Malware Analysis Report

2025-08-10 14:15

Sample ID 241016-banncayejq
Target bittorrent_installer.exe
SHA256 91c1909249d3722496be27e62d6d0f861c73c418e24337e2d0ec9cf46bd1f0b8
Tags
discovery bootkit evasion persistence spyware stealer upx
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

91c1909249d3722496be27e62d6d0f861c73c418e24337e2d0ec9cf46bd1f0b8

Threat Level: Shows suspicious behavior

The file bittorrent_installer.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery bootkit evasion persistence spyware stealer upx

Identifies Wine through registry keys

Downloads MZ/PE file

Writes to the Master Boot Record (MBR)

Adds Run key to start application

Checks for any installed AV software in registry

UPX packed file

Checks computer location settings

Loads dropped DLL

Checks installed software on the system

Drops file in Program Files directory

Executes dropped EXE

Program crash

Browser Information Discovery

Embeds OpenSSL

Reads user/profile data of web browsers

System Network Configuration Discovery: Internet Connection Discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Script User-Agent

Modifies system certificate store

Suspicious use of AdjustPrivilegeToken

Checks SCSI registry key(s)

Suspicious behavior: GetForegroundWindowSpam

Checks processor information in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-16 00:56

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-16 00:56

Reported

2024-10-16 00:59

Platform

win7-20240903-en

Max time kernel

144s

Max time network

121s

Command Line

"C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe"

Signatures

Checks for any installed AV software in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\AVG\AV\Dir C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Avira\Browser\Installed C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avira\Browser\Installed C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\SOFTWARE\Avira\Browser\Installed C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\SOFTWARE\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVG\AV\Dir C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\USER\S-1-5-21-312935884-697965778-3955649944-1000\SOFTWARE\AVG\AV\Dir C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe N/A

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 040000000100000010000000a923759bba49366e31c2dbf2e766ba870f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a953000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f0067006900650073000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e41d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca619000000010000001000000044ba5fd9039fc9b56fd8aadccd597ca62000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 0f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b06010505070303140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a2000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 040000000100000010000000324a4bbbc863699bbe749ac6dd1d4624030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a1d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e709000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030353000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6502000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4\Blob = 0f00000001000000140000005d82adb90d5dd3c7e3524f56f787ec53726187760b000000010000005200000047006f00200044006100640064007900200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b06010505070303140000000100000014000000d2c4b0d291d44c1171b361cb3da1fedda86ad4e31d000000010000001000000099949d2179811f6b30a8c99c4f6b42260300000001000000140000002796bae63f1801e277261ba0d77770028f20eee420000000010000000404000030820400308202e8a003020102020100300d06092a864886f70d01010505003063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137303632305a170d3334303632393137303632305a3063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100de9dd7ea571849a15bebd75f4886eabeddffe4ef671cf46568b35771a05e77bbed9b49e970803d561863086fdaf2ccd03f7f0254225410d8b281d4c0753d4b7fc777c33e78ab1a03b5206b2f6a2bb1c5887ec4bb1eb0c1d845276faa3758f78726d7d82df6a917b71f72364ea6173f659892db2a6e5da2fe88e00bde7fe58d15e1ebcb3ad5e212a2132dd88eaf5f123da0080508b65ca565380445991ea3606074c541a572621b62c51f6f5f1a42be025165a8ae23186afc7803a94d7f80c3faab5afca140a4ca1916feb2c8ef5e730dee77bd9af67998bcb10767a2150ddda058c6447b0a3e62285fba41075358cf117e3874c5f8ffb569908f8474ea971baf020103a381c03081bd301d0603551d0e04160414d2c4b0d291d44c1171b361cb3da1fedda86ad4e330818d0603551d230481853081828014d2c4b0d291d44c1171b361cb3da1fedda86ad4e3a167a4653063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100324bf3b2ca3e91fc12c6a1078c8e77a03306145c901e18f708a63d0a19f98780116e69e4961730ff3491637238eecc1c01a31d9428a431f67ac454d7f6e5315803a2ccce62db944573b5bf45c924b5d58202ad2379698db8b64dcecf4cca3323e81c88aa9d8b416e16c920e5899ecd3bda70f77e992620145425ab6e7385e69b219d0a6c820ea8f8c20cfa101e6c96ef870dc40f618badee832b95f88e92847239eb20ea83ed83cd976e08bceb4e26b6732be4d3f64cfe2671e26111744aff571a870f75482ecf516917a002126195d5d140b2104ceec4ac1043a6a59e0ad595629a0dcf8882c5320ce42b9f45e60d9f289cb1b92a5a57ad370faf1d7fdbbd9f C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4\Blob = 19000000010000001000000063664b080559a094d10f0a3c5f4f62900f00000001000000140000005d82adb90d5dd3c7e3524f56f787ec53726187760b000000010000005200000047006f00200044006100640064007900200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b06010505070303140000000100000014000000d2c4b0d291d44c1171b361cb3da1fedda86ad4e31d000000010000001000000099949d2179811f6b30a8c99c4f6b42260300000001000000140000002796bae63f1801e277261ba0d77770028f20eee404000000010000001000000091de0625abdafd32170cbb25172a846720000000010000000404000030820400308202e8a003020102020100300d06092a864886f70d01010505003063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137303632305a170d3334303632393137303632305a3063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100de9dd7ea571849a15bebd75f4886eabeddffe4ef671cf46568b35771a05e77bbed9b49e970803d561863086fdaf2ccd03f7f0254225410d8b281d4c0753d4b7fc777c33e78ab1a03b5206b2f6a2bb1c5887ec4bb1eb0c1d845276faa3758f78726d7d82df6a917b71f72364ea6173f659892db2a6e5da2fe88e00bde7fe58d15e1ebcb3ad5e212a2132dd88eaf5f123da0080508b65ca565380445991ea3606074c541a572621b62c51f6f5f1a42be025165a8ae23186afc7803a94d7f80c3faab5afca140a4ca1916feb2c8ef5e730dee77bd9af67998bcb10767a2150ddda058c6447b0a3e62285fba41075358cf117e3874c5f8ffb569908f8474ea971baf020103a381c03081bd301d0603551d0e04160414d2c4b0d291d44c1171b361cb3da1fedda86ad4e330818d0603551d230481853081828014d2c4b0d291d44c1171b361cb3da1fedda86ad4e3a167a4653063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100324bf3b2ca3e91fc12c6a1078c8e77a03306145c901e18f708a63d0a19f98780116e69e4961730ff3491637238eecc1c01a31d9428a431f67ac454d7f6e5315803a2ccce62db944573b5bf45c924b5d58202ad2379698db8b64dcecf4cca3323e81c88aa9d8b416e16c920e5899ecd3bda70f77e992620145425ab6e7385e69b219d0a6c820ea8f8c20cfa101e6c96ef870dc40f618badee832b95f88e92847239eb20ea83ed83cd976e08bceb4e26b6732be4d3f64cfe2671e26111744aff571a870f75482ecf516917a002126195d5d140b2104ceec4ac1043a6a59e0ad595629a0dcf8882c5320ce42b9f45e60d9f289cb1b92a5a57ad370faf1d7fdbbd9f C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 0f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a953000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f0067006900650073000000090000000100000016000000301406082b0601050507030406082b06010505070301140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e41d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca62000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob = 19000000010000001000000044ba5fd9039fc9b56fd8aadccd597ca6030000000100000014000000317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca61d00000001000000100000005959ddbc9c7632ba0a05f06316846fe6140000000100000014000000a848b4242fc6ea24a0d78e3cb93c5c78d79833e4090000000100000016000000301406082b0601050507030406082b060105050703010b000000010000002e00000053007400610072006600690065006c006400200054006500630068006e006f006c006f006700690065007300000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00f000000010000001400000007eeabaf80a9ef4ae1b2cb9b4b5fc70d0428e6a92000000001000000eb020000308202e730820250020101300d06092a864886f70d01010505003081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d301e170d3939303632363030313935345a170d3139303632363030313935345a3081bb312430220603550407131b56616c69436572742056616c69646174696f6e204e6574776f726b31173015060355040a130e56616c69436572742c20496e632e31353033060355040b132c56616c694365727420436c617373203220506f6c6963792056616c69646174696f6e20417574686f726974793121301f06035504031318687474703a2f2f7777772e76616c69636572742e636f6d2f3120301e06092a864886f70d0109011611696e666f4076616c69636572742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ce3a71cae5abc8599255d7abd8740ef9eed9f655475965470e0555dceb98363c5c535dd330cf38ecbd4189ed254209246b0a5eb37cdd522d4ce6d4d67d5a59a965d449132d244d1c506fb5c185543bfe71e4d35c42f980e0911a0a5b393667f33f557c1b3fb45f647334e3b412bf8764f8da12ff3727c1b343bbef7b6e2e69f70203010001300d06092a864886f70d0101050500038181003b7f506f6f509499496238381f4bf8a5c83ea78281f62bc7e8c5cee83a1082cb18008e4dbda8587fa17900b5bbe98daf41d90f34ee218119a0324928f4c48e56d55233fd50d57e996c03e4c94cfccb6cab66b34a218ce5b50c323e10b2cc6ca1dc9a984c025bf3ceb99ea5720e4ab73f3ce61668f8beed744cbc5bd5621f43dd C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 190000000100000010000000fd960962ac6938e0d4b0769aa1a64e260f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b06010505070303140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a040000000100000010000000324a4bbbc863699bbe749ac6dd1d46242000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4\Blob = 04000000010000001000000091de0625abdafd32170cbb25172a84670300000001000000140000002796bae63f1801e277261ba0d77770028f20eee41d000000010000001000000099949d2179811f6b30a8c99c4f6b4226140000000100000014000000d2c4b0d291d44c1171b361cb3da1fedda86ad4e309000000010000002a000000302806082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030353000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005200000047006f00200044006100640064007900200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000005d82adb90d5dd3c7e3524f56f787ec537261877620000000010000000404000030820400308202e8a003020102020100300d06092a864886f70d01010505003063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137303632305a170d3334303632393137303632305a3063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100de9dd7ea571849a15bebd75f4886eabeddffe4ef671cf46568b35771a05e77bbed9b49e970803d561863086fdaf2ccd03f7f0254225410d8b281d4c0753d4b7fc777c33e78ab1a03b5206b2f6a2bb1c5887ec4bb1eb0c1d845276faa3758f78726d7d82df6a917b71f72364ea6173f659892db2a6e5da2fe88e00bde7fe58d15e1ebcb3ad5e212a2132dd88eaf5f123da0080508b65ca565380445991ea3606074c541a572621b62c51f6f5f1a42be025165a8ae23186afc7803a94d7f80c3faab5afca140a4ca1916feb2c8ef5e730dee77bd9af67998bcb10767a2150ddda058c6447b0a3e62285fba41075358cf117e3874c5f8ffb569908f8474ea971baf020103a381c03081bd301d0603551d0e04160414d2c4b0d291d44c1171b361cb3da1fedda86ad4e330818d0603551d230481853081828014d2c4b0d291d44c1171b361cb3da1fedda86ad4e3a167a4653063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100324bf3b2ca3e91fc12c6a1078c8e77a03306145c901e18f708a63d0a19f98780116e69e4961730ff3491637238eecc1c01a31d9428a431f67ac454d7f6e5315803a2ccce62db944573b5bf45c924b5d58202ad2379698db8b64dcecf4cca3323e81c88aa9d8b416e16c920e5899ecd3bda70f77e992620145425ab6e7385e69b219d0a6c820ea8f8c20cfa101e6c96ef870dc40f618badee832b95f88e92847239eb20ea83ed83cd976e08bceb4e26b6732be4d3f64cfe2671e26111744aff571a870f75482ecf516917a002126195d5d140b2104ceec4ac1043a6a59e0ad595629a0dcf8882c5320ce42b9f45e60d9f289cb1b92a5a57ad370faf1d7fdbbd9f C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6 C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A

Script User-Agent

Description Indicator Process Target
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp N/A

Processes

C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe

"C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe"

C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp

"C:\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp" /SL5="$400F2,894868,871424,C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 dtwmtgl14acv8.cloudfront.net udp
GB 18.165.158.172:443 dtwmtgl14acv8.cloudfront.net tcp
US 8.8.8.8:53 api.playanext.com udp
US 8.8.8.8:53 api.playanext.com udp
GB 18.165.160.27:443 api.playanext.com tcp
GB 18.165.160.7:443 api.playanext.com tcp
GB 18.165.160.27:443 api.playanext.com tcp
GB 18.165.160.7:443 api.playanext.com tcp
GB 18.165.158.172:443 dtwmtgl14acv8.cloudfront.net tcp
US 8.8.8.8:53 download-new.utorrent.com udp
US 67.215.238.66:443 download-new.utorrent.com tcp
US 67.215.238.66:443 download-new.utorrent.com tcp

Files

memory/2960-2-0x0000000000401000-0x00000000004B7000-memory.dmp

memory/2960-0-0x0000000000400000-0x00000000004E2000-memory.dmp

\Users\Admin\AppData\Local\Temp\is-L0VBF.tmp\bittorrent_installer.tmp

MD5 723d6f33e0f91eac442bcf67b20ab25d
SHA1 83bf5541fd6c08a37c5ed0ab1485e075dff8af26
SHA256 8b5d3a86d17b1d0a379c754e37c00b647cc21e4238a20a3424fbf26fc16e15a4
SHA512 e7f51194559237abcc072e58cc5b19f72b483397a8bb52cf5796be7814880df51ce3963834869cf2838ba3ba1ec3d7ac4c8d655cd2da115c20bcf6d1084cfc89

memory/2092-9-0x0000000000400000-0x000000000071E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\CabAC96.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\TarACC8.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 874a993638713203242d5dfe978ac10c
SHA1 cee8f20c9781692c32cc0da14b7a112c01687883
SHA256 5c88a1f6b744a35237c8b56417320589392a601b0414aa4cc10ad07726d74b53
SHA512 d3df1a3b972d47c7974000ef56554a2387c25135062501f348b0cc37e2537aa712ceb3c0bf620980c36eb70a3a9a48993188a66163212b58c597d8bb36629c5c

memory/2960-147-0x0000000000400000-0x00000000004E2000-memory.dmp

memory/2092-149-0x0000000000400000-0x000000000071E000-memory.dmp

memory/2092-148-0x0000000000400000-0x000000000071E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-A28IH.tmp\107.png

MD5 c0e10a5142865236ee82b96c2a9eb75c
SHA1 a6ddc9f963bf0f677b418d8d48f5e8430afc09d4
SHA256 16b6b70168ea5a2d6d684f379c1d5e88ab9993d9ea0d22f04736f24bc89200cc
SHA512 98393660fcf8261a9e084db9900a3dc8894c1b0f564935512a39a2aa14a1a4e2104e86634f4fe10eceac97b0193c77e23434077f4ce66e72a5793c8a8b4dabe8

memory/2092-153-0x0000000007650000-0x0000000007790000-memory.dmp

memory/2092-155-0x0000000000400000-0x000000000071E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-A28IH.tmp\108.png

MD5 b582d76d71da0734a777fc8376fd0150
SHA1 687de4b5b0844bd720619b39c65f9078ae72e7cf
SHA256 1ce2b90c05299026d66af72b8d1fbf4c2abdbcbbd03959b8f05986a48f9034c6
SHA512 0d9e2680bcf159446704c82c514320f76af962281dd5e5738c6e56b93c900a43bf2fc5cd5792977ae7bee5ca904774ecd0ff95dab7470901997af4fb6a666053

memory/2092-159-0x0000000007650000-0x0000000007790000-memory.dmp

memory/2092-161-0x0000000000400000-0x000000000071E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-A28IH.tmp\109.png

MD5 7c87614f099c75a0bed6ab01555143dd
SHA1 07ab72dc4a1e53e2c62ecccc1221472854d78635
SHA256 02335420cb5c2fa33eec48f32706d2353f8b609daaf337458f04a8f98d999a7c
SHA512 29b7ce896332ed2a05235645adb963b77920a0a252561684ea9f1f925f69dbcee4685e1b30584c1034a15b7efc18b911902d1ecb41c523cf2552ff23e165bf43

memory/2092-165-0x0000000007650000-0x0000000007790000-memory.dmp

memory/2092-167-0x0000000000400000-0x000000000071E000-memory.dmp

memory/2092-169-0x0000000000400000-0x000000000071E000-memory.dmp

memory/2092-171-0x0000000000400000-0x000000000071E000-memory.dmp

memory/2092-173-0x0000000000400000-0x000000000071E000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-10-16 00:56

Reported

2024-10-16 00:58

Platform

win10v2004-20241007-en

Max time kernel

86s

Max time network

109s

Command Line

"C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe"

Signatures

Identifies Wine through registry keys

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Software\WOW6432Node\Wine C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Software\Wine C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key opened \REGISTRY\MACHINE\Software\WOW6432Node\Wine C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Software\Wine C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bt = "\"C:\\Users\\Admin\\AppData\\Roaming\\bittorrent\\BitTorrent.exe\" /MINIMIZED" C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bt = "C:\\Users\\Admin\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe /MINIMIZED" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A

