a94f5711fce850d880394f6ae78d23d0e3f1a5727514b970f940d0b670e2e978a997

C:\ProgramData\BlueStacks_nxt\Locales\i18n.fr-FR.txt

MD5 3809a8d9df2f73bd1b2cb6a727e3768a
SHA1 78f7f511fb688e49827105109e73affcf0447040
SHA256 a0f88af33c36c2fdb71b4ef157c1fea12eaf4fb30b0c51e4fd2a574d3529fa10
SHA512 d698cd445159fb2ee672f719d99c1feb1a2bf0113f8f5cc17233b2dc01771a8c1cf3a979788a91f02f6e8e299dc7c55e31e5bd3eeac4fa028a7693f945e29f6a

C:\ProgramData\BlueStacks_nxt\Locales\i18n.id-ID.txt

MD5 7e8631459def09a456900fa9d3cba360
SHA1 b5204153e26b303598c473e7e92b01a87818787f
SHA256 9620d50148651dc75d3741eb12a8a23fbdeb5efc29f1be24842fc37d01b71f8a
SHA512 f813863475538f763733b0668f3b5cd7d4b6f7132c1a9df3b4665907fe6280d6d8c9dd4f6e3e06bfee7f90a2a527f7cd66bd647f08b8203664395f31321cf84b

C:\ProgramData\BlueStacks_nxt\Locales\i18n.it-IT.txt

MD5 444e991f12d84ad04baf6c8eeccc7a9d
SHA1 f4bec5e01161d6f5cc9107f2cba325cc9b0ef325
SHA256 4b1f6e0fbc834a783ab8230e678bfd1506ae6c18b0ac0a5bef1d8344b5b2531f
SHA512 ff61397322d86f36a225e9be7444c643e2760a556311c97b230583b0b2788208d11f723e500c3d291d55d076b5cb0a52d92b50a8b1fdfe348fd61341b915f855

C:\ProgramData\BlueStacks_nxt\Locales\i18n.ja-JP.txt

MD5 cb5797745966bfbded96d28cf53e2f93
SHA1 1cdc380338f076c608a4143cb685e4cab2bee916
SHA256 25fbeecfbeec0b2a8ad45f8b7da31c4eb6fdbe413f46e75f40cd22d874c8f7c3
SHA512 f42ef0a3566f02a4487daf50725c186a0cd8c03850c569eb0cf4134ad2c2004135730ff8f672207bf12837980fe722c4581bb0c6c1eea5dcc9014da5719901b7

C:\ProgramData\BlueStacks_nxt\Locales\i18n.ko-KR.txt

MD5 299768cf839ca0926344233731549181
SHA1 773aa661c5bbc1a92a41b2f02e59bf1d78b4b142
SHA256 883cf4af6b2124bb70f51d683c7a1f4b3cecccc4ea61163b8c4ea967155ea839
SHA512 0de4317aa9139b415d4d10aba7f64cbfe39f0417e2d19dd8e69ada7d0915a81f71be242caebf5e019a2638d6d0457c042493c80ea0d24c2dd43c18bfe76dd2c2

C:\ProgramData\BlueStacks_nxt\Locales\i18n.pl-PL.txt

MD5 c61810a689ad52145f3b644b3e4b01e9
SHA1 ee7f7229aeea4a0ec6e18805b69d0ff928afbf87
SHA256 c5cdf3696ccd6e3e600483836c81b290e5270984fd7ca12becafedea42cd64e4
SHA512 79dcf55c6ac864764fa4c614667053c99cd37f408b2b573ce18077fd09ba70877b3cbbd1f57b680ba6e9b5ed5a4d257f11d12c67a0b56dc9a099bf2584e0c393

C:\ProgramData\BlueStacks_nxt\Locales\i18n.ru-RU.txt

MD5 a7748f70870a0f2cf2e5804d05f433fb
SHA1 ee74469bbfa6e5d04043dae2a2cdec1a777c5b28
SHA256 f74bceefe2a7e7d39650128096f9b97aca5e929fa67e451bfa8238d7b90cea34
SHA512 122025652c05ba9336b339db79b925b781862a635cdb0c8d5db0adacfeb6e0e43ef85c283d417f119d8622640d0ed15cdc6d915749ee3cc1a4f89b062ae71075

C:\ProgramData\BlueStacks_nxt\Locales\i18n.pt-BR.txt

MD5 162e3a28c1b32a605d84cc18a2998ec9
SHA1 9c0a2ce21321f56a1ecc61879a9b2c1660cb4238
SHA256 345f2c774e182f1dadf8dacb5539dfa94e33a4d3effb006053f9ba17db6c0f01
SHA512 d2377da38814cfc22950bfcc42545542e33ed6d4939ddb102d1fb11ec2ff019e53fb980e97ce9a9a9926c0d9665d101dc12655a1d67f506a1456e5b244ad50d9

C:\ProgramData\BlueStacks_nxt\Locales\i18n.vi-VN.txt

MD5 2ffe813470cfedf7384207e61dabf1df
SHA1 1673c446a89a41afff299acd0f74b4df65cc29c1
SHA256 e666975aa6894c7d5230eb44a6ee85564cac7a51188ed05b77059beb60545ac1
SHA512 3288001e68c5533ae092460d7bcb20ca42c37c04fbdfd412c1046ba41f0582ca3a135f136303125f680165c401536b9bacf6d6435e10ec1477d7f9b45942c34c

memory/6048-11421-0x00000000215E0000-0x00000000216BB000-memory.dmp

C:\ProgramData\BlueStacks_nxt\Locales\i18n.zh-TW.txt

MD5 3ab7d825111b89950d8ca4b3da1c00c1
SHA1 cdf4ec4344598ca9593665465497d370a35aa178
SHA256 dd286cac4e14fe69877e4c2f35eab8352de125f7dc757f47e4fc8329572460ce
SHA512 ac0c2dfc6a963a88657304c83d9f00cdadb5735f208571e72d43c410d767ff6c2cd05c4fcfeb5d4c7f8882e079608e8eeee8b1aea1e2cb6442f78cafaa8ffd09

C:\ProgramData\BlueStacks_nxt\Locales\i18n.zh-CN.txt

MD5 1eee99faa98b0385fd8077acdf53e81e
SHA1 3191f6c03d6fd3b4db1944e3e7b3a8b85ef20dde
SHA256 7d245f9271426eb08f976a83e8b229e9a830f51674e47b6bfc2181716ec0ecf5
SHA512 d2c116c7c56d7fd6154c2ab856adccba5848ba1fe1ce5ae38fd740e388cae77f095feaf90d4161527a4b3c99c129374156f85033c18f3293defde33f78708691

C:\ProgramData\BlueStacks_nxt\Locales\i18n.tr-TR.txt

MD5 2ddee14b7986e234a208189d650a2e4d
SHA1 ab60bc9393258e556c7ac20a8d68f632ad44ea6d
SHA256 fd9c690e597fc7d8b3bbcba7e39816087c424227f89bf3107da7d16d444fb3dd
SHA512 116d06a37e836d4f48b59aa9cf4164e1ba4abc081e62adfc6f3c8d112f46b57c060381dd2fc361fb83a162ab12f915408df193bdac405490e3014bc0effecc9c

C:\ProgramData\BlueStacks_nxt\Locales\i18n.th-TH.txt

MD5 bfb84603722e804e4697a52285b867b2
SHA1 5840e5e93319f981dc0f6df4c7d7be23547f6655
SHA256 98f156d8184c10d504189eab0077aeac8687e1d6714d0bb228704d660e01446d
SHA512 e26cc6ab7087a252471cd6233e3baa9d9a66c0a7a0b3703987b31ff4f91f89d00854d8d970f3090b2d90155d5eb5f724a096badddbc6a4dca7dd1a53fad6ffd5

C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json

MD5 8d1da7dbcacf7bc4e807a7bed6c324cf
SHA1 0f343acc19fdcaa92c6e6d45a883eb83c8c45dcb
SHA256 dc719d315bc2facdd623308d76832e6139c6df7d29e57450f0a8fc92ff055ee9
SHA512 5e06cf02f3776bcc0a38df7da9bb93848e0b02e046c001c48c5541cd2f69faeac94df298bd5e6d244f9c1c03e4fa5ed68e2ba55f202928ac962fefb3875c6aa3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4779da0783bdf14620495b91beefe026
SHA1 e4d3cfe9283ec10cce431ee553c2fde47eafd5cf
SHA256 fd36e9dae745ce1fe95ca438bf1b5b4f41ace4527e2fe1e4730720cceeddfb9a
SHA512 d59eb17c86644e705d6cd356d74d8ad25fd02093a37260a2900b48e9a6b1777678ca4c7f9343b6ce928b7d10378200cc9eca5934b580632406383745aeb172e6

C:\Users\Admin\AppData\Local\Temp\tushkdw0.d0z\BlueStacks-Installer_5.21.511.1001.log

MD5 3d49ae962bcafcb8544b6166c2be3a1c
SHA1 01137a306196de8fa655382bf20374ab7f91f839
SHA256 f1563523bea690e7163e04517a2b5a1af585817e59169e702daee4c760109ae2
SHA512 71456f59c668db849cdea18e84bf43060c87bb9ae4bef4dc501822ca1c99a5f65c760557be19c040468d94e660b545aa6f0bb6bb5116c308ba4973fe95289184

memory/6048-11531-0x00000000215E0000-0x00000000216BB000-memory.dmp

memory/6048-11532-0x000000001FD10000-0x000000001FD18000-memory.dmp

memory/6048-11533-0x00000000238F0000-0x0000000023912000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 51b657e25fed4d3bc13996a39e7374e4
SHA1 8df19de664f03a38142f1790aa40eecd172e4b8e
SHA256 5b8ff840e6136affc6d6d6d2d0ca62874a2b83b431d2fad8f81e9b89903bc80b
SHA512 0e508c9a2920f0c80235c6331c3de287ef6c10ea63757681e62cd4277f37ac8fefad5b399a5391c160b8ffb3ed260c848b313db4235fb13a4c66c617b9449499

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 528d2da597e7093a2679b184571345ff
SHA1 8ef530123bde594d7beb78434021f00c5a55ed95
SHA256 02b9fd7f581a251970841fbd7a23a7fb5c8d816e97b7efb9e4db368df954d58f
SHA512 de066733dd0525dce59d333c6fa8d9ae3bad2ad043a48043ae581761298e48e5da39f0a550b8dde5beb68f659234df338c66d6e300d61a47d0dc3940e495937c

memory/6048-11567-0x00000000215E0000-0x00000000216BB000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fe827ac5ef4bee608e12dabca38b7a19
SHA1 1804f9a77e277b2a41d2bac7511b2ba8f70598ae
SHA256 456eddeef287ad6db490ce9a4cdb7753ac23a117603e2f26d7e217a1ecc73d71
SHA512 374970c3efe5fc5c24add9256315286b41eebc39fc1e39138a6747aeb7f8aeecbbc1a94e2f4b4aa221a489a0fb81abfdd1eb4d3e1bdb711a37a67f1a474d14f5

C:\Users\Admin\AppData\Roaming\bluestacks-services\Network\Network Persistent State

MD5 73eae0252ad184b15c6d293a30d1751c
SHA1 9abf64bdf44ec7a577a866eaf032c67b55dd4f1e
SHA256 22ad50c03730bdc0e3b1a59318c51eaba6bbfc9a46e924088bc5bd9fbefe3548
SHA512 6f69641a2136f2c465d1bc49b2fddda71c8b2e37abfd019d50966a278bb0d404d800096fd2ad1a339f2618e522846a7a22ee56fe5178cc0a21545756bdc3d5ec

C:\Users\Admin\AppData\Roaming\bluestacks-services\Network\Network Persistent State~RFe5c9785.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\BlueStacks X\Log\log.txt

MD5 29006e161ff16930c8f9e95c938773dd
SHA1 a43519735e8596ce857c60c21afc5b67f281040b
SHA256 c9173c94d90dcdeb069c31241f1c53f1f71896f69139897db33cb59fc462d1ff
SHA512 edf406cf69292be2548dfbf11906f238bae2acc6bf3ae64dd431cca1ffa1ecf231c9688a9dc276f1d5a3ec517f78847f9ae348bda7527a118fe912b8edc3f86a

C:\Users\Admin\AppData\Local\BlueStacks X\Log\log.txt

MD5 d119919742b785501baf536b34ef00d4
SHA1 3c45d48ccbbf8f33edfa2bcf51b4a7f86bbec428
SHA256 e289da4c5715acd8813ffe4d15779a5aa6e0c026b0db8eef60790842f8150fe9
SHA512 f20116a9de71a976aed5aa246361cad44cdedeadce3a47a4fa1a47a6ce237945c4797b45b9bbe7c5af21714f4db58fdaa6b198501fd05f80faea3ab9e5234bdc

C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Platform Notifications\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4d918a683ab4acec15438f789e10ace3
SHA1 96f5c11132ed9dea0732a4de9586541c584895b0
SHA256 ea04a7daf1065131a6f15fab7071be2815278c013dd98911a61464fee0a0079b
SHA512 e47728f7e2702c3f6c1eee77343c800199388f0760199f2cc96bdaed4e5b551764ab0b44b09544024b6a867459431177de154ba59cb0cf4b66ec774a62af01f8

C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Local Storage\leveldb\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\BlueStacks X\cache\pcGames\com.plarium.raidlegends

MD5 caf7b5486a91ecf2905d579d886e47df
SHA1 226d49fd94e3bc6e26e1b318bdaa88142a0c7e55
SHA256 eca4942c5a126756b0ba5577b5ed30e879e38f7da84e28bf85c4286238509342
SHA512 0d7765f63b0d1e897a485f49137abf107661a79fafe0874dcd610ffa5aa1374e7317dc9aec24b1810ff29cc09730903c6e4ef415f16c307fbc5ab0501b8b0fd6

C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json

MD5 e71b41f90c769c539fb2b8dc5bc6d81c
SHA1 de33f3be2b27000fe9a02b68823b1279ae0f5c17
SHA256 d18bb0770939683b620119e6a0d42887828f61f98106d5442a8d31d0bd555b9d
SHA512 103f6cbce077ef1302229873ca1a782dba1de2d8a521ccce03dadbcb59a8159fc161463ac33ae180d1b776c32630df5b253a35b2236bb5359210bd9bf67c3b0d

C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json

MD5 a168139de2a0a25a712a87ddedef172a
SHA1 0298aae123b10dc3cc6efdd3070d35d3f1c5188a
SHA256 12f85a8c38d42b539323c7a91af72478ede5648c4e6664e107f758005f4a1058
SHA512 1b942539090121a60d3dd9e09f9f52c98750d94febb7a4173409e92fd1511cea9cbfc63d0a44a1bd74112851a4eb310dbbdc14fc3672c2e0b26ae7a4020466fa

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000013

MD5 bbc4187abbb2f9a9ae9900c932a5765c
SHA1 89a3cb9f9c8a0c45405e63b3732c43ba9c144e22
SHA256 57e1bdb4cb31bd97a6766042daef89d87ff179f625d0dea038c96351b24b9949
SHA512 6860f1f7e776dd8368b5dc6c38485b390b5ceaec4a17c41a4661821f7287a21cd32a8d159c3f0f287c723b83adca5ff930c816d2402e66ddaf2fe52ed59f8e42

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000012

MD5 6014e3fe89acd7f5591857120a061408
SHA1 266bf4b208c997969cd94ebcf644b92d7270d2e7
SHA256 a02c1c895841cf5651aaa2db0e6e8fd8d6d9e7ea57658a7b74d6ff283244f764
SHA512 b1aba3f15438f6f77b78ae82d40cfbefbf9b95f8f6b05b9ed558ae907886e360c8eabaae5a361e4886789a74337a2193490bdc11073d41231611b0c5e4fb2f86

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000015

MD5 f15a275b4ec3f10a615a1e12a02f541b
SHA1 bd17fb2b4a765e25f1dda8acfbb6c2e2d0b05b9a
SHA256 142b52d9f9b633a867d90f51a77fd04860105a6c074d8e29cd79c5f68215759f
SHA512 c48f5196da298a34aabfa9d30b2735e3d88edd6251f06d85e8e6cc1f120e80bfb401edeaf22f15f84a75da0b9238bffa56f44eb835bea9895f253274f05bee12

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000014

MD5 3aff864da64709e9e3e63558d2b2b0c6
SHA1 0d013924fbaa37e5a1c00c953fd3698dafcec483
SHA256 16b6dbcc712e2c96616090d8bdfc297cd384d0637bd1d857703e1916852bc216
SHA512 3149beee5352c67167f358233abf78926b591aaa72499308540f5b148c4e90d011b74396b553f260a4e7e1f45e0aaa7e15d4bdf6f225cd04728a29a179b0aaf8

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00001a

MD5 5f1fbc15b93ab78518b773fd93338897
SHA1 c33f5966bada687b79a390b3cc229d8ec03fc575
SHA256 3e7ab5cd3e2f56a91feab7371a1bc16f0d6bb5215468e6981899b0a1d70c0875
SHA512 d954003511592a55895bee7f971c05ceb37a5da53beb46d92f9a2687ee86486be0ecd36597d75e18ccb01af6d79552a572b68f6623add8361916ddf1716b9aeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6db3efd28791f7419ecd2bec253f5333
SHA1 cd3c080a1ee6baa9d6f27f355bdd32460f6c8bfd
SHA256 db3f6d7df4a264fb2fb859f1fcce717ee53562512d4b01146623479bd476045b
SHA512 fb047ed83fd75e033dfcb2753ce488bcc31459e5a333966c1f3d76188d6aba890be7d443c2283aec6a25363546534c6a5aa0cad3eef0675d90f53f0a56545e50

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00001c

MD5 762d651b3659b78aaadd643672f395b4
SHA1 475f84a6cb0eda14d196ffae0b05ff224aa25ca1
SHA256 b15960fc83e52326bab2318e7d9966a7e2bb749f909a20ec8c79de9e67136588
SHA512 a3d62d4841571c5d0a89dc9ca17f3080be8a86e83aa059ba7e2c9e3dd57e7b65ea940f3713fb00f82207914a6a390d138c600a7c8f3cb7c3b1066dee297285df

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00001d

MD5 8b3f97e2020f3a9c12900df003d7067b
SHA1 ad0ddc8ff1a520f38cc0ae346b6f1aa9b939ff0e
SHA256 1f4a4bfac8bcd76157b59d5591b7345018144baebf401612690d4df115c61e84
SHA512 2edf9d608d6cbd95a4fdaabc73032d29cde59db8203e4077d36712bc5bf96a43a4850c113e502fa55f3c77fefd2f52c0f426ffd5807eb67bcdbe6a1cffe5545f

C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\TransportSecurity

MD5 f62ba95c465194047eb6b75c45e46d32
SHA1 6f00a155cae9d9a977cb92b46da5211f8550dbe4
SHA256 900a5f7db86f68d2bd562c309dafe2ba88ce51239b0a6c598ed2c4263535d29c
SHA512 915b38c269dc72cdafb4148425a123a40b35075864a5ea093856a06115d51afa96b90ce8039223d72e91ecc1ad78ab248488e1ffedcdcc2b2a44e96c2f1c87ab

C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\TransportSecurity~RFe5d0e6a.TMP

MD5 eb0c672f478fea3879415a2f163c258a
SHA1 3d221a717757b2d695ee1c6feb03403274cba8e7
SHA256 cc5d5d5e7864ab399295659f506381d09e892d5a248ad8fff5df5cc141d7050c
SHA512 bd41df4838196ab9a602e2ee0c1a2c1993d2bd2d315896f73985a007458c95643aee46aa015f25a08c744d3efc25693c4d7e54b4fb3f5fbfdd8dbe41140ef7e9

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000020

MD5 ec271ae1c8216e47c3ed912cc430d4c2
SHA1 1867069eeab827d6181a2ecafeeb7a29e63841a3
SHA256 70d0265b05917c356cf181afbfb75115ff968642a30ac28f9ed15ec9d1fca7e3
SHA512 2e2cab513d9a212544241964accd09429657ca81123bee1911c51ba74c6f8764563938c80e444886f5c278e6a92e0d95faf37e44acba753fa7a9db15ae558eb1

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00001f

MD5 07517b2a35333f6d4e190c33ea0104e0
SHA1 1d7a749c8fa8842997901e983d1941995f6495d8
SHA256 f38445d54242f865cfe402af039316162d383986af9193861d86908bec42e9d9
SHA512 9bb9f0d2efba9b8ce3aea34b40a53975ef7f1a7c6ddbce308fc3c1bb79daa16f11ebbc92f4ac61314ca88470bbd8be424ccc3a5063b6a699e54ce36872f21ba3

C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000021

MD5 f8fc41a6253fe805f546c9ddc04c4b91
SHA1 e9c310dbf9b6661247b30d82b0021bafde7bec3f
SHA256 2b354e975eee2e28bd5e61b0dfd81afb791bd9b947eb2d503a19ad987225fd19
SHA512 5b16203de8ae51f56f364109b8fe1e5e9044327bfa4649b59a0c8fcbc65c19353001a5679b5da5a883c9f2df21a60d361d62fb045fe9717b95d0acde63ccff2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6b0d3f61768f45f6c22f287ca7b65ba
SHA1 ca336823a3e66c890a315d79bc4af8c2f1aa9301
SHA256 64764138a97f0deb8a558743dae4aebb98036d8f308ce787d2b66b446883df7d
SHA512 5db7627b77f9e527bda6d4ff2a8c20503b3c9ae8ab283f39b513c31f43fa431e8f6c2364f555f64001a1e69cd360bbccc26d0a831eb1e03955073f27b2a7e0f0

C:\Users\Admin\AppData\Local\BlueStacks X\cache\icons\com.gravity.roo.lna

MD5 8b4ea781ac7f581735d650b1766018ec
SHA1 00c3d25bbea35e7d8de2a4849243b3b6dd25c4e2
SHA256 46f358f5a458a455f01bdde6c46626c2e9118773b120454338dd0549922fadd9
SHA512 b24a0689aadebdffd0f893af96d49ff6a72aa2b299f8eb77bef21a6b977404beda7b37b1472187b73785becf422c99c16dc150c7c663458158823612d5b7ee00

C:\Users\Admin\AppData\Local\BlueStacks X\cache\icons\com.eu.firegp

MD5 4d0b6e8264feaf4275141ad08aaa1b88
SHA1 1b43c3ae3189e3351ffd57c98e33e678dc92bd8c
SHA256 fb66c6eea98861261669dbe82e828d1551b6cf73deb31cbd2adb25b850c09bdf
SHA512 09c7ee82bdaac9b3b5b788d863530bbc4c2ff86432da9a7be40a805b0b3691ca0e720bcf0dea8c87183241643702b209a87471a88cea895537c48287e626b8ef

C:\Users\Admin\AppData\Local\BlueStacks X\cache\icons\com.farlightgames.samo.gp

MD5 e766b13baa0a0a81d0ed28816f3af6db
SHA1 538ff7161d625eb653572e5605c04cd8511351bf
SHA256 ed9bb7464ffa8237f9335ccc54d22a2152ec16b2415cd6c1965071c9224cfa8b
SHA512 61b34c66f331a02d6e6315eaae6756d44d59d7b7c6e6d8721bd6c19ab0717e04a9520289e0ccb497d4cf9891ef678be9824424785197f5f6fd236c989a14b0f0

