Malware Analysis Report

2024-12-07 14:37

Sample ID 241005-2e4s8svdkq
Target Boxel-3D-Hack-main (1).zip
SHA256 7910a5eae315df5b9298954d69d92d2b6705ad01fb28da68d9521670d5eb825f
Tags
execution bootkit defense_evasion discovery evasion exploit motw persistence phishing privilege_escalation ransomware spyware stealer trojan
score
9/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral21

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral28

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral32

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral24

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral27

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral25

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral26

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral29

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral30

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral23

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral31

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral22

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral19

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral20

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
9/10

SHA256

7910a5eae315df5b9298954d69d92d2b6705ad01fb28da68d9521670d5eb825f

Threat Level: Likely malicious

The file Boxel-3D-Hack-main (1).zip was found to be: Likely malicious.

Malicious Activity Summary

execution bootkit defense_evasion discovery evasion exploit motw persistence phishing privilege_escalation ransomware spyware stealer trojan

Renames multiple (52) files with added filename extension

Possible privilege escalation attempt

Downloads MZ/PE file

Boot or Logon Autostart Execution: Active Setup

Manipulates Digital Signatures

Event Triggered Execution: Image File Execution Options Injection

Creates new service(s)

Reads user/profile data of web browsers

Event Triggered Execution: Component Object Model Hijacking

Modifies file permissions

Executes dropped EXE

Loads dropped DLL

Enumerates connected drives

Checks for any installed AV software in registry

Writes to the Master Boot Record (MBR)

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Legitimate hosting services abused for malware hosting/C2

Checks whether UAC is enabled

Checks installed software on the system

Adds Run key to start application

Checks system information in the registry

Drops file in Windows directory

Subvert Trust Controls: Mark-of-the-Web Bypass

Launches sc.exe

Drops file in Program Files directory

System Network Configuration Discovery: Internet Connection Discovery

Enumerates physical storage devices

Command and Scripting Interpreter: JavaScript

System Location Discovery: System Language Discovery

Browser Information Discovery

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of AdjustPrivilegeToken

Modifies Internet Explorer settings

Modifies system certificate store

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Suspicious behavior: LoadsDriver

Modifies data under HKEY_USERS

Checks SCSI registry key(s)

Modifies registry class

Uses Task Scheduler COM API

Checks processor information in registry

Runs net.exe

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

NTFS ADS

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Reported

2024-10-05 22:30

Signatures

N/A

Analysis: behavioral21

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

435s

Max time network

439s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\mouse.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\mouse.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 27.178.89.13.in-addr.arpa udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

433s

Max time network

455s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\app.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\app.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

432s

Max time network

435s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\extension.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\extension.js"

Network

Country Destination Domain Proto
US 52.111.227.13:443 tcp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

435s

Max time network

438s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\level-history.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\level-history.js"

Network

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

600s

Max time network

606s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\Boxel 3D\index.html

Signatures

Renames multiple (52) files with added filename extension

ransomware

Boot or Logon Autostart Execution: Active Setup

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\Version = "43,0,0,0" C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982} C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\ = "AVG Secure Browser" C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\StubPath = "\"C:\\Program Files\\AVG\\Browser\\Application\\128.0.26382.138\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level" C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\Localized Name = "AVG Secure Browser" C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}\IsInstalled = "1" C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A

Creates new service(s)

persistence execution

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A

Manipulates Digital Signatures

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.26\FuncName = "WVTAsn1SpcMinimalCriteriaInfoEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "GenericChainFinalProv" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2221\FuncName = "WVTAsn1CatNameValueEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubCleanup" C:\Windows\SysWOW64\regsvr32.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\CRYPTOGRAPHY\OID\ENCODINGTYPE 0\CRYPTSIPDLLPUTSIGNEDDATAMSG\{C689AAB9-8E78-11D0-8C47-00C04FC295EE} C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$Function = "CertTrustCleanup" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2130\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2130\FuncName = "WVTAsn1SpcSigInfoDecode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "WintrustCertificateTrust" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubInitialize" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubCheckCert" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubLoadMessage" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.15\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.25\FuncName = "WVTAsn1SpcLinkEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$DLL = "Cryptdlg.dll" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.2\FuncName = "WVTAsn1IntentToSealAttributeEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" C:\Windows\SysWOW64\regsvr32.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\CRYPTOGRAPHY\OID\ENCODINGTYPE 0\CRYPTSIPDLLCREATEINDIRECTDATA\{C689AAB9-8E78-11D0-8C47-00C04FC295EE} C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.4\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.16.4\FuncName = "EncodeRecipientID" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2002\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2011\FuncName = "WVTAsn1SealingSignatureAttributeDecode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.3\DefaultId = "{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.10\FuncName = "WVTAsn1SpcSpAgencyInfoEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.12.2.3\FuncName = "WVTAsn1CatMemberInfo2Encode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubAuthenticode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.3\FuncName = "WVTAsn1SealingSignatureAttributeEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.4.1.311.10.3.3\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubCheckCert" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.10\FuncName = "WVTAsn1SpcSpAgencyInfoDecode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubLoadMessage" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubLoadSignature" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.2\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.4.3\FuncName = "WVTAsn1SealingSignatureAttributeDecode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubLoadSignature" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPRemoveSignedDataMsg" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$DLL = "Cryptdlg.dll" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubLoadSignature" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubInitialize" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPCreateIndirectData" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubAuthenticode" C:\Windows\SysWOW64\regsvr32.exe N/A

Possible privilege escalation attempt

exploit
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
N/A N/A C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\AVGBrowserInstaller.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\128.0.26382.138\elevation_service.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\128.0.26382.138\elevation_service.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Modifies file permissions

discovery
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A

Reads user/profile data of web browsers

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\Software\Microsoft\Windows\CurrentVersion\Run\AVGBrowserAutoLaunch_2539D9FFF1F40C0A976762D6C815D3E3 = "\"C:\\Program Files\\AVG\\Browser\\Application\\AVGBrowser.exe\" --check-run=src=logon --auto-launch-at-startup --profile-directory=\"Default\"" C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\Software\Microsoft\Windows\CurrentVersion\Run\AVGBrowserAutoLaunch_2539D9FFF1F40C0A976762D6C815D3E3 = "\"C:\\Program Files\\AVG\\Browser\\Application\\AVGBrowser.exe\" --check-run=src=logon --auto-launch-at-startup --profile-directory=\"Default\"" C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\Software\Microsoft\Windows\CurrentVersion\Run\AVGBrowserAutoLaunch_2539D9FFF1F40C0A976762D6C815D3E3 = "\"C:\\Program Files\\AVG\\Browser\\Application\\AVGBrowser.exe\" --check-run=src=logon --auto-launch-at-startup --profile-directory=\"Default\"" C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\Software\Microsoft\Windows\CurrentVersion\Run\AVGBrowserAutoLaunch_2539D9FFF1F40C0A976762D6C815D3E3 = "\"C:\\Program Files\\AVG\\Browser\\Application\\AVGBrowser.exe\" --check-run=src=logon --auto-launch-at-startup --profile-directory=\"Default\"" C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Checks for any installed AV software in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\Software\Avira\Antivirus C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\SOFTWARE\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Key opened \REGISTRY\MACHINE\Software\Avira\Antivirus C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\SOFTWARE\AVAST Software\Avast C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\Software\Avira\Antivirus C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\F: C:\Windows\SysWOW64\takeown.exe N/A
File opened (read-only) \??\F: C:\Windows\SysWOW64\takeown.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\Downloads\LDPlayer9_ens_com.supercell.brawlstars_25567197_ld.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\F: C:\Windows\SysWOW64\takeown.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\AVG\Browser\Temp\source5964_1513025056\Safer-bin\128.0.26382.138\libegl.dll C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\ldplayer9box\host_manager2.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-core-file-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdateSetup.exe C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ar.dll C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\ldplayer9box\Ld9BoxDDR0.r0 F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxNetFltNobj.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxVMMPreload.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source5964_1513025056\Safer-bin\AVGBrowserProtect.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-core-libraryloader-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_tr.dll C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\ldplayer9box\platforms\qwindows.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\padlock.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\vcruntime140.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_pt-BR.dll C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source5964_1513025056\Safer-bin\128.0.26382.138\Locales\id.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source5964_1513025056\Safer-bin\128.0.26382.138\Locales\tr.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\ldplayer9box\DbgPlugInDiggers.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\goopdateres_zh-CN.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source5964_1513025056\Safer-bin\AVGBrowserUninstall.exe C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\ldplayer9box\tstVMREQ.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-crt-process-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdateOnDemand.exe C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\goopdateres_hr.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_cs.dll C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\ldplayer9box\driver-PreW10\Ld9BoxSup.cat F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\psmachine_64.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source5964_1513025056\Safer-bin\128.0.26382.138\Locales\da.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\ldplayer9box\x86\msvcp140.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source5964_1513025056\Safer-bin\128.0.26382.138\Locales\cs.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source5964_1513025056\Safer-bin\128.0.26382.138\Locales\ko.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\ldplayer9box\loadall.cmd F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\platforms\qminimal.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\goopdateres_gu.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File opened for modification C:\Program Files\AVG\Browser\Application\debug.log C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-crt-heap-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-core-console-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\goopdateres_ur.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source5964_1513025056\Safer-bin\128.0.26382.138\mimic.dll C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\ldplayer9box\VBoxProxyStubLegacy.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\ucrtbase.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\goopdateres_id.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\goopdateres_sk.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\AVG\Browser\Temp\source5964_1513025056\Safer-bin\128.0.26382.138\Locales\fi.pak C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-core-datetime-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\goopdateres_de.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\goopdateres_tr.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\goopdateres_vi.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File opened for modification C:\Program Files\AVG\Browser\Application\initial_preferences C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File created C:\Program Files\ldplayer9box\Ld9BoxSup-PreW10.cat F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxAuth.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxAuthSimple.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\concrt140.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\GUM2800.tmp\goopdateres_sl.dll C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_fil.dll C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\psmachine.dll C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\ldplayer9box\VBoxCpuReport.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-crt-conio-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-crt-environment-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_sw.dll C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
File created C:\Program Files\ldplayer9box\dpinst_64.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-crt-multibyte-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File opened for modification C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdateSetup.exe C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\SystemTemp\~DF105295BB4C9F2EEF.TMP C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File created C:\Windows\Installer\SourceHash{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5} C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\ C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3344_813538459\manifest.fingerprint C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification C:\Windows\SystemTemp\AVGBrowser_installer.log C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe N/A
File opened for modification C:\Windows\Logs\DISM\dism.log C:\Windows\SysWOW64\dism.exe N/A
File created C:\Windows\SystemTemp\~DFCC9F891D55DF9B9E.TMP C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIDD43.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DF76D28138147FCD70.TMP C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DF686205859A3991D8.TMP C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe N/A
File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DFD9F809DDD3BCCA3B.TMP C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DFB4244F700C6B71A7.TMP C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\SystemTemp\AVGBrowser_installer.log C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification C:\Windows\Installer\e5dd738.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e5dd73c.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DF8529C67FD479BE0D.TMP C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DF5EB8B6AC7D70BE37.TMP C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3344_813538459\optimization-hints.pb C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\AVGBrowser_installer.log C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe N/A
File opened for modification C:\Windows\Logs\DISM\dism.log C:\Users\Admin\AppData\Local\Temp\70B5FA65-F69F-443E-8BFB-4EE4A5B6F117\dismhost.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3344_813538459\manifest.json C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File created C:\Windows\SystemTemp\~DFBC68E3A0C517AD16.TMP C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DFD7ED98399C841971.TMP C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DF1A64764519E6F614.TMP C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3344_813538459\_metadata\verified_contents.json C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\metadata C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\AVGBrowser_installer.log C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\metadata C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe N/A
File created C:\Windows\Installer\e5dd738.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\inprogressinstallinfo.ipi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\metadata C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\metadata C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe N/A
File created C:\Windows\SystemTemp\~DF252D743A2CEF33B4.TMP C:\Windows\system32\msiexec.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\avg_secure_browser_setup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\LDPlayer9_ens_com.supercell.brawlstars_25567197_ld.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\takeown.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\net.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\net1.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files\AVG\Browser\Application\AVGBrowserProtect.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\LDPlayer9_ens_com.supercell.brawlstars_25567197_ld.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\dism.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\takeown.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\icacls.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\icacls.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\icacls.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\takeown.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language F:\LDPlayer\LDPlayer9\driverconfig.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A

System Network Configuration Discovery: Internet Connection Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppName = "AVGBrowserUpdateWebPlugin.exe" C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\Policy = "3" C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ldnews.exe = "11001" F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\dnplayer.exe = "11001" F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498} C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077} C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppName = "AVGBrowserUpdateBroker.exe" C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\Policy = "3" C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\ C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AVG\Browser C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\devmode = "0" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133726412252751652" C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\Owner = fc180000474c22337717db01 C:\Windows\system32\msiexec.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\SessionHash = 3b53e1586f7cdb047fba1bf6a03a8ff663e98ed5d5aef51364ef32d4761451a8 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\endpoint = "update.avgbrowser.com" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\MachineIdDate = "20241005" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\Sequence = "1" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000 C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\hostprefix C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\AVG\Browser\Update\MachineId = "0000cbc4aa53932df6468356dc6cec24" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E\@%SystemRoot%\system32\dnsapi.dll,-103 = "Domain Name System (DNS) Server Trust" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E\@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124 = "Document Encryption" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AVG C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\26\52C64B7E C:\Windows\system32\msiexec.exe N/A

Modifies registry class

Description Indicator Process Target
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-CF37-453B-9289-3B0F521CAF27} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3E8A-11E9-8082-DB8AE479EF87}\NumMethods\ = "16" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-93AF-42A7-7F13-79AD6EF1A18D}\NumMethods\ = "45" C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-b5bb-4316-a900-5eb28d3413df} C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-416B-4181-8C4A-45EC95177AEF}\TypeLib\Version = "1.3" C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-5409-414B-BD16-77DF7BA3451E}\ProxyStubClsid32 C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-E8B8-4838-B10C-45BA193734C1}\NumMethods\ = "25" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3FF2-4F2E-8F09-07382EE25088}\ProxyStubClsid32 C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-AC97-4C16-B3E2-81BD8A57CC27}\ = "IHostVideoInputDevice" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-799A-4489-86CD-FE8E45B2FF8E}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-0547-448E-BC7C-94E9E173BF57} C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-32E7-4F6C-85EE-422304C71B90}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E21E991-301D-47FD-AB7A-99FBE864EF65}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{358EC846-617A-4763-8656-50BF6E0E8AA2}\TypeLib\ = "{358EC846-617A-4763-8656-50BF6E0E8AA2}" C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-3E8A-11E9-8082-DB8AE479EF87}\ = "IForm" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-00B1-4E9D-0000-11FA00F9D583}\ProxyStubClsid32 C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-2FD3-47E2-A5DC-2C2431D833CC}\NumMethods\ = "15" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-1C58-440C-BB7B-3A1397284C7B}\TypeLib\Version = "1.3" C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BEBC1D02-EC16-479A-83F6-AA4247CA7F70}\LocalServer32 C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-5F86-4D65-AD1B-87CA284FB1C8} C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-9070-4F9C-B0D5-53054496DBE0} C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-319C-4E7E-8150-C5837BD265F6}\ProxyStubClsid32 C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0C65-11EA-AD23-0FF257C71A7F}\TypeLib C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-DA7C-44C8-A7AC-9F173490446A}\ProxyStubClsid32 C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F4F4-4DD0-9D30-C89B873247EC}\TypeLib C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-04D0-4DB6-8D66-DC2F033120E1}\TypeLib\Version = "1.3" C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A161-41F1-B583-4892F4A9D5D5}\NumMethods C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F7B7-4B05-900E-2A9253C00F51}\NumMethods\ = "28" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\VirtualBox.Session C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-416B-4181-8C4A-45EC95177AEF}\TypeLib C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.ProcessLauncher.1.0\CLSID C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7532-45E8-96DA-EB5986AE76E4}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-486F-40DB-9150-DEEE3FD24189}\ProxyStubClsid32 C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2DAE1732-F855-42A3-9D28-B7F6E291ECCD}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-AEDF-461C-BE2C-99E91BDAD8A1} C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-44A0-A470-BA20-27890B96DBA9}\NumMethods C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-1BCF-4218-9807-04E036CC70F1} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ldmnq.ldbk\Shell\Open\Command\ = "F:\\LDPlayer\\LDPlayer9\\dnmultiplayer.exe backup=%1" F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A012A499-D8A6-4F6C-9E05-B02D58E3781A}\ = "IProgressWndEvents" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-6E15-4F71-A6A5-94E707FAFBCC}\ = "INATEngine" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-4A9E-43F4-B7A7-54BD285E22F4}\ = "ISnapshotDeletedEvent" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-e254-4e5b-a1f2-011cf991c38d} C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-D612-47D3-89D4-DB3992533948}\TypeLib\Version = "1.3" C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0D96-40ED-AE46-A564D484325E}\ProxyStubClsid32 C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-AC97-4C16-B3E2-81BD8A57CC27}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-659C-488B-835C-4ECA7AE71C6C}\ProxyStubClsid32 C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\VirtualBox.VirtualBox.1\ = "VirtualBox Class" C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-81A9-4005-9D52-FC45A78BF3F5}\NumMethods C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A708F91-06A3-409E-83BC-4A5CF10C8025}\ = "IAppVersionWeb" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6CEBE594-0680-4815-86E1-615A6BE65E0E}\ = "IJobObserver2" C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23AE0B95-20F3-4632-A2AE-C3D706E1D5D9}\VersionIndependentProgID C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6B76-4805-8FAB-00A9DCF4732B}\TypeLib C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4022-DC80-5535-6FB116815604}\NumMethods C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-7BA7-45A8-B26D-C91AE3754E37}\ = "IAudioAdapter" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-D8ED-44CF-85AC-C83A26C95A4D}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3FF2-4F2E-8F09-07382EE25088}\TypeLib\Version = "1.3" C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-B4A4-44CE-85A8-127AC5EB59DC}\TypeLib C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-9641-4397-854A-040439D0114B}\NumMethods C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DD8E03F-6BE1-41E2-B931-A37C7D1C0317}\ProxyStubClsid32 C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A42B2494-93AE-44E1-B76D-BA8509A5167D}\Elevation\IconReference = "@C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\goopdate.dll,-1004" C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-647D-45AC-8FE9-F49B3183BA37}\NumMethods\ = "13" C:\Windows\SysWOW64\regsvr32.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e75490f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e4190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c000000010000000400000000100000190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e199604000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 406079.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\LDPlayer9_ens_com.supercell.brawlstars_25567197_ld.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Ransomware-Samples-main.zip:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 846791.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\avg_secure_browser_setup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Runs net.exe

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Token: 33 N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\AVGBrowserInstaller.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\AVGBrowserInstaller.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe N/A
N/A N/A C:\Program Files\AVG\Browser\Application\AVGBrowser.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\ajCF9.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.supercell.brawlstars_25567197_ld.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\driverconfig.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1436 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3916 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3916 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1436 wrote to memory of 3368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\Boxel 3D\index.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffee69a3cb8,0x7ffee69a3cc8,0x7ffee69a3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1912 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4608 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x00000000000004D0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=device.mojom.XRDeviceService --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=xr_compositing --mojo-platform-channel-handle=4760 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4032 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5640 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2452 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7080 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8268 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10084 /prefetch:8

C:\Users\Admin\Downloads\avg_secure_browser_setup.exe

"C:\Users\Admin\Downloads\avg_secure_browser_setup.exe"

C:\Users\Admin\AppData\Local\Temp\ajCF9.exe

"C:\Users\Admin\AppData\Local\Temp\ajCF9.exe" /relaunch=8 /was_elevated=1 /tagdata

C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe

AVGBrowserUpdateSetup.exe /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9228&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome"

C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe

"C:\Program Files (x86)\GUM2800.tmp\AVGBrowserUpdate.exe" /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9228&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome"

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regsvc

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regserver

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgb21haGFpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHVwZGF0ZXJ2ZXJzaW9uPSIxLjguMTY5My42IiBzaGVsbF92ZXJzaW9uPSIxLjguMTY5My42IiBpc21hY2hpbmU9IjEiIGlzX29tYWhhNjRiaXQ9IjAiIGlzX29zNjRiaXQ9IjEiIHNlc3Npb25pZD0iezkwN0U3RTE5LTU3NjQtNDk4My1CQzVDLTA3N0YyNjEyMUNFN30iIGNlcnRfZXhwX2RhdGU9IjIwMjUwOTE3IiB1c2VyaWQ9Ins4MDkyQzQyQi1BNjYxLTQ0OEQtQjczQi00MkUxNDlCOUZDN0V9IiB1c2VyaWRfZGF0ZT0iMjAyNDEwMDUiIG1hY2hpbmVpZD0iezAwMDBDQkM0LUFBNTMtOTMyRC1GNjQ2LTgzNTZEQzZDRUMyNH0iIG1hY2hpbmVpZF9kYXRlPSIyMDI0MTAwNSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiB0ZXN0c291cmNlPSJhdXRvIiByZXF1ZXN0aWQ9Ins4OTA5MzMzMy0xM0Q4LTRDMzQtQTEyQi1CQ0RBODZBNjk3MTd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjgiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMjIwMDAuNDkzIiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7MUM4OUVGMkYtQTg4RS00REUwLTk3RkUtQ0I0MEM4RTRGRUVBfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS44LjE2OTMuNiIgbGFuZz0iZW4tVVMiIGJyYW5kPSI5MjI4IiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgaW5zdGFsbF90aW1lX21zPSI3MTEiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /handoff "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9228&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome" /installsource otherinstallcmd /sessionid "{907E7E19-5764-4983-BC5C-077F26121CE7}" /silent

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1096 /prefetch:2

C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\AVGBrowserInstaller.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\AVGBrowserInstaller.exe" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome --system-level

C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe" --install-archive="C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\SECURE.PACKED.7Z" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome --system-level

C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{381EDF23-FDCB-4445-BEED-CBE698946A69}\CR_AFA64.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0x280,0x284,0x288,0x25c,0x28c,0x7ff7ab5354d0,0x7ff7ab5354dc,0x7ff7ab5354e8

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

AVGBrowser.exe --heartbeat --install --create-profile

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffecffe6c28,0x7ffecffe6c34,0x7ffecffe6c40

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2100,i,11911365564840296565,5386821724407366435,262144 --variations-seed-version --mojo-platform-channel-handle=2088 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1860,i,11911365564840296565,5386821724407366435,262144 --variations-seed-version --mojo-platform-channel-handle=2132 /prefetch:11

C:\Program Files\AVG\Browser\Application\128.0.26382.138\elevation_service.exe

"C:\Program Files\AVG\Browser\Application\128.0.26382.138\elevation_service.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2396,i,11911365564840296565,5386821724407366435,262144 --variations-seed-version --mojo-platform-channel-handle=2556 /prefetch:13

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=3516,i,11911365564840296565,5386821724407366435,262144 --variations-seed-version --mojo-platform-channel-handle=3528 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3568,i,11911365564840296565,5386821724407366435,262144 --variations-seed-version --mojo-platform-channel-handle=3576 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3580,i,11911365564840296565,5386821724407366435,262144 --variations-seed-version --mojo-platform-channel-handle=3624 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4452,i,11911365564840296565,5386821724407366435,262144 --variations-seed-version --mojo-platform-channel-handle=4460 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4448,i,11911365564840296565,5386821724407366435,262144 --variations-seed-version --mojo-platform-channel-handle=3856 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

AVGBrowser.exe --silent-launch

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffecffe6c28,0x7ffecffe6c34,0x7ffecffe6c40

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2116,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=2112 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1944,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=2144 /prefetch:11

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2420,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=2500 /prefetch:13

C:\Program Files\AVG\Browser\Application\128.0.26382.138\elevation_service.exe

"C:\Program Files\AVG\Browser\Application\128.0.26382.138\elevation_service.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=2984,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=3224 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4044,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4040 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4184,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4172 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4048,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4188 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4060,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4056 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4156,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4180 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4344,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4088 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4384,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4408 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4556,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4140 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4200,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4584 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4844,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4400 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=5000,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4152 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=5136,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=5148 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4980,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=5308 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4848,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=5484 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4388,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4380 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=5132,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4984 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4996,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=5904 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=5460,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=6060 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=6216,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=6228 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=6388,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=6408 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4032,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=6552 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=6204,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=6220 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4548,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=6812 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=5140,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=6972 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=5456,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=7120 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=7268,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=7284 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=5464,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=7424 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=6396,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=7588 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=7720,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=7732 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=7872,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=7884 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=5476,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=5472 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=8300,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=8340 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=8308,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=8372 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=6392,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=8624 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=7612,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=8764 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=8904,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=8928 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8612,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=9072 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=6964,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=9248 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=7276,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=8908 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=9532,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=9552 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=8920,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=9676 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=9848,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=4000 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=10008,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=10012 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=10180,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=10204 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=10376,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=10396 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=10760,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=10828 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=9668,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=10528 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=5308,i,413175880835065427,12995110314491801905,262144 --variations-seed-version --mojo-platform-channel-handle=5332 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --enable-protect

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0xe0,0xe4,0xd8,0xdc,0x108,0x7ffecffe6c28,0x7ffecffe6c34,0x7ffecffe6c40

C:\Program Files\AVG\Browser\Application\AVGBrowserProtect.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowserProtect.exe" --registration reg-task --taskintr PT10M --runonce

C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\setup.exe

setup.exe /silent --create-shortcuts=0 --install-level=1 --system-level

C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\setup.exe

"C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff76c9354d0,0x7ff76c9354dc,0x7ff76c9354e8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=shortcut-pin-helper /prefetch:8 startpin "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

AVGBrowser.exe --check-run=src=installer

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffecffe6c28,0x7ffecffe6c34,0x7ffecffe6c40

C:\Program Files\AVG\Browser\Application\128.0.26382.138\elevation_service.exe

"C:\Program Files\AVG\Browser\Application\128.0.26382.138\elevation_service.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2120,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=2116 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1880,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=2160 /prefetch:11

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2320,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=2416 /prefetch:13

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3296,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=3364 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3312,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=3316 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=4292,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=4404 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=4320,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=4428 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4820,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=4848 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4760,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5228,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=5240 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5388,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=5396 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4780,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=4788 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=shortcut-pin-helper /prefetch:8 has-startpin "C:\Users\Public\Desktop\AVG Secure Browser.lnk"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=6140,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=6152 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=shortcut-pin-helper /prefetch:8 startpin "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk"

C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe

"C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --force-configure-user-settings

C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe

"C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0x238,0x23c,0x240,0x214,0x244,0x7ff6bebf54d0,0x7ff6bebf54dc,0x7ff6bebf54e8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=6164,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=6300 /prefetch:14

C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe

"C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe" --system-level --verbose-logging --installerdata="C:\Program Files\AVG\Browser\Application\initial_preferences" --create-shortcuts=1 --install-level=0 --no-pin-startmenu

C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe

"C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0x238,0x23c,0x240,0x214,0x244,0x7ff6bebf54d0,0x7ff6bebf54dc,0x7ff6bebf54e8

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --enable-protect

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffecffe6c28,0x7ffecffe6c34,0x7ffecffe6c40

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5852,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=6460 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=6264,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=6444 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6744,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=6764 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5904,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=5836 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=shortcut-pin-helper /prefetch:8 has-startpin "C:\Users\Public\Desktop\AVG Secure Browser.lnk"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6980,i,3817019364018734163,17938423068723151407,262144 --variations-seed-version --mojo-platform-channel-handle=7024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7232 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11532 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10636 /prefetch:8

C:\Users\Admin\Downloads\LDPlayer9_ens_com.supercell.brawlstars_25567197_ld.exe

"C:\Users\Admin\Downloads\LDPlayer9_ens_com.supercell.brawlstars_25567197_ld.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11068 /prefetch:1

F:\LDPlayer\LDPlayer9\LDPlayer.exe

"F:\LDPlayer\LDPlayer9\\LDPlayer.exe" -silence -downloader -openid=25567197 -language=en -path="F:\LDPlayer\LDPlayer9\"

F:\LDPlayer\LDPlayer9\dnrepairer.exe

"F:\LDPlayer\LDPlayer9\dnrepairer.exe" listener=852184

C:\Windows\SysWOW64\net.exe

"net" start cryptsvc

C:\Windows\SysWOW64\net1.exe

C:\Windows\system32\net1 start cryptsvc

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" Softpub.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" Wintrust.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" Initpki.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"C:\Windows\system32\regsvr32" Initpki.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" dssenh.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" rsaenh.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" cryptdlg.dll /s

C:\Windows\SysWOW64\takeown.exe

"takeown" /f "F:\LDPlayer\LDPlayer9\vms" /r /d y

C:\Windows\SysWOW64\icacls.exe

"icacls" "F:\LDPlayer\LDPlayer9\vms" /grant everyone:F /t

C:\Windows\SysWOW64\takeown.exe

"takeown" /f "F:\LDPlayer\LDPlayer9\\system.vmdk"

C:\Windows\SysWOW64\icacls.exe

"icacls" "F:\LDPlayer\LDPlayer9\\system.vmdk" /grant everyone:F /t

C:\Windows\SysWOW64\dism.exe

C:\Windows\system32\dism.exe /Online /English /Get-Features

C:\Users\Admin\AppData\Local\Temp\70B5FA65-F69F-443E-8BFB-4EE4A5B6F117\dismhost.exe

C:\Users\Admin\AppData\Local\Temp\70B5FA65-F69F-443E-8BFB-4EE4A5B6F117\dismhost.exe {122C6E51-A874-4D5B-8CE8-6A3C9833C798}

C:\Windows\SysWOW64\sc.exe

sc query HvHost

C:\Windows\SysWOW64\sc.exe

sc query vmms

C:\Windows\SysWOW64\sc.exe

sc query vmcompute

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12080 /prefetch:8

C:\Program Files\ldplayer9box\Ld9BoxSVC.exe

"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /RegServer

C:\Windows\SYSTEM32\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s

C:\Windows\SYSTEM32\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\VBoxProxyStub.dll" /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxProxyStub-x86.dll" /s

C:\Windows\SysWOW64\sc.exe

"C:\Windows\system32\sc" create Ld9BoxSup binPath= "C:\Program Files\ldplayer9box\Ld9BoxSup.sys" type= kernel start= auto

C:\Windows\SysWOW64\sc.exe

"C:\Windows\system32\sc" start Ld9BoxSup

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxSup" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe' -RemoteAddress LocalSubnet -Action Allow

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxNat" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\VBoxNetNAT.exe' -RemoteAddress LocalSubnet -Action Allow

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" New-NetFirewallRule -DisplayName "dnplayer" -Direction Inbound -Program 'F:\LDPlayer\LDPlayer9\dnplayer.exe' -RemoteAddress LocalSubnet -Action Allow

F:\LDPlayer\LDPlayer9\driverconfig.exe

"F:\LDPlayer\LDPlayer9\driverconfig.exe"

C:\Windows\SysWOW64\takeown.exe

"takeown" /f F:\LDPlayer\ldmutiplayer\ /r /d y

C:\Windows\SysWOW64\icacls.exe

"icacls" F:\LDPlayer\ldmutiplayer\ /grant everyone:F /t

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --single-argument https://discord.gg/4bUcwDd53d

F:\LDPlayer\LDPlayer9\dnplayer.exe

"F:\LDPlayer\LDPlayer9\\dnplayer.exe" downloadpackage=com.supercell.brawlstars|package=com.supercell.brawlstars

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffecffe6c28,0x7ffecffe6c34,0x7ffecffe6c40

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x00000000000004D0

C:\Windows\SysWOW64\sc.exe

sc query HvHost

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1964,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=1960 /prefetch:2

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=2268,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=2272 /prefetch:11

C:\Program Files\AVG\Browser\Application\128.0.26382.138\elevation_service.exe

"C:\Program Files\AVG\Browser\Application\128.0.26382.138\elevation_service.exe"

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2416,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=2428 /prefetch:13

C:\Windows\SysWOW64\sc.exe

sc query vmms

C:\Windows\SysWOW64\sc.exe

sc query vmcompute

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3336,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3328,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=3428 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3860,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=3984 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3896,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=4080 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3924,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=4352 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3936,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=4392 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=4652,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=4732 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=4968,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=5012 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4960,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=5280 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5400,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=5568 /prefetch:9

C:\Program Files\ldplayer9box\Ld9BoxSVC.exe

"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding

C:\Program Files\ldplayer9box\vbox-img.exe

"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\..\system.vmdk" --uuid 20160302-bbbb-bbbb-54d7-bbbb00000000

C:\Program Files\ldplayer9box\vbox-img.exe

"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\data.vmdk" --uuid 20160302-cccc-cccc-54d7-000000000000

C:\Program Files\ldplayer9box\vbox-img.exe

"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk" --uuid 20160302-dddd-dddd-54d7-000000000000

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --enable-protect

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=5340,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=6440 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\AVG\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffecffe6c28,0x7ffecffe6c34,0x7ffecffe6c40

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=6436,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=6404 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=7144,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=7088 /prefetch:1

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --field-trial-handle=3612,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=3584 /prefetch:12

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=3620,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=3568 /prefetch:14

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5860,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=6780 /prefetch:1

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /c

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /cr

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe"

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /registermsihelper

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4000,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=4192 /prefetch:9

C:\Program Files\AVG\Browser\Application\AVGBrowser.exe

"C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=3996,i,5831402728702321390,14960138419541111583,262144 --variations-seed-version --mojo-platform-channel-handle=6984 /prefetch:14

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.Cryptowall.zip\cryptowall.bin"

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=3F214A6DBAF2D0020383A84CD1841948 --mojo-platform-channel-handle=1768 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=F48E2FBC3082C5926D23DB72A8B31573 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=F48E2FBC3082C5926D23DB72A8B31573 --renderer-client-id=2 --mojo-platform-channel-handle=1776 --allow-no-sandbox-job /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,329009676113088243,9933135776849944225,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7576 /prefetch:1

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\Ransomware-Samples-main\Ransomware-Samples-main\Petya\Ransomware.Petya\26b4699a7b9eeb16e76305d843d4ab05e94d43f3201436927e13b3ebafa90739.bin"

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=32DEF021288F761CD3B9F5F127833BD1 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=32DEF021288F761CD3B9F5F127833BD1 --renderer-client-id=2 --mojo-platform-channel-handle=1676 --allow-no-sandbox-job /prefetch:1