Checks for any installed AV software in registry

Description Indicator Process Target
Key opened \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Avira\Browser\Installed C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
Key opened \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVG\AV\Dir C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVG\AV\Dir C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\AVG\AV\Dir C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Avira\Browser\Installed C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avira\Browser\Installed C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\AVAST Software\Avast C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A

Downloads MZ/PE file

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key value queried \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\McAfee\Temp3718712590\webadvisor.ico C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\eula-sv-SE.txt C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-install-fr-FR.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files (x86)\GUM3F08.tmp\AVGBrowserUpdateBroker.exe C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM3F08.tmp\acuapi_64.dll C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM3F08.tmp\goopdateres_ar.dll C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\mfw.cab C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\wa_logo2.png C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files (x86)\GUM3F08.tmp\goopdateres_bg.dll C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\x64\wssdep.dll C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-install-hu-HU.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-install-pl-PL.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-shared-zh-CN.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-shared-zh-TW.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\analyticsmanager.cab C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-install-fi-FI.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\updater.exe C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\logic\miscutils.luc C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\eula-zh-TW.txt C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-install-pt-BR.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\logic\smart_toasting\smart_toast_config_selector.luc C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files (x86)\GUM3F08.tmp\goopdateres_el.dll C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\eula-pl-PL.txt C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\eula-zh-CN.txt C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-shared-de-DE.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\uihost.exe C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files (x86)\GUM3F08.tmp\goopdateres_en-GB.dll C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\eula-el-GR.txt C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-install-hr-HR.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\logic\base_provider.luc C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files (x86)\GUM3F08.tmp\AVGBrowserUpdateWebPlugin.exe C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\eula-cs-CZ.txt C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-shared-ru-RU.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-shared-nl-NL.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File opened for modification C:\Program Files (x86)\GUT3F09.tmp C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files (x86)\GUM3F08.tmp\goopdateres_da.dll C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\mfw-webadvisor.cab C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\settingmanager.cab C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\wa_install_close.png C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\eula-it-IT.txt C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-install-es-MX.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-shared-cs-CZ.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-shared-pt-PT.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-shared-sv-SE.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\resource.dll C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\telemetry.cab C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files (x86)\GUM3F08.tmp\AVGBrowserCrashHandler64.exe C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\eula-da-DK.txt C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\eula-fi-FI.txt C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-install-ru-RU.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-install-sv-SE.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\logic\aj_logic.luc C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\logic\edge_onboarding.luc C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\icon_complete.png C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\wa-install.css C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\logic\oem_utils\oem_util_selector.luc C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\logic\oem_business_logic.luc C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\logic\ss_logic.luc C:\Program Files\McAfee\Temp3718712590\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-install-da-DK.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-shared-ja-JP.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\jslang\wa-res-shared-ko-KR.js C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files (x86)\GUM3F08.tmp\goopdateres_de.dll C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\wa-install.html C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A
File created C:\Program Files\McAfee\Temp3718712590\webadvisor.cab C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe N/A
N/A N/A C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A
N/A N/A C:\Program Files\McAfee\Temp3718712590\installer.exe N/A

Browser Information Discovery

discovery

Embeds OpenSSL

Description Indicator Process Target
N/A N/A N/A N/A

Enumerates physical storage devices

Reads user/profile data of web browsers

spyware stealer

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A

System Network Configuration Discovery: Internet Connection Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key enumerated \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\bittorrentie.exe = "11000" C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION\bittorrentie.exe = "1" C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CROSS_DOMAIN_REDIRECT_MITIGATION C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CROSS_DOMAIN_REDIRECT_MITIGATION\bittorrentie.exe = "0" C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\DefaultIcon C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Magnet\DefaultIcon C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\ = "bittorrent URI" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\MIME\Database\Content Type\application/x-bittorrent-skin C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\MIME\Database\Content Type\application/x-bittorrent-skin\Extension = ".btskin" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btinstall\ = "BitTorrent" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Applications\BitTorrent.exe\shell C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\7CCD586D-2ABC-42FF-A23B-3731F4F183D9 = "65F115A51CCCDBF623206AEDE3B3D8A4" C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\shell\open C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\shell\ = "open" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\Content Type C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent-key C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Applications C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe\" \"%1\" /SHELLASSOC" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\bittorrent C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\bittorrent\shell\open\command C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent-appinst C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\MIME\Database\Content Type\application/x-bittorrent-appinst\Extension = ".btinstall" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btsearch\OpenWithProgids C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Applications\BitTorrent.exe\shell\ = "open" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\56C7A9DA-4B11-406A-8B1A-EFF157C294D6 = "304b864c-5eea-423c-83ed-8d82958d9f85" C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\FalconBetaAccount\remote_access_client_id = "1021245614" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.torrent\ = "BitTorrent" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Magnet\Content Type = "application/x-magnet" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Magnet\shell C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btsearch\ = "BitTorrent" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Magnet\shell\open\command C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btapp\ = "BitTorrent" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btinstall C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btkey C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Magnet\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Roaming\\BitTorrent\\maindoc.ico" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent-appinst\Extension = ".btinstall" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\MIME\Database\Content Type\application/x-bittorrent-appinst C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\5E1D6A55-0134-486E-A166-38C2E4919BB1 = "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA1YsiGeEEh0Sud00KFECPqAQAAAACAAAAAAAQZgAAAAEAACAAAACG09vt9FZD3CADIoppmL3DPVdJbU6b2uivNJYIsoErNwAAAAAOgAAAAAIAACAAAADW2+lLULcj+C4F2KBr0OxJAU92HzKLHAe0+Zfx2bmteDAAAAAxXf7aPk7K4cSs94cD3rmfzgJMDIJTHEUZM0vxTE2OYkCYs59kyctyOuZe8p3RmHpAAAAA/EbRB4NaJxA41Sxxge+Kdw9n6817FmW9fHropN/AGEuMs4GDRKetX8M2ehyaI1B0z4SYkN3H6fLs/F8cC4vKWw==" C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\MIME\Database\Content Type\application/x-bittorrent C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Magnet\ = "Magnet URI" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Magnet\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe\" \"%1\" /SHELLASSOC" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\Content Type = "application/x-bittorrent-protocol" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\bittorrent\shell C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\MIME\Database\Content Type\application/x-bittorrent-app\Extension = ".btapp" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btskin\Content Type = "application/x-bittorrent-skin" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent-skin C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Applications\BitTorrent.exe\shell\open\command C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Roaming\\BitTorrent\\maindoc.ico" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\MIME\Database\Content Type\application/x-bittorrent\Extension = ".torrent" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\MIME\Database\Content Type\application/x-bittorrent-key\Extension = ".btkey" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btsearch\OpenWithProgids\BitTorrent C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btsearch\Content Type = "application/x-bittorrentsearchdescription+xml" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\Extension = ".btsearch" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btskin\ = "BitTorrent" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent-skin\Extension = ".btskin" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\shell\open\command C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\Content Type\ = "application/x-bittorrent" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\BitTorrent\URL Protocol C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btapp C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btkey\ = "BitTorrent" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.torrent\Content Type = "application/x-bittorrent" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btsearch C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Magnet\shell\ = "open" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.btapp\Content Type = "application/x-bittorrent-app" C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b8200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 1900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A

Script User-Agent

Description Indicator Process Target
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeManageVolumePrivilege N/A C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe N/A
Token: SeManageVolumePrivilege N/A C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3696 wrote to memory of 2008 N/A C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp
PID 3696 wrote to memory of 2008 N/A C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp
PID 3696 wrote to memory of 2008 N/A C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp
PID 2008 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe
PID 2008 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe
PID 2008 wrote to memory of 2340 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe
PID 2340 wrote to memory of 964 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe
PID 2340 wrote to memory of 964 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe
PID 2340 wrote to memory of 964 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe
PID 2008 wrote to memory of 3500 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe
PID 2008 wrote to memory of 3500 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe
PID 2008 wrote to memory of 3500 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe
PID 2008 wrote to memory of 4500 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe
PID 2008 wrote to memory of 4500 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe
PID 2008 wrote to memory of 4500 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe
PID 2008 wrote to memory of 4404 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe
PID 2008 wrote to memory of 4404 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe
PID 2008 wrote to memory of 4404 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe
PID 4404 wrote to memory of 4352 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe
PID 4404 wrote to memory of 4352 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe
PID 4404 wrote to memory of 4352 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe
PID 3500 wrote to memory of 624 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe
PID 3500 wrote to memory of 624 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe
PID 2008 wrote to memory of 436 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe
PID 2008 wrote to memory of 436 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe
PID 2008 wrote to memory of 436 N/A C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe
PID 624 wrote to memory of 1224 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe C:\Program Files\McAfee\Temp3718712590\installer.exe
PID 624 wrote to memory of 1224 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe C:\Program Files\McAfee\Temp3718712590\installer.exe
PID 4500 wrote to memory of 1752 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe
PID 4500 wrote to memory of 1752 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe
PID 4500 wrote to memory of 1752 N/A C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe

Processes

C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe

"C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe"

C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp

"C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp" /SL5="$130044,894868,871424,C:\Users\Admin\AppData\Local\Temp\bittorrent_installer.exe"

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe

"C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe" /S /FORCEINSTALL 1110010101111110

C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe

"C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe" /S /FORCEINSTALL 1110010101111110

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe

"C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe" /affid 91082 PaidDistribution=true CountryCode=GB

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe

"C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe" /s /run_source=avg_ads_is_control /is_pixel_psh=BjYV6dOhPDJK7FCmaIRfCaHyK6X1GLYSuuJuD2JyjKu9VyBqN4bHQPTLiecmNbEj3H25jExg7JGqvIy /make-default

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe

"C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe" /silent /ws /psh:92pTu5hvrwo9ItWd7rkE6P1PwtKXwDVGrBQutNeZO2tJJCZnrh1sAa14YyXhupD5TwfKluuG67Gk4e

C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe

"C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe" /silent /ws /psh:92pTu5hvrwo9ItWd7rkE6P1PwtKXwDVGrBQutNeZO2tJJCZnrh1sAa14YyXhupD5TwfKluuG67Gk4e /cookie:mmm_irs_ppi_902_451_o /ga_clientid:bc02ad2c-57f0-43a7-ad59-77f5cbaadec8 /edat_dir:C:\Windows\Temp\asw.9db5285fa86a894a

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe

"C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade

C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe

"C:\Users\Admin\AppData\Roaming\bittorrent\BitTorrent.exe"

C:\Program Files\McAfee\Temp3718712590\installer.exe

"C:\Program Files\McAfee\Temp3718712590\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe

AVGBrowserUpdateSetup.exe /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9263&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome"

C:\Windows\SYSTEM32\regsvr32.exe

regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\win32\WSSDep.dll"

C:\Program Files (x86)\GUM3F08.tmp\AVGBrowserUpdate.exe

"C:\Program Files (x86)\GUM3F08.tmp\AVGBrowserUpdate.exe" /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9263&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome"

C:\Windows\SysWOW64\regsvr32.exe

/s "C:\Program Files\McAfee\WebAdvisor\win32\WSSDep.dll"

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regsvc

C:\Windows\SYSTEM32\regsvr32.exe

regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\x64\WSSDep.dll"

C:\Users\Admin\AppData\Roaming\bittorrent\updates\7.11.0_47143\bittorrentie.exe

"C:\Users\Admin\AppData\Roaming\bittorrent\updates\7.11.0_47143\bittorrentie.exe" BitTorrent_436_00D12F28_191904200 BT4823DF041B09 BitTorrent ie unp

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2008 -ip 2008

C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe

"C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regserver

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2008 -s 1880

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe

"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"

C:\Users\Admin\AppData\Roaming\bittorrent\updates\7.11.0_47143\bittorrentie.exe

"C:\Users\Admin\AppData\Roaming\bittorrent\updates\7.11.0_47143\bittorrentie.exe" BitTorrent_436_03BB6568_1579806555 BT4823DF041B09 BitTorrent ie unp

C:\Users\Admin\AppData\Roaming\bittorrent\MicrosoftEdgeWebView2Setup.exe

MicrosoftEdgeWebView2Setup.exe /silent /install

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\common\icarus.exe

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\common\icarus.exe /icarus-info-path:C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\icarus-info.xml /install /silent /ws /psh:92pTu5hvrwo9ItWd7rkE6P1PwtKXwDVGrBQutNeZO2tJJCZnrh1sAa14YyXhupD5TwfKluuG67Gk4e /cookie:mmm_irs_ppi_902_451_o /edat_dir:C:\Windows\Temp\asw.9db5285fa86a894a /track-guid:bc02ad2c-57f0-43a7-ad59-77f5cbaadec8

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgb21haGFpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHVwZGF0ZXJ2ZXJzaW9uPSIxLjguMTY5My42IiBzaGVsbF92ZXJzaW9uPSIxLjguMTY5My42IiBpc21hY2hpbmU9IjEiIGlzX29tYWhhNjRiaXQ9IjAiIGlzX29zNjRiaXQ9IjEiIHNlc3Npb25pZD0ie0Y0NjBFNzFFLUY3QTItNDU0Qy1CRTVBLUE2OUE5NTI5NEE2M30iIGNlcnRfZXhwX2RhdGU9IjIwMjUwOTE3IiB1c2VyaWQ9InswRUJCRkUxRi03REZCLTQ3NkMtQkUxNS05RTJEQkY2MzY1MkV9IiB1c2VyaWRfZGF0ZT0iMjAyNDEwMTYiIG1hY2hpbmVpZD0iezAwMDBDQkM0LUFBNTMtOTMyRC1GNjQ2LTgzNTZEQzZDRUMyNH0iIG1hY2hpbmVpZF9kYXRlPSIyMDI0MTAxNiIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiB0ZXN0c291cmNlPSJhdXRvIiByZXF1ZXN0aWQ9IntGM0M2QzQyQi0zRDExLTQxNTItOEFERS01NzQzREI5MzhGNkV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjgiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuOC4xNjkzLjYiIGxhbmc9ImVuLVVTIiBicmFuZD0iOTI2MyIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iMjI4MSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 2008 -ip 2008

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /handoff "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9263&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data%3Diexplore --import-cookies --auto-launch-chrome" /installsource otherinstallcmd /sessionid "{F460E71E-F7A2-454C-BE5A-A69A95294A63}" /silent

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2008 -s 1684

C:\Users\Admin\AppData\Roaming\bittorrent\updates\7.11.0_47143\bittorrentie.exe

"C:\Users\Admin\AppData\Roaming\bittorrent\updates\7.11.0_47143\bittorrentie.exe" BitTorrent_436_03C12EC8_435610238 BT4823DF041B09 BitTorrent ie unp

C:\Program Files\McAfee\WebAdvisor\UIHost.exe

"C:\Program Files\McAfee\WebAdvisor\UIHost.exe"

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Temp\EU4BC9.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU4BC9.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Users\Admin\AppData\Roaming\bittorrent\updates\7.11.0_47143\bittorrentie.exe

"C:\Users\Admin\AppData\Roaming\bittorrent\updates\7.11.0_47143\bittorrentie.exe" BitTorrent_436_00D12F28_2071883213 BT4823DF041B09 BitTorrent ie unp

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMjUiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMjUiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NjFGNjlFNzUtQTBFQi00QUEyLUJGRjYtMDZDRkNBQkVDMkQ5fSIgdXNlcmlkPSJ7MTAwNENFRkQtMTMxMi00N0Y5LTgwNEItNDM5QTFBQzUwRUUzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGNDhEMEI4Qy1DNzM2LTRCOEMtQjVDRi05QTcwQTkxNjZBNzl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNDcuMzciIG5leHR2ZXJzaW9uPSIxLjMuMTk1LjI1IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1MjUzMzI4OTY2IiBpbnN0YWxsX3RpbWVfbXM9IjE5NTMiLz48L2FwcD48L3JlcXVlc3Q-

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\avg-av-vps\icarus.exe

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\avg-av-vps\icarus.exe /silent /ws /psh:92pTu5hvrwo9ItWd7rkE6P1PwtKXwDVGrBQutNeZO2tJJCZnrh1sAa14YyXhupD5TwfKluuG67Gk4e /cookie:mmm_irs_ppi_902_451_o /edat_dir:C:\Windows\Temp\asw.9db5285fa86a894a /track-guid:bc02ad2c-57f0-43a7-ad59-77f5cbaadec8 /er_master:master_ep_de8331c0-ddb5-4f24-8b78-13cbe2dd3a70 /er_ui:ui_ep_fcd8c1cb-4518-4431-ac95-92e27b5dee33 /er_slave:avg-av-vps_slave_ep_bbbd791a-bef2-4891-baf8-f0abac63d553 /slave:avg-av-vps