C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\TransportSecurity

MD5 971a0f100ebaba8be7df09a172457ebe
SHA1 3b9127d0c36f063a8f32c64f77e8dcb5927a8495
SHA256 561424b4deff065e8cf28c01ff0d92e5c102d80d448ebf07b7a1b3debcb86eba
SHA512 2f2af36a074cf0495f47b0986a1150e9a0f7a672e6305e0639a018e66d624c96b7b40f968e7f4f172eecc5bbc938fbecd653ad4b862d0eff580146b106093f99

C:\Users\Admin\AppData\Local\D3DSCache\a8a8646aaf58e7e0\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a45f3b1978c4c52ab9dc081516aecc3f
SHA1 891dc05986c8af6b6e28a636c06d7f004e9a69e0
SHA256 eeff17c80ebd5a7318ecf007dffcada6d3745b993be3373b226f8801e20e528f
SHA512 5682353754c6e5e08ad40401d792bd3f3bb7abd26125733f1fce58b5f2bf1045e82eb72b1c3c9a3e43b7727ff07480a9a3d8a2d6c6c8296958f37ddef407eb55

C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2892eee3e20e19a9ba77be6913508a54
SHA1 7c4ef82faa28393c739c517d706ac6919a8ffc49
SHA256 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2
SHA512 b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 8ced6c8fb5e0e89daa55b85c39b10d02
SHA1 b66dd9299706ed5dff0b49cd969d5a456733fd66
SHA256 fa02047cb510688ee48a7e979a6440c9d1ce5dead70e84e72ffc476f980540f5
SHA512 e16d3da98d7c668dd439eb5e59064737a2b398fa6b648fd5f6b2df9d5485b99e81ca4c06df5e36d8da6043a07280209d9733f4ebbf139472aa92b054cff273eb

C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\TransportSecurity

MD5 f95e790b85ab1a066501562a9412b2b2
SHA1 0ab1cb577ed34c584e93dc3791a2e76c2d70d7bf
SHA256 82a25688851ba75470c1b5002980a5381e2e1fff113958533c64d842d9cbeded
SHA512 665afc57ab33a55bf7b9789ce8d8a067dbed182ea6161fee47d54a5f9f6b411653773631dd63cf6d8b54ce1de655c8448ace8cadc043f23c567d4e39d9f87031

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 58478c2807db684da5f5114e9c898ee3
SHA1 a840e8bf002a4baa04724aa99f9af83d069f1607
SHA256 f2a7937a720a63135bc2367c8a78b0f40ccc354052dfbc55b77d437563ccd781
SHA512 70e72c532a6217fc6c3fa053ef9cc51095604e5048245283ae5fbfe0f40d37381ab69d5dc3f31b8264a876358a782ca6be99178bd27ef1092ca22d7a3e06d852

C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Network Persistent State

MD5 e7e7eaa37cb06062abaabe0ae026d146
SHA1 1d73c94e2626fb92970dd228404495fda5eab121
SHA256 3749770705506663f211ffc4ac0c53488447425b988ac7e4d4a6973ca488f38e
SHA512 d31bba9473fe11e69f1beb972bd080bfa39c1c473f0cfab92742b99e2dcfa47fca84b7954648dc832070abbc718edfe5571730c82e2c5d1d4b08b2bef71a7012

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1c1bd26ca3d9e23d07d6cf54bdf7d71a
SHA1 75bb3904bfea987e3031283b3f6e2e7a8adfcf22
SHA256 5d7d1f689fd1063870629d4bb68a19a1c0ecf68af50c4c43406418e863e09395
SHA512 edf0f775313868e41c740c888699c8fbe43e5ea8ef928d95e84b0d0bb89fb91c83492df2312e555d01a51082c9dd9c2f788a7c92adf035cb1322189da8193ebe

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\exit_close_hover.png

MD5 92c2bf222d6ab81fe7a0c072bf31c107
SHA1 8853eb08a2aa3e99fae6dabb9cff6461704f2a2e
SHA256 bcc053a9a087e077d58114106d29701a34f7851f4052f3157102811355d3e709
SHA512 6548d0038f4bda1db69de0729cc9648725d744953649a396b9147afb16abf018a5aef7ff7d3bb019031863f20c81bc202d6e37d171027ab9fde3b37402e179c7

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\error_icon_72.png

MD5 4aaf83d2b3fd56ad806708e60474df39
SHA1 144777a265879b69fadea3eb3ac6939458918578
SHA256 84e59d14d9433e6c3d92daeb8c443063b5e3be6c0b297f0403dbde473a05cb3f
SHA512 3b8485f054fe6ed2374bc81cb1786f09741219fbfcb22503707b11cf5db1ab262ba4349633597d5d9ddabc3415b170fa8eebc932f58d211d7092b8fb96fa1304

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\error_icon.png

MD5 dab2c4538a83422b5deae0e0de9b7a30
SHA1 78c2ab2271aa4020df1e0289bc3c1ba9a43fd424
SHA256 666ad4fe456216ddc06618967846ed31f81d8db5be97da6531842c0667352b89
SHA512 24cb30a68ce117ba16edd1e94c7d066343eb265c874cd55467db2f913c01b9d776b2ad846e3414cd820c0ba10d93f132aea27739d16165b6e9dd5fbc8890bfdc

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\setpath_hover.png

MD5 b1e53a76b6ddb3ecff52bfc1a8e5b09d
SHA1 012b5879e879fa25bf48e4bb62c35ee829eea571
SHA256 2da3f9367c847e47131370dd163f611c4639287512a47f487e0025c5665830e0
SHA512 4369891858b4adaf9144636c44b55979290177bcff57f67f341071e42e90f992531024e122c0bc5436ddb8c55e994e7b913ec37137a642dc0164e6e2516f0b68

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\setpath_click.png

MD5 624e84e9b49bc150043aa9fb0eed2822
SHA1 f23f2a4ec609e3e9cff9319533e561968ccabb22
SHA256 c94924e95a49b175c8fc00bdc2821bb70a85b864cc193becc553b32f0024dde1
SHA512 288e1954d29bd3d22b56fadb2e0d3d10580a540fa1f2bab1284d957708bad96df5e38b67c6dc14784e1e275b89082c57370b786c0d0c4307601c0d2bf3704460

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\minimize_progress_hover.png

MD5 fc2a0361a751177d3aacdba9c31b2682
SHA1 0a8f672d7a8777d1106e3b8ee36bd6e45bd322ab
SHA256 1a4aaa46893e2a9b011c478fbb0cd0e84c199f9f3520703189640088969ef5cd
SHA512 a15542c90972387133d86f6a94c17435432b1493b02502533c4d7978428ed7d44a7d3c5564fe08946561638f8a5a3dd0b35b81979c2929dcc386ee5f6f7ecccb

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\link.png

MD5 ae2c73ee43d722c327c7fb6fdbee905c
SHA1 96f238bf53ac80f5b7a9ad6ef2531e8e3f274628
SHA256 28c0abc6bfe7a155815104883a37a53dd783d142300471064c95eddf3cae0eaf
SHA512 5a1e341f727cf1cb4832cced8e96c5a74971451629603c48bfb91ceb4561d0122ab9ae701f8b34681d5f13115a384467d430ccb8282494b40f4577ebc3ad825b

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\installer_upgrade_image_bg.jpg

MD5 3bb85d2c8cef28c89a2d07adf931e955
SHA1 596d13e7742455afce8a534382b28cfd2f6aa185
SHA256 b7f75233e633107d50f24ca82099225c83a832571cd2ce92901f2db3897f058b
SHA512 7075fe989d69ad5f0f4cca5fbbbabad16e0949c2ab8538f3f96020b831a4ec1cc3a701dcb7332e577b5eceba230449efbbf8e288dad47a53d76e40c2337dc730

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\installer_minimize_hover.png

MD5 18fb6465b029206477d0222e8da6fdf9
SHA1 b7f91e5e3002a5d3c84a30ca6cebe1a89a65ba7b
SHA256 57aae4bf49dcbb0ad6cff6263200015c89d7752dc75c2ad918bf846e1ce9646d
SHA512 f045dfed35ea9ff31336cd354a0dd2e9a7ac2582cea1d25a444fffa3bd01e03d73611f786873a81a27a370e5ddb3a6043713e29f064d274088df1c925eb6785f

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\installer_minimize_click.png

MD5 08fc39a69fa17e0f529915919cea1633
SHA1 2966a3f739698e2ce368585fb7f6ac4eae4497b1
SHA256 2599d6a55a8e12b1f05a6e8982d55559151a25ae3690e6637510b6283622dd95
SHA512 f5eae902f9b631410b03b6d4f9be1b4cf6547a94f1a2eee6bf70b0f3036499c01a42c9d58cf98ffbe10edbe79577a01e64faf0e527a70bc9470a1c3d9263b805

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\custom_hover.png

MD5 f3e05f142e742e25a98d4f5af3ae0623
SHA1 88363e81ddef700803f4859d2f3f0b4af516bbf3
SHA256 d588ef0eaa334ed8482f32e5839a7ee0d0b544d5b8d5f7720b8c57010e080424
SHA512 5f07a7163c9834564dc4de5a1a484ac8208151bc244f8e72d64556abf88c35f6a81dd6718a3e6f681265c10e2dbbadb07570fa64c31113342a88fd605019496a

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Assets\custom_click.png

MD5 ced07c9db242115400e159d9a02bb7b7
SHA1 6f2bebd1714dd7522479b5f3e3f2b3f0d18e8c77
SHA256 1318e0f34a551edae1e82818fdf7de5ac627493db5b24556d919f525052d5b90
SHA512 d52e63792a5b4172d4ac4e2d369b22b170578616d04de5a40be15b260a2741bf8158b3aed9509760c334283360dd13a4fa21538fc4547ba464be5dd700a22b70

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\oem.cfg

MD5 880dbbc36b6f1d4a6ca9a73419564776
SHA1 1b4eaca846ca50a9fecb6a741dd19973eee9e557
SHA256 0d111e0260b3c11e1dae2b5328bcfd2d1fb21f15f5b49064bd07e272a8bb0822
SHA512 19980cae5bd279216d737cdabc9e9980c74f8918234879b9d5fe9aef1e265cf426931e9db798e2582399272258e18dc04d817b0dad6557010d04b6ff7a715322

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Newtonsoft.Json.dll

MD5 9e0b8e0a14e7ee6cb6efd398db947de2
SHA1 b64888070c3219a535b5ea12fbaf3ecf44992275
SHA256 b35056d5f6f4a83cb13d22e67d9f080639c7df5101e7a1ee9874e4b9ee8d92bc
SHA512 79c2c319869dea19d8e08342c72b41b7d992f7ffb7a402c9ef4a395412b77f7c8175a5d871947b5654b844c7d6e46cb2e6f20cc3df5194ff95b9cbf1a601c3eb

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Microsoft.WindowsAPICodePack.Shell.dll

MD5 cf5868adf233d09eab184588f38b2e26
SHA1 5e0a3280e48a3aa6fc4032c828610b085df6273b
SHA256 354bd50e38d1d49a4c29f78026c322ef2d0a45f804200b803f3052d0343e9451
SHA512 e462611e85accd2f1cc003f405a4ebb1fa7066a4db5463a2d1dd353adf6b9c7248ac4ef09caf690e9c2ed226daa93847feb4d18097c3c55dbc846eac04b47562

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Microsoft.WindowsAPICodePack.dll

MD5 da8d1efbe64768717b235286f5e6e90b
SHA1 b2cacf86de3edf5a4bf2e7d3cfa7c1405d8e27c7
SHA256 53569fbbfbcfc6997b3edb6228a150c8e97286848b3b6eabf9574c4f32540e38
SHA512 218342d51df43bde4860cf04e62b96788a4df4fdfdf616a55c67221c82f2ad234fc0325b51386ff8ada453e3888af3e8ab2291d1eeb5450313c44103b1be5ebf

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-Common.dll

MD5 25cf473399e389c84b27e1e6368478fa
SHA1 405045f874dccea5e1ae9a2e8336e277c2647ba6
SHA256 69cde5b1efdfcf407940933aa292f8f13f1d6ea43fb4f98a31a8187b741e6918
SHA512 1dca37de634143bc4ee2c367aceea4e9424161a60b118b7719e10227377c52c615c5ce41fcd9d16f31671c0bdf072a4bbe41786e05dd5d19f7327ebe9a4dfd68

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-Bridge-Native.dll

MD5 6b684ff03946776cf22e2812022a3861
SHA1 bb2b030f2d42bccc5fdb837e5c0e02c386d8ec13
SHA256 23bc6fe1e5dd8fb9e159244350126c16543c357cf89394930620735d92a0a98c
SHA512 48d5f6d525f395ca59db6bf0edd4bfb075c9ad24bdf7efd4b4617a48ae38c4a3edcef2639063be2ddb81d91330a78f6b885df01a775a179db9b4672835a3ea69

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\BstkTypeLib.dll

MD5 14eaeddcdf2c09f7fb65ded924189684
SHA1 479e6d68e8498d841089b6e16b0492a0a54b570b
SHA256 a21e6b63ae0beb3e3e83fd0d845736f971375107278028a6c1b4ebad56483552
SHA512 8c438ed3313e18edbcc597ec0ca85a48c521f2fc9cc59102d3401f385f0a4cb88c1b31a9427fb6fac494cc55fb7eb52078fdcfe43c678c7d372c06afc4b79639

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\concrt140.dll

MD5 c4fe3f03efd3188252caa101f954ffeb
SHA1 98b613aee45c71aed9d2be0d61d7ace323929e9c
SHA256 95bb425be3d515a6a58f7399d44dd9e032baea11667dfdba29517c460171880a
SHA512 80018e0bddf079367d3568433a5f89f0144aa0a75286b0105fe32aeeb5d80876c9b2e1ecaafb70fb041271e27a234a2cb88a2d3d160a4aa3768ccfcfc574704a

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\d3dcompiler_47.dll

MD5 5faba8b020b313253703b07591d00379
SHA1 f5ea546901c3faf60122a4ec2d15a86b916d5d10
SHA256 bef3c125122bb459434bb02e763454cc21454257a78e63ceabfb5b347d46efd2
SHA512 b23f0df210b25996953e51ceb2304bd85aaed33c41c75ee1577f6d76f37bbd2a2e96be0ba7561270e23b26cf0db2c8ae60567cdf91fbbd2d0577ae88e9ce3939

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-Astcdecoder.dll

MD5 aa7e6ddd5f2478b16e24c8d31b83ba55
SHA1 0f990407027a64e0986a62414f35d94134e61595
SHA256 ecf894e2906ea1d50d446dfbec177361c0d7be945030798038471cf68a8b0ada
SHA512 5ef1348eaaf7befccab2ffad9f2c08621e961b797304815f59650fc4a86326c9f0cf73b9ea4ffcf24f112822e0be8e5f6713234c3537c59b1f81b73d49a1067d

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\HD-Opengl-Native.dll

MD5 3265dbc00e176e00a0772a38708db0a0
SHA1 d3480d6ae91cf9915473a24346de627398c84bd2
SHA256 8586552fa47bfaf42586aa656c685ef5f3eb73317d813827a786fa57b1e2b1ba
SHA512 3f5afb051f4c3b3fe7a121e3184a8d613fa31bb2f69095fb94b5dde16462f54f243bc8d98bc19af555b7b76c2803c47de7844d3b32a1338e8b473449885e39a7

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\libEGL.dll

MD5 be6ff0ec680921380c04331351a1ca2f
SHA1 164a58758bd929d3f61f5193494dc4ea188c34c2
SHA256 5e287e7e884504b524dc4610bebe79e013f0bc6f87fe788dd1f5562b70a6dd65
SHA512 8603d539b08c32a9777eb5749ea9707a26a025dee72e8b44a34bc7e5270d8d88004a3dc0625986b4814402a3891ce32d815a27c6ec7e0079638a36b68d13890a

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\libGLESv2.dll

MD5 35b10fb121ff7c4f85636c4ac075307c
SHA1 ced4a1b68ec66eb8bad69651e8d2d7ea63028f8f
SHA256 5b0acf994cd091c5c07d707219a33de7d5d9ce2038bf93644a7c3d8d64de48d5
SHA512 14fad63bbe5bc296206656b1b6075167d4d86278e2db7afe5ec68144e7896227a07ea07d93e3a5b042deae6089984ab1ff9f38f80c9c9b128787871d13f28d71

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\libOpenglRender.dll

MD5 9c40f594188ca652b2de8968cd3e0ff5
SHA1 c755c3d3c453b7b342ba2ddc7821883b5872ba22
SHA256 3de284197320edd811133a49c6a00a8cb8cb5c9be6d931026812928981acafe1
SHA512 2390e65f4d6c679d946e1d44c5ebc3808b6e86dd89685df996da851dbfa07f36d6ae8e884f3390826314418460c542cbd6b254a7231a271ba1cfc054d2d9c675

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\msvcp140_atomic_wait.dll

MD5 1d2a0d23e35b93464bb5b09e5e4c02b2
SHA1 04d1a1eed3868433c5b7652ecae0fdcd29e1ef39
SHA256 a577b5fc4e3a14ae141657c30a38d11ff8593135e51e55485b252eb821d47e75
SHA512 18a0db760e4c4d9c4e014cff5ee0f433b298b65fdeca95b8f5f172b9bc534a1c7f64a1b2751b90e89cf76f41ee1ab468415466d2a657905eca9835e41cae264e

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\msvcp140_codecvt_ids.dll

MD5 4266e7bb9bfce998083d2f4f938b11c9
SHA1 23fc9c4c9de9fd3e71941df86e26c4dd44f2a95b
SHA256 e1ee6d29e30708ad5812035626bbc1058ea12fd5503d5a79d28c9cb67fab4a14
SHA512 5dc1e769f973aec3f0f766ad7c2364a184b9f71c1266f5e5a874c3e63ca7082e9a2c38346d387aa516e2f23acaaf62979434819697b2695644883ce07bbfd867

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\vccorlib140.dll

MD5 7ef7eab654df53e087ac4703c9ea0b16
SHA1 743dc76d168326b60f09347945fe1342a6effc4c
SHA256 13e568fdcde1b7b7f2d1c97a474bdb8858f5ab761157f0fea7201ccecf84b9b8
SHA512 0b860f10c03acb3866e82fd6044c29d63a2c6a1d5f6628f3d31f1cd1e44d7144e3660df3446b7a0b76b7811b261675e5aa39fb27efeec060d287fde3e630edd2

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\vcruntime140_1.dll

MD5 7667b0883de4667ec87c3b75bed84d84
SHA1 e6f6df83e813ed8252614a46a5892c4856df1f58
SHA256 04e7ccbdcad7cbaf0ed28692fb08eab832c38aad9071749037ee7a58f45e9d7d
SHA512 968cbaafe416a9e398c5bfd8c5825fa813462ae207d17072c035f916742517edc42349a72ab6795199d34ccece259d5f2f63587cfaeb0026c0667632b05c5c74

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\vcruntime140.dll

MD5 11d9ac94e8cb17bd23dea89f8e757f18
SHA1 d4fb80a512486821ad320c4fd67abcae63005158
SHA256 e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e
SHA512 aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\avcodec-60.dll

MD5 5c9a91c44c5646c0d7d2ee4cf990cb5f
SHA1 65c34751b36fab3d4bdf6e79e34d1e9ad50c3291
SHA256 639f445c807dfef8a42a5e1bc0b1a19f82fcf2523b46820c60465bd47d8e47a5
SHA512 11f227a0431451e15426e5fd34fcdb69096f50d589762e2f17ff834b32f70d5305c5e707eb61efe07740f2f001405c905a7ebaf5b0e91b4b040a8b14062ede3d

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\avformat-60.dll

MD5 aaf5e285e8e8ed6a6e428b52728ed18e
SHA1 89794b8e834a617724f24aa18de745f413221045
SHA256 17e49a141502a26655cb3adec68c45ea19491e713eea13b1c3c35e458e77cc1d
SHA512 67cb2a03ab2740ed4f10955be1c2b7025f5e16e1eff7814fa6176458cc676dc892dc4b6d53ab0ac94be1c6176916f29b49d9dd3e1dd8e08c002d968c90eaf051

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\avutil-58.dll

MD5 203009102eef773a714cf83515723b4f
SHA1 7d3a4941e2ccc42e9d313a5ec2f1f7bad65c1a61
SHA256 a8da1bcec215e8b002c4f8da2ddbc340d93937c93c480cd30d42b1d506f77a7c
SHA512 919b8badcdb3e1a78b5a96ec81dcacdf5cc9b76bca53d27dc7916700cc1e77e416642338d456345a617118bacc6913fa62bfb43c8937048ae346c1d295b5d8b7

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\BlueStacksAppplayerWeb.exe

MD5 33f277e986149e4b3cb590e052c4904e
SHA1 00d90936afc6183b612d03a3ec12db2bf4b0c8b0
SHA256 a753fb439c724ccfc00a0d5218ba540ed13e287fbaefa55017d2a96c6b616c29
SHA512 7aa2f723d3c042d849ac771c190f2c06de532a8f263eb0ba3468f0594a1dd8c58ba545b58a77f611d1c4feb519138dab455dd47dcf483907660089c8f4c82546

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\imageformats\qgif.dll

MD5 cda2aa5f7792f7f6989fbfb976c76107
SHA1 6f1f2a75b11689adb68175d2b382e9cdd435d395
SHA256 4db6e6109b1771f966deba62abdbb80300fb7d154266a2fa8c77e2fa6d4abcb0
SHA512 0068f8ba909533b2d876e80882a0ad10bc8323afdce405fc273b2c8dcae5f34be76bb2c04ed816c136c8dedb513356af0cd92d0cd832b066ef4c26f3149e138e

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\multimedia\windowsmediaplugin.dll

MD5 ecbfa8c49ca2fa398553fb71dbc3f2f0
SHA1 c20cf6528683d7d85d2498bdcb99816466b92c33
SHA256 d1ac17c7c60869dd6c974a443084e7b5956e8d3d15b36327d9ded665118577cd
SHA512 8f1604ea33b8a6363af531a4b8ce4ce8564a4e18e9c796f9a311181ab970aaa8339c286e924671b69b06fddcbd5580f40faa6f63b21e91124694fcf422b929d4

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\multimedia\ffmpegmediaplugin.dll

MD5 200a2431241ea2b1bebf61d1c242bbf6
SHA1 80a6e9298c6ce3af44d7f829d5359534979de266
SHA256 5b8b003a86e49e3c4d1c750c940c6620fe6d8f0c2cb4e35b01eebf5899c958ff
SHA512 b4ce3565d780a8201a7f01f74cc830e577a026d1002f60c9de28a13491160213dc76831a80265539c8148044db92f9e4fa76b77f86fa82d0e84c93a3b09f5cac

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\imageformats\qsvg.dll

MD5 b90e88e9952dc0a930895feab50348c0
SHA1 768a2797e6d0732faf54ba3994a804374dc9bf98
SHA256 f04ec129d462e1bbf3fa4b8fefacab7fdaceafd4a2ecfc50a677e8c85f7238ea
SHA512 3d573d87bab03edf59dad9c30381e1f6da140c016967cfec801ae335cd6eb4d8bc169c03602d457974ce1d61667c13973f7c6ff57881c7ef416b20ece7039f15