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=09A7CACCAAE20A41FEEB6794E0FBCC79 --mojo-platform-channel-handle=1776 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=9277FF3427EBD359618B45BE4F2FFF62 --mojo-platform-channel-handle=2296 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=BA92700BD24187340B93D30E466A6A5B --mojo-platform-channel-handle=2080 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=BEC72F91824D2F4A1707270F04050A38 --mojo-platform-channel-handle=2128 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 68.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 92.123.128.171:443 th.bing.com tcp
GB 92.123.128.165:443 th.bing.com tcp
GB 92.123.128.134:443 r.bing.com tcp
GB 92.123.128.134:443 r.bing.com tcp
GB 92.123.128.165:443 th.bing.com tcp
GB 2.19.117.143:443 aefd.nelreports.net tcp
US 151.101.193.91:443 images.sftcdn.net tcp
US 151.101.193.91:443 images.sftcdn.net tcp
US 8.8.8.8:53 assets.sftcdn.net udp
US 151.101.65.91:443 rv-assets.softonic.com tcp
US 151.101.65.91:443 rv-assets.softonic.com tcp
US 151.101.65.91:443 rv-assets.softonic.com tcp
US 151.101.65.91:443 rv-assets.softonic.com tcp
GB 18.165.160.52:443 sdk.privacy-center.org tcp
US 151.101.129.91:443 rv-assets.softonic.com tcp
US 151.101.129.91:443 rv-assets.softonic.com tcp
US 151.101.129.91:443 rv-assets.softonic.com tcp
US 151.101.129.91:443 rv-assets.softonic.com tcp
US 151.101.129.91:443 rv-assets.softonic.com tcp
US 151.101.129.91:443 rv-assets.softonic.com tcp
US 151.101.193.91:443 rv-assets.softonic.com tcp
US 151.101.193.91:443 rv-assets.softonic.com tcp
US 151.101.65.91:443 rv-assets.softonic.com udp
US 151.101.65.91:443 rv-assets.softonic.com udp
US 8.8.8.8:53 91.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 52.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 91.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 91.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
NL 139.45.197.227:443 notix.io tcp
GB 13.224.81.114:443 api.privacy-center.org tcp
GB 142.250.200.4:443 www.google.com tcp
GB 216.58.204.67:443 www.google.co.uk tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
DE 178.63.248.56:443 uidsync.net tcp
BE 64.233.166.157:443 stats.g.doubleclick.net tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 142.250.200.46:443 ampcid.google.com tcp
IE 13.74.129.1:443 c.clarity.ms tcp
DE 157.90.33.72:443 uidsync.net tcp
DE 157.90.33.72:443 uidsync.net tcp
US 13.107.21.237:443 c.bing.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 72.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 151.101.65.91:443 di-images.sftcdn.net tcp
US 151.101.65.91:443 di-images.sftcdn.net tcp
US 151.101.65.91:443 di-images.sftcdn.net tcp
GB 142.250.200.4:443 www.google.com udp
CZ 65.9.98.75:443 c.amazon-adsystem.com tcp
US 150.171.28.10:443 bat.bing.com tcp
GB 142.250.179.226:443 securepubads.g.doubleclick.net tcp
GB 142.250.179.226:443 securepubads.g.doubleclick.net tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 142.250.200.46:443 syndicatedsearch.goog tcp
GB 142.250.179.226:443 securepubads.g.doubleclick.net udp
US 151.101.65.91:443 di-images.sftcdn.net udp
CZ 65.9.98.75:443 c.amazon-adsystem.com tcp
US 104.22.75.216:443 btloader.com tcp
US 172.67.74.173:443 wct.softonic.com tcp
GB 142.250.200.46:443 syndicatedsearch.goog udp
GB 142.250.178.1:443 cfa1cd3a95271ca7cc17357234978f06.safeframe.googlesyndication.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
DE 162.19.138.116:443 id5-sync.com tcp
IE 54.78.53.108:443 id.crwdcntrl.net tcp
GB 163.70.151.35:443 www.facebook.com tcp
CZ 65.9.95.6:443 tags.crwdcntrl.net tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
GB 142.250.179.251:443 storage.googleapis.com tcp
CZ 65.9.95.83:443 config.aps.amazon-adsystem.com tcp
CZ 65.9.9.197:443 aax.amazon-adsystem.com tcp
DE 37.252.171.85:443 ib.adnxs.com tcp
IE 52.214.155.237:443 ap.lijit.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 34.120.63.153:443 prebid.media.net tcp
IE 54.73.162.175:443 ad.360yield.com tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
CZ 65.9.95.84:80 crt.rootg2.amazontrust.com tcp
CZ 65.9.95.84:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 172.67.74.173:443 wct.softonic.com tcp
GB 216.58.204.67:443 www.google.co.uk udp
BE 64.233.166.157:443 stats.g.doubleclick.net udp
IE 67.220.228.202:443 aax-eu.amazon-adsystem.com tcp
DE 141.95.98.64:443 id5-sync.com tcp
US 35.244.193.51:443 lexicon.33across.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 104.26.6.141:443 api.btmessage.com tcp
NL 139.45.197.227:443 notix.io tcp
GB 142.250.200.1:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 175.162.73.54.in-addr.arpa udp
US 8.8.8.8:53 84.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 230.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 202.228.220.67.in-addr.arpa udp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 141.6.26.104.in-addr.arpa udp
GB 142.250.200.1:443 tpc.googlesyndication.com udp
GB 142.250.200.4:443 www.google.com udp
US 151.101.193.91:443 di-images.sftcdn.net udp
US 104.26.3.70:443 ad-delivery.net tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
GB 2.19.117.98:443 acdn.adnxs.com tcp
DE 168.119.146.39:443 sync.richaudience.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
GB 2.17.4.21:443 contextual.media.net tcp
GB 23.219.196.188:443 ads.pubmatic.com tcp
DE 168.119.146.39:443 sync.richaudience.com tcp
US 44.218.137.49:443 cs-server-s2s.yellowblue.io tcp
DE 51.89.9.253:443 onetag-sys.com tcp
FR 217.182.178.228:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
NL 198.47.127.18:443 image8.pubmatic.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 8.8.8.8:53 cdn-download.avgbrowser.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
FR 5.135.209.105:443 rtb-csync.smartadserver.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
FR 5.135.209.105:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 49.137.218.44.in-addr.arpa udp
US 8.8.8.8:53 253.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 228.178.182.217.in-addr.arpa udp
US 3.33.220.150:443 match.adsrvr.org tcp
US 3.217.249.48:443 api-2-0.spot.im tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 34.243.210.180:443 match.prod.bidr.io tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 54.196.10.149:443 sync.srv.stackadapt.com tcp
GB 142.250.178.2:443 cm.g.doubleclick.net tcp
GB 142.250.178.2:443 cm.g.doubleclick.net udp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 192.132.33.69:443 bttrack.com tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 t.adx.opera.com udp
DE 51.89.9.253:443 onetag-sys.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
IE 34.240.235.183:443 jadserve.postrelease.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 80.77.87.161:443 cs.admanmedia.com tcp
NL 154.57.158.115:443 ads.stickyadstv.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 35.214.136.108:443 x.bidswitch.net udp
NL 188.42.189.231:443 ads.betweendigital.com tcp
GB 2.19.117.100:443 cdn-download.avgbrowser.com tcp
GB 2.19.117.100:443 cdn-download.avgbrowser.com tcp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
US 98.82.157.231:443 s.amazon-adsystem.com tcp
DE 168.119.146.39:443 sync.richaudience.com tcp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 180.210.243.34.in-addr.arpa udp
US 8.8.8.8:53 149.10.196.54.in-addr.arpa udp
US 8.8.8.8:53 48.249.217.3.in-addr.arpa udp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 183.235.240.34.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 69.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 231.189.42.188.in-addr.arpa udp
US 8.8.8.8:53 86.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 161.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 100.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 49.130.101.151.in-addr.arpa udp
US 67.202.105.24:443 ssc-cms.33across.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
GB 2.19.117.107:443 player.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
GB 2.17.5.216:443 eus.rubiconproject.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 104.20.86.8:443 stats.securebrowser.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
GB 2.19.117.84:80 player.aniview.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 4.153.129.168:443 b.clarity.ms tcp
GB 2.19.117.143:443 aefd.nelreports.net udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
US 34.120.63.153:443 prebid.media.net udp
DE 37.252.171.85:443 secure.adnxs.com tcp
IE 99.81.240.93:443 ad.360yield.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
GB 142.250.179.226:443 securepubads.g.doubleclick.net udp
DE 157.90.0.38:443 s.richaudience.com tcp
DE 157.90.0.38:443 s.richaudience.com tcp
GB 142.250.200.1:443 tpc.googlesyndication.com udp
US 4.153.129.168:443 b.clarity.ms tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 stats.securebrowser.com udp
US 8.8.8.8:53 stats.securebrowser.com udp
US 104.20.86.8:443 stats.securebrowser.com tcp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 104.22.63.125:443 update.avgbrowser.com udp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 104.20.87.8:443 config.avg.securebrowser.com tcp
US 8.8.8.8:53 browser-update.avg.com udp
US 8.8.8.8:53 browser-update.avg.com udp
US 8.8.8.8:53 s-install.avcdn.net udp
US 8.8.8.8:53 s-install.avcdn.net udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
GB 2.23.221.82:443 s-install.avcdn.net tcp
US 104.22.63.125:443 update.avgbrowser.com udp
US 8.8.8.8:53 browser-update.avg.com udp
US 8.8.8.8:53 browser-update.avg.com udp
GB 2.19.117.83:443 browser-update.avg.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google udp
US 8.8.8.8:443 dns.google udp
US 34.49.17.193:443 tcp
US 34.49.17.193:443 tcp
IE 54.228.50.167:443 tcp
IE 54.228.50.167:443 tcp
US 34.49.17.193:443 udp
US 34.160.176.28:443 tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 104.20.86.8:443 config.avg.securebrowser.com tcp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 8.8.8.8:53 stats.securebrowser.com udp
US 8.8.8.8:53 stats.securebrowser.com udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 easylist-downloads.adblockplus.org udp
US 8.8.8.8:53 easylist-downloads.adblockplus.org udp
US 8.8.8.8:53 urlite.ff.avast.com udp
US 8.8.8.8:53 urlite.ff.avast.com udp
US 104.22.63.125:443 update.avgbrowser.com udp
US 34.49.17.193:443 urlite.ff.avast.com tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 104.20.86.8:443 config.avg.securebrowser.com tcp
US 104.20.86.8:443 config.avg.securebrowser.com tcp
GB 96.17.179.31:443 easylist-downloads.adblockplus.org tcp
GB 96.17.179.31:443 easylist-downloads.adblockplus.org tcp
US 34.111.175.102:443 ip-info.ff.avast.com tcp
US 34.49.17.193:443 urlite.ff.avast.com tcp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 8.8.8.8:53 ntp.securebrowser.com udp
US 8.8.8.8:53 ntp.securebrowser.com udp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 34.160.176.28:443 shepherd.ff.avast.com tcp
US 34.111.175.102:443 ip-info.ff.avast.com tcp
US 104.20.87.8:443 ntp.securebrowser.com tcp
US 104.20.87.8:443 ntp.securebrowser.com tcp
US 8.8.8.8:53 imp.mt48.net udp
US 8.8.8.8:53 imp.mt48.net udp
US 8.8.8.8:53 amp-asset.45tu1c0.com udp
US 8.8.8.8:53 amp-asset.45tu1c0.com udp
US 8.8.8.8:53 content.securebrowser.com udp
US 8.8.8.8:53 content.securebrowser.com udp
GB 104.124.176.73:443 amp-asset.45tu1c0.com tcp
GB 104.78.163.34:443 imp.mt48.net tcp
US 34.49.17.193:443 urlite.ff.avast.com udp
US 8.8.8.8:53 browser-phishing-protection.labs.norton.com udp
US 8.8.8.8:53 browser-phishing-protection.labs.norton.com udp
IE 63.35.76.233:443 browser-phishing-protection.labs.norton.com tcp
US 8.8.8.8:53 onboarding.avg.securebrowser.com udp
US 8.8.8.8:53 onboarding.avg.securebrowser.com udp
GB 2.19.117.107:443 onboarding.avg.securebrowser.com tcp
GB 2.19.117.107:443 onboarding.avg.securebrowser.com tcp
US 8.8.8.8:53 onboarding.avg.securebrowser.com udp
US 8.8.8.8:53 onboarding.avg.securebrowser.com udp
GB 2.19.117.96:443 onboarding.avg.securebrowser.com tcp
GB 2.19.117.107:443 onboarding.avg.securebrowser.com tcp
GB 2.19.117.107:443 onboarding.avg.securebrowser.com tcp
US 104.22.63.125:443 update.avgbrowser.com udp
US 8.8.8.8:53 content.securebrowser.com udp
US 8.8.8.8:53 content.securebrowser.com udp
US 104.20.87.8:443 content.securebrowser.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google udp
GB 142.250.178.10:443 tcp
GB 2.19.117.96:443 onboarding.avg.securebrowser.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
GB 2.19.117.96:443 onboarding.avg.securebrowser.com tcp
US 8.8.8.8:443 dns.google udp
GB 2.23.221.82:443 s-install.avcdn.net tcp
US 20.60.153.225:443 tcp
US 151.101.193.55:443 tcp
GB 2.19.117.107:443 onboarding.avg.securebrowser.com tcp
US 104.20.86.8:443 content.securebrowser.com tcp
US 52.27.66.195:443 tcp
US 52.27.66.195:443 tcp
US 151.101.129.91:443 images.sftcdn.net udp
GB 163.70.151.35:443 www.facebook.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 216.58.204.67:443 www.google.co.uk udp
CZ 65.9.98.75:443 c.amazon-adsystem.com tcp
US 104.26.6.141:443 api.btmessage.com tcp
US 151.101.129.91:443 images.sftcdn.net udp
GB 142.250.200.46:443 syndicatedsearch.goog udp
CZ 65.9.9.197:443 aax.amazon-adsystem.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 151.101.129.91:443 images.sftcdn.net udp
GB 142.250.179.226:443 securepubads.g.doubleclick.net udp
US 151.101.193.91:443 images.sftcdn.net udp
US 13.107.246.64:443 www.clarity.ms tcp
GB 142.250.179.226:443 securepubads.g.doubleclick.net udp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
DE 37.252.171.85:443 secure.adnxs.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
US 34.120.63.153:443 prebid.media.net udp
BE 64.233.166.157:443 stats.g.doubleclick.net udp
US 130.211.23.194:443 api.btloader.com udp
GB 216.58.201.100:443 www.google.com udp
NL 139.45.197.227:443 notix.io tcp
DE 162.19.138.116:443 id5-sync.com tcp
GB 142.250.200.1:443 tpc.googlesyndication.com udp
DE 168.119.146.39:443 sync.richaudience.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
DE 168.119.146.39:443 sync.richaudience.com tcp
FR 217.182.178.228:443 ssbsync-global.smartadserver.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 67.202.105.24:443 ssc-cms.33across.com tcp
IE 34.240.235.183:443 jadserve.postrelease.com tcp
US 18.206.1.97:443 cs-server-s2s.yellowblue.io tcp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
DE 51.89.9.253:443 onetag-sys.com tcp
US 3.33.220.150:443 match.adsrvr.org tcp
US 192.132.33.69:443 bttrack.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 52.7.204.214:443 sync.srv.stackadapt.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
IE 34.250.82.17:443 match.prod.bidr.io tcp
IE 34.250.82.17:443 match.prod.bidr.io tcp
US 52.7.204.214:443 sync.srv.stackadapt.com tcp
GB 163.181.154.238:443 leap.ldplayer.gg tcp
US 8.8.8.8:53 214.204.7.52.in-addr.arpa udp
US 8.8.8.8:53 238.154.181.163.in-addr.arpa udp
GB 163.181.154.237:443 www.ldplayer.net tcp
GB 163.70.151.21:443 connect.facebook.net tcp
DE 141.95.98.64:443 id5-sync.com tcp
CZ 65.9.95.124:443 js.adscale.de tcp
DE 35.158.222.255:443 ih.adscale.de tcp
US 8.8.8.8:53 cdn.ldplayer.net udp
GB 142.250.178.22:443 play-lh.googleusercontent.com tcp
US 104.26.4.6:443 cmp.setupcmp.com tcp
GB 79.133.176.186:443 cdn.ldplayer.net tcp
NL 139.45.197.227:443 notix.io tcp
GB 142.250.178.22:443 play-lh.googleusercontent.com udp
US 35.244.193.51:443 lexicon.33across.com udp
US 8.8.8.8:53 22.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 6.4.26.104.in-addr.arpa udp
US 8.8.8.8:53 186.176.133.79.in-addr.arpa udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com tcp
US 104.26.4.6:443 cmp.setupcmp.com tcp
US 104.18.31.49:443 stpd.cloud tcp
GB 163.181.154.237:443 res.ldrescdn.com tcp
GB 163.181.154.237:443 res.ldrescdn.com tcp
GB 163.181.154.237:443 res.ldrescdn.com tcp
GB 163.181.154.237:443 res.ldrescdn.com tcp
GB 163.181.154.237:443 res.ldrescdn.com tcp
GB 163.181.154.237:443 res.ldrescdn.com tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
GB 172.217.16.238:443 apis.google.com tcp
GB 142.250.200.2:443 www.googletagservices.com tcp
CZ 65.9.95.22:443 apien.ldplayer.net tcp
CZ 65.9.95.22:443 apien.ldplayer.net tcp
US 8.8.8.8:53 api.ldshop.gg udp
SG 8.219.96.60:443 invite.ldplayer.net tcp
SG 8.222.176.52:443 api.ldshop.gg tcp
GB 172.217.16.238:443 apis.google.com udp
US 8.8.8.8:53 tagan.adlightning.com udp
CZ 65.9.95.22:443 tagan.adlightning.com tcp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
SG 8.219.96.60:443 invite.ldplayer.net tcp
SG 47.236.4.49:443 usersdk.ldmnq.com tcp
SG 8.222.176.52:443 api.ldshop.gg tcp
US 8.8.8.8:53 cdn.hadronid.net udp
GB 104.78.175.230:443 secure.cdn.fastclick.net tcp
GB 104.78.175.230:443 secure.cdn.fastclick.net tcp
US 172.67.36.110:443 cdn.hadronid.net tcp
US 8.8.8.8:53 proc.ad.cpe.dotomi.com udp
US 104.22.5.69:443 a.ad.gt tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 64.158.223.146:443 proc.ad.cpe.dotomi.com tcp
US 8.8.8.8:53 60.96.219.8.in-addr.arpa udp
US 8.8.8.8:53 52.176.222.8.in-addr.arpa udp
US 8.8.8.8:53 230.175.78.104.in-addr.arpa udp
US 8.8.8.8:53 110.36.67.172.in-addr.arpa udp
US 8.8.8.8:53 49.4.236.47.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 146.223.158.64.in-addr.arpa udp
US 172.67.23.234:443 a.ad.gt tcp
NL 142.250.27.84:443 accounts.google.com udp
DE 178.63.248.57:443 uidsync.net tcp
DE 157.90.33.68:443 uidsync.net tcp
DE 157.90.33.68:443 uidsync.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
NL 81.17.55.113:443 prg.smartadserver.com tcp
GB 216.58.201.100:443 www.google.com udp
US 35.227.252.103:443 rtb.openx.net tcp
NL 185.184.8.90:443 prebid-eu.creativecdn.com tcp
FR 163.5.194.35:443 sync.a-mo.net tcp
US 172.67.68.162:443 prebid-stag.setupad.net tcp
US 172.67.68.162:443 prebid-stag.setupad.net tcp
DK 37.157.3.26:443 adx.adform.net tcp
FR 178.250.7.13:443 dnacdn.net tcp
DK 37.157.2.230:443 adx.adform.net tcp
NL 178.250.1.17:443 ads.eu.criteo.com tcp
US 8.8.8.8:53 26.3.157.37.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
NL 178.250.1.10:443 rtb.nl3.eu.criteo.com tcp
US 34.98.64.218:443 u.openx.net tcp
US 34.98.64.218:443 u.openx.net udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
NL 178.250.1.6:443 cat.nl3.eu.criteo.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.25:443 csm.eu.criteo.net tcp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 35.227.252.103:443 rtb.openx.net udp
FR 178.250.7.12:443 rtb.fr3.eu.criteo.com tcp
IE 52.211.255.159:443 bcp.crwdcntrl.net tcp
DE 159.89.25.223:443 node.setupad.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
GB 216.58.201.97:443 cdn.ampproject.org tcp
GB 216.58.201.97:443 cdn.ampproject.org tcp
GB 216.58.201.97:443 cdn.ampproject.org tcp
GB 216.58.201.97:443 cdn.ampproject.org tcp
GB 216.58.201.97:443 cdn.ampproject.org tcp
GB 142.250.200.1:443 tpc.googlesyndication.com udp
IE 34.250.82.17:443 match.prod.bidr.io tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
US 104.18.31.49:443 stpd.cloud tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
NL 89.149.193.121:443 rtb-csync.smartadserver.com tcp
NL 89.149.193.121:443 rtb-csync.smartadserver.com tcp
GB 142.250.178.2:443 cm.g.doubleclick.net udp
US 52.7.204.214:443 sync.srv.stackadapt.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
FR 163.5.194.36:443 sync.a-mo.net tcp
US 104.19.159.19:443 assets.a-mo.net tcp
US 104.19.159.19:443 assets.a-mo.net tcp
GB 163.181.154.240:443 res.ldrescdn.com tcp
GB 163.181.154.240:443 res.ldrescdn.com tcp
GB 163.181.154.240:443 res.ldrescdn.com tcp
CZ 65.9.95.68:443 apien.ldmnq.com tcp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 68.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 83.94.9.65.in-addr.arpa udp
GB 163.181.154.240:443 res.ldrescdn.com tcp
GB 163.181.154.240:443 res.ldrescdn.com tcp
GB 2.22.249.59:443 r.bing.com tcp
GB 2.22.249.59:443 r.bing.com tcp
GB 2.22.249.59:443 r.bing.com tcp
GB 2.22.249.59:443 r.bing.com tcp
GB 2.22.249.59:443 r.bing.com tcp
GB 2.22.249.59:443 r.bing.com tcp
SG 8.219.4.49:443 middledata.ldplayer.net tcp
US 8.8.8.8:53 49.4.219.8.in-addr.arpa udp
GB 2.19.117.143:443 aefd.nelreports.net udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
GB 2.22.249.59:443 r.bing.com tcp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 prebid.media.net udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
IE 46.51.175.127:443 ad.360yield.com tcp
US 34.120.63.153:443 prebid.media.net udp
IE 46.51.175.127:443 ad.360yield.com tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
IE 46.51.175.127:443 ad.360yield.com tcp
US 8.8.8.8:53 www.antivirussoftwareguide.com udp
US 68.183.21.156:443 www.antivirussoftwareguide.com tcp
US 68.183.21.156:443 www.antivirussoftwareguide.com tcp
GB 142.250.179.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 156.21.183.68.in-addr.arpa udp
GB 142.250.200.1:443 tpc.googlesyndication.com udp
DE 37.252.172.123:443 ib.adnxs.com tcp
DE 37.252.172.123:443 ib.adnxs.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 68.183.21.156:443 www.antivirussoftwareguide.com tcp
US 68.183.21.156:443 www.antivirussoftwareguide.com tcp
US 68.183.21.156:443 www.antivirussoftwareguide.com tcp
US 68.183.21.156:443 www.antivirussoftwareguide.com tcp
GB 216.58.201.100:443 www.google.com udp
GB 172.217.16.227:443 www.google.co.uk udp
US 8.8.8.8:53 123.172.252.37.in-addr.arpa udp
US 8.8.8.8:53 227.16.217.172.in-addr.arpa udp
US 4.153.129.168:443 b.clarity.ms tcp
US 4.153.129.168:443 b.clarity.ms tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 154.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.22:443 collector.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
GB 20.26.156.210:443 api.github.com tcp
CZ 65.9.95.28:443 apien.ldmnq.com tcp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 216.156.26.20.in-addr.arpa udp
GB 2.19.117.143:443 aefd.nelreports.net udp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
US 4.153.129.168:443 b.clarity.ms tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
US 8.8.8.8:53 discord.gg udp
US 8.8.8.8:53 discord.gg udp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 8.8.8.8:53 urlite.ff.avast.com udp
US 8.8.8.8:53 urlite.ff.avast.com udp
US 8.8.8.8:53 s-install.avcdn.net udp
US 8.8.8.8:53 s-install.avcdn.net udp
US 34.49.17.193:443 urlite.ff.avast.com tcp
US 34.111.175.102:443 ip-info.ff.avast.com tcp
US 162.159.134.234:443 discord.gg tcp
GB 2.23.221.82:443 s-install.avcdn.net tcp
US 34.49.17.193:443 urlite.ff.avast.com tcp
GB 2.23.221.82:443 s-install.avcdn.net tcp
US 34.49.17.193:443 urlite.ff.avast.com tcp
US 8.8.8.8:53 res.ldrescdn.com udp
US 8.8.8.8:53 apien.ldplayer.net udp
US 8.8.8.8:53 ad.ldplayer.net udp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 update.avgbrowser.com udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 easylist-downloads.adblockplus.org udp
US 8.8.8.8:53 easylist-downloads.adblockplus.org udp
US 8.8.8.8:53 browser-phishing-protection.labs.norton.com udp
US 8.8.8.8:53 browser-phishing-protection.labs.norton.com udp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 8.8.8.8:53 shepherd.ff.avast.com udp
GB 96.17.179.28:443 easylist-downloads.adblockplus.org tcp
CZ 65.9.95.125:443 ad.ldplayer.net tcp
CZ 65.9.95.119:443 apien.ldplayer.net tcp
US 172.67.41.145:443 update.avgbrowser.com udp
US 172.67.41.145:443 update.avgbrowser.com tcp
US 172.67.41.145:443 update.avgbrowser.com tcp
US 172.67.41.145:443 update.avgbrowser.com tcp
IE 99.81.109.198:443 browser-phishing-protection.labs.norton.com tcp
US 8.8.8.8:53 145.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 28.179.17.96.in-addr.arpa udp
US 8.8.8.8:53 125.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 119.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 198.109.81.99.in-addr.arpa udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 172.67.41.145:443 update.avgbrowser.com udp
US 172.67.41.145:443 update.avgbrowser.com tcp
US 172.67.41.145:443 update.avgbrowser.com tcp
US 8.8.8.8:53 config.avg.securebrowser.com udp
US 8.8.8.8:53 shepherd.ff.avast.com udp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
US 34.160.176.28:443 shepherd.ff.avast.com tcp
US 104.20.87.8:443 config.avg.securebrowser.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
GB 163.181.154.239:443 res.ldrescdn.com tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
SG 8.219.4.49:443 middledata.ldplayer.net tcp
CZ 65.9.95.127:443 alliance.ldplayer.net tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
CZ 65.9.95.28:80 apien.ldmnq.com tcp
CZ 65.9.95.28:443 apien.ldmnq.com tcp
US 8.8.8.8:443 dns.google udp
GB 172.217.16.234:443 udp
US 8.8.4.4:443 dns.google udp
US 34.49.17.193:443 urlite.ff.avast.com udp
US 162.159.128.233:443 udp
US 8.8.8.8:53 233.128.159.162.in-addr.arpa udp
US 20.60.153.225:443 tcp
US 162.159.134.233:443 udp
N/A 127.0.0.1:6463 tcp
US 151.101.129.55:443 tcp
GB 2.19.117.148:443 aefd.nelreports.net udp
N/A 127.0.0.1:6464 tcp
N/A 127.0.0.1:6465 tcp
N/A 127.0.0.1:6466 tcp
N/A 127.0.0.1:6467 tcp
N/A 127.0.0.1:6468 tcp
N/A 127.0.0.1:6469 tcp
N/A 127.0.0.1:6470 tcp
N/A 127.0.0.1:6471 tcp
N/A 127.0.0.1:6472 tcp
US 104.19.230.21:443 udp
US 104.19.230.21:443 udp
US 74.125.250.129:19302 udp
US 8.8.8.8:53 stun.l.google.com udp
US 104.19.229.21:443 udp
US 104.19.230.21:443 udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.4.4:443 dns.google udp
GB 142.250.200.35:443 tcp
US 104.22.62.125:443 update.avgbrowser.com tcp
US 104.22.62.125:443 update.avgbrowser.com tcp
US 104.22.62.125:443 update.avgbrowser.com tcp
US 8.8.8.8:443 dns.google udp
US 162.159.130.234:443 discord.gg tcp
US 35.190.80.1:443 tcp
US 34.49.17.193:443 urlite.ff.avast.com udp
US 35.190.80.1:443 udp
US 162.159.135.232:443 udp
US 8.8.8.8:53 232.135.159.162.in-addr.arpa udp
US 162.159.134.233:443 udp
GB 142.250.200.35:443 udp
US 8.8.4.4:443 dns.google udp
GB 142.250.187.238:443 fundingchoicesmessages.google.com tcp
US 104.20.87.8:443 config.avg.securebrowser.com tcp
US 104.22.62.125:443 update.avgbrowser.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
GB 2.19.117.148:443 aefd.nelreports.net udp
US 140.82.112.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 ad.360yield.com udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
CZ 65.9.9.197:443 aax.amazon-adsystem.com tcp
US 34.120.63.153:443 prebid.media.net udp
IE 52.211.101.67:443 ap.lijit.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
IE 52.211.204.195:443 ad.360yield.com tcp
DE 157.90.0.38:443 shb.richaudience.com tcp
GB 142.250.179.226:443 securepubads.g.doubleclick.net udp
GB 142.250.200.1:443 tpc.googlesyndication.com udp
GB 216.58.212.226:443 googleads.g.doubleclick.net udp
US 151.101.1.229:443 cdn.jsdelivr.net udp
FR 185.93.2.8:443 s1.richmediastudio.com tcp
IE 52.211.38.193:443 eu-west-1.event.prod.bidr.io tcp
DE 195.201.240.22:443 s4.richmediastudio.com tcp
DE 168.119.149.172:443 s.richmediastudio.com tcp
FI 65.108.228.94:443 t.richaudience.com tcp
US 8.8.8.8:53 172.149.119.168.in-addr.arpa udp
FR 185.93.2.11:443 s1.richmediastudio.com tcp
FR 185.93.2.11:443 s1.richmediastudio.com tcp
GB 23.219.196.110:443 secure.insightexpressai.com tcp
CZ 65.9.95.114:443 media.bidr.io tcp
DE 168.119.149.172:443 s.richmediastudio.com tcp
DE 116.202.114.67:443 srms.richmediastudio.com tcp
DE 116.202.114.67:443 srms.richmediastudio.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
DE 168.119.149.172:443 s.richmediastudio.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
GB 92.123.128.165:443 www.bing.com tcp
GB 216.58.212.226:443 googleads.g.doubleclick.net udp
US 4.153.129.168:443 b.clarity.ms tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 c4a10f6df4922438ca68ada540730100
SHA1 4c7bfbe3e2358a28bf5b024c4be485fa6773629e
SHA256 f286c908fea67163f02532503b5555a939f894c6f2e683d80679b7e5726a7c02
SHA512 b4d407341989e0bbbe0cdd64f7757bea17f0141a89104301dd7ffe45e7511d3ea27c53306381a29c24df68bdb9677eb8c07d4d88874d86aba41bb6f0ce7a942c

\??\pipe\LOCAL\crashpad_1436_EQSAZDPFRYBSEVNT

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 4c3889d3f0d2246f800c495aec7c3f7c
SHA1 dd38e6bf74617bfcf9d6cceff2f746a094114220
SHA256 0a4781bca132edf11500537cbf95ff840c2b6fd33cd94809ca9929f00044bea4
SHA512 2d6cb23e2977c0890f69751a96daeb71e0f12089625f32b34b032615435408f21047b90c19de09f83ef99957681440fdc0c985e079bb196371881b5fdca68a37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 71b590c77707029d9ac0744119fab7e5
SHA1 6d48fd5530527742b1c8a2670088a924f8ea1b1e
SHA256 798a84b4489d61ea7e4c609efdfa4d9a4437bbabe9d150d8189ec9d73532d1f9
SHA512 8b23ffb8c624b575a551863b6a7069bfb86fba8fef695a302b9695437ea22044b74958a89844977472999fc27b31b43ea4bd58e24b3820738eac8051ee1176db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fcfeef10ca6e7929dd732cf57d6ffa73
SHA1 dac95dd97d1d12d27c4387689350e9715b3f9337
SHA256 425aa8ce3008a1cf22fd564ae212cb861ac83f5e862485cfb9a699e569785d75
SHA512 f29f825f98cde66195f3606bc9102e6737a1d5c2287db2d5359998ea8347d68428b5bc6e5f313969f69042a738dedc11b45f18f8eb54db93e7bc7d3e3f0547fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 53b9b8db537031605359f25a61e409c8
SHA1 8bd197e789475db0ac778fefda5621ea0760deaf
SHA256 5af7dbd04e50daf58e022a9e058bcb0501ba2c6bf933d0fc283661ee7e49a979
SHA512 c7a5f1ce03a159f8eae369ceeace48984089f7209a36deacd8871ba463f2cd6b73462c9e16df38375ebf4248987c9020fd70011817aa1de889decc7724d83c53

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9bdde683bfb3a5c6bd5c7f0c370deb00
SHA1 6194fdbb41fda5e503be7acd8267dba946fb325f
SHA256 e36db8e4c7787eeb4556aa0f386e3ca62ac9d1e33865febd9a5a6c0f0dc81283
SHA512 f9126fb5f1f5bc4939e3a6f75c37aeca84745261bc16084e8b938b391b289a41a3ef26a24a15d6ab6e7c123f59ebf7c091a69ab255255f1f440f4e2f9eb6ff48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 99b8849794ae9fd82d244d3c86eeb6dd
SHA1 9dbe5daa4eb97aa46f4af06112b9e7f7186947f9
SHA256 b8f206fe8841929d0ac3cbb928ff2e03a36cbbf645858d621d435b0fa01dc16d
SHA512 89509ec50de7e97b89a899904f4a950f6fedef076f75ae55e57a7484870afd2f5f44fd921bbbf2754ba500f5345ca60d8281b4342cbd26797418a964b9808e2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2690f0acf9d04d52bcc475844cc6240a
SHA1 29af1475ef73a7f4156ae2a67cbc9b3952eb6a86
SHA256 7810a7c9028abe26b025f22a8134b7a8fd8820fa73b53b36fd644b2950f67d43
SHA512 5fb9b7f1595e6a36e2e59e75089396d0ee6e9b6ad96ae96817bd46005d9f7f90e3511972bf4185905ea7d94dd20705a76dd58bbae1dfdb5135a3e99c690a35b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58ddc8.TMP

MD5 c4fd81811c3e12924ef3e774b9e05dee
SHA1 063064dc50c1ff35eedb06c61cb5bc582c99e307
SHA256 a26ae092dfcf770d2f74fa7a78ec4a669e0b2363685f79b2f33c9676ed5837b8
SHA512 81db26c149fd721f61006471ed24723d6e4730177a8256e6f3f59bfd1d11cfa0a4bf8bacb0db3adab16a38f85417779ff45249f60bc422606ae46a2134576182

C:\Users\Admin\Downloads\Unconfirmed 846791.crdownload

MD5 0dc93e1f58cbb736598ce7fa7ecefa33
SHA1 6e539aab5faf7d4ce044c2905a9c27d4393bae30
SHA256 4ec941f22985fee21d2f9d2ae590d5dafebed9a4cf55272b688afe472d454d36
SHA512 73617da787e51609ee779a12fb75fb9eac6ed6e99fd1f4c5c02ff18109747de91a791b1a389434edfe8b96e5b40340f986b8f7b88eac3a330b683dec565a7eff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5da0d1c6410525a33734a8b08523dd82
SHA1 2423aba34beb0bc248a2926ded15e74bf3c26211
SHA256 bea7f48e729946ae24a13c819fbaef7c313a057130ca9075c5237f5f4cad327b
SHA512 a0f6def27221bf4babb1d406558b4b05ad262f55c071bf85ba6710042a323be33fc51d35f77cc4c3e10a24666e0fa6e82f6d9aa0d894a39c1733bdf0b45755d3

C:\Users\Admin\Downloads\avg_secure_browser_setup.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Temp\nsp3B1.tmp\jsis.dll

MD5 2027121c3cdeb1a1f8a5f539d1fe2e28
SHA1 bcf79f49f8fc4c6049f33748ded21ec3471002c2
SHA256 1dae8b6de29f2cfc0745d9f2a245b9ecb77f2b272a5b43de1ba5971c43bf73a1
SHA512 5b0d9966ecc08bcc2c127b2bd916617b8de2dcbdc28aff7b4b8449a244983bfbe33c56f5c4a53b7cf21faf1dbab4bb845a5894492e7e10f3f517071f7a59727c

C:\Users\Admin\AppData\Local\Temp\nsp3B1.tmp\nsJSON.dll

MD5 f840a9ddd319ee8c3da5190257abde5b
SHA1 3e868939239a5c6ef9acae10e1af721e4f99f24b
SHA256 ddb6c9f8de72ddd589f009e732040250b2124bca6195aa147aa7aac43fc2c73a
SHA512 8e12391027af928e4f7dad1ec4ab83e8359b19a7eb0be0372d051dfd2dd643dc0dfa086bd345760a496e5630c17f53db22f6008ae665033b766cbfcdd930881a

C:\Users\Admin\AppData\Local\Temp\nsp3B1.tmp\JsisPlugins.dll

MD5 d21ae3f86fc69c1580175b7177484fa7
SHA1 2ed2c1f5c92ff6daa5ea785a44a6085a105ae822
SHA256 a6241f168cacb431bfcd4345dd77f87b378dd861b5d440ae8d3ffd17b9ceb450
SHA512 eda08b6ebdb3f0a3b6b43ef755fc275396a8459b8fc8a41eff55473562c394d015e5fe573b3b134eeed72edff2b0f21a3b9ee69a4541fd9738e880b71730303f

C:\Users\Admin\AppData\Local\Temp\nsp3B1.tmp\StdUtils.dll

MD5 34939c7b38bffedbf9b9ed444d689bc9
SHA1 81d844048f7b11cafd7561b7242af56e92825697
SHA256 b127f3e04429d9f841a03bfd9344a0450594004c770d397fb32a76f6b0eabed0
SHA512 bc1b347986a5d2107ad03b65e4b9438530033975fb8cc0a63d8ef7d88c1a96f70191c727c902eb7c3e64aa5de9ce6bb04f829ceb627eda278f44ca3dd343a953

C:\Users\Admin\AppData\Local\Temp\{545D920E-3720-4B32-A946-8F84F0AC246A}\scrt.dll

MD5 f36f05628b515262db197b15c7065b40
SHA1 74a8005379f26dd0de952acab4e3fc5459cde243
SHA256 67abd9e211b354fa222e7926c2876c4b3a7aca239c0af47c756ee1b6db6e6d31
SHA512 280390b1cf1b6b1e75eaa157adaf89135963d366b48686d48921a654527f9c1505c195ca1fc16dc85b8f13b2994841ca7877a63af708883418a1d588afa3dbe8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8421f2b6e5bd7a27acc8a447b66310a3
SHA1 c50392511a388562f786d54488bbbe95df8615fa
SHA256 e4496b39e56baf5257c7802cdf49ccf70801f97d454f35ed0b94cf2d0d9f9c35
SHA512 409943d6bee0c5b1bd7b8e16e78d451276ff112356f3e691bbf7e71da2128aa0810ddd0ce7d06697e597ad909a263d1a3bab9582cb01f34f905ed9d80a22a4f1

C:\Users\Admin\AppData\Local\Temp\nsp3B1.tmp\thirdparty.dll

MD5 7b4bd3b8ad6e913952f8ed1ceef40cd4
SHA1 b15c0b90247a5066bd06d094fa41a73f0f931cb8
SHA256 a49d3e455d7aeca2032c30fc099bfad1b1424a2f55ec7bb0f6acbbf636214754
SHA512 d7168f9504dd6bbac7ee566c3591bfd7ad4e55bcac463cecb70540197dfe0cd969af96d113c6709d6c8ce6e91f2f5f6542a95c1a149caa78ba4bcb971e0c12a2

C:\Users\Admin\AppData\Local\Temp\ajCF9.exe

MD5 c79bb78a0bad2559a7037913dd1f1f34
SHA1 a5b36348ad93fdf971201f31136d8c9b056984a7
SHA256 f63b47288af395ac9c02c980592691e2d446fe8b4d3813007433ae262af693c3
SHA512 1bd81cbe784427e54903159225e0fd94c0fab1d9498c11db177d86268f34129e6835759a9a3e3822c717349043930e13168390fcc2f9a74f9699f14497cfc888

C:\Users\Admin\AppData\Local\Temp\avg-securebrowser-web-tags

MD5 d31cc067f585fcedecfd1c0717937ea1
SHA1 de6cfbc40f02e8edbee2b3f9d094eb62470541bb
SHA256 7af6c530c6538048cb17143bd35d34635db7991f9c1682b92302510aa38da5dd
SHA512 080209af13c2402d994cb20aead7508ea4276811307c4a4d2cb6dd3d7c488e92896c72b928822bd0c298e54a5bdbee796fcb71e2a57715d971eeec1153f3943b

C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\Midex.dll

MD5 2597a829e06eb9616af49fcd8052b8bd
SHA1 871801aba3a75f95b10701f31303de705cb0bc5a
SHA256 7359ca1befdb83d480fc1149ac0e8e90354b5224db7420b14b2d96d87cd20a87
SHA512 8e5552b2f6e1c531aaa9fd507aa53c6e3d2f1dd63fe19e6350c5b6fbb009c99d353bb064a9eba4c31af6a020b31c0cd519326d32db4c8b651b83952e265ffb35

C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\CR.History.tmp

MD5 f310cf1ff562ae14449e0167a3e1fe46
SHA1 85c58afa9049467031c6c2b17f5c12ca73bb2788
SHA256 e187946249cd390a3c1cf5d4e3b0d8f554f9acdc416bf4e7111fff217bb08855
SHA512 1196371de08c964268c44103ccaed530bda6a145df98e0f480d8ee5ad58cb6fb33ca4c9195a52181fe864726dcf52e6a7a466d693af0cda43400a3a7ef125fad

C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\FF.places.tmp

MD5 6387c4670b51a58eb870a5e3eb05e0ad
SHA1 b3b4d81a8070de16f78fb651d5661c00244684e7
SHA256 3f1b8a7747e0415b0ade5868f50f7f4fa8f7ca2ad53ce608a3d4968448c15dd7
SHA512 4c4975c8a20a6fb2f6f100b0719cd518231cb14dad1443573b5495357e43e1ebd39ebe1f72d94cdd1d9d2eb9c6c1dd4cde91bd341503ea6681e758acd59af1b8

C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\CR.History.tmp

MD5 295763059257b00218ebe77aff731003
SHA1 87b15ac47c490b27e8a070ded8f5b8dcb274068a
SHA256 4a0a5d0a4b54217a89adc3659d2799fe7ce832e61a4b6d71c1b251241ee322b8
SHA512 dea2ac67a195a84e2d43b47379990b16fb8515aee08a4c59df064375e33f717026f309265d2aa8568b8915a6e82bd520b46232cff96c711abf07bad1709528fe

C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AVGBrowserUpdateSetup.exe

MD5 9750ea6c750629d2ca971ab1c074dc9d
SHA1 7df3d1615bec8f5da86a548f45f139739bde286b
SHA256 cd1c5c7635d7e4e56287f87588dea791cf52b8d49ae599b60efb1b4c3567bc9c
SHA512 2ecbe819085bb9903a1a1fb6c796ad3b51617dd1fd03234c86e7d830b32a11fbcbff6cdc0191180d368497de2102319b0f56bfd5d8ac06d4f96585164801a04b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ff936e0d3be1bace3a699ae2fe0e4db3
SHA1 384198ee0f07fb64d311d557d7b99d48ee6a1c00
SHA256 c62b5c87ec1241f41f2c5bc334cb94beb7a46f2fcc8b54ffd3170e5a46544e03
SHA512 cc251e20be381668fca185c771ef3af51d9c7f7baeb92453aa9928a5978493de13bafacf4e08164016af95f7fd51415c2b461518832a79676ac94a384098ec26

C:\Program Files (x86)\GUM2800.tmp\@PaxHeader

MD5 cc10315d02849aa06303ede042fcea7c
SHA1 6807356ca02f634bfe43d32350efec4c711a421f
SHA256 639978a0f066ee0f9501ea0c948abcbdfe4a459d45bd57eed5630c5dd466eff7
SHA512 135c897657c18cc28be80eb2951cbeb764e5f08c12b5099e499d380502aae4277acfaa8f070857e86c7b3013a3e1b8307e30bbe283ee8b62ca00e6fefe7f3ac0