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\avg-av\icarus.exe

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\avg-av\icarus.exe /silent /ws /psh:92pTu5hvrwo9ItWd7rkE6P1PwtKXwDVGrBQutNeZO2tJJCZnrh1sAa14YyXhupD5TwfKluuG67Gk4e /cookie:mmm_irs_ppi_902_451_o /edat_dir:C:\Windows\Temp\asw.9db5285fa86a894a /track-guid:bc02ad2c-57f0-43a7-ad59-77f5cbaadec8 /er_master:master_ep_de8331c0-ddb5-4f24-8b78-13cbe2dd3a70 /er_ui:ui_ep_fcd8c1cb-4518-4431-ac95-92e27b5dee33 /er_slave:avg-av_slave_ep_1d380c0a-9ece-4ac4-b3c9-5c5895de8ed8 /slave:avg-av

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{61F69E75-A0EB-4AA2-BFF6-06CFCABEC2D9}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMjUiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMjUiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NjFGNjlFNzUtQTBFQi00QUEyLUJGRjYtMDZDRkNBQkVDMkQ5fSIgdXNlcmlkPSJ7MTAwNENFRkQtMTMxMi00N0Y5LTgwNEItNDM5QTFBQzUwRUUzfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7RTlFMUNEMEMtMTM0MS00NEEwLUE0MEEtQUZEQzM0MDlFMzI4fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O2xoVmkxMlFjazZTbDB1VTFPQjZZMTUyOWJSNmJzZXk0K2N1N2RIeHM2Y2s9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSI4IiBpbnN0YWxsZGF0ZXRpbWU9IjE3MjgyOTM0NTYiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM3Mjc2NjEzMjg3MDAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTc5ODYyIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1MjcxNjEwMjQxIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://bittorrent.com/prodnews?v=7%2e11%2e0%2e1%2e47143&pv=0.0.0.0.0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbef5a46f8,0x7ffbef5a4708,0x7ffbef5a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,17485162336590151557,17233883178600814354,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,17485162336590151557,17233883178600814354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,17485162336590151557,17233883178600814354,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2936 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,17485162336590151557,17233883178600814354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,17485162336590151557,17233883178600814354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,17485162336590151557,17233883178600814354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1

C:\Program Files\McAfee\WebAdvisor\updater.exe

"C:\Program Files\McAfee\WebAdvisor\updater.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul

C:\Program Files (x86)\AVG\Browser\Update\Install\{84DB4494-39B7-42BC-8060-EF336250EE4B}\AVGBrowserInstaller.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{84DB4494-39B7-42BC-8060-EF336250EE4B}\AVGBrowserInstaller.exe" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data=iexplore --import-cookies --auto-launch-chrome --system-level

C:\Program Files (x86)\AVG\Browser\Update\Install\{84DB4494-39B7-42BC-8060-EF336250EE4B}\CR_5D658.tmp\setup.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{84DB4494-39B7-42BC-8060-EF336250EE4B}\CR_5D658.tmp\setup.exe" --install-archive="C:\Program Files (x86)\AVG\Browser\Update\Install\{84DB4494-39B7-42BC-8060-EF336250EE4B}\CR_5D658.tmp\SECURE.PACKED.7Z" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --auto-import-data=iexplore --import-cookies --auto-launch-chrome --system-level

C:\Program Files (x86)\AVG\Browser\Update\Install\{84DB4494-39B7-42BC-8060-EF336250EE4B}\CR_5D658.tmp\setup.exe

"C:\Program Files (x86)\AVG\Browser\Update\Install\{84DB4494-39B7-42BC-8060-EF336250EE4B}\CR_5D658.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=fake_url --annotation=plat=Win64 --annotation=prod=AVG --annotation=ver=128.0.26382.138 --initial-client-data=0x260,0x264,0x268,0x23c,0x26c,0x7ff63f0254d0,0x7ff63f0254dc,0x7ff63f0254e8

Network

Country Destination Domain Proto
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 dtwmtgl14acv8.cloudfront.net udp
GB 18.165.158.172:443 dtwmtgl14acv8.cloudfront.net tcp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 150.171.28.10:443 g.bing.com tcp
US 8.8.8.8:53 172.158.165.18.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 10.28.171.150.in-addr.arpa udp
US 8.8.8.8:53 api.playanext.com udp
GB 18.165.160.27:443 api.playanext.com tcp
GB 18.165.160.27:443 api.playanext.com tcp
GB 18.165.158.172:443 dtwmtgl14acv8.cloudfront.net tcp
US 8.8.8.8:53 27.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 download-new.utorrent.com udp
US 67.215.238.66:443 download-new.utorrent.com tcp
US 8.8.8.8:53 66.238.215.67.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 67.215.238.66:443 download-new.utorrent.com tcp
US 8.8.8.8:53 i-6000.b-47143.ut.bench.utorrent.com udp
US 18.235.236.81:80 i-6000.b-47143.ut.bench.utorrent.com tcp
US 8.8.8.8:53 81.236.235.18.in-addr.arpa udp
US 8.8.8.8:53 router.bittorrent.com udp
US 8.8.8.8:53 router.utorrent.com udp
US 8.8.8.8:53 update.utorrent.li udp
IS 82.221.103.246:80 update.utorrent.li tcp
IS 82.221.103.246:80 update.utorrent.li tcp
US 8.8.8.8:53 246.103.221.82.in-addr.arpa udp
US 8.8.8.8:53 212.20.149.52.in-addr.arpa udp
US 8.8.8.8:53 241.42.69.40.in-addr.arpa udp
US 8.8.8.8:53 analytics.apis.mcafee.com udp
US 52.36.203.203:443 analytics.apis.mcafee.com tcp
US 8.8.8.8:53 203.203.36.52.in-addr.arpa udp
US 8.8.8.8:53 sadownload.mcafee.com udp
GB 2.19.117.95:443 sadownload.mcafee.com tcp
US 8.8.8.8:53 95.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 v7event.stats.avast.com udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 34.117.223.223:80 v7event.stats.avast.com tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 142.250.178.14:80 www.google-analytics.com tcp
US 8.8.8.8:53 223.223.117.34.in-addr.arpa udp
US 8.8.8.8:53 82.221.23.2.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 stats.securebrowser.com udp
US 8.8.8.8:53 analytics.avcdn.net udp
US 104.20.86.8:443 stats.securebrowser.com tcp
US 34.117.223.223:443 analytics.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 8.86.20.104.in-addr.arpa udp
US 8.8.8.8:53 i-21.b-47143.bt.bench.utorrent.com udp
N/A 10.127.0.1:5351 udp
US 54.235.218.118:80 i-21.b-47143.bt.bench.utorrent.com tcp
US 8.8.8.8:53 apps.bittorrent.com udp
US 54.235.218.118:80 i-21.b-47143.bt.bench.utorrent.com tcp
US 67.215.246.10:6881 router.bittorrent.com udp
IS 82.221.103.244:6881 router.utorrent.com udp
GB 87.248.205.1:80 apps.bittorrent.com tcp
US 8.8.8.8:53 118.218.235.54.in-addr.arpa udp
US 8.8.8.8:53 246.197.219.23.in-addr.arpa udp
US 8.8.8.8:53 10.246.215.67.in-addr.arpa udp
US 8.8.8.8:53 244.103.221.82.in-addr.arpa udp
US 8.8.8.8:53 1.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 msedge.sf.dl.delivery.mp.microsoft.com udp
US 152.199.21.175:443 msedge.sf.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 i-24.b-47143.bt.bench.utorrent.com udp
US 18.235.236.81:80 i-24.b-47143.bt.bench.utorrent.com tcp
GB 2.19.117.95:443 sadownload.mcafee.com tcp
US 8.8.8.8:53 i-70.b-47143.bt.bench.utorrent.com udp
US 3.212.242.171:80 i-70.b-47143.bt.bench.utorrent.com tcp
US 8.8.8.8:53 shepherd.avcdn.net udp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.160.176.28:443 shepherd.avcdn.net tcp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 home.mcafee.com udp
GB 104.124.169.75:443 home.mcafee.com tcp
US 8.8.8.8:53 171.242.212.3.in-addr.arpa udp
US 8.8.8.8:53 28.176.160.34.in-addr.arpa udp
GB 104.124.169.75:443 home.mcafee.com tcp
US 8.8.8.8:53 honzik.avcdn.net udp
GB 2.23.221.82:443 honzik.avcdn.net tcp
US 8.8.8.8:53 update.avgbrowser.com udp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 8.8.8.8:53 shepherd.avcdn.net udp
US 34.160.176.28:443 shepherd.avcdn.net tcp
US 52.36.203.203:443 analytics.apis.mcafee.com tcp
US 8.8.8.8:53 update.bittorrent.com udp
US 8.8.8.8:53 i-29.b-47143.bt.bench.utorrent.com udp
US 173.254.195.58:80 update.bittorrent.com tcp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 34.192.204.133:80 i-29.b-47143.bt.bench.utorrent.com tcp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
US 104.22.63.125:443 update.avgbrowser.com tcp
US 34.192.204.133:80 i-29.b-47143.bt.bench.utorrent.com tcp
US 8.8.8.8:53 75.169.124.104.in-addr.arpa udp
US 8.8.8.8:53 125.63.22.104.in-addr.arpa udp
US 8.8.8.8:53 133.204.192.34.in-addr.arpa udp
US 8.8.8.8:53 i-32.b-47143.bt.bench.utorrent.com udp
US 52.4.124.242:80 i-32.b-47143.bt.bench.utorrent.com tcp
US 8.8.8.8:53 i-49.b-47143.bt.bench.utorrent.com udp
US 8.8.8.8:53 browser-update.avg.com udp
US 52.71.189.0:80 i-49.b-47143.bt.bench.utorrent.com tcp
GB 2.19.117.83:80 browser-update.avg.com tcp
US 8.8.8.8:53 242.124.4.52.in-addr.arpa udp
US 8.8.8.8:53 0.189.71.52.in-addr.arpa udp
US 8.8.8.8:53 83.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 utclient.utorrent.com udp
US 8.8.8.8:53 analytics.avcdn.net udp
US 3.165.148.127:80 utclient.utorrent.com tcp
US 8.8.8.8:53 i-38.b-47143.bt.bench.utorrent.com udp
US 8.8.8.8:53 127.148.165.3.in-addr.arpa udp
US 18.235.236.81:80 i-38.b-47143.bt.bench.utorrent.com tcp
US 8.8.8.8:53 cdn.bitmedianetwork.com udp
GB 87.248.205.1:80 cdn.bitmedianetwork.com tcp
US 8.8.8.8:53 bittorrent.com udp
US 52.36.203.203:443 analytics.apis.mcafee.com tcp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
NL 4.175.87.113:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 analytics.avcdn.net udp
US 8.8.8.8:53 shepherd.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 34.160.176.28:443 shepherd.avcdn.net tcp
US 98.143.146.7:80 bittorrent.com tcp
US 98.143.146.7:80 bittorrent.com tcp
US 98.143.146.7:80 bittorrent.com tcp
US 8.8.8.8:53 www.bittorrent.com udp
US 8.8.8.8:53 7.146.143.98.in-addr.arpa udp
GB 18.165.160.181:80 www.bittorrent.com tcp
GB 18.165.160.181:443 www.bittorrent.com tcp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
US 8.8.8.8:53 181.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 113.87.175.4.in-addr.arpa udp
US 8.8.8.8:53 p.typekit.net udp
GB 104.86.110.161:443 p.typekit.net tcp
US 8.8.8.8:53 161.110.86.104.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 232.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
GB 2.19.117.74:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 74.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 sadownload.mcafee.com udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
GB 2.19.117.95:443 sadownload.mcafee.com tcp
US 8.8.8.8:53 sdk.privacy-center.org udp
GB 13.224.222.64:443 sdk.privacy-center.org tcp
US 8.8.8.8:53 i-20.b-47143.bt.bench.utorrent.com udp
US 54.235.218.118:80 i-20.b-47143.bt.bench.utorrent.com tcp
US 8.8.8.8:53 64.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
GB 2.23.221.82:443 honzik.avcdn.net tcp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp

Files

memory/3696-0-0x0000000000400000-0x00000000004E2000-memory.dmp

memory/3696-2-0x0000000000401000-0x00000000004B7000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-4SCBP.tmp\bittorrent_installer.tmp

MD5 723d6f33e0f91eac442bcf67b20ab25d
SHA1 83bf5541fd6c08a37c5ed0ab1485e075dff8af26
SHA256 8b5d3a86d17b1d0a379c754e37c00b647cc21e4238a20a3424fbf26fc16e15a4
SHA512 e7f51194559237abcc072e58cc5b19f72b483397a8bb52cf5796be7814880df51ce3963834869cf2838ba3ba1ec3d7ac4c8d655cd2da115c20bcf6d1084cfc89

memory/2008-6-0x0000000000400000-0x000000000071E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\107.png

MD5 4cfff8dc30d353cd3d215fd3a5dbac24
SHA1 0f4f73f0dddc75f3506e026ef53c45c6fafbc87e
SHA256 0c430e56d69435d8ab31cbb5916a73a47d11ef65b37d289ee7d11130adf25856
SHA512 9d616f19c2496be6e89b855c41befc0235e3ce949d2b2ae7719c823f10be7fe0809bddfd93e28735b36271083dd802ae349b3ab7b60179b269d4a18c6cef4139

memory/2008-20-0x0000000004BD0000-0x0000000004D10000-memory.dmp

memory/3696-21-0x0000000000400000-0x00000000004E2000-memory.dmp

memory/2008-23-0x0000000000400000-0x000000000071E000-memory.dmp

memory/2008-24-0x0000000000400000-0x000000000071E000-memory.dmp

memory/2008-22-0x0000000000400000-0x000000000071E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\108.png

MD5 c0e10a5142865236ee82b96c2a9eb75c
SHA1 a6ddc9f963bf0f677b418d8d48f5e8430afc09d4
SHA256 16b6b70168ea5a2d6d684f379c1d5e88ab9993d9ea0d22f04736f24bc89200cc
SHA512 98393660fcf8261a9e084db9900a3dc8894c1b0f564935512a39a2aa14a1a4e2104e86634f4fe10eceac97b0193c77e23434077f4ce66e72a5793c8a8b4dabe8

memory/2008-28-0x0000000004BD0000-0x0000000004D10000-memory.dmp

memory/2008-29-0x0000000000400000-0x000000000071E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\109.png

MD5 b582d76d71da0734a777fc8376fd0150
SHA1 687de4b5b0844bd720619b39c65f9078ae72e7cf
SHA256 1ce2b90c05299026d66af72b8d1fbf4c2abdbcbbd03959b8f05986a48f9034c6
SHA512 0d9e2680bcf159446704c82c514320f76af962281dd5e5738c6e56b93c900a43bf2fc5cd5792977ae7bee5ca904774ecd0ff95dab7470901997af4fb6a666053

memory/2008-33-0x0000000004BD0000-0x0000000004D10000-memory.dmp

memory/2008-34-0x0000000000400000-0x000000000071E000-memory.dmp

memory/2008-35-0x0000000000400000-0x000000000071E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\BitTorrent.exe

MD5 880e6164218bcb9b21df2b21515a36d8
SHA1 5eb1be8d84650bb8f05aca42a12f23ca39d97bbc
SHA256 d10f28ae8ee068a9104ea00eea48a68bf011d46bc49142d6dbe0fb4d19b12173
SHA512 7e7349138312cc578a9c3c0d7c803993c4b4fd962d95751581c6851a69d21f07b9a280a9e54a26dbf4b1d444380b84bf5dd3dc529628339f9d386574abc5acb0

C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\System.dll

MD5 cff85c549d536f651d4fb8387f1976f2
SHA1 d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
SHA256 8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
SHA512 531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bt_datachannel.dll

MD5 dfca05beb0d6a31913c04b1314ca8b4a
SHA1 5fbbccf13325828016446f63d21250c723578841
SHA256 d4c4e05fade7e76f4a2d0c9c58a6b9b82b761d9951ffddd838c381549368e153
SHA512 858d4fb9d073c51c0ab7a0b896c30e35376678cc12aec189085638376d3cc74c1821495692eac378e4509ef5dcab0e8b950ad5bfab66d2c62ab31bc0a75118cf

C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\nsisFirewall.dll

MD5 f5bf81a102de52a4add21b8a367e54e0
SHA1 cf1e76ffe4a3ecd4dad453112afd33624f16751c
SHA256 53be5716ad80945cb99681d5dbda60492f5dfb206fbfdb776b769b3eeb18d2c2
SHA512 6e280a75f706474ad31b2ce770fa34f54cb598528fac4477c466200a608b79c0f9b84011545595d9ba94331ad08e2f51bd42de91f92379db27686a28ba351256

C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\INetC.dll

MD5 640bff73a5f8e37b202d911e4749b2e9
SHA1 9588dd7561ab7de3bca392b084bec91f3521c879
SHA256 c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502
SHA512 39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a