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\imageformats\qjpeg.dll

MD5 85089a44f0a801bf0df3e529d5dfdfe0
SHA1 9eaf3133ee6e4f504092bb67ab86241b5734cbc7
SHA256 ed785d7a87abc60ef8e9df6fb9a68eeea65f354a6959fdaecd325e56182af7de
SHA512 f95542b9357a911dcbbade0545f4121847c5bf64fc7fd01592bef7faa97b9a24af0ccb345893d14462a0bc32d139cac84849ce12ff02578f739041ada2001adc

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\platforms\qwindows.dll

MD5 b3c0fdf5e0c90b2b11ea47ac30d00dcb
SHA1 f0e77ea6359b825483807c4791cc802afe584839
SHA256 82886475a18ea367f9d409946c8d1ad99a6d926e20a40a6e2ff8edbff0dd3b4b
SHA512 70815fbdd030c0b174b186bb59ccb2705c4a9d5e04621c24f9c1e6908d0e223e7f5a3284c874ba9c3a34be92779ca3480eb6cfede5f4e2e40fbae59fb00432b0

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt\labs\platform\qmldir

MD5 e49a668b90132546b4d746fde6428b49
SHA1 46870297a9a52118a50b846db083215b3233b2a7
SHA256 a56a9f3e36f099d7ecdc2d0f12bb1e4bca34f0c9b6218850a8dc676c29280e83
SHA512 1da70221873392cf25856a76f2810a0290c4ffd490cae22bc8183a3b165f645a10a2e47eacf373ff34bd1f4ec7d9352fbb814e52bc84c1bb514bc905c39134cf

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt5Compat\GraphicalEffects\private\qmldir

MD5 f1a067104d9bd191b0f3d848a0fa6d64
SHA1 53b15433f57c61c540c493963aff6a77f9fdff45
SHA256 bb9481e3e26069623c4dfaa9cb9c415529d084edd67edda1595854421bfac5ce
SHA512 71ec428d3ba43ea5c544f25dea40e58cc3f8605b6a15ea4312427003227637a99e74cb0e8f04a4a95a726026a65c2c02a31c1204db00dfac259298b3cf91b381

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt\labs\platform\qtlabsplatformplugin.dll

MD5 5995705b62f1ca954f74b0a59dcc99d5
SHA1 342077d1b46d5bba36e4f0333dd7258f55ade651
SHA256 8df3e0528be697ca08e5c82cb2e77131bacdc8f2ed9324d14a3ce7fb8d2c7b25
SHA512 5d391cfaa898a0501f54b5a6248b111f63950731427944d4d40341e4c0552692e8178297bc31e63fab4106d30099defa50785565eba01e23bee8215b0fe7f493

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt5Compat\GraphicalEffects\private\qtgraphicaleffectsprivateplugin.dll

MD5 329586d78bd77e76e91c50602fd2c956
SHA1 0a9aa198a6b1cb7dae7dc6d9faf8242f4e1acd7f
SHA256 19922327ad13710715304f6734ada287f6ca3fcd5921e27d5daa155381d03cb6
SHA512 f99747692ca92a1e5df9367d77ff20164e81fd0a3a986868555f935667bcffe290374a4b90c22a0cff6fb4e56e5d30da7a717f1e41d91fd66f94cdae7e9023df

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt5Compat\GraphicalEffects\qmldir

MD5 dff2761c6a369bb68fb64757f2ce7a1b
SHA1 1b8f6975a6ace9a806aa332af0f90a92d4cd3b38
SHA256 746e523c5ab620100ae9331b0736a7b76013b432982c9aa68c10cf67fba0aa89
SHA512 fae63c67b220913fc81f385e9de05f55377eb3bbc1ca3c5d3f51a2aef05532631c1c9d34013eda3a4bd88b98cb86d5e5f78ebde6ed48f0737a16b670daf202c2

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt5Compat\GraphicalEffects\qtgraphicaleffectsplugin.dll

MD5 40a9f3952037a83b01bfed728be9b2de
SHA1 61c643498ff17937e3e42925733220e88e207551
SHA256 34e10130fb528670c01c03c3ab9e1ae7171df0de477211a050e797bf9b0eaf2f
SHA512 76d8b87dbb1ef249f9b46ccc57014a8d88b29c9603d2502993c30bfc8d394bfaa4caa2b7e1bc05de28ce65a1e82aa71e3ee493426b929ca1218f0d6cc9e77e66

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6Core.dll

MD5 b5fdc51aaabe8c0f1b611e003817b3e0
SHA1 e856cfb754a1f753c85f10e3e51914b76c916f5c
SHA256 8a1af6b5ea341ef0d01573a9005e5c68206cfef6853b5584e8a737c26c9d9ee7
SHA512 b9d9973d34087dad86a0b6fdaa0a8ffcb1261c73782459cdd16675001bea9333039e9a75da98c4f2f24891931fd4ce7dfdb090dfe046d47ece6b5ada99368afd

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6Gui.dll

MD5 817b182e009f388672445e69144f8543
SHA1 a66cf9f9909bc2c4306dd7a6382965eedebbcde1
SHA256 cfce665b7c477ebff815fb27a9b55d0b629183c0cecb5282a87bad666d76daa8
SHA512 3e7ac5cf005a11d0d0e23084efce3256a342fa559c393f40bb81ced616898e03ebdf265fbbc855864d402665471010210d6ed12a2688f9fdb4383a0c659043b6

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6Multimedia.dll

MD5 bdd2401c24e694769007d290744fa00b
SHA1 b1d5b2333a643fa3010fd4d1de8a403f6a42f033
SHA256 d65d749813c1778264115ebd03ecccd87628dd1432a03560f13b009330459306
SHA512 922ebff563f4c9a2c04526ae9b3d0eb63a4a3e2a60bb3843c08aeded55f6cce4dff247ddb70b44ff31de9c6e49fd9af78cbee45b4b05b2b8e6264fcb86ae134d

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6MultimediaQuick.dll

MD5 b5a48a332e16e6728a2d26714c126c49
SHA1 5f6b55c7a2eb5afe58b5c09185d2ce1eb97e4518
SHA256 c87fa93fd57a6fb2f7d10e9c45ec09c9cbe1298ddd5f4d7458ff896e99b17b85
SHA512 4a5f92f87c6eeade882d088ef6c46cc93a57786fb740422806e6a603db4dadfc9ddd018829add5c59db40ed86a4d5d25c933d97b712cb2b757a32a7c8771037c

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6Network.dll

MD5 794760c25a8de30dcb152808dd5b7416
SHA1 8a4fbca5e2a29e56e5d25db6912a23784fe1a644
SHA256 f6702966e341d9a2f1707df5833db984205b3717fb5ce3cd2a37383ac347905d
SHA512 7d03a3077644e394aaf0e9ebbb1dcb28c4394139a508006c4134891670541d599216a8fcc1e229debb84ddfd0c2248392510597e2fa1073675e01728a0d8dfd8

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6OpenGL.dll

MD5 7e0773c305ab95833cb14884766fdad1
SHA1 566c5942e445e42ccda7766bbb2c7a5ec7219948
SHA256 5180dc9d9394d8c4de756d6e97e6f12e4f27639578124236589e08ba837f0d3f
SHA512 809599445c48b9fe486ad157891ba0459d446cc268374419f64650dbe2b11d3848d917811115aa11ad613761da9ff556a788a81cb2c5f390cf7150fd2fb75c39

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6Positioning.dll

MD5 5918eade11bcca3d515081fa588d8483
SHA1 a83686f6612786a3749431a810b90cbbea6e4926
SHA256 ed4660c36afabf34e5ac18430c94ef82122e770c28a3f71b88a09fff0cbe7a69
SHA512 78167e577f241d0ebf2fdae86bf4d89410c36043ff8bfea7544942d779297434e738db5c8d8f928d13244515d9fbf3535c8e8adbe99d351bb95242cf9cf73bee

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6Qml.dll

MD5 903ee7dcbc454a86d6eb9827ea627966
SHA1 2fd693ba9ea121e2055f12a966028f2264ce9275
SHA256 578afdb3822eac599b48f6e101a35d40744afcbdea8f35bf3c69b57004c8ad51
SHA512 042bdd2283578faeee87d8f338e47db5b138e0118de24fb4533c353e8a4c7f5d99c7dd6ff699a8d9da706dfc56e5d712d285e17e2088a0c56b531206cfef03ae

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QmlModels.dll

MD5 3d185167828e5b21ba37d2f7a366aa6c
SHA1 a865604239a8c960695512e494b6a876ba052720
SHA256 846d37da5d81570c08824fccc2a1fa7b10b40dc15bcb2a71b9da553b87680992
SHA512 8d41b405fe4c1881b2f6aed9a4d655ed9a3041a92b977ef7e48ab7f27af1e61f6b8c97b48946a15ba7ac3b99ef06186670d42bc9f0f68b7f8e02ae79e0de8f55

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QmlWorkerScript.dll

MD5 48f041709a6b31471d6eeaa090232d19
SHA1 feb934bde6bc8d4042e96b579b7b8a2b01af3679
SHA256 c52c62b7feb5491d2d914ae10478f3a0bfa3fb58cb75189932f5dd5ffad31b1a
SHA512 efd6169527836c8088d78741b2d813176ffd6050536187323d19e41ec1ee58eaf28ef51412665fab2425709955d046dce370f5d7613c64d2713e81111140482e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 59fd4d0ee5a9d2b8a3c983122656997b
SHA1 0c0fec4dd4a556ebaa7c2494c25f483d4899efa8
SHA256 a11d26665b5944b02bd60f978546e5c2b4ce1dc60937edcfd88255f8f8d6bf3f
SHA512 0159d292d3e7a624467366a489313abf52de22498015c92c035c8e989ff8570481a8798277bc6071b8ec06f14c5c3d05df6588d9b0c111f226d00849179e7017

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6Quick.dll

MD5 59511eaa8c0fcb1af74123efd644e849
SHA1 3538e0948e97f898745b0abd268ce15c97d00715
SHA256 5deee180c5947e3370cbde40ca5151367d8cf48879fdae1d748fb1ee995744f5
SHA512 e2373982457febcb021e9eff401df3092d9edad7134e87f2ee6d0717da2df8ca47d7d089279c396502235a9ec4cbe748ac53a6613ee088f1fbd0814e49f63bf0

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QuickControls2.dll

MD5 c6a5d1d04232d1f649ecec45b6a3f01b
SHA1 3a11301f621170b0aada088753f83b1c917edfbd
SHA256 3e8892f343a7850884d88935cf67c28a97e186271c34d33dda7e5d0c83ab22ea
SHA512 39ca3971179a6b11b1293d473f82cd22f8bbe0819773c96d9c952a42c93cff12e6050eab6b5b8b618c66ee93f72fa0862d271c1318e30c305e1a8cb828a2303a

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QuickControls2Basic.dll

MD5 0efd67dea0c545954384c802b361830a
SHA1 fbc6f799b9d048957dd58975a358f0c5706af5bb
SHA256 241f93951bd5354b645dc85db5fb4f886e7486f624bf007ba7d233a89e5e4f0e
SHA512 ede83a52bcc79014fc752360f2cc72d7c82cc2a4a3daf5764758b5a200c434cedeafa299012b4f47f84a38004f449493010faa7e5dfb734327041d42cdf2e0b7

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QuickControls2BasicStyleImpl.dll

MD5 8a6e9a37ba9e1b09c20db8e36ceca0b5
SHA1 fd2ab3d9e63dfdaaad1c5e0913e8b8988920fbd2
SHA256 e584ad5196ba39477c82b53c4494e2634f1d680662366e13e9d196974f4b09d9
SHA512 462e37a8d7f49f15c62c495e4bef728603b37e3d521637c04c1f009b55acfeeb9b3f782f43795ead5a280663f086018a2197b665d82bafc275b3617b17e9e1ff

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QuickControls2Impl.dll

MD5 cd9c82e899b96d90664d0fdbd3b9b328
SHA1 533d7cbd433d88aa815e530c1898d2436c5cf26e
SHA256 b1f431714c90b70c990378f4ed8d598f333125803a8f891b5f5d49d62f37045f
SHA512 539e7f6ba69be8d86187aca70af18e59104098a7979b2258e6a6b6459d3a40b34c70ea26af524d4961b0de3da6766ec672d36d6f8766b2c17758661e5d448b9b

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QuickDialogs2.dll

MD5 8edd41e58cc4203d53ff49d823afef39
SHA1 38dfd9301113737d4d6fe3444e048d1bf4dd3dc6
SHA256 bfb0dc7f2d715f203b19a0a39f16542f00892c7c7d2c9789d878f97b8e646b2d
SHA512 5f68ef40292ba9133d43b259fd1441813ec130b935fc6a664a892fda75fadef38cd332b4175dc038ff75e60b4285c4992c0e61f6267e2961a2e0b1dd32045932

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QuickDialogs2QuickImpl.dll

MD5 1fed3fe9d304c1083e54ea30b383635b
SHA1 aad2eb155460089e8d6d3cb00821bac8c5d00e7c
SHA256 2560952163e1de8d982e669dd271bde723e32b2c93de6721e3ac6174fee91cbf
SHA512 1121193477e8218e9aee2fdbdabf5b43f42f922b2af72143240e013268b6ba1fa4a42bb13099c7ba6e190715854798488706c44158408e2ebabc4c0983f7b099

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QuickLayouts.dll

MD5 8a386180bd4c11a96a1ff7b2a9b47320
SHA1 3a25f58ac2dd640469730045f77a1c8d36349c84
SHA256 ba807b732f8b380118a0dcab28aa75c2df3bbbe1952f0b14164430a7d348bf30
SHA512 6d0ccec63889f4d7b54aac8ed97e11b5ca2179ddc0174b0fdc111ef670497f349e81e4a5961abd1d4b260ad9cebd25a1ee2c5ad8dde7a9a06192c52152498e4c

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QuickDialogs2Utils.dll

MD5 0206f58a2b914da1ac21bec6858cd61b
SHA1 b0169cdba3e35229d29809e7da759b1fe198707f
SHA256 e54f5c10133e2b331c5da0095dbee0b3df4c0f29f2341db9d3878ff5a825209e
SHA512 98e390617a5cc898d45ab3cb204a9c9a688158487e1bf55f47f3e492d9a66edc9e47a99d4610c39834b2488d06a8c0edb634a703f0188293eec6094fcb77c9bb

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QuickShapes.dll

MD5 70b3be941970285ab6c5df7da09c7995
SHA1 9e9cf814123537cd6b4c2c78821d639457172e04
SHA256 96c7d04941ce1e2aa053756c24cf770eb21d5d87488d12e0e52ff1aa23f2120b
SHA512 6a0094d53fd076e45ab445435590e3c36243517d97e31b054180298d9873d67986554be182e07a4c87f7ec03346c567ee2288e12d0c8bf7f9ffa2bebe21983e5

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6QuickTemplates2.dll

MD5 ac8c3b6ea0500c236b1f78f7084bfa2e
SHA1 3d93090b8d5b4023287fad1834413cf9ea838ae8
SHA256 9ce15041acffb2a9c2967cfc8144f4353f26b70113ee7e0f12ce582fb6cf4a74
SHA512 269d7fabf3dd5819402a0dd7fb2b7ac81abeb775ffaf4995f00acade78cfca81613d89476638c110898e9e1522ef3c2a477f410efc33860ccd6907b27e1dac4a

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6RemoteObjects.dll

MD5 d1996fa4136cd8c2f643a3770ecf5f5c
SHA1 74cf4b91731a518ee3124ce649884a2757d9c615
SHA256 f3e3ae32eddd2290021c4e55ce3b519f2000d20e7e648102a1d0a3976e718e47
SHA512 a9f6af09fef0f94fe7cc50a2f98e28a8148d91dbbef081ca73011f8335bc9a746e74d55b7a94d879a10ce7a3cf50e69113a9296d29beb8f5366f5be8c9d788c4

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6WebChannelQuick.dll

MD5 ddfd4bea4e325844d083ca06be370a61
SHA1 85ac85fce3ed43db9cb8286b74a33e01b4b48b65
SHA256 e842737a7a88fd6e7822d85a93a8eb0b7873f09cf1c5ff7bef21b53d2c4dbf41
SHA512 e462089d9f01b93efb769bf75dc64fa8fb275aa3a37fe48e1a3d1bdd33a9f7ac9125f8fce538d39ec05f493a673611a69cc126d10e7e55212472d9a7c4c9e37d

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6WebChannel.dll

MD5 e1c366b3a51c734adecc49be9a0142ba
SHA1 342d3d3f03f3b56135b0f59a6f2b5191e3900b20
SHA256 52653500fd113610125240f5d18b64c5373eb0b75c8fdcb2718eb68ba02acb70
SHA512 b84b4e3c1335277f8e94e297ea827cc1ea787a6d4508435b77d7c93aa093ee3aa81b2e6b6b1d87058acca4adbc42b3182e08db5d9ffebc4e683e70cec106dbfb

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6Svg.dll

MD5 3b75cf39102e5152a34bab94edf82167
SHA1 ff99d035fba6f8e20e7ea5fecaa3435dec919cde
SHA256 cc8fefc7bff06fe18e7994039b0943a26b3fed4d5c9b09845e464bad3adf4f66
SHA512 ff46d4a54e4b4c7915ee5172dc8e6b176039fc6c180cd49aba2308fd7143f49529f96471d0c7e7a0f9abf101600d4414a765fd0b9b7b80c5698918b1a62cefae

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6WebEngineQuick.dll

MD5 97814a8961992936598f1b7683aca5cb
SHA1 6644cf3079595f1337116881e9cfcb2ef11c818f
SHA256 1585dda7eda1e6cca66d840257b23fc0b25b0f4b448b25c0896de790ec744cb4
SHA512 a6c2b88fca842a8aad3b3b1d878f50b90f573830009d0499248f3f1a38a8ceae42978cc106894855eda40708f09a215c77615960d06cdd1da634e280c94ea448

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6WebSockets.dll

MD5 04cc26f549ab23a726f5625d773f659a
SHA1 66f7b72558335121d676fdb276e3679fe4b5da17
SHA256 d955e7ffdf0f3ebae045796a242949f851db07ddfac9cf50df45f601e04b0e57
SHA512 b3f8f4012f683444f09e3a7a48586143e3401e5d165c6455af4bebc04c6e01d92bc3255c3dbe3fcfad08f7b55f6badb3216b342854d1870951cb153ea50c5640

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6WebEngineQuickDelegatesQml.dll

MD5 93c0440d85f375b171fd01c5b43ba85b
SHA1 f05aeb8c34aa2269a1622d1748c6702334774fef
SHA256 efabaf7879040b2ff01dc1db582f15ad1d28e04684eb67f3907e24c780c4e014
SHA512 b9b3c2af9678cd6610317fb7a64fdb2e1607980c515d213efc74851e8580301c9b9520bf6cc8a06d8abf8ceef47f169048dc7cf1bfd31ca268384c21752f4827

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6Widgets.dll

MD5 c3241a2e538115dbaddf3a8c283c7966
SHA1 0833370c511d9e44d6a9fd44eab950a77e6908e1
SHA256 6a97350bbfe5518c5e41453062548f493014f8037a70645246549de33e6cfc17
SHA512 3ee01be6b0f3f112cf0f64ea3d446bc819f310a9fa23b96e6839d4a4c007a70603a7cf595c25c107f04a65110639b3d617094c1b0d1240dbae9e54ee42e6b148

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\Qt6Xml.dll

MD5 8169c439135d3453614e28466d0f3e8b
SHA1 14cfaba32e6f878e94ac2137852dae5dcc67e3b7
SHA256 fd6e3dfc8be003418f40aeedd90aef4296ce39aeac544a3f4c04bc86ba1b06f2
SHA512 6d2655020f76412a45adc3b6da7b0c5ea9e15031161f346ebb8b8875dd2356fbe0d66d9ef829292f5fe5bd6fb495e003413b4b6cefdd348188b8cb8892a66a34

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Controls\impl\qmldir

MD5 10b88077e9248124cc7eb9a17b5d6906
SHA1 a519e508367c7e7002fa17fbf1be61a0c7242e5a
SHA256 d968aed9b217c5a95b8a0d3d3f48635302696b9b2f5f7e73ab16e8be6a9fc66b
SHA512 90c735b12bccfc14c8583450a7df0e0a8a0d56173e2ffcb377aaedf18e6d9960b5b52ad53494da8a53c69420175b56766a0cca29b096dcd2918c533f7cda5ab6

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Layouts\qmldir

MD5 59476cc514bb3c0e6d94b0450fde47bf
SHA1 ceddc40c1c97d5f88831e76460afb127b808fdde
SHA256 be7bc0d0defd3037fd4493987ade323210f191bad527255eb32d1df15b1b8edf
SHA512 3331f35f7c6c6e278192017b73ead6802ff1c394111c82c061120cfc7cffa365c407328a5b31d239f847fd3567ecc2afdb3f005062ab948c504bbbae21a381c9

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Dialogs\quickimpl\qtquickdialogs2quickimplplugin.dll

MD5 abfd86b2b24ad23f3aab3edd952ab053
SHA1 3f82656bff4f357ea40787d43f9610c9e4a2337d
SHA256 c5ee749b4f347a1e00b1f912ebf5e4a4e6c34ffcb8877b5db556742b0c46eedb
SHA512 9768741702df37fb2bccade5d0118c114cd6440bff1bd7e76801a51c34c86b82e681cb4b195cbfceb4cb2936c81eed0b40b14507084ffbbe653b1e0f68ee27e6

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Dialogs\quickimpl\qmldir

MD5 a732e1b574ca5ab3590b8c6d6de8b2a4
SHA1 0bfcf7f7af86f82b196446e0542c367f88023f24
SHA256 947b7856d7f3ac5e731045d2627973df06744aab3ff392248ef2eda5d42a6279
SHA512 9dccaf5a9258c8907d58c0d72c9ba315e32d4878d3d31168a58e3e5c4cad234d34d668f6979d57e9e47bb5c5fbed538f4e4f7009ca3c17f614f7367addbda4b5

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Dialogs\qtquickdialogsplugin.dll

MD5 3d45a03c422d0604517d735180f32b65
SHA1 cdd53042670df5cbd2a94b595553658ce21ab2bd
SHA256 00edeaf6b5447c16654d1e8f010d882d909aa2766afe44f4b6e38b260a9928e8
SHA512 54e288db318376cbf782890bf46b51160122e69fe4a6a61cd6ca42b614c37ca74d38f85f24717ac78efafb6ee14d844a2240dd94a41597c09875d7d651ee3e6a

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Dialogs\qmldir

MD5 82ef8bdd05ae26b81ed33e11d06e28d7
SHA1 18fc845d32c1deca96d97d47a5a6900ab7f99747
SHA256 6b547b8e506fd70e034967fa4678368a515dc8e7cdbbdd0fd2b1f263b28fe46c
SHA512 4541c30ecd7178dd6c238a99eb3f0a9fa46029e2366ae3eb1ea9684619038832534e5a4b0658973d47597ae7bbd6e344c8cee2d74e1126c2657a6be8048cb393

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Controls\qtquickcontrols2plugin.dll