C:\Program Files (x86)\GUM2800.tmp\@PaxHeader

MD5 8f5ada523ccd4846ed60560592e02bb5
SHA1 7b392aff55604fddec7b08f5cf052b6a238fcc6d
SHA256 3831925a573e722ccd38e297de924464bb7344785a11f40b9f70cb52fd3b96bb
SHA512 82dd0ec8e4a643f7aa60172c16b08203e6c978facb0da62becd6b74c92bf0f8802bd289560f0223f3e45f80e5e85578e1043e40438a4ba123eaf556f05d9a294

C:\Program Files (x86)\GUM2800.tmp\@PaxHeader

MD5 939ee98d23d3ce9a0c8a0fe9aac02cf2
SHA1 b48224bddd5ad890d749f1dd16de6f9c5d9b2af5
SHA256 cea3426ac194b93a31f869d26e69045effc10a0d89962220724557136625ba39
SHA512 caddc19a06aa9bba35641c5b8b2055c18e7f8c89f0603869be5ef7b283c83ab4efc1213ba18c536007babc492ced62e406ba34af96c3a949d3378b5cae0ad881

C:\Program Files (x86)\GUM2800.tmp\@PaxHeader

MD5 f44a45059fa18183f3ac50a396046f8c
SHA1 11554ce3b0ff27a2b4de2c635bcac830df40dbce
SHA256 ada5e0840b2b26deba76bd8782e354771a57391a4c7c4389832dec974d81b6c6
SHA512 d1df442a4bd08ef92c6a9ecddc1d6c8cc57ca1dbfc911c46997591dd791d5fca59b55a9a4cdc76fac620b79bc0d3c4fcf45ecd3a72ceaa8ee3c3acceada41d81

C:\Program Files (x86)\GUM2800.tmp\@PaxHeader

MD5 fc8ee03b2a65f381e4245432d5fef60e
SHA1 d2b7d9be66c75ccf24fcb45a6d0dacedd8b6dd6f
SHA256 751a04263c2ebb889fdcd11045d6f3602690318ebaaa54f66e1332d76dde9ef4
SHA512 0837f2b22c9629990165c5e070e710a69ad4951b7fcfe28bd52354c4b8a7246672497b8aaf521a8773c7ec2a4249fc4318330948ab0d8db8c6c74da57b32f1c4

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

MD5 cbcdf56c8a2788ed761ad3178e2d6e9c
SHA1 bdee21667760bc0df3046d6073a05d779fdc82cb
SHA256 e9265a40e5ee5302e8e225ea39a67d452eaac20370f8b2828340ba079abbbfd3
SHA512 5f68e7dffdd3424e0eb2e5cd3d05f8b6ba497aab9408702505341b2c89f265ebb4f9177611d51b9a56629a564431421f3ecb8b25eb08fb2c54dfeddecb9e9f2e

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\npAvgBrowserUpdate3.dll

MD5 c6a2bff8e96b5622bf6841a671f4e564
SHA1 fb638e9c72604cc1b160385fa803b0ea028e5d5e
SHA256 7a7a12e9c0dee713700081b9354647972a0f3505596df34e4c68aaba99046992
SHA512 22a99f860055388e34a056af5d5e35f2e33a9294784795aca52fd42685d75aebb523add836c5e4b9b2f68fe00348d11ee56cc10208fcc662b86a6169664f934f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c5c09c6558319631da7412de56f481ec
SHA1 289f8c43e2255bbcd7db3064d7fd0ba1cf395de5
SHA256 cb33a1d4133301d94faafeb71a1617e9845a9fe84837cd00292df0f6c046b594
SHA512 8398d1dececc9b00e9350815183f51e7e0ad6d10469827c5c7edc314c2c60f22cdf1fc3ae9f95ed684defcdea586b17cf7c304266659203d548c579e9ed9b664

C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\setup.exe

MD5 26bf30358c8fdaecd3c83b9cf76514ee
SHA1 4f76fe57a8cc48b28b9fd4f1ff75254976ad4515
SHA256 f0809a96fb1a5e039a5bf5559e4e5b57bcbbbcd07e7dd6bf60872e9a0e6f0856
SHA512 20a8f1df4a5eefd617fa6096d5f2c47770ef20efaf3cba007588f8759bcb72cf9e3d4eb89505d333bbe7c2ed4e8d9202421485e22ee99f29812682c0cbaf2040

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

MD5 a5cc79fbd666432c461daec09604f082
SHA1 9a3df93d85aca657c5c8b60f9b4063128319647e
SHA256 9a7f91177674363a59d898f41192d993f0dab2ce2c93a180b6d1042ea4b9e279
SHA512 f93ebbb16738cae18477a0bd833098abee3a77880b8623ae2a462ee8e209487045121700e013dd0da1c7c3f5c9f24a56f02a5cba837df4ac1f33c9f6e3522c62

C:\Users\Admin\AppData\Local\Temp\nskF5A.tmp\AccessControl.dll

MD5 d4fa24f021f155ce9214dccf812c3b7f
SHA1 864001ab7d2c87af00b7153cd096e0454b3f4e9f
SHA256 3b0889281ff6367bb736690229f461bb4ff34b7437f54a5c71b877a104c0f876
SHA512 de1720af369890df89c8550d49b4e3e2e353e4a21ef30be5ebee9216e312a57ede9f7919e71de592d0bad6e482d48fb759dd1d1323caafa506634e9f877f6213

memory/5324-1073-0x00007FFEF0B30000-0x00007FFEF0B31000-memory.dmp

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State

MD5 e257c4079777418f507d2b0e4b22405e
SHA1 ecb6b29e6b1e6707ab4a38d11317104ce9d6d7ba
SHA256 b36b1e77ddec29892dda5332126d2acdd1798c1c1168870c4adbc74001ee9bf4
SHA512 22a1873a5d30185855bc48e8b2e0e5f2323adac3e228d44a19aa6c4e4f333ca054991b187a7378cbbd76cc3237148ccf67cf1e3c3d693d42a9af05c7221dba0c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Sync Data\LevelDB\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State~RFe59ec0c.TMP

MD5 12b7433f9ca93cde3499138e7d522cb0
SHA1 313f9b904df9a6e69acdc5dfe351cb8fb3a4b37b
SHA256 6cee19422768cca291d7686ef23f83804bddd4b73e74e7ba72cef008c2a4c983
SHA512 25398d5e917559b5a13e2e51812b0396d5a0f05ad9f44cdf8d79ce146a367e39a54a54366bf94ec01a4733a559e1ebe334962afa5628ab7c7a1fd7c564802736

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Local Storage\leveldb\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\d91fd06c-deee-4c74-bf4e-cc5141dbc8b2.tmp

MD5 27e0a973f1449e90508c04e5a6a5b86e
SHA1 a73aeda6a24c88cd513edb51fe82057888b33e31
SHA256 1a1d3f226e1b5d6b13a15080b67865bbd624d8bfd9c4f8a2f7e35b029c6b39d0
SHA512 8724eced195065a2bbb38f3fa940ae8b66202690e12fdc598a669574ffaee36d86a32e7fc608b23c83715f7859e6cfb556cc659181f7c90178b7241240449679

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\DawnWebGPUCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\DawnWebGPUCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\DawnWebGPUCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\DawnWebGPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a6ee455c28ad7a2d2c2ace1cc914747b
SHA1 f7fdfe431fa1ed8809244072bf340f30c46a94fe
SHA256 3a9c2f664af47db55e7a4dfea32bd931beaa39fd9944c993812ed61fa8d7db98
SHA512 682a5b23a428308412d6df45c4c42c0a5eaddd0fe1b8612260523741cf6923a57f39a953b14e29c17a030462117dee97aca9b355872caeed461842f4e003fc21

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State

MD5 dab6b49d455df0cced6eea463f0f9ea9
SHA1 3fc7832499a76d70d74c8b3a024ee7320fc0d3e4
SHA256 da81cee20ee82c65455bdff5a1cb90e2761655601592a16b434f395b3e08547b
SHA512 0c5eacafa515abb7882df837ad52729d62026aad3f48fa81a62acb781d3bada77c6105e432219f71771560ed7a18ab627b6d6fdc26ff1d5a7e47170ce10f5a1d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe59eefa.TMP

MD5 f37e25e66a285f249e56bfe97ceef97d
SHA1 8a364ab277ff3202d99c7bf2b76b77f0e96a8e78
SHA256 5c61f41d8752854fda08d89fb60af96a38855649ade324dcbde82582238defec
SHA512 f43afc0185ad01f3e5b041482cb7dc3711450f33b3b6f05c0dd1fec003fed1cd394504db139f009373d550836c2eb5274f3af45967b64bf69e51fc5ae1804315

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences

MD5 adf6faf1fb11ed324b33162935bda0e0
SHA1 44afaccf8d7d0fd8e86bf5ae21787751f3459ec3
SHA256 1223f73fa28d074dec183c84a20909f5b60bfa1e328f74d592131c22d7839434
SHA512 3d24eae5099141761e4effc0e8259c70c27d3005f83076ca25fbef651d7cfa8718285c9b660cd68328d8c329800a726c373f7ed422030fca39da20961ab9b594

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences~RFe59eeea.TMP

MD5 65e95c788b5bda513403f91cf7d31026
SHA1 f6549394be615cf8cb1fc40a2dbf16054677bf0d
SHA256 dac98debbf09c8843e5dc0016bb96f94a8fa2cad204b88855082316e6215566b
SHA512 d24f31b1a0b4029b60cd2264117f1692977b4730d301b82454aa8ef26f7f03b11dfb2f370049e7df54367b6a63e9e28aa3c238b4817553499a4d9b046ff060f8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 73aefef4af5feb570046196c0c9e1a6c
SHA1 5dd79f408cf642c16f1feb2e90f7052ad56769cc
SHA256 1eeaedfec974877fa9ba33c90a11fe2837728b79afc665492d75b974b8ed83bb
SHA512 2f0b9373aa9120cbb48ede93d98c31342d1dddb17b841a51bc3b50ff66bdb5bdd86aeb261d8bd597952a613b9ded0965ed898046ed032bddab8b24c27198fdb1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59eeea.TMP

MD5 d1ea527a56d2a502422c744c43a51ebf
SHA1 32c905145dd53f2ddf8407878e21c0d22bb053ec
SHA256 f64ace8900f3137544254d9a5921f99687f8a591286e7117e390299f88b29454
SHA512 b19760466540c51bc9afc11b1e8a5e06d3a53109e7a0d560fda4020b61fb0d0f874282e1ea2e088757049434488b0b9da0b3beddd765a90f389f8c476516fded

memory/5324-1411-0x0000025DC0D80000-0x0000025DC0E2E000-memory.dmp

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\0a9ac98c-1bf7-498a-b752-0792eaa463fe.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\69558ac6-7266-453c-8da7-cd7e2d29bf20.tmp

MD5 e2044eaa2fa3e05c09aa2d6f49650b50
SHA1 6cde6eaef9358dfb2de74fe729ae8c519fd574f9
SHA256 253914b6a6d3def7501d200a0e938305b47eba84a7c0b6a5a7f2cdada0488d14
SHA512 5f6e9ed38736abdcdba9fd1627673f1efefc35f952392e9806402d28b45bdc2c93d7d8cc35efba2076c8d5a8736eddb4e24363af046d4b16ad4e4409ce020ea1

C:\Users\Admin\AppData\Local\Temp\096175f2-7670-4a0f-906c-d7086825726d.tmp

MD5 68bd679218d97c36a02d46442ac3c84d
SHA1 c11a7633763b70f5ed8fcc5bcefde808800dfc03
SHA256 654df99e4671942e469f32e713d36eacda10b859939d9dff530b5c6b168b6776
SHA512 35186a8dedb317795718abf2c0b79c5c7ab9cfe5cb56bb15f95986bbbce5bf4880ce9fcf0892e5b61c5c5e8ec57261a047734c30725faf943b2b53e67cf7235e

C:\Users\Admin\AppData\Local\Temp\68c56eba-4dfb-44f7-ab11-1f5db5cc4bdc.tmp

MD5 bec51734ad42fc569c75f786ed80a2eb
SHA1 7356caa4412cbfc6efd801e2ca03fdde1c36efeb
SHA256 2702b4c3d30e74bf7a89ba502b3da529982c53881b6bf5acd1d5b9b024e806b3
SHA512 738756a29ed70d098dd0496b2dbce6dbb1ab94977ec0d5d464d04cbe469434c174c492e77a25761e1ba24bcea9382887236f2f57a565bc9ddbe0782a3db5f1ff

C:\Users\Admin\AppData\Local\Temp\ecc398de-fcc9-4823-a267-5c4560935c23.tmp

MD5 06d466a1cde4306356506b35153c5ebd
SHA1 c43850528e8150e1f0e253653d2f0155d00585fd
SHA256 6b1205e9b435c6241ab9c244b1dc3c309c1d82211268501e71e43c4425fbf590
SHA512 5d79ae61fea7097ddf4b5f2c639ddd1ebdffb7d0e69b74aac47e166afbe94e88e3a4dbd1cf34d55c6c8b0fcba3c30b676c8460b120470c17278caf22896b0b33

C:\Users\Admin\AppData\Local\Temp\1ae16971-8c02-41ff-b616-a520c37169c3.tmp

MD5 f75cbfbb5eaa5f46574955ed6651da78
SHA1 4ce276c03898e57667b401761fe1df5f11304a68
SHA256 643962e7cc16bb8e9edbea5f05473764199c7179d06a65bd88a0d101d1d5a9bd
SHA512 287847c5caae39fc80e90ae105a5fb0c9349f402872721c599eb9c9ccaf171437879f0ef8bdeae923bf4520befa316b60acd3e975caf8496f05dad24e1b34e40

C:\Users\Admin\AppData\Local\Temp\3a39bb55-7263-46de-be33-0c737364610a.tmp

MD5 21b06e448a0bee23eb6b80dfb39f1e82
SHA1 d60b3a9021a704247af4ba58bd539d42f780661f
SHA256 3cad9f24f2ec2bee7bef2410ef713924640bda964e865096db6dde37103481ba
SHA512 9678b1302eb289f04c0fad0a60455da7d24da4bb72177561f8668f0995d695485eba915bb222d7231a8188ac6ff3b4b0ffbbfe3b725b9c0112ca6af9465f5709

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\CRX_INSTALL\_locales\en\messages.json

MD5 7fafe793c9bf9b5b43aa5d128c89b866
SHA1 2c954082b4939602a52d1c8c9b239da70bc96c09
SHA256 23f8c9ba84b4654ba6a0d7f7eba743a1b3efb0d660424044bc07a98495056613
SHA512 8fe4bbcb64b517001227de504acb4c98d0bd630650356a55edbc7f51e7aa5844d041464267b2c489be02534bd677ed7db389410021efd3943a7380855a3e0974

C:\Users\Admin\AppData\Local\Temp\dd4a5a60-fea8-4ee1-93c0-54aab992d8f1.tmp

MD5 4309d5e871697249cfca67e67a8708ee
SHA1 5dbd4b5b22332b2a70ea425df0a812714f4f3ef0
SHA256 b5eba951ae25d50168359f7f456afab7c69ee8c86127bb72eeb4402c1ca9bd14
SHA512 285147c13b996a5b66514475bb106aa2fe499b52a78ddfa3bd540a1ee1693a892f095f31c83c7c4ac06c487b482ae22142453e992d79054d18efe336a94cb70e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\hi\messages.json

MD5 8beabb01ddaea3978d66976c592c8a2b
SHA1 cdcac676390662271d102ee5d72a4fad3059dab1
SHA256 d36b0330f35dfc2c21f0fc815d454120bf4baebf392db700de188fdd3e9e748c
SHA512 23ec2ad493e8bc1a9bf4c67318945408abb0145efe0783e989b74616cc829d9216942f77e5ba76944be24e57ffc1d032466e019884a64731c2133b5ce7633c06

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\CRX_INSTALL\assets\brand\img\avg\icon32_active.png

MD5 df5da476b0d3d4fd48b1048d319994b5
SHA1 d83e0278b1ffce1dbf5f9840817eafbfac6f5b67
SHA256 6eeee9e6da365832186d83acc416dfa94cf1dff6d15729fecaf683f87c28d11b
SHA512 9d7041bc82c53f6918ac3f40d0e1b3b4434a8789cfa46cb611b3f4fc3dce55b1b5ef01d2ab170e4477e6d5038c3b306d6a92f22b1bc33d532376861d67635632

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\js\popup.bundle.js

MD5 e8b26a629d62572db5df5fd5bb92e5a1
SHA1 13ef893e7a331f60f1db28055ebefebb259740cd
SHA256 f05e873a5805c057792f287f8ae36a585f80905daa81d0b7f53a2c5cf47de5f8
SHA512 6a62c988a32338861998b4ba9bfe9385b2c85269c4c1017afd61a06c8dae9aec365a3ab0b01551fb8e4162d4adcadd3d73e02b0563264cf7228a0bbe54c5e022

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\js\content.bundle.js.LICENSE.txt

MD5 f50e40292fe330a7d3d6ff6168eede84
SHA1 a7cc15ffa1a29e1c8feb709eb476213e91535e43
SHA256 8725dd57ff707cdf878f806f7a73241ba21c65c6b05ab2a32205ba4d779e1988
SHA512 9f7b628d745f298bc6daf23955b07298a84cbf193c986e48b8f809facd2715fa52a003ea61462fe8c9cf3db0568b0308a7454289c730f06fbcfc174485462f6a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\js\background.bundle.js.LICENSE.txt

MD5 f58902ae8b03b1caed8114ac16df13fd
SHA1 5dfb0176770fc43396c532edfa33cdf9f89a215e
SHA256 beb8d83ee0ac0ad93f963ec2810fa12268ac9dc287fcd0011adb3995ca24428b
SHA512 ac5ac9b891a941780a7ae8a997eec77026bd66da559e4216e7da240c5b12906a8137091c05f4fe502aa63030955773d9fd5fe556063bbef25aa535d159035314

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-slide-up.svg

MD5 de874fe08f82782d0b93619ee87b7b7e
SHA1 17547149465d106534071713a0394e6d4f17728c
SHA256 c37fc377646f6a65e72e683f4c8b2fe5c9a8c6ee002d9c21e12e0514e393fbc5
SHA512 8b415a12e125da1153cc030fcd5ac64c26d134d219260ad587d3035f3ce431545a32610b89f40665158c750f3f867533c5da83e206b5c3d375b1b250e7ed56c6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon16_light.png

MD5 8302929618f4a81f0838135fffc15180
SHA1 4f1791ec145b9f7db8a0af698dae3313dd4dcf54
SHA256 cb33afe344f81368bfea304e3fae48dec30906010be575c873a2a326f0a6f62e
SHA512 aa7632eab0f443245fa310f8f519b2d109be3e48019cfe1798f1166fc7798d6f91a855a8130323a4b162d52cba192cd56b0f25ad590013f1eaa3e9aad489cd8a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\brand\img\ccleaner\icon32_active.png

MD5 6534e64a636634d7eeb09a7aaf28ab4f
SHA1 4164106213902b6fba38af84e2f67e8757242f53
SHA256 0cb329ce664f01d54399b41e830947ef9449a85ef3e047e6aaea35dce5fc1b12
SHA512 b7141073292f446fb851b338edf8dda3d90ca7a401ad521494347609eb5ea5a8c1a6ae75cbe08e7667b61454abb234ed4f0d4ac192b95d2601c1f4666576baed

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\data\trusted.json

MD5 c88381716381bfbcafa44a47263b1c68
SHA1 9e0abef60d6919ef690f5251d5113fcad51ca4e7
SHA256 c768258f270afa87d35fd287e98440cac843ea4d997a8e1f448c1f6d74e9709e
SHA512 97ad30627e1cce8c98dfe16367278b1695530fb8f318439f2dab290cbd523ce140a8c8e7bddc3930d5f4b3e797710798ea866665d00e9bc5f2d7b3c3af07b6d4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\contentScript.css

MD5 615c1eef4777fdf3e0a67df61960427d
SHA1 076d9c4f089308c05dfd189c793a112241da6129
SHA256 6e047fdb8996a22c2bf869c4b7dadb79b8648a6cc63c4b532f2bbad94df05fe6
SHA512 29868847809b1f2ab34b6b774774bee1dcf67f45f643fbdaa2b181b78a4ce32ff48ef900f3eff272de70598ef8d5ba6fe8b67ca65eeb672bf3fcd99b7a09fb30

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\background.js.LICENSE.txt

MD5 76e4242185e4dc5c685b94177d7ab7dd
SHA1 f8fa99ee4b5d70e0f72b61493390fcb4a282c296
SHA256 9145d7b004e4f8e7894b2ed612440eb45d756a46b5cfd66e3784b904c057dacc
SHA512 c4f6fb1035a25aab15982de501857dfe3bb6c70515303abb598cae9ffc29ca0fcd0eae67bb05340954cfecd80dc9342dd0348cc1afa6882a3b4b3794d4fe5b80

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\background.js

MD5 e575893fce0b2f05e8a023b5f7fee2a1
SHA1 4b34df52f3aa6825c39d4e7ff569b6c316bbb64c
SHA256 2a69295f342a6b5b352168161af4d35a24d684f34bbc629d37b1c01643854d06
SHA512 5e5294c57c7dcb62bb13bcf239b5f689ca75e1f53c9baf1af546d2b074361fc719e1ee65e88ff3f9253de323e18df83e246e4a7d1de38ed58c9f15d4c7c2c444

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_1446912149\CRX_INSTALL\css\fonts.css

MD5 222b7ccb780369911363033e77ee7aa3
SHA1 4b583b94fd1fee73a39b28a0aca1708b99adc260
SHA256 06ffeef3e678be1a8c9fd3907510165a13c782ce9f1c01364ca5f6b6f2c8a9ce
SHA512 907f9b8ee33cf37a577e89eff48d18af3b1b8473d1da0ec1893c5de7f060943cd54000adc24ff9a775996f17886be20a6d3dd761ce27c7f63f36434ea7408140

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\icons\iconDisabled16.png

MD5 df7761005c523247ebe938c66ab20403
SHA1 e99d95269092fcbe49221f896f6d657ab9b7ec5c
SHA256 79998c3321ac60a48a7a83f848622a1fbcd5bf18251a69c7b74edb67181d1bba
SHA512 1bf54b9526fa22c417c88f84df86eb054540db926492d21699b194999a727830912c1fcb53450fdc737bc0b3d9662e249ebaf813cc077e84b6758326d328726b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\fonts\Roboto-Regular.woff2

MD5 73f0a88bbca1bec19fb1303c689d04c6
SHA1 463a07f5c66bf14e6d9d6e0f6d5e3fd3cb11f4ec
SHA256 47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
SHA512 18b8ec54deb993702689b44e269b1c9fa38e2bf3c8053bfd778da4cfad821a1d8455ace8085f65788a5ec8bf71339cf1446c845c23c5f59e5086bf44e468eda8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\app.html

MD5 c5199f9c2bf3ef2eab91521d51dbe31a
SHA1 818de832a3a7b38c1ae7dc19a4ad82860a3d788d
SHA256 cbe351f968259195b8b06b6eb84005f66199fe2d3753b272231e98309bc0f022
SHA512 5c78f0688a2f9ec47e0b3f2d20202eccc6a71a71cec98ff1253f5f4c51d8246ad34507df67b433d585fb7d9eb0d061f2ba32b74b37d951b5e0fe8d33e50a5a02

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\selected.png

MD5 4de4359f781e074541e4c3c58d6730eb
SHA1 8389a452a15264e2ce9461911381c5583ec62a88
SHA256 0a1ea6c1b36473a5852fa3de8009eed63b8c7854c591f096ec93e3a60440aa53
SHA512 a4f95cb5a185000ab627ca1170f0533a1e1009c6fffe42ec9ce809f0a07fbe451dc19868868ea9e3bbd702527df931d2c3b01c09a4325a28794c1ea3b89d41d7

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\teams.png

MD5 67f0370e9c7b2aabd5293453064f8c62
SHA1 1e1cfb7a789619c39fa88c56227534926f0b89d0
SHA256 a3bbed94b719d32b9cd7d64dd2ba679d06efd9e25a2224fe9f22a537146edbaa
SHA512 a4c9480c9f9f6c1a27deec71fac91f271c8ac5af5fb7db97afee89bbacdeae2de3ef2ffe3c793ea5eda45f8da16d6818f62ccbdd2fa3356acd49eb5332235b6e

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\youtube_music.png

MD5 d8367f0191731a05bd9fb272086c4a5b
SHA1 bba977e1791435182c7293bdb8d4f74518f97466
SHA256 94fc78777c47b7e67d6b0f08e91350d3e5c05279d30245d8549a23fabd4466e7
SHA512 e97838a5026c03263d33abeeae7bed3622d204bef8b5b65f011f1570e4512756db1cf6bf720089ab77c6d915f67784c94e1938727c4c74acb4d6e0d68e9a609c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu7WxKOzY.woff2

MD5 a8be5b46d06bb541b0968196ee5e6bb8
SHA1 8bf73bc09e50908cdba9b5f808d26eeb083269ae
SHA256 67afba35bed24f3ccf531a6bfd2c71ee2c6e5de74a3f28fe2b6188a8699f4e04
SHA512 a29d0f79b7ff1b259e705bb118f21dea6f8422e140bd943e311019e6d09ce10422d5ac8d0a375740bd12e456d83485bbfaefbaf152efc837cc8e6fd353871b7e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\en\messages.json

MD5 bcbe1c9afd59ab80714fe9e19be6aeb7
SHA1 2ee3f6d758a8a633c48806774abb54d947becd0f
SHA256 603d772092dc98a61b8758ec468ca064a11cad440cd5d97b79a44590f4a68117
SHA512 7b3daa9fa7511e434bae65dc5cad294988d46de0e7188ebb9c68b2ca44a61fa2ac45187a2073e708c3fac6c95c516d8ad32f22ae951f89be2031cd82e90a1648

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\img\dark\x.png

MD5 bce72899621cf00f570f027c93db6227
SHA1 906df6a0d1fce9ed08ac74430390ca0d3680032b
SHA256 f1e24442e95829cfd3ddf698f046f516d506ac4886a16fb9a4121745223d6587
SHA512 40914bf7b439b0367ba15f62c11e8655f4ad268acbb4a73deff6bfaeffcd93e8d3db3fbd9e530f3b6b51d8435d3c6078e20218c56e32902dfbdc72f01a494b27

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\app.css

MD5 580df1a8502ec87e92d7e4dd632467b0
SHA1 4d1e713ca8df4b04b48844945422a68f1d4ae59a
SHA256 4031441e07d7e7e5ad2fc417de028c246c1025894fe3eb4dae206834d96a7e94
SHA512 0cc42e52b0c4ea706fd0f705ebd0bdc1af109250175bd9425912016b6fe0852ac40f801b6413f05070ac1d67e686639f204bf3c80b2cc78931170e8b97020979

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\img\common\extensions_page\icon_48.png

MD5 5effe3a62f0a1ce081acfdc8a675379d
SHA1 c14e696fb8aabfeaa2e172eccb23c188056b9730
SHA256 736c7acc26c6fdbfc818fa433cdf80516cf887fd68d9a5bd64536844d395bf75
SHA512 3b79df60f4d9021b20950d6fa8ed6632fa490e66a2a871928aee6c1244669f8295d190f3fb628522e9983215ddfd0d3cca7873e763a9af67246abfffc6789c98

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\img\common\extensions_page\icon_128.png

MD5 0e3b912c34d10caf3766315a3046a6a8
SHA1 7bf6ba3f77e5a268d74b875af00afdb87ba5e92f
SHA256 e9556efd2ae974f9d910a2922d7ac2e1236b2bb50ad5861da8e3645652d56353
SHA512 9c8bc88466d338a386508657b43fead7c138de61a9c1abf138451c3c6c1fc49484618fa8f6f96c570358433b19aa9ae01b57a3b1194320ab08fb552a36b7b31c

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_1457592462\CRX_INSTALL\_locales\en\messages.json

MD5 9764406c182b5e377dc9e8023968e82e
SHA1 53999b0d5620d8e80f357edf7230560feec1d40b
SHA256 d8254fc7b70c9f3f5e16176f6bfba0fabf44e10de59b4a32ad53a5fcabf15b2c
SHA512 5b6595aec0cf73c52bb74f5b97ed92cb21fa68649911027328dfd89a0445d03bf26322fc98e410f9eaa748c01128058dfa55ae912ea5b6db6a73a433327efc8b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\img\dark\search.png

MD5 aebe63d9d9db2e61dd7559f12ccab69b
SHA1 9fe04e69f2a0064cf201396697f421408240c196
SHA256 db55238574695354f2b1c89e12286bc456512660a69743973d52b5a81ca3fb75
SHA512 1625430c41af97f568b870c0c1775fbc1ca9b7bb6d16913c191b19d38f8aad066719ea4c26a77aed33549573e9c4f4c125e7ebfda9a079823d1b5d67259501d3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\img\dark\customize.png

MD5 fa19efa8727feb4bcc5f88eb9749d6cc
SHA1 f408e3ce33c208b083cb8b28629adf67a461cc22
SHA256 0fb69188af63631e5ba8437ad1593643d296c353c1b9e1da1c0203a2f58e16ef
SHA512 3260700e7d0678e442510b3c0b3e5567af0ec5d4a79dd16d0a182d7945726f03eeac91a9770ae742b8a3d2afbeedea1cdb04abf45c64d7b25fcda138e11a1221

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\img\normal\x.png

MD5 c92e477e10ed8fa9ae5e708999cbc2ce
SHA1 74efc02a6a29c1bc46dae39205cddfd5326812f3
SHA256 fee7915c97fb688e38aedca870a914d02c5d622cb969b2c98004994fc8382b44
SHA512 0515b284938dc440d00d65fefcb24001858c0c7089c7f998c11ce8014af7dcf89d1a54dd228449eb4f15a978e50dd44cb3d806bf274ce123fe67bc1f9b16ff7c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\img\normal\search.png

MD5 e946f12f8b848199d2079b09a6ee0346
SHA1 e8bf7e3fb8dbf9e1403a36fe09089d4e4dfd6307
SHA256 44e6c0a25c80e63a22e4a7ce6cce0fb085e12e9497705dd78af3e06f2ca3c800
SHA512 106809ad433d941cf916f1906bf154de5caa47ada6ef5e3cdb83c42cae2a4323ff17a5ac29d4f456c33c48f78bf0d288aecef9d6c2fbcf39611283e555c9640b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\img\normal\customize.png

MD5 b9bd3789561c5d87ef4c2229eea417de
SHA1 58148f04beda4ebc481ac585c279dca3d620065c
SHA256 908e2d91aebcba47d8e738bc699f4572c8c65a1b21a1540377e31831338bbfd4
SHA512 69fb8dbedff9cb51527a681bf7d8c0b93f7c10a02dc9e266401bc1f15be774eb65fdf49f694055e86463e0437625611d4f37f0e7b4fc0cccbb53108d68a188d9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\gjcfnponmdkenfdibginkmlmediekpnm\1.28.2.1030_0\_metadata\verified_contents.json

MD5 dd394ff643976baf8c1a31ef8c9f978e
SHA1 0413e45623386b3f2a43068b524e8eb54743cda4
SHA256 4fc181f2e02eab22745f076c5ee1c944e3f523166ac535ade31617c058d430ed
SHA512 4db48afc6a869e8761bbe69a81c1de2787b6ce33f174088dd006043febbc007f346da334fa1ed3a56a7b24636b5c0ba8e4190fdbbd2135040725cc949f263f78

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_metadata\verified_contents.json

MD5 da75d62a54c62f3b76eaf5a8dfe0e732
SHA1 36207df1be4d0455d7c143eb6dc2deda7d3d6c4e
SHA256 944d212eba8738de04aa1675e140b64a7019257ea57b97fd780d93f14e3007ad
SHA512 f9cd02d1a42f7d47ead1b769bc318239bc775dd0869bdd64f19a8c0c2ba7f96591e71231e1f21d87133574acf721d213691bc923666999bdd664399adfbdc515

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\js\fpattr.bundle.js

MD5 7580759316acf0e6d7a16da84559e6ab
SHA1 f17ead86d623eb3527243ea6c6f5512a66fe7186
SHA256 f11caa7844dac279cb19b87a7704e4982804a131b5893ec436aa092df587b2c0
SHA512 181c4f78dd497539f010eb75e529f9fb48539d559eed5376860e4292cce86ac69b698d7791d64262cfc43454a98552a8a9bcfbf0c777e7e92f7cc67d035e59c6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\js\content.bundle.js

MD5 97adfec6bd687e9709445afc0c573c39
SHA1 1186a12a096465da449f1b0df7270dbc5283f4b6
SHA256 c103fc2d0a2484f40fa091e188ead5757b737bd86d2a926488062436df8cdf50
SHA512 e242f0673a8cd0f565a4dc79937bf8280421e2d90a0d7ac6cc18ffbc0b54a692edb714d9edf49d096c88cddc6465df086c98203d1abf960ac66e1186730bd009

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_locales\en\messages.json

MD5 70c7984777731215a65a737b98c49dfe
SHA1 60da2b4e5a80334aff5cab61d67fa0facc62f2f8
SHA256 fbc68d0c4ed3346ae2a84580168d43b8ce12bc97564e04131ce47a0c3328f1b3
SHA512 2609a01feb2f4aac8edb180d854dbb5c93e9b053791d2bfe9c1bc3d7baacb8fcc75c0953d7e150b2203ee1a2f4e65fffdd281bcbfc2fa29326576d7b887052b6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\js\options.bundle.js.LICENSE.txt

MD5 4e994bc011dc4913520bd9f4cefd135a
SHA1 de9aa409a953bce76c488dd9b7297a23f63eb909
SHA256 923090b15eca2d9a8c7f02431cbc23961b45e34a33c6ca0df8c162abc6f91688
SHA512 2d64ebcf3b135c6249d4883c54de3f9bc0cef36c9c071b1295816ee416481659ee1f62d06c92c1b4a92e48c88cb29312398d8cf4e54d3dd5112d801ef3b080db

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_locales\en\messages.json

MD5 b8645df606dd756306208ec441e9c0dd
SHA1 8ebd4f5103dc792b6a563768d1c3d6e3b4729c54
SHA256 6dde990f4e64d1ecbde90db9d3939f33b3b5c3d1b89704dbb8ec84df8f046de2
SHA512 25b256e3ae975c4928d1ab696e821a4be3d5534090902573136f9cb9e3c8005e77e159918d418eb6d6a2c6c7156564d7e7846fb4ab923494ff0d2b0df1304011

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\onochehmbbbmkaffnheflmfpfjgppblm\5.0.555_0\_metadata\verified_contents.json

MD5 8812b25c089f19967e2fb3bf69f61bbd
SHA1 f71bc3691f99e3c89831c5902f3bc14f67b85127
SHA256 a4211fa0704d1a9bf664d7cf309d8aadd2374f212fda1b21fb09118aa0eb2afc
SHA512 67f509e96fbc6eeb17c452603ec69838f988905522816458e1848d604b118b755fe427001a222244fa108b22717c506d29e69ca804451f7f8c0c237e83b7e6ee

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\boakgmelfgohkobfagbmnlnmpccbnaif\2.1.0.334_0\_locales\en\messages.json

MD5 6d5e76084c6a0a7cb86266076d008f66
SHA1 8779caf904bbf4b0e19423511fd4a3ed7a92883e
SHA256 d5ec69a6394640ad458b698dab3099632dbdadb25e20dcb002430229e711b386
SHA512 8286efad1963598817ee38236b1b9db150365e55823fa50f67f2a0f8ad29b8369705881f4767c8401a3228209e7cac919cd25aef4e5e10162d4bf57676020241

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\beghmmhchncjignfbfnemngnlnjdmbcb\2.6.240_0\_metadata\verified_contents.json

MD5 2bdf4d8c93eed2de85525f1d49b9f427
SHA1 7b2e62fceca17a6f3167b0bc6b13a9284ce7dc33
SHA256 d6b8ce4560018a0ea71c49e2fd9e539e2ea2fac775762d14277d55e47f503658
SHA512 4715bfc6e9ca088eead36c2420476a5f0c5cf22f69d3895cd13a4cf25dd1208fa329ee3149563f2b4c4e9210d3feb05b51380ea946772ea9fca4ccc999b8cfcf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\gjcfnponmdkenfdibginkmlmediekpnm\1.28.2.1030_0\webstore.js

MD5 ff713828113f6377533d41a36bff5ebd
SHA1 7157c2333be0a6df2db2dc0c25d36738acc823f4
SHA256 60657bad3b62a195d588178203e25df302ecdb8b51fcc49cc4f628aed8998dfb
SHA512 b55bd6b59b57003785db6a8f7e0f46b2ff4db619b4ea143c09f1e456ff1c5efffa46226984849cd8da98f48c06a79a4d00edccba3b7e1d4423e448f1be001113

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\js\sidepanel.bundle.js

MD5 ff787f919b23ba84fa5b537fcd6a48ac
SHA1 9d8f9bacba3edc99b1468ab3526b2fa477262078
SHA256 ded7dae4aea627857d6a0ed5ede8bafc770488873c69aed93520d0e654b32ffa
SHA512 bc713efb4ba13c56b611060c454c961b46dc177c3c033a54e74ebdf8ebfa72e2c8eafd612102264bd99d53743656c79db250ad2e59678b9e6270b403a6b8dd8a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\js\sidebar.bundle.js

MD5 7389da317cea8ba76b5e4d6f79fd67e1
SHA1 125ce4570dce15a0b29cea019f0a690bc0c60ef1
SHA256 f451a1362ba386cbb177cb9c00007583067c24fa481e7d706f04d3717b45b62e
SHA512 255e97797c78c3888a413b7a15b1c23ae09441c84ab5b5e6385f29187018677dcce5d84f1e059a3fb494a979149e6aa03a4d3ff9762bb3d96bbdeeb44d95edfe

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\js\search.bundle.js

MD5 e03a3d55df7e8a6b256e65933cfba719
SHA1 4ab38c2d343f594039403225f803766b0e26f439
SHA256 4d8e8d5f4f92d39c55200147e2b9c67f88325a60f822cbc9a875fda054c3a57f
SHA512 1cbaef68e8a6fe791ae8a092e8916f101c877f0e8fb5f86264ca0d29a698f435bf07c92409512033b8303b58c23fcf11be783614d357238dd41df238d09e3520

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\js\popup.bundle.js

MD5 fb0318831f249e57fd65fac40d56bb0d
SHA1 8cc3128f2ab27675038be6d9e75430de24e84703
SHA256 138ef8cf0671b2725af2d5e9274fab4b7ab3d196469e30f61e09cddc38f79b0b
SHA512 07817cb9cd6d47984f48fb8f4e67d13a59247fd4445c11f80f5ad7b2248e14db0b43ec61bd62a62cccaef1a4722f5af54e763cfbd4331c3ab27cc3f3e349fdb7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\js\devtools.bundle.js

MD5 19eaa54009fac2af20194f8aaf35481a
SHA1 994214afd38a99889ce9bd3812c4ddc506ec811c
SHA256 e46d223877ce7d0426ddcfd1ddc8286c8ea4c9b9f657f6f5379bdcc40876bca1
SHA512 a6821fabd723a28ea360080091cd4782eb4c9a9e294be9eb261100d496b27361de27d082adfdf1a03b5068b36d89be4a375c0b4d8612371fd3abed795ebe82ac