C:\Users\Admin\AppData\Local\Temp\nszF780.tmp\bittorrent.exe

MD5 c1bdaf2533d90b27d474d4f1950050cb
SHA1 6aef3aafb8d49a9388515eabd0ae93bcda2bdd95
SHA256 1a51143756aee99cf6a2f449e13108ad7371a55498de083b078d9b2fb7273868
SHA512 e0514ccbfe441bd86667e71fe6e0c004b2393b5dc70a718e069e409070f38fcfb7fe4602c478fdedf332d04b0b890445f8de53012cf36a6dd9b32e5eca9e1243

memory/964-86-0x0000000000400000-0x00000000009C3000-memory.dmp

memory/2008-111-0x0000000000400000-0x000000000071E000-memory.dmp

memory/964-112-0x0000000000400000-0x00000000009C3000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0.zip

MD5 f68008b70822bd28c82d13a289deb418
SHA1 06abbe109ba6dfd4153d76cd65bfffae129c41d8
SHA256 cc6f4faf4e8a9f4d2269d1d69a69ea326f789620fb98078cc98597f3cb998589
SHA512 fa482942e32e14011ae3c6762c638ccb0a0e8ec0055d2327c3acc381dddf1400de79e4e9321a39a418800d072e59c36b94b13b7eb62751d3aec990fb38ce9253

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\saBSI.exe

MD5 143255618462a577de27286a272584e1
SHA1 efc032a6822bc57bcd0c9662a6a062be45f11acb
SHA256 f5aa950381fbcea7d730aa794974ca9e3310384a95d6cf4d015fbdbd9797b3e4
SHA512 c0a084d5c0b645e6a6479b234fa73c405f56310119dd7c8b061334544c47622fdd5139db9781b339bb3d3e17ac59fddb7d7860834ecfe8aad6d2ae8c869e1cb9

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1.zip

MD5 6406abc4ee622f73e9e6cb618190af02
SHA1 2aa23362907ba1c48eca7f1a372c2933edbb7fa1
SHA256 fd83d239b00a44698959145449ebfcb8c52687327deac04455e77a710a3dfe1b
SHA512 dd8e43f8a8f6c6e491179240bdfefdf30002f3f2900b1a319b4251dfa9ca7b7f87ddf170ba868ab520f94de9cc7d1854e3bcfd439cad1e8b4223c7ee06d649f1

memory/2008-172-0x0000000000400000-0x000000000071E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component1_extract\avg_secure_browser_setup.exe

MD5 591059d6711881a4b12ad5f74d5781bf
SHA1 33362f43eaf8ad42fd6041d9b08091877fd2efba
SHA256 99e8de20a35a362c2a61c0b9e48fe8eb8fc1df452134e7b6390211ab19121a65
SHA512 6280064a79ca36df725483e3269bc1e729e67716255f18af542531d7824a5d76b38a7dcefca048022c861ffcbd0563028d39310f987076f6a5da6c7898c1984c

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\jsis.dll

MD5 4b27df9758c01833e92c51c24ce9e1d5
SHA1 c3e227564de6808e542d2a91bbc70653cf88d040
SHA256 d37408f77b7a4e7c60800b6d60c47305b487e8e21c82a416784864bd9f26e7bb
SHA512 666f1b99d65169ec5b8bc41cdbbc5fe06bcb9872b7d628cb5ece051630a38678291ddc84862101c727f386c75b750c067177e6e67c1f69ab9f5c2e24367659f4

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2.zip

MD5 56b0d3e1b154ae65682c167d25ec94a6
SHA1 44439842b756c6ff14df658befccb7a294a8ea88
SHA256 434bfc9e005a7c8ee249b62f176979f1b4cde69484db1683ea07a63e6c1e93de
SHA512 6f7211546c6360d4be8c3bb38f1e5b1b4a136aa1e15ec5ae57c9670215680b27ff336c4947bd6d736115fa4dedea10aacf558b6988196f583b324b50d4eca172

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\nsJSON.dll

MD5 ddb56a646aea54615b29ce7df8cd31b8
SHA1 0ea1a1528faafd930ddceb226d9deaf4fa53c8b2
SHA256 07e602c54086a8fa111f83a38c2f3ee239f49328990212c2b3a295fade2b5069
SHA512 5d5d6ee7ac7454a72059be736ec8da82572f56e86454c5cbfe26e7956752b6df845a6b0fada76d92473033ca68cd9f87c8e60ac664320b015bb352915abe33c8

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component2_extract\avg_antivirus_free_setup.exe

MD5 26816af65f2a3f1c61fb44c682510c97
SHA1 6ca3fe45b3ccd41b25d02179b6529faedef7884a
SHA256 2025c8c2acc5537366e84809cb112589ddc9e16630a81c301d24c887e2d25f45
SHA512 2426e54f598e3a4a6d2242ab668ce593d8947f5ddb36aded7356be99134cbc2f37323e1d36db95703a629ef712fab65f1285d9f9433b1e1af0123fd1773d0384

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\JsisPlugins.dll

MD5 bd94620c8a3496f0922d7a443c750047
SHA1 23c4cb2b4d5f5256e76e54969e7e352263abf057
SHA256 c0af9e25c35650f43de4e8a57bb89d43099beead4ca6af6be846319ff84d7644
SHA512 954006d27ed365fdf54327d64f05b950c2f0881e395257b87ba8e4cc608ec4771deb490d57dc988571a2e66f730e04e8fe16f356a06070abda1de9f3b0c3da68

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\StdUtils.dll

MD5 7602b88d488e54b717a7086605cd6d8d
SHA1 c01200d911e744bdffa7f31b3c23068971494485
SHA256 2640e4f09aa4c117036bfddd12dc02834e66400392761386bd1fe172a6ddfa11
SHA512 a11b68bdaecc1fe3d04246cfd62dd1bb4ef5f360125b40dadf8d475e603e14f24cf35335e01e985f0e7adcf785fdf6c57c7856722bc8dcb4dd2a1f817b1dde3a

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\thirdparty.dll

MD5 070335e8e52a288bdb45db1c840d446b
SHA1 9db1be3d0ab572c5e969fea8d38a217b4d23cab2
SHA256 c8cf0cf1c2b8b14cbedfe621d81a79c80d70f587d698ad6dfb54bbe8e346fbbc
SHA512 6f49b82c5dbb84070794bae21b86e39d47f1a133b25e09f6a237689fd58b7338ae95440ae52c83fda92466d723385a1ceaf335284d4506757a508abff9d4b44c

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\Midex.dll

MD5 581c4a0b8de60868b89074fe94eb27b9
SHA1 70b8bdfddb08164f9d52033305d535b7db2599f6
SHA256 b13c23af49da0a21959e564cbca8e6b94c181c5eeb95150b29c94ff6afb8f9dd
SHA512 94290e72871c622fc32e9661719066bafb9b393e10ed397cae8a6f0c8be6ed0df88e5414f39bc528bf9a81980bdcb621745b6c712f4878f0447595cec59ee33d

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\CR.History.tmp

MD5 f310cf1ff562ae14449e0167a3e1fe46
SHA1 85c58afa9049467031c6c2b17f5c12ca73bb2788
SHA256 e187946249cd390a3c1cf5d4e3b0d8f554f9acdc416bf4e7111fff217bb08855
SHA512 1196371de08c964268c44103ccaed530bda6a145df98e0f480d8ee5ad58cb6fb33ca4c9195a52181fe864726dcf52e6a7a466d693af0cda43400a3a7ef125fad

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\FF.places.tmp

MD5 f81c619cf9a4d914ef742e20e6a8100a
SHA1 1e114d991f25e29c05b41cfbe6088bcb2de0161a
SHA256 9967b19424ce3d47a6794df3cb6fcae6728b4e352c80de74bb228f3f83fa2af2
SHA512 99130e9e3f20b6baefb26868db94c32449360fa8fc1db2db38caff8e7afd948c492603a2f2e9823bcad348b31870e0344832dff1b1877118c2ebdbcab11907a2

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\CR.History.tmp

MD5 9618e15b04a4ddb39ed6c496575f6f95
SHA1 1c28f8750e5555776b3c80b187c5d15a443a7412
SHA256 a4cd72e529e60b5f74c50e4e5b159efaf80625f23534dd15a28203760b8b28ab
SHA512 f802582aa7510f6b950e3343b0560ffa9037c6d22373a6a33513637ab0f8e60ed23294a13ad8890935b02c64830b5232ba9f60d0c0fe90df02b5da30ecd7fa26

C:\Windows\Temp\asw.9db5285fa86a894a\avg_antivirus_free_online_setup.exe

MD5 f09798c668ab48b3c69278290e971cfc
SHA1 28a88f8c2a11eee6200198d4c1ff85ebe7ee5be8
SHA256 1e628a18b0e339dc6f72441cd3fbe0f43248ad63ba2b8f8c648a2d450e5ba529
SHA512 8f42cad525d25f1df2a66be6f663c4a0a5a9fd001a54918eed1df9cff26518082a046bec9f46331338f306c3c0e4ed6f5a555ae6b4e5ad5bf70c6b03b7ceaf58

C:\Windows\Temp\asw.9db5285fa86a894a\ecoo.edat

MD5 3f44a3c655ac2a5c3ab32849ecb95672
SHA1 93211445dcf90bb3200abe3902c2a10fe2baa8e4
SHA256 51516a61a1e25124173def4ef68a6b8babedc28ca143f9eee3e729ebdc1ef31f
SHA512 d3f95262cf3e910dd707dfeef8d2e9db44db76b2a13092d238d0145c822d87a529ca58ccbb24995dfcf6dad1ffc8ced6d50948bb550760cd03049598c6943bc0

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\common\icarus_mod.dll

MD5 b58aa1772b0da86313ea07903be02002
SHA1 2e3cf5b6c6b575633b687de9463e247460d9c833
SHA256 801ff2ea4307cd3a1f6a6f3744f7510c3de7e9ddac1db863859ee7d3207d46ff
SHA512 075ab7db5632dd2ca6a63cd7d7e7df905c1348269b3f0e8e3bd2efff1663950b4c50f22ea8f1ab5286f55ba0d3eb1d234a631425c4578b27797f15ac88a6172d

C:\Users\Admin\AppData\Local\Temp\is-MEVIF.tmp\component0_extract\installer.exe

MD5 46c50dc50d9be92829b9d6fd4678c11d
SHA1 3c0b0493b9e6269a1a00c48720c7fd97c04ddd4f
SHA256 d9c15d4a7e2b1a320154a5c61af012242e3408a5c5519cbb4e93a7843692cf50
SHA512 340fdbc7618e86ef4178142aa9012ab9317869b85ac148fcd31c0c2fff007114eaccbf60ee829be99890d36b7d5e1a78c4617e40a538735a8b01002d4d5e41e9

C:\Users\Admin\AppData\Local\Temp\nsm2F6A.tmp\AVGBrowserUpdateSetup.exe

MD5 9750ea6c750629d2ca971ab1c074dc9d
SHA1 7df3d1615bec8f5da86a548f45f139739bde286b
SHA256 cd1c5c7635d7e4e56287f87588dea791cf52b8d49ae599b60efb1b4c3567bc9c
SHA512 2ecbe819085bb9903a1a1fb6c796ad3b51617dd1fd03234c86e7d830b32a11fbcbff6cdc0191180d368497de2102319b0f56bfd5d8ac06d4f96585164801a04b

memory/436-484-0x0000000000400000-0x00000000009C3000-memory.dmp

C:\Program Files\McAfee\Temp3718712590\installer.exe

MD5 334fa47551d6016754a0b8611537bd5e
SHA1 4801af5f24f1a145f6ae686b37b193a06647571d
SHA256 299be448a125439f745da9f4ad875150549449eea0d61975e5ed0907e0b24563
SHA512 4f15711d5ceffcb93d0f02deb66e0f82c41c91c4a4bab8d06417057cf1348e06d1ac35137b52f9981137c65c1b180be4aaec9b64f5d4e2921e07083144822c03

C:\Users\Admin\AppData\Local\Temp\mwa3C0A.tmp

MD5 662de59677aecac08c7f75f978c399da
SHA1 1f85d6be1fa846e4bc90f7a29540466cf3422d24
SHA256 1f5a798dde9e1b02979767e35f120d0c669064b9460c267fb5f007c290e3dceb
SHA512 e1186c3b3862d897d9b368da1b2964dba24a3a8c41de8bb5f86c503a0717df75a1c89651c5157252c94e2ab47ce1841183f5dde4c3a1e5f96cb471bf20b3fdd0

C:\Program Files\McAfee\Temp3718712590\analyticsmanager.cab

MD5 b9b8a94357c6d3d24189914deca63daf
SHA1 14dfac9a562bb000eac24d5c621551b806f38a23
SHA256 290aeb9fb5484d8c72057c6d46684946e3bc05c63f5cacaceb29167245c7dfac
SHA512 5044dac2f2c9302f25fac241c0d5784f5ff5283889784860fad747923edae92132cdf9bbac3bcc1dfda27e00c56c08ce31d5249611e84884108a7efd6c610ca4

C:\Program Files\McAfee\Temp3718712590\browserhost.cab

MD5 14abf3fff7093c935df671811e7f1e9a
SHA1 54ba1165ad813620d38a94ceb34b0f5317683f40
SHA256 69632b49eda20d98db292d887d82c9a301a8e8c3cf021a246ae84160da9903fb
SHA512 6932ebc11cf5b5b8ac5cbe9d7e2f12b17619b2b41c32f692ede23546774c3c4045f90167fdb9ea9c693278feefec4c69cd897a828d69372c811a48cd24f003aa

C:\Program Files\McAfee\Temp3718712590\eventmanager.cab

MD5 f207919f8c6d0dcc1dfe9025dd6cc554
SHA1 cb84f96e2d16eeb44793e2ce072f3b43e02a49f4
SHA256 030fbd43d6ad2c2061f4ea6a15e24bbdb1ed82cd055de7775e60ed68596a110d
SHA512 15ef9fc8587c458725eeb59ea74de4088c5da1fdad0c697bc62557c96e0b32cc9f46afbb39086a589983ca01db763e420a5de18da6acca9b1ca41d3aef28325c

C:\Program Files\McAfee\Temp3718712590\l10n.cab

MD5 c2d175243672dfff880ce75b3f1c02d5
SHA1 58a4ab9b24202933207b5e5f3639897e7140d49f
SHA256 edef28c0d290de18f8cc55577e4183b137ebb24d0aa8cf564b8d4c2486dc80e0
SHA512 8e0b13d2c2bce6b2fc109a528cb6fe0cea084f9ede813dfb3a611d83aca56531a931bbcfeaffc27dd871e185cdeaab0ae18547c2c2b4562884b9708220c9cad6

C:\Program Files\McAfee\Temp3718712590\logicmodule.cab

MD5 887ff24e7ccdd4987534c50f2532162b
SHA1 49883db6cca85b5f0856469d652a4fe95d01e42d
SHA256 220db12aeeccb0753995e7f1e4dd2ae0f113329122d24bc27e5406b2c90bda9f
SHA512 7500c5bd47446cd2377936b5f018ff1432e7f182c0a01c8035b0ae7ca8fec481fd4f77adf4c77c8e56113b4c75083ced4a43ed7bf129fca34a6d0cda8e01c5d3

C:\Program Files\McAfee\Temp3718712590\mfw.cab

MD5 33918256db4935fdda50d9614331e2e0
SHA1 f27a4bc921a7744ecb40dd7394323b3d2911fa9a
SHA256 b9c5f3c3638a6ff98c16e2ca940625d0b7c71354e64fdfc36ff3a637390be0b7
SHA512 2ff8cc361d8f8ebdbb78e1509141e098226fc692e1e82cb31f5ab64ee1bd857643572d29f06037f65149608d98985d97d8507dbc94903ba93205d73a9aef8db4

C:\Program Files\McAfee\Temp3718712590\taskmanager.cab

MD5 e3ef854f388583802502964354599f1a
SHA1 0d71a4f7ab5e482244afe8cd8a049ef757268dc4
SHA256 908bf0d9af1a0eb44a45e7709e8e242c995ec4f7c2e758317087dd7f148cb06a
SHA512 879b86a53cd9b4578dc49cfbff7aa69a33bad304dee2256d4e9f1aca1b617f25f892f25ba7242e5c4ab7dac6c04be6ef49a255ef57dd77d1f646378da9dc90a9

C:\Program Files\McAfee\Temp3718712590\settingmanager.cab

MD5 dd7ab73cf8de306984f476c58b41473d
SHA1 e6f86ba97f369d3d43b19603f8ad20220c3f3a47
SHA256 6d82409eceaad6d092cba603bad51c56e150f54f5803bd3709e190da0a120bb4
SHA512 c8567e86b2200aef114df6f2bec609a660912fceeda417723dd49e3d42594839f4131a48b3a3326804c0efaf121523033eb033da5a6dff4769314d7d88c0f23f