MD5 603a83e1eb93e0b4e1c7fe1b768fd105
SHA1 3f5d29c06475ec16b7436a121fc23ecd861f87e8
SHA256 932a269dd90d509b03f32abdd2d2008db697f4750df47bc25eb6b02e965f836d
SHA512 0f39d3091eb96348222a935f567509c7f5edfda74f7481453386c3e7053405517296d28cd264872fd1a50951d3bd417b4a40df24dfcd425d4077a3a78d4a0080

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Controls\qmldir

MD5 a098009511c5c0a59833180919453a5c
SHA1 90ecb87885d6fd7aa15cafd2c8d67a68c4d43f25
SHA256 9fd5547623ce4b95247351517534bc5b4b29d43f36f57b7f3378b24acb58ef0f
SHA512 63ce67b9f9285453f5263a6b1ed612b9434c804cd0097ce56ca31448a45ddb7befc592f2901b83e66211b33cea7ea46635d9213277eaeec8bfd683ab65e62c8d

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Controls\impl\qtquickcontrols2implplugin.dll

MD5 42cbd88fe9d6570f24b4b517e5f30694
SHA1 f7109c9ca08efbd9040d983b3f7b1f6bb6c4b1d0
SHA256 0736118554729f3a01528082c106c0717f92e728dd93b4f9761e7d39b050d64d
SHA512 0f6e8f4c1b1d23197608d1a35827665454e3cc439b2ad80c6b358a8238ffbe2128b5196635e2f78f0ffb0302958c1b7a54eb0e8d5309a91c1ba00ad123093101

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Controls\Basic\qtquickcontrols2basicstyleplugin.dll

MD5 bbe4d4b6f282dcdf020edea17fa11234
SHA1 ea871074fb5abff1baa4087f1aaa6409f6a5f10f
SHA256 4907a1cd4ad812637b1c5f7359b12f1219c462962eadce8e6f8472fbea628104
SHA512 50ad4997a84da6c272c79d3dc820d83438d83512f5c35c8250e319577863903f4a8eb4a2e995b6c3d023c15aa5aa147f8345ebf573dd5083746bc25521a57524

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Shapes\qmldir

MD5 29545ca5555980969d58494c03e810db
SHA1 b56a6150c8d39708e502b53d2c7535438aa02568
SHA256 de2dab12c07574207db93315ebf5bd6ec6656d1aa506df756328f73342b2a7f9
SHA512 6715f3b9f144ee65cb37cc200c1be14a827cc40b6fbc47e456a5ad04eeb751f69b1cdd8d4c3fb2a5ace30173c2d61b6633958e7b8753a2c6bd9c3d27275941fa

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\qtquick2plugin.dll

MD5 0c90675a28d95f6bb1050b69f6477de4
SHA1 bb8518a467430fc41322060361534ae73879f362
SHA256 e9f4fa73ea93efa6883c8256f74e4351c7cf808db721e0e1d49d4f5af97cdcac
SHA512 c338061443eca85503619b9b9e5397a480ad60b2478cfe3468db360c88d0d5f938fc577e5393d8dd4ae8c40c335000bda9a7fbe9490f112a5ed0d2346be0a605

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\qmldir

MD5 229c819d9d388357c948f58e96513964
SHA1 9580844569cb3de2d0f728695d9c83c6713d5c74
SHA256 137c386f9b2ba49fb3a3417b55096f6f1bd15a794a98613a862b490a6fe4fa79
SHA512 61fb9d95be728ea658b31b137216ca2db2a52ae4523ebac1f7bd7b20fdfde4442b6570b03c7defe9047a96905227cffd0160a6e3f42940e27ad58dbf3b3383ca

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Layouts\qquicklayoutsplugin.dll

MD5 fe46bb3ebb124f1a49f3b057f53fc117
SHA1 c0b2d468629ab2f517d8bf91916b3d1361526a2b
SHA256 8b25efda99d9978b84c99fb5c63b423ebdbea40061611a835cbfde745e6892f3
SHA512 74d428d7737f6d0ff723c92ef680f9807c8b5eafbc472a3ba021217e0d61e74847930c7a46e598b39bd8e792c205988da51b1776076a2be598dfe1d316798863

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Controls\Basic\qmldir

MD5 3329231d19c34ec08997356bd2df27a2
SHA1 9f7214d9f3b15263ee2fee5568a9940b3b023a06
SHA256 142346c196c2b2674fd0f0e7f8c1fa23fb9964bce47c02d5029041d6a9248c69
SHA512 ae9a06615a5037a46eaaca120b4ccb176466d8aa0472fefea59dfcd7d83e5d05a1773f941981f41d268d8fafa421cb0f1b21bbb28e3918a3f548603a1a939c67

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Controls\Basic\impl\qtquickcontrols2basicstyleimplplugin.dll

MD5 5bf2a01e2dd7ade5616ca79170a8d23f
SHA1 cee7440be25c58c73600a50cb11bb6fac7136a61
SHA256 554e784f16b2150058eaf4cd3003c018e980b4fc5cf93ce1e93f3eb14fbb74c9
SHA512 e42aea99eb87ea4a2bdd815c95c53b91b80a0df5603d7786e0d9b1c3fb0031a5670574f9360f17c5fe35582118e73595f4a6a5f2b830dcce32a6b8aeeb0329dd

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Controls\Basic\impl\qmldir

MD5 d6b02bd0093c8bb00347b387e01be80c
SHA1 06ad73d6ebf391957932c537f8b933ebc82d1bae
SHA256 89daa248ee0544aa92530173d3e969d4c5b05ac2122d836173cc50d069805cc8
SHA512 3b0813529bf0b1fa3541798a1c1b8a738f13d0a3f769b0d49aa242aca18b5ba8bd3e3e2746ab7ac0d5cd680d916777814fdda5420bd31bdeed270be8e4428fe7

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQml\WorkerScript\workerscriptplugin.dll

MD5 9db78074c4e988c40441b7f318d31a29
SHA1 b507f2a12d6698cc4acccc14423f8adcf6da5dae
SHA256 e478700ec9dd0f1de166f43eaa408a38b9bc2f8b994a80846649ff934d8c0e07
SHA512 917bc4a6f347b81e0b0bab1b6a9782d0a021771b98684cd9f9c2abedf155491006a01e3d56b5265a01ee7aea17965bdcee0ba290dcf92e782937aa816d2b041a

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQml\WorkerScript\qmldir

MD5 2d775cb02542905e995fd826dda7c026
SHA1 64ecb2070786b0d83f8f01b4f0fc8b44fe0a191a
SHA256 516dd5663b9e122cdbb2d212509724ccbb826b0774b1eb08cb96c5f82fd38ac3
SHA512 3b2aa32bac27b3b384a518926d4e26d5655a4434a907b327cecd61a0c25ac5931f81fcc49d16d0b25cfc00f98d346bd269310829c6064a54df2664c60f43b718

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQml\qmlmetaplugin.dll

MD5 852714229daa6a278feb0d01f8e34375
SHA1 92e768efc89624434a610a7201721e74db49f0b5
SHA256 c02b6e8fa0a1b93c50096f56218d38e0d15099c7e1b58ddb31b24951d3e1bcb0
SHA512 81152863a5758f73ef72f852e4435d5b147fc130805272a676dfe3fa415eddffeea9193ae70e6834513d0bcf09cf2881bccf18a98404f27bb3b84a1b466d49f9

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQml\qmldir

MD5 d23134f3e810ba1311f1526c8e784685
SHA1 409d8050b045777b22529a814be8fc7daddda2db
SHA256 872dd0ad9c23701f8e551ca98f6b15b1551b3af0d4fafd2ceca61b328d45df60
SHA512 3b113ace75caee2268f196aef8c636482b3ec84de6055fccda50eb518bec03f9b4db2f4930177ee3d4e6ac896069a3bf27d596d9c45475428c2fcdb1e3f3afd8

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtMultimedia\quickmultimediaplugin.dll

MD5 006ce437705bb2b7b296dec8d971fe51
SHA1 e0f334a24c8710c044f5752b8d958885a49dbac4
SHA256 46af14e6e6873f6c878ee68def05934a30d1ae4328bdf1904cba00d354322c5d
SHA512 a0ea63d3bbc4f072449d9a5390f8a4e2394ec927ba390084c786446a72c8ba4cce94f50caa910a2ebca8b70d8ed5148542b08aac746db2f18f2902c4b2ddfcb2

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtMultimedia\qmldir

MD5 b7d5c74f4485b2550ad065e16252976a
SHA1 af8c4cf1a294e7efa6bffb00bf3a66ed9750f18c
SHA256 2a0f427a8594e31ed6b3fbc1b2242856976a02131cddd8c59b23858dd3d67cf5
SHA512 25581e90656d77023d91e2ec5797b6290e805caec2996ec58be98c618e2284c3657be93f5cc18dfabc6ecf662279a1854be08f888805b217628172ad040c47f7

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtWebChannel\qmldir

MD5 e0e05541afe2a4120f98b955aa43f663
SHA1 8ca6194e64beef2352bd3df18770eb7cc478744a
SHA256 0d728adee8ed1308524a8b3e5234781d8207a15dd6c738b74e62246f9679d21d
SHA512 0333def621780792272b2c9af8ffab76ada8ebbb4733ecdcc6353cbceea94b83b25c861f424b9d5e37d4d63f198da76f58ed6d77196ba29483aaf1dcee786a71

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtWebSockets\qmlwebsocketsplugin.dll

MD5 6162f3f09fc11878e4850c1c0ca57d06
SHA1 c454f1985b65b8ff64ff133c559ed9528c8cbbc1
SHA256 0935f9f612bfd0fc905e86535193663cffeee560a8af83433bd67cd7291eed1f
SHA512 7b5ffa2d36938585565954b564abcabd15ea3dae56495b199f09d51bd92421e2f5da26e5e99e6a79dc24b5ab73a155fedc147a347aa4eec77a0d88114ae74f73

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtWebSockets\qmldir

MD5 b37b47dc81d0ddd5733d3c3df54a0ad4
SHA1 de3b51b3fe652e502ee44061552affcbfe6448c7
SHA256 4ee99fa9bbf2dc0c4526df9f10c54f7833fb503b508e6b2cccbe573b422128d8
SHA512 f3111cffb73bb28dc43afd5cb5ca6ba2ce68620ec363caeb7b86275def0f06236103f2d1753c731166d222918b0fb059b73fd5d6298a1a078b91a5ac038debb9

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtWebEngine\qtwebenginequickplugin.dll

MD5 fcc2017d74e088cbac65104c90474063
SHA1 2b4d32cb48be3cad1f2bef4c6786065f5fd0b733
SHA256 cdd3e9f9c1dc7cdd1f20b0d932064f69081e84aa32f1061322dd84d4136ffec5
SHA512 83a53d4cf8102131e2d400daeebe700da4964d80262848a72070931ed8046f2831f2bf9d37a53917ab36d25a31efc7f96e19a9495735d9985d32dee4a7afbbb0

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtWebEngine\qmldir

MD5 305905ee8126ed39d5f4b5312aa2c99d
SHA1 46a27e297e6fc3846f64d23b6b54512c70ebe1cf
SHA256 9ce4a1ac66b6a7dc6950b0abf7040117c107aecf0432ede1d015d45a8883bbc3
SHA512 2b2c9a56f77f5581ec3758622ae47adf28f790a68da61cb1759af3ba2c6c1906940d2cc9707b2ab4a2b564096dd144eb4eb453a864e36600a7ff8457be13becd

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtWebChannel\webchannelquickplugin.dll

MD5 42d0cc66b8adffd8db1c44d4c5ebc188
SHA1 092487413fe9e4cc7d65b7fa7e7540a4f5761055
SHA256 89e99655ed1de0d8daa34f7fd550509f0e64795ddbe4c866c66715adbdec97e0
SHA512 fdba365a2dbf7dc34bc67313ead8ed406f98412d87cec2f2c95656861c61e606929c15a834a9d8b8e339b11fb8db2deeec617a82bb4991b3f3cae268ac6b0786

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Window\quickwindowplugin.dll

MD5 9703533f14281d6ddb3635ab0fac97f7
SHA1 bc26999f82b97e56aef84fff6b2adacfeccbfb49
SHA256 9aea4a0ab67426a0ca989e62e8a5cd8290cc169fedea5dc6912be3d32144ab0d
SHA512 3a4472f522924f3e9a930438e514d034141732d9c0df76961dfc8ff4d8059ddd89fb89ab85bfabd5ce7493b15d3ecd4ee4b61110be4ce9cc011aac1d7612c938

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Window\qmldir

MD5 94ebe16c3ede17a27d79716cf1b00d3c
SHA1 34f50446b26c05a86018c2fe587d0cecdeb7db29
SHA256 cf518c3574e25f91acaec7ad8831e28c18fccfe15411672ea56809b2eb94077c
SHA512 f19b2326600b902bb124a8c5b07d70ac2e6b6f65a02be9bf7f95b7641e9c44ca3faaf3a409b5e47b4203fcd1fa62eb49ca4f09eee0e95c7806428e58971ade6a

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Templates\qtquicktemplates2plugin.dll

MD5 d804c42ee7783da45affec5016be7546
SHA1 7128d899253257f14829ca2f28fb9b7606f38d15
SHA256 e931944d5eb53bd373d2b4dc9e2562951a44e49c40e177670aea7735f3a3497e
SHA512 0508477329365f2bc49176d358df4c5718eeab85ccdd74a928e2f8df23eb75203115980c6f3b9ae948cc3b9f3cf434b27784933ba36f89f43cee9ea77cec4a02

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Templates\qmldir

MD5 d6238b74f2a445964a7f223b96bc6442
SHA1 a7fbbe96872ca73d293470ff50f4a0a7278c10a7
SHA256 60e185a2a878267d15f2b54f6088e1bcb3c7e66b67ac016b121b9e79b305a9ac
SHA512 5cbe2966e26f6ec1227fc36e3baa363fc9997e5e2322100d8f7dcb0faf520d18c210568a7682b85156d5d73c90465c4934e557de08d82a1ca95989eca1257d2e

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\QtQuick\Shapes\qmlshapesplugin.dll

MD5 cf18f633aff01189246c1a2b257bd8e4
SHA1 e782db1781c57ebcae62b01d594ecc81022e6379
SHA256 6be600ee9189a6c84e35eae24e91534ee5eecfdae33797e15472c6ffc8ef039c
SHA512 78473cc3e4d2cde99759988e47d4387b44a5b34245d59d0b6f2dd9206f96ccf7aa2f06d841c546fcfadf239fe0a6d1cc8d775f74797328bc4bdf2746345b43a5

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\resources\icudtl.dat

MD5 e0f1ad85c0933ecce2e003a2c59ae726
SHA1 a8539fc5a233558edfa264a34f7af6187c3f0d4f
SHA256 f5170aa2b388d23bebf98784dd488a9bcb741470384a6a9a8d7a2638d768defb
SHA512 714ed5ae44dfa4812081b8de42401197c235a4fa05206597f4c7b4170dd37e8360cc75d176399b735c9aec200f5b7d5c81c07b9ab58cbca8dc08861c6814fb28

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\resources\qtwebengine_resources.pak

MD5 f249e5dd0eaf7ffbcc2843fccce85ef2
SHA1 ab7449a0d3fc68daa29f2cce08263fc290c4b046
SHA256 7e9c3c381c6a1bf31b4fc75c68a9c2f30ca34d9999291ada1d3eaf0b79618d4a
SHA512 be88d39e01828788e5a8b8c436cfc73d2863debf7251b92323d2ca3c02a8737d8edf1c70d24b98a9b11388cb3650129ed46e8134ce3b168a8564e37c3c67e215

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\resources\qtwebengine_resources_100p.pak

MD5 698db9c6537b8d9dec4869a11355af2a
SHA1 0d2450a12e0b3405ae30b3c7f5ad233fd6cbbef2
SHA256 c471280e5c2b50d0089c069954c84b121a70a7c50a2865b061e6c5eda329e634
SHA512 deb7faffb6e3c28616e200d10e18707df229a649c9d16e6db8921c3eec7381aeb977e1308dbd07bbf2c2a839b19de25bb6f8a9ba9d094f1243c3aa2d2ebb3f16

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\resources\qtwebengine_resources_200p.pak

MD5 09da93dd890313c6051e3eb31cab562e
SHA1 ca4281451381360393c0abac1029aa4c632b5ce1
SHA256 70418cc40f2078d59972bfd5d182b1169beceec2a828a5b81cf6e77933adf6f4
SHA512 ad00145b99f09ba25ef886ba89e3339c52d09c8080d0d9cf33707f23091e9bc8fde035ba99be291303f727b99cfd798ec3c77644e9ff46c0c6bf64c8d3e91856

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\resources\v8_context_snapshot.bin

MD5 38a09bcf4160f5b345942462b63c1c7e
SHA1 c4de02fecac708d94096d6e3e16cfac3472781e0
SHA256 3202f8ca18e49da8be573afdfe3ada8b98b351f8c5f1ec08ee92e8f00cd8d9b2
SHA512 1dfc511b0b387db1876989d4faa74bdcfde66714af76379bf768f71252874a6743bb803035a137f87c530d120aa180009215e8ce1020dafbc6f531381e891995

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\swresample-4.dll

MD5 7eeba1942a05fe865cf997fc90430093
SHA1 b63c26c162b77f80bff2fad565d07b34c8051310
SHA256 baa987629e36f324a77a8922ddbdea7652a3ae8b5eb55a0f03b475facdda8293
SHA512 e466a02df89336002f2f2cabdc1b9f208c150702c5e1b1679d5012fa791631b99443e25867940e5d60e812c64874a5fb2847716e6712ea6743b6ff8a36cb8ea6

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\tls\qopensslbackend.dll

MD5 2ce461340c36cefe018d18bcfa0bc943
SHA1 f4116728002c0d1e1667af27b359ac0d90fdf356
SHA256 d78806f6c92310172e095240b112bc966c60c7a34eaaf3aac8497ba31e6cd95a
SHA512 ca0822cec7e6f49a2d9f8ba889fe28d5309de4b6f25da585f1fb4d10420a815d2817f3e39cd82207fbe68e755ee98a9700c6053d5950e3442d865fe0eb487893

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\tls\qcertonlybackend.dll

MD5 5240566cd1d97774f03c319606396659
SHA1 7715e321e912f413561e0e3e5f6316ba1ea77525
SHA256 9039e7af3cc64ff8d653b71f8bf9a90549ef5f35de6beed23cab336f4e3102fc
SHA512 4958b92c632253fd18c2816a3dc288285e92a96a265766679881efac284a8c49f9d49ad5596206ec374506e4341a9e10f5d66354fc8120f29375ed0feffcfb2e

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\swscale-7.dll

MD5 60ee6404315f42cfd111ffda6d30a1a4
SHA1 14aafa75e18202af1a4bf23d526d1738f96c4156
SHA256 331c66b7974abbd85639c63e9ebf63c62858d5b1d8a47ba52c7bc10715aeebe0
SHA512 8a4d858ef96a9cbe311bda94492d6759460f93751a79dfae826fb6b63748626134b11e3f30a37e19b6fff1567556d6a3f51d22211885bfad433f8a4451d2abea

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\am.pak

MD5 bc4c700b7c415ad4c92e3bef4ae7c4a8
SHA1 345931d353f78872bd3b516e2252acfd72c534da
SHA256 ee3bcc0a396a18e14e6ac1b4f2310cd6118c7fa9a317e67e273d5e2b8ca01d6d
SHA512 fd0ca4632c6a7c166c226c8f84f3a39448b3e21e7dc1404ba912470eaaafe2c891e435d5b2c3347a7017aa5bf34fb45cb74abaf1bcb8a2a02946681ec49070fc

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\tls\qschannelbackend.dll

MD5 a79fdae77d68c47599a2501224a1bb1a
SHA1 11d3bf27e0e54eab9c8cbba8639e37fd6c2cf647
SHA256 8a25fc4b8d29ee934fac2a26f85f98b82eaa4eb5b0ea924a98bfe597cbe7cd71
SHA512 5c2941da9cbe7973abe90d25b4e5e56a0bf94d67d43c0d5652859f032146461f9db5b0de5580e97abe0de067aa82bf213ae32b98c90ad1ea3cf25d5bef0743b5

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\ca.pak

MD5 dd10c97f6c8153faec769dec63aeed67
SHA1 37fff3ede19be23bc01c4d297372ec2a4f4338bf
SHA256 beec5dbddc73c0d80faa6677298f002c52dad4991deb5f533da8f07cef775be2
SHA512 a387606c54404e2b07db9541d23124a3d8ccdfe6e3f6f27492f5bcaa0fb5be4de59b50b3fb288c5261d02b719e4ec05ec767e53469ae96e6d943a3bf2920f412

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\bn.pak

MD5 e5bfbba7a15e8d989257ab6f4cc65550
SHA1 40726da19598b58271c650311039ab6f7d7f2bb1
SHA256 9d9bd667d75539698c1e1febc4f0d9f37accca2cd0813314fde01df8d130a20a
SHA512 7b26b407d51d27c73e3337e8430ecd5e53f07293edbd3865774f0cd76efd615d4d699bfce6c05ab3d44ecab6fae13c80359f2ea94a08ffc1d822d10033b82ca3

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\bg.pak

MD5 fcae54e530f1c0b4cab64328c89e4128
SHA1 bc54613a70daac0cb08dc938ba830a3332bf5656
SHA256 bb6107701d4184539f914a33634ae0300d0a9e2deae979b88a3ece53605c5179
SHA512 00b32d37822a1bb74a8e7fa22157b5034655c4be523df9060961bc81637b554fa78b3033b51253c2be9312e0caf3a0e30d8794d3593e038b24f8adac87f64322

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\ar.pak

MD5 3368204e7ff3e30e61651b6872f7a6b7
SHA1 ef64940a8b0d955e4f2c441a967166fa55064137
SHA256 65266af2212453cc9cab96296a516070375924119ec55754f41c8053af3d8048
SHA512 2d0b4948e191a22837ef2dce2db59ccc12aa111ec378de6efa7281e875e98c9c160adb94b4b373e16744b65aad5c85eb1fef0fc7a12d2cb49ddcabdc95dc6d9d

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\cs.pak

MD5 2fa44a92c2e2304f8180f703e2363d2c
SHA1 73ffa3b6999acba487a76b77e26d52d10a4ff69b
SHA256 6e6e158da321c3914399aabad1bb68f43d907e21c5568c182ac12539ed308672
SHA512 3377284037652bcd9a7cd1b9397e0c7acf084c42c7ef5170cdd92c8e1eb2005b6cdd818abe6b9f24c1cea2c10531c1571c351f331da42d68320267197b1d21d1

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\da.pak

MD5 18300a43e13aa570e0ddad7205e4c528
SHA1 3a13f35888d22437055347ec0fd8b2e67cfbef28
SHA256 dcf563b44cf1bce09dfb017a8e51da2e5653e834e312e7d9c3a868c4b90b5a7e
SHA512 a1c4d8333461c723bf6ec51622759f9a7f3a89ffe03f63b3223d296ff99ed926d2836c819b5ac4da2cd33eddb8adcabcd15a18d5c9bf41d399da17c9bc65702d