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\js\chat.bundle.js.LICENSE.txt

MD5 38328b7af13fec087aac5fb7fdc1ef79
SHA1 cc19d39aa56a09c5a369740840774a7f10314b7c
SHA256 7f4f06d926f7f48b99ccda244441f176a4f422b231f8abeeb2870db4960a478a
SHA512 c7445986da242f5d09c84d8064f8d0c0ee179c35a7bc3470252827a2af98b1dd07034c772bf569526c74c08c11ddd7b020a117bd0ff7d17a5d61df46fa18c180

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\js\chat.bundle.js

MD5 eac891b9d020eb4e88c0e339a2d3a7fd
SHA1 c039399692344549472a13210c6abd534d869775
SHA256 16d528bb35f24c229a2a9d2e7b278b686c86562dcc651e2e2976684d6e06902c
SHA512 9508d0b5e64d555d1c471ac457876202f55c9503d92dabb193f72c9aa13ca4dd31534fba4e1ac24851e018632b22d214b25d06f8d1dc4048bb3a08f0c2e2c85f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\js\background.bundle.js

MD5 990e83dc61425b4c3cdb2b0e7c3ac0b9
SHA1 57d0addc878b26c8f9579b65f6a1d0e63b11ee44
SHA256 cc35a6e37d67941e2de88f04af7d63286f751f76644c293490e1389b36524336
SHA512 6048f2c94ebe13038394e15231994181af0c2d5f4ae33fec72578a3fe8829ef9dc5b4a6cf8f74d06eb3ce3f508e139a3dadf9cbd2c065e0101b8403135391ee8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\ar\messages.json

MD5 5b63311276673f5ad9ecec180ab87d0f
SHA1 df8b578d7dc84ecf2776bbf9f9d4cff1818461c8
SHA256 314de7de09d75f770024a7b3b99818472bbb9b90d56275f48b599754e0564cc6
SHA512 3eae68bb4b789c22836e4f7d3c0238fc9f46b645cd93f865050e26d397bafee4d5af30b3ecf830d0f13b0bf825314c4764a10f2e359539b369cf01af980b1238

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\be\messages.json

MD5 4be403775b7ed11cb8e7edf125e024d7
SHA1 43d54d2f0351cc57e412145d553f8829f86ed0a1
SHA256 e94dc36292ce61b219b9e02f3da2769dd1b8a18c5b194ed104afd16cbe25b677
SHA512 a13e397fbd32f29134ce29404dde761b77a583c80e2b631b78c13e93ceff9925670c0135cac761b0b2b89738f74b35654dd98e60382741926c51cb4a7b2834c2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\bg\messages.json

MD5 895db943684e0d0578fd5de8cda666da
SHA1 be927b1a33c80c8df6e9584419b8d369a48e7fa1
SHA256 099dddc5d9335540370dd2cb1337553fdfc1f8c48b91bac63597c2f411b04a2e
SHA512 638c36a7f5038fa25be6e8b6a461b7db77d885c150d5d26943b8d4724cf839721bb27f48433ede6fc42fae25a37e4a4a83003b8788c59801c4604ddd123a3751

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\bn\messages.json

MD5 71b73398261156429fb8acf61c616104
SHA1 3bbf62c3b7c3a54144e958ec9772c121225a73d8
SHA256 ea3c0f528a23adacb258f5657de8e042cb57e5fe3a31dad22e1e822e6eed688f
SHA512 b026b568dbd61f0456a4183c7e391d3dafae32da801d13127a2912858fcb843bbb21ee14ad8a24af5803a8e68eb18f6f4e1da27655302e4a5f610fb995d997b1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\ca\messages.json

MD5 6320f9cbf403fd85850db1bd65fb7a1d
SHA1 263b0d7bef8284778f851ac15c6d4c2ea2d774c3
SHA256 d48e2a4461786a0f82f9d9cba003a239662213c9c8b9e6eab5179ff055446702
SHA512 a8a1ff6c5f9987ccfb160a36878b5d498ff574ac11bd357e333445421f403f0c020038912398377759d663966e10430a503ae43cffe383a2330960e44449f217

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\cs\messages.json

MD5 5f119d2c7c1b1068a9e1abf8d8238ca6
SHA1 b0a05cc99eedbadc5a51c0dcf83c1e343d12e88a
SHA256 9117928ba2c46d33fd5059cf18757268afc0bd3985adb4f6e25df53fedf5d9e9
SHA512 52f7dd9d4063d1dab008e9db0875d4fe090a024cd20a420c774676a4e82b74ab881e8a8c9e8e4e019772bdacd55468e935f3158b7fcbfc11acadb71ef9e10e15

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\da\messages.json

MD5 5bc2c131087d48a4193559a73cc1dfdb
SHA1 22a1897306bd9ce47d22d187c572b242e9c13fef
SHA256 1a77113edf1274a42f1632a880144420976e2e9ed12a80f20ce1d830fa8292a0
SHA512 67616b6da5be5530600eb2be0c8424ed6e1eed8990d9e953b0d528cab1c96fd06778b3e3e8b365e47e54ab75dcc7bc6df0d9170765f88a306b266b4b8507426b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\de\messages.json

MD5 f6200bda0403d0f8be9b74ec109e34f5
SHA1 294c92a304908f1bf4cafc8764f6b66ac3021091
SHA256 2d7c07c84a93bb71f7c3209fee411850541d88cf2e904eb7f85434b1bb5a4f1f
SHA512 f0f0b2ee46c3d03daeebc9a1be798c6d1dc3459d5fda2c776ba9560c284842cba8048caaeebece7c18e3306c63c6eee97c8c68da26b4481499a4dda82b46ae58

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\el\messages.json

MD5 1917ecb3df4d35946d2dbf859677f7c1
SHA1 6861c4bd235163042fb2fdd8b4b420f2d7ad35f4
SHA256 0b189e2dc1dfd73bb8cd58269e96f709e63087661ea826847d9351f4c65335cb
SHA512 663bd56bfd538af1e529a80e4843ab9845de10ca583da65d1bc5e94f1e2fc58e93c15ed6d947058f2d54ac2b9c98d805e54e40968abba9b782aae6cda499b5b5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\es\messages.json

MD5 12d3031875400e1845d074d902096778
SHA1 1ac3b01ad7ac1a651f3cde95b55df5579135a031
SHA256 5c8ee94a3d6b8a4ebaf7d5c3b3e9e0b0e31b993e2cec8d5443a939b7e4744b89
SHA512 fc15f54e2184c8221ef003da1e52a8406eda49927b84e7c13ee9e8debb7ed4e93d57fcc51285fdc49e15cddfc4716e1c0b1c202b2845815d26cc9d282c4640de

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\et\messages.json

MD5 8bda871efef50845fa7b8ef1ddeecce9
SHA1 30686c22f9f9196cda74319857acc04db01a9dab
SHA256 482ed34c3304d4aac8945764c23cd29f49260bec63ab9340c8b14b031f563953
SHA512 573db11fe1b536de306a222983ef76520037fea050af6aa2ac2160fa452dde419dc0d9914691b17a3411ad1916fda7f068f45c00ec05de14684ecfa3b83b792a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\fa\messages.json

MD5 6b47a06eab159e576ca7631ddec70a52
SHA1 34b4ee3daa2a11073fcfa26244191d614ea0a409
SHA256 a4166b72749bc9c04fcb1871015b3a9b4cfdaaed4cf2cf11b4250584dc2d034c
SHA512 0051e76f8faa3bd40edd93e2edcc24d2319151e59a5c6d07ea8214cecfabfc877684a1eca736f77dff22ace2e039ca216e0b060080ae61f4234164a1445d875c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\fi\messages.json

MD5 4e20ff5e258fb1afa889c7b747f5ecb8
SHA1 23db9496fe9ebef236b7b8f39f0978a016162ad4
SHA256 767e9e4d6d3ee1d447937ffebed0606ef97ea7313816f0d55e0388329dd58694
SHA512 c94f0bf3b935d638f4b14b0f282684891013c94d355f25f8a06a1aa0c895980aaae1c742e1218c3ae87c82649d40c449d45d27743dfcd622986b183a826b2358

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\fr\messages.json

MD5 5f18ee7017d6b3e4e456ccc330d55596
SHA1 63f02e63a0cef3a3699c068a3091b0c9f50441bb
SHA256 0016f40a7e3e11e39d993be50196d232efb30fd1e874ebb3f82085b3749bd882
SHA512 318c2af1d8d75bc9f8a70a15da087da514daff1a2325beb888e56e25e563ead3494fc36dd3c39df25fa3cda9b0b175ef7c3380e36a5c6bce6e0af88bc31e5b6d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\he\messages.json

MD5 12b3494e4adf3deaa0960e7e5161b55d
SHA1 575d90ab7a4e029631e5feac7855f890e2f4ca66
SHA256 9e6e74284a07267251da5f205fda8fcaac4e2e5cd359aa547d0dfbc0c87b9a7b
SHA512 e5323f9390f7c42dc226071a07d7375bc364fdf23df7fc68f0a55229eee52835683696ca6651e5fae1fe6d64832a38bceb1da2978dce71bf45258a9476bfec12

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\hi\messages.json

MD5 f5c474975485f20e28bddbde1115f31d
SHA1 ccaf46eb9053a611a139c87c6e9f271632150e6a
SHA256 2a70ab9b92840a7060a752f52823b1c34fdf9372283d998a3e4182be118cc724
SHA512 b154d5e5c8dab2a68b0715dae3ac80d9e662c3841ae10ce21d9faca004f6befc57ee2614a502ab4c01d58981f08217cf04effb0835879eb48693d32323eda79c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\hr\messages.json

MD5 6b414845c4af9280dbcd05b224d7fef3
SHA1 ff134363148d53516a81af54341678a12f62bf38
SHA256 351cd1cee598686298cc2dc476b93c39f3a830790a8ca96f2ef71727f02016c6
SHA512 0bc2f56c9548101548f6a27a88210efd596c4f1320d062cf16c82fe7b4a5751a33716fa0bba272adea98ff7b436972f7b5081ebb24381757e758df0454e95f34

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\hu\messages.json

MD5 66e5699831bde7d2d648c0593f5301d0
SHA1 92b6e2080e9661b8c575d119b80c3a001dda5ba4
SHA256 dcc9ade60630c0f96c78537dad7dc0c40f60bbe821d5290edcfe39e02e526934
SHA512 4d48c22df26c5874b5ee993641940e55813e02251a1d54b33d64987b125017f2a1b8367bf423f5a1560db54fc8dd8cc8caaeccacb87e47813a6723bad2575fe6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\id\messages.json

MD5 9c848b1bfd5bf416c9b4159af9bcd5e1
SHA1 6382257965eb4731098781cde3976a9b387ddd08
SHA256 7f46e9162b9c18e0c31586bd100e4022dfee8f51ec576033e9dfcb62b482bff8
SHA512 38b456c59e62b06918d78223695c4b6121bd1068dadb2ab7827c0330ace089926d578a61fd484bdca112bc27bcfcbc37a243ddb9d5ed8ad0ddfa25db5e1295f4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\it\messages.json

MD5 4fb3809c22190c3b9792f89358d55d71
SHA1 87de2245e4d4ea0a9cac16219e391923529d970b
SHA256 afa463d73d0e1fab734cab204080de2a51ac777c63ac4f8e57db1daed2214496
SHA512 b06a1b37d5e67eb919eb3d0c394647e1812366ba1acedc77ab1f849010c722f6f0933a1c01e4ea59a755aa8f3f781ca27c9fca7dc46074eb62d1f09c76583a0c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\ja\messages.json

MD5 6500f33478e0685d8851529b8b9bc02a
SHA1 5762733a2ad85f59b1b932118c9f7b5ec02b15b2
SHA256 f341e36f6f0ddbbb1995b9a85d35f9daa784a9c9c0a63f18df0da00234916c0f
SHA512 4f43647346462ae6f31fa13bd8679c287a2c09e8f339336499c8127e80bf5d1c3d9afe16642fcfb4e5ede1282de489b5e6c02f1df52032577d59b28797fba052

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\ko\messages.json

MD5 3f482e6a692dab0e7e8b2d445f130aa1
SHA1 e7dab68fc59716dddb1fe5c18106723bbeeb755c
SHA256 472cfc35e5f44bbe71cdf15dec07862b7fc6a0387fdaf70eca7919a10967ad4f
SHA512 bfa1f7d72754d7dd37ea7de9de8d5acaf7ded778c994e33eceba3c6a07cb2a207ab86136f4e1c90f509691838049832d80e66ce502d2ad1ed66ac4d981d4b646

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\lt\messages.json

MD5 9ca66b5a2a5f7e9952b1981b7830a6e0
SHA1 2602bddd5f71f64f7835fd42caa78f249f3dc6b2
SHA256 3ec618fc3ffaa734115df6977a8e49fe525a2845cbbf46fc2c92722a348eb489
SHA512 3597ad51e9568dff0ef74f32e6428b37cf8d7e57b9769c6315a5bb01b2a906a02555fe26704d36c401b89f4874914ab57fe3be37b769f055fcd4777a54704a3e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\lv\messages.json

MD5 65ebdf7710b2943bae9c8287559cb7d3
SHA1 8399f6dcd8866f867f10bd8370a5b917dbfbc94c
SHA256 efdf4e12ec836d17a478afd9eea3a98702475a208032af1157fc6ac9a9a2f90f
SHA512 fb9ff5e734304db0fdaf54a40bd9dca711eb167dab4cbcedec08b026f11594e15cc7e57e2991daed4441664ac3dd10b68975ad0cda7979a7c1a655a029abd49c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\ms\messages.json

MD5 5df909d0ed90efdbea2bd531a546468c
SHA1 35b698c156349f502ef2b119c3a0afe0d4b360d4
SHA256 40c46bcf1a74016a3763dd986f10c413e318c69f16da47ccb393b9943dcf0d2e
SHA512 6d0e66b17651eeaacf1dacd1378d6cca6c630770d024a5aa7643ba82f020c52cd863bdea3fa36b41a0320a87bba6280f0a731f82d18f73d789d8f5f521997fc7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\nb\messages.json

MD5 05959b1332cd06b561daf75ac26cec85
SHA1 a2c291a0f534b2a2b7d750e9156b181b7e3b5c79
SHA256 4391c6169cb81a789a8284d51f4d2763b982437ac9e051edf5bbd52691254329
SHA512 1003b8c2778bc77ac20c4952aecc7aefd5d9e32a3ca428c869cd963513653d729024fe4360a47c18ee34be9ecb6b9735ade781efab7b14678323016503ab8b24

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\nl\messages.json

MD5 79f260d87744b1a7da6761816c0b34cc
SHA1 785f8b72332e03446bc5fe9c9d259132f3c2bef6
SHA256 47efe93f783e7b55fef51ff901d58645be3b787d21473137ea95ea50e1326669
SHA512 8df314380bfbb99869496e259094cdb454faa90e48c197a85ca3c190038d8c2c69258a90c78214a86cf7d5ed51022ffccff91ba1b365f2d18b190f21e1739ed8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\pl\messages.json

MD5 a529f8a6f583dcd5b3a8d697a709483a
SHA1 83bd2496f273c3bf7631db27120852c48ce1bf48
SHA256 f7b87115eda5f9b7ba91a895bfd6f485c85ea7b32980366c8d38b53c2edea112
SHA512 acc47f902a23dca9cae1da84edaf9fc05f0bdcddcf2f8ccaf94e411bb4a7f1d550e8f6c484a7a558b21a118385db0c2596ba89b19f543a91dd39f303d2c757a6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\pt_BR\messages.json

MD5 f4323bf9e4b6dc7cf7a66af6de7ec127
SHA1 ba02fe4b11f4c7143d6591d617652aa7d704dd6b
SHA256 f1d7226288f7294b10cc15225a40d601bf98fd7e6fd9973b9a55f20d2c5d5f9a
SHA512 34c476fdc400213ee42210d428278e608dcd8d61269f524cb1bfdc5573c53f9f027104f91e17ee3d62ec4c072fd0eeff78a6150eae921a883f9d25011358f6d8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\pt_PT\messages.json

MD5 8878ed33213098bdba0a15553f1d8054
SHA1 d277706cfcba92c17d3e0655d26986499f193365
SHA256 28d049d1b8926c5ad84af7040a1d82e84999dc3baa8c13c11cae72346f506418
SHA512 f1accddac4c4256f6eca1c31fcafad45b964f2e1bbb00bdd214a97d9a163313241ef4388a48b79a71e7f4c99c8636d918ba577b2c8289df408a53b75c7b02f6a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\ro\messages.json

MD5 b4049fdae014e99de5bd90533e0b78ac
SHA1 6288c5d71815238631ba75595c05177fb9dc2052
SHA256 6008eb84d4272c8c13422dab72e5ec2539d305bf4e1e7467b6a8e3b23594c646
SHA512 8a01872a5a00585e3643231d0bcd8cf5335ce61e5890b1aaa12b201a2a044f45100970cae50f0ecaad23630d0ff1f4c9d49f52ebe9a502162745a4e647430f6d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\ru\messages.json

MD5 d6f6d131061fd9f67934fe54fd98c1d5
SHA1 dcf49660e88dae657890e51ba062b4964b8a19ff
SHA256 c8c6510daeeb049d8d9d6f953f8ae40a280b19c0a65c6b77b2b6d63e01a84771
SHA512 01480e6d47ffeef3bc6c2a8f49e258e7859a4b09da11330ec74624a844747fdb86e695a82e45dc762751969102a4e582016421bb84186cd82571928c2e686d92

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\sk\messages.json

MD5 bf9113953a754b48047660d5725db6bb
SHA1 1dbffbce0de205e64b331621e2a0c1967aba40f8
SHA256 437eab652f4efcd59e20db120b1a1f91d8c1737b81f2b3de8327dd16f2936da7
SHA512 e808290bd7300568a55c645d8cd5c57779f02c010b4c97c4376014a3b592a322ed3e27e2c3bef24c45be63bf0b06b862d088e82ee216c6ef943fd37403a1cc43

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\sl\messages.json

MD5 72091a45b5c1f4cca47de3cf664d2c2f
SHA1 76efd13166834a4c8f6cf438e9f285e3ba2f5701
SHA256 8023f10326f163bbd361fedcd8917e284192376ee7a88aaa6359c082ca496683
SHA512 655ab3cc6bdffed452305ddbb118a6cecd198d09d24c4d9245a783b738c95650654ff08f66a36eccc596342685e584c805b6ea550420fd7ca0cbac3f1564925c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\sr\messages.json

MD5 33a0558264ec39ff3080533c8e265775
SHA1 f631b27197f328d4bb4a726df06845f3ab2d33bb
SHA256 95c7436ab0c088034aa1d8e991e7009ef6e4e64e03b1d4a9259ebd24120e5a9d
SHA512 7e3a933340f6a6ae88b96c16f8b49c42cf889975810f2096a16b10b659bd2f71c7e1ddcd24a0475c9b5bae9b20b125037e36154d9296d5be4f51b1ca7f47c171

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\sv\messages.json

MD5 315a15dae4ea1f5d3665f9eb1a3b4b64
SHA1 051bbb4b0f7d252fcea107cdaba4cafa5987df7f
SHA256 d153c070cb2096dd71acda355a9b27efed79b1eded26e7f6cfb515b0587b2073
SHA512 014a330395a175dc06a3a57f3ddae3859e72860bbad4e39713ba9ebd4326e3c6257bf326688e020cdb7c5b16d8e97182b714c26b9dd8dd1ec34995ed88a9bd7e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\th\messages.json

MD5 429d557fb53818c096869eb6a3e76df1
SHA1 19bfda65f4805198c000e248bb3736a497b3ca45
SHA256 9a6e237a322732b2f2fc4feb06848482ddc131deea5cabb138bff8c189afb5eb
SHA512 0f9fc90878db46cdaa175a252d633a1239077b24770db3e1a5711cba653a9ece3fa780a896cc537d095378b67db260cf0cba7bc95fb2abf34fce432b75e1333d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\tr\messages.json

MD5 23324e6a4d5e0a6f5ee97b8f235c4641
SHA1 c2295fe0fd73dec8986b61477190a82644cfcfca
SHA256 38f0f238e2cacbe3fbec2cc3911240ce17fc4e4244394d7414f527988d24a757
SHA512 e24ddece8eac10ffedd9257652f51c97c344b56adebde1d73c1caf4620da7cd8fe52107b2932d7f992c6dc3545306fd0e50048ccef7e651c5afd1a764f1cfd3b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\uk\messages.json

MD5 8296019763e619e7a68f114b688c9e4d
SHA1 ace2c41ab010a699e28bc46b5119abce812b4692
SHA256 e37b4a089ad05538cdf8e89a22de6cbde1645b8ae76b60eeab309d041df6f8f0
SHA512 7645b9fad7e735954705e256363055459a9d06df03d5e278027dc8f3f1cd8ec95df3210bb8ba0dab618f52d64a892948f1e0845a8dd980d963f54513f0ff9904

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\ur\messages.json

MD5 b87063d32e98b5af6819a334d1bb98a0
SHA1 6418802113ea03f37892754c60ea43e1be73603a
SHA256 4795d80384f72a04c41a9121f54b2219850aa794c35ec8ffa70e17994bf49ed6
SHA512 bdbf4fd1436cc454ce34d20e2f66f74d20bd59c407a8baaed2dab05097ee27e23cc92c2cd5b8cf889d8fd3e6676b03e3705a46366c2e64135a702a814825003b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\vi\messages.json

MD5 55c1aec52131b5306f2e6697780f969f
SHA1 bf5d463968b476ed4d46f6d0e67bd7535cc7bdea
SHA256 12cefd628dce200bc3ef2b8fa7348b9a149d86a67c99805f6df5c40ee513e80c
SHA512 186572110e6593e8b75f5861cdbae4947935146cf3ab702d68f19f382903eebdc07afec96a56c0b676004f5b096ea26dc01acabadbed246f4196a3184f3023a6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\zh_CN\messages.json

MD5 93f7689ff860b46411f987d1dd8f4f3a
SHA1 8237951525faaa43e10f407bf0f1535092c0606b
SHA256 f0df429bb1b5af769b0802fafa1e749241663b455cd6d9f95b7399a4429e2e8e
SHA512 a0376004a3f2f33f4b5b0512e66be52171ede9ccfb8c783ab8d94815cd2cec1f43ad7d996da492c5f14155ec6db4071b4904e91cb98d222ce4cf008254d0484b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_locales\zh_TW\messages.json

MD5 5cb56a1501f2809dd5d35a90a2ee1054
SHA1 06dd46b230dc7e4062c5a71d4743c8437118a0ab
SHA256 197ab1006eba854930cda87bf44a6d1212ff668ff92f7372a5c8e783ee5a6412
SHA512 cf50872a0fa9a8b251a328db4dbfcecd196b62b5f2db44df7135c2d0c842588bd979da3d438a14ff6932bf969a2db426dc97743a782da95a81b2d44cf5984628

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\_metadata\verified_contents.json

MD5 6ee0ebaf8a93a12faabe8073439035b9
SHA1 32a942a4cc19ccf005af7b748da8db5d992a9a3f
SHA256 0be23dfbc501facc4788f7159fe6045a4e514c5fcf13e21a0bbe8f4f21963290
SHA512 5953189dd7b41a1d238d87f7fcb675ca0c92905d621adcbe4e1b621c85b56885bf580f44f775e79168410b32e530f4298ce353f4e1c0051a2c75a6f49a99b0d9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\sidepanel.html

MD5 724ab6411befd8106243b000aba3c480
SHA1 621a41db0702c80701a571eb371b3919d01eedc2
SHA256 e4cee6f7c6defdc5eb31602f5b60753555243b06e33c35b1f97811a94544c9c8
SHA512 c4e14eeff58f75b93bd2ca081b513bc101de3ba7c96008604810f885c06fab777047eb2383ef50077999560fb44e3b342fca78511887c22f86c948d571d15457

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\sidebar.html

MD5 9521f21c9fddee3744a2f1929b311605
SHA1 b6f5ee447f56f9699291ca009f3a7184994ab6ae
SHA256 58d6467c7e4ec9f72e53d78c4e85cde458178366799c6f24730cfbbafba775ef
SHA512 83360b0bd6b7939c73aa21a24f92e8a80fce7728193e78b522d9cafbe65c5e68a38d3ceacf67af5f7b2f0708f0426ecde7e5775164421c7f48bdece6b1d3958b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\search.html

MD5 c066994f7fffc267624b5a301d839bfb
SHA1 06cbd64fd69d839e012cc197ecd999146d0e4609
SHA256 f771bc0a30b7ae998cd55076b19ed30208b5bbc4c7a85274ed1de829fa10d38c
SHA512 43665fc4fc8d5abf1bdd9cbfce99111d257013592ae6d6ff55ac4b4126d9189e64de8d77cef3045da07f63cc2e10a762965d9fb791ec14f1ac14580cef5662ad

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\manifest.json

MD5 9058fe9d51920ffbe5847740641a7b12
SHA1 b5e2c66edb8ed87a7c612e920667b6c846403026
SHA256 4b2bf4255c8917578e1d2b67d62339d644f4467a8a5ff584c4b11b4b364b03e9
SHA512 d1f735c9f7ebca2b5b0b8aa312f583d17a059a422328fef08a4560a1da8fabdcabffafcd2a429b49a0bea7ab4f3d7a8ffaffd0a4b814bb7e245987247a06acea

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\devtools.html

MD5 7e6da02c3003b2545405d10376a7425e
SHA1 98d69fa474d8890649e3680b00cc13f19b242164
SHA256 28cabf42ef24367cb85f0f8b209535ce411cfed9012cf1492e36c850bbef34e8
SHA512 8ae423a61d84fb240ff619e942813e92304b5358d57fa90d900528b3db02aeafbbca30c2abc45fab89ab8aae8347b6b0b3476a0a53955bd0ac58d38b6b067f3a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\chat.html

MD5 d05e5a5b1bc78c74678b1e410b34332e
SHA1 d2a042688b37fd4a757122fa115763ad44b632f8
SHA256 7de001e98e16fc1adea2fed8138a91d8fd29f23a59ce9998b380c0e45ce6c249
SHA512 b96bb3817bf10139e5e59bda1ea3d970d7511eaea48babb9145a50c8fba61cface06e2a0df9bdaaccda2a9fd57ccb9437ab42d3a0bdd7c242280031a55f1700f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\background.html

MD5 f25c16fedb2c288599d790aee5a3ca82
SHA1 3f4102bfb1fbb2e36be8fd44ab7e5bc4ad315f99
SHA256 dacf95f1c26c1cf12f41d8ef7c0698e5af331a05c6a494aadae51543ddfd8913
SHA512 8709b469941f7591710b266c0372ee3223f369ef0fb85a03d5623247b8c35c38876deda871105ee68c988a0fa50e1315c10a5d35647224e9e7412e5e81a8b7a5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu7mxKOzY.woff2

MD5 182ee6a4872ca8fa78048951b1561a5c
SHA1 f8c3c7692ff285bac213ac0bb28d2b59ec10ad16
SHA256 f2b770189d05bc3da6d684147175a1f2ab4f8f030c520f011252df8f7d6201f3
SHA512 aefbd6f0b82d1cf81632b0fad08f2c20ad0bc3984cf30beb62ea25df115ab5c5f4df15a3964dd433e64dc6524a124af5c30dd67fa8f56b90ebb1fd03d879ce2a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu7GxKOzY.woff2

MD5 455200cb007fe1212c668721d827c691
SHA1 cfac52972c0f5bf3ea1152fe02ed3093c2217350
SHA256 4c84629456a70df1137ab4bdcddba32050a2524568912630c2538746cbbcdc51
SHA512 a1d5f9b2f52355648cb35fdb8aa58133a61a7a57769ae084ca109a0017a52b323e7300ed500f8ecf2ebf137994de067c6d47f4d1382197b84430704899622096

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu72xKOzY.woff2

MD5 4743c758a952f2bd4a35d4e42afc002b
SHA1 394a00a8ed0de504af13ec49be0f0884dfdac1c9
SHA256 7aa3c7e43ee40c94ef77505e7da7dc587b0ebb3dd261a2c176a5d17cd0cdda5a
SHA512 bcb9d877dc286dbffc397713010fd2cdb6926c3233a439cf4c6bef0c0e5c0fa62349dc621fc673bc0f415d8601b7f76164311106e1eaa96c1eeabf7baa0ef863

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu5mxKOzY.woff2

MD5 8bb64952764a884d67019b3486296ab9
SHA1 7541837ef0d1a0e69be10243488c3f2141fd632d
SHA256 491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291
SHA512 1eeb9c017cef91b6bd309bf5f9a1cf71ecef7d2fd667d66db2ef52cbf39d61dbd96c996d9c151742c628e0c28ce73c107a3071522839c0b8734168566c5c6856

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu4WxKOzY.woff2

MD5 c1e9793c84cb26c44ef2a2cf8b6f49ce
SHA1 16ac6efcfa07f298d6ea07f523d48cbbdb38a840
SHA256 a223f1cb930ff49e86d7a550fb70d89526b89358f5649efbf5d0589aac159357
SHA512 4b81bae4e9bfd128ae8869e6471abff66ffc636932a326d2766395898270b5e9d7254f7a29830401c93d0815fc5520abb609730eead20af26e66dd699ec821d0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOmCnqEu92Fr1Mu4mxK.woff2

MD5 479970ffb74f2117317f9d24d9e317fe
SHA1 81c796737cbe44d4a719777f0aff14b73a3efb1e
SHA256 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
SHA512 13f6b2ecc2407445c1f97109ededcc8ac64fae89fc90432a28ffdaef233b373089be25731718408c32ff3cf632afb260d0035f85fbd8b1b4e068a0d7baf9f6a8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2

MD5 484cddf4a27f89deb619b0c5c38bdcfd
SHA1 6b2379ecd2e6b3a47992dd34bb23f6a36f15928a
SHA256 14b442bf8304eea6709138641397ce44aa9cf4bcd64d5ede30872cb64bcc9f7f
SHA512 11dccd74b33972d71cfc543bb30dd99cb335a73b6baa7b584168b42da4bdeb1dd8ef8583d67bdcaf576103379966d959129f16cdf506f20d7ed660053e2cdc49

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

MD5 e83b8f976d12362b33c7047c09ef586e
SHA1 c384951b54b76b3fb5ebdaa6ab0872c42114cb8f
SHA256 996da6758e09cf9382a091845b1fc4c5d786fac4f2825c2a2996270620c4883e
SHA512 c8d699fcd4123ef8fb81846eb4fa71526a784efc24a10d683cc40213b81c855a7476d9e7487da917a1bb69e6d6a4d07d9e9035e16678af1faac9d3793fd844c2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2

MD5 f7059272fd8e0226350501393f4450c0
SHA1 db1507e881285b8edd0304ca22dd8881e983957d
SHA256 dd1862ad2a625679ff58e3992323a22aed59222fbba034f911a9a99afe76f1d8
SHA512 4a05dec036f9a930e0a74e01a29b786677c68999546785a87c9107c616fe3470d1e9f1995a2e39ff34b93449b07ce5a99594079e0c4e47c53144c957dc88b257

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmSU5fBBc4.woff2

MD5 ef7c6637c68f269a882e73bcb57a7f6a
SHA1 65025b0cedc3b795c87ad050443c09081d1a8581
SHA256 29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
SHA512 d4e7de23aa4a93be278bdb2531122ef27d29b05d78d7c3223be712414bdd9562e9574d4f5187c93efebeedbd62a92c2e6bd08a4ddac035ce861df8d0ff169001

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

MD5 16423fb4da5bb6d54592839d6cd8e1be
SHA1 7860418d3d14f6b685b4d1635860be2b987d3291
SHA256 66a6ef379881e3124e20f6dcecdc16672b1a7c3e415a305995621e40a075624f
SHA512 fc7e0351f5625b9d47aff79171a5b2374d5618a4f68aa8cfd2ada66e635e3e90ce492570390ca0e3ce2e3a5b08686f61b7e2fb3e1d831216d661d17029a1acc8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2

MD5 378698af3b6776fd1e3ee0a51c3d7b87
SHA1 194bafea8b9e842fbb94fc2edc5f4c38acc5592b
SHA256 1f083966aceeee42dd217e2018d68b3e63fb9beea41f717ce4fa34a4df88b3a5
SHA512 a5bdfcd011027ac1bfbee373b1e187153cef8798987c3c480b00bdce8ee77c46a228e89e14f35569c73ca91362dcdccc36afb296af99878725ae0f5b1c3c1018

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

MD5 b1b808436b5eafe9a683fff584d80fea
SHA1 4c64586f861b4a42528d33a687dbd4d562312cae
SHA256 9c7063e4ddf4fb376fa7af3b9caf9845251f6224dffd38f1a369278c47e4b4ec
SHA512 d91b6437203d1d34dbd6402fb74d5c960446c8397d47722850a5cf70a15bab71514a958bf5ab3fa0aa356cefda26b989165bdd28c8478ea387db42ceca6b2ce0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2

MD5 0f80978b9a5916929ecd5e1e21bc4169
SHA1 ec212b8b243aa4a9af8b1b04362bcfe7edc602e7
SHA256 675b01281adf2cd36d2dbb9abda799bfa9dffc2178576654de53699bbfa09171
SHA512 313f28d65cc4c1f86667fe93680b10722d9667653b4bbdd9ad380e8847a5b6336d18edb62b8d24bdf96adbfa0e87ddcc3a1d5905b47165d4dd4d894fa124b990

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2

MD5 665639f6a0519416ad2904f1c218ea30
SHA1 f4eed37334ad7da3aa91a555462d669cd5e140e7
SHA256 da6e676db98d451a0d583e78cb5509bceab7b1b33b3b56f87cd2fd62be5516d7
SHA512 972252b77c09f21580cd81f3d471f4e2fc381f2c3ea782de435bfc28f46beb81e78f52003b2a5cb00c568d42f953a0a83dc93bffe9811b6f751bb305c650b579

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fBBc4.woff2

MD5 020c97dc8e0463259c2f9df929bb0c69
SHA1 8f956a31154047d1b6527b63db2ecf0f3a463f24
SHA256 24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
SHA512 0c2d5d9fd326a1cf4cb509d311ee2a5ef980e951a8996d6811d401b7ae154cfb80ae21dbb03adcb9171ab24d42a35424cd90c6966f584110bdd1c63dec099a13

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\roboto\KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

MD5 7fd643e63fc847f47521a2604072ce9c
SHA1 3c94bb8e0036e871351aedcc91b1d53e9b1ca146
SHA256 e6bbcc62f3b6a3ada1215006f0f6c04dbcc035efe815caf60e6a26eafc335b7f
SHA512 4d5f543cda0bcd2bf7dff79e9332a5551f59a3d4a54d5cddc93f1d322b7729c8ad7147decc72f5df26fb8585ddcbfc5c517c5d69c0eb331bac8522875f342867

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\css\options.css

MD5 1579c20d9fde5f86c0f018803add39ce
SHA1 77ac9a44e22bafe7fd8100c12b26cba5c524403a
SHA256 41a91d07fc983893014d75c4da16f5cbf5e60a71bcd683467ad03e5f83410447
SHA512 fdecbebca608cbe86c5638781de0d734773e0993ff549022f602a425fab965bcc09ab3510b395d5315b6c17caf1375d3822b0b6d7ed818516f5daf34d290f809

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\common\toolbar\icon_64.png

MD5 16cb44c000c126b127c14cf9f3ed22c0
SHA1 0b4061114c152e844a53bc14ce862ebc16910757
SHA256 a8498eadc5eea55439cd81c83413d3619a3865ad99dfc00f256acb3776351b01
SHA512 cf4a6d0dc723482cf8eb78fcfc98e82705a00316fdbe697ad54224ddb07baa1deb429a771a36eb7932f0be1119846152326256abb567e981d93501e07a1c0e92

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\img\common\toolbar\icon_48.png

MD5 3b3523979cc76c2ed6ac3109c1a8b999
SHA1 2d54f396901a69bf00d1d77158aeed7f7e6cf1dd
SHA256 d8e879a8024aef06b1e8caa0cb51b5559d1336c3bf8e6a905749f269dd57c739
SHA512 ab48dc816f042adf6df2bf2467865cb4049b3183554167e5379dd86afde77af95829050a786a992c80b2077ed5ae3dd08803ac77b07d560dc05d6cef84613a9b

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\common\toolbar\icon_16.png

MD5 1873a110389e857c119e926275ac36a4
SHA1 e8244c510448db8291330df48b84aa2bb3f15851
SHA256 5e12acea6f4ebab557e98ca53b76db4d47a948110774732e2221fb65b0c37b8b
SHA512 4867a0f741a8394d92455e7a442c8628d1fb59b92f1e99cb22d7bd47ec6386d195c1df7651a2cbedd8bdad6118705634f4b75e70aa8db45a98103d02406e3f2b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\img\common\toolbar\icon_128.png

MD5 5330213b76259f66fe94259a0b1dbb98
SHA1 f357c3f2953174f9bf8ab66e756559ad52753d05
SHA256 70c7ce1ddcc12d93f9557683a7d3cd9a0a1439c6d07cfb4b572bdce393510c85
SHA512 e759d878c37be6a538c850a61c425feedd56685c81ad8196181544d49d65f04c6931c338f331194d48a293b4989840764ff38c074305d437ec08db7c8bc17d99

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\yahoo.png

MD5 84fe176ba9075e2282364f46cca17772
SHA1 fd7836c6ef4e45c2684d31169b7623a26f5f70e4
SHA256 df39925202ceff073fb18896f3e434466272dd6ce8c3514798ec516461f92ad7
SHA512 fbfdcd88f1d59332a04995b90d2ff2a0bfca0464b38ae74bb286415c723e781eb24f3ec76fe054a93a7c5fb1a1ba804a019823d6b7829ef2b109a3913d56cfc5

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\youtube.png

MD5 a90467ae9064d0b7a7d16d11acfacca2
SHA1 46b03c92f7da7776521341812ee2dbfbc6c52f45
SHA256 04923eaab443de50f9b1ab0ad4bfb01d02f202c42cf9984800a143c4398f2377
SHA512 246cffba1f9add6984209b9cebd3606d4409f5bd5b77d867edeb8e2fe3101ab6204c4a6d67c24b38e8fc17a740d8479395cb826f57bff7f80f18d4325ccb9ede

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\whatsapp.png

MD5 eedf09d3d70d8a5d72d2ace327fbac68
SHA1 38922ef6e0fb879a7a4be6acb49880b4b883d737
SHA256 85b54d14a07f78001809717f1854ec23a22a0f43e1ece8b4c58a7edb309b79b2
SHA512 d16e2ef1f4661c4a00fab9b118defd1bf050010c3fe273f32edf041dc09c5d37603e487bdcf7448638bed1cac480fef6bd8c4de4f91cf8d41ea739b0910d99bf

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\twitter.png

MD5 787b3a29f168498aa4edbf268767e341
SHA1 5632aa34a588375bd45cfe91dde3ffe82e244733
SHA256 febe3cb4c262ab6119c83d3368c2007371a3fa02bddfbfa7ea0e1cc30f881c7f
SHA512 eeb957a316a560fe61f42a771a633a1b44dfbb079c74223a7b4cedd8a997eb5d41854cbc8040cacd59e0629bfd2b4bffb696dc908c2cc1f847dcf8d327237701