C:\Program Files\McAfee\Temp3718712590\uninstaller.cab

MD5 a85b96a7cdbbd7c286cab521571e59bd
SHA1 b9e5ea0ef5f36704b1e94b4ac53d0fc38801aa29
SHA256 729613c6d15d93788b3fe3097e59e4bdb7a10d3be09d96f50f26a65cb1fc164d
SHA512 94fd6e21e3908c75873211dd3154257d5d7e148230419a1bcae1153f2af1159494713d5325e2897c34582a9aaf69eb1d603fad1ce9596f952decf8244c93134e

C:\Program Files\McAfee\Temp3718712590\updater.cab

MD5 da529c3a8b1d47018c3795da58981c69
SHA1 589efd189b1b6e9aa023ddec58e0346e89c2039f
SHA256 d8b78e3bd2caadf24d403dfafd8abfc3b9c12e9c77f68309ac30ce704cd2b677
SHA512 5f9e1715847e3023b2979c2852f90c8c1d8d78068ed47bf138b3155a7a3abeb73626e1822a3a7a963a9ec374e787a786fe7c0c52c96bc8d57398f6a9022eae54

memory/1224-564-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-590-0x00007FF720BA0000-0x00007FF720BB0000-memory.dmp

memory/1224-866-0x00007FF70DFE0000-0x00007FF70DFF0000-memory.dmp

memory/1224-851-0x00007FF6F5F70000-0x00007FF6F5F80000-memory.dmp

memory/1224-849-0x00007FF6F5F70000-0x00007FF6F5F80000-memory.dmp

memory/1224-823-0x00007FF6F5F70000-0x00007FF6F5F80000-memory.dmp

memory/1224-822-0x00007FF6F5F70000-0x00007FF6F5F80000-memory.dmp

memory/1224-817-0x00007FF70DFE0000-0x00007FF70DFF0000-memory.dmp

memory/1224-816-0x00007FF6F5F70000-0x00007FF6F5F80000-memory.dmp

memory/1224-796-0x00007FF7695C0000-0x00007FF7695D0000-memory.dmp

memory/1224-734-0x00007FF6F5F70000-0x00007FF6F5F80000-memory.dmp

C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

MD5 cbcdf56c8a2788ed761ad3178e2d6e9c
SHA1 bdee21667760bc0df3046d6073a05d779fdc82cb
SHA256 e9265a40e5ee5302e8e225ea39a67d452eaac20370f8b2828340ba079abbbfd3
SHA512 5f68e7dffdd3424e0eb2e5cd3d05f8b6ba497aab9408702505341b2c89f265ebb4f9177611d51b9a56629a564431421f3ecb8b25eb08fb2c54dfeddecb9e9f2e

memory/1224-712-0x00007FF7096D0000-0x00007FF7096E0000-memory.dmp

memory/1224-709-0x00007FF7342F0000-0x00007FF734300000-memory.dmp

memory/1224-707-0x00007FF7096D0000-0x00007FF7096E0000-memory.dmp

memory/1224-690-0x00007FF70DFE0000-0x00007FF70DFF0000-memory.dmp

memory/1224-686-0x00007FF70DFE0000-0x00007FF70DFF0000-memory.dmp

memory/1224-681-0x00007FF70DFE0000-0x00007FF70DFF0000-memory.dmp

memory/1224-676-0x00007FF70B940000-0x00007FF70B950000-memory.dmp

memory/1224-675-0x00007FF70B940000-0x00007FF70B950000-memory.dmp

memory/1224-650-0x00007FF6F48E0000-0x00007FF6F48F0000-memory.dmp

C:\Program Files (x86)\GUM3F08.tmp\@PaxHeader

MD5 fc8ee03b2a65f381e4245432d5fef60e
SHA1 d2b7d9be66c75ccf24fcb45a6d0dacedd8b6dd6f
SHA256 751a04263c2ebb889fdcd11045d6f3602690318ebaaa54f66e1332d76dde9ef4
SHA512 0837f2b22c9629990165c5e070e710a69ad4951b7fcfe28bd52354c4b8a7246672497b8aaf521a8773c7ec2a4249fc4318330948ab0d8db8c6c74da57b32f1c4

memory/1224-877-0x00007FF6F5F70000-0x00007FF6F5F80000-memory.dmp

memory/1224-865-0x00007FF70DFE0000-0x00007FF70DFF0000-memory.dmp

memory/1224-567-0x00007FF720BA0000-0x00007FF720BB0000-memory.dmp

memory/1224-565-0x00007FF740AE0000-0x00007FF740AF0000-memory.dmp

memory/1224-563-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-562-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-561-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-560-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-559-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-558-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-557-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-556-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-555-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-554-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-553-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

C:\Program Files\McAfee\Temp3718712590\wssdep.cab

MD5 f11044b07b7942a712522270c1b0a158
SHA1 dc0e843b9794734d2b767bd2167ee67734fd6074
SHA256 f95c75852c20f696c1d048f440aca5d1d9d555d9d02152fda86c1597e19bc068
SHA512 97a705bced3a1a47a02797224eb449448257fa9ede39cc8fb2bd5069588781e12d489342703127ec5e0ea89283b0fb8d177212003b13715e09de2cd7ddbc3fbc

C:\Program Files\McAfee\Temp3718712590\webadvisor.cab

MD5 4a797d18d6836200ee062caaca9005ba
SHA1 13a973bd000eedcd566b7a396d9d77268436c56e
SHA256 18ce35c066a6f7e5dc99f881b81c2932b7bb15af11cc79055be1d7c30d3f0ad0
SHA512 1bc11b41f0fd7879f2e35bad129aad26f9580f32d6282fbc1da214aef2de0bd20cb669793b679fa79d868ffe750ebbd68c65abd8c7fe2b8112557cbc00dceb4c

memory/1224-548-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

C:\Program Files\McAfee\Temp3718712590\uimanager.cab

MD5 75f6b1d5c49286de0624bf3d7069be2e
SHA1 79d9c41dcd34ec9784d23764e0eec6d269e266fd
SHA256 d88e0a470cf4fc29522e614287b59544bd253c44ffe347dce39b68510f16e931
SHA512 8bb699fee4ec6475f81e2eaa0cc6d41464152641d0ef93fb0e5d3b962c8959d030c4b82b58695def9cb5629c8115c6883597824eda2841cb5237877f52fed920

memory/1224-546-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

C:\Program Files\McAfee\Temp3718712590\uihost.cab

MD5 61a017693fb8b1296297281ca339777e
SHA1 9085d019051cc3bb797122337360d61a51df4378
SHA256 3409210fc78b97fbfe4c477108ee1a7c38864250eed648ad7d396b981ca77173
SHA512 80d5771830b1879b778a6a8b2625fd43f2c36f1f752e4c9c8f87824e6f0608a31bb51aa769e95d256d7d0e472f5dba6ee6fc6e9c636683cc5aeedd900f9210cf

memory/1224-543-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

C:\Program Files\McAfee\Temp3718712590\telemetry.cab

MD5 694936ce0f52b93f4bc9d87263c92f8e
SHA1 b070026f2408eb800a438b69816c5051f3191e98
SHA256 e3c91667e776bac8603627d04b736e54ca6d9bef236d2e14d658ce18f3b90419
SHA512 230fc17f938db1b6687a019881b6c989f1eba45b9edc5f69a0c851f61817ab8e4362d2a4be423e5824984f89fa07cd0842b84496324361648fc0a5a6c5456791

C:\Program Files\McAfee\Temp3718712590\servicehost.cab

MD5 ea95e61d8d1e638cc1790d1152f922d3
SHA1 f00c838582ffc39f9c41875cfcef7f2a6b12f8cb
SHA256 3842aeb59e1ea57731805ff01eeee8201dbd7e4708c8de43d7041d6a4fa846d5
SHA512 f3163452758ffd4b43b8e336ebb3ec77d7c81b827a6f9c18874d7f2ffea4894de11cc130f846c42fa8c895cd319447062c86af94c076bcbeef4d128874b9b0a3

memory/1224-529-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

C:\Program Files\McAfee\Temp3718712590\resourcedll.cab

MD5 822933594b051d6de1ec1534c7499ade
SHA1 f9d3d4c16d3b460249d724fd5df64d932665d36f
SHA256 5ce2fc860c1f7f0b48ffb21d112278530b3da5ea01a30325b0179bc0f2679654
SHA512 1e9c58ef6d8fc1a50910f7b30322bac9ad8e628a0ce032e945c52a2017c5a44aa154693c09755a91af7c2ac130430a210826dd00a7e343300e7c876708a73722

memory/1224-527-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-526-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

C:\Program Files\McAfee\Temp3718712590\mfw-webadvisor.cab

MD5 60d062ff1a406b35d7a3b00c1e9d3d71
SHA1 9e99cf34fda6bc6066353a96d7dfd731fecae464
SHA256 0ce8fd7924a9e6aa7e4fc20e163ce6b836084e57ce812344e74e71ff92e2d362
SHA512 a1b97c3ea0579e63e16d485f6d5c0ab0a558210b78bb3c04efad4e070c3236a0ed226b82eb99ea2b890c28400956951e8b3e94b4c6de80d8b91d67885cd33ea3

C:\Program Files\McAfee\Temp3718712590\mfw-nps.cab

MD5 4e2e7ae3763f1a18d5b9ab881d4f0754
SHA1 fdd8130cc002662d38053a11d8a3b3fd9408e9e5
SHA256 00d583993ff4fa06959bc20727781d9e40bc6a699d97e041635ac3c88e3da7d1
SHA512 40cc120d1f773f1053f591ca8c4afe3d72b982240f467e217ccdeba39f4be3308e61f8d2741201007751831b57a3fd30215254e721295883f7b5ef4f70b69330

memory/1224-522-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

C:\Program Files\McAfee\Temp3718712590\mfw-mwb.cab

MD5 5af7df8dfd7fa92630555d4b33b27617
SHA1 9ce4c7058f8574c55e7ad79a7cf014a7a349cfee
SHA256 f199205805f10dbdd781b3d452f62fcba245a3404df292cc5a9a13fe622ab160
SHA512 cdba5d9fac0549f451ff4ce176a6d06ed241964c6800c33ef5f9bc560c46ddc16fbfbf4719c4303d35ba4457101b325ba5fcf14905bb382f68e637b7b81a86be

C:\Program Files\McAfee\Temp3718712590\logicscripts.cab

MD5 de6bd6d9fd8f911feedae1db4747e4c9
SHA1 8f9ee319a3809c8b41ad35d0327f9e2348b36d8b
SHA256 ff1a5de5dde09fabe260692bdb2db4d0b0bcdb3b4aa5f4c46f48f139e5f2d010
SHA512 c070aa7d3c296eac336f456329b34a6d61aba142dc0c1b97b764436255493b410be0b9ed1e4a1b8618d698d4c73e82ad354e9dd5e6d39ed9331adabc8fb26a31

memory/1224-519-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-517-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-515-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3756129449-3121373848-4276368241-1000\9d1627c087e30ee6fe8c9cce3c77e841_a63d6fdc-08cb-4232-ab51-76cafdcb4d96

MD5 d9ce30939b1d44e4e61a3718c5d0a423
SHA1 95b01aeb7e30d73527559f0d205770689f7acda3
SHA256 ffdd081f60d1c413d7c4f325b2c0f6e135d2d2b299d80152cd6a2d53bc18369f
SHA512 46ab649d22382537b70a533fd7533399b3ad04ee2d0059f4f126e2552353d6c78bd91eebe2fb2510327fa5ee99f9f4a665fc7fb51f849921b5650aba57c47fbf

C:\Users\Admin\AppData\Roaming\bittorrent\settings.dat

MD5 d5ed979917ef9b62acc9836cda79faa8
SHA1 c6517357ea09b5620a21f7b548c76483f89687d0
SHA256 2f6928fd5449aa6f1ef7b337ac8dc159b9e12531a3927343df8f2035d097cae7
SHA512 ae568a71d8a1f41d2878c714ff46a3e3e665bff6f5195bd4e9c47783cbba3c5716dcce9beb155d52a36c54ad13d51e69b3befc562781aea43d64e67ad4327734

C:\Program Files\McAfee\Temp3718712590\browserplugin.cab

MD5 dbfe29fb57fae933f025d93ae162b496
SHA1 652265b30e574ab8852fedfa5c7b369d2ad42152
SHA256 87da8c203c2129d654eff9bd08c0b2b80a18d91c27e15f50a2e27579ddc503dd
SHA512 77805ea2bd73ed1e7e50766f08d3c905d6fd051968690d09aa0a6ea50101a72a9444ccb57553d20800e24298973cf9321ef934fcfc6f0dbc2cb1360b155015fe

memory/1224-501-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-499-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-498-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-497-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

memory/1224-496-0x00007FF72D400000-0x00007FF72D410000-memory.dmp

C:\Program Files\McAfee\Temp3718712590\analyticstelemetry.cab

MD5 5bec53b2f25721df7953fa971dc28342
SHA1 d30872e2eef4f45fc08be466d6f5dbea205bfc15
SHA256 02bb4fb1f03829da4a7a73428dfd6985bad23a7d22aae5bf566dd9d366563019
SHA512 d7d741abbeaa4974e99ecc1ef5ea8ebfba111e64596a0be2aa985c521198365e8589af81df6e1d2f7596dd711647963f7cf8fa446d22836001909d59c4dba353

C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt

MD5 cfdf4d5195ededb6ec2dd2fc63663ebf
SHA1 7f3b0e26ad20729c06d1c5f550d908f60c6e0fea
SHA256 f4f14e04633a57abe63c4c511b1dbdb9690016993431fe071565dc3ed02dfa7a
SHA512 d0a4bf8b618f83d8040411113cb78b7fe119cfadbe2d1a51d6cf320a89a0a374fe6a77f40bafa434911bb9ca2a34dd65dbfe6908ebfdaf8ef0f6b4122deea4ef

C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt

MD5 95c5b60618cec9d0aefa8d8dda75027d
SHA1 7fee14b41643b8dbe8e57b070980d1f0b74b9893
SHA256 724b5e361d123c842e6b2a9806f524e1d27a98b9c56d9a0ee3747328d0edf0cc
SHA512 38eaf7f404862fd63285e1de5152a41d253a5c8f58d8ba74825d3fa6c1a8c518a4eece9678b7bb0a526c4d441dff10fa85c239b92d6657768c2e283dbfc293e7

C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt

MD5 8b1f6adb5849ac91942c6b41fee98baa
SHA1 bd78d82dacaee73d2148291d46e7419039279c9f
SHA256 e64654bacf67c397c078a861ebb7ea2a6c362bf50e35698eb9c7d651bccf1d61
SHA512 ad7cad29466936243a35147ae9477adc562e24b874a64b218adf380800564ee9412c37c10a0881d96a3a817b787f755b08187ece0279add6b534f50214615d29

C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt

MD5 1904301bacee7aeb8ccdc9dee6b7a1ff
SHA1 d5e62239462af5f4d9d451148bd1c95b9b7936af
SHA256 45c5293e6c63d60d2bfd69c885ed62aae2c925b0a997aaf472028606e2bfc7e2
SHA512 cc84347e22bcf70345426819a8b58f4b6012889cab4c12502d95857062f89197c69919bc61071434b72ef711c467160ffe550a2dcdbf66c205719e4e318fa40b

C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt

MD5 18cc301c1e14a51ac4682da8d4eea723
SHA1 4cee7a470c22058a186d8e21a773c34406cfa628
SHA256 005ae1e04d52c4164ad2493f9057f6bc44c60eb5bc61677cf5a385ea9b74b159
SHA512 788f6e76603b0da271b22ab5dc3975c5f462310bdb54243c6821e2290211c5782d17ea9751bc0052f9aab7b0e19a72cadad679d5b2031d63b1445fef4394e33e

C:\Program Files\McAfee\WebAdvisor\Analytics\dataConfig.cab

MD5 bd38ea5ccd891a08af20f1a1305deebb
SHA1 6237639c4b35f85fa7fda83babbf6530153a83ed
SHA256 3e902920a51e303c9e269366643542154b1d90d7b408f86251701a5b90304533
SHA512 fecc9c8984828918fcd6a6431d7695a8dfad854ba32cb49a546537cf96fb5b67912b870fae343c0487a9e7016806717d0be3cb40bd92db34c3e17e0bd98eb42a

C:\ProgramData\McAfee\WebAdvisor\LogicModule.dll\log_00200057003F001D0006.txt

MD5 0feebaa607a4ba0bbf9bce7585757e9d
SHA1 990464e40ba59a38b34841fd38942a686b03a1e0
SHA256 02c764868307fe26380c4037ccc5bbc66da2b32488c9ff18012caf9ac4da1011
SHA512 c24291aa7eece3d15aa875847b2f720272e9269ed207c8cebf87a1a9a0aec0c17e19acff2e60dbeac9aa76659fdde85eaf1ef88a7783a22832597adf8017d2bb