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\de.pak

MD5 ef63e015c168179a884821c9db90bfe4
SHA1 2dcab43076d76cd723e6d01e99fc6ac30271eb99
SHA256 4fd6c23374b3bb860a705ab343bea2905cda824953cf2729f2da7c86ef314f99
SHA512 de21ce56b1f47fb42b671167265b8d493f6d0d27cde4bd97e1fe6d86f26ca07208a864b47b0d1ec7a3b2163447791c986e71fda255b1702f2f0f6bc7f50235f8

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\el.pak

MD5 800026f5d9237f49835886db2c53b295
SHA1 8a957b90218585fefb8c11a7d7fbc1e0dab02cc1
SHA256 b5e5c07f0a8837eee32bdb0954c1bfd5ea48e069a7fb50a97610457bb2d96de8
SHA512 c75df40d4e5be9c56fc3c5d1b6a0c2accf08ff714c62091165ff892655fc8dcfa28f3ce5129adc004b270c04fa3f63188f40320f1f235e90cbc720651b730e3d

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\en-GB.pak

MD5 1d94e3d6893a9f8e54962482186ede36
SHA1 357a64334864a48d72b7d3ac8969c28fab065505
SHA256 525d94f828b967070b72e6043e0b9d1c55364b382be1f040b010b90a41b6a815
SHA512 3be8fc06e379df5d6389547a2d3ca122f367d8092c00e87089b23fffec60e6a4a8b1edc281bd96fbbaf3ff02b77548259d44edc93d7e5af46b0b32ce78f2efd1

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\en-US.pak

MD5 f70ea9666c4b2d503da8e0237c46eca8
SHA1 f150561cbdfefb7327b9824fa3a291c792a44d26
SHA256 2ba506930a8da5c3389d0616ada76630dd7f41d5cb8ee850f2406028f015d3db
SHA512 e8e4b03c6b1e5b7c6ae082e372f903bc78f61fac0c2308e7c716b02ff2f8275eace5f541d7ada90b9fc6d33ede29008fdb3e6994fdcbc736a705244d360eab98

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\es-419.pak

MD5 41a4b6343b952185a4fada57ee9fcbc9
SHA1 e2475227c6f62da6f8a1467b2035f89d9741a132
SHA256 803dd9d993d27ee7ada530046f6933dc5eaf35af1e43cb678b1f82e41375c5a2
SHA512 66824110cff65417d12a46ca3d6c42030038dcf1032aa6dc6062323513eb781778851849f84f37dc0225f951be29bc94534a33f74647910bd4ecabe3edfc44c7

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\es.pak

MD5 7d3755aa3480aa469e6172b451ebd0d4
SHA1 f91b913cd06aac123678ccdaadcbb4f0cca4a5da
SHA256 97ed628a013d27736ab03547e5e68e25392e6b47d5b531d4fa8abbf1544a65c6
SHA512 8613d17f6234ab5cc96cbf870e63a6622994b10ab4d135255131ee57b1757b1abdcf26678b978faf49175db183300cbb09613eabac82c6691179479c1bf1bf4d

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\et.pak

MD5 03aab03a3d067c79b8ad078af1aff9f6
SHA1 c5e402fa5b148f09895bfdce750033fe8e5c3e35
SHA256 7b301a55543e15c5255db083b7156a5cbb1bd7669c863376651e7c536a0d3c03
SHA512 3fbbf675a1b26e92625f30a245b92c80ab5cccbe3559e4d79bb81b6bde33f796e82e128bbfebfd29b324cb6a0718edaf4fc53be28648366288375fe615079538

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\fa.pak

MD5 4003031412d00fd89eb2700e6be45b66
SHA1 e903cacbbcaeecf37773f1491db4be0c727462f9
SHA256 9915278c25a19420b400f28859c504e3f82fc8d44046d769e586d6b97deb44c0
SHA512 8e72aaa570652d3f95ec5b963a5fb534826c3b32b0ef88627bd099934ec849516bffa43e3e3cd074eefb53f63ae9c1a9fbc9df533da82f62dd099dea63cd10fa

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\fil.pak

MD5 3a9fe4cb75cbf95a747e4a98e9a5134b
SHA1 1a39f169d11ee06ef63c028a7708af81926d7918
SHA256 af5917413713e97363a62aef1909cf7a800f031ca68bbf211cb243032a68b461
SHA512 bd2da49b2b6425708206aa4607a1c40c4da68847becf59ed9092ccf16a79f967c58428d2bf7b198bec0441358ef05141a56549572e206355a3bec7ddc088038a

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\gu.pak

MD5 e3074b687e6a6deb35bf1400caffb425
SHA1 5e524e883b510a67e05b1ceb082f3661b5890341
SHA256 b558039d718858f3a15ceaf9c2ba5a89282bc5f6f15ede43a1e552fa458114ff
SHA512 489d922276ee9e7f42ca0d003caefd97e62abdb712d678d1cb8e8c756be707a1d07ce080201c6957b529c2b7a9eba26e7d0a5ffe7251051721ba1e44160f8fb0

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\fr.pak

MD5 c63cb62bf919064b0b6326a0e598da50
SHA1 b3b09ede4892391fcfe51288e55d9503b8848aa6
SHA256 5b88cebd089e9bca4978cb9df076ed06f97fd5f6d496f6a47ef6d42441726566
SHA512 dd51706d7150367303dba7c99029d5468ecd1d57abdb28c1688b5937700547e14d707440b12f2040b4120cbd0f4c4dec67e99f175761b58c9f14581aa0e0923c

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\fi.pak

MD5 1fe6aff5d58a2e9078125a3eba51310d
SHA1 bcd0b0afa94a51281558abe598ecd6916def3600
SHA256 55fcad7f30965e07a749a79d4e304cb8aff79afc367c6870738b8dbe78ae3ced
SHA512 f6dcaa2890347f05096de8f70e0c657b6c4c8bb1e428f3ed4d31c942f214949745afd5216c44a7f5cfa875825dd41c683f1156583646eeb1efab570ea3ae1dfa

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\he.pak

MD5 3d3d2134b30ef1d443e07250229e2678
SHA1 fba103c120d78c07f3000ac7709d3681688809a1
SHA256 4dad9b698b48ad90553bc3c82ce8faca6e4f8264ec6ac5b9e1bf2cd20f2ecce6
SHA512 c806b7f37d87957904c5f0097fa4951874a115f06392857a482ae50af6b19178acf478296a8859d031a71493960e7b807b6a772fac04bf56f88200d93073872a

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\hi.pak

MD5 248182b1fe577681f70dda64b046e120
SHA1 3c3f2726be0921121486f5dee10886b74cb37556
SHA256 eef6fc72fe85670200ca23656e69804d9d02d9ef3d0c1ccf7d129d71474ef400
SHA512 86365716669d960fb67e96e0ab903e1412a7c5387349b49cdbf8d0ebcaf118c0d99c93df0f166089f32aae2d0b5f2c2e34734506f6558c9a8819729abf7f55e8

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\hu.pak

MD5 10f85e5fede463e2486ed890a561bed5
SHA1 bd0113b5573d79119fbb15d053da17fdfb4e2d50
SHA256 2e6795aac09546926d93180082a3e4ef64b08a18ac513d79493ea8fa168e9cc4
SHA512 cac4858b1ba904d893250028afc8a10bd9ffa99c7301efa0448e316585a2a817db1936edfd325c1d6dbca5fa21af0f0a8f4b8ec0c6506df035d8d582688eaf08

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\it.pak

MD5 84030ab6437d9279b2e93a4e83ab5d56
SHA1 7cde75bf29eeeb84c6226983130e7fad0442f777
SHA256 6f1cd9d09ec1be6033bcb0c2efba08a961214f1d6d7a9844b88e7d612e7a1860
SHA512 86aefece3ac2862144f997ab3e69b9aed98be5ba5e9941baa02600ef63ca7ab9099b6e083f3263d077e4cc014df308ee8231c0268c06ed846f6c59f6f2e6460c

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\ja.pak

MD5 286a4d7ee7e011a524e8f4c70592d1ff
SHA1 f62452ecbbc5633bca65c6485dbfe9467333c290
SHA256 87831c3227dad088afaf94a2dd03dc66fe14aee7c2e031c7b7798ff4b11b30d7
SHA512 86bc78f53175372dba41be8ac4867f45e2d962eb3dab5798d9a71a22e450f6876d335fe347d07a86621d1560aa0538aa3c2180452f72076983d57d9db48d4c1c

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\kn.pak

MD5 3638bfec55b3e6146eaacff7edac9976
SHA1 0aac7b431980d1df51170c2ab5e5e960604364df
SHA256 77b514e529b8aba4da86653bbfae0fdf3fc4eee0d84caf40530a23bfa58d790f
SHA512 477410a6ab9db7b74e82e5de5101fcdc13a42fa8c9a9437419fbebe66cadb9b57d61930a3938b53135d90527419f30bcb5381997cfddc2cc51f65b121b5d5482

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\id.pak

MD5 e1038c2d0ea1eebfd9e25dae192a868d
SHA1 6be7fe8751880e14ed8322f7d29794a8cdbc7467
SHA256 3134fa4e6e3745d206aaff3d8b4fbc289ca29b687ef1d8f16ff22012efb3dfef
SHA512 5dba90a2850b2851314620be62cff5d593a048338cd984731eb4d6e5e77d806296c6e1746b5a7c08be19beca1695ff418d5cc9e1b84fcf5dfbce5e7953a6bdd4

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\hr.pak

MD5 b556be50b983d7d62a8f44dcb24efea5
SHA1 6c6840dfdf83a69dde3536e8236358c32b6a8535
SHA256 155a03a996003ae7cf7ba22894b0fa479f0fc6a04578baf6a888ff1b2e8473fd
SHA512 4dbe58000c5fe799be609597078535f321e62210dbfb6ec6e9613dfd569e04b16dc305e5a827c6706acafd250fe5c00eae2f24e9784ec304ff5d0446c194f847

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\ko.pak

MD5 bd258202d84cb6cd398c38eb444d7c13
SHA1 4b03cd62fd99f107dbac2f600130ab070cdd7e64
SHA256 d1e47481b8775c11c7b4b42fd73c7fca614e16950581e892ea739def6cc9dcbb
SHA512 0a0ea62530b9e8486b8d081057174b0bb6211f5ca4e23f1db4ff7316d252f4c1ab09803c33368b1c068045341d35977b1fd8d6b18efd068928b170d7adfe34c1

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\lt.pak

MD5 82c786051cc71dac807c37fca436a91e
SHA1 7c663b0225b90bfb1dac4cc10f950349c0281b89
SHA256 0050421881174da761b3177082de0862eeb1f20165169eb057ee74fcbdf95eee
SHA512 dc8887aeeb5d2f88f5ff01a2b417c7f8d471ec386adeb848f4af2af32c97152eb9bb50f7c78ee9cc216cf64821f761c2a25367e96eb2064e4ce2d00021c7fa4c

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\mr.pak

MD5 69217e4bad9444e0b36b9dec6d13587a
SHA1 21d7c31c656add29346bf61cc5f01b99cac4c24a
SHA256 ec720a494da509c7f6d6581bf83a7194d20a4da8fd260c4cd5590399506fe89a
SHA512 7821f7291cd3fc1fcdd5a92cd189c5238fe2bd0806f58c2e6786b253d4f67924bfa63542511a40d88edc29418fc70db64206edbcaddd5bee0c0978200397123e

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\ml.pak

MD5 3f2d7238334e87c1dd28508ae42ce499
SHA1 f368408c86e61a2fd972876f659247dc4f1a2090
SHA256 c182a95c3b75b2bc5795bba0af6badcb2588ba2d84cd68925e75cf5ffc0168da
SHA512 5f0ac10d7fa2e6fdb0d9f8fded6f055febb1a3926013e28db108f8f8a8ab8c24216329f1d4b0e8bfea6da9220294cccdddfab810e60253455e99d52ae26bfd44

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\lv.pak

MD5 84509c858c9da5347db91821960af8e8
SHA1 2e4edff02a0e429a9f4a633cbe3877e5ad7bb38f
SHA256 624c7917250b498c2e643421212989b7dfaec944d06a5a0954568f8e9e90b0b2
SHA512 9aecf65282432c8b7bdb327f373b715a48438fd1730bec5d2e27270810b5ec880b98d13e8f4a0586a420a42b700feed50abd844fa7e3d655bf9f723bebeb8365

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\ms.pak

MD5 7321194b6267c9cdd0bda30e4203b859
SHA1 86a4f9299ed0ddcf70b44aa65427a752af2dae35
SHA256 47f77f32d6f18d95c15c0e4c04df8ba1a05784c8c671360aaf2db487520ddcf8
SHA512 6a831e9afd3d50c698b1e6ddd18f6ec95bd07bb8d3f4d6cfa9a19b65371a430c5c63adb5276f44d3e9a7c2b4e1502f239ee793ee5035f60f57988685a918c110

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\nb.pak

MD5 bd58803d4cd991cc7b562da68428867b
SHA1 fe36b791388d2a1137ab2377b72272fc8dacec82
SHA256 43fbabc2a7b4ab2dddd00fb511aafa241a9905af40409b7c3f54210b6152302f
SHA512 6f546f39fd47f81e73bc1de8e105882c91b56d32d6517ac115401f173c4c7202d8db9de72bd131526ab54feb3aa3745d8550c2f993dac211b14ee99d71d4801f

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\nl.pak

MD5 a17f9d1ecc10a7da391a2fa71220e123
SHA1 025d8fc0ee1eba270973fa2ad2f10701bbd708b9
SHA256 bf1b04e7fd896333e4e2ffbc411563d5de30e4c241e3f7e0c60548af1310bc1a
SHA512 47079ecc377e85e907ee779a332fe6dd8e66beb39c94dc0643a8b5baa400b97285b42d727ee32efe88fae26ff59e18671974766e9ed9b744bb7df11a3c5e74b9

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\pt-PT.pak

MD5 c21418f325ad1b9d86b7957b41ecbeef
SHA1 27fef99b33f81f53cbb63c326aa386957db177a8
SHA256 98e2b6e8c3e67da3a2069040330461f0a4b6feb05c6d3981d07b748ac191182e
SHA512 55c340510d92b938d2c696ed5c73ee3d54e9d931cc97ac2f425a83e4a25b2ebf48aadd8a06fd24902365da3ca2376f36c5339d8fd4c099aa3da8cd150a8328fb

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\ru.pak

MD5 7cde65967d57746972a785d73223a7f0
SHA1 16bddf07f603fa4281335a9f6c60e543aeefc0de
SHA256 2d4583e3bbe119224a4dbd80ece065a978890d294d0bc1f3948a10c33ea7f06d
SHA512 c4e9a364bb1b36685d03ee7e5f1e847d99fb875151023c7ab2da446ad5d91bb73fe84622cb46da3b544854cda755912262260b445667da1d018f597f52653bf6

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\sk.pak

MD5 097248216acaad35198b979dd2bee4fb
SHA1 d8d51024575138afa55217960a623469a7e65cb4
SHA256 c7609346fc5d8cf34d3f6e6b5fe4366f6eac06731e14e6453b7820f02c21b635
SHA512 777aac33755b874e853f5f2189babd99d0d9408d182e4094f27af26f4d451d8ac3e6efa6892307f90c51df7008394f713d68efd76ef1963b8593c201031b8846

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\ro.pak

MD5 3f570679307286594588bcad66a13f8c
SHA1 dd3d0a1d51ed81e8620b9625ea5d43ad513d58e4
SHA256 f916fe52080eaccab979a8b527596e7196acde3aa90b1f836801d9f7b90df1fd
SHA512 11eac14c5a26810ecfe9130ddf96732dd567f222499ca4c7a5cc363ba4e29683569e9abf37f4fe695553fece3dd9a97c57a84376340f33ac7b463c03f14a3fa8

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\pt-BR.pak

MD5 fc5c376e32878058c7fb3dd691de3338
SHA1 4791055d548d678c76fdbdd50c412273cf935630
SHA256 e2a95144584d124e754f20c743ea91ed31f96d375bd24df8b0df3c411c6e08b9
SHA512 ebd545258e4c4d1448bed9a94c5e0527df06527717b0f19edf83866673705859dcf13c53af8e5151bf50da024128da28f1d697a51ae4fc4293c9d9e55dae3004

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\pl.pak

MD5 1e6a60b03abd6dc4f8c869dbc774b680
SHA1 f3d02e9d34dd05bec55fb69846342282b32ab405
SHA256 cc4775d2d1a1751cd6ee4de5adc7d4a13b079e7b132898595cb2865e0a57c823
SHA512 54c2d9eabc73ca873314336df35e5c38302dcc78da5194b097cf16c0bcf3b64ef4a9bf7230ea7367b23fa9785d1a2b94bbccdaf0f38eb45b3b4226f32be5a2eb

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\sr.pak

MD5 ff5e1f8f679fcf45ace4b095d23841d0
SHA1 dcb7cc4c3afe6a4c9baee3cf7e2c900f530ce3cc
SHA256 b8d0bb2ef02f21acd435e4e969bce77b7b3410263763d2ed76a2fa73120e5e1a
SHA512 fd4940cc1e3106eb73b35ce13a63556e5eae05fe03139dad255472d25d37a223f25fac85e5e45b468383edcb174e3d8bd342574b0a55ddd27bb530a1ca614a2d

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\sl.pak

MD5 790d7c9113c73b8a0274a1b5a43fd7cb
SHA1 e1ed463fbd33e0731bd0c27acbe6a72841643e23
SHA256 d56f8cc78078bc7904203c078425d7e5ca943509e6ccc87947eb866671e5be7a
SHA512 177903a73763eca159cddd45a7b24b01f8a8867d4edc2befcdfbffc69af8191f6f476b8d6ebe0b0ff330343f005478fd375bb083288635c1849bee01ec12edb9

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\sv.pak

MD5 bcaa22655669b60765b38521b21da875
SHA1 f34e37dfdb5521ebc332a52baeab8c568722ffc0
SHA256 9ba97cf45ed07f4b8b3304c55bade120fd01f6ef0c2d7685765151c40b2b3acb
SHA512 9e8d7d7d58ee7ef352d850ec14e22f5017c0059c66d7ae7ac7b3ae26a0c5cb7a11b90318e5cf189e2732928f658868fd5e13596369513ae45926e9dc1c0e8ae0

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\sw.pak

MD5 a76199fc5387610c34c10fe432de8ae6
SHA1 78beef278932682c53755d2ef2ec7bb702920fa5
SHA256 8e37295c46adc0afe92ca7f4a1a2ed52a97e14423d11eb05e8a14b543493195b
SHA512 68990913627bbe34292b65074f24f399c0172282cb6b55a631b2aac1c2b12109135192f8eec22be5e533ebb25a590a69d91caa4c8bf304a2c26e512515610eb2

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\ta.pak

MD5 984e4341b5b8077e4d0c76fdfd14785f
SHA1 2c41c6f0844c8e321120b8bd5808594ca686c03a
SHA256 3683217dba2149b98f418cbe50920561c6dc7d702a85dda98efe8981da669585
SHA512 29823eb9c37d7c26324536a50fc80ee985995be8f0e59b57794c965f3b06b3e8d1fef6253b9afb4c7b8ad89386ebdeceff5920288b8ff7d5a59e626e4c9ea889

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\te.pak

MD5 ca628239fb9568e6badcdb848bf764de
SHA1 c2d6324d2605a9e6186cc7e8dd7e341bd08010eb
SHA256 294f64705018a555ef7d76f82dfd783fd81d2bcd99d521841be0f2d887e4d3b9
SHA512 859d07b604081925f3277d49586af78299313ddda6abe280dcf3f7be4d10a1ac65ab23db61d9babb35850fa48ef27b9aec942b049701cb251bd7c0149dc655f9

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\th.pak

MD5 3c92d82202b5169d4de9dcee45708772
SHA1 4a7025840bcb20955c655528d23d41c155ba8fc3
SHA256 719d26daf93fb83bd66e97984cc907a55210e0cb0af3a226bec535451d38fdb7
SHA512 94c832de7b33e69ca8606d79ebc6a0b0b37bc61ea5e5be223bd639b9295300a9b1ba2b75860949fa7d452122bdc81f402bb8091035e79d5b2761566432ddeef7

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\tr.pak

MD5 0b215cb173e45ca6b3c5b117380249c3
SHA1 54713fc7a589a39fa51b0b724e3b79f6af82846c
SHA256 c85fc7d5f699150c5643702e694ba82f94f0e630730441223a214a9d9437242d
SHA512 7a62fdc6e19613192d4d80f7e59aacd8250181f92766603eb92320a1b9391781a7ed4f058094ef5b91aa42cb92a802b37bbcce95ffd67f654d9ff690a513a497

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\uk.pak

MD5 42f48e833a462cacf030bb0a0e9f9439
SHA1 31f08d6fec67b2c296ebf2dd2193fb8d4ecaf7f4
SHA256 dee2afb40fa3b7c6788b6d8e3a775953b9b0589a131841ad9b520f580cf92881
SHA512 e24ece15476c9fd77aa84c7139823bce7216fe06e7f8040db94cf46220cbe431dfd634696165950621961bdd045c0365287693b807f54bdfe5f28d56b6365f64

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\vi.pak

MD5 844b68e44ccbaac773f36d442e59a339
SHA1 915354dc412fd0d2a60f99520462720e7796b6c6
SHA256 8b98769b3b97df10ebed4f25a0b115f2e0b059e9adedebb96c444a71e2eadf17
SHA512 2107bf5ee8317c7c7e9b279255df376e53eeba56185071168a8246bfc50aa738329b2886711164eacd877c7f0bc0fda7137f766be03e7fd5d3fc3e93f7df60bf

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\zh-CN.pak

MD5 917ab791cb4d24be5f369956cd059e21
SHA1 433a3aeaa06d6066ed55718564f5980e8c6d3ce8
SHA256 331e9240251d1191c599b09230d7ca9f8b11e51e5d94ff8bd63108512c0ddc58
SHA512 969f4662eaec6e3788fcc5823446135657b6816cd2419d8a3839acb07bee629d3c9ef69b2bef48856e16975fe31b7ee5d0d390ce4fd121a700d096348500b2fc

C:\Users\Admin\AppData\Local\Temp\7zS89631FBD\translations\qtwebengine_locales\zh-TW.pak

MD5 ba9709f6d6363aa06a4838ac8344e262
SHA1 3544dd9c7ec8720c3d135b5df32e71f4b1c88983
SHA256 b81e24415243f7470f714379363157f2bd7b2d22e203ec5966878ed4b68140d3
SHA512 9ceb5e9340a3a38507419972754563823f0b3f808b39e17d78d8a18a171231100ed2bc0c677a75da16237219071996702dd7fb8a6a6dec098e69bdad0b3dbf40

C:\Program Files\BlueStacks_nxt\Assets\installer_bg.png

MD5 08d091faf58df0ea8218d7e08140bbeb
SHA1 38ebf2763bd2082635a5971c4302021ecaddc0d1
SHA256 7e5f6998d34d56aeca87f676c12a42c6c4362ae16a753dc567aae00e253b0817
SHA512 5cfede2ea2ade7bbc4b63475af5eb52f78af567fa7096a2ead396056271b8745df4dc6e11e4328151ce59ab74c6c48fd49cd13e30f7f4b86c566757e310fd5e8