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\spotify.png

MD5 99a5c70c8fcc1692ec44aaf02669c757
SHA1 bc5a4a097441059a0bdc87044fbc4d2a172bae98
SHA256 d923a349ba21a0f083685ce1aeb4d596b9482e587275d2a914dc01f3322a6115
SHA512 38654f65c54593389d3484161cec85e493878834c6c13dd3bac3aa9142fbaae90bc4f19ab5d56845985ae8a4ec458037e7b33834e44f7f5ccc99c7df83b31a3c

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\slack.png

MD5 0e9617bf62122f78c2d89bc816f4522f
SHA1 c0e63207de1f77d361b696d2c3452a8e324698ef
SHA256 00c94b561309525fe2fb29002db2a8ef6477b27f21e064f073816be056fc7dbd
SHA512 49ab9259248f2123617c4e63ad4c0176dac705a7e9bf2d95425e973a9c063dcbf4ff4dccfd4d6a28dfe2375174ee2a49a6740b445606807bf42d0ecbf323a20a

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\outlook.png

MD5 25968dc01c5ed791073e1d27c80f8242
SHA1 804360c50aa1bba4a13c6ba4ca3f574c1937da57
SHA256 dc07e8d7da45617fd8dadaf24a4e320ec6b168b74f4c0819b3dc40071cc0a27a
SHA512 e76ad83140d2542aa09a1c64d0bfb7e6e5bae329b3a58d2742ec83883da86e1ade5b64288c945bde59a0747a61e344c0197dd43fe1260e5984f72b0aead9b853

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\onenote.png

MD5 98d197da32984c7740143bcbf9e65040
SHA1 3ca5388eb357eaf9629431e3e11e70d6c51793b9
SHA256 4d808525555c1cdd044784fa87efea6497554ddcce85f01338e25ac39acf6fd3
SHA512 8bf2e18d0ffedf98b3f688d17d22d4c6e8f777427f72cac85cb1dccf742546116662326fc544b3f690c16d8e3f7ecf74987a988ef98c76ae9e991fdfbde844ee

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\notion.png

MD5 bec0b24f2140bdc32dc9712f7085e3dd
SHA1 ff53f2e7b648c4bbba58f17ae2cfb8868c301711
SHA256 e3911fd713878fa871bb6d1494aac96e75552b07b522282855b1bfa5d44e1507
SHA512 2134906df5da7ba220d315b783f2b92d93556a07beb9b0f3c306b7e4e116aa2335c064186d14d21ec5c0c736f4b35f6ebdbdfc1e08efcd4ac44ebb5e415fd397

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\messenger.png

MD5 25b5816fcb0cfb5d01c4dcbd34758f58
SHA1 fce6414e0b2917517c22536823ddbd76eec2f8ff
SHA256 c0e20fab8f4aa7ba4d5b865ee935a1c5010fa6beb6e71342b2d134dea21641ea
SHA512 ceff802532b7f3be90d5c2327377e89c60ad0b02118368257126a01a2b51a77c3dade09caef0de8091dbed7e59c9542f8b70bfcff34ce3c89d438ba857f3ed76

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\linkedin.png

MD5 1865fda7e05a09e378b6c7a5455485fc
SHA1 ab93b6a60c96ac37d7fae67b5d364ee7ef1fa9ab
SHA256 eb3d0c2dc8eb1ed192d6f944afc583210375861b1638711e94aa603d43281582
SHA512 7a3b2d6b0b0c41c50184bbe513d2e7821ca47c557f4eb4dccb312780e47ac9c456411bff498e31365e5d87cf4e6316fa7f85cb09b36b245136455f4aa586aadd

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\google_keep.png

MD5 74c303cbdb0508da51acaddf7f730ad9
SHA1 db123c07cb0acf71480eb59292f5c76586d4794c
SHA256 372f67def0e206b76b30bee59a087ec2238fe2b287c74b34fec17b332d67e9ad
SHA512 3945756a997fb21f2abc8bbafe53b72bcbd236b53bc2e76415cbd027d2384992b0c7a3f25b0c1248ba8eabc79175c4411cf25d88d20ca514cd82a5ebf5d157b3

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\gmail.png

MD5 2b568f1de6c32536537f9b5df25d781d
SHA1 2aa719578aa280f2f2bbce39f4ec41c6c33c8a38
SHA256 668f0eb1561d9f601f89357b4c664126aab9bf1cd452a1d4c996e2a03a67331d
SHA512 1d12acf88311e59fb8007d021e6e524ef5155ac4c2473b669f0ae0772c479f35c696567aef7ff5c5b3893a9d04bef2179c307524861de2be0a5836b661683fc1

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\genie.png

MD5 c0c29bcac4f13c06135e1def9d1db21e
SHA1 0f79a56fb5fb9b7ac0206a257d1b2120c43815d8
SHA256 5740b01a67d5b1dd30f0b866a7a809a15adc2d6c7b8c2ad7bfe2242af83737e9
SHA512 af66d4f8aecd5494426e343163e238ad00da7f7b067e791e7589311d923ce49a7c694be80da355b945b1943ff03bd84b87c428e32ad2ca0bc7c89fbfb1790cdd

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\facebook.png

MD5 0ea470a90ba9166810eacaea0b406c54
SHA1 2472c1c9be113e364e2ba8509fa4cfb6439abab2
SHA256 723823be0f6fa278243b7917b86e1a7450e6a08471e908b10fe4e4252c1fe726
SHA512 558126414c1ef17f085e5409146b4bdf0af189e0dc33ccb42b6f99d2ea540e3c3eda436098b8a01616f98152252e25c8682d07b086ed8d5028e82702e03c449c

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\evernote.png

MD5 f541094f60cea7d59149112afe9ea5aa
SHA1 ddbf652e2489e2b8377d271285c01867a6725e93
SHA256 866d642c6131f2e6492d30273d19ca3ad5495161545246484fbd8459111ec780
SHA512 ebc15589f969ea16c45d422b8fbedf9a2059162a7afa0713f75996f7754edd748f6e1f866df924e14ff4f8126de1b5a74330ea4fa14e6175fd65031330f5234d

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\discord.png

MD5 3dfe03788829a5d9b72899d8fc77c513
SHA1 b940fe54226505f5b4ce7113cf0d07a8a6b7835e
SHA256 4196ac1fd93ea41abca0af9afe8cfae8453073f69047eb9778f162a984db03c0
SHA512 76710fcdbda470ea5e0b8b0d11a8216e7a5a7368cc79ad569e15900c2a39a02b392bb98599fc4c403a2f138485a6642f72d519db9a557645e595fa7e1e7fa9e2

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\cross.png

MD5 61b38b54bc7df263d8f69d0847a07dd2
SHA1 d3531ebab6a0ff5793fbdb78498e62a3aefb9edb
SHA256 50c43584efbdc62d2dbff5daa052ed93a6c5ce6d18da6bc011530519c36208eb
SHA512 740632cbe82b6f4d2d4c0810466a035132054490b942848a8a263252f83442448eeff01639c5f4645f73facef2e71fdabd62b154b68b4b97a47ab0a6177434c7

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\code.png

MD5 606e1cd27be19689c174973a6098a1bc
SHA1 541c7cbf60166653dd82c77d3e68dc9f416c12e2
SHA256 55c2d883e21fd5ea754050412919cc5d87ca960e216dea38e9c788f10fc9910e
SHA512 7908550179bf9a51602c86d876b37cacf17f8f5e86369d71cc3b13b41e5686577de4b5059becf6a7d4f45815f18e588e0d7e727aca8c4567cc9605d0f49b3e25

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\apple_music.png

MD5 183e99b9dbc7a9f717742af003e8baff
SHA1 a71176dac8d893950e1f94e66f01919f699e5083
SHA256 5300408ecf36690d4a56f8b7d3c3ca0d24612f9f1a2bb56fc50302e493ac1c91
SHA512 4b9d355c393765008aedbc3b4c652f8d6978b790b309f72991141642bfceb492fa3806014ec4c475e44bf773626ed143e8d273cb098b1e880e9fdaaecfbd7b7c

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\amazon_music.png

MD5 6b1976e41d81e5e350367a56a834749d
SHA1 bf7f31c7d86c27dc397cbca90c5238e7edb7fb9d
SHA256 57bd4979138cf672be4c64db8b52deb6764899a6d8f722fcf7b24536871a275d
SHA512 231c2ab44f3148a6c91f40e567e130e5264cbf3e50ace28d61d6e33640cd3c9eccc8a910ffd0fd6a997c41670c8990e1a48afcceb0276e700571b23984056a94

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\normal\ai_chat.png

MD5 953c970579d9c881d836db8ffd4ae32a
SHA1 def328b478dc76b4789b4644cd414a00180b49da
SHA256 98b8dcca165cc09ee441fdb1c0ff380b0de43ef7e3e7809886410f842bedc786
SHA512 c74f56756612db80f449171cc8e620392565eb1d3102636c4751ba1eb5257034c1c66fec80b825e77fb72bb7d18932c0f38346a39202cc31b06b5b41eadab489

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_212106936\CRX_INSTALL\js\popup.bundle.js.LICENSE.txt

MD5 971f2937a772b71d1024b6e5edef871e
SHA1 521287560eee5620301702c1b497f95e9994aa72
SHA256 57f290af131c69c3ebe2d516b153c32d37588dcd227ecb9ac3bdb807106b6fe6
SHA512 e43cc24946803e8dd9eaaaa631ac1aea73f2290112d0bca0cf204fa960ac963eb057dcbbd3e76d9cc8ac96d37fd3ee0910bf0fcdc0ca0d41850a3add57779de0

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\js\devtools.bundle.js.LICENSE.txt

MD5 141b5f8d56daff063a60f8d5b6ed1000
SHA1 b96b16f8985562b3ea3eeb255cac79a2614c9bfa
SHA256 5bcb0bb4a0b6f940a31ae3acea07d209ba5d25d5e5494ebb88b5bc8da71f7d69
SHA512 76d66910cb505e2a385b1e8bea6c8ffafd01d30614d5860cee94547a439aff068a520e13743febc34116914bb7186a982c16a9e79444ac2deeb42b1c7b884a2d

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\js\background.bundle.js.LICENSE.txt

MD5 9945d9516ea6d73afd16fd7dc2691701
SHA1 24d86c681055bec68457f4353553ebe5a13860e3
SHA256 7bedb81de9bb9d9382b0fa036c6ba2d09d3583ba15b9744d58a5b3199d41f32a
SHA512 6e3896324068130f2927e40dc1caf930bfebb2a274a86fdcf1e09ebbaf0d911b1bda1df34bca52c07a0c3ef1b72fd37f7ff43b5b47db5a9df17ea29e576c839a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\fonts\Roboto-Medium.woff2

MD5 3ac5d40d1b3966fc5eb09ecca74d9cbf
SHA1 a69f32357765dd321519889aeacba5e9ca893bb0
SHA256 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
SHA512 a88b87d2b8e141236118243f66dafac6c9c06fa7858e56fe36b59c7079e8c5969ad46aa7a0eaa81ee79276404fc835f7107765618179d6036d38a263390f02aa

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\fonts\Roboto-Light.woff2

MD5 d26871e8149b5759f814fd3c7a4f784b
SHA1 6b773b76e0a6708ee4040733cd0c83278543864a
SHA256 1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591
SHA512 65c8a0aef476ff5cf8aaa29b2a315801417a0347ec5f99b6a8e1229328ad551c0733cafe6520fe916b01672ae7fd52dced963ab98f38f195843ab9aa9462ccea

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\fonts\Roboto-Bold.woff2

MD5 b52fac2bb93c5858f3f2675e4b52e1de
SHA1 977c5749fd06192dac5224811ed69e53a6b2b47d
SHA256 8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2
SHA512 ca31f9be22a3c5ea802581a63e29d4f205a4fc5d1d7f6ef4bbcfcedf7c3689b1d46a2145b0eb424e3671c40e55136d25551a77c9ff05bae03c69ebf1a4f9cdfd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\fonts\Roboto-Black.woff2

MD5 59eb3601394dd87f30f82433fb39dd94
SHA1 6610089bd2ab6cfd41d16777ad1b15994d429bb3
SHA256 41e55c257815e19c8e2384b6d1d5180590599a56f23f3eab417c5fc7aa553511
SHA512 e039c0f2d3c7879f551ac66f967cf0b26f16ddb6d9fba3283805104ec9ed183f8c8c19c448e640164a635e45a113473d89066e4dcc0839e9c210e619589b425e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\icons\iconDisabled32.png

MD5 10fcac9e25146799f631fd4836a592e3
SHA1 fad31ddb5705203a28d3d3677b1219ac3c3755bc
SHA256 07e74e96aef7c37a0a8fc29d0f9e79deaf698cc8de13a766a00ad40ca41d4b0c
SHA512 2e828b1222ac00cd9a21c7ac74b5103cbcbe297fc61c2b778899efad36539a41e287e59ab30e546d0c80c30a3ec886f5303f6742cbccd53cf4dcfb9a44d69d8c

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_2104301390\CRX_INSTALL\img\common\extensions_page\icon_16.png

MD5 67816b9f9f56727c41d64793d0eb4902
SHA1 99dee423dc2ec6ddb923208240b2fd13409c8ca5
SHA256 7b9847ea5d27c37df0430ff4056ecf18b2248d18a10d7ee1cd7f8908f0a82d5d
SHA512 6fab420866894593620e95ce3cd988e6a9525b6bdb0b4577f8ee5fe513f3ba187996ccbda9d0b54b493122136e52c7bd179da22cd8106725f24401816429a3c7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\icons\icon48.png

MD5 3d0c230db3f52326a0a102654d2fd5e3
SHA1 07d164472540e7e1c56a151b405255729479c1de
SHA256 2af2fbb64a452becacc419bd4aa8270905570ee3769a4bbb94e4fa3367e2c877
SHA512 1b1324f6748630374fe9143da01efff3aa3ce60df6dd75e2d45b431db318ea59146d8589090e3b2d50c58287618cf55177f0120c3e2fde9d239e3b94ed292e45

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\icons\icon32.png

MD5 ea1c06120bca8bee757c97a719208631
SHA1 a015ea87e1a683a1b189b589a33a908bbf250514
SHA256 93b175666922007b14eebcdaa6794e03cf2b0630e2cb4bf86675b4cf3e9c40f9
SHA512 9c6540d0ceac5105c38a171fe5a3af8f81a163dbe60ec151e6ca1fdda58aba02fbf8bf99c49ae2c6cb3b038737712a15f2b6fdbcd913e9d3adc1e86b49a31200

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\icons\icon16.png

MD5 f71dcda95ea1980fe79935dd4846cb20
SHA1 6a8b5fdf8ea8efbc2f9830baae5d701564927451
SHA256 e65d2384d36851b6d1be712ba196a9ccdf1fe6c18897c002f483845032690ca3
SHA512 f15f0b6fb5589d17c16d4d39d4e463c0e0e61ceafdec2ba17948f577c3ced6891b98b81dca41676d7881be44aba78a953e1fcb9902ea5e8b6a6a26b12f14fdf8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\icons\icon128.png

MD5 cbd7c61d6da977fdd2dc2658d3a3e4e1
SHA1 d74fd35f16988c89537f035a916abb8f5c36108d
SHA256 2ccf7819424891f8ef61859479d0808a3b90cd0cbb20e4f6cc95187e70744f58
SHA512 2867869d82e74b5fdc90ae65146f7373ddb67df44646b95992d730e24e82348159c3e058dfe48bd260e2a2b3a7ba456688b2599907c5b79039472ad5a6978251

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\_metadata\verified_contents.json

MD5 ae8c421f4abd962fb7b01dd2cfc1fc4b
SHA1 db0b013b4794025e799d3dd1e21926ff925db20a
SHA256 0e22beb5a177d5705e9afc58f5e9327b125656b05a611587d884b5c732fe6e86
SHA512 6588303fc1353f4a896da1bc5b055ce7547bc66431d1665ddc7a543a0ec81949072fbe75483ec68a975f95c69ba34ad415ebd70e95d73d3cbc784cadf8c55c15

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\siteScript.js

MD5 f13256106d28b27efd182be0b9a46851
SHA1 aa123171294804914c535ac23dbb6ae98eba69c5
SHA256 12f7c416ca20f1185fe51a4256c9cad95db602a4575a2908fb4203019cd6ca06
SHA512 417b536da4885701e14bf8bf9f10cc3a0162bded943b35835a8abbdab1e4631723dd03dfa05d8430f4c532ec6fe350e4ae6c35bad234d8da714aedb80d85b19c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\popover.html

MD5 49a7b2740cad481349629fdada7cd28a
SHA1 c4cc9c878ca6a036ce273ba743ed558a62fc0b83
SHA256 d8a1e2839a14509c2f61845849a2397b8ba3aa4762416dc335b879a812a60305
SHA512 074dddfea2b17b03d3663257f4bc68912d41fe504526edceab5583499c62c59e83c69d20f51be115b9a9fdb8c4cbc14e3011704d5745b347e83389f0237dda7c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\manifest.json

MD5 6891ab17a59de087d7c1dffa3478b600
SHA1 caf054e3f0605e4de775a56a9188812c7c8fea05
SHA256 0077d6d02dbc06c6e8b82cc5358346fcc6f468e69b6225bc36d9768c5d84460a
SHA512 42c06f762cc0387ff905f7369578ce2ef640bed8f560edeb016187f0cf23b8aa24d01fb15754115bfb4d15a3037d9e6e3fea23b8f2e5e6040b6c4635ad6b5187

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_1927551449\CRX_INSTALL\contentScript.js.LICENSE.txt

MD5 85d0072ce63601702a8aac69046392df
SHA1 75cf9b16f86a3de6104d44376bda6c96720c121c
SHA256 b420cba7020a3d8223942c1c867ac29f40b917406ea6b722639cb9f3d539f39d
SHA512 a5b04a7f191b9203cfc69e39d6535199b79d0f8e2749366c0a4c7427af8dda11dcd9d3954077b4a5d4f1a939ce7cbbd5d3ec98167f5392d8dc61cbb2938569c9

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_1446912149\CRX_INSTALL\contentScript.js

MD5 e6b3b4db8c84f8d449b2a013d623ae20
SHA1 88f56dd86811713e7927a8631ae4b379bc509e8e
SHA256 8149f5f2f3102e287acd1256a245949b1f90783f0135fd11a35841a6edc11c5a
SHA512 51b3a50445bf40770197c49a92e16eac586ef95a82f167fb289dbf286984433e50fa255b809983424f504152ed9d6625c6c656fb9fe71032908ed95d64bb6898

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\html\privacy-policy.html

MD5 376d8be16a145363adaf574da2b672d1
SHA1 48d9662d8ce2f4be35d835ebd375c1ddf59f0892
SHA256 0d857c0d6deca83d46501c267774d1fb8a72ce86ab0227ea6ff71f68e7ded8ec
SHA512 dfb6255fed3992fcc525a1d635ac9aa6b943251983fbc7caa86b0efd9ec2f000276ddf20b9b179ea8273e22fc444d45ec8b93ee5cd0f85ff8b4282c2d350e202

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\html\popup.html

MD5 2334cfb11014399c8db4f69b014fcb18
SHA1 e23e6db2340a558e0e0bb98826aa59c7c928378e
SHA256 6bb75eb60b35383ef30d6c45fd9d8d148162297ef717f26969aef939b2838dc6
SHA512 f115431c18932ebdc5680edb162689d85a867941a763574c7b305a5bded31fad36d7e364214d332bc66ee19745467eabdd2f79b349217b613a0b6fb101888ba0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\images\icon48.png

MD5 dbcd4cce9af34a045e5c0eb545995989
SHA1 50d40d2836d1c8a4d3695df338b227100c199f1a
SHA256 e15bf8291497ffb08dc7e3dd0b76dd050eafe6dfb7f0464240303538d981a3b1
SHA512 7e535a70c207ea16944ce47c2ae39fa9ef1e0a88cba9c221854f5e130126ca83beddcc6561dbc75407a8cb061779bd246a9d3fda5a5fe5791d898ff5f7a40889

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\images\icon16.png

MD5 77764cf85912647978f12a6b65e8a46d
SHA1 f95b78085dc60456fb4751b9b30637f176ae8698
SHA256 ff16de8bcf3194608559789e109d85fef81e4dcd24dee4e6e40a7df57e1b97eb
SHA512 25b7e4d8dd5fc02c07c2ff74c3d4d33121610e02273b6018398d78e010dc45c5c9379199e510b3b2f6051dc8de6cec9f95f167ad98605a8c64f6b16c29777570

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\images\icon128.png

MD5 025d8ad058f18588c7e212d9e69e90e0
SHA1 ecc58b2554faa651e47e0c2e0d3636d79d6910f7
SHA256 220292bed2a85099aeb4fbf96b6b29b66ee9136f76576a7a92c3baed63374c95
SHA512 0150c26193eb8acd4e27ae7b833fac1b0ade008db75a5652c155b597ae92d4dde80546809b60452bd44acfacd6e061c7bbedcb9099137d65a4a56111f89c9625

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\images\icon.png

MD5 6faa43eac32e83cb118659d318ac347a
SHA1 d55c244f488629756ab1ace2af9964b1e9bf93b1
SHA256 4b736b7baf1248ddea6055755204b3fd9c908f1be1ac168066a204149eb21c8e
SHA512 362039a9b4a5e2a2c3feffa232316be287962661060f839b1cb42faa9b71bdb6b62ac348f0f87eca67eb37544f69aa728fca5d52adc0dbea3c78c71ebd3500dc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\images\cross_bold_32.png

MD5 8700fa509bb04d3439b6d7ef765d37b8
SHA1 a1ccf88303db1032e768ba02117c8af465dfbb9f
SHA256 9f2fd5eb65300915a114741c84d0c182ccb6753d12bea3fabb3021f0794d9765
SHA512 d356327006e009e7c699c37c1ffd0ea076cface1a13df6d76606de8a44cbb68541e1e116b18f1564a2a7c91ff85eac348fcbad1c5d52d259d91b80e283e98880

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\images\cross_32.png

MD5 74a937332a0733a531ba6cfc44851f23
SHA1 54e339e3369125f25eb89f6982c452f41984912c
SHA256 9be12d0c6f86dc0852b6f2886d70ec259b8a61ae4b3b214e40c136ae4ff900f8
SHA512 dd4c3a8be8a68b28cc860395639bb3582ceb65c0a021a6de4aa8b84c10ef0947a09f08b5af4e25f62ba02a95ee729f9d9817ed7f4dd827025f870b56739d4809

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\js\popup.js

MD5 1fba2a51b1c640a3d2705cb5e233e32e
SHA1 38cfb5bb67ca4be6ea735fb7d1d1877f57cdd178
SHA256 cdaaabb9dc5bdc015a0dbfeaae8d8e4dcaf8e38e85f1799d655efb726a39ec48
SHA512 ce434dc5e473bede1cd2c31361d5f4509088bb9854544796ea4560a25ceb69fe09f41d9b0779285342305aa5eed6580901adeee9623b956e5acdb04f16fe021e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\js\background.js.LICENSE.txt

MD5 705718afb57c689089b7f182e1af6d94
SHA1 faefc9ebe05b06d24f0ef7f663300e5af008bb9a
SHA256 f0e4dde26aa6873c1cbdf54c506739bbfc1d8639b14943c3d6abcf692d85043a
SHA512 823bc78f0dc36ab61a5a304c0400a7a59062a60aa7ff3323f6c95d4df593b68c1ae17be6f58018aa8e363914960b479114640352c5d16f07d82dd74a061c06cb

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\js\background.js

MD5 ccfdca29924c93999954120721dbc80c
SHA1 9c3bbe5a401a49fba4177e30578313148375a1ed
SHA256 03a39be2c9e7d4cf50ae56021342bed48a5c4cb1ccc531118a749cf30c114ab2
SHA512 8d4927c7402b6e2a3478bbe4d3f667447489b9f901790500862990908b523de48294214ed61c218fbd5cc65014c603c5bf6715df4debdb82a57dcef5002e43fc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\styles\privacy-consent.css

MD5 c83c747dc806cf7847fd56e0d18a0994
SHA1 966f918d64a703c2bb0b2e7ee2e23664940c6950
SHA256 9e4fc8a1ad5e978814a08dcc74edc423a3e98aa84111b14f9b3af2f846bcdb0e
SHA512 13ee1c9ebdff58dc8eaae04dcf55497e02ba1f1d4a41129fdf1bc8aaa2442662291396c75f157b82c42eebb900068e51ee4155fe1b7e5193de4c71d06d8f7828

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\styles\popup.css

MD5 9e9c56fe382a26a2238ca89489d163a9
SHA1 0cb73066124627a88e25d75a27f58a97109a0e4d
SHA256 e026f4b6bfba94b4f5a4ebcb0cb2ab216f8131780f245abfd6d17daec365cf46
SHA512 72cad108c43112dda3b483a5d3b29d44bdd1266a4364b8cfb69b2591c81f1a3f099920e8f72b492cd5e11c003be53d07b32e6ba960460486b2589be4b26f7c0d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\_metadata\verified_contents.json

MD5 5d73604387f9a2d8436829093b1dc947
SHA1 9e9c12e0c7362dccc8400b6109267a6830f41791
SHA256 2349083e8d1836ee18249ff542ff2970d82dc54f5fbf1cbf221ea335c8006af0
SHA512 7bbd03e7431d7add3eeee7493a474593b1cdc76ca1fe7db79c7a7afd805c8a473cae22cbe837dae3b146aaf24e07355a630613718ef65571c3c58630d305eba2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_658731139\CRX_INSTALL\manifest.json

MD5 05c2baa10637d52a211dd4512984b3ed
SHA1 e8b26f12021eb4abe890b58e82190192d571d679
SHA256 ded05402a73faca4abb67ff4d1193d5c717d1fe29240cae147c6cd075f0fcf25
SHA512 3b6ed4f2e66b76659f73db7ac0bb29de8672090e9567332d8fc9211be1f095574e9f4736d502a57f5780910660d17bed01e499c176594e08f5d104cfc183447d

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_1051266471\CRX_INSTALL\js\content.js

MD5 0fe343f25f391db514d2866658ed3dc3
SHA1 3b7f2308cb5ed9e9ab46a440ca6db12713df68bd
SHA256 65c60616a95eed6880733fafc420edc0c6db609712801d797851637a0ab41c22
SHA512 7ab5b87b504457619e55c58f295084d6e3087ced8b3df677e4de9fbd42cc2cf75bfa31d8a854d0c6449d7b84def74348629991458e3293af3e14ba73567a1fd8

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_1051266471\CRX_INSTALL\styles\content.css

MD5 01b51cecd3ccae18b19885a3b0ae1635
SHA1 dd13c7d1f2c9162fb1ee4bc2bfca14488087c528
SHA256 60a4f99fb6a1ee65d31e56a2d6d0d27c3f58c676c56ec440de3c3a6ab6567d66
SHA512 f901a1d111849e9419bc11004c260693edb48f6a01a7652396e969829b62be3ab6ae3c6ae11c5818438233bdf149ba1c8b7d4922885799de2f00b03fa2a1b1b9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\brand\img\ccleaner\icon16_active.png

MD5 20108774aad0427cb168cccbdbe3d61e
SHA1 87e42b249f5b905cd022b341a1cd4a177d788fb6
SHA256 d2c2f69cc2cebfad21c75f6893fcec721667ff04a40e51fce0713f05da0b50ed
SHA512 39f20343392d8b8f4bb225e6239b847a9f4a4563e308dda45f0782a349fcdc8e5b90f50512267761577d81cd18b5987cdda6aea355b16f49986cad347810b20b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\brand\ccleaner.json

MD5 3387c37196f3824b4617e609b133ee84
SHA1 d30d073aaab46675026bc3d2c0a2cd1d2f78256e
SHA256 660b2b45a0a8cd15ec780a4aef7fbf15f6d6405c290f1117a8193823ca6fd5b0
SHA512 0ed60b306b5a68b14075ef627fd53582442566d410df3fdeea2ed46cd2eba55b471992f866c0d184b0f889015c894a3aa131f6b682eedd4f27b0f4a5753a0060

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon64.png

MD5 5bfe2887d941e7fa7360cb33958bf848
SHA1 6310e9a94f81ae490da0f9ad6c4ff3d79f0fec08
SHA256 95a5685d523c74be489de583f1ced45968ff55206f0a6b18eac75634a064fc91
SHA512 4bfea79b02d4770b3c7b48151140a48cfb534a5d92a30f30c8379a6a469d94e68866a0b24e51f136490b70e4dfd4e6faa5ed069fe02adbab3207b57a1295b2d4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon32_light.png

MD5 044c7f4b3f48a63c5ae0cc89871c19be
SHA1 2a7e83cc95ad498b0512cc1ef93e36e711a78287
SHA256 ac6ad0670439b7b2c0afd10c231c4f6ae60a1d9499c4ba991983a02c448c6859
SHA512 adb11a5a057c624b1cd01d5177bc7e40c2ea30e2dac54148c33adfd33d430a9b69d900270c5dd25381b14bd13f983dee9ec0f749dcc669df95bb20db9b6a5af6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon32_dark.png

MD5 0ddc36c7f2105262f053e09843ab153a
SHA1 8dc24176afc8f8a697a0cd9a5fad9388582f3e1d
SHA256 51a299d0d5da22e3a724ac6871f2b46b94b014dee75d54b44ca539c3473f8988
SHA512 a9edb26b03c0c4bb4c742df122226d26b96491d126be3f23918ed0b4b5ce60378b9eda2a13bde25123ea818a7f708ab971f862b461b853255aa9949311f6aace

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon16_dark.png

MD5 fbf5987de6aca149ee1252a06b4f1dcc
SHA1 249697cc1cf6fed591f9046bb93eaf08e4ff3a22
SHA256 0bf2d2000a6f0d146bb7e97e56c8057250f39464a619d7b2c5d2943308dd1656
SHA512 81916e106178062b493f84f0c10f36bdd1a756b7b9beff8ffcfbf450d7c74f517a202260ae7aaac682cefb1f8460c6f70b8fbe12066e9a08035158b776dca653

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon128.png

MD5 46efa8a3a333a5d52e167f3e0026f21f
SHA1 35cd7f686a997ab094e112b4266b78f1ffde6bc3
SHA256 9c1056576edfd99cb59e31f8bd5aa25337fd5c1dfcfe38a7dae23c16a4d3c8a7
SHA512 8a7284e41238d01ada54305a06eb98ea65f146bd0579b7bb6800094e5b421ee56515c70379377dfb209b7354afa6a2349308751cfb9a8cd0a74483cbf165f8ed

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-cross.svg

MD5 c01a8def83ad05149e8979b55decbede
SHA1 6385f68745d30b8a89a31389997bf6f008d4c6a7
SHA256 fd46a9dceb8aec461454d8e637c5a9134c2dea6e7b1ea347004f8ca628f68cf0
SHA512 a468a7ebdfa75d1a87fde2eda7181cdc32df411784d78f18ad58e175959bedb0e3280df3a577c98dc6b1eae893586da4ca52e109e1f8cba75bf60053a195e98d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-check.svg

MD5 08eadf819aaaccbeb1e5c102b62d40e3
SHA1 ddfa78110b2a0f4cc8e191238bcdd1b6bf660ad1
SHA256 836189f937bda8c641311f51932f6ec2be697bc297c6c7d09d46173f8ff8b5e3
SHA512 94590547a8f9661bad209bc10ee4d43676240105cfe70ec7c63fa619946f33c9d6ac8cd91f7c9aeaec6e867acaf6c8d2db35e305c361d99e70539bb2746f1df4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-arrow-down.svg

MD5 136f7a863a8b3bbf1f72bd213427b3bb
SHA1 e0d9233baf5c85aa957159cae67649216e07a524
SHA256 13fddc8efbe0e4fdd98a22de6f0f68f4ad749bab8e095cfe9de6b0c6b28e0956
SHA512 d6fd60483a88e357043b5f617396827ef37042d8ed58f7ea37743dfdb643f8e3513ac1dd301e87eb3dc76ca4b32e1e6cd6ad3e7e7a1668e5fbc5fe73b3a61355

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\ko\messages.json

MD5 5143d763f96f889292e54be98f4f01ed
SHA1 a83eb726a0ed98da9ecf9dd291ae45f44ef1af33
SHA256 1e1b20ac7547cf9431b189c357e484e116e5b6a29c8035f0fd5bd38681388ed4
SHA512 026730481922627334c54a732225641c7f351b2a23e0f28087e21b3f615896f39c6070cf45acf9739bbf74d5c3b2e4fce3fcf289c061a4c69cb42f1a4e47b4e6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-slide-down.svg

MD5 d21128e56f4fba8f94dd2cdfc882317f
SHA1 d838c644a1effe9e4f084dd25af9f39412c3c58e
SHA256 560a079788e9f597f2aa45b6259a887c30c24771ae86dd8c3e04468cade04714
SHA512 10b7798385d64ff575efb37d7ceb7ebaa7a5fc13c9d3c20339d7de668b0f36bb62709624932fab553cf4a08b8e75d8197864452eba598e4eb40aef0cd03010af

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-settings.svg

MD5 ea6608f0d5593f45e60df77d921c4084
SHA1 433f019b89ef6107df43058dbf614ac2dd2ffb89
SHA256 bc5081edb8d61d2839bc66f32781e5eea11d0af6a7f68ec2e3467e6af973c35d
SHA512 2c0d656f67650f80f5903dc608aea44a6001d1d8eec3e9356c305937da6c9abe0bf524a89b7ff3c47483cc6f6a1ca570d08bd9a9a9918b091ac8706b3eb491d6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-on.svg

MD5 a17ef182ff5962997ceb53bac6384c7c
SHA1 aa86eb2e9aa3252c205cd120d7a9a5a14d50965b
SHA256 c2ba10e0cdd439bc85eb5a26e035ca50b6a3c05dda60f5b550ae7763241d0c89
SHA512 5d5a7c7e5803f65871948d0be265f5611c82db4a69a921d26021eebd9fdb204b219bacdf58951b230cf7fec19cb1a19eb615d650c670393025bf169cc9b1fa0c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-no-video.svg

MD5 de460f6d7fe28efc13c2020ff27e8076
SHA1 8eb5ae91348bbee4770760715a996e2a1636815e
SHA256 0e32193aaeac57bc6121b9e630d839d4f9195cc45e6898defaa05ab467dbace4
SHA512 12ca60bf8bee2462c512b8fd050c47be09cd0534571209e73a0b031589b425102b27a2ae20d8b862e608464203daaf8216b908f8027ece3a504656e2031b0663

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-media-video.svg

MD5 79597041a848796b3c79cbcee93145cb
SHA1 605ed247a1194c4f534c6ee79831439dd3356449
SHA256 56417ab5b7573d2941260911e4fe9d2efb6eaa0a34f4ba993118f5d9cc8788ce
SHA512 128cfe6a848fe2c68083d15f9f6a463e051a752ada30d9fb672962f1e43bcf8fa5935dbfbffd696c4c5277cb1670f91404de8838a4ee16485baf207697234692

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-media-audio.svg

MD5 2039c7a043f527d5e80ec522c440d09f
SHA1 bbb6e2f72559e9eb2b3e4589effe1040ef4e05ca
SHA256 d33097ec977abe274da527f22bb3189c6f5c1189e57a92576a7f0ef57646f249
SHA512 a19ef2d9451e1254924b66ff035b1a194510e2a2c5506c9261a9dc36271c08fb35ff8bc678eaebbeb0531cd9624db647246ffdba73853dd153109c38181e6793

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-info.svg

MD5 b6794fb0e52254d43a41ae362ba56bb1
SHA1 81ed0fee1e4bcb1811a0352f674d840da697ba1e
SHA256 f94a5a0b7a64697e1516787b5b41676f1a084b58d630985c6338004bc4244eec
SHA512 cf552f7bd951faf97d31bda7f1eb48213994e5b970c2776893eb26576f63adbe91011e81efd15b484dddac078c823ff4350cc3237afc2caae82b54e558c9e679

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-eula.svg

MD5 69721e1eda0aa1ef6ff02c5c4c6a75dd
SHA1 7732055c0ea99efc4c0cf23adfa1000ac4acb847
SHA256 749314883177604ebd1c23ddf75b50ee5e9ae7b2417b39eed320655cc23898ce
SHA512 c7fb36398964074ef5e47ff03e2462bf9e2c2b1c0b8255a6e422b69c9f7c270b12b25c4b027aa7b624dd0358215265919ec142129bc4805be1a54617c11b362e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-download-smaller.svg

MD5 ab0041869124d1e2d9be0995b573eba4
SHA1 7dace3a1129d8be3145188227e1968a7fd4ddada
SHA256 352613d7fb822adcb3a9d59939eece52b2a6c96585a8ed5861a40a6ff2d18508
SHA512 62bc6a0b0acdd6c10ca028fd9b71ac926d81cb7c60e2aa8b67566b361b6f2ccf004b4c3194937367e1acf6782ef205e356a60bf63bda8d0aa51258158fff11f8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon-disabled.svg

MD5 e044e7f168e3dbd4afadf43bab00b508
SHA1 8c4372c5d046b8ecddf5dd80922786afa03c1df4
SHA256 f15ade6f23d998a6df556e6fdbc79d548a32e663ba6f070ce6ce8a3ee3bce9b9
SHA512 ffbe62198f3615997b50894b11a669db47a80fb6c0a33ffd730c62eaeddcdb9a07d63e01b2f2bf0c2d0e2b48d2cbf56e9408795968bbb9d6ff03df89707facf4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\ur\messages.json

MD5 7ad0649a858f4e95014c3fea1548f41d
SHA1 2550dd3bb45f9bb3099c94f38b661e49f6a56dbf
SHA256 3f833340b1eab794cda9d6a640f0dab61efafc73a00b11d95ab80279f2bab6c7
SHA512 71c260c3de515648399358a4ed635cd9f4dbc8823e2a4b78c7fb63d5dd229147fe65cd35966b8ccbc613131598988d5a843e69aa64d0aacd5593fb8bf43ef050

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\js\popup.bundle.js.LICENSE.txt

MD5 f97026ec4f357898c10c06832e19df77
SHA1 44988153281b07810a65c36f2fd1c29e2d20fc10
SHA256 79a41d8ecfd2ca86ae491599f4a3d75b626bf8f084741243e367413e85a9252f
SHA512 a234a6d7a3592858b6c51cfc8461a9abb178f786251594af46cffbf8335d9390ea02781eb59f097bea61c2e4475398bff7b16264d8f5cd8afde593c2a87a5eb4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\views\popup.html

MD5 828dd8a2c70588772ed26e2a6fa566d2
SHA1 a9f4c420fec62ea3d3fc1c154671b8969de373bd
SHA256 3397f48dba98bf144fe9adf79151f4cbff0db8a9ccca6446067248035605c8ed
SHA512 1d0467a4eaaed18558d4c7184a4df57bad850644deec377e8e334eda424999e9801c54ba11ec566f30e8706624e9df70b7adf348653ccfc5071fdcdc101562ea

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\ar\messages.json

MD5 8441450dd6f8dfe0a713432925ef24dc
SHA1 ddb92697b0e104311a614ef0d3b63fc2f0a27275
SHA256 ede3ad68bf73143f839917ac78e1053891cb4a14ad475eb8cf87b8ffb4aa2bde
SHA512 804f808c0eb913a6a9fcbd4389f4b03ce8a7fb0fd05d8ac372d1f9607b66fd7b36584fc6237a8bdcb92acec22aa29b2248f2a8183675c591645f89fa998369d2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\bn\messages.json

MD5 2f4f936514287fc7a629bfc876214962
SHA1 7e51e14c14660afecb6c1f5ed09c1066386f2836
SHA256 fd0540be2e34e969340386ae63d9a85757f5fee5e21692616582f1ddc24decae
SHA512 1203682055d582cc70a6c502393d46d7499364894afef44736e49fa47be12a56478ed0d89cf267ceb5eed568b9842910816a227ba2ed4b517dc5331f6228e84a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\ca\messages.json