C:\ProgramData\McAfee\WebAdvisor\LogicModule.dll\log_00200057003F001D0006.txt

MD5 52942f7b175b093be03c48764262fe4e
SHA1 ef622c9312defc8b5cbcc5f2f49d55abf3a360bd
SHA256 e888d36c0d9b89f694e9b93a44a063a5ee932324b6776e42729f693a6a40e897
SHA512 7b6b19fbfba25f84cea3cfd18fe868b83cc1ef74b89a5c121406c458c7f2862940a3e99ace156f3393d327f30a20647f6113d28482516bea77af30eb71d4e4b3

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

MD5 1509ed11b3781e023e9c0a491bfdac80
SHA1 2183e8228f0596d6c80927c0df49ddc1101a1219
SHA256 f626890b39920d9fa35ebcc31d448b75df05fe4a7a424c2b5ceb95c7d61e5d71
SHA512 1a9c53ff6906251cba2133d8907401c5f9e8f4f0ac918ae8466c4d21b2f5468bc86a08dbd01527bc0150cebf55737ac3023d564a6d032ac8d526648815662047

memory/2008-2389-0x0000000000400000-0x000000000071E000-memory.dmp

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\avg-av-vps\dump_process.exe

MD5 5190cf05ae2e298cb94e85dc83f2e161
SHA1 6701689a71f7de48fc9bc990774d8d9fcee8bd4a
SHA256 e80d3f009fb029dbc537e9967bb00d8362d3e1ad6378cce6beeabf231cf86c0a
SHA512 63eb01823e15a7ec1e4fbf8eda944264db9c14fde404889312f0189a7559a3ea2ea93d216b78492ab2194923a056bea3f083d72c1650576823ef98091f2ef568

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\avg-av-vps\bug_report.exe

MD5 d51365da191d9548b76fae6cde050af2
SHA1 8445144dce25fe03dce30e0ec8099e2b926c2a43
SHA256 8c273c61324efbc3a773588dbbba308a6b148ea77cdc3703104dc4808655fc21
SHA512 4ee64c1c174971b7f7ea53cde92f2007bed50799140e164b93b03b86885226a0bc813686c4003b0f6b7e2c1f8b60db4fc66b96baff4bab860412c100bd7a4502

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\avg-av-vps\icarus.exe

MD5 4e824521a083138869fa6246cb33ccde
SHA1 7228689c5088a6d4faf4f7dc5fdf4389c56f76cd
SHA256 6a16511aab82faa51440197bddd11c1cce52ddd20160a630ee191eb9f626ce6c
SHA512 a7af2652d1a5c810845f3e0f6115477fb5e47cf1db645a7d8567c100277d213103fe6418a52a71aa8c83ba5a47d2f81a98b429456293f58ef9aa730811b29c5f

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\avg-av\icarus_ui.exe

MD5 630f299a07c056d3ccfd8b6499304af4
SHA1 bb06310b3cfbe95069e37d389655b4616369c3e4
SHA256 5a717caa148a79724d65f72b437b7d169fef26cfa676ac8bf7fb59354cf489a0
SHA512 e68d70727e51008a3b7438b65e921be69e17eadc0b3e86b7010d4900ca50988d4a1e20ca869efcc5d3802bc22364aa7714d7a18592c736f18ea6bac822ae4035

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\avg-av\setupui.cont

MD5 b790cb82fe208a019358579c9c610021
SHA1 98810354ed887fe4d5d83d379bf0776e51d71d4b
SHA256 175b34fdca1a4b61c1c95d4f27f2ca408eaf7607a7acbe51edd6484f01df2ba1
SHA512 2d58422aa465fdf2f5846516aa393bd1c47f6b46d6e37999de466fd48f8b4607bd0942d8a136ab48a6f19301df5b3a1374b73c6f516cc597c5637cfbf6410169

C:\Windows\Temp\asw-d27a0ad4-6ab1-4a5e-adfd-6aa9d4eaada7\avg-av\product-def.xml

MD5 0cbe03f2a4315fd99a2d7c1b3434e392
SHA1 542cdee4a6013afc88710b73bdb9f7bc73890bfb
SHA256 5ddc8de2bfd97b3e5ef529b3f340145bad10c122b6f00669d09e6ed6a8f22b43
SHA512 e72836cb99da8c0d14f5da9db02e0a855e231adebbd0255d56c1b05216e0058c443e2795e87868e85e18335231232ec75888f3722560e4835c14000edb73d5e2

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 b0126081fb686974cd50e9f31d072a06
SHA1 6acd05e7559998af9a2ab1fdb349bc405ae29a99
SHA256 9cfa1ee5de931c207d5e44338ed2f5483b779c7cefb680dabefd5c2cb7828f2c
SHA512 88120b60742209aec9c2c25bd1f23a9191659843c5c3ec0e9b81485c4aecbe4c8271284d395dab5e97406a55890f652400670a7e0f55a840806fc6b16647fdd9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 dc058ebc0f8181946a312f0be99ed79c
SHA1 0c6f376ed8f2d4c275336048c7c9ef9edf18bff0
SHA256 378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a
SHA512 36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

C:\ProgramData\McAfee\WebAdvisor\LogicModule.dll\log_00200057003F001D0006.txt

MD5 9fa1cb826dbd08bff0558fb09b24cd3f
SHA1 1f328f0d97f165677ef294863270ff5958d7f056
SHA256 a4feed436b5880e09465c2a8de1a6558d99b24028001175e064472f7333f2673
SHA512 7887012b7f5b4e324d0b343c523ddbe31f0a7e499275c4766448620fc2e3d3104b5e1d237caa2f55d59e07ced1c4d0b0c96af22df9036d7e3416509c4d38dba5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c0450c7d4af694f5b161e79922200f42
SHA1 748b647afc786f66991054f94cce3b07079221ee
SHA256 f5d80e21e460cbcc7a96ebc82b0b96b1ebd61b79657b1250a25ea16d29e9bcb1
SHA512 ac3b427067983558b000bfd9c26cc463f2e0859dff485550ec8e021d8b1058a773ec50ad5b6117d276db4aea8e75a9dab4429d20ed5de09fae3b6aa0b8485e68

memory/436-2742-0x0000000000400000-0x00000000009C3000-memory.dmp

C:\Program Files\AVG\Antivirus\setup\config.def

MD5 0ebc6555ec72edd10d3af993d6c2c646
SHA1 7177762bd74eb4eb0b9954cd7e576a28f2b90ab8
SHA256 6cb1bbff5f93c6b7fdcae067ce6e49c8cbc6cee7343aac6e0915b2a101933e35
SHA512 f4f12da80499353766c82b72feb39f777f2e63e5b0de770ef930cf35a26e1b2119aad8720176d955f288afcc48d221e7062919ab89b1fd1ee8d528029a69ec12

C:\ProgramData\AVG\Icarus\avg-av\icarus.ini

MD5 c043a3beb23cc43cb3e9acae2ad9d8b4
SHA1 f8a300a14643d9d2ef708839d882fa8fae274f73
SHA256 3df024f72a0bcdd90a7c140591e224492481eb7f32a940bfb9af1cdb6472af9e
SHA512 e5baa81e296b7f06360ed20d9484a137ca49c0505d2c94947b978b09b277f13184e540098e21daad0a72d8ddd831a57d6ac0e67c0aa860d87a051b55c3c9fff2

C:\ProgramData\McAfee\WebAdvisor\UIManager.dll\log_00200057003F001D0006.txt

MD5 457da20ec7ca3b16234c579cbbcc398e
SHA1 8e467f12b5b3e91e2eac3c62a8cd4bb57bf46022
SHA256 d57602b60e28a7d1b1353c1d2fa279f4e543e4ec3c52224e63241a3ab67e6a3e
SHA512 d14481ab615bfba54de363ef284e966e222befad76c860c0fb9c70c866d0282551c4c04918915ae3242eed3928caba967bd052ed231f0ef19d0d87a0918ec9ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a1c061385433d317857afc0ba6f039d6
SHA1 19e85212296e1bf80fe4f6e4a85de450b04fae23
SHA256 64676e638ed8e9f93588c79649f2ef1bbe0d274d544ac4560ee7f96410960602
SHA512 450669c182661401d1a5a1b0cd28164c4fa469439fb3e290795ac04a999766b2e5d8490f2870836a9a2c3c89269e89433d2787057c81f786e5f402b0c6b69971

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 63262f77c34a449c14c3d552cc0082fb
SHA1 f7680120bb8a1e77433056584d0da177ebf8c5db
SHA256 69707e567359e714d344cdf40fe0a84918283f3db436566c559a5cf8fe4baa3d
SHA512 e4c7984f95d641f854111a1316437dec050166cee336d947c0e70e80a4d3fc864e14ed736b47d0dc4cca0657dfb925e51389707116fbf5d74c9d3c1db56c4e03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\ProgramData\McAfee\WebAdvisor\updater.exe\log_00200057003F001D0006.txt

MD5 4d2bf1b1003722bbe6c5c505998cd9a6
SHA1 9807564ffecfd8409ec4fe8622a982047448686c
SHA256 0dfa1ce23c06a0044463414ec71f61ca8ec2340bf381b73f0ceabf62839b69fa
SHA512 3ac7bbf3211fb8a4828ccc78cd300be41e138bfdffa79a8e3db5670022994657e07d42a87e317f4bff93ecd03007fd7a7b49ef11cae0a088f37f0f3e438fd845

C:\Program Files\AVG\Antivirus\gui_resources\default_av\locale-es_ES.json.ipending.2edb74cf

MD5 e57af9f66685f1363ef74ef47ef4d4c4
SHA1 e40fcc043b0abba14f69a59c0f8b18c72c7fe11a
SHA256 f62f9deb8e1bc237fc53c0ae88f2cb8ee97ec86b6da76b28209d2cbccfa10221
SHA512 eee9b2729c410741a6a3219d2cd45f33bb4d418cc2350bb46dc13de4b8bdb90d52882c998ee763507941e2c19768188cdd374eff106cd3d7cc8080b3c99995cd

C:\Program Files\AVG\Browser\Application\128.0.26382.138\Installer\setup.exe

MD5 26bf30358c8fdaecd3c83b9cf76514ee
SHA1 4f76fe57a8cc48b28b9fd4f1ff75254976ad4515
SHA256 f0809a96fb1a5e039a5bf5559e4e5b57bcbbbcd07e7dd6bf60872e9a0e6f0856
SHA512 20a8f1df4a5eefd617fa6096d5f2c47770ef20efaf3cba007588f8759bcb72cf9e3d4eb89505d333bbe7c2ed4e8d9202421485e22ee99f29812682c0cbaf2040

C:\ProgramData\McAfee\WebAdvisor\UIManager.dll\log_00200057003F001D0006.txt

MD5 2dd2c050db0d8ecfa6c4780217884aab
SHA1 1a1cd20c61e7642088c31d69cd42c64595339bcf
SHA256 cc371a0837f658e3b0ef40c642f9264a6415dd8c5bacea516b8b8bc84d0f2278
SHA512 cbcefe33188fa8c22fd7a9d5654880807712e5038941f535617ba00b104f7502893e9d2abaea06e9ee3ba0ef24aa205b4cebfa2b45250318cff9a060793169ec

C:\Windows\System32\icarus_rvrt.exe

MD5 97f5d0caaa1988c95bf38385d2cf260e
SHA1 255099f6e976837a0c3eb43a57599789a6330e85
SHA256 73ee549578ded906711189edcef0eedbc9db7ccbd30cf7776bd1f7dd9e034339
SHA512 ad099c25868c12246ed3d4ee54cef4df49d5276a5696ca72efa64869367e262a57c8ff1fb947ad2f70caef1d618849dbab2ec6161c25758d9f96733a7534b18f

C:\ProgramData\AVG\Antivirus\fw\config.xml.ipending.2edb74cf

MD5 60424032333d4723d7f4ff7543a7aa76
SHA1 1fa9fa26b21439adcd5258727f9cd0b954d0f5a1
SHA256 be79affc10f1d93f9ae438c6320feed7846bcb0950cd32e8a564eeb59203b6ea
SHA512 859a800dfd2de9f0bc0f5e81a8f0ab80eefcb56fe0a9e634ab8cd13881ffd26e13448529d9a0d096a61d5f1e410eead06dac75a91b09faf7f692d8884a41456c

C:\ProgramData\AVG\Antivirus\fw\rules.xml.ipending.2edb74cf

MD5 7eba85dd566b2e05c6c517ce674b4502
SHA1 a16ab1abec4e1038c7c9063e07ee1467667aed73
SHA256 b5b5e84fd000dea87637ea59a7a20747cb0030270b986b4403a470673235339b
SHA512 c98fa54cf1f84ae3b87939fca976c61dc088b38c45885bdb415152cbc8e7ff6626c286fa35764f031f3ae03a8a51f45ff75d045d78b928f41c178c0c6a6c9894

C:\Program Files\AVG\Antivirus\aswEngSrv.exe

MD5 8f5b5c84347e659bb39ed662c1d923ac
SHA1 eb972f4e6941e18b859acf2b3ac37a8a847e3bbc
SHA256 a10ca955285a3f3413a2b874637faebed735d87c328781d05e60c94e2f5fbe22
SHA512 990edc115c4e2562d32752054a699c70bcbdb6ed15373763c2db55d4fbe25e92733e1758b2303b13ba42b15937bdfc0578c312e9975e2d9c5ffb8707f1694343

C:\ProgramData\AVG\Antivirus\HtmlData\image001.png

MD5 c69e876c8bc4f3bca56ba333eaae7a71
SHA1 d00ac516dadf10b6a9fbaa8b6fd7f7800511d36e
SHA256 d1e88cc6880e3667b06b2d006f5fb8516f28467dd1153453c1bf954571fc4f00
SHA512 3453ec35e83ed63f2e88326c1a3f4ee23a6b979d272243131c37bb06ce8d2467585e311a3c01198f3384d852ee9fe525434f8a6eb58b7698c0c8c56b7a8f3b40

C:\ProgramData\AVG\Antivirus\HtmlData\Blocked.htm

MD5 94aa8569ec9b33e05f3088b136dda05a
SHA1 2e7779731351517e2e6df18b313e5df28079160b
SHA256 179fcd4c70b0e5958c56387c7849e4b49e695a284b75471a15a8e6c8637eeefd
SHA512 52cc30da7dc6e6ae7266bf171e4e9c9e16c0d8bf72abda793a0f03e2889eda6171044ed65960fd2c40251b135015a0fa62132c76cf16065ef6fa47476b6d8ff2

C:\Program Files\AVG\Antivirus\gui_resources\default_av\webCam.js

MD5 cdfd88ad81348fe87096d89c6b035e09
SHA1 4fa7886374124538e5a69793ab41c590439a7c7a
SHA256 a806d79e69b7f373f1dc1fd09edb3e2ff05f7d59a2522425d766edc62d2ad01e
SHA512 b8c89bda6e4cf9396227d9becac882e3f3398bed73e10a1826f4ccbaa0d9e3b31c03895908e6a12cbaacadb0442a4710714feb368b9357b0c96c4fb274138b4e

C:\Program Files\AVG\Antivirus\gui_resources\default_av\virusChest.js

MD5 2fbee758d5655d41b8e44fa418a7d26c
SHA1 3d054a108b8b20642000f0456d3b6c581b385ff3
SHA256 538a236d8269472bce8111352574d08a65a8f1a5036e0b70a1f173bea73be89f
SHA512 7e73d0827514bebddd8fa0e1026d0e87717395b7a6f936d691a0163a7b2cde48bb808e541b3b0cbc001df70b1c5d4d6b6618ef4ea37d8b428c23973fa357b0f0

C:\Program Files\AVG\Antivirus\gui_resources\default_av\updatefile.json

MD5 4d4be34e16fee1787f787ce1ca543f38
SHA1 3e4040c3c37102ba9b6970304ba0d7a6cc41cbe9
SHA256 514223be3c377f8e4768b9b6ce53a2463f5908a3b3a444e9484f99f298907eb6
SHA512 d28ddd7b11b125c05b3d36c52347e8af9f1ac4904b13dcc48d12335d7bdb9abfc187d76a922926c9dddeda0e7b23cc2514f2fc1472640d084e301b2170cdf219

C:\Program Files\AVG\Antivirus\gui_resources\default_av\update.js

MD5 f0c8d9397d3d6261b85213f3db10f24f
SHA1 6d2c8e52aa53c478867b6304c9b0c33e71e7e624
SHA256 99e4184df0efaf73a4a23fa322af17eadee822f1f44aaccdd9c30d6d1384ac7b
SHA512 2b69972dac435ce91d68a10bc6f86990fb7c42e0ce340e78c6bf230d71368b039a1c335f87bf512a50e0680c44782f7b2c914d5d456f8f6ab15cb741aeb62d26

C:\Program Files\AVG\Antivirus\gui_resources\default_av\tuneup.js

MD5 1c2b32e875f410d172c4cd169c4a6144
SHA1 eeeca5ec19b2f93714ec5b5842d19157333bc697
SHA256 600daad68327401f5f326e21f1f17631df594eaac6bd618998904d7887d8d097
SHA512 aee49a43e5f12d53352a88479973b9d5740fb4a4d884a9c6a73d5ddc199f984c6e9dee5fcc891b7c1ce001d8f7475893524c5b119a1373f51055084fde669a08