C:\ProgramData\BlueStacks_nxt\Client\Assets\menu_help.png

MD5 2e82bd45c7a8b2e216c27a24d42f12a8
SHA1 8ff552358b2d77090a54dad0c12c2757af2ec433
SHA256 e55ef002466578307998045edd5e10577161efd1cf8f1a71768a8046f4c2ee0d
SHA512 d8f44a110bc31d5834b337553baa599c9a127d7335aeddd7e139ba5c7851db006d36ef74d841f10f7fe69e25edffd89a6faea9d3c72eba27bbbade843af440f7

C:\ProgramData\BlueStacks_nxt\Client\Assets\minimize_progress.png

MD5 90d5c0e2977d65b21b430f486114521e
SHA1 cfb48cef2634d4be33210ba54e5b7c5c197530e4
SHA256 aa538477ded33f33e33cb9a21241dacaceaa0c3e5ad8eb1b6830a448262bc998
SHA512 9a3f6690a638a69232335b746a4512ed1c623baa984d87cf4127663c4f85e818a4220564c63b764570e2ade8302989482580af7d9032052335d44b9c98d2d37b

C:\ProgramData\BlueStacks_nxt\Engine\Manager\BstkGlobal.xml.in

MD5 8c11ed64e4cb4e992c891a1685f5e0bd
SHA1 1b125f8aa3f77ab5e23bcf18ff7fd9efa5232bc5
SHA256 4c64d4ad8897d3198cc69c27e54c9ad24aafd70ee2818a4eb3a970f24b7cd535
SHA512 c2eee227704f0940bd46db419e42f15ce0dff3b006753c94005ac4c063fe2a2f0f24833a6674e9bbe570adcb425277a78bbbf398d600017e05357f33661d7c7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 04eabe537593e0b3c2895ab4b0a290cb
SHA1 76cf191fb9fac0a854a17aca4839424355589b36
SHA256 c40e5e234f5e3b87477fedab57daf7bd63b9b845fe88814f956497f9171df299
SHA512 0a978ef0fe3574c406369185da8d75ae82f0437275fbfcb50a70feae36b9256ea6720db08e99ea9b0dac624137d2a98fa1e4e393a21e25a3f9aef3952012a86e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 da4ccb7781ce64073357ae9689f7c4b6
SHA1 3a0402363785330a7c84c93a9c438440a4f7c1cf
SHA256 0198429d8d7a3f44d0060d5ed145abe091b34c76ece75e88e6db3a4938f53380
SHA512 a43e9c400a13252d784e3acca354f279a34344821f247c0f132403e7efd69931e159891d76032fb5eec1e04b506807db0a716a916fd3d45a820022831f2d5ea7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73a3628fe4249428837fdc41553c8275
SHA1 a7c4b06ebdd516467004b77cfc7bbcb5d6cb8321
SHA256 edff46c916e9f7755d82c875d407ee8b7e05cde14e6ec0520e0f971ae22e3d3b
SHA512 8fdef91e3a9bced525e45a84facdd66321711de9d84073b05a2220fadc5c1b2b6ff3f9ab44acb9b2772040f5589147c0157ac76a1f9688a546a00f341b01c87e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9c27892101f29e390a8c835981527157
SHA1 34dfcde286b288f22228e67d8f7f9a07252b46a2
SHA256 20168f9c6c65b577fe9eda6e06e3db75e6bdb7beb46e9cb3c80a8618620a292b
SHA512 a0a751d8fefac39ac135b81110a5657b0c3f2420afc55a1c310557771840746448c9ff3dd29852fd3c3f118db2e7458df7371a61525f12fcd390232956f4000b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3564b2de83ef8b1288ac8a9c0306ba65
SHA1 e3e775df70c26775477a946d54b5f6e12b440616
SHA256 4b1aa518b093b6dcf400436df61cfb47981533d7dfcd7d02bc50c71760296a5e
SHA512 1f4f753995918ed2e9c5a1f04f3146175b4c4d5e45bc34a50f47e2f6b1c3a3354ae0de607f3aa696e08ad707e2e9590c699073e41656575f9b6fc7e79afa9aae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6a04eaf76f06a8f90302e870d6eab0b4
SHA1 c42a9b4a5b21fe47ae27b866b3721e63beeb8540
SHA256 5553bd689e6ad495fbb1157b2775fb59ac71e0f61ca5fd0ea28c9fa6e56162f9
SHA512 b49812718f71a9d5deb69d59de207926ce7d4ff5301a49408438ba117ea46114d5698f1e7ecaf965662867ceeead0c4f4abf62ddfc03e0bf19f3570a94721d0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b9569e123772ae290f9bac07e0d31748
SHA1 5806ed9b301d4178a959b26d7b7ccf2c0abc6741
SHA256 20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b
SHA512 cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 795daaf6e52d58b9a70a3a95a1430518
SHA1 619b32bbee9065f39fb7b5bf5054b4c1f8e14709
SHA256 82b9c979cd0ee1e5829a92660d545f5ce4ace895f32164be83879c23564f6474
SHA512 a59aeb3aba80cef3205a6db542c95d1f3be0002fb9b98df99b4d36b74ff19ec5b47407629a7116638f4b217c971644d2d1b865a241af2d7476d6ca1544d880ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 277a4a332f0799dfd1e4ccb82f8d51ea
SHA1 4516db5f1833e4b5cd67544c2d003e8b84607471
SHA256 b75e06c620bbbc6c173ba5d263df243228d0c8bee129ddbe4487e0939229ef97
SHA512 f7633e0d686436010eac5f6e9914071292660f7211528d138665e8245cfe38bee5ea675fbf7676e276c570a01793023103d37c7db9a3caab4474e084ff301f5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d357bd4e97728432c5da7c7f0e91909e
SHA1 9bb36b742e02a111fcaf9469ac930ed916880c89
SHA256 75ad01d6b077f3e65cfac340130738c0a068b75d109cd54a603329a12135e2da
SHA512 067c837ae81d5b7b33fa69513a02e498044e4743421fe70890894e61290e48779d4da09ae0b3de207dc6a80973bb9521c30d779055000022d800d0ac5d3d76ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5fc421c5-7fb4-46ea-96aa-5ef1c1337fe5.tmp

MD5 23a229a7d384b806f3191782f7e78aad
SHA1 3c372e29266cc7eac3557c1838481c54f0a8ec00
SHA256 d84b06da75e0baaeda51484ccc6e0d30bf546184d0e288e0783f3626bbad1866
SHA512 5cd6169777d1be8a3e4d780906d039af4d48b5f5dcae9fe936042ec25c24d9000771c8c2596dbf0202009e42e905c4a44548fa0327ebe9fdc447e2a8bcae959c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9068fb7408b0425f225c4eba1f47bdfd
SHA1 ce7310bf47a285d386b86094b5429fffc5ed625e
SHA256 d85888a41263ac349896c11c29ebee1f675e6841b77658a3aa4e36f719749920
SHA512 dc76ba506f78ccc3803ed57d06610e1d94967bf141805ea14e45169c972a07d77b8ea7934a9e78820147b8cf74df7a380e1c475d58ef701cfbc4f9132244fa07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b9deefcfe6fc848b5ad4d8135cd0613
SHA1 56fe63a852f7e2dd8610a2c8821261aff583ead9
SHA256 18e357fa2333353b150338f5aed49b5cb8134b6f2232df2da7395208abe197c4
SHA512 bed4a1ae04e8ca87514e37f4e780f4cbf638434ea54c06c5bbff3d5462d4c3bd969e49bae75e953bfad76267d81f31b33d80121298912f3e1f945d57b331df0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a0a29e9531894b3994d9832d129e7200
SHA1 e2b49cb0d350b0dc97d003202ba139fbf602ae2c
SHA256 ded8e5c971d93947abef462297a8d01c0dd8e0d7075783edfb9e91f626691a55
SHA512 da3f43df5f4c4bd54851e0ce91dd38316f9d07c54b01b80a1a841e0fabb1b9e93399e03d9298ee3c2379cc05db8868ed50b70fd2aa2f8b2151506214700faa44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

MD5 a7a2f6dbe4e14a9267f786d0d5e06097
SHA1 5513aebb0bda58551acacbfc338d903316851a7b
SHA256 dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc
SHA512 aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe608503.TMP

MD5 348e3f938c2a171cadf102a31e8c2ed3
SHA1 1b2b8be51a0cffb28218f73a93e1da6d06fe152a
SHA256 5bde5e95a3bdeb08dc4a9946a75aa3fced352c349918308d10f72bc1f48d08ec
SHA512 f4b96afa9ed78260f446705b470b0cceafed44c1de04804ab1d403aba7c3e9f2e3f08ea1f9b0b3a389dbdfda43cea3ce10ebe8449ec86741b76fcb4c486f0ea6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f35aaee47392ffb02de1c529d60686b
SHA1 fd80243fb8262322293630895a2f11454ed4476a
SHA256 5b53570fb03840b7a260d87c8ae71f3959db18f899e35e50a13217cc8318cf33
SHA512 6e534592aa700e343b5f9947898f785a6c3f042d76f84fe25e2aa4887d358e1f492811e7fe1603f006ecc42a6df6bcba15e8ee9a9c2ee31284ee67254f417637

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9aee50e3762715eb8b6fd29916a93f08
SHA1 d7bc2de2360237f768ee4d13d3b7bc51d24c0da6
SHA256 f9b9e24e1e39f1f16096222bf5e72d49f37c3e6f15edc30edfcd02a8cd1f0ab7
SHA512 d86b6f242fa205b71a22b922351d0f86966cc8d4ec00b8d101e33a312a729cfddfb0312c5cbbeb975156f9df718759ad7020961f365f03d3e95dda6b31e61e66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4fbf163792d5f43bebcad6c1b7477bde
SHA1 8333e211531c425f4f93fe029e054329aa11bc15
SHA256 a29d67428dfa5f1ef9878e8558681c2c1dad1eaf5ee0a1dfbcc428833b415d98
SHA512 76f9ac47c1024ed52c8396e414b7bdcc721687480f57185c0f21bb86500300db75135a2dcd66b42b6969ec2673ba085d60fe121e6d8766eca426407a5f740d9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 1a0fbcbbf3181ffb739b70d15464ee4e
SHA1 6ef477d66bbed35eb2d02cc3b9c66a155c39d6ab
SHA256 8de893f0b6277dadf76bebe3ddd3f730b34cd7e27d1019412fb720383a7ea18e
SHA512 3adf38c393940fb9d99e769743d375d77f6975590ddca296ba64176bd5b5f26c65d6e9eea5a8282aac9335903ceda8c756315149e27804cf9ce94973c806aba2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041

MD5 f02245619034040f86d3db43dbabf5f2
SHA1 5538fc105d320078f2f74e034734b151ffd11024
SHA256 00ad209a127e766522c0e268a0c3763e60774bd5c2393b477e0f2dd97011cf76
SHA512 a8ed9c91fd1ddc4b9b68749f1d37b08dea266904433a9159c72fe27735303ed6ea045116512c00ff5b24ba432231c8df79ab0439c0309bd7d042d2d3db0db4a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 70d9771cd080f2700721a3a1e45543d8
SHA1 514a4a4cd852fa381151c9db957bb81dd2e0621f
SHA256 11a6576371663cdc16935872e480fe01ba3173cbeefc92ce028810eb95e0c221
SHA512 a2b6d7213f938ff3bd8907baaa80b9496e00801d174261a5efc61d9ca2c861280a6f89c46118be84b9d1e140a35cefa185faf8076ed5c5cdd77fdd7825633dc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 d3ff6fe7b0ce765a76e96c21ea5d463d
SHA1 5a084c521940f85742bb5c5932f08b5b25be5469
SHA256 c5670d5998345c32a32282fe2fad002765dd68ed870e6e87c03b66186ab59cdd
SHA512 88dafc2da2fdffa7ba1c95099fb4b11d2994d5f4018aa89a7be20695ea05b45bf6a790274c645dff6877c1fe860990849605b42a3698115222546fd2ef2773d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 dea50285371cbbe2e3fafc8342c08c04
SHA1 9da74e0510da77437e28a119f535386905fc47ed
SHA256 2ec3468e71fbde77b13f029931179923da5e0d23e059fa6bc22d7892c82753e6
SHA512 875f03fd0a7e1f54b3cf7190edde55aba63617102c7ce1257c7fc5c59883f9b7522a9773f656fed19a1a81a9459645ac5d9ae939735f87929138833c8135576d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 c113442c3b3f84198d823f1daca90659
SHA1 76db82a6c51b4874472088e3f6bd4ca512d19377
SHA256 3689c104686bf8a04a5a58120157923ed9fcf272fac43acfc832d3316a5d8225
SHA512 34842cba46aa946a88e86469921a4ca86f4fa040678a4d65300f93783558c350f7bef9179bd682442fc7a326f339d70fe7f65eba48755234388a8bc92ddc1dd1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

MD5 f4fa0926230319c8ea4d7ab244260c1d
SHA1 9450430c6d538a870f905a36794dea8eb83ca34a
SHA256 d7895f0a883ff82251ac3b65c32374eaeff38ac324c38ce0d4c4b62b0acc66a6
SHA512 e2d39d1e392a848b68eea25f054f5dccbb338996f0a8673c2b72cd96772136e8d01f9debd07962285c642540ba09bd499d45a13c8587b3eee6814a715be85d04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\b158bc30-f7f5-4c62-87c1-ccadac1f815b\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a1dd8105207e2fcdc4da638599a36995
SHA1 551ce8a1444e386353b1799f4ab905c71b96ff3b
SHA256 a8484e335f81487e77e65f613c9cf0a5a1d41a7e4d69b979ac007389cf2229b5
SHA512 e85bc6eafa7ad2db2d7ae5a9ecf7b519e840de70fb90f47adc36d8706b63796e5a517f516bb37731c79a14cdc96c693c44b2dad827bd0bfdfaa57a6080129c02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e40a0a9cf0459bccee450d2893284566
SHA1 0df49a76d8b34c9667acff9140a18f8fa7a418a5
SHA256 23ee794fef1b41c073a75e791dcfea32daa01c85c4e29e76b14ea76892c2a9eb
SHA512 9244194474e129501f68512243e8037d6bd94aa3a14d1557a8e6c0caa89b9a9b9a69edc08df6fb272d2c9a3c0ec1c392b558ecf1452829596167b2f564e0eaac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fcf9d2bbc1057bb0c79a54791c9faa65
SHA1 3467c6b80e48a17c3f237f619e10f8df4a03749b
SHA256 64c80f92ee8c8adf68eaa3fa1779e2a583b5535a102e2c3d597231a0c31a6a1e
SHA512 b4106bf34273be4556c5b4f4e98afba1f40a67e194cee89424b60ac45f4b9c085b546ac32f43f78d10beabae0d2b6baa001fb394b140f13a66cc3fabd65e009c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e7e646a29f79526509ae26e1790a316e
SHA1 1172d49ba1441ee910a895b275b8fb67cefd4085
SHA256 175a756d903a38b0bbd53018aebfbe4d47480a847335332a3c59711067b97c4b
SHA512 a198926b25fcaf28b91628b448e428f368da7ce11602efa7ac44386cedeea8734b6d73e988720039bfdba5cf3c520a1cddd8a1a1014bae9ecbae71ef6924eaf4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\335e50a4-539f-47a8-bae4-a5f692303f68.tmp

MD5 2112cb78fbb237b5fa9e2bb47bf0b714
SHA1 ce17ec25164c7e42b5cc8c32134f573b6b2068e1
SHA256 0fab428d1bc4cdc2260397296d037b8955545cde7ac478938cebb7ceceecad4d
SHA512 c40411f8417f7d2e83c05342adc8c416a991c091193639263ea012ec1c24b2ee798a0fc91f99d9d51247dfbe16697a4dae10841bebe289b058297c48739ac86a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cf5992e42cd953d4852c0dca43695988
SHA1 6f8e38b01ded99ed8747bbe98b333278e7b16768
SHA256 b431706d83adfd65dc0c889171f8f3a8a96ee9217f7476d92d9d62e29d18ebaa
SHA512 24012c42a63e061846e14d192a88bd9e34b9c08dc85777a318ee890e30cd0cf27d9ecf510d3a003d7d87911f9dcb68755d5686266631312c4343f23c9dbb4524

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a310af09d49cd2ef6ef6e76cbbd8dbed
SHA1 6e59b3fba89d4aa448ed1559388940e059c92ec6
SHA256 e3da8a44658ac226e0cf60fac35478f5dc6d9842167327c8094a38303d031dd1
SHA512 9211023bc041a0b7ad1e82d7d0500b2387f75f84663e52a0b73cf60b29cfb6a7dbaeb7ceca0d479df9e5a140dcf28bee05b607edcc2120eca5c286167d2c2267

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9835be64c2c2d8a6abf8042581a4b4ec
SHA1 086ed96b6ee842c7c23f90cd3dda30feffba080c
SHA256 f7cd8f6a8c03ff1ac2389f0afb4eabd82d5afda149690e2859abfa478e4575de
SHA512 7adb9744c13141de1fb66513bd79e9142aa4e1f1a1b619da733b1b6582d6f3ac6819edd47cee0c09cb761d366f1aa0e8366dc102f63111195ebcb55e6e8724c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4ca0ace73e7d36a689ad4c31a3d8106e
SHA1 1661ea46fb9784f9dee954ee3f48231c13058435
SHA256 4773dfc3cb36177cca5be62b338935de44f4e88257242350f3fce99fba67efed
SHA512 7f69bdfa6f59075dd1d3d76d67a8758c77f4736a2d5c0dc71bd0bf82765ff50f149584fa8fdaa5e8930082b761e9ebbcd1c95511ff6df611223dc373c09dffde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 72fb24b610428d6946f99468d92b4483
SHA1 266a8ae1994c06218cef96ae4579a3849ff0e0fa
SHA256 462f4d24cd5e31bd45494005cf359497b87c0d9df95501c7c9cf5148ec0415df
SHA512 2610fee66c81934505508b1a1e89248aba84491f71c88ebc876197267ee9855d52124b32b91709beab0369ccbc35176f8bfec1844d6fab40cc96f4d6f8281a2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 53bf102f599457bb56e1d37104804fd6
SHA1 98a1534b2089a4fe7d763691e20c963752624f0e
SHA256 979c6cfb6be163600ae502d6e185448d00be7fdd7b31a12bcb949238a23e7d72
SHA512 6ebacb056693872db2f1f9d589825213a91d2367a62194b3882c5eb06c3e6993b08b3043ef9b4ba4c02dd8b127de4178579d35e9d861a0eb2c79ac12999e8c15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 90e3cb6e189f2d42d9fb9c8fc300d37c
SHA1 4db9769b088d8d6f0a1fee75fae35da6966ed614
SHA256 4f557be5870262b9d96644d0e49f7e492689b143a1ea77eaeb558fbfede90db0
SHA512 11428779fc7db82304619c5b939c16f01689bfe922a46b8522e009e1fec3d3d6d17957556d17b45d1c53dfd2ebccfdfafbe881b505f431b93e80990521c427d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 803161b18879ac6d0a5a4ea25bd6b7eb
SHA1 0bfee5168f49398d2ac513b089cee406d77a4563
SHA256 4579baade68ae9994e3c39b9bd14f4c19db74f6b0064bcc1453cf7f1cbd1ef6e
SHA512 8380d66e7678f48e9957f67c40ef7bc35975acc6827f697716ab163fc34c673a37ed0c04e8afb082affaa05c7187049686869b11a929a7a23e7cf9fc2d3c9597

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fc2eba262055b355c9365c2912efd24e
SHA1 526c2925a08530b6fb66ce0c44a19f9f6a3357b9
SHA256 e412ece5f4d9229b2bcee0b018d62dafe11949f3ba52f7fd11da2d693656f2d5
SHA512 d6180c7f2a69d434d2f81b96b6873b8286cf67935722f87f264919fe1bf1c7ea2292aa42e0ec2064b4806ee7ca9c0e18a79e6ae5b1277a47e9ea02abb59c6a9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c330d249c19ccdadac28ba6c4a4394ae
SHA1 5080901a8435931dd1f73d2209e9c479806e6a49
SHA256 55cb8e274974ac2a2667616bf37481fe929d1ea3538b537f9de16179d2a567c7
SHA512 1f55a329065628edb3760a07b4ba46f6929cbfdb340cf92050130e5ae83abd347d089da3a969a3973e65f2a30f06653f9e9e28e7cadcf0dba5d8b122c3d25550

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 13b968b3d57cd3a8650fcb7b306a4ce9
SHA1 ea8235a98168514a2732b144bf8354cb6215d6c7
SHA256 ffc9d8b90f034085acdf480fcb8cea916afd73b6eab0e9e68081138d19362c6d
SHA512 c6008d1b0daa2771e1ec65b5de4c8e32564b3f23b99e925e6b3a3f70218e34c16a2c0bfd9cfbdc817c35e9e23793714981de70bd96dd89d9f737d8fc01536827