MD5 52fb41985840f9a1e50cd1fd42b4957a
SHA1 4623863fd947c6b10e7e03ae77200439325d529d
SHA256 e6a3fd7fd08a38706705f9b7640eca664c2f0359668615451b2bf09e75cc0671
SHA512 729eb0e384c8a2af211b2c2ae3a89982eafeddcd1062462ce0a4c7b7b71c6f580bb349ee50b31418610faf953f60f0002893148ebfca01c240fbc8db1eddedca

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\cs\messages.json

MD5 93e61c33866c3ce6a5505d46d231052d
SHA1 cd3712b066774c825cc48c3c6db0117b5267b387
SHA256 d19b86a8596fe6a905be4540ef5882f61abfbdf212436c409d2185338466d989
SHA512 ccfb2724a566d00bc3ee85f8b4dcbb5277aa060256a4a325d1cca7d45c4b1ef0476537f263e7d373559482fd3491ad96391fef603b5a2f687fcb9fec68513e0c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\el\messages.json

MD5 53cecdf4c85dbd78162ac9f02067012f
SHA1 3770e1f53f34fc1844cccb00f13daa54ec1ee80f
SHA256 4778c2049ebfe2fe3917eaf367a235f312e63a16fbd1ce167b7d86c1eb2050ab
SHA512 123899db8e0b828fb5509a09be8fdf82dd069f9784d5683c0a8fe76369d220e506297eb1ca43d8693d44e8becf4bace33d5147e731b9d3c377f03cfcaf373e5b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\en\messages.json

MD5 424ecb83cc77038058f02e5765414142
SHA1 89857a385d6fd5566c6a3990b62fa7df7088cd4c
SHA256 1cba9c929be7f5ad6a1c59323f75ed8ccf39f8b6fc94c7034cc1b4f1160fd1dd
SHA512 6eae8c308ad4345323c366740c4cb8bcd6076a0a45fe40c399dfeea4a87c855072d25f0cd6cc024810943d366eff0deea761e3cc094537829d21455edf80d066

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\es\messages.json

MD5 bfcc6945b9d70250f2b0a644377b06c0
SHA1 0d54af0fc125b6cebfec8f522f4e6bfca7000b18
SHA256 7ce37485d03d2ab6b0afb75d8a269a8a6fe875f7ca07e1c62deb3592e8caac56
SHA512 c55eef231cfa1b49ae85349754854993815f5268ac9d9eb56a47f686cb5cb3f25f6e7c2ee1a8188820573b60203be91c2b94ac76f0cef8e008a4d07b7a8810c9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\et\messages.json

MD5 1685785d9c0cb2bb1a56f70691dcb245
SHA1 fd1ad6293d18101f3e64133309b34399468b2cd0
SHA256 29b8a2c64c753f2015538484c7a18e5320880b1919f2efe403d88f7eac8fe6d1
SHA512 e85389d6869910cba620b788ca2ed64d0325b0ea305a9934d4133a2af830157a1df7d14089df4c12dfdaab832134ece936f54bdebab2c783058466613979ef82

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\fa\messages.json

MD5 fa1a79006d2ba9f872c85d3cbf326306
SHA1 cad18deb9f3d66f7c2cabfe2051ce32eba5c39ec
SHA256 bd172c603835d9a6f331729a584441b84ff0c94edb35292d7d99520f3b22ea58
SHA512 9325ee430b5a1a092f8212e0f3e5778dbb34b78328df3ed6358bbe9d9e9b1402ac3b994bfcf5cd68f90647cd98c6ff4ab4e40f97b87a2ad916e52de750a1552a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\fi\messages.json

MD5 c1c245012970554ad682094cefe74b54
SHA1 9aeba7408e9a96d99eb440542fec804e0123a682
SHA256 cad3afd8d744efc863c2342f477fbe70cddc3b14aaf4edbdc6003190cf56eaa4
SHA512 55782a9c9efa89a7df2ad1c5c051d3d77ba9b02caf13505339696c54227d81801a0204c26b69ed4516a071c4dee33afb9abd3276e03cee4cc3af17ff583ad483

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\fr\messages.json

MD5 ef1cfdbfc99abe1e4eca98e86d3dd674
SHA1 275a7afa1a78aa7faf6999212c09d99cbbfc18c1
SHA256 d290252869fa87f839928dc4074bfbed42c274aab6bfbe5e5930f6aa68dadc37
SHA512 123055834ab3b3b569ffa5c7770cef21c3cb64c688504391991578b005a1cc0c6f946be362e6356a2869f4750b43349abf17c41a8cf762559e69a3f87574b4d3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\he\messages.json

MD5 5c8cd3ac5bc4aa157c5ba1bdf5280805
SHA1 500d40fb384c6dff2837e1ed38d48cf06ac4407e
SHA256 9eac64b052b680958ba388a152b3bcfe77173f05c5c6216be0cab9f87ee2365a
SHA512 2f47dfe502a2c368690b3e8cb91e931dbdbc598235ee34db60ee5f5fadd92bb843c49b360564ac0c3c83bcc1c62af9e608467353f975ae45992db8d9f93cf487

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\hu\messages.json

MD5 5b1b74bbe6e2cab5aa6ed7d5501002a3
SHA1 9735d398e88af6e11ac77145f73f9d665b05acda
SHA256 2e806623be53c23cd170feb65500ebac562a0c8bbc7e0d29e934f96d21e846c9
SHA512 fad7df6266127baccbf1357b2c0083edc4c4622f064250c183b3f6f4931fede1acc18a4a37e6147e3ca17615e004f1a7518afe7fdcd63dbc864819eeaf7be056

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\id\messages.json

MD5 d84eeb588a36b6eee18cd112c9c30057
SHA1 afae760b491dc54b670111d6bedad9b9f5c9f6b1
SHA256 770d50dc17b7e6cb508eb196f0c0c7f6e87ecdb2b47a75bf4e40bfdd54d53199
SHA512 701c0cb13be5f5da50ea700177c3dcb3ab3e97718b3b64cf459003e980846dbdf21d7d39c8cffdda98fd4b4ea62da8df52544d5e91a5745dadbec25fde458684

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\it\messages.json

MD5 cc7e10ec4df2d98004829018053f4667
SHA1 264f2e491f14da7191769f2b9188cf80dd5f5447
SHA256 bce696fbe39171fcd32e04ca3ea83b43d9c4a26159f91ea6693f34a7ea19430a
SHA512 9f3e7e39a4960d75f72b8627e1e0c1962693cb60b7947480785433e7054d0a83845bb866612d433ac6316ed62f02d3fe6dcc0c2ea5674841e828725b17b70fff

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\ja\messages.json

MD5 43cd35543505c6acbac39dfe569fb711
SHA1 848c50c3ca6af7a422050e5486c04affd08238a4
SHA256 71a7214dbca22839ccb97ed3a0df9310fa3a291a8a6222e5997bc8131ec3351c
SHA512 b19ce3f6cfa05af964070fc990e8aaa7bb4b2fec465c8b95733d7f7a7061e951dfc42c434435368c32d3410c632055f2c32aac63b1b32ddde8e1b158786da5f4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\ko\messages.json

MD5 3c537b1db243103b94d1b95edcf261fe
SHA1 5fe1fe0c8d61c431be3c5a5b47254a9e9ffe43fd
SHA256 d2b263b1bc4ada18ca63d62eca6051857ecd7cd98843b7ff7a717fb571f0308a
SHA512 3ac1c119c393dffe4481cdb5aaf3d04c3e76465c8bb3fc272885a9c50492b8ff3875bc03d9786cd08deeaf008c567ad54b0c41a23a06aba5dadc4eef16807d9f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\lt\messages.json

MD5 38e117d468c04a716388abea6e6fb69e
SHA1 cb520f1f04414a60e428f3342db44e7223d8d297
SHA256 ff2ad455800f760d9c037617fcaef658a656998eb9962c86426bba388e97c6e8
SHA512 c9e77b9d02f34ca7739200d97864e65c3c773c668bf3eb42fb726c20c14efe99ba9add7249fc93180642f2b83508d4f6623b7287a6f53e3019a5bb692a2dae84

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\lv\messages.json

MD5 6f82b8571ab52430509dbb77fb479926
SHA1 3368d2c6e7092093aa0f388c11e3c87019c4bdc2
SHA256 fa520898715b045ea45f68408e8cb99d6ad27af4ab5fae87f291ccd305e6cf24
SHA512 ad1f0491299223225ab5b8e5829dac88276c2d80d89a5323b866cde4a3b2723fde71cfa4a9bb4fe942b230870cb48340417eef2f1aef7b07bc6c4c0c3096917e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\ms\messages.json

MD5 2d36ca38a28cdc1f407b7fb7ce57f8ca
SHA1 5b941245aaf68ec4af09670465061596308d375e
SHA256 657a34c5d4ef2a0fa550440bb4aece576698c909193eeb8260937d22b07b7eff
SHA512 4e43df728ee41a49ca5e4ef0106b95f14cb01248caa473992049245c616f8f99165b81ace2c39a697452ab5c4bac64b544fbdbb943b5dc6f04ca508a14903214

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\nb\messages.json

MD5 1d6b1e727f0764798991e8a281523243
SHA1 fdd34652b933823a1fc637c3f9aa402090572ebd
SHA256 af2389c2098cb990c459cb20841056e839880a74ba627c65274aea7200875663
SHA512 de5b24ff810bc7d8e10f97195d034f995fbdb9a22bfd4404514280220e33dd0294df2749802ca7250476035b345de34d7306367b837a5d1ff12585b8a7769d17

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\nl\messages.json

MD5 6c2cc5d6e8abd145d8ea3a753b083a9e
SHA1 b4d793d0d8c72f518c3693e605896a50078e08f6
SHA256 5b7df66f997edcae8c933f6b90303b0b27bc82ae6250f598dd5e0a0c6fba7933
SHA512 78d8f7427cea1d883112a35a3e476fa52701acf6d2341c863091ec575e6e5ad96f645e055712ce9be7a92fe65927b8afb5caffcbc17c7712056fe313e31d12bf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\pl\messages.json

MD5 e321009818007f15ff0bdc66dee7dc89
SHA1 b85f94320fb954cf437ee540eb49fdf219755859
SHA256 21ec8f91f6f89c21dcdac130caff91a9acebdb27fc7354f324c8def812e268f4
SHA512 2fe60474f95ccbaa67a3f4e82d3730aec284918735d1e42ede26b9cd1615647ec7e7e9527b2546cf32299a94eedd9169a9223c07f9df7bf3c9a68bcdfae06400

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\pt_BR\messages.json

MD5 2b19dbecb791310e0cbe2e92a8f0416c
SHA1 1e183c01cc01ffeaaf0185cbe151f7d098b80a55
SHA256 63ea8b8ce94103c978eb1c4290c188d3d80370e858cfd4616f95f18947bbdd8d
SHA512 3c55e32086a78b782ffdb893d777db1ca1efc512a90d3df602a670f07c7b608a6b14a520cd08620c35e4e5666a9df96fa85656b3e51d3b634aba3365d88ba042

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\pt_PT\messages.json

MD5 a1d011423a83f4d844609a59415673ba
SHA1 f1d9d4847b096dcaa2aebb6a091cff7b06ef4226
SHA256 9a671efa8ce2b184a6e1b8a10b865e49749e6e497faaea8c293f987fa34aef0e
SHA512 74759a4ad46cf3d69475d466658c87cbe95c637d6db14662cfd20ddbe31502e08990f1a5bf36660dce3b13456cd1b7a7b4ff28f49c691f4517532b2070f4efbe

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\ro\messages.json

MD5 10a3c549232cf38a22503e18db74110f
SHA1 1248c03a598cfec4e6a9e8cd181731fab9d4f353
SHA256 96dc84e96e7cc7cfb789ef40ef64b0b9ea02160555f15a755617b8ab3bd8e4e7
SHA512 e731c7acd91f6e243e63928f90e0ad418086a6879dd335d75aa9704fe6f62903afad78ea500e5031ba0c90b961716b918abb0a87bfede2dc7196d225c37554c9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\ru\messages.json

MD5 00d743300db14207f939b90633d29f23
SHA1 bac6d4708c661f02fded9b290aff8803b559641f
SHA256 6be04aad2a090d7128c33410b7acd9b9ae15235cc03f83c6d1152df196cccde5
SHA512 13aa120092a19c9c9afa8c4090c6db96a20dbd5ba2751fc3991e30f42e19da67eb034a6091f0acb4d1264ba7dd95736b25a08a6ff1992596f60ea2f97dc0bcb1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\sk\messages.json

MD5 ef5e6fb6d3c31317e9feb88985043176
SHA1 f2c4c689372538b9d252f293b9a3fc8f3376dd1d
SHA256 9d89934d053fb02bb0437c2f09f0513f187a287778d74a48a0a2fa9e7ed24c2e
SHA512 4d3f67de5ab9979c39055ef657e90d1c9dade4d703933902b85583683e2cc29933778e1fee8d71da803a6fb861b55e9f1fa0b672b6d69afbcaafc1f9d684f125

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\sl\messages.json

MD5 7c58a4b80c7ab61c8cc62f516d468729
SHA1 41dc25d1dfcf4d5645f570421c3ac2d4818e21b1
SHA256 c8c95f6210c6705060a46518e2a49505ff0cd8bd3cc554e80d929c72ca1fb16e
SHA512 8b1f6aa16d629727308471f3863f981e8b6b85c7614779a4b2ff81c320e64288714d546a3c52d560083dcbad70ac4d5c6da2da7adcb1cf862b30053d4235b07e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\afdflockjgafgkiffnchalnnfadffleh\2.8.226_0\_locales\sr\messages.json

MD5 d84ba5f992d0e3203cd04367b3aa024e
SHA1 211fe839ff0c37bd1c1f64ef859880c444b2f0be
SHA256 bc2ac3c2f95266c835f18e7c5a1dfd126a2a85b1cd21bafa6c95d45941af5f10
SHA512 90af9bf7b31da59b31d2bf87727ec5f7ae56d5d55b01df81898e7221b2fcacb50064b93823147c9ff2cd192e54e56c2cc24056cb7683e878106c00ac86c9eee1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\th\messages.json

MD5 52f4bb8fe11b36b95e902873decf3b7c
SHA1 f175e68cd3caec3ddf2d7830e0d26de4d3514bb0
SHA256 a64856f20c0c5eac0abd9a828d458ac6ec3f22aba4cb695b70264d69f3ba56de
SHA512 93b8ebe9c0f2acf5b01d2c5b65c6ef30e1669d0b7496db45731025575fbf5d00f2c43b0008e464139505f2d3d7330e30b4a05fdf0c9cf9701c5871e57bf20d09

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\tr\messages.json

MD5 189d203789e3c41d65b79ff4e605871a
SHA1 6688da33725bf53956e992bf788e5630174894ee
SHA256 05958366e02d12557b1243d123f8f65bcea75dc7b04ad577408847452a3f1bf8
SHA512 57e23cee9276c8b3d88f6e2f4b307cff2d88e4d7f28087b4284737bcba891840a0b1ca8ff4c9176fb8d7c04b1402d86bc0351daa2d8d6624f7d988fad6e47729

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\uk\messages.json

MD5 df49d9c898abacad2eb349ef1e27e598
SHA1 959d713c211194f8cbf152f8f4364546571dc5cf
SHA256 14580cfd8e197099c106e6c887fe557edf9fe844ceaa7a32244a4372bdb327d8
SHA512 b3bed1e586e56e625e45cb4fb06b22fb33c208d6d1f3e68a6e7f5396833682ecd064fecd38cbef99ed3e96c3cd84176c59255586b96302164f2861efb0031db1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\js\background.bundle.js

MD5 7125417158ca0362416b40f079454829
SHA1 e0aed6120e66bc36794e55791432d242d1da4d44
SHA256 6da4fa4ff24c3b81e469ca8019fea45b3f6629f35fe77a5725da68ade5b58f3f
SHA512 246dd01295bf88213a5b6a57d72b9d9a7b169bcd1666c6d53388db99d0e54ee1b5ad973557374313f53dc15954d5db6ba330f82db997016f517b0467246ff94a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\bg\messages.json

MD5 420a2368f9cffa2ab1192864025c4ec8
SHA1 93463a2c59a5d59493c76ade708b011edad5ae32
SHA256 ac438506f210cea6d60032a609d846b99a33626e4344a59cb450b96f58b4ae10
SHA512 6198ae9bafd0a8277bb42f959d1706553b779d5c31c3b171b9e1f9220563902228f9c2d6bb03b8f6bccedc1732be095f35bae54ca52657837a1944c067d65e47

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\da\messages.json

MD5 e6c0ff5df4ca52e437adf952a65d58cf
SHA1 beb94d80761f55bf31c14087983e64a70559ff15
SHA256 82e6b4877c58b7e44f280e77273910b5ca414dfddd3f8d940c14873762ca4132
SHA512 98225ac988b5a1943194698a2e20241d9b0bdb897cd4f81745dc4400f242863e54423c03774bc8a341a894ccb000f35883e9b9ce858a9ee4f3911e8b73d2d4ea

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\de\messages.json

MD5 8a6ab8eb85701835a510e01ed53172f5
SHA1 8affd2c4bfb12205520dc14e3c7ecc89c43c057d
SHA256 e6da356850bb6f2455cc1ec6107cbdb408f9925c359d73c399e2641093cb478e
SHA512 72616bf402542a039772d90ecae5ec1ec24fae2977b0a7d351ff4a0dda19d0f1e556b967f4630b52c88f18bfe80a28e6c55e0454c233ab27f55afe420bc595e2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\hi\messages.json

MD5 de6f0e03fe41d97736cc57877a58988a
SHA1 6e890b907a9d2c05b16ba36f80874bd5604f6796
SHA256 f21383a4d1a23f13dab94a876e025f200d099c756a6c93de2ef8e4d5bafc500d
SHA512 715b376e498ecd8faf6ea549eaf8212e2d23ece6a063873bf9aab5ba293556636b15860638832b7de48d6cd263ecac655977fee63acec3580b871d34cefd1dc3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\hr\messages.json

MD5 ba1e41b75e1d11ff5dbdd8c2410e3dee
SHA1 bae988b25f255f4a77252c977e3cad6b580a8c78
SHA256 c5d11aaa60f1333a8b5c1da15721c6ea339a377206c489999e5733db0ba64210
SHA512 74a98f54cfceff56c18baf9a858b18ac9f3736ad9fa799c4e6bbf9f1f844bcfc2b109aaceb17a47c5244bbf3cb280231ee0ed8461398c3a7f0a29009ad895037

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\sv\messages.json

MD5 f2e96ab412946846949ff14a5d2983ef
SHA1 982902fca2ea340b2b54ebe0bd14f6cf466df637
SHA256 aed4bf254e4e1c662494b2d721bfbcee92e2489422c62c554d6bd3553790d551
SHA512 93dc16ffe815f3c2d9b9561840f49d917ef83944919dcb1bf2ae1f4e8633cc2e6c54fe001f85656d23852506fea0f00bb044cb07eeee67523830b4d7b7ccd4cd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\ur\messages.json

MD5 1d9b2f85fa2f5f8a05f617c8062de910
SHA1 db8a89618714eca4d616cd9cc8782c6094d30402
SHA256 553e60d4b2f59fd768541f36153addd38a4f1b10f2217a064b3e1a1a91bf2e2e
SHA512 a2e7a79f3775f1bfadabe31fa9c6e2984734a4e3c719fcba80e3673965a68450a888699e7f472ed02b9918fa8a47012091df3a1aef783f50e17649634386f742

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\vi\messages.json

MD5 1c8e5ec03a445f023fe3721803a1edab
SHA1 626baab45f130661aebee3bb73262d62c9a6a87a
SHA256 4aa936f7b503b20eec150fbc2a1f41f3a8372196c1af7235d51fac1214353737
SHA512 54d9020e1fbae60e1682c174ea696e9634714639e66e75da4b8cb95fdda3e4aeca8af9735e2e14518587f62b9f200f90d1703e96b935fc33695836d5425bf9c6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\zh_CN\messages.json

MD5 1468afb14a82e519e443470d40dc0e00
SHA1 ac2ce31edc1a92376480c0d6993d87ecf0c77e9c
SHA256 8d4737cba0960cd7e43fa0a6b4594dfa4962c89d54cea9e341479fc4c4c191c8
SHA512 71cfa1905f00a87c4ee18904961c27d580133c677592c2f9946c9782174f9a1567cae5c3ed7ceb02d499d9f102c2a38417e9e0e5e7421790320fa97e624ad325

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_locales\zh_TW\messages.json

MD5 460b360efea245e592cf883f85dc8e49
SHA1 5abbb38d11808d04ac74e85aad26017131841de3
SHA256 3257c6d20a628337af2f48cdef9b85ffe94e23459f4a44755e6f02e5b48bd647
SHA512 b554c87ff3c02d69d14b54b7a6403fc322ded0228a2337338941df97ec3be7a7f891424be0f18fa11be4f0d91b51f3e04581ae59b15145efdab389fd62891c64

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\_metadata\verified_contents.json

MD5 5228c944434287eb6f7049fb30d41f1a
SHA1 54d792c3f38f6c8769de5d6d707ed9153d70598e
SHA256 43ea601c7dd52c49d909d84ec309c751f055b2e75b5b9e8207b58a2585af3963
SHA512 9c4c15e56c002820a74296d93dd91e950c1cc67fb0d6d7f93829e4939beb2987b1795144f4bd649af6b9325d3d6fa565c08c80cbdc1e2608c288b31c472ddd47

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\manifest.json

MD5 f2e716903cb344130c88e55bd128df62
SHA1 daee1ab05e91b597f0af7de1b71414fe395ec90b
SHA256 a2e501c2cef5e30576d309eb5dc51e1e84a4423c8f142679c79cbe0655b7253b
SHA512 2fae22633a7702bf74fc8c0a556c457354a4bfe26dfd7ad2098c0ee0fdb085abc2894acfddf7c973e6b739f5fe890499df582dc43d09469c39dfbddad7f70cf0

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\CRX_INSTALL\assets\brand\img\avg\icon16_active.png

MD5 1a57b978ca5e4dbb81a9e183690da417
SHA1 01520b377f5bbd25ce8bb44db392b306f4d4b557
SHA256 f8ad47de68154e245b01800536c7106e1711f18244d614d70acb207a8ebf4124
SHA512 ad03dcadc909bbcd54624ab0f03e480760d79bb1f1c0de69efa6ceda0dd82b3a3aa451a8e8c48a9fb61aa4673dbcf7f04a0ceb748adbbac15cc5dc4b653c862d

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\CRX_INSTALL\assets\brand\avira.json

MD5 d2ee8c602704e9cc15218e52f0cb8759
SHA1 1f80afa1111a614be131acdaea07765311371a5d
SHA256 52d393b4d63456afdc2f1052c27a6849c0db8c4bfeb1505288c3e97164b0788c
SHA512 040f21fad4957a8323a74ec1a80878aaa1e0014d9978461278e34e520ef8ba367646989d9f0c22f6312301c24590babcf8c9a1ab9621481cb802de620808e252

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\CRX_INSTALL\assets\brand\avast.json

MD5 d42fbd6d5c09438eac66072eedb7a0a4
SHA1 03d396396662f8273e6a02dab3468e67c4345587
SHA256 fedb235cb7d2955362004b5317262bbc104112af8062683de083d7a22b18f12e
SHA512 73216fce7db291c5c57c9848972781e48d11888e9b099a1bc23c4d267390f26bb97bf65f44f48080e6390bcf8a38a40b5533b300c94e65dcb689f52a91dbf5ef

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon32_active.png

MD5 b43eb055d738a43fe26f1cbf032509f2
SHA1 260582b32d7be10e70bd7d08e274d7d699f44076
SHA256 ac2a0b07a0fa941a5ccc0aa88211e5b236786467e817d77724c1f54d9fb95268
SHA512 b3b1ba5d8d9dc8b7b2ccf40f02f673889e68240e36885295e579308099cfc06cb547ea088225fcca1228a7e6302b2b41d4d396020f33643ed1bc22f737c4fca1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\img\icon16_active.png

MD5 bb99f03ad1dccf577381b6fb0b59916d
SHA1 b27b10ec2d3a2ef5a6dc6caa17a6ed9cd778d76e
SHA256 f95f8463c7f14eaf3c9212c0c8963e3b7370ec6f5ef687080d99931aed929649
SHA512 f52d5452ca884178a1d0b81faa187632fd4a3b3072d1d42c44da926fe4fcf6d267f80c5d14bbffe6905ef47057d2bbf99f9164e5d7432f5d17c520c24e601886

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\ar\messages.json

MD5 586da4f7c6c9fa26f6b3ce5cfcee1539
SHA1 320abc15aff2e763d1926e64fa93afd485c855f6
SHA256 add95240966250809beb9eaa712c99c40c3dbb89bb0a74e7425b74bbc76352f8
SHA512 f0b0e73eeb3ae127237b14d6d1d22b2ba04d6d773968f35c2670a4001ed1361ba5bc0173ca4e0465d5dd770d1a45a7ca89a65e6ae27b621ea7ead39a8308498b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\bg\messages.json

MD5 708e566dff6ba214ca26d02a42456e80
SHA1 e6e01426e5bfc9843a5ba182daea4ba8feca7de4
SHA256 fc69c369300b45326196c9adb1df6b637c41725ae2b35b04c02bb482f2de35dd
SHA512 7d8879ae7bad215690fa7e8c7e67974eae938ce5ddc7166ecef72152621bf24d5669984cc69bf2d2a2a02697b1ceac179aba2c1c58c0e039a47eb728c23c6596

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\bn\messages.json

MD5 34299c114dcbaf35bec627110974acf8
SHA1 6ac8c835ba465e143b53585485093e21055e5fbd
SHA256 c7303a62db04bc054d91f2717a0e00fd8600cefb57f2ebc3a61543ca8cbb8280
SHA512 43b546dbb2548eea38f737f5ae86f54930168714f01ffbc376e1e9b0f116ae841b46e4a3d7df744fb823a8c917804a67e5c23f5f6ba2881c8bf2bacf3d6f742a

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\CRX_INSTALL\assets\_locales\ca\messages.json

MD5 a1b5f103956ec6d503a3cf872ad294ea
SHA1 9ecdcc86a341a9bb704390f0cc78cc00fd2cc961
SHA256 65403c5127035b41bb40681a2d64df988782087524be7b64bd8bed6e07d38b77
SHA512 8872c14e282705e2b5e62d4ed1dcb136c0fc93bfd71585776bfd784486b9b38a28e3abcf5cbaa827976ce40642eabe6c4c9375030358815166aec65eb5b3ac27

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\cs\messages.json

MD5 c035097ac2fb58a40979c9b48c141a8f
SHA1 8f95b4c062268ca52ed60327d456d24929c874f5
SHA256 02468c6ee7e11bee3d0c277370524634715b47a68f9c86f2bb1aee93b5a7a3f0
SHA512 2be07956b70fb0b7721e9596174f7e331cacb4f1e51ff39348538b6a50b059783a77539c059f0020d583f01eac47b30b9824ed2a1088db1307cc7aed7de16bd1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\da\messages.json

MD5 1194097d5d7d09ebb3f822ecf0cc35fb
SHA1 99de90fb03d6a5e28942eaabdc4f47ff29223c70
SHA256 0db06fdfb285fcddeda6602d4ff8cf4d3d279431567e84df0a9d4179a0979a5d
SHA512 11e8ce002119047eb0423f2a03165def1e308366123e3da716ca603e8f82f12abcba46e4a9703f102fbc2bcca6f3c5444a4cc4ab14a7726793cc92e5dd18ec9b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\de\messages.json

MD5 bd879274879110406d5481d61890a927
SHA1 9b6d288ac98ec54154a8e80b999394c8999f9a9c
SHA256 6d309fa7951875f96b5ec940929ed2eb188f5e40e0ce10113f41ec586757525c
SHA512 b0ae3c0a46e3c652b746bb0fee897c2bc34ecd04feba9f800e3a656ffcd1dd58b17d09d83d1dc3955a9e1be22c538397c11f79e994a99525aa522eb1ef257194

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\el\messages.json

MD5 f22130a7d17060d385b8fd01ead82792
SHA1 a9e6113eef928f7339c65de329028863d1727ca4
SHA256 77053f303f5d8eea152d4bc4ccf63eab7b6c818e2c36a2605a9e2ef659604d49
SHA512 14fb1157397300a6d8a5a0b3a1b15896440f5f051b1cb0d3f30989e5f6810b9a35dfc9b4f1985e332bac2e56e6d25ad86635f659a4db5b538b1cb5eaa25bd1e7

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\es\messages.json

MD5 3994623830499245c47d5b721afece89
SHA1 942057df75ff63fa16a84a970d8ef10901faabcd
SHA256 3c5a922cc2752268974113058d89a034ec9eb24fa30322f066bf9c876d54abe0
SHA512 ab8b82ed1269e0912e75831f09a32eb7689f85dc10c97893ef1355d3ebf4e09ef613db36039062eeaabe23958599b9b94ac183243fa32312638cf2d2cdf8a322

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\et\messages.json

MD5 53fa49618377bab5731a9f237eed2bf0
SHA1 9140ad12cca417a71d0829186aeb73c3c211bc64
SHA256 c730c492753ccbbb2e70af59f3ab028330f671d8dc5cb083ac063d5da3aeb477
SHA512 b640fda2c2555de19861038945680e3b503ef54ab014e1c5686f6d190a5bc24b36b8c9b9a9480ee729a9accdf534a95ee3710a6faa63236ce9ff810ba57e4f77

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\fa\messages.json

MD5 1eda53b9b504a768929f352e573902db
SHA1 c4c8764f959c31361467e30cfac05e3a46d6d8f0
SHA256 fbbe5b8b1d2c8092379b76bcd97464e52e89a4ecdf5cf68131b121eccd1b88bd
SHA512 767bba56580268a61e535b7f039005a37dee8fe63cce3be7589fd70d30871b6c0d6a3a18e13464d34c2ac140f0a19d48fbe055690939ff49e629589944b9df8a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\fi\messages.json

MD5 31e5cea9c62e92e3283f2664847179f9
SHA1 b8c72bdf89bab1c72ca5ace2809cbf9ae173c2d7
SHA256 45b648a8a9db6f2e200519616555debddc054263324912fd4b34c23a323970de
SHA512 8180f3aef25cad0ab90fb79d8b7e5de6fa77a2ce2790eb070ac1064224943250a83482fbdddbb303326bdbf9a729dc497175735d89e76ebb794aa67e39c37b81

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\fr\messages.json

MD5 4636ee70b77854121d82b75ed4feebf7
SHA1 9f9e0bfe8f53a7ec08de425397771c5152de983d
SHA256 8b3a905494ecd936243d05a79a2b19db220c8204d0a284e55f76694ebe7a10be
SHA512 2541cbe6f7cebe2f24c455521dfeeaffa541e9d9be55cd6e856abcb3bbb8a8ac0cee1a99c6323a0ae7f853aca1bb5c72490d7e26a94c06b7c0caf07ce24e1d44

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\he\messages.json

MD5 4e8d4e8a29051db4537599973d1236a6
SHA1 439df1de0105033e254fd9b7f81c40d0de4c1847
SHA256 a5b0da3310dd680729565910f8a2e47b3c8cae44754e3ef3f1d4f08d85fd99ed
SHA512 755f356aae15de33a6303dde8e3c48b132ee8f61b053575c9cb597db3e3e8c64839c679b565fb5c4f7c76129f47a161752eff152a343515100aeb943f6271ca0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\hr\messages.json

MD5 acfdcb06a7a1ed966aac15c5c020b81f
SHA1 a0754b47aa842febb24a82348eef914ac853e1a7
SHA256 2259b75f5a820b1c66cacad493eefc7d2c12b017180c7337438cd279158282d1
SHA512 b8507203f7d5b3cd5c7174fc5a579941289502444a42ed1bec7ccab58b009c399c54bff884ba6e82f60018f1bb8d36cc2ab0eeae6ea17e33860b7d5e1ec63546

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\hu\messages.json

MD5 7c8c65880db9ce0a96c2791a93d2cbe2
SHA1 3008896d667c746627a7e568bcd7cb705b5a4d71
SHA256 5f8c1711cd780531f8c4196b77015de9b24e86ab398c833d22bd8c17a2a46099
SHA512 457fa3cfa42371f8b8c8396e914ea333a9ca9801479e1e3f5b7322dc85a80cdaaca18b09bf758718857d3720482d9b08d72a945e5aa53282a8532fe5a36c686e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\id\messages.json

MD5 258c13b68523d6ec2e08ffc25da8fbf5
SHA1 a9e4c1ddddeab9f8f2addf790541a85acebf5363
SHA256 928a49de53957200df9358408ab11f56218f69df6c1245f7ed06919410463ff7
SHA512 573c4cdf6fce9123b65e821685e4bcd390ff9d6fda6b4fce9c57a1f3bd983a93fc394db9e52ed50a8d56687e8188bfa61caa8e114698d3fc2a958708a8c33f8a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\it\messages.json

MD5 e1e7926ee0089381986259c26260f3ea
SHA1 b9d1790ee5a3ef8fa8bdcf09e309a0491a5f40a1
SHA256 8096f0f1ddf345a6a217efce3d9bac974f7ff2121e51419ab5884c691e042c2c
SHA512 8080db6f379e7d1772912807e07dad30a995cba5b76a610b22e329fdf3e2b2c478970f3412215b30e6d9fa3d7e157b36dbce0359e2fdf980cd4bdc05ca15dfa7

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\CRX_INSTALL\assets\_locales\ja\messages.json

MD5 a4c745d4e04475a919d28ace118d05c6
SHA1 df0bdae3d52b2b75139530d48768f00101fd0715
SHA256 cf1b3849bcb448936eaef8be6b940f4f434be7e59019c29c1faf8e935c531df0
SHA512 eb35f011acc656d3ebbe5ca9a8b64295c08f0250e4005ee0f3ae967429863cb7b9b4362f0e7d8c509e5e30ee9bd13bbe0ac3bb87e47a8cb4a621317a87c59d73

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\lt\messages.json

MD5 a6792b44c1a80b9563a6037464b2be9f
SHA1 062417c04f2fcb7300e3b3680a4d978b3b9186d7
SHA256 d70cff730fef8644965369078586723722f5d7c62a27a8f13233b2d70a6f57c5
SHA512 653d4bcff6ffdc390de308ac57fba768299c213ebe1ea9e0abd7b3f78629cbb6bf3bde12f99e94d9a77e7d83a197f01355bef3ad144227ecc3af82fcf5cb752b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\lv\messages.json

MD5 fa6763d6f87364cc9089d9ba7c85d4cf
SHA1 db0667620b1eb6181aecfc08a9a2d6ca529090a7
SHA256 efaa4460a2481bd4f6d68a2f9066e9c10debbd635e823e14f74ad9c077512bbe
SHA512 83f7b911f7512bcf0ed0c5e065012c1ea645050a3aa3318e5459a91f895e849493465fee1cbefbc8bcc51f58311b187175a05e8900e29973a2a73cb14289d7fb

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\ms\messages.json

MD5 d46a4cae10914b9bdc3c75b8aacc67af
SHA1 52df2665eca41e17ed8350f22cc446c16733cd65
SHA256 8742d729b5e01284310215b453e5333928bf3bcdf7b998bf8da620e95b821ce3
SHA512 a50b6f156aeffaa4c76c02e05b66c9d1bd0c4f44e0a4efe031a0074c5690da97c37b015137be062a0c1cd1e1895a1e37e69d7c053e3928de68bc45454dd50452

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\nb\messages.json

MD5 f3669fe9bb96bea25ff8691954a6aaed
SHA1 9439e5e75a37c1584eb5bb44456ac4d15c158dec
SHA256 2a450ae2172cf2e83b64d29dad2d5d19a334a4cdb41871795bdde4e7bf338ac6
SHA512 92a3f00e5cb12ef1c78928035abca1aaca9209408365266f7e2b33dfb584bf7c783cf34ad224b258916c45547238b4f3601709a937c5546eaffae3bc69804a1b

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\pl\messages.json

MD5 6c097e0e80fb752511003a50bba46401
SHA1 f9a92fb1be555b836650a08a38252e51dd7d3cd0
SHA256 583b14ca653f8d908446f74d1f7bef8b76c7b1a40178d8b9d1cd0230a4862f31
SHA512 c6b607f276c7559699f3bb9fa874f44bff0f8512c05c76863f0acf9b9c4ff56fe392af8545a2c5567b6b85d57e0ede4df4ba3c312429fdd3320baf8d9ce52033

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\pt_BR\messages.json

MD5 cb249a2de25c5a11d68f9eeb1a14ad82
SHA1 c3e7aeea6d9135be1f0a15940ed50f7128d084c9
SHA256 27b30d4d7afbe0ef62a47ab204eee93f1704fc088704c31641662e77ad50ca6a
SHA512 20ac6aeb2b3e8f41a8ed0388538f7fe742de12ead8332632c98398ea0a4dfa1ed222690686e09b7240c1eb9ee72e26c5f024a2a4891d48ebc7d1e73824049770

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\pt_PT\messages.json

MD5 79710760721c054e93cc1b5135eec6b7
SHA1 e81a7f20fda59e640509c077da069a5223acdd6e
SHA256 a7373f7f9fd7eddaa4de289bf3303c1b8ddd233ac71e588e7e43a3aa5a5a9818
SHA512 fdfc9dacd3f53de736a96367af5eb4bb306f5255d497d0ee17cb2a3b6c417cd1a02fa51eb0d0c5d0d2362f0c4a95a598caaae3d4b9ec524d4a33f04aa9065af9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\ro\messages.json

MD5 2c50b872083320deb1998e77291f55c6
SHA1 0c3ba9b8551bb4baa0281493542a6b00ffae0689
SHA256 02281d5e1c2c8099c852f1e0a689c978e2bca0554cbb5d2c254b8bb33ad5f748
SHA512 cc60d7d09b30ec050d78ecdb148eea018641d637dde6e513fadc0f41cc69d134ca206e1e8dc89a454775b440f1d72ac297e131bd8592f965e90e912ea8c0fddd

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\ru\messages.json

MD5 50bd10735ce2d540dd6656a194ae9811
SHA1 8af53533d654f02c93e86fc24ae3b30db8e34494
SHA256 33a51fe3ab998684aebf700a0171ffe5da5cb2d24791e682ddef4ba7f9603165
SHA512 9e658969fdb2b666df53d8f6671abfdfff2794d45c45a9219bae342cfbd77504ad2c4a71fe7ffce316ab582c5c0d695461babf249bd94857ae0b51295c968165

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\sk\messages.json

MD5 e7d7ea89a7f4c60ce712e816c9104d39
SHA1 8acfd37d7219b0f857b533a73ad0b1f0bf58a899
SHA256 34181d5736f792a8b04976cb2fb3e6456b8f174c0d9cd3e21b6394d7396a13b3
SHA512 b42513b584aaa232c51fd0cea94104ac85f24bd532a8619a5d59e9cc7ce33cf947c65abc39f59d5afc523a6a20cbb933825e0fcae25e48adef9015d6d0645b62

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\sl\messages.json

MD5 04e1ed77c991918f6acaaadb4053c981
SHA1 970f97488baab7463e62d0400c850c28b3bde0cd
SHA256 08a1cfa5067d4bad3231942570e62cbd775bd9557f33b9122b75302f27d1fc12
SHA512 99702dab3a52180729b968f38aace81a53174a6c9ab376c9f2c3ba204450b137446e454f0645101d826090a13ac44d27fdfd207ffabad42dfbede07dfeedac95