C:\Program Files\AVG\Antivirus\gui_resources\default_av\tray.js

MD5 57a62cc31ded540b0a2872d8bb1a3ec0
SHA1 e98b470beca0ed8acd4851f27466e42c1f2539cb
SHA256 36110a6899c341f54501cf3834e3c2b2df7da34803b75a8b8cbedf10fa65761f
SHA512 5bec92dcfb19ae06a4b3f2f380a29315eb0fb26217ad06eff6504e1670ac8cc882f3c4553c65db72a5c5e791219d49ec08b1904e832095266425d789a3a05d9a

C:\Program Files\AVG\Antivirus\gui_resources\default_av\threat.ogg

MD5 7490b7798417364db18a28945a941db6
SHA1 ee2468aead06205e8aaf986ba9d428627fb4a713
SHA256 3dd397ac6148d654f8e4469234d8c71ef9a9192eb21ae6da4b9aa214b70f8127
SHA512 3362170f92fec1e24d05de0f72fa39c120ff9f48e67ad03981e9ba1eddcaed366228159ee622af3726646c4d74a7bd88d36f4515af47213f9e0e6207c89a8bd5

C:\Program Files\AVG\Antivirus\gui_resources\default_av\system.js

MD5 9b0cb1857a9114368d8b2842eaef146d
SHA1 9c24ce6a73c58be8e08623a76338ce259a007767
SHA256 b93e40e7e27385ac0c34634a9f0783435a7db28d67f7808ef0cc1d50a10222be
SHA512 2e393d982828ae3291d1356e8c3d131dad0c38508a3ccce8ab7c6e3fbd17450980a0d96f3ec2bed40de1d1bcd8d4c22f7682297050e3f5dae8aeae206996c7e3

C:\Program Files\AVG\Antivirus\gui_resources\default_av\svgInline.svg

MD5 14aa5e59677c68ade7bfbc7d2345ddc2
SHA1 b69e4408467e46a1f5438800b6b301ff149c8bd5
SHA256 b36cbb590cc5110ce14de497fb11a315b035ca11d2631e7c48b36c66d4e7fe8f
SHA512 e8d1d27d47ec26d0117e0f16bfe5582b752050b2648b3fca88282d263fab455d4d2b94ec859b5bc5c0d2dbdc91d637610348633e69b806dbca31a44fa04421d6

C:\Program Files\AVG\Antivirus\gui_resources\default_av\svelteInternal.js

MD5 1a0b94b7fc4f2c366647d3306c8d5575
SHA1 641ca99b76761469aa476f7179ebd995ccd5d3f5
SHA256 b9bea6ea149905ebbd3a768b156c2524f7b420eaf7ef7168740a76ac8196d027
SHA512 c9b62a08e83ff73a4ce4162cf595395f05e1ab2cad7739c7ba06a8da431958a35eb375abf1b7d0f12bea346b391852c8834564d9f2cd075663784ab71d8740f2

C:\Program Files\AVG\Antivirus\gui_resources\default_av\svelteComponents.js

MD5 c085b8662d742ab15b366cc41d74fcdd
SHA1 2b8ce12f6612c3c518062c5c08bb9fa03846d1cf
SHA256 936399322b4c1777038d2b4c1b267c7cdd221995087544a511bcb0d78cff2719
SHA512 eb64a26c0460b4cee623a3c0b921fa7a678306e8f518aecc706e5d441bd5ff1dfb01e755505aeacbe637891dde01553e34c5b8bfb366b8d13b125c8861826bc6

C:\Program Files\AVG\Antivirus\gui_resources\default_av\software.js

MD5 8e6cf27fd8c131f969b735ffa13e2db5
SHA1 b2d2ea4c4fc20a282b80df5a695111db9c57a184
SHA256 602454e23b4fed73f1d76223df578a84832865f2c8de8ef8297e2b42c8f933fb
SHA512 ccda260eff55c13204d98f9eda04bb0597888e39e051bc255bdbaf3cb5338f25c254f068efb99a6374c0bc5728b0e289be991ee4a9a679b532978f0c8ff5204d

C:\Program Files\AVG\Antivirus\gui_resources\default_av\smartScan.js

MD5 58759af5f6751119c7ab590f3bde1ff0
SHA1 a716844440b28af454508915c23125d59427740f
SHA256 da64a4092247043b27c3f38797fcc3bdec212e4ad3a0f30a5b58d87ad36fb1d9
SHA512 8bed851c46ca51e9a566c861ee448b4b046b9851dca083b78dc9ae94b69a578f12b3f86ad31b094c32542b4125613e2fe0d14e1f47c598ce906b630eb5788809

C:\Program Files\AVG\Antivirus\gui_resources\default_av\shields.js

MD5 afffa4ab85032f2df1ffc7bd959d997f
SHA1 a9c7c70b47c25c2b320e8c7a1f67e6ed33280fb1
SHA256 3eac9e87493057d2447598f7944f70d27025e5d885c9ffd5bdfa27d8a6ca829b
SHA512 9014b9fcefb6bc995af53330b145c08183e28893d584a7bc2b49702a90721d49d08eb0eba03c4c779aac746c0de3e1093a507ffe91450d6c8b84070f003be64b

C:\Program Files\AVG\Antivirus\gui_resources\default_av\settings.js

MD5 dee6194ee98d778666ceffe6535aef33
SHA1 8fb9dc0eaa2462d44149407a01ff3750fce4a057
SHA256 1737c534b9648401ecac4b6a9135b783a1021f297c9a232c7444b1c33732ec52
SHA512 79a9236d24c74258b9ca875058b8e95a37a63c253ae787cfb1dce546a39edbae955b9b23119606fb05cbaaa4d6de8dfa7c38b3693ce88d65543c76157bfca7b2

C:\Program Files\AVG\Antivirus\gui_resources\default_av\sensitiveData.js

MD5 e359ddfaec238d7650287ab5098b6d25
SHA1 124831bb3a51ec7d8000c79d966e20466269beab
SHA256 76172e00479a41418773d7e0c64cbcd7c7d090b2fcc67817ec0ddedcd76883e3
SHA512 907d78840b05310be514aa842a4355551ce04cd83136aab431ececef7bbc8dc036daebbbacbd2a02bb0259854c615cb3e7fbcfb48177d5d4136415391516641c

C:\Program Files\AVG\Antivirus\gui_resources\default_av\secureDns.js

MD5 2461c95d96c4ca7feea37e8c5beae518
SHA1 34a76f64455a9b307a1573db0a930d0d26024060
SHA256 f913f3c13737566c4052ee9fd59daf76b5094b8bebd5c9ffb250a6fb4125c361
SHA512 f8cfe282acc59950d2c811fd1d1def2082957faa332ba91cbf92672d869cd20f4aa7190653f121732d8bb5de84a5f0f05b29b01b07ed41723cc475f1ba52a16f

C:\Program Files\AVG\Antivirus\gui_resources\default_av\search.js

MD5 123519252c28113ab6db82af47c824b8
SHA1 ea6a14b2c0249a576e0b8f035ef77f79b1388b0b
SHA256 1b82026d509ba78646178abf1679dd9a2c0dbc04e804adada0843d524fe2c6e8
SHA512 afa8a3ebc14db39a982e177260164feba1bf94c6b939120a31a603592af4ee45f88810de226ff205cbbe4a500d63e61961b6b1693f9069b7d45209e45bc99818

C:\Program Files\AVG\Antivirus\gui_resources\default_av\scans.js

MD5 2efb7f0ed10843b62cb20f05c22b17aa
SHA1 d46ce207a52b36f6cc6c66980221a998579dc6c0
SHA256 a5dcdeab7163c14b85fb265c286f1a0a05f146a8e915b8e93be4263c625d8037
SHA512 4912aa8745b4dc20cd8b8f12f6f269bd631167eba56dc12c0bbcf31c9dd3a0d7fecc747c2a7146d344f79dde13f7037ab234fa06902b1737b0ff34e482100309

C:\Program Files\AVG\Antivirus\gui_resources\default_av\rescueDisk.js

MD5 6ed15b85bf5372a319e17183caa2cee3
SHA1 364a7ec326e6b6f6102cab475da6323867c09064
SHA256 e5d832d3449faa8b2a779ca6cd8dfe810cbacfb896a28fb14af313d1f2a60c82
SHA512 cd166cabbec8209c3af200b0822a8fa3cb0fcc92d50783adbc767b9bd7b01f2b6908e2131f46a54149be74a87a5f00dfeaabbf0860fa5e6c7609f1f6d8ff8a6f

C:\Program Files\AVG\Antivirus\gui_resources\default_av\ras.js

MD5 5371f51b479f0388be0232c13391623f
SHA1 269341d5e897042af7a198868d1ba58962dff347
SHA256 7c3f34e3c1cc11533872220b6c4d8054149765c92dbd51c4b3eade1ba22185fd
SHA512 e80b951ee9876632018317bcb39cee50d68c3c531fb414898ae99096a0e3aba4c4d55ed46fce86158852f53d6047e858819ee150c1a3e5c3f0197a27f34b40cc

C:\Program Files\AVG\Antivirus\gui_resources\default_av\plugins.js

MD5 0dfb32df5ace60fe68d33f063cf04f9b
SHA1 2c5d4e1aad7d0517720ee491226289bd866bf6f0
SHA256 a2a201a78ef0721e839352f38126062f20338ba9988149d29a3c3eb49bcad021
SHA512 8397b09a7c3a329b785aeedb3f59b7f842ba0ea116a89124a7db782caa82653ea0d7f27bd4dd7a42bd412f7daf4c1ce4ac1bdfd9f4e1a7bc70086a84aa27c469

C:\Program Files\AVG\Antivirus\gui_resources\default_av\passwordProtection.js

MD5 5b80a944621da0e9388bfd478c60789b
SHA1 8361d8bc48fee7be3a8c090862f98dd087d279a0
SHA256 893f8b6c5da936438763edca09be6d7397371342c2c81f12ebd95eaa21ff148f
SHA512 7155a6b99f8e89093555f2669b95a874ef7811f572fde977348f4d712f278df66fb713ae871e8f6f0f2bc0bb630fe9c28af0b8feb015d4baeed5c7fd57de1097

C:\Program Files\AVG\Antivirus\gui_resources\default_av\pap.js

MD5 8f437d85eb63db4c55b47eaf36456c73
SHA1 41e322023acccee2d618bad093f19adc7386fbae
SHA256 ccb152ad2d68a5df46ac352d0ac979ec0aaf1cbe15d5a4deffac35e6c4bfb3b0
SHA512 528958240920b37e9dcc0cef42d80ee8de1f432e883f01fc4c61699be84a4b44ac27b4daa45db8dc5f4f473b1d808e20e6990eedfb34b03b318ecb61dac2724f

C:\Program Files\AVG\Antivirus\gui_resources\default_av\overlay.html

MD5 74047eedc155440e5d55b4a8932f82fb
SHA1 a50d46ed4025ebeb44588c2a7c85e62dcd9bb16f
SHA256 b4812c1f202e598d3d26c3f08ef960ffa9e533f658865d1e1765df565b253058
SHA512 a37b6f1b7c5d2ddb03775982466c734d1e759d07f38a693b72f65dd29f6585be221229b92341eec0eca171cfdf81a60ac5197951856e3d9bf69348e7825ef849

C:\Program Files\AVG\Antivirus\gui_resources\default_av\offline.htm

MD5 920d58ec9ce2375c262ef1273bcbbc07
SHA1 6dfc670b315512c2a5877d42eaa9206314d64600
SHA256 ad2e117c5171824aa0e8413b7223ecff415351347ba29bc4ac618775c58e9490
SHA512 271eabae910368383f6d908d7e43ad3ac030c4ede8717926c6d45c11c85588395a101f3300e1db7d36dae3fcc1724bd3df06dec02be0a29b6545cdaacc5c5f00

C:\Program Files\AVG\Antivirus\gui_resources\default_av\notify.ogg

MD5 5d21827de75ec11edbd54e38f153f288
SHA1 b85da53e3f8f5ed450c167381f00c807969444ca
SHA256 e851d3c62177df95503f1615e8a07b9d61ca9250784e2d00e0a325d76563dbc5
SHA512 d75ab0e9043a2fd06f14834cde7578f014fa4266a4ac05804943bd1b2880da37b56c00f4803b90aeeeec692ea40032f55d5ae4d5b9ece9cbaef3d3d0edae9a63

C:\Program Files\AVG\Antivirus\gui_resources\default_av\notifications.js

MD5 5269ed6386ed58fad6b28344800bd42c
SHA1 fc0574b5ff7a327fa24cc29475ab7cea093215a7
SHA256 bca3d38dfb7a717fa83097d39322e1ecb873f8295e0bef9e4169373af83e0ebc
SHA512 8f908f4ad2e74efb768dfdb2cd249cf83eb6d0483e86e6a42461269e8d2b1b7e0b4332fffcade093b7fc8a1ab3d3da80c677da01ade02e21627e58c61d443682

C:\Program Files\AVG\Antivirus\gui_resources\default_av\network.js

MD5 cbc2ab3a6e8f83d1806fdf90ffafe3e4
SHA1 4ac385bcd00a1d0c547a9869372f8204fc319aad
SHA256 22d221e68916fe1938bce528f63cc4bc1a88a6c0e84baa5440ced869234d756e
SHA512 ab0abea38b87cae3574b155dc7334c98b93b5e73d7fd152dbed414371cd358aab5dae81a8ac6aa532b39ca34853793a505e2a703563744ce24863bff67056a17

C:\Program Files\AVG\Antivirus\gui_resources\default_av\napiExtensions.js

MD5 d6b0dbb848c35be79e898139d5f69bc9
SHA1 1dff7ca9b7f2f8ee5c29f8072417f7259038ffc0
SHA256 7082dcbdc5d538b7eefeff3577affb87db84bbd278c083001aa05cc59eb9c1a7
SHA512 add4d25830894eede8a0993fdd1cc044a3290b66976fcdc934f3adb3ede6af76d2ca057afa0aae38de5ef94884966ffe79faf87926f50a092274d814170d4483

C:\Program Files\AVG\Antivirus\gui_resources\default_av\napiAdapter.js

MD5 3c0539b16ef834fbe7a8826321dfa28f
SHA1 8013e7be318d22e2a70747c19a4dc6d7c6b1af89
SHA256 170de6bc4c2889d1e910d43dd5d4f7a8c5395332ed8b01aa3f1a29212e1a8c6d
SHA512 1d22e39ce1ffd7589bef25556b95cf8500484c7824daa9b144e38bdc20c6263afc6fd0fc8ccf8826a5d52ebc57f32b995ec782bbf245495c3cbe1349d6e3b1b6

C:\Program Files\AVG\Antivirus\gui_resources\default_av\napi.js

MD5 c11a698c4f0df510ba04065cfe9fee59
SHA1 45244b8ac3c1eff89ffac7992d13f042b5670e8f
SHA256 7ad6d47d475c7a6a36ad24b07570b88dd63a71617c028c15eeff811d1baea594
SHA512 a608407b271fa3e8065884769bc0b7081887d3864f7b4c3453ef085749a4a1b569e61ec9a5fb02a1c6160be761a1b92fdec940e5130dfa518c7aabef78248be6

C:\Program Files\AVG\Antivirus\gui_resources\default_av\myLicenses.js

MD5 21dc8836089dfe71b23b6c4ac6f3339b
SHA1 260b154c2dbddeb75694b83bb003a50df433c204
SHA256 7a8fbcd16ae0f7436078f6bcd5dfe37c5bf6d7b3644afc4f5f41fb6072324ad6
SHA512 66d5fb1fe908a44d3c0baad4b5d6213b4404913e176879314453d6e716943fe8de385e1ae49e7cb6aa23ffe2437beafedc8aed7fd2c4e514b096e8eb32e235b4

C:\Program Files\AVG\Antivirus\gui_resources\default_av\mainWindow.html

MD5 4f4ec4b7f875dbae19f5061036312e0a
SHA1 a01f3bb4fcd43ea4913e06089f172f52877c7646
SHA256 17f4e037807fcdefed01acd09a475a3c79fd42cd07e5f80163a98b7f0fdf861c
SHA512 cb437843d18c5edb6cdfcb5cd7b2c658b4c1e2a93be32bb12c87ccff60e4f0b95d3618503751fde5277257d42548615690eafa3f4b07fe705da48112066826a1

C:\Program Files\AVG\Antivirus\gui_resources\default_av\mainVars_test.json

MD5 ec9d21d22b84a3e54debaf67aa7cbd4b
SHA1 00d1d14241d1e918957481611cfd2e225fadc62c
SHA256 6a943f92785de9cb4619aa592fbcfe913802afe9620af14ba4dc04217f583aed
SHA512 a185df132acca590647ffc8794f02c0f8869a743d979bc620eb11b7e87d1154bd6dc1fc84d6e5153ef68d8981b327c5d888a27794a76d1c87ea23eb71c29c91a