C:\Users\Admin\Downloads\MEMZ 3.0.zip

MD5 230d7dcb83b67deff379a563abbbd536
SHA1 dc032d6a626f57b542613fde876715765e0b1a42
SHA256 a9cd3d966d453afd424d9ac54df414b80073bb51d249f4089185976fb316e254
SHA512 7dff68e3f9be9320872ccb105b2e87f15b23807af96ca195a38a249d868468632c3d5811d9a51295ec89fe702d821c9466f93994993951d1238f07f096fb7d77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a3415967aec96ddd27e511391a9509a6
SHA1 c91e5353cd6877162689d7f555b724c19b9df280
SHA256 166ce547058958c3ad43febcb7ce35d6fcf89d0172de458cee186d11ba3b2050
SHA512 93510052493d25d58ad46b2c5bb757904a962cfb5ebad54414a81267954266549f3ea84b9f95f131015f508b12b3e0cfc744ee17ab5f5d9540f76b416d7f533f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 10af1fa0467f2a4927d297e35380f6ce
SHA1 cb3ad34696433eaee7f2d3a5050762ba8e28abc1
SHA256 922b48d4064cfa7108349a662709dfb970bcf25b503130a93cde0b147fcda109
SHA512 a26cc4295588d2a645284110364e35cfb2a26497977fc59aa7bfdc71626b48bfa6ee961aede5de958226b5420c49e5a915c5d0758f3207bd507fb83fb7379b64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1c735e849c13e53c2e2e96b982df7cf3
SHA1 05a76b0dc105d6cf7e0dbca6160b31a26642bbfb
SHA256 0434b94d76775a2569e81116fb4cca8d98f65e54cc94086e342e841f2b00d462
SHA512 5a8355de92a33d749ee29cae9a61d3bee914081e3007933cd6cf0790da9b800802f1b018fa5edd8eba314e62b0bcc25449bc670905de91dd820307e2d7bacce4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 93ba6171a3ca34394e59e000f315ffef
SHA1 5a65947f9cabcbd849667b37a5a3c5a36192aaa9
SHA256 77ed46a8dac09dccb689a6b53cb78454a920d3140af09d96520312ca0a2f2a98
SHA512 c9274b99c5c3bf026934722610b2e93afb637e0cd63333fc0e3ebfbde865a8b17b5f4b43da5f28d678b93ec1512c88b4b954474857d61d7b465938900ed3136f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\IndexedDB\indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 4b1b9a525f813b0b50fb768a91122eb0
SHA1 57a0788d952a0f50652f836ea7a687d3d6956b7f
SHA256 25c3fa80556d205f3e16606118b663d7a465dea6ec1f0e80d11146fa174a1617
SHA512 4973fd4728896dbdddff55f07ba80c038f0af11fc1e6e373272d291a079aea5dda09b17731d9a935c30544e65e2a9a92bcdcf457162e311399864bf185a2d0ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\822f3d06-a386-4af1-a453-56c4e981853d.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 64423e23a2319e4940b72d66e38b62d4
SHA1 891edcf71ab442fe5ac12d9b6eba8d2db3a0eff3
SHA256 a83744f25efa0ebe90b72aef88167dfd1b61e9ff800a8459acf652992ef9c731
SHA512 5cbbabf6cfd59dfec493dba27ddc71052d462e0d53db0d0f088f8082efec6a448a2997152c7d8bf9ec91bfd14de07c841bd60f6c63d0101498d8599ac0195c24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7996012a74d2e6bc1c718d30a51ae8df
SHA1 a1d663fb0f5e637f0fa760b898e5bdcacb0d58cd
SHA256 314eeb66da166c230186eec3decf35ca47e03427386eb54ead40df245b5c9a2f
SHA512 342bfb8647ff3db1b5a01fd1eaba7137260461a527854840a4fd6009b6e479af0b4164a51f06bbd9982323ca19d41dc2ca5ca2636a4196cb321a63bd05e7f4da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e7fad7c344dc4b9609189dcfc239701f
SHA1 b0f4f3db93f31ba6e99ac3764813766fb04116a7
SHA256 55207b9ee53daa3cdd49f855337533e5d2cce2394d290ffdb54f8cbdd002bd45
SHA512 36a33391ee0ca75f882d683c66e38107696d7e5a85051969e5c4dc3d4d6e30ab9b76730f7b3b1691ba23df7f237ea44af73b074af1443469e2fefb9d3d135f99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 31237f5b123cef1c074f94fc8abb64cc
SHA1 1706ad9f5119dffa5514c3b10a800a9ed5cf6ae9
SHA256 e2b0d132f6491950a9e9cbe12dcb15ebf881f747c3b6bf18a9522d7508e1bb8e
SHA512 f9046b59812d3d9cf59b9b04821aaa5584e81abc7ba999485a0abf4ae66427afae2f7b0ed8f7c53b134bbe22bf26aabe4d6efbf483f1f9738d3b414b6b372aff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 757c2abd145f87c574897332fc8b0d7e
SHA1 096e45e9ef31eb55e9401892dc6f65259fbac895
SHA256 f17fc9a7c8b5ef7811fa4cdf90416943b2dd55fc0eaca2284c5be926110867f1
SHA512 5ac26cca020234c0e14392b82bb9650b4a82d58d12229319ee499a2da81ebbfd54d7d2640ca5c46a72b7079278c3bc4bab19f0ccf564d3daf799095ae98d83d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 adcfa0bd4ad0435738c6e3d8dcd0f6a7
SHA1 ed19eada434e7162355163832f3c93cb5404e379
SHA256 9b9683f51329a3176dff69c5a2d3d9cc3399a94aaaa6e5b3393c78097b55e872
SHA512 b03143a34526b04cc37eaa30660620f24655bd6c72c6d824e4a85995efe782432a212f60a153bf4319c7595a126b392a9e2e6cb02c38a68e351127b9990438f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f1aafa9f176a1044a9977029340417ae
SHA1 ad2bf556f0d54e628255004ed5c8181955a519a2
SHA256 ec5c04c4287749bd71cf7c4e74e755545d3dd4a4b198a4fb86a92d949d9d0bfd
SHA512 0e5fb0fa7554256a54bab880e7b821e37eedd6a1f6280efe1d4e404d93ff2cc6354035b9e9792e6aa5dc72d2ee61adb7fba7c69f7eb80b474acf5ee5296686a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 448bc41e81291a9cf6d60a8ade155b9b
SHA1 4190f1bbd2613e2e09a5b1696eb2e4ebf2d7ba87
SHA256 b56a4c717598bd26933f0d3a867e6892ee5f19551935694d01c370fa9cf83214
SHA512 5e2b66f166466796d430bd73ac8ff1b72d86b8d55bdf28824b99f1a5e686c6e54341cf8d01092f080ec17128e2341180bf5e159de16165f5285566722858ba8f

memory/6596-24920-0x000002022A6B0000-0x000002022A6B1000-memory.dmp

memory/6596-24919-0x000002022A6B0000-0x000002022A6B1000-memory.dmp

memory/6596-24918-0x000002022A6B0000-0x000002022A6B1000-memory.dmp

memory/6596-24927-0x000002022A6B0000-0x000002022A6B1000-memory.dmp

memory/6596-24926-0x000002022A6B0000-0x000002022A6B1000-memory.dmp

memory/6596-24925-0x000002022A6B0000-0x000002022A6B1000-memory.dmp

memory/6596-24924-0x000002022A6B0000-0x000002022A6B1000-memory.dmp

memory/6596-24923-0x000002022A6B0000-0x000002022A6B1000-memory.dmp

memory/6596-24922-0x000002022A6B0000-0x000002022A6B1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 054f9089d032d670505618ed61b5b466
SHA1 4c85f16ed6db9eb8eae7c22a2dba98db73f57ef8
SHA256 a91aabab0329018e54cdfc101c4d1b9e9f1278fca85f72e76ab54a795d0c2e1f
SHA512 2cdde10fc47ceaa3fdc57a7d502bd73b8e38d62dcbc6d588a9aac2e438716e7eb790fc79eb652af8ee7fe5fec63ba5e26be3f5359ec5d0e2cfa56f5fdb44da50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16bf7e26141a2133e6840f801be0c1e4
SHA1 1eda13ca63e90b3b8933c9d53faea479ea26630c
SHA256 860d67f89668c7ee0f9556fda1ef519d04f67397340dee1fad6c24644c1306d2
SHA512 836e64012b1678903a9ff4a93b8eb503d9c634674ab59c509ddc71b96c77261646ab569c590515d69e125b5f0b4f2dac1273853c196c02d360b5f177b585a20b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 eeaa8087eba2f63f31e599f6a7b46ef4
SHA1 f639519deee0766a39cfe258d2ac48e3a9d5ac03
SHA256 50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9
SHA512 eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 2457cba7a489938013bbba47274a3781
SHA1 f7aa44ddc6bdf4e99ee89f978d383d274b732888
SHA256 0f2d8894d41e4c173e6f5ab7ef25952a51a153e30b05c8f5f22930e6c532c982
SHA512 dd8c65975f2fdf0dc6c41ea36fcf9eb95cb4a66aec2f999f35f6f5e3d9f1d4dce28d576d16c0b6ff1d4102eb869e061835e7ddc7e8bff3c50c880aea71011578

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 41b3cdad9b660db8e40cfe8b37319458
SHA1 bb5431ce0bcbc866d36db0e182963a04a4bf50dd
SHA256 39048681f4db7d29d10d180d6cab9bebd840d3eb514f4fdcb46275451afcc7ac
SHA512 3e4a33d4309c5fa3775e24713ef507e7faa7b7c9ccdf3eb2928316471cad068c5ebcb5d5bff06ca09229f7f9d3265bb0fce1c2721f0c93b0259d1864e3b9bbde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4ade21d11329bdda74fc0a57a482902b
SHA1 82b2c839b4850078bbe7794785ce48801dcfdeb7
SHA256 353e892544dfab33bbf01c22d2a405ee1cf812af4f31a01eab7b079a97061c88
SHA512 d177c1250b6f555238da7533e4750c89fb9d33c97ef18e9587b9dab9439f52daaa21a8dce3dde7d8225d8709aaa0e852f618755e1c7e23782146bb935a31bd4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4b8bbde8f6d0820bd3b24b10798a3cff
SHA1 bd62f027bd13d72fb0818f2c07a58ab8abc8da6d
SHA256 383071bf5dabaa6f77d8af9d92fa5b2825a680b03ce081d9d3483c80b5e14562
SHA512 b6bd42c3f079a3a91823e921f58b026ab14cd137f5d10d519d05429a06dff262d22474f3be4b8cf26b62fe58b5fc924bc39e5bcb864ccffee2c1b8c6a0d532fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5b1918f5a480408ff0d29182dacc0f7a
SHA1 852600e0f794798ac8fe49bb1561a390695f84b1
SHA256 23a123291f3aa9f3df2f5104018d7b38008fb1fab98db1498c4c87ec642c4ab3
SHA512 dc560b8329bf6528e791cbe99e813c0566ad55e3aea59ef8faa1b09f42f9ddf46ee9312990b3e78ffcc71d3f5bf0460cdaf74af5d46c27282894bff429cd65d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 449e8ccee49d8bef36ebafbd7bdebf2b
SHA1 fe1ca13d2987e709ef3dd84b8ddc30380f196608
SHA256 3bf8c9a1eb6cfdcc7c204632e3ed676ed7a7d29a584520d2f28c9fb4ce70887f
SHA512 628cbaac3709ccb234ad491154aaf4534b1f83527d06da7cb13b1464d105773bee3f6357fbe0093c08e65ea9d932ba894040c42a2b99b506fc188eff593281f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 eb307061fc3373b1ee736ce6a6338ff2
SHA1 90944736cbb33b6287aac89cb7ab99fa55c3adea
SHA256 6ead8ccab719925bfb0bcd818eaed47ad11c80b0c933511ec94646c71dd6d10b
SHA512 39e456363e6ec8490d5b02a6a3dfe66b7749db8872ef3723f95307cd81da91731d605109b240c0ecbc4fa0014d86df2a64b6482d890296a31c42bd6996221bc7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 225b2371c5ddd1055f8b2cec1f1f6424
SHA1 b362c7ecb930074b36dccaa3a73b80900e9a4d1f
SHA256 9ff780ac975a3e298faba67abdbf8e7b144f953ae2f3585d7dfa3a148c2be63d
SHA512 1d2cee83d4b8310a24551d5c5ad862c6931475ffb699f87f2df3c2468b12b77b51336c17787f044c8b2193bd57b49afe29b2b18cd74ca85bdcaeec6934701669

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9c8e7fb0b3bb0eb0cecbff550a5d72b5
SHA1 18b4f90b6d4449c9067344934569938a4135b1ec
SHA256 e43a5e3331158567743e3e0ab397a48f7f4f252825e86cc4f5790070c12db2f6
SHA512 07191ca26a4c90dae6e1e25cc92b2d77564455268b42a79eed917de775d50c669b4a7ecf6230837ac3238d4bc1f2c2acb32cc3d52d42a6c602f8f1ecc68f34d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1224a3513b186381_0

MD5 b14def752f1e10a5843a8c402f7abfeb
SHA1 b73ca6fc2f4c652c7307b61cb214f0c258d1839c
SHA256 b51ebc71ffc176fdf2f22c5b339cf79355b45f896eae1b01bbdbb1e9d454e1bb
SHA512 a9d2dc1aba06d8529e7a68e07f7f1c0f324ee7d7477904350781c0e2e8095f6981f95e4a87b73bee15dece5a9e365511396a8d07c2bd2f980cd383d60d71de3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b7ba847081c0e01_0

MD5 9e778c28fe16319205e0ed5c36508360
SHA1 a691a9fa9045374ae1636a80dfbfee1c388da8c9
SHA256 fa425932643f0d189e4258e69f950aff6107a68017b18ca0f4aa6eaf9019a9ce
SHA512 71a4110ef8a2ab7b467f330f1f9d04a599f5109cc442af34506f54705ad3a1f1a232bd73cc38e91703806a6cd35b4f2a8a984193f375a8cdc2c4b864a7fd1dbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 695595b087da5081a22f13ec4bedf05f
SHA1 33da5c8966774222512eb7b46d3d22cdef7549db
SHA256 5da334d66c11db1c53dddf34d65bb4f6107bf0119382e39512cdff4daead3cee
SHA512 2207b12ebdedf0b7d19c3249b2cb19031a572ea833544bf566b4eb05d573155475a1a83c1e2125c2dbf80449da8bc230e87181c9a972158533bba07fd8ba8ce8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 142993251f36dfb4aca1271d9cf57641
SHA1 e9aa7cae72be472c0769a5bd550679e757510274
SHA256 7246808f701dbcf89a662c6302782f04ec63bf23d956af94da1bc49ce88d8aa0
SHA512 48f93b83790d53eec113d358b3e13ed4c4d9a21fcd96c124e3477970b26fa9c46fee9c0b09eeab79fda3a3274d9ecfe801faf86f0cd932e8c051e3f9b7f43038

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 63146873e9287177b67f7b61d8c7109a
SHA1 02ba9d2091a4d774b0f121cb30a121a66a93349a
SHA256 4a0e7a7e80a9669d8f984ec425ece1e169b517e4334fa9b208d830d15c0088b8
SHA512 baef9b612a58c745fa8e41c37b57df2655791aee3ef94d5c5fb3041275639b2efa88b4e3f736878f9b177fa0125a17eb5d37c0e4b58faa4f9496157622e52838

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e3fd810dea95f5d2ac9863226092e044
SHA1 9274337162b4e84cd4ba747142162a270b984dc9
SHA256 76e1f1bc4f863aaecaac74bea83f067ca6a6efe16593902cffa7e0d6617dd3f8
SHA512 ff99d6688b41a148e2ea056921b59ac7e5c5ce582118545d5cf2cf02285a74d22a810d0c1f2bdc3283a8a6b67b49407f2ac2016953d0f7129ddd778c2f6d84ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8cad88e22e50a44491307e1fb999fcf8
SHA1 9ef92d5873378a97c3dc0da7f963da9556f7bb0f
SHA256 013e13e201ab12d72aed5e06c20eb11ecc8deaa7c703d86186378cd30cbd58bc
SHA512 c811b802bfbfe7aed80e19b800cd0d11871b87871044f18336c8790cf68a42d90a0b635eb1aa0ebd1fb37335cb93e6a004226e2cd6597914ac2d4e90f9b9d962

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6bf5e4321712b342951e16c2ae1094e8
SHA1 9995f6826924cba5d633adad5583e97d3b7b8936
SHA256 7a575d520cbe7921ae20de6238212531390a3871efb6acf61ef066fa5092f09e
SHA512 7e2c28b2a6d4a1f76577aa9974e13a90129c46d2d7abd7266d4e521e5e73fc544f13b19310f72f5906ba603e98bd150cb84c191c92e1825d9712105b3ded7c1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e7f5c828b6b6ffdd8d6838a331959506
SHA1 b30b7272bfdaf251a223bd5af5fb5e75788966ab
SHA256 d2a2a5e9f32ce8d43d67cc9133ae9518912c81aa7060affdde7fbb9856d086ce
SHA512 748ac7d5b32e7d557d5c55b86918f9b65f18ef6f31189473daa18a684ebf88c679f552324254a5f60062a7f7572e0e4ddb11f4475244d747b6016db33dad8b22

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4732801688921a25fee8f2b2410be20f
SHA1 ee955a4c33c0900cac13883aed178ef7261f0220
SHA256 5daa35e3430ca9ed1ea7308184335e9352cc0a7c24ec20bcdb4998f4beb011ab
SHA512 1ba71ce275c7bf7d327d247c4cf04d6f073985ac8c74479c391c06d96cc17e432464d292d16a850246919b13e29d836078898dac3e0c057f741ff4bee770927b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8938b5342cea197eb49dac1dd55a895c
SHA1 ae69ed8b74c26b7656d5298420e590f38539abfc
SHA256 33f620f55967f392cc254af6a8a4eb27d509332ebf8440a18ffdc8384d7a1d3b
SHA512 152943e5e6f8115f3c6e0f498151497cc0136bc99f333623612c0bf2c3725be22ff7a4615606af781252417a29fb20fa157dbb8d63acb3cb4d796e6577a3e7aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b53982bf51a2df5c968f4c64686bfb8f
SHA1 92f90ed105a223a55048760c56e50f1b36aeaeeb
SHA256 3674e91baeb11f07c7259ccc19a34e14d60031d7eb355ec02f046a6652c1764e
SHA512 6cc48e9e77810137f72bb0b97d4940fede9f3441bf255c002010dd8fa1ad3b4f29679ac2c11d3eeafbfab7ff0e8918e440850e28514bb864fc878adeab8a3e96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5d39add14281bd7d691b552aebc67a9f
SHA1 29574e790e128c5f26bac994ca27695a6d0c5363
SHA256 13b14eff6167ad98e28156eee579fcfc45334f9184367edcb74400091501ff33
SHA512 d42e847153940a09f2e3bb9c79c442ff63405f4d8c4729e72332df19dd597cb91c1bcb8021ffbe0d27ac82b43cd5acf355185e11b945342ca19679e17927df92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe65e115.TMP

MD5 eb0b36e4703ce005696adaae40400a85
SHA1 83bb29445adca86ef8e158f52a4be9b531455c81
SHA256 a8b489e7c03f59492be53da751831c01d51d89b560408d4593224ec790a243b3
SHA512 b2ab9f9ec45f3a6c4de3acf9e2a190ed13a2131365e392a712d524381ca6f7462ace376014574064f0207423dbe44111f9a03ff1fe77b4319af47dceda8b794e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e142038bb5cb551f9c76da896afd5839
SHA1 24d68b22af72bd0a3b7da731dd019b36b0aae44d
SHA256 0b9953156b615830a1108eceb4bb3286b180550d01a062fabc9532f140f1c3b5
SHA512 4d7d8c1f1b2f3a2f1db02ca33b58ea12e08cda54489f93e3294b90a11cb3bdeb1ed13b9ee434b558abcadd047c2cf2bb862d06b1d52977a4091fa37ae0877234

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c59b1365d8f3e19c959e20ced4130d00
SHA1 33e9b59409cbcaaee1d27e31bd8924270b1358ef
SHA256 27289542a4632104aff321946c8930f6b32aef337e231c18d73e52296b23dc69
SHA512 e453db8945db7bb66ca39df836310c47373b04e79227c67afa3b4ce8f1097d5eb5e0cd7e40d02fe2223912b1911ec04f7b4c7fe0d54d2a42432ac7d7d4546c65

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7bf8107a3fcb34692face0bae70736b7
SHA1 378376f1050ce3ad72f23155d5a1383ce03df298
SHA256 622df0fe3ea2dd8bd03df9df100bb3679192bc4bbdb9f1198f9b3d0a89778960
SHA512 4d0f72ad381761c650d1c33268a115b7db64f749109eee6f4f5d1cfcc77fb1e70c16c51682f3d274769e5b89c93f443e0b62a847760cdd3ed2ae17e6f56ec109

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 0d2283b0df70bc0217118f5c6d1fd836
SHA1 0aaa2e0daa0f0671fbf7817e222fcd777be523d0
SHA256 fb02c03e84b9a15ea357644f15643bc90eb9c6ef6532e1c82ecd052df34c2abb
SHA512 16071fce7468cc47fd7a57dc6913cbf41e142fd16b3f145dc30b13fb4a84a05fa3211d3b435ace7378c76682a1afc49e45d180eb88f6d32b0deaa2266196b2f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 5d0e354e98734f75eee79829eb7b9039
SHA1 86ffc126d8b7473568a4bb04d49021959a892b3a
SHA256 1cf8ae1c13406a2b4fc81dae6e30f6ea6a8a72566222d2ffe9e85b7e3676b97e
SHA512 4475f576a2cdaac1ebdec9e0a94f3098e2bc84b9a2a1da004c67e73597dd61acfbb88c94d0d39a655732c77565b7cc06880c78a97307cb3aac5abf16dd14ec79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 a12c90cecb686ce8edde72e52cff40da
SHA1 9dd9a4bfb841b7b43de7d0a6b806bb2b40481f23
SHA256 be1143ebceec550910c4a471bf00e20389828302b1909836344268d05990450d
SHA512 4ca80dc25a0524b43895d849d39d7ea302d048cdfb7f177de12e3ebd91a2d28661831fc9158921fd21ce40fe598aebc2b408e916c58b0a7e6a99a4cdd8200060

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 ba970966e10a8e87ca855b95cee05ab0
SHA1 e3a5e78a16392fd5da108f9821e00f48a7e44b5d
SHA256 463fde9c3ee7e0bd18f5ed0d239cdc1565481df623433fab4142869430ab00e1
SHA512 e8a47925d959e5ab41e3b81a9461ef436c4fe81af5b0bbd350856175ad8e0dd0ac181e509c93799350b86c4815d94219752c0e780a37935eb76d633cc7a852f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 514b8561a4a27d13258000c752b6d258
SHA1 2ee1905f0f71f6ff0e872edc267b2af0f3f773af
SHA256 59045c89a8a5df550c610eacbfdf8ae7466a2f5310b5c0263d310d7c769dbbad
SHA512 4916a9fdbffbe61c5b7a73971543a29bf9fcd5340038a6363ee21e4599ca6a4c3fd42a5005013e6bd33c91feb34523e06dfec67c5e603da7effd4e6ba7d14b44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5c6a4a302e57f47ead97bbff0e04d02d
SHA1 ed1104bf5d02d509f979685744dae13ca92bed7d
SHA256 327c1e9963f4730bf797057ee8b84136039d98bec45071d136dc87c542c05e7c
SHA512 8c12dc61ee5d94fefc762d4a67e79fca55a2557671ed56c709599ce665ca8c4192c8ffb977e86902140fab8537262564d4d89be5d84e3bd6e39e54b2e954cbad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 29972effca5e564be9740626d06317b1
SHA1 94706fe10feb333bed5666cf83bd8933cc979549
SHA256 442e6161967829f840cec9e83cf621639fd86fec33b2af8dc0fa70c941922c62
SHA512 da27a2d9bc3d7118a0373f71d50be6713bfb389377f7cf8db8291f404cc475ef1c3b8fe717b382df5ea91eef7fa128e74f48f6c6727d63c2a64ef129c810a4d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 1dbe2d9d7b445c0605a3e30498c622f8
SHA1 3f809ee418050bc69a82d3ec79b2db7dd4f060cd
SHA256 199fbfa33388fc0d4a960288aad3c51bc40fe21c8837367e2c6375a46239a8ef
SHA512 b2ed6fa3559a60774e492ddf1390d3a565144787b3bfa4e54d4f7f1742dfefc5a0bb2336f9725da8016fa9f44d652287781710d2f6a270e66280c298da0704bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 27a4ec3e49c2fadd1d063f80ac9b8583
SHA1 db287343affae126d43da07f98527b5324092914
SHA256 058c49eb42ac82e18f5dd5b636b4c7f9721267fdfeaeb50315dff0831ba9f3d2
SHA512 a727030b2de53036ec9ac6a21fe0d218c1471d9d5bee6aa6524f057db753117d26674113472639e2b6980d71b1301891291440ca51eb196642e1bb28780bc013