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\sr\messages.json

MD5 51119f4867d71ff4bc7fa727a97f3b28
SHA1 a9510342912427f9bc9cff430f324574bf7f2d1d
SHA256 b98f183ee6887975658a7c17b37bc71f5d75865b60520aa229db1d91380c86a3
SHA512 877e3b31541008562d0b20ee5d527bdf9c7b7eaf7ec19455c1d7181828b793a25500de7417494554a3e4c195da210e9bd8e722113b791ef94a256fe990664a3c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\sv\messages.json

MD5 6bb96ee7d983cbea366d1bcac498e64e
SHA1 5ce8dfb49f6a9d8167b28e3fbc4c3797b0379c98
SHA256 21d18e7be9bcd81ecab8d762180fc67d1e49941a9897833ff0c4d8698173d2ec
SHA512 f07e57fd89acf4378cd7a1c6c17bf1bdf6d4037d02e8b49a59699ad9c65b28ea0c79d4932755527e7515644253cff25aa0e6203f7164c247cdd0d188668f0cd8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\th\messages.json

MD5 597578df1b873575f5f2218502b20928
SHA1 d7a8ea08ea9c59964b6bcd3328ef83b49e0b66d1
SHA256 402b276dbc5ae729c9383a7c4218680b5e26502fd8a6d76f244bdcf7dd81cddd
SHA512 2b22a2bf7a1455be797f083e82b0cda83b09d8270fe2d0249633c0edc312077764065b07c46c12658761df698ab9c50bbf7caf5b7e9d042fc05cd06682263838

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\uk\messages.json

MD5 eacb08ff627f40a78aa0c5235d550b2e
SHA1 1710491d72fb578d57a76798655f76de1c428dfc
SHA256 782ecb884f1ad322ce05aab3693f871525a896d5f2c1e3467bc0c94b9b82f23a
SHA512 3175255dd12b41175d7ffffcc7cd5cbc945504c042609ce2c58a9ecffb6be82b19c58750b42bfcf04b35be551c162fea64307815f1aa650ed051d3faecacf22b

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\CRX_INSTALL\js\content.bundle.js

MD5 4f48bd044f60013c055b6b0f9de1e2c2
SHA1 225a5d61614c0d297441e730a6e2ed4865c46d09
SHA256 d785ceac31ce5a32997f79dc16c3ec530ec698eabcb35227a883c9755d02f77a
SHA512 0ae272b8419509329aac1e6823fd7ef1035cc734f1e9cfbb22054deb0161c56ab98bdfbc77cf4e5813388edd96878b20cb04c12d0665db7654e8f36164d080f3

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\CRX_INSTALL\_locales\be\messages.json

MD5 64381d8c3b105caebf9cd667ff8baf86
SHA1 6fe1a12a3eb14d11e5ac06c878660889232d83dc
SHA256 0092e6a5c6f131f4992267a5e0e1ddb499d038b3e87454de3207da6c7ec45f63
SHA512 86c80105291be8485343d2a41d849f0af9a688cab6b7269ed85317fa666ec755c7df2de1d8b136c3ec0681d4299a98ca4facac0d2c27e96cc11c9a3923d9ba44

C:\Users\Admin\AppData\Local\Temp\48a60bbd-8cd3-48ed-8ad0-9a7a4ff138b2.tmp

MD5 f50e00df362d5a597b9e7f549df2587c
SHA1 cf6aafdc3f25bcffdcabd3a5db2e40d1cf42dbc9
SHA256 1518106d36a5770684ce0cd86279e19ee601225d9222f7f555421990a130eebf
SHA512 4691ef983c58d2f027bb0a283ed0a3b11da972588c4c4ab3462fd2e4546f0df85ed1c1f56a481cd86470e3ed02ee8859f22bd04c75a47ce1fe5cb5c983e64577

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\nl\messages.json

MD5 783cdd3025be5b26b041e2cfffbfa5b7
SHA1 a60e31bc7d6fe8d669bba05b8f8d3994233f8288
SHA256 3c18001b4ebd69bb45994c967b916dd244c5a121d792ff719443346b64c86065
SHA512 35337ba5d6e5188f6997210b4fee4a2f2b82ae79c03908257f4cc3e02a2ce021025424540959c9a2be593fccebeb14563fa94af8ebedef146ee951adb23cd57d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\tr\messages.json

MD5 5a6163c6714eb924d8e27e1dd58dec5f
SHA1 c4a2a794dd3658389617910ae53c9cc698eedf77
SHA256 37c3dc09df29369a72c4d5a9f9eaee422d72e43d8796d57d94066e050d1404d4
SHA512 4eef3d04a8ce0024f5267fe6c5bfe7c1641c553de26a758d886858eb448ac79b41251f526bcb2e157994229478b0b15fa97b80c2f7f1a41a59c773af2a464dbf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\vi\messages.json

MD5 7db1516bbc16ff2d2b8dd7609672391a
SHA1 76892e939fa6e3ca89deb63c1c23c41c82a9854b
SHA256 743228350c1e699f2c70f953a0ea84dfe10accdcb150a1295037d0e0d0e13ea3
SHA512 8489879a27cbd8f391c4f948e23c9bc8816b73e433446f37cd88187b8bad883e52919778a985b33ba99b5905d00527695bb51ab1ec2853a54c1c7e00b932ad72

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Extensions\Temp\scoped_dir6768_732331918\CRX_INSTALL\assets\_locales\zh_CN\messages.json

MD5 05dc7b51063b8bef362dfdc3b74ed64a
SHA1 5492b44db73609daa6efcd2525e56f16c703365b
SHA256 3a514bbb1590f4713b1fb1e876fa5b00c784881bc88e13bf0b611ae6aad6fa9c
SHA512 dfeb216663ab780c65394d806e8e08f9b938579aa6f5019caf2b78163d4d572ce2b8e323db25eec851e2210eb21a7fde0ab82ef4923e30cad6b30e417f7d3e9a

C:\Users\Admin\AppData\Local\Temp\scoped_dir6768_591546590\CRX_INSTALL\assets\_locales\zh_TW\messages.json

MD5 f4daef8da1d65cebcd5983db5decd8c4
SHA1 e3fb2d024c8289836591458d122d62a9a1e14727
SHA256 822e0161b64ecd2817aa11f88ea821bea347ebd0007ba34b075c32ec5cd9c7e3
SHA512 638e8e52c14d454cd59324ebb9b3ad70c494374e379a5518cd951b8cbd4605dcab824e6670bd9a4716588db598623145f3d10ddb58c07f86f485276fda878928

C:\Users\Admin\AppData\Local\Temp\8439aab3-d831-46bb-9089-14410b2f3b2b.tmp

MD5 74638a4d191dee2a0f0314eda3d0b51c
SHA1 84cb3a270cab5a24eb298082f436f36256b0042a
SHA256 685533a3ba2457337e069f1d933bf33950730486c0d61976be01e82cd70765fa
SHA512 1795743f43a4dabeacd75603b80040591f6de364fa37255b9e30a2db17004275a3883216ac54555629af3d5afd93109a4b4afa25a6e658a8e13744f80e0f2403

C:\Users\Admin\AppData\Local\Temp\2649dd82-1ded-4e81-9796-5f115bae39e4.tmp

MD5 c1918d278ddb83dcd011ad14c365535b
SHA1 3ec573df51775358eba164a1118eaba31672b7d1
SHA256 7fa9ae7c6ca9c58808af096aa15bf76b6b4b7c676594b1381526a16cefa3cbb0
SHA512 da00922a434dba1c578666b01cfc702322ac446159382d48ac0f7a56ca33dda46bacf1ee7a8f552d930ecf86e7d10adf9a8fb7f85a535af891ca3c3d6f74974e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Secure Preferences

MD5 2565b7ae36af684a7fe71953ca8ad8bc
SHA1 b39d4e6b4394a0f74dc290e5baabad1a17ba7c7c
SHA256 2a41b6fe1e01d4fe474c18b7bb589cdb428e6db00c2226e7652d076e1085f076
SHA512 71005867d2231990f6f2641e5188a42b7a8e66959e50df56ede794696de922709e10d419f3d1f8958b86ff95b575fb94289d4fc79350d1576c95d135f7609e8e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences

MD5 3e287292fb1051bd51c069ed02f31850
SHA1 bef22c3566241829577c1429dcadfb844ca89418
SHA256 de0946cada61b93e649fa673773a10fab3652882a42290a64c9cd8af2995a2c2
SHA512 d20b462985cc52dd8fc49ebc0f1eedc3cae4f68506cb297a3c26b98fb1bda7153aa3f3f1c61aeffbf62ac429da4289b80cfbecc94b4c7a1fd827b7b48e534e89

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 12de6ccd4d214ae620192b0978de4caa
SHA1 ead5ad9b9bd9a65f595e9b252b99fe35f376082d
SHA256 e9fe1521374729f7adc3f2a4d104c07b360c6f2c9cf7dba700da89269ae5d604
SHA512 b1fd3b603335399fbbf679f68a9ede771f6a2ad38be7cee2a9c779faa4e41ac2de8d1357d8fec1984ccfe37a6c507ae7e83ccd32035e4d63f71c27b3a66d0fd4

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State

MD5 91c5dc72495caeafbcf609d5132aabe9
SHA1 31cfc8601a224f4f413a5c1bb64e90b240141e97
SHA256 eeceba9087cb674f2520767832afa751cb60f7e74f59546e162e8b05ae931648
SHA512 d8402afecd728c42f205f37508f125ecf31a56728fc6a906b25325a639b95d7491caad13aefa47f6f6c238874e24f4ed167acfb9a85005980829e74cfe9a43b9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\Network Persistent State

MD5 a13a23c0daf7932ebd27001b9f64efc8
SHA1 ec4a339e556d726cb9099ae8a813eb5ae51e0ccd
SHA256 0b9581f264eaaf05522aa2f1cdfbda65d7f14442b1001030a7e96243f5542772
SHA512 2ed107c15b3da49d639f03f4870eaf54955cac91097aa2a418f21c7f5f5765fb044bd104b77c88fcb87ea0447a24b7c6b685f651aff40d445fea4ba8fe7121b3

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\IndexedDB\chrome-extension_pnhojlpkdnfhikpofiijpojgpejkdgpj_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 e56226fc180e63fec13d2128e7341dd7
SHA1 e2f83be704c3c35376c074864177946f4dee45f6
SHA256 b7a75267b4c4484cfe846b1564a5c276a9b76aa4744f98437be639164c583a4d
SHA512 6f7353eee5c5f7f23dcc31b6d876b7c72671b6f9f924d84664e9c367748c54d32a0c235b9f03ec497d88646a130a39fe58f29cdf877def64d29b60ab93151d30

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Bookmarks

MD5 c37cfb5ba0ef552b5bd30021acdf8c71
SHA1 d187d14ecc0f07daacc593f738b8c8d0c7885f38
SHA256 73f7a29a215e24a99ee06c95fecd3c40e15ab8e700e995f67558ee936764549d
SHA512 be210db9cd672a8a8dbc734e1b7fcefe782dfbf33804aa1490d2529fb0741548d85a9cd464e488365fbbd002f5f1995efd248bcdb897f6b23e06f360c01b27f7

memory/6988-7300-0x0000026A2D120000-0x0000026A2D1CE000-memory.dmp

memory/6732-7312-0x00007FFEEF8D0000-0x00007FFEEF8E0000-memory.dmp

memory/6732-7311-0x00007FFEEF8D0000-0x00007FFEEF8E0000-memory.dmp

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Crashpad\settings.dat

MD5 fc4ac6888f425c73139a49d9563df31c
SHA1 4f63090e698629e7cfe5d104f04430d666a45c69
SHA256 421a06581dc11f194b9eb40a46aa336669dcdd2e911b2c9be4dfccd17222d6d5
SHA512 f492a65cbee1e7ea3b43209f64722f2bc06a23755e24d45e25b37113975fc3949975cda652bb58a7f46d4b7fa9ebe38b58c9306711604fc1dfb69a9eb63a20d5

C:\Users\Admin\AppData\Local\Temp\nsp3B1.tmp\sciterui.dll

MD5 f40c5626532c77b9b4a6bb384db48bbe
SHA1 d3124b356f6495288fc7ff1785b1932636ba92d3
SHA256 e6d594047deecb0f3d49898475084d286072b6e3e4a30eb9d0d03e9b3228d60f
SHA512 8eabf1f5f6561a587026a30258c959a6b3aa4fa2a2d5a993fcd7069bff21b1c25a648feea0ac5896adcf57414308644ac48a4ff4bdc3a5d6e6b91bc735dc1056

C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AVG Secure Browser.lnk

MD5 c19935d75d5157778ea92855718b7ea4
SHA1 4d23dc6d0dd75061287a64bd325763fe500a89f5
SHA256 fa9e74949d491a312a1ac8f4497a12925758f0e17007d202595c952f8ae74e1d
SHA512 221fc510c2d8a7852f0fc2802bafb5153929405c47186744b7b45f8ef2ab090b64b03ec06e961742f87305f15a9981625b430e400caf499e05f842537b073a6d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State

MD5 e80be80e3d307dca3182aae808b4c73d
SHA1 17f9c39a5602bdf5c0b37a7463831d40a8c63035
SHA256 6c577b13ee4be55f5ea3a21a0c87cb94516ee07e361dff2df47239b8223a4a68
SHA512 b07eaf43d64aeeebae00858df725c39b490c88577ad457ef20f9ca42d43b2ca09658751566078b60c9873f0a8e4a3ffbc42601b36794af09cacbcfbf79670653

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences

MD5 aa43093f0dca257d02dddc3b0df457eb
SHA1 920f8febb3e5ff225890eabd5d24f3b41b98d788
SHA256 0c8bbd9e3e88d1be99095f22ddb35a0321f491a1e2e9cd9c8ac39eb2f51bfb75
SHA512 d47a66f2b94a9197e0392d73919474fc991c4ab7311ba3de9c29467f7ec8ff8b891d26c7ad66a8420436c4fa362929435a08318466fa9a617f45cf0cb41491df

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Secure Preferences

MD5 79ded91ae065345303bbfac97fde95f3
SHA1 66c1e1228c6314d4e7d00687a81cd38fa50e98e3
SHA256 70a56e4478294e121fe18bee9933fe6f8874415dd093d31e19445c2a64c3bcee
SHA512 e1ba387e1839a4ebf0475bcab22c4366fd807a1f572dcbccd0ca6c07cb1c9f6a90d6a77d1015e151ea1574e2590984420eaeb681fdd2bf37d97a3b14a1b2a1cc

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\CacheStorage\26cc8f430c37ca3e66a8d3408a02dcaa5fad402e\3c047011-aaa1-4491-913e-79d126658b76\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Cache\Cache_Data\f_000009

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\TransportSecurity

MD5 055265978ff64d7e62a047fbd418504a
SHA1 7bf1a5088ae99c8566a188c0a1a2c8dd763e29f7
SHA256 038a8c8f895cb6073a4c1d1fe8b6f1c1f8c737bc70abe0f8a86a114247d38b89
SHA512 23811b43aa5e98b675c71818f4c2bb5f1f4a235d52fff574fb96966c02c4476795edcb54c073206ba502565d3dd97bad3f174079e2ab2526776963af19836250

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Cache\Cache_Data\f_00000a

MD5 ba127502f531ae926b1557a30f10b0a9
SHA1 7e762860adb2505a86e84fa640f196eea4c0a231
SHA256 e36566828836fad82b51b3326bd8ded69cc4ba8db9c43cfa0c412258a8369c4f
SHA512 a41a4983ff25abf079b21f1c8fbc15d604a965e88caec0cdd8edf066afc26652525d6ad214ddadf4789368104504a26b6c8b72910fe08cb7bc3d92f9cbf5a9e5

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\IndexedDB\https_onboarding.avg.securebrowser.com_0.indexeddb.leveldb\000003.log

MD5 e89cdce0206225053409d374abe8d3a9
SHA1 77c13d74568e82e106fec8371b0bde3b9f639da2
SHA256 2f23546370cad47e13fd060ab480d92660ba176d6910e8e8ed1dfe7456292762
SHA512 02106797825ec14d2a85544b833c0b80b455022647ff150a1f6cf7141dc87ec9d10f78efff673ce372d9b68a017be4c110f8aacfcaf7d6257ff50fc9b3923b30

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\IndexedDB\https_onboarding.avg.securebrowser.com_0.indexeddb.leveldb\LOG

MD5 fd8f28198d43b176b2662781175ef899
SHA1 54b6b836b63f469bcbdf121da70b23e2156296ba
SHA256 7817af3c10a9fb44cb684010a0123289b22c51def9900a215fe04537ee559946
SHA512 50cbc60220eaeb2741c1b4d03915d0a53799a3b44241225ac5bc650ea0b4a5a7dc0bd9b8227f135ac30323b9b29db6453b0af833c3a71ba80fddb05adaf74968

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\CacheStorage\26cc8f430c37ca3e66a8d3408a02dcaa5fad402e\3c047011-aaa1-4491-913e-79d126658b76\55b50922305fe925_0

MD5 713533856cf6b00b7d189fc61e940d06
SHA1 a3614c7990d6dd47f18a9d615bc2e6a97e6ba4b2
SHA256 ff3499587cbc66999659d3b21146681bfdd9853fdd5b4cc3798ed5a9302656a6
SHA512 d178e662eaa99710018f5eda91ab647613fc391e43cfc2ee51cbb7993b59beb3e4a68c0af9d5189a3e8329b1ebb0f16cafa298d49e35107aa9b12ada24f1a1b2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\CacheStorage\26cc8f430c37ca3e66a8d3408a02dcaa5fad402e\3c047011-aaa1-4491-913e-79d126658b76\2a192e7f487975d3_0

MD5 836b1fe8b69af43d1eb27fa15d31244d
SHA1 0e6ba9a5a9ef3aaacb04ab3e349bdf26d37333f7
SHA256 6b7f5fe3bfd2da6d17851d2d229d34479007a48d39dd9b00eea31b3b6f501dc5
SHA512 f48c2db8901fbf4d11d43d53ee288993b9f578fe75e2b11faa4c803d3cb9a71f710918dcc4b5799a0a7d6ec62a456f0a1e0e4492b6528079ea789c48214f8553

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\CacheStorage\26cc8f430c37ca3e66a8d3408a02dcaa5fad402e\3c047011-aaa1-4491-913e-79d126658b76\fa8b14d84b6e78e3_0

MD5 17a553a03c4394a89454d445356bbb0b
SHA1 1734d8246ba8c7ba520f523170bb0e57c15e0882
SHA256 bce612b264b7b34b7f32ff19952d6e8229dbccafe344f2e6706dcb657bd9486f
SHA512 4452a1e936d8f200de62e71e459012e0eb0de6cd25cfdc22662a8213316263b1713902a0af315548909fbb58aa9b2cc1390a4009abcb39cb922f577e21516f83

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Cache\Cache_Data\f_000008

MD5 c83e4437a53d7f849f9d32df3d6b68f3
SHA1 fabea5ad92ed3e2431659b02e7624df30d0c6bbc
SHA256 d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
SHA512 c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Cache\Cache_Data\f_000007

MD5 115c2d84727b41da5e9b4394887a8c40
SHA1 44f495a7f32620e51acca2e78f7e0615cb305781
SHA256 ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
SHA512 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Cache\Cache_Data\f_000004

MD5 6cd36c5943c62b8127b2c8f52593faf4
SHA1 8ca3d2b1ccfb1a78db379db1f958965ac04e1794
SHA256 9f5686133b04d28cd2f22dbd8fac017c25ff1878bc93009ca5a8ed3b9f2322b1
SHA512 1e2590e08223c262521bd3b2f3e9f223a0bd07318db111f9f4bc292c9926e3bdf260400115af1060cae41c2b02a126d41fab005c580aa6825a9a7514c8bb04b9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\fa813c9ad67834ac_0

MD5 8191f86dc44f15c28ffef186c36b5adc
SHA1 74e955f27d4ec036f20aafc3f696f7d1672eb2e1
SHA256 cf297a0c6ea9bf1cd4aec81f73e191abcb8595617fc11d8d89ae88bd2a290029
SHA512 e91607858d228f0cc20ad69ec7d94db1ff7827fa783a0d7b9878c50c5e3d97ae9d1920ec9c55b1ebabbd697dfcc6aae777c88baf384a916415f234e1509b809e

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Local State

MD5 6b693c275cdf315031d1019ac8ac9c09
SHA1 fbe1f1f045dedb51a65910cb2f5923f5cec06337
SHA256 dce9a1eb53efe4ea8ed0f828154a7a236727c80684f707ee5d59515ca2f88cd0
SHA512 40dcdde9651823c531efca1abed45098f02fd270953994f8e5b6477048c9ae09eaa8586c24f4df1dcb64d8fe6150a1f9742be6e4776b3c6df7c03c5598174ed2

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Preferences

MD5 4920c22061da2fdda075464f17993182
SHA1 8fcb0f42e058a9bda4219f6dd9ec57ab1f8e1bcd
SHA256 1fd3ce31690e50e197d32a86acdb625899ce5ba66554c566f793ff97982afe7d
SHA512 baa59fea815113d4b95a5b0fc8c23c7119f5a0dabf2bb0519921d47f55edaad50d1b9ee5356cabd17a24ba79944dddd9a86d81d3887896ad79d3f9f079fdb028

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 cfc7a40798a568d3ebbc87ae16d929c9
SHA1 b002fd7783dfda2567ea7bb8641c75c2755aeb2b
SHA256 68871bb5ff9f2572478d3d5bd04ba9690f4c83cbcabb43802eeffeab668c80af
SHA512 02a45d23c89607d8f552aea72c76e5092b4c59c4f49a82f2522d55cea26f00e27dca22e4adaa75bb0a643576be606a3ad1395436b0905d9ab5d28ee8c3a7deaf

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\CacheStorage\26cc8f430c37ca3e66a8d3408a02dcaa5fad402e\index.txt

MD5 3b3a0f6e4f68f9f432a48773d6e83b77
SHA1 e8c7d400a36eba1f13080498257b142e8ce4e4e9
SHA256 55f5cf3fbf45023b5523cf0f4d87c3be6bc4e1691735b645a5bfa7d5a61386a5
SHA512 e6c5632d2ab0c6f63ab4eca6aaa676d920ce2dddc6d8796f8671cd1eafdc5a49c594b67509577a32517a8fb0925be7d8f95825bc2d0f6c36e89249bec316104c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\CacheStorage\26cc8f430c37ca3e66a8d3408a02dcaa5fad402e\3c047011-aaa1-4491-913e-79d126658b76\index-dir\the-real-index

MD5 0255b776f8b4b184d09bfa03ca216b40
SHA1 17048fd0ea49e3042448646030bc33718cc4aba6
SHA256 d764ff39a2f0ef342493931af90951b41e2a904258bd5e0662ed8e4c2f4f6803
SHA512 20423f4a97a2d18d196db650b6ff645129a1a7dde5ffb8f8e2415cd4fef4b7158bccd71f621008cb2378c306f8498ca705ce7fb909cd1f5e65f6e483c46601be

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\CacheStorage\26cc8f430c37ca3e66a8d3408a02dcaa5fad402e\index.txt~RFe5a6ad1.TMP

MD5 203e3d8e5dcfb3021184e0d6bc5185c2
SHA1 bbb49aa81af8a8fb31c7aa9c0fc62d32edc1dac2
SHA256 2d2c7b506bf0fec31371ba1264ec3ceb871b514564d02249425d224b04ff1b5e
SHA512 40f1b22717873ec28d4b06c883588ed197c0e3a8983699e6632a8bf2c194429b4211db03b61d93f8cd5a3f2ddc3afbadb3b86209f3fdd2c37b2ec65e0df205c9

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\CacheStorage\26cc8f430c37ca3e66a8d3408a02dcaa5fad402e\3c047011-aaa1-4491-913e-79d126658b76\index-dir\the-real-index~RFe5a6ad1.TMP

MD5 b73c76bed21ea03f5b798431292242d9
SHA1 c64b2666d8abf14d012c97b0e06ec8dc96997646
SHA256 b530bdcab7d1cca051b57dfa21e5942e737c9d10f9df1f2aaea1d33c0ce4e11b
SHA512 241dd68a51f7ff80fa6cf62de7b66a2009dbb70539b932c25d7d212b0cc8a35a38e6d11db7e49c6e63935c0cbfb0f4685a55c15c6085dbead5453a4672063a6d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c91a702c1aa1caca829617969f6e9566
SHA1 5ea21ff28231b58c2b573cfeff52929845ecad11
SHA256 54167f7f5902edd5e5f0d8f8144778e118392409a3ccd78afd98da0e7bcb959f
SHA512 a4e26282664906bbc5baf2336dbb33753c24d3b7e1a828daa8ea13a9741415613f6e5df667ea5e50564d63613acb1d6405575979b554281f1b27e5da64b7d134

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\TransportSecurity

MD5 051d0306918a5f6ba62bd2445dac75d0
SHA1 56ba315bb08952a6ba800028f1110197894caf0f
SHA256 e8321b77e125595fa5fdc4162beeade087d9d88316190dd9efabc873816dd79d
SHA512 64700dbd099cfa9663bbe1f563e90f48675b992860eed110cf7fbd86be89b2588e932552662237d288efaf913c859f2fab138546a9b85aa097a8d53b6438dad6

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\Network Persistent State

MD5 4e11c6538ed3013fe70b0d2042195057
SHA1 dba92f464752e3a5e38fec628ff13981e46b2a5a
SHA256 45d6dde9164b21a5ce19d26543e9f2ab71b2a52852076228847e8a6219714731
SHA512 04dbc0eb1c74e69b351835db7b37e23267f6fe06230138b68d95c6bd7c32e8afff50b4300ab2f21b7f55a44333cffd7777adf599e3818f0576e8abb1ecdda0a1

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\GPUCache\data_0

MD5 96ac37679b8695e7793b5848a6d9fbde
SHA1 632a6c5475aa59787d749bca0f513ac7958d6231
SHA256 c6f139ab4724e4a4e15f45c1d6cb4a455b5a162da73b49c354f666bb35c2b352
SHA512 6af4560447034db65f758881e6270082ffdc67d19b808e404ebf9ba44740976fdc54f4a123817c7520501f69751d726c42286d1f8c71e1dbcad2bcaec6deca83

memory/7448-7954-0x000002591CE30000-0x000002591CEDE000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 57a7b8b29d0732fc783950ae1f6e0051
SHA1 06c683a2817f307ae84cac5da4c4559e8e9a5c73
SHA256 8f2974cd8cb97c4400926f2ca8324c08260f92a87a30c8b6b1d81660f5571222
SHA512 6072bfc17372e9389117c0ad0a8d9a54cee5c7fe1e9e1786dd685f977b416e943a54dc301d1e39e25694002421db66975e2afbf758a14b6154e1ca0b0b89868f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 6e50057ba3cc6d9f2ec471e7ebff91e1
SHA1 9d020b7123134d48414c57571ddc6470764d19f1
SHA256 0bfb00343e27bca9e49c329d9348f6bde81195dff7fd3ed8a10cdec9a3726f27
SHA512 7b9f1044c433270411dcd7cb543a67354451caf68d0de3c6c0a5bdc38d9cf1653d801134a3b44d63fc0f5e2e8b0a6462ad4f75d19a1bb94effb77e517aa9f1bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 576e8123d9b9a48a6d37ed1a3c003258
SHA1 15296436d1d98bbebf7546c321c8429a83fe1423
SHA256 1a9c83fea63901a3e649c4178d5aa499282e18d12a9eed0228c8b79a748a935c
SHA512 d9f9c88bb6b6b2071fdc4c532b37ce10cec3573edcfdfa0ed1a5eae8f6b07231dc5bd4dab59268f13ce632c154fd1026da91ce3efeac0be65fe8d9e139a4e4aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 e1fd846710aa5e77add9800906d17ed0
SHA1 2d778c0601d18e7fd3930cbb4b0068b6eb3a05ec
SHA256 00b8d8ad266c164444fb240a4b07d4316020c74c087e95d37547b54ea1051772
SHA512 a00333708ea6f9efe940e8e5ee6ecb9b74063279238beb9cebf4847023a3f94cce34aa497f8a9ed99570a5407eca3adc9f469afd3553c71e6e8a05be83026341

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 7bd430c36032cb0f25954a06fca2c166
SHA1 11b7e93740c9e922c3f120ede9d58a5e67dc8009
SHA256 2712dac065e630351237b4a87265dc0155573996477b066e2ea1f864272f00a7
SHA512 31544cfafa670706b4209744a18e0795ab42c6a591da639a758fb563dc1966136bf14be75924c7ccd6181be3ee2096ec2f7877546093f166ebf9fd355d89e79f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8d95762bb9f4d333_0

MD5 ba6b984cd81a40f1b215ff54abe6bc45
SHA1 a3f92a2c8020cf279a21d9d0c0b670403418d8a3
SHA256 131bca84bb449b9c0bc0699edbee6f080ccc630d671bb05bcaaf93a3d16f3322
SHA512 366563bdb75fcc6b32aa6b02390726a5d4024210e75d3c939e1320de69fcbb9001eea869c85352ab7b5b6cff47586a3781c5a6d47b4858c00802c1ebea9061dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a0d52a1d7defb44_0

MD5 a2ee56724df13f7e53dd3a47815bbebb
SHA1 62908e04fe70469c564d8f7d614ee520390847e2
SHA256 486e24a7c6337964afe85e6643959532958610cd4ef514940820711b1d6f4863
SHA512 1571cea5024e1be53b1c614d8bb150e82a1e2bdf66fe1328d2fd4a3c58fed91756c8477eada89c60b502e25175bc1851c8e0384f4bc94b965c839df799095866

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 67e30bbc30fa4e58ef6c33781b4e835c
SHA1 18125beb2b3f1a747f39ed999ff0edd5a52980ee
SHA256 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba
SHA512 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 6a424d6cf7561629977ab52326a1c819
SHA1 6f934c83b285893d61b1be131ef36a0637b7c4f9
SHA256 9e5a2852a7abc48408728d072d5d15850acc1d11bebffc04290ad8e5d1b8df0c
SHA512 2f78a9777fe94e07041936580a1e931b7941f60cce529d8f8701d6cd211d21ebd428022a98efd6cf6ae53b4d733576f553459e2acba9dc398b15a0f8304e9238

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 05f9404d8763e35ec2b3716730cc921f
SHA1 c072b6029d6e442cad08967dd40d464170585f5c
SHA256 ede9ac3d32037e0c7809d668053c1edaa6759ab28c528c934d4a1ab02aff43fd
SHA512 d804dadea4f0ee34a69a4cb5772048a8925eab2bc9aa60a10fc4cd91d999f179d7ef3c5745c2f8225565e7e4ec9a9b4bca50af1ba9645a3303128a19dca9e703

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 7bba66aea5be3c4f0ea703024a2234c1
SHA1 1878e925ec6208a13a48d838f279b0cc6262b802
SHA256 952b2cf5043021eccd156e96e10ce27b06194233df415da3ec9ed5ca37994e83
SHA512 63e314953c7f6e282dae2b9a8cf0e83fbdcc54b3f7af08cf44b22271f6373ed8106229a93663ba1b953880bcbe49d7808b2f6edc1f7b278fb9c9aaa86798c33d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 7651b1187bb58ac4c7be625337b35e5b
SHA1 307d969ef4137a66fe2793737dc1c546587c7f43
SHA256 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968
SHA512 a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 ca02f0538fb4f32d9e8af05e49256b32
SHA1 18c32fbd2c4d50d23afedac285d8c6cf429d5cfe
SHA256 3eba2798fe3c48ad8c745f120a8295164e00d7273586287a743a3229921f88cb
SHA512 a18274adca013b0661d17981d8c8a9ab3cd9367ba904be1deab74ddf0948963827447d56529197b0c30a74cbc3ed02b9bfe5f674912d2d1e71d6530e63d5c6c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 f1f7ae4305e0a4e9f616feca1df4f2e7
SHA1 ff6082cd86482e8d3e20833bcdb53be5ce39e7e3
SHA256 359b152369117091eade03842ac2e6b2e0a707a3706518423e7542138beda9c6
SHA512 62c92b2846a41ebc8bfcecdc3808c050b4b41ac5eb841093049f4e85d22c3881a38571b0e84306440c89f3373becd4dba43f0383fdf889515c04ed0fb13d2e85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 8009157da4b9f32f071a1ec1e13b0230
SHA1 dfd14bfb8f3d04cd8c74ff127621c2c8b14b42b3
SHA256 7fa598b82b270df57d53b3169f990c1f9f4a9d5d6b89918fa0620333c283dae7
SHA512 f7a0c16209b79d82e327ba3df7ea5888a23f7a4ad99a1ce13702be2ca634215505dce66d469e6e13bb49fe3b75eca8d0aef5a915116a2f5f20e88d5d8602eaf5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 2f3071256fdf2daceb149ef5fefa4f01
SHA1 19772b631273ef6b694c96223a8fb38ff17cac9a
SHA256 f4db6c49d0d6138add1f2a261500a39bad178272b4a7c96eb25c50e6d47bbcde
SHA512 400beee6469fa6c0d2b998502b55d31a0a7d13aae1fe44ffff92511f74c2598619dd676adc9249d28275cbfd67638b18fa15324a5bc9edf0fa960985a95bf875

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 49df0e8a07ba9e975f5ff87fc4fe1ddb
SHA1 1045191878f0b704091002c20f3ff09605f29d2f
SHA256 f27fc20f82e9eb56f33d86452ff47ecb06710e674021d6834ee124e50ac9abff
SHA512 eeca2bc6e28358b68206cd7713b3ba82b11900c54e9111a1e538016061428159568e592ea37ffa3413c09169f7f8f8086f82297309451deada807f55b2d4becb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

MD5 4c31d299f99eafd24e213cd3b924148a
SHA1 e6a5d53d1062689f24d81beed094ed7551f8b0b0
SHA256 f1d54f1337cb38ef695a405ce4fbf53f1c1fa4cfb2a784aab51c201fd4d5413c
SHA512 44ee36d9e367a034d1c7a69be6ea50791f0f6541227fe849f9d86d7845b6e847658fba4b10d212018a5d2b9bcc4a4ae7722638e9153a53951f8de41fd410cccb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 d155610d38d34dccd977ac213ab42e1d
SHA1 a343e08abb19f7d4110c64de08aee504cac318d3
SHA256 6ec5dee6a9dfb42ef97cd410c2e3387f53d2eff7d1fcf159f96b5ab129036ab5
SHA512 eb735bd87238215d54613f6065e61d48e1578908117af2a215b88dbdc3c4d155cd2b60e035ff2cde17605445bd89129de07aceb74ce8c16dcd355e4214986c8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 e2fcbbb49a8fc967a115b3254812afdb
SHA1 60f569930da75002a4287c18390be304a890b1d5
SHA256 e2da7b47d1ca2a5905ff327d087c7e4e6a79efa7c242ec7d9525cc326b9314aa
SHA512 9adeabd2df6d89bbce392e0da61ab7da7fc6404f5ec8a8917eeb3b27d6a22a1843f974cddabb4f77747f8727f79ef8afd7e1612361b18030c9e25b469647d0d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 0d4f6557225753028d5a0fc3e7127108
SHA1 8644e78e8d6d79333298082369f895c73aaa56aa
SHA256 59d7c1a374dd4059ea45f5d70262accb5410f776e66fa0d33ee7ea717d97fb1e
SHA512 6a9bf0d475534d73713ddf665788001ad19f7ba49db2fec9b6acacec9011a9af5a79bdc32adb51118f871d2cd02cdf4fd3bd41c22ed02668420bd7ceb30d88d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 2417d848906108e7edff03307bcbcc1c
SHA1 0113ff684049f5c79bd42947f483bfaac60b9838
SHA256 8dfd787234227c30550ab4a34391babf12f743ad7334c4976526e30cf06558f0
SHA512 3c11e802b91fdf1cc0331587ca383ffb32ad10655e3bb40fb0f98a328fbf456f4356da74eabb0b74540e3c90b676728136d0b47f4d957b5e84945f731ef4f21b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 74d08f3e49a4210f66236f4e84564a65
SHA1 fc5232cdcc3689d1f26ddf1fd9a0d567b8cd4bea
SHA256 f224b59ba25e458e2dfabb559d1e338019bb0f82139768561b03e42d7ebce7e9
SHA512 ac233a8d6a6b0a2894c89b33b7c159acb1084a06d1c8956a337e1c235c74f635b42cf95bbe723b2359b3b8fb09980dbe17f11e46f777749883af78cf5885f175

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1912509cbc5852a033b73f33afab70a4
SHA1 badd2c079f50dea4605d8fb795ec03df23fc3ed8
SHA256 5d1f3920a039aaa4acc2428a0edd5c540d9a41a1cffaea7e440639d75b90339d
SHA512 0a8f20a222faa6bb553fe151eb936f593a468436cb3f3e31e2f07a021a09f8f5ed27867f0d0fab9794345e89959c6d0b6da9b818143e58b1ae664da80df6b32e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 57261fff31739e824dd42ac3b60a8011
SHA1 7f729dcafcea1313a68329c7ae9fe38c76a6ff09
SHA256 536b2e1d29f9df37d4b40067a0026fba8577e91edb2e1331995b69335c78c043
SHA512 e4a6c5170bc50b87d2803deb7123b281b4296d6ed7239b179c8256febe373165dfa89e6507e8760e57e7c0c84ff662e8fa1076103e1ed7eb77c6a259726198d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000066

MD5 ef6466ff0982f49d4767bc3fe324e6ca
SHA1 a38515587090ca3e995343184b5625f6afb31396
SHA256 9a1ff99f235a6f3c46c7488bc0ed43cfb06ec6553b60e114dd7127e812c6a5e7
SHA512 681f2688778ad67b21a8d9e8e90411914673134dc39cede4f9fcdcc9d33fa99fe3a0f8c4949c68748cc92adeb8a55a169b7a610faef488c5821a6c886fba17e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000064

MD5 05e9679509b61424a07cc4d4efb7247f
SHA1 db4fcfac1d89c7e4f0bdbea9023034b64a9dbd81
SHA256 31798b2630a882be758010dfa51b12026c8fd81f0e4068b38fd739cac78cba0b
SHA512 1cbe7343e19b41f3f116a93d598d7b67779d29c6bc0a7b086d112dfcc76fee60811290b67b5d2561751700be483f6cd460b9b4c8325397813314ba064e4c2208

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009b

MD5 1aca735014a6bb648f468ee476680d5b
SHA1 6d28e3ae6e42784769199948211e3aa0806fa62c
SHA256 e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
SHA512 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000084

MD5 91754b1113e2494f53cd63689ef38101
SHA1 c16c1f4b9c3172488fabca328126fd4feede7f95
SHA256 6026896c47c91beec5296f0477ac2cc08e63a7004fbb55b955d78b29da123384
SHA512 ddfe21ec8aa28fc5a76be0dd12851eb76da5a6e2b591c5659972ea978c3033b3e95d9f89426f7fe8b70edb1701be5a35b64176a87cca6412f4862707da6a4efb

C:\Users\Admin\Downloads\Unconfirmed 406079.crdownload

MD5 a64bd549d95bfc8be592833460f79fcc
SHA1 0aeeb9507ed39f14d82149c56011ec3aaed1bec9
SHA256 d285b5242f4583d49c63a7c7f83a72f082ab395f9eaff674ff56c8d2d0fa063d
SHA512 767bffb8861e81ce61cfec5b0462f6a62cf86d9fca8411126b6ee3f43bc7fccbbffae8fafe293e9c227f297d82562d70940b441f9d541e35b66b972f2b79fdae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b78b5c16b02d4d8e38ce5aaa33b7776a
SHA1 d1a048931045f2178cb1b3110dd8dcc653ea3e11
SHA256 cc2795e2c88d5fa33b2910405f4b01038614d1ae656b6d139d9bda9d30804184
SHA512 cec4d7e1fd2efb066df90ef329717af646f27ece1104ad9b22b22ceee4862586b4deaad329f0687024d128d849423b9f2721d29e7ba0c6b45e9dd21e6a224936

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 aa5e78de6b455c70f4b54ae0b521c21f
SHA1 44149d6e4c84746c6bd3b3fc734456427f0ff32b
SHA256 e1e348639eed26f65888cbe513d1a8020ce894444e438a00dd70289c60527657
SHA512 d7053e92d5d1fd2c4f5d830aa1e76ab7f8bf73ffc2ddcb70733b8a3da61ded310c952d90d67f72f0f3f461da06dff126d00ca5d945ff2d526db1a071d8fdb9c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a7fdf8d1dad5ccdcf4a5f3cd99ee255a
SHA1 af664e96b89fd65f54cf98ed0b44c45e74978162
SHA256 9ed784f8db7b9d360ed636af3dae5ebb885d7ab18b26e048f359b1101a8ae296
SHA512 3c80dc4a45f09d56e44686474c6f2c6aeca63f4555db15a2730a4f835f2c9cdd17d8ac0072fdd3236404bc79667be7e384540466bcde916a5d7cd5c30207827b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d78947a5d8cdb387d5b6b2b3ddea35ec
SHA1 c631fbd6f88799f6c5dfb5c06c66d1ccdd128896
SHA256 9c5fb0a3d968fa4b8a47e08718020765ec302e803f237dfff2a5cfbc657e1fa4
SHA512 0fa53d6e21078bd1905f99447869b527d0427a53751b53c67e56a229be2e8f6b2d25e6c79ae42f68a642080fa89dffb9242c3d8295d9b14c6a997bfcf501d447

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e96439f909a627f438f644c2094e5126
SHA1 4900897dcee39ae1a733077dc26191df44db10a8
SHA256 3c1604648f8564c262ce3b4a21726d723ddb798ca17bc9b487f01ad5f2c8994d
SHA512 56d4839d6ade4239a03d64dd2f342d15e390e3d399ac02ddbc9175aa97463c0a4c939eb9c70914eb0b378427912f1b1a0eea94db800a08d1db620656e0053f45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 daa59dc421b164ba5013967e55b1cb81
SHA1 f3a800bb76339a1eafbcdcbad0d3e006b0df393a
SHA256 55eb77e6d773172f516ac6e77c4703a98ba90eee1760ea81a38355dcfda44a12
SHA512 1a3a3a0d0e96197f36159582de29d88d21fc6ef9c0a66595873bbac247de476a56e8aba720700ad25ba038bfc6c785ff3337d7ef49623372779126aa5fc84c34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 929b1f88aa0b766609e4ca5b9770dc24
SHA1 c1f16f77e4f4aecc80dadd25ea15ed10936cc901
SHA256 965eaf004d31e79f7849b404d0b8827323f9fe75b05fe73b1226ccc4deea4074
SHA512 fe8d6b94d537ee9cae30de946886bf7893d3755c37dd1662baf1f61e04f47fa66e070210c990c4a956bde70380b7ce11c05ad39f9cbd3ea55b129bb1f573fa07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e69725027a39dbdb59dfa2021cc0bf1d
SHA1 666442a4486724dcaef6b7bb6a48ba518c9d10f4
SHA256 5c53671e8a41bfdd6a87493c0f1350308f8e18a11d8477907b906bb395edaa08
SHA512 694cd8833154bcf4d617cb78da3b909fec0e0263ed276d3149c2ede266dfaebe52b2b827b609ea5105fac54ae8780720a9556bdc1d7b40802fae545aff2f8d1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0b57b9cb7bfacc18e9d887a1881113f2
SHA1 75cdcc4e7ccb417d616a4cd392f3f3edca0c1717
SHA256 da5c76373aa0e5cdcb874b39cc604c1d74792c50ac5fd9486938d731ab66db24
SHA512 a517ab83cb5c3908ba2d60e290e9dbca15d195aa8437d2f8a5cd43f347b36d49475bab5322a9ac4960eba334fa94b3f61fbd21da838b7e2ec9c08003be84fdcb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8c4a5a95b22d7b3bc11291d7c6d87360
SHA1 8fd6bf14d625a7ba679a5dcf6da980b2432aaf6e
SHA256 0414deeb3f5e0b39eed8f828ca08310c3a017d154d961dfb1f59ab5da9273a79
SHA512 fa16807a2e5ee2e771239fb9ff32109f7dc53e96e74bb4ee64f85cddf00ee518e2c16f08bf161d711322753b9aceff5ce8798b7468bbe746a2d1f5026df3633c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 17b6743977bcc7a7bb29fafc37f142d5
SHA1 a06d514d3d380b8c28696bba059c62cfc54deaa2
SHA256 7475e9358cc8ec5ae95b1b485ae0f5dfea9f22c375f9ccd1107b53025f71e3e3
SHA512 1696cb3834251d9f4c1a2bd5d884d06a5efe2b53e15834f9f78d60bfb186977abedb007a37eedf3a23b9347ee44853c1c715fa50faee04b9bc8cf0d3e712b5e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b0

MD5 aa521e4e4c27306805ee2da1706959bb
SHA1 f2d27a4dc1eee1b9abbc241f7c20678c03c9e775
SHA256 ffec638750b623b96d54bad5e22d02efacf39d617e92747f603ff21b57da9b04
SHA512 b964d5fe188619ce4b3aa1493588d501bcb464ff574d4ca3b3d8ad34709bb279b689d386ca2b3658d1caa04d022b82b86af01dec6d811bba8e0ce34fec6ea3f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a6059cd5254f23d360052afec9f52025
SHA1 d9fc585ff0cfa8d6bea7d03531002251fafa1e34
SHA256 e7a1b0aa68f13c794b30ac18432bcf83447e10b3be6880b4dc763bc58e393902
SHA512 4472ff5349e78bde9d455ba3e42b84e8080896cfd60b349f8ef1d6a4cadcb845211c5dc914b8d20f1fac099ac2453da61e1e1a42abcedd1f9af842242b97b57a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 58c0c6281268fbc15aabcbcb2f45a0b7
SHA1 5a8ec71c942ecb7f731fbe46e64c03600a0f2c59
SHA256 b6120c27e845a92c033a50061ce70ee213ed40da7f4f7a97c6a433fb30245837
SHA512 2a97c67cf52e2feafba99e226c7b59645700bcf31d3024d4c4c46eed6a9fa3b8d3064fb9a118b60f9b7ee5100c803abfcb343c9a187744de0a72f5f48ef7ca45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4240a0bb11ef3489d5e02ae0d7156acc
SHA1 1c63ebf23434e1674e504099927ea9c09a904171
SHA256 41bcf8308c725b0e6dda92bfec053c7ee044eb6e76436c71c8fa8cc88de681ef
SHA512 0e707771b632d68423e3c536d6cba906448817b9afd9b9c9a61bf76a96dd050686501a5810761060a969fbecc01572cf0cafa08b66a25aebbc1441a38e3ec469

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4fb9a830cc102ae54e46cef7a28364ff
SHA1 5894646caf2db3e9a0346deaa62d50d2a17e1aa9
SHA256 c52c0ebf7b8d30eeae3039302aaa5605ab0ad860394705655d3345951ec20f69
SHA512 5c4afee667447db197651e120c6c445090028fd5f412516b4ce146d3708c9f1820ac227c6dcff23607ddac6a8dae40d61c915752ce4d21bf3d389bc466567861

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b0f6391e87cb5fc7ef6ccea9d7dd817e
SHA1 0c23cf3b52b4b86660e0e6945b870ca770375841
SHA256 0a198df7385324824c0ccf3d8f7324f7765005a8119801e4e1f7ab99b6050fd5
SHA512 14e63621650c336757a7d7f892629a80f0703200741cc149ae635692da16bedccefb6dfb71d67d98f0c6bdcbc00fe1d20cf79fc039767b6db40344f16425bd6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1854de7a3fa31b7f6b81eda4bec99552
SHA1 f7ea0a1b6e8be4bc4af9c883c3828908f2aacf0f
SHA256 30766bdef1ad8c1c3f9a7b224b7050cea5b30ebd50384d3b6485aa25fdf0e564
SHA512 5aafed824b1dc61a56b5cfbbadb60c514f635688e6c1428c2bcecb9d4af6d2ce1c2fe1bf42fea341db66b756d6ab7ff790d65633a29f41f36e8c4bf429749e44

C:\Windows\Logs\DISM\dism.log

MD5 1599afc460408472187528d0d50f9e25
SHA1 db90f439afee45317f5688170d8973994aafb103
SHA256 acd2dec03662b7c16694a689f1c7a128ff7eab9ccca5524f274dcb9289abc85b
SHA512 ee62499b91f144b68c25e13dcaeb325606b2d1cb3baf2de4d7d829ac44b85524b899f4f54f4feb88316f0e6ce47be51dcd98b72cc73e4380e3bbcb08bc26e99c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9e218c5955cd9adade64eb26cf93f3ec
SHA1 9c50fd6c9768bd247c2c08a91a35fa136ba3baf8
SHA256 fe249ea3933a9e793bcd2a7751eddd7265d1e52500f57a0f7187edf0995e8cfe
SHA512 b6c9b633e777e0557c6fa18accc701478720317da087c6c2de9c640ef2027677f226e95b3aca2382a24c4858bdf8bae05d705f642691564be88519c8281637d8

C:\Users\Admin\Downloads\Unconfirmed 472244.crdownload

MD5 e88a0140466c45348c7b482bb3e103df
SHA1 c59741da45f77ed2350c72055c7b3d96afd4bfc1
SHA256 bab1853454ca6fdd3acd471254101db1b805b601e309a49ec7b4b1fbcfc47ad7
SHA512 2dc9682f4fb6ea520acc505bdbe7671ab7251bf9abd25a5275f0c543a6157d7fa5325b9dce6245e035641ab831d646f0e14f6649f9464f5e97431ab1bf7da431

memory/8296-10328-0x0000000002370000-0x00000000023A6000-memory.dmp

memory/8296-10329-0x0000000004DF0000-0x000000000541A000-memory.dmp

memory/8296-10330-0x0000000004BE0000-0x0000000004C02000-memory.dmp

memory/8296-10331-0x0000000004D80000-0x0000000004DE6000-memory.dmp

memory/8296-10332-0x0000000005540000-0x00000000055A6000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_ho1bk2qs.eii.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/8296-10341-0x00000000055B0000-0x0000000005907000-memory.dmp

memory/8296-10342-0x0000000005A90000-0x0000000005AAE000-memory.dmp

memory/8296-10343-0x0000000005AE0000-0x0000000005B2C000-memory.dmp

memory/8296-10344-0x0000000006070000-0x00000000060A4000-memory.dmp

memory/8296-10345-0x000000006EEE0000-0x000000006EF2C000-memory.dmp

memory/8296-10354-0x0000000006C60000-0x0000000006C7E000-memory.dmp

memory/8296-10355-0x0000000006C90000-0x0000000006D34000-memory.dmp

memory/8296-10356-0x0000000007410000-0x0000000007A8A000-memory.dmp

memory/8296-10357-0x0000000006DD0000-0x0000000006DEA000-memory.dmp

memory/8296-10358-0x0000000006E50000-0x0000000006E5A000-memory.dmp

memory/8296-10359-0x0000000007060000-0x00000000070F6000-memory.dmp

memory/8296-10360-0x0000000006FE0000-0x0000000006FF1000-memory.dmp

memory/8296-10361-0x0000000007020000-0x000000000702E000-memory.dmp

memory/8296-10362-0x0000000007100000-0x000000000711A000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7c5203b7643f1b97e55c72aabb513512
SHA1 059294bb9cd685905bf901a8ad0a00d7b39346ec
SHA256 c5360adb07113d43adc894453247eeb6897392fdf0cee14872e47b9c9ff68138
SHA512 0a35b9863cc31bb29fbc970b51965513a498a307b981a940db62f59b555bc94da23baa08da45388bed73a6144e8877f3debde603cc1704a11601d13cc984a25d

memory/6896-10382-0x000000006EEE0000-0x000000006EF2C000-memory.dmp

memory/332-10392-0x0000000006250000-0x00000000065A7000-memory.dmp

memory/332-10401-0x000000006EEE0000-0x000000006EF2C000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 99a98531f5c64b15af63724101a4fd4a
SHA1 19330f09908f03cb759ff0e33f3d825440085652
SHA256 dd026eccd03b3ebfee69ad739c4f821a5be533bc50a042a57fa2a7e882f33252
SHA512 e05bda3b53f658722f29c78a1a5cdb5bd10e67e4117787e01981b01e0e332f9ae4d9cf3abf090690f669b04f318357014491bf095449f666e9041473e982f354

F:\LDPlayer\LDPlayer9\ldmutiplayer\7za.exe

MD5 ad9d7cbdb4b19fb65960d69126e3ff68
SHA1 dcdc0e609a4e9d5ff9d96918c30cb79c6602cb3d
SHA256 a6c324f2925b3b3dbd2ad989e8d09c33ecc150496321ae5a1722ab097708f326
SHA512 f0196bee7ad8005a36eea86e31429d2c78e96d57b53ff4a64b3e529a54670fa042322a3c3a21557c96b0b3134bf81f238a9e35124b2d0ce80c61ed548a9791e7

F:\LDPlayer\LDPlayer9\ldmutiplayer\cximagecrt.dll

MD5 66df6f7b7a98ff750aade522c22d239a
SHA1 f69464fe18ed03de597bb46482ae899f43c94617
SHA256 91e3035a01437b54adda33d424060c57320504e7e6a0c85db2654815ba29c71f
SHA512 48d4513e09edd7f270614258b2750d5e98f0dbce671ba41a524994e96ed3df657fce67545153ca32d2bf7efcb35371cae12c4264df9053e4eb5e6b28014ed20e

F:\LDPlayer\ldmutiplayer\fonts\Roboto-Regular.otf

MD5 4acd5f0e312730f1d8b8805f3699c184
SHA1 67c957e102bf2b2a86c5708257bc32f91c006739
SHA256 72336333d602f1c3506e642e0d0393926c0ec91225bf2e4d216fcebd82bb6cb5
SHA512 9982c1c53cee1b44fd0c3df6806b8cbf6b441d3ed97aeb466dba568adce1144373ce7833d8f44ac3fa58d01d8cdb7e8621b4bb125c4d02092c355444651a4837

F:\LDPlayer\LDPlayer9\fonts\NanumGothicLight.otf

MD5 e2e37d20b47d7ee294b91572f69e323a
SHA1 afb760386f293285f679f9f93086037fc5e09dcc
SHA256 153161ab882db768c70a753af5e8129852b9c9cae5511a23653beb6414d834a2
SHA512 001500f527e2d3c3b404cd66188149c620d45ee6510a1f9902aacc25b51f8213e6654f0c1ecc927d6ff672ffbe7dc044a84ec470a9eb86d2cba2840df7390901

F:\LDPlayer\LDPlayer9\ldmutiplayer\ssleay32.dll

MD5 0054560df6c69d2067689433172088ef
SHA1 a30042b77ebd7c704be0e986349030bcdb82857d
SHA256 72553b45a5a7d2b4be026d59ceb3efb389c686636c6da926ffb0ca653494e750
SHA512 418190401b83de32a8ce752f399b00c091afad5e3b21357a53c134cce3b4199e660572ee71e18b5c2f364d3b2509b5365d7b569d6d9da5c79ae78c572c1d0ba0

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr120.dll

MD5 50097ec217ce0ebb9b4caa09cd2cd73a
SHA1 8cd3018c4170072464fbcd7cba563df1fc2b884c
SHA256 2a2ff2c61977079205c503e0bcfb96bf7aa4d5c9a0d1b1b62d3a49a9aa988112
SHA512 ac2d02e9bfc2be4c3cb1c2fff41a2dafcb7ce1123998bbf3eb5b4dc6410c308f506451de9564f7f28eb684d8119fb6afe459ab87237df7956f4256892bbab058

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr110.dll

MD5 4ba25d2cbe1587a841dcfb8c8c4a6ea6
SHA1 52693d4b5e0b55a929099b680348c3932f2c3c62
SHA256 b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49
SHA512 82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp120.dll

MD5 50260b0f19aaa7e37c4082fecef8ff41
SHA1 ce672489b29baa7119881497ed5044b21ad8fe30
SHA256 891603d569fc6f1afed7c7d935b0a3c7363c35a0eb4a76c9e57ef083955bc2c9
SHA512 6f99d39bfe9d4126417ff65571c78c279d75fc9547ee767a594620c0c6f45f4bb42fd0c5173d9bc91a68a0636205a637d5d1c7847bd5f8ce57e120d210b0c57d

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp110.dll

MD5 3e29914113ec4b968ba5eb1f6d194a0a
SHA1 557b67e372e85eb39989cb53cffd3ef1adabb9fe
SHA256 c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a
SHA512 75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43

F:\LDPlayer\LDPlayer9\ldmutiplayer\libssl-1_1.dll

MD5 e8fd6da54f056363b284608c3f6a832e
SHA1 32e88b82fd398568517ab03b33e9765b59c4946d
SHA256 b681fd3c3b3f2d59f6a14be31e761d5929e104be06aa77c883ada9675ca6e9fd
SHA512 4f997deebf308de29a044e4ff2e8540235a41ea319268aa202e41a2be738b8d50f990ecc68f4a737a374f6d5f39ce8855edf0e2bb30ce274f75388e3ddd8c10b

F:\LDPlayer\LDPlayer9\ldmutiplayer\libssh2.dll

MD5 52c43baddd43be63fbfb398722f3b01d
SHA1 be1b1064fdda4dde4b72ef523b8e02c050ccd820
SHA256 8c91023203f3d360c0629ffd20c950061566fb6c780c83eaa52fb26abb6be86f
SHA512 04cc3d8e31bd7444068468dd32ffcc9092881ca4aaea7c92292e5f1b541f877bdec964774562cb7a531c3386220d88b005660a2b5a82957e28350a381bea1b28

F:\LDPlayer\LDPlayer9\ldmutiplayer\libeay32.dll

MD5 ba46e6e1c5861617b4d97de00149b905
SHA1 4affc8aab49c7dc3ceeca81391c4f737d7672b32
SHA256 2eac0a690be435dd72b7a269ee761340099bf444edb4f447fa0030023cbf8e1e
SHA512 bf892b86477d63287f42385c0a944eee6354c7ae557b039516bf8932c7140ca8811b7ae7ac111805773495cf6854586e8a0e75e14dbb24eba56e4683029767b6

F:\LDPlayer\LDPlayer9\ldmutiplayer\libcurl.dll

MD5 2d40f6c6a4f88c8c2685ee25b53ec00d
SHA1 faf96bac1e7665aa07029d8f94e1ac84014a863b
SHA256 1d7037da4222de3d7ca0af6a54b2942d58589c264333ef814cb131d703b5c334
SHA512 4e6d0dc0dc3fb7e57c6d7843074ee7c89c777e9005893e089939eb765d9b6fb12f0e774dc1814f6a34e75d1775e19e62782465731fd5605182e7984d798ba779

F:\LDPlayer\LDPlayer9\ldmutiplayer\libcrypto-1_1.dll

MD5 01c4246df55a5fff93d086bb56110d2b
SHA1 e2939375c4dd7b478913328b88eaa3c91913cfdc
SHA256 c9501469ad2a2745509ab2d0db8b846f2bfb4ec019b98589d311a4bd7ac89889
SHA512 39524d5b8fc7c9d0602bc6733776237522dcca5f51cc6ceebd5a5d2c4cbda904042cee2f611a9c9477cc7e08e8eadd8915bf41c7c78e097b5e50786143e98196

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cdf5d5f535257c4698997ac2d1ae6ae1
SHA1 330c3fe52df6aa1f3eef85df1dcc5cd08e301d89
SHA256 5966d622f9d860c462c797d73c8fbb57c3ffcf48583129bb396f0a12353ccd29
SHA512 02c3e4688bb76f6a503dabc35ee49ce05910cb7b0797341e6451d7e2afbfa4d2cdd90ee5b1185f1b248bb061313360090b47cc2bf9231591f9d96fff65e76699

F:\LDPlayer\LDPlayer9\dnplayer.exe

MD5 fa2c08e402cc1c1fca849ba2e4eb56aa
SHA1 133dbe827d469e8dcfb792734f1fced97690efca
SHA256 bd6ed960624c4ffb99ce82611f23365733df329b1ff3216590292ee8034a4421
SHA512 d96f84f06784f6d2c2182301ae4437303f5f3ab8936e6e3512606c28cc99de268bd186a4eb73b092c1e54995fa849c38080a26fe6dc2b8c1e7171781677d3eb6

F:\LDPlayer\LDPlayer9\dnmultiplayer.exe

MD5 38f88ca4211fb378c41412c23af886e2
SHA1 7c904c5fdf84d13ffd47703be39380861b5a6a7f
SHA256 6b149b8b72bf3631111f0e7b95b4dbe2646b786a3de1b414110438927d3f9c38
SHA512 6ff289ee872bb96de9de4a3ef82d043f93542545f1555885bd4b6aa008892a8e3fd5f59eb4ed76a402aaa884989725168206aaec6582ea37bd556e7f642d681b

memory/7552-10521-0x0000000001630000-0x0000000001646000-memory.dmp

C:\Users\Admin\AppData\Roaming\XuanZhi9\ldopengl32x.dll

MD5 395970be72d1bcc7755f95a04b3b303d
SHA1 f4019b43fd95f1748e2392d5cb1aa4486aadbc13
SHA256 5fa3f4cb4f4f603bd8b9a538b54658ebbcf9198d99f2b0e1ce447322b22fb312
SHA512 2f4968b8564bd3bbc624a6838ec33de22413afb8711e08cc36b082863f4e146212c1b6173921ea110c65a0dc20b97c9e187a8ef006005711efcf4237db0bcd1e

memory/7552-10569-0x0000000036C80000-0x0000000036C90000-memory.dmp

F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk

MD5 4d592fd525e977bf3d832cdb1482faa0
SHA1 131c31bcff32d11b6eda41c9f1e2e26cc5fbc0ef
SHA256 f90ace0994c8cae3a6a95e8c68ca460e68f1662a78a77a2b38eba13cc8e487b6
SHA512 afa31b31e1d137a559190528998085c52602d79a618d930e8c425001fdfbd2437f732beda3d53f2d0e1fc770187184c3fb407828ac39f00967bf4ae015c6ba77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 6b995e75b084a94b9b97dd775abdf85c
SHA1 0046b2f518cc43dbb8874323d7c66276bb064961
SHA256 000ae1caad907383b60f9bae94ecc1ee688310190f1256ef19d07c84a375c1f2
SHA512 6b852f1340ee82777b38036847d6b0491194bd84a66f59457a1822a2eaaba8cc89ab53e554d15f164f554cf1391a76585181f33f58500d44eea553a25678426e

memory/7552-10654-0x0000000070260000-0x00000000702DA000-memory.dmp

memory/7552-10653-0x00000000702E0000-0x000000007035E000-memory.dmp

memory/7552-10656-0x00000000726D0000-0x0000000072729000-memory.dmp

memory/7552-10655-0x0000000070360000-0x0000000070906000-memory.dmp

memory/7552-10657-0x0000000070990000-0x000000007238B000-memory.dmp

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\TransportSecurity

MD5 922409cea13390d5ed9c584cfacab03a
SHA1 7762df649d5b8cbb9931b6e6ff54bab63dcc0ed3
SHA256 4ae17f53a07b22b53a2b755a34c1037492d4284653320564373a97dee6baaa9a
SHA512 c96ccd97e6c59e5ebddd9b60b1a58073fdbd8a03a49a778f2338ad0e8c69fc8d951de4cea1270f6ea446b6aada6310a3326b2eb6659106a965b81e234abb31a8

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Service Worker\CacheStorage\26cc8f430c37ca3e66a8d3408a02dcaa5fad402e\index.txt

MD5 a67b9c2f05360c0480055f3d26d4785b
SHA1 d243bfebc4aa06dc39d5688d6fbc491fc8b67c18
SHA256 efb67b73c1a3dc1efdad6eee6ae8dd361ed9f9f22913dc3108433931a96477e8
SHA512 251f1713ef1db461619bf6901107898e58d913831bd789b1ab6d77c6f1bf76ce121b5551b27042ba88d299cfae15da4778ab6c6040c81fad80d80a498b0cc080

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9f4359def6ebbfc05f792b950dc98d65
SHA1 4ab38bb70c3f01dfb3a6ddbb5053571922a9a4ee
SHA256 893a95b5c84412ae5d234f3b251753f42c087571d57d52d778c5c058116ba1bb
SHA512 c829ca80278a1ab27c35c5a009760c0d4c228b72c72027d44c45c1869c88a816402c7a40b246e72b35fa6ccca49318aaee64996b06ad40747d45c6484b712701

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\TransportSecurity

MD5 9e0946bb5b2468a8188367f22883c975
SHA1 aff990dc6c8f55a40fbd9fec579c400c5485dc36
SHA256 ad8feeb260083b622298e1c32ad89eb496132a3aac4d56f5edc7eaf0d88d158e
SHA512 373b1120ec457c9903e0baaf80fe87c035ee5900fd930e74db85a7da8a9db2726d479c6398dd0fbb86f3b96aa02ac072bab8acfeb3971a4576f10531c6847474

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\TransportSecurity

MD5 d60223e37b327ca365beda8c6b5cb3d0
SHA1 98f58e5f55603232972b8fc64d421d77eab6f2c7
SHA256 026d5e63d1dd5079d0ff004a1b71becd746eaa768cc72603e681e1e63a374ca4
SHA512 7b506deb5d1a65783a2a78873476baa47283444d69fca419bedd62f822cf5fbce61f52e0690167de509eb45030d599b90ff131bf27d57d62df9490bb304dffa2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 45c69b90b74fa915f8ac2758495cfcd9
SHA1 e8e1827cffa718e8bd5cb5efcb9a485003977bdb
SHA256 f8d69f301458d2df10e02c19cc40f629fd12d55d4562f5cbbe5ccde24dfd1f9a
SHA512 5571efe3955644e1e3a3f2523d101c4fad915b45dd2dc984fc4c77db8e3c8538ccf4838c89ec341b4e5aeb2117e29555b8e6ffb8a0e1759a9981c6a76fc51a9a

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bc18f3b8780164e99d4ca33efd03a1f2
SHA1 b5f183892dde983861f62660be60584099954d84
SHA256 b821cfb914dcac5a173b2df2eecc8c5f3bce4ea7ae8eb795e654d6823514afbf
SHA512 35cadf67065e6d34c95d193dd4898a06750157714369fed5df265898c44872ab22e71d8e094c34caf5f52094c96e1a4d5882eff909839b558c1b92bdebab800c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\TransportSecurity

MD5 96305b75f02e6728b5f9c7e9379ac29f
SHA1 1bb1d212099dd8ab6d078c5663739681590fe6d4
SHA256 57d4b2053f4b65612e90613c24310b2d2e993511ecb77ad66866013a93fa81bc
SHA512 05784e414e604f8aa1f24ea99afb51617b3cc3de16a716bf5ba492a3b2d08a76e40c944af21e9976ca96b9cb2170f8c41cd17f519e22fe8e7cb7faf7b2e7c671

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe

MD5 f73e60370efe16a6d985e564275612da
SHA1 2f829a0a611ac7add51a6bc50569e75181cdfd58
SHA256 9cf076866935a0c64366efaeff2ec76d45ac816030ebd616fd5defb1870bc30e
SHA512 2e44e87c285bb7b72d45c8119d08ea6f2d13cea77cf0005a3cf530790bb86c7f2df7c5edac9d86c9d7214abb224738c3bf6b31f6bf104051512bb1de133042dc

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe

MD5 deef1e7382d212cd403431727be417a5
SHA1 fac0e754a5734dd5e9602a0327a66e313f7473bb
SHA256 7d410e9eabd086827b16c89ee953a643c3e2f7929616c0af579253fd8ca60088
SHA512 6b472a57fb89b128aad9ab6313a9ce8b171f7d73264c67f669adc5cf1f0421d81f654dad1419b620476abb59dd54e1aa03a74a26c5c93813f6fb8575fbd97d4d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\Network Persistent State

MD5 5da5fb71863e91aabc8383ab7e382741
SHA1 55c4bb2a7a7df9f75368f3e9ad17b54a3b36cbf5
SHA256 57ab8bce84f0c28fa302e726fa4b4fb5ad2fa3d21dbc0f0a300e0305740cc656
SHA512 23c629c22271e90c4844c426fabe8b042dd62437ca0635c0eae28c64487181d6e6faff6481eac2fd723779e4fa582b7ef7ad2d1a004d74701befdee2ca07017a

C:\Windows\Installer\e5dd738.msi

MD5 66140e921ffc869e5dbd7d0337503f1a
SHA1 cc26b0818dbb2a4d3e242fd1caf7b45e036961c0
SHA256 d2ef84b42a4358e58f5566d842c389b229ba073fcef20b2a3007b6ce76a06d2b
SHA512 eb4a787e76a6700112349b5eba78a4467ba4a2364d30eade70acba480e4df1c5d48bcb31ca136f81b350c466911af97cb1da1ba964c2d35003a4e3e86c738772

C:\Config.Msi\e5dd73b.rbs

MD5 5ae082f8376751bdf8ad7aac53810014
SHA1 997388af5135e93758462921d2f714f2df5cb883
SHA256 874a18ada139b8a9c7a8dedeb789e44b419a80e12c0dae132e0bbf1196e67f51
SHA512 2d5eae1a5b3e4f61ca64c87c82210a87ea0a9a13a90f83be532fe8bf1c8c96ef2ddf173f1cdfcd69037367f54fb3bc85d0e3456ca6daed8523b45a5ed446268d

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\TransportSecurity

MD5 40a6267f37c9e18f47ebf88228c19135
SHA1 3486a6488e5587d79398e29b6a945fc3eb7f5c2b
SHA256 29054fd7f9b8d45d86398fe39d7db36eb04b65390ef2a674eb8bcdbc0bf260f5
SHA512 62b3eafb3cb823c5e3eb3394c98df86bb4c75f19c426b0952d7620ae2b4b3e81824b7b8c2660db0ec1818d48006bca6badd30b6354b736ba491675e0be5d9c2d

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3344_813538459\manifest.json

MD5 3be87f13caf866bf7f622582caf237d6
SHA1 38a0a2df6f3af44e73f759f0f80cbb64c5c074bf
SHA256 66948b067fb43bcbb4198633ca3721c0b06b7154623a0bc7b416560b46cf1bf9
SHA512 fe6cb01eb1fd2f8b7127ae8c4d83889fdcaa86852fe4f3b497ab716842b48682a4697eaa876c98e822939fb566fd4100809474e5851f96381568431d39aa0b1a

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3344_813538459\manifest.fingerprint

MD5 d8130fbd805dc73a4a86e66d440e1605
SHA1 e725361cb91688417de479e74b4d6451719223ba
SHA256 13ca2375aa4be308c891ea67941de2d683abb3c299fe7133b441e7c1ea6d06d9
SHA512 540113626548e889f290b6f5e6313d9ec9d9b5804700790e4a75dc3e83026d8073b0ed3d49e1a21b6725a5296f7541410b1546d58e23f1ba5d63fd16e493f706

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\OptimizationHints\468\optimization-hints.pb

MD5 a556e6dd38f650b91a1f2bfab5553fe6
SHA1 c57afb5882759eb2df149b897244535b15ea7c1c
SHA256 80200a6082c8c650f7acf8d53c481dbeaff356745812f01a044beba71f6c15ee
SHA512 04403d9aec56e8ae7fc7eb2c4d1ea94721dc04327e85c3c748e3fd3740d166d5793be1d7df259fc298c64bc175ae07b504b996b975a655f513b0fb664a2ced4c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 63d675a3fffe5a562010977b155cc3b3
SHA1 8d4153a54f8f92592e6f5d7f721590233148f608
SHA256 aa2b4982e7bbbfb71330febb8d6cd6e28095f7de8cd3a9b1fd8ded5bc049f49d
SHA512 99257efc6f07dd285b51d2f76e28f5b7e09b0d9d246d217b3ecf13326d166fa6f9d5ce4690a874699f273509d321012be67093f377dbcef0f610d862dfe7d87c

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\TransportSecurity

MD5 19d71818d4e3e8749cb3c83eda97f077
SHA1 6f8f62b7d44c242b639345aa0262529d34499831
SHA256 3aba5983fa823f6d2c426a734d990078a07bfb206edd5947603a8c8b956c3334
SHA512 42c0c30940a2f0b97f6a9cf03ad70dcacea6be19e7795aabe5d389d20b7bf3819226636b9729c82c7d9591f545214ea13d962e93d75274e2deba7e4376e96a73

C:\Users\Admin\AppData\Local\AVG\Browser\User Data\Default\Network\Network Persistent State

MD5 5d835a8d1dc2918b1f54e6726d274393
SHA1 ae378e77fd008f55320a74a2f3c65560ee4ea8c6
SHA256 eb22858bc5d6c9f28ba3b48f6c9cabd12e3c3e2149d714b2a293d8822be8d046
SHA512 81fb93c5ceda2334cc2ef9cc439a626433a7a70e543bb1b6b1e32d9d1e9cf93d1e5f46c98f2b391ebe54fab1e26eac7352cad775d565c8f9214d2ec53ca081f8

memory/10000-11523-0x0000012B17050000-0x0000012B170FE000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3e0bcb6f3658ff3082f27a8cdb9d8e4e
SHA1 2fdaff95d31d477bb0b8972c028b3b3a05b0a82d
SHA256 1ccda69962a254405789edb5fe78da3ff0746a480861b2d1af7d10013067a7ba
SHA512 d6d70810ad87ebeabcdeb95a3f73b57079b36473dc6550ba77b3856445c121b2f2b0545ef95af4548e3c5fcc4910a42a53b79154664febe083738bb41ad42bc2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 53795736c6e79728f8d0c2942e5074ed
SHA1 59384c8ec5798032d93423ac6c450eea95626d9f
SHA256 36ff7160ef764a7b25a2c02dc102ad52492ac9ef0b192c974b5c645b40b306a5
SHA512 e09ee66ec95a90ad42d5ffe2cae9725618c5cf735646dd08a14934a6c8466519007e930a64fc88464a52aabd801382dcc7d96568095d05a8ce79ea4a5783b845

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e664a4a5b81a7b61490f7dc4b18e7eaa
SHA1 393b5316d218a1db9f1fb287b7b2864a7778d635
SHA256 564973e4ac59348c1feb8d60d32667092c0600ccc765366d1b43e530912c79a0
SHA512 e83063b88942097cfba43b405b9fa37f423106c303c6bda74719a316efff7360f5eae07b2a73bf0757e4235d4f49af108ec25178d7d770701020ea3a99a5fa64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 79ea4a9cf06e72aac61689070901da03
SHA1 b5e9db26f16bdbbbb8eee8022e12aaec67101858
SHA256 aa4bb0c92041a6e747c07ec3cbaf32e6d6ca340d37ec215002df42ec7782e00c
SHA512 c4e26590ecfaca2f76853f073de437fa53062e64816cd3aacb1092a12668b1b0cddef11084f09b534344ab6813334879020cd26cc794f38264b00eac9319b606

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6688e79e422351ea213c76b8872c2688
SHA1 3439e011086d2a24b6c75c57286871e545ca2b3c
SHA256 fd4a048fe629e07b96bdcb0cb90799dde32ec8ca3f41f91f94e27de88ff9ad29
SHA512 3f9530166c2a947c1ef07257caaf8ab05ab343c84d4cab1aacc889fe3a66a097fb2aa855a995ff74947e8720aeb14e8d1fb691797c959957ee08d34bc7b1bf39

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c3212b0388012a8d4952294f75e79082
SHA1 ba3216bbbc1cf9600d5ccb1dc5c679b513c6fa7a
SHA256 a94af5e85d476f812c38e74f135655fc30bb9615d0032235dba860ef1fabf48a
SHA512 15b1c9eb024700b57e1eef8003d7e1621418e8f98a863fa357db5a1be9070fc976d6c437c1a171664434440d663b7547f94d2c4a6bd84a4bcb094b2be1816f14

Analysis: behavioral28

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

445s

Max time network

451s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\gravity.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\gravity.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral32

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:50

Platform

win11-20240802-en

Max time kernel

432s

Max time network

434s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\resize.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\resize.js"

Network

Files

N/A

Analysis: behavioral18

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

438s

Max time network

462s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\stats.min.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\stats.min.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral24

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

441s

Max time network

446s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\cube.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\cube.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral27

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

440s

Max time network

446s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\grapple.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\grapple.js"

Network

Files

N/A

Analysis: behavioral25

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

433s

Max time network

435s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\direction.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\direction.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral26

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

439s

Max time network

459s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\finish.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\finish.js"

Network

Country Destination Domain Proto
IE 52.111.236.22:443 tcp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral29

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

427s

Max time network

493s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\grow.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\grow.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

436s

Max time network

440s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\animation.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\animation.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

443s

Max time network

458s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\filesaver.min.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\filesaver.min.js"

Network

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

409s

Max time network

429s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\fps.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\fps.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral30

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

433s

Max time network

442s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\player.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\player.js"

Network

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

436s

Max time network

440s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\dialog.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\dialog.js"

Network

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

435s

Max time network

460s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\keyboard.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\keyboard.js"

Network

Files

N/A

Analysis: behavioral16

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

449s

Max time network

451s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\jquery-3.5.0.min.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\jquery-3.5.0.min.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

444s

Max time network

454s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\THREE.MeshLine.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\THREE.MeshLine.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

425s

Max time network

427s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\buy.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\buy.js"

Network

Files

N/A

Analysis: behavioral23

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

432s

Max time network

436s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\checkpoint.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\checkpoint.js"

Network

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

443s

Max time network

493s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\audio.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\audio.js"

Network

Country Destination Domain Proto
NL 52.111.243.30:443 tcp
US 8.8.8.8:53 14.179.89.13.in-addr.arpa udp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

423s

Max time network

427s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\level-editor.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\level-editor.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

445s

Max time network

458s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\level.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\level.js"

Network

Country Destination Domain Proto
NL 52.111.243.29:443 tcp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

443s

Max time network

455s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\collision.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\collision.js"

Network

Files

N/A

Analysis: behavioral31

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:50

Platform

win11-20240802-en

Max time kernel

438s

Max time network

440s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\reset.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\reset.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral22

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

438s

Max time network

447s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\bounce.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\objects\bounce.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp

Files

N/A

Analysis: behavioral17

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

407s

Max time network

412s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\matter.min.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\matter.min.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral19

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

440s

Max time network

459s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\three.min.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\three.min.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp

Files

N/A

Analysis: behavioral20

Detonation Overview

Submitted

2024-10-05 22:30

Reported

2024-10-05 22:40

Platform

win11-20240802-en

Max time kernel

434s

Max time network

438s

Command Line

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\tween.js"

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe "C:\Users\Admin\AppData\Local\Temp\Boxel 3D\js\libraries\tween.js"

Network

Country Destination Domain Proto
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp

Files

N/A