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9688550b1d8276497d0d28e7335474d0
SHA1 edb1229b6306fdb8e89284e6998799ef21e82ecd
SHA256 aeb88467b5d19a8d21b1641a3653448176613f253518b4e1411d14e9d80513e3
SHA512 484620012ce934a5d4fd95f3a7e7767a29a2b717bfd3d39b04094d3cc257222cf033bc84ec0bc16028e853aa5872708d381006da3d6fe0b883b9dc6bf17fa8ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a4e9a40529d9a3d53057640b84183c65
SHA1 b52826308412cb5bd3b77f136b0012961d830763
SHA256 6cd3dc442df4b86ea260dad185f3486868843108e17e623f151ec42c15f9e75b
SHA512 eca5ba3f88d6021278ecedad40b9f8b1792f44feff0ce41e888685370d1363b73d711e06615398e3be34dfba1100fb981962eab3db4f38ebb8ab6bf88c0be71b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ffe90fcaf353b59ac76448d6458f0cd9
SHA1 fb4f45a4f7daf97c03dbba8c1f31195e4ac842df
SHA256 f5826b231132b1d4c196224113d1e344adcd03013d4814af37435bb3d126a7d3
SHA512 873dfe2061199057863d1d7dbfaff538ec47daeaa83a1bbbf81ab2bc10acaa1ce6e4fd10fd05d8796c297ca7fdedcc78c01a04cebb28720598b5489d867932f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d54d957f90280ebce300c528badd88b9
SHA1 9fed08e43b14a4a3066d34beb77be31496132b29
SHA256 88b254777a20bdeeb6f3affbf15fc646a8890530a360b8153cae2adf182ee934
SHA512 134be518ac952d0ab965903f1df226ba4bf164c1905ef4bde295beb209566ac7925ee75394db07d23f86aa199860e53cbb2b639c1816228c1d0dfba0f8546eaa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e8a7b9f0d0197e2efe1f0282b284d55e
SHA1 590df0aaf29eb0c86c2df219cccb2064050cbafd
SHA256 b7f47bd30c90b88d1dc84a18b86005e95d3265cb21207d3f87af98e88b9da503
SHA512 a9ebf22bd159cc73bff73a0736108c96bdd181b487a1426d479f6a31ff5d6d5c44ceea6ce809b97e9314f35d92c8fe8e7966ce8a28b25c29d576029f7301e554

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e3f3dd5fc7c6dacb6a73b049927ff016
SHA1 31e0add6cf9895b0ff28b9399624b015689a4e4b
SHA256 ed32a1664baaa0c9c69ce72bdbae76c837a0d1b0c072a3622c83d4069af718c2
SHA512 41d1dfc54b193f0fd4f3400dd1f6606839b037013953e2ecbff1e6fb4aaff250cadb05866a1581df7f8a72e016c8ecbb8a01c2acaa4f09222f1b746a57396879

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6581a753c8d0a59054fe1a2376ce7d71
SHA1 ffc4c8e2799e7fb5a2ca0b95a67976aa07be50bc
SHA256 4ad487be2e9f09aca02c629b980beec30ebd6f4da8753e95c6c8307f3f68b8cd
SHA512 d2c823340d0163339eb768e0e6da07f3e5fe7e988a1d7d9935791c0e4f3ff83fb401eb386c77df33c5fa256f77bc4da76b2c57c9f2a63f81963a54e5d9d0b4a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3b3ef90c1b33e5170fd50604d001e9c6
SHA1 599f6ddae0a371f3dcd07b4ca6e1ea8bae9900b9
SHA256 4026b6b27d5dd04d1ec288ff06b76e7b71fb0b5574df64ab65f2836d44b40d72
SHA512 377ef407f2dac38f192e939470a04d7a59f58432d0164a38d64abe890f20a5af87bc1dbf3cbbdaac7cb7930341dce87b3cb9e3426c3fbccfbb39e6786adf483b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6721c9131ecdd9ed6b0de88ac9dc47ea
SHA1 7171a3d5a41aded895205ad9176f12db1856df6c
SHA256 4f6ad165d6525e8a937bbbbe3d258a729bc5279cd637ca0418ab65b7ca23378c
SHA512 426efc1c4f089ee00145ede2751bc645e2a998cb36c5d3cf113532eb35456da3b51bc6303f22dd3097c2f6c29f9f8060ceb167fae7423cf9326b331f796eaeb2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2e4447cf5fbee8ed_0

MD5 793d4d476d134340bbf36ed9e897d4fb
SHA1 84a378eee3ed150b34a701b15db0207c77ffa478
SHA256 686b604e26deb9476a5da46e167a4d8c05f62a8a0f411c284068cee0a896adcc
SHA512 12162c19952c5adde872101851bc8a0f819710f361b557e352fb361e1a85822256fbf36d2a4b228401f077a7d87b0d8a77f2544926b9e9a7e8ba89403e9f1909

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e

MD5 c02fccc74b4954c2bc40d93bdb15bc81
SHA1 88eb76d59060a9f8ca7eab4bb2a8230d92cf2e22
SHA256 134908b30a6f40e64260cf208f4baddfe0278a4b7dd32d945e065211d9bca9a0
SHA512 50c3b3c29c4e673c6d4ef677def3b2410a589a863ff3788589d11cb34520bcceef053f9ffc395a42549e7abb6bd8875839bda16f7359ab43fe2fcb61a574b882

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a

MD5 7792cba608a1491e3c5aa6565e07ea4d
SHA1 cef2de7d00ecdcad66b098dcde9397afac9a9058
SHA256 fea64e53c8ca82392f445b7491916a2b7ded19c771f65bbc00d88b3a3b864576
SHA512 f4527cd5abe18dafdd7112f15142c7ae191c4c66b6a84c989dd3a3778ac1d182bef7ed73339d2677fa8bda143a7a147042ad3ba35cc7677e133a7a513a1c2b22

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 445b99badd2336d22bbf08a6a0b94c0d
SHA1 6621ab83e5b233202f5ce8a3cd61637614bc7949
SHA256 72ae0a2256936cfaa4016c80d7ec1fc89dbddb41672d837bc579f0a53a2d1d7b
SHA512 f51216b372746f9dcc3f73d7fa1e6c671fa78512774449601fd0cd264cfc2a1312221ae40401844daf6429163cd89801b8b9f711e17da593509b8f13820e5b74

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 5fe8bdd73df46516015cdf8943ea830c
SHA1 2bd85cd3e0f5757b890cccf94faa59843cba289f
SHA256 fbb113be442354ddebb2c43ed0444f52a25234a47c87e408a6eb2a11eeee5b1c
SHA512 d269646cab6e556050b26cde37cd2375db1dfd519dd2347a66dadf94ad51624e127f3c7008efe7cc70367b42523119789e1606506031297a626411a5f8fb347a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f18eae7bb2c641161e14050061b7500a
SHA1 51d30a752df247fa624801b0aebf3bebfbdab684
SHA256 0bbcf119a5bae7e7edde9f81436960f75922fc50702ae77ab7a69911936999dc
SHA512 221ba578606ac15f06070cabf361ed93dfb79e8dece7b1d7f7d06b1ac3374cebfdb7be34b4f686719635addb725595f0c26411d70c4069b1147b857158230c5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 2e86a72f4e82614cd4842950d2e0a716
SHA1 d7b4ee0c9af735d098bff474632fc2c0113e0b9c
SHA256 c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f
SHA512 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 60f8cd04587a51e31b51d1570d6f889a
SHA1 88574c41d0ab81721b275252464da5c7927a4835
SHA256 27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb
SHA512 84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 ed124bdf39bbd5902bd2529a0a4114ea
SHA1 b7dd9d364099ccd4e09fd45f4180d38df6590524
SHA256 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44
SHA512 c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1 386ba241790252df01a6a028b3238de2f995a559
SHA256 b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 038c1f469deb6932520d09a340856ebc
SHA1 8b361a8c0489b69e9ef4e132e36f20c161c5ec1e
SHA256 5fafae77cfdc093baea4dd31485ced7dc4ab8e734311b3c2aaac1dc2ed95f451
SHA512 fc3123f11323a9f18f5e1bb31c61fa229e0de8b6d07bb01b220605cfd9ba499ed63e76be0b7146e096412cc94486bdba0ee102982b38b258958c6327fc6bb6c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 13abcedbb610f2a46660f7cc560d35e6
SHA1 e728c6bf3b97176579193d1399eee994a01484d8
SHA256 559d413309c098c1a18fa16e4ace3d6ad2e96516dc9da290189fce676d42571b
SHA512 e4d00ace436541c7748cb7b7e8896491030adc5226abc071790574d34de20bee231b2cf26c880c3f6129864f0d36f16ef5c8853359fae89cb3bf0797a60cd3b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 b07f576446fc2d6b9923828d656cadff
SHA1 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103
SHA256 d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496
SHA512 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 d9b427d32109a7367b92e57dae471874
SHA1 ce04c8aeb6d89d0961f65b28a6f4a03381fc9c39
SHA256 9b02f8fe6810cacb76fbbcefdb708f590e22b1014dcae2732b43896a7ac060f3
SHA512 dcabc4223745b69039ea6a634b2c5922f0a603e5eeb339f42160adc41c33b74911bb5a3daa169cd01c197aeaca09c5e4a34e759b64f552d15f7a45816105fb07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cf8379028291e9e04ffc0d41223a8c26
SHA1 dd7166272e80e1eb9323e97d51104826272e3fba
SHA256 d870dd439726575c574549e3a50be6d200cf448a4715eafb46481d9cfde141d6
SHA512 8a2d6aa8650adeaa03cbfca6dbd59724c476fcc8040c2927767dd815cccfe17c478680bf9ac997cea55c958d86ba8a78867c58ce00b3920f91a2cadaa833bc15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 385256858f766f3c2153ccb25501c059
SHA1 f58cfb02457bfe29ce60c9603e723b0cd783c7ef
SHA256 1d8b52019a127308363293eef60c53850c5131a62f1f485f88ac551d3586388a
SHA512 0fdabd6c81966517d718cfa73685ed43839a67cf1cbc76f2968b8e6c07b00e96d2db40d348f783afaeea68330c6c90c1dbb750453e567b13f0d7b2dc6716dfb6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ca22077bc30dad8227ecdac525efbbe2
SHA1 8ee7dc4826eefed52ee2f09cf9cf47858cac911b
SHA256 911284273246ccf9c893308c4ce6ba5302def976e53b3e8b4ec958a1df5eb6aa
SHA512 239d44c86ef68f7e67033e06578c09f74e5350297d4e9cdafb3aa4695a6008964a70deca3f50e1bc83f2ce038bba2a1abec18c58953a9a6dd5adb5402300b924

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a1

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 91874fff6be97bdf5b90db9d30daf88a
SHA1 9c858499ca60322582a52627bb739fee29b8f13d
SHA256 03eae6553d2d85b5178367e4bb67eb2c43d1a195461822f7e19fb8858986fd55
SHA512 bcec2184d300a7dd0516585e7d56198791ad3bd3acd311071f9b8762384c525b3b905d0864e4c6b55ef4b8fa72bee3d994f9dcd0e9a53b625e733be30bfaded9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6cd43b82e6e7978aff0f004bf824bae8
SHA1 5d0f57c9f7200013f673fe133ce9285229d85c08
SHA256 e8ad1b2ce412a89666c874f672275555c0917c861147067890ed444763519b56
SHA512 0dd0c4796995576a3bb6b8f34fa2ad31fa118abcf77ea9cc22781eb11a2f84a38722707bf4cfb036bb8f8ab4d46e52367d8a070efddbd11948c2e510ecec13e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 278d9e04da1d3238bff039a6f3f8b713
SHA1 e9035fc1c135abbb039d2675ffb1dcf2e0272fcb
SHA256 b9ee22f644bccd27f4a92e217c51a81b5bc2c4691264112a96b68e66dad74d96
SHA512 3031a4da82498b53d6f88634c277114f276fe8191c28d858739a9b1b5651a6360df48bc395bc906914357145d109c7fba79b0d94433f40e16a43fcb9f680e5b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 69c75648663d6a1335bfc93d43b27a80
SHA1 a8bf41095c8c7407f93392c6a6c91214888a410e
SHA256 82827e3624ca1ddd5afa8e0f76afccb8048517579fd969cf6ecaedc2cd0d5b66
SHA512 81f01206b6583178af36ef8a1c3696bda6cae704039c6a6086ff70988f8160612a64907f7081814b185a7fd1fcbc25c50561626203f1203f0281dc94b913721e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 af8f96a6bf02b64039530410a80470fd
SHA1 6903bf86836fc66a49b5e846836fb8c3e0fede2d
SHA256 fb44a0344dabeeff4e4e4ce75e87e5291af04492a3fc97c59e91438be2750b9d
SHA512 d6b9232b8aea50740a52096b98b26c108ecbd04e9c935554c1c27fe0f57c96146fa48a9a5935a53be5c128bec2d5e76c36c5a23ba758ba519e145859774d0bbc

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 3f46373978df8e1d7f932e3ab5032109
SHA1 d58f94142531d8313d375d58ab3ae67a9af247f1
SHA256 adbbdac5b9e82706174bdd8ac5880888ab73525c69d1fb2627a8399db79550af
SHA512 5bae4520fa43340dc679940d8337537d0498d2644da07424495b45c90dd6ba60231f7026d1bbef6dd7e16001962f2f6998239b4e33389356003ac03ab11626e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5044ef752801d980a1aec3f7f4a136b1
SHA1 e21fee3d26e3afe864075d3644526743c495750e
SHA256 1689980c51301ae2c9cd7bfe09debe6c61134105508d8ca3ab06b2073154c609
SHA512 f264506eae788956a9a424166f6d334eae928b781200f7a48e6f825d8221910165344ee240e0c1bbd698ccc7b96a65f99fde3ea1c17218e820fd747ba9011344

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ad8af2bd705932bfe510a803edbc8c9e
SHA1 f3f00028a1c2fc3bc67c106b43cb2ea259bda5bc
SHA256 842d98678f34acf10d86a0e51f159a4595e2cc5cc622c5dbf57960ad46ccdbef
SHA512 eaf85f9e091aa96c612583afa006f1860a509d1cb393090f6fbd56f27f7013038740695eaadd52177361c9c012a3e75e93f6554209fa5fec3d58cda9ad89a0f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2b175d29c6a3876c3d725fb5335e1e26
SHA1 d2204c4be6023482a46845066261d249ca922a2a
SHA256 5972b137baeb41542450511e3cb495b7920cbfc15de932f0f630e25ab719f9dc
SHA512 b8ff1e07be69ab78bbc2de2a23255b90229f72bd775b772c9e45792283f5b94c917d610e48a77be0a6bf7d0a207e8864cba68004f180044d54e98bebd929c982

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a4cd09fb32fff57ec8d217832eb2e65a
SHA1 8ec70f2438e25b00a33437c07f577220fedfe5fb
SHA256 3105d4e362cc09f69b3c2a1da03259187995dc0b4bed2cb2be17644e39e9171b
SHA512 3decdb4129127e5ba658799810947b150341d95d32b666b8839f110f4f650ba645420c2c28d3730fb52a0573d3f5ccc75693598b59738096bc4763ccd0bf7c15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 fada373d5e3a8453549a77fff0108e7e
SHA1 80f0cb6635151a78005d5da03258eaabe5637e55
SHA256 e6f9d3a5902d6b23702c0bd06a8b79ac58bc748a3b8295335a5f91c4f021d352
SHA512 3d3d44a547dc3e94db6742121428035a074002b28b95e7a13f08d1e1e49f2e5fcfe4ddf46522c63294810cd2d04fb08496aa0857d2e2d3b9438028f968e121be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0c27cd045a430118e2257bc368360fee
SHA1 69141f08efecbb0284d5c9cba1e92ef343aa39ff
SHA256 34ca2dee555ee87e42d614e8edfdc7258ece361884272d2b58362c29868e4134
SHA512 284c227b95b662e3a621666445efb270724bca7a8904ad729e22923f464ddd54d4a6c44bfe6e783c92141e8583e5a95a70d70eb98872abaa47baa357f3dd1c1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a39e3028501679c5a343dca85ffcd0e
SHA1 5cab4a91f166bd99e26c30bd214f86dc4952348f
SHA256 05644345a191a6cab695e1a078cee2e8de34b67b6fecc2aa765407f3a9a4b583
SHA512 dd79bb0824d0f89e3dceacb1f8e2133195aed8d9c4576f45690ab960a61e9b008e22cd8da122ce6cd14fa9d33ada56394c68c0766cc32290ffbf6ff800750f5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 de1c88bf27ee017ddc4e7a25c531c501
SHA1 bb5da382fa5ebf7154aa7b216575fd2a659efd2d
SHA256 742ed5828b0a84b6da38a262f4349907bf9fe09e4c43ea2dce33d0de96e6586a
SHA512 5cc6431f2ca413fdc1725cde43d5e7270b7c710c26af1deb0cd2cde52cbc15cf1a6457d028a837b73b8c2995cfe3c0ee097c3d0311ba19d10a7636dcc04908b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e7591a1993058e65818433680c5a47c2
SHA1 044ca69c572bd9346f187e5debc05351ed408d32
SHA256 c2b351a3a845de1a1f7cfa3b144699a89f25df60a7d04631dd446edde7fb349f
SHA512 f9bf305f516837796610c983dd51f69976d8863a375b198d6d190b5cf19ab223c8ab94ef654bb52451bc66fd79bfe9c661b5de34262feccfcafa1d09942684f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 72c8d40422a5bd59ee5630ebe05b774f
SHA1 cd6c641c1a52a9ae17bc50d42042ca334d982627
SHA256 eeee785f88353c9bbf0a4fbbbda67aae657ec57dc7a4851489f861b15aa4dae6
SHA512 c4b9295ae285e16b05c7b93327665931ef1af0980b1f667016e7ab71943c0c3385868344eec76b0e9cce834b5b0fa4474228e5a6b7398aaad892039ad760151b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 95fa7e23b72f631ad070a6223a053512
SHA1 2901e695548bff4ddbd35f5634735949d67f0656
SHA256 a751625f8702fb1bc2f555a4039dc208a6a99a4137bddb07906ac23c09c72ea7
SHA512 dc768217c418ce8210ce9fa867ad520b7db85eeec6507339cd4412f9b2f3c7bce08801f6e0f56ef7b0c66398828076973acc8659ddd596922cfac2f0f6d00910

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 07c2e1b7400a4f262d178b62091c8afc
SHA1 1a6b1744c0b22a306ad64fcea3498ed24cef24b6
SHA256 3e24f799d558d22fa20d92f0e729874f56aef12cbb4da01160222cacc1563543
SHA512 c2aa9679d02fdf162f2a407956bf006bf7f1cfd702a5b0d98cc790d88988bb6f5282c862b6332381f64a48b106c49f6530dc796b6190d13630687b1afcb516cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ab

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb00d5197c6824327bbdb0def89de009
SHA1 84b927155ba2eb8b4c824fa4c6da89f7342bc425
SHA256 49613bc0954f150db48ef2cbdf8ddd4796875dfc41698c92c0e03326028e2fb2
SHA512 fa93deb730550f3153bcfbe70fe557906d5b21814a8e014cc01b87d6bf209a7337d6ef4d7638c8c73509f518f95f4faef74e3b85aae27ac424b0147f3ba8e112

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fdd3c8830f4e92dce1535e1bbc26848c
SHA1 c4ad38203fe948a2d04f41b8f75587d5c2de7062
SHA256 2206c0ef9c53cf9a8bbe2c39685e953e673e860de809a7a1f8b3cd47ca6343de
SHA512 a7f26719c13a41a31870e3c669f531f88f6dcb9460782715f3605c55e4208a53bdeb82e8e22ebd6e3cd89f16c377eb1f43a7db339f8fa7b08b91fbce601fa29e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 75c5679b2f297b324fa3cdf2e388bb48
SHA1 7d8b976d97371b1fe33e61b6a06ca66d9e93fb7d
SHA256 077a94eb042998a4a063148a33a8d04d7adc9689dac4e06f0bb553ca9bd7a933
SHA512 b92f58cf8dc4f8e99f9b30d85e19ef05ac59d308fa595e8ae8868fe00e1d41b093f58281f236a73e09e82a3f633290f327ae515d83bb2deb4ef776daa43a1dcb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 67f1e2dcd5d46834a5fad313cbb2ec5a
SHA1 8b6b44e04415bfc7f187c220e6a6eb0c830c3ed1
SHA256 7ba2ca247aa504822514b3e880dafaea2bc4dd502915b15e4e163adec4708888
SHA512 7caabc6fdf517991fbe2d1f91f36edaa9800cd29517b0988932bcba80c845672755d004bbe20d0fb9adae02db3eb60172b0b87166ba6ca69add0568028d3860c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e7dffcdeed1be0909b272eb75ae15b2a
SHA1 e4eb7bc469c73a6ac4ced498f892776c3b7bd188
SHA256 e1dd89ef1591cd74cc177d8b622545d0cb52128671b4e6d52d772474dd8dcf12
SHA512 cfb746968493365d32dbc776bb79c1f6454bc3013d9ca7c5897594fae265445b1f9a54232ab4693ccd38b5189e2f9c0c9a2808755b9fedbe3885913d7379b1e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a29f300b317fa687_0

MD5 add022c9c8d05fbd5a0620bfa4b7158d
SHA1 93dcd47807117542379e02288518f1f94c38d1cf
SHA256 b5de001231642801b820c105e1fae4d353c8d509d4dd61edb4434a3dc9837d9c
SHA512 51434b86c749e5b9087ed75fae1a481a700ef3297a9645aabc3d9ce690ad7a5fdc120af116acebd717324b6e855460427751ca644992510f24e464a69ec62b30

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\80c676b2c5c9ce7a_0

MD5 1e9f91383a95d3828207ad6f51e28ba8
SHA1 a4d097bec3535e07cb7d2ba7db5982d3af9e41cc
SHA256 0aa65316b2d278b24551b0c1f2fe6e8bdd1e47b0a4647faf323691fb5ae399a8
SHA512 1407feb62dc8c94802ddd1754b51437094758d9e8002104b706d1f50997252bb328e97e048057a4f510eceded2366efad869e157cb5a5c6a622b1a4c3f520319

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b246045050094ced588e8a148a98c2aa
SHA1 3203d59c20f2eec8d07409198f5dbfeca3b718d4
SHA256 65393ae5b67b22d47cafc558cb59d5f0ec33760920a10351c2b8f2d03b207284
SHA512 ec6f3b75f53fdd64cb6b88027f19204bee735971de23a10ca8d5b6610fdc5a160e5cf229eecca03c20ed006fd510a12bcd0038a9f6d47217afeee480a233109a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 78bafd054d2c7b511d5d8994e55af775
SHA1 212fbedb922f0b0ba7c663368b4b764f2df76675
SHA256 ec54aaa5d3353f262d6a3ef12fdf8c40590c2325290bca73c547f5eb52a792b1
SHA512 d988fb6e81e5f9d5625f628757726239de3e8862706deb6742d0012b742348ede4186d31addf4d5f80e6e7b3ae4c43cad64ae51517ddf880a261e1ba7be33331

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 377ee132ad09a77af97e4ba3685d78b4
SHA1 2a02b6e50c6aa10cf45bdc74999e37e0f42bb81d
SHA256 9f49d7bf63a06b84a987c5ce87083815d3a33206f0a04e0779745ef6b5022d64
SHA512 08a23136e2c5a8dd88a02d99fab3c2ebff82cba6591b8f72d776e243e405d02a2cec5ec35afe0847472781bd51afd5cc34ed5523595769a4f2003b557cb820ff