C:\Program Files\AVG\Antivirus\gui_resources\default_av\mainVars.json

MD5 cafb9c7fc9aba63917dfc2349f792479
SHA1 1732f063f7e779480abb9bf9a5ab6a7ca61ca1fe
SHA256 bebcee43aa864c5e538db7dfe03389200a24c8d3139004e5a9710971e64e2c58
SHA512 4df61f491b3229799fb41cf9caeb2a1040c06a68c4a724cd2fc343cff85a46292e1281ccca49110c4fdb746a88b8a1d893ec353f008f42ddf564196384e85cba

C:\Program Files\AVG\Antivirus\gui_resources\default_av\mainSprite.css

MD5 d47e42acc8b6c69ee2e49f4889a21f73
SHA1 64d218cc7cc3a3783b2942a1c5633c8afb7ebe20
SHA256 0d2c72013281756741f339c485484ce8b50f5997ad2d6e8e4d8d3da41641ab57
SHA512 3b6056580850d1cb73718f117df8972244a5341a36e4a4da8e15fc86ab3ff41aef46be8b2e7b93d055683b177ed14ccd30f492ba1ddf2b4d940641cc0e43beb2

C:\Program Files\AVG\Antivirus\gui_resources\default_av\mainLayoutCss.css

MD5 a6c4202704a11c079634809483ebede0
SHA1 9c0cd64afb1134819a0c501ecd64a3e050a6aa50
SHA256 26883b07d3b65680eb7eb947a9897d6b8962c92c223d539a275eca0712d6cbb2
SHA512 49741d650153c3378dc8537499bb53411a87cefa496cdf795ad73740ea3accd2024a5ce66f834a173fe77b16c39e38134c59f2ee014f785e59b114d7be7df3e6

C:\Program Files\AVG\Antivirus\gui_resources\default_av\mainLayout.js

MD5 3bf0210958e5156274b936d62edd6231
SHA1 3ccce2b3d40972ab8f5444d740184e46392f7228
SHA256 5948a24de2b41974b41ba38aee48766f2e51ada54c7845889c42ef40d92bdf66
SHA512 eb3909130d85813c6fb55074801bb8de36cb6ecf7af5d8bcc37e0e13c9719005f667bcc3592004fc2544e9425d07500c973d63b57f4051da21c093657e5b2936

C:\Program Files\AVG\Antivirus\gui_resources\default_av\mainFont.css

MD5 5d024714e51e018de534090600d8020c
SHA1 30f0ec09aab286e5ff9055f3157c914f1153537d
SHA256 0029b0e55a066e06d1fb13a57706266b3f6c7a7e78cbad1a7f47f0f510992b43
SHA512 03e7b548f0959f5bad1f8b630161d37366a921b11621211b84bdc2013e9fb8920f5d2304e264499856f553e0e1115e3fc401f6c8b05321c6416cd4048470dfc8

C:\Program Files\AVG\Antivirus\gui_resources\default_av\mainCss_light.css

MD5 5c94eda40c46714f46a2ab1e1ba6c4ea
SHA1 2a3b37c1d840bcdf09dc4cd00447fc7f25653a7d
SHA256 d367b4b08452644ee76432a6ab7df799a4ca43517a3eb23bc08842351dca927f
SHA512 751f2cfb00336a1b46d6f39f39c4f3d3fb2c894f3b2b73eb5265456134a8b6a21b0f63b6e1422b4210c9a71b203520322fac1fbfc22abe1acd1769351c6549c4

C:\Program Files\AVG\Antivirus\gui_resources\default_av\mainCss.css

MD5 e878c230fad08b2266fe8f33204d1d20
SHA1 562688007406a84129292c9b49fb79efb1c565d6
SHA256 cbe7204244be1f6173f25eab893254b5c95dc3fd587139851e239dc0828d5338
SHA512 40e02fc7d715eb377060740f72fc0877f6b96c743f79ec03b495f15df842b8af38d9f4b05b137aec65d64b490abd4e24a8f6d9a3d94df3b25148da4223c5834a

C:\Program Files\AVG\Antivirus\gui_resources\default_av\libs.js

MD5 123e49b87a48b6de63e70715584e34b7
SHA1 7727c4ec17e79018c43cd109a5bd08ad1a86446d
SHA256 17d01ab476bc47fd600c1ca21b360717e12c390d06217d28fd767358f292371c
SHA512 103321106a10058b6bdaf4a48ac93bc8dad1b482cd69af8321da267d14f0ee1ea7db474c0ec689eb6319bb09195e500442316b5df153b860a6e7015d87def759

C:\Program Files\AVG\Antivirus\gui_resources\default_av\kin.js

MD5 e72925802f365d309d3181923c24ef27
SHA1 92073a0557fba32fc3d135ca7bd7ed4a5d8abda4
SHA256 dcfb363e39cea7314803fa530646ebd6c5c180fda5b3692fead499b70b611f39
SHA512 189ea649ba6c2184dd5a7b8ee120fc3870b0971b6b25f12ffc40e670fbde22fa1cf5d4ae5fb97cc11a6ca155ab15dda79a529858b6952a3b074047153e150300

C:\Program Files\AVG\Antivirus\gui_resources\default_av\i18n.js

MD5 66441a4ea5d2d175b050340eceb34543
SHA1 15fed0e6ec5925b5820babbd239e182948875367
SHA256 ad590c76f96dce482265c8f11e60f05d10329fdb479939dfa0dab94a147a6270
SHA512 30ce5ac2af31aa93f347c57b825fb7f8ed772acc3a89b0c221c0bdfefb47a4d66d66f01c38aa38ffada79d354ddcd07827823c81bae15588f78cb2dca1fe846f

C:\Program Files\AVG\Antivirus\gui_resources\default_av\help.js

MD5 1cfb1768affb9207fce4231a2164ec95
SHA1 f700bfc45adb5e3df0c11cf605ea595dc37c975b
SHA256 04361eaf0131b15892ea45a0925ad61f09df8c5ef5b0b3aaad501d206c5569a2
SHA512 bbd28791781852fb08884489dd0c17051c710287af2188356adfa39cfddbdc3f78cb63af24c764e56790509b458eabfe25bfdd846bb9eb33033159297835270c

C:\Program Files\AVG\Antivirus\gui_resources\default_av\firewall.js

MD5 bd45fdba3f0de51f7bd388e30842348b
SHA1 0a04f86e8118e11812d073a0402d26470cb734bb
SHA256 7eec725f72d48ef327795543202cc2252ec35074c55bfc209a5ed99187785cbe
SHA512 6f107829c3ec0749c9daf885cf3bc333bb883b9eeb415385fcd69630b19c322e266c3e42f3479ec1b6e32bfae007c2b250f5111eb55fb0150c4c85bf2f5fbab9

C:\Program Files\AVG\Antivirus\gui_resources\default_av\feedbackForm.js

MD5 3f618d565be5fa04874ecd1e575e05d9
SHA1 a14e470fabea3d1a0deb6e9cac6db2ed078bea8c
SHA256 fd96375982c1e41295e58001d716cb1828de68964e2bab5bc6eac69b9640872b
SHA512 4890295ffd8aff75a5be80f2fb19044e736a48f7fe05796e9e52a43c210e31a9f7e8e114333aec3fc88a366d6c99152797dc9fe4d8e6d7175cbd1d19cd497f26

C:\Program Files\AVG\Antivirus\gui_resources\default_av\driverUpdater.js

MD5 5b42757c3decd4bde9d5c158442543da
SHA1 0234fdb2967ec3141d6b0635a75ffd6e1f777376
SHA256 e44377b8884252491f179d431b7f7e0f0cb2546790e13d1506cfceea6aba08f3
SHA512 e711e2a0834f1004bba9bbde38ecc2755d36c8188f94330c930b4c2758a903b7583057f75d54ac2c55f740d46dc3641496eef1989fbbf134ec3d9dcd93a5df64

C:\Program Files\AVG\Antivirus\gui_resources\default_av\doNotDisturb.js

MD5 fcf9fc5c18ac1e3b6e4608b4944a71b4
SHA1 e5af65ee0b1f38694227bb01506fce8f6748b123
SHA256 a4e82d9ffba1b3930054084bf88cc5a8302f843b9f4a4d9d76cbbda4335287cc
SHA512 d63b0539985becff65ec14458ecdb31bded1ab4b662af2ee795a953c1590ba0cb5f4f592e210d1cd3ecfc1ccd9dfc7b0d7c331aa284130052e6a2ceace6e9d0a

C:\Program Files\AVG\Antivirus\gui_resources\default_av\done.ogg

MD5 dd771017a31b4b6b88cba564b6b4c86e
SHA1 63f12d6e8d2fad5bd8e3b210cc20cc5fce8da930
SHA256 bd6a50e8b30dccf4575c91596b2b85875b236fd2b1b8fd1de5fc714f0b673804
SHA512 6958f2aca7a95f28f181febd9b09ae60e6c4f336d30155433cc506fd1147dbc43125bafc39e7f4cc06c68f90566fc957c92a3ed540d4ca830a8e11e7df2c5969

C:\Program Files\AVG\Antivirus\gui_resources\default_av\dataShredder.js

MD5 afaa1df59011ff085b15523a4913d54b
SHA1 a9ad86e69ce8065311e45064bcb59a3a76c76fb5
SHA256 32f806ab36a34fd34379b4e3394d8de8e4e0a0975978fd1ce45c6975b26a03bf
SHA512 594312affc81bcd634fad4e4392e6e7f24d1e3a0821d69cf78dc0a63d8154abc4b4f6f39f7f7713d99f484be007619ac83b0f79527305d7dc84a06ebf4ec9d5c

C:\Program Files\AVG\Antivirus\gui_resources\default_av\dashboard.js

MD5 975efd28d11c799222bd233bf8352e81
SHA1 d912eb73b926b6255fd192b09ca364597c10fff2
SHA256 57f0c10878855c2346267ea2a486946597328577e8d064de02418a77446d4c31
SHA512 754d46d7552eea9d2428bd445bc664fef6b11ec502ea4fb8035ce9e96a18790a9f256060ef527e3d60f7a8cc5ca62312b0ae4efc9562de3e03c14bc54c51e927

C:\Program Files\AVG\Antivirus\gui_resources\default_av\darkWebMonitor.js

MD5 0e067f0f8e5ab57d5a23ee0708b1fee6
SHA1 81595ddc3011eafb42569f2895d4c470da3fa907
SHA256 b8c4742dd8c6f29f8e4adc9d97fe1421098be3da8163fc7e65cecaa8e801ba07
SHA512 0dd9d339eb61d5cd3cabbd6dc762bbdd50ef380359f56c07f5363e696972b5988442a5a32e419ced8cc3b9936c5bebc2aa25163125baf442f9908dca7fb34181

C:\Program Files\AVG\Antivirus\gui_resources\default_av\core.js

MD5 bb32bdf6e5cbaee433e2a373ac621d88
SHA1 27a7771ef6d2b09f5e9da242a83ec459948bf3e9
SHA256 15fc40a922712b8294d1f6e0079d9ee3a0fa981262137bfb184866e16d2b8e14
SHA512 2f1821030bdb7877979a868d158a43ab5a3eca89c29b904f07961fe754ed2dc41ba51c88d58efea27aad1af678758fc432694f91c7d74c1e3b765a50d5f6f7c7

C:\Program Files\AVG\Antivirus\gui_resources\default_av\browserExtensions.js

MD5 bd237f8d902aa509282eee6b91899b3f
SHA1 053491b040e5bdfe5a7a3392b97c7bc491d31aac
SHA256 7e616aa37a60865987428a0275a377c75e09d45a1533d6c0f595312c6348d542
SHA512 fd7a295c48f9bca128caa25b7aefc2e7e3d7c8591c5e5898dd25a91f532ec4ea9ba3144d4958efdd7d25aca81caeb1c43db4c22b8e17ca275f0bd6f1b6584ec9

C:\Program Files\AVG\Antivirus\gui_resources\default_av\browserDetectionWindow.html

MD5 91ce39a264c74f8638112282be9664ab
SHA1 9bddd0eb43fd64ea04ae383e4232819cc537514f
SHA256 4fe75e1f04a9cff36d45b3f8879e65d5aefbac61e20534936ad72c5c7d94392c
SHA512 c1b9084b91da6be8be560620af801f89e6000fcf8c72206a8838eeddd78bfe3c33aaf111076aa26371daaf1ed5f750d7b505ea9554f1345cbc0ab8316dbed9d1

C:\Program Files\AVG\Antivirus\gui_resources\default_av\browserDetection.js

MD5 002588f26a1770bc35679bc49cd42eec
SHA1 171bfe16ead34ec110c5efe8f8f03f1ff0bf95e4
SHA256 041a9da1f38980d288d1323d0afd731d81c319a1b432b5aca33704e1d2e81e1c
SHA512 8792861102d649c2192b92da060bd980f9082ac5bff9a1ca5b12a6ac19ad2b8cb3f8a9c28b18625137ebf74547a1b736468452dfaf16a18d27d8f4af5ed87b02

C:\Program Files\AVG\Antivirus\gui_resources\default_av\ask.ogg

MD5 a3b4b5563b0714a5f86b6558ee703d9f
SHA1 d21280d0c8b593257a7ca10f41c73e49f7424b5a
SHA256 4a2c37cbecf92e6bf0ff463759fb5034391091edd58508a44616883ea524d50b
SHA512 3aec734a34f580beec9b33cfa5b94bf979aa73abeaedadf8d03e82ce98dfa7cb0b4fb987df15e1707c9b14b458233ab28f471d3c786253937af7b0484580794c

C:\Program Files\AVG\Antivirus\gui_resources\default_av\antiTrack.js

MD5 ff054d80baec2b967b77c7a705ed6307
SHA1 12aaf10d4461c4a410bc64c6e2abb01c1433cd07
SHA256 4341cf9bf18a84da2aaa18edd9afc53ce4db361a14ecfeed30fd98285b6dec08
SHA512 6ff653260d35b9cd46de5cc9ac5a64c47d36b292cbd0d5e5f7774bba446bef3a415cc05f8f56bb6a26604998f2117f68b67173a2864061432b8f9c486e229240

C:\Program Files\AVG\Antivirus\gui_resources\default_av\antiRansomware.js

MD5 74cc8741774df7b7408f09d38c4e6044
SHA1 88588ebe973ee63168321d6fc01330ad52b7125b
SHA256 3cebb49dd3488273ae0b79f9a00d6ea6c58ba6752032784e87ebd967a6756479
SHA512 cdbf0fdb81bdab9c59f1defa885086114b593ee52cee5c8dbb6b3c6489002c93d4ddc1e0511808d6e4d8ec55580bc33b7cfca99a37d3ac26c47dbed2a6083d8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 820cf528bf53fbe26ebfcea5a13c91e2
SHA1 6735ebe41293ac356037da6ee5811ba2b2d6bdbf
SHA256 30adb9fbe440b19dc45f36eeabc0b4d509ee8aaeae44294fbf1ca38710cbf044
SHA512 008bbb539c92bf14d66313f3385310409d8c1d1cd5756a85ed57cf5423c07d6cd1d3231bedef1fd0c8aa0c25cdce8dc8fc73f78a4b307b78f77482abdb67e813

C:\Program Files\AVG\Antivirus\setup\config.def

MD5 6910a843d4ff64e5724a4a1730a08508
SHA1 f04d7aeb0f0a8ed24f8c72ee6a8df0a1bdc8465a
SHA256 390c4ac4bf6a5a6086b574905617a3650ccfe7e21f843feeebad64d978e7f079
SHA512 8a0eaf0ce0052e1046247c937bcf4f0838d8d7007de66d86d25f9238de4ea2ec990272c4b3f52acb344a9dd612ee8617bf3a2013713fecce4f8518c1c648e664

C:\Program Files\AVG\Antivirus\gui_resources\default_av\about.js

MD5 9cca996bfe5226c554058486eec8dffa
SHA1 9135835d0b4f39b2c66f97ce00f62c053e53f75d
SHA256 39c128f907625a6fad301ea3b236cce1517bffaadbe0fb34eb8411baa09f2461
SHA512 e018f8e7e420c7586e42fa47e07c3b0a189d3a221d0bcdc8c98f61e0e8a1528c9b648081d5a99211da0666008fa34070a5f39e4823e2629c92b5fb5c98883efd

C:\Program Files\AVG\Antivirus\v8_context_snapshot.bin

MD5 652a0ec5b9d98955bffbcba3ee8eb3a4
SHA1 2d7c8d85b0059df2b429e40f03da604c72761c22
SHA256 13f67a42aaafb7c1f6dadf60387b2769c8344299607b074870dbd6837ef7b2ed
SHA512 1a8968de3874006c0dd56e417ee381191bd275eedfbb83d665ab84997824a532ab44f8e32880ab740a7e15034b8ea53da4312729adfc2c213b795be594558e8b

C:\Program Files\AVG\Antivirus\snapshot_blob.bin

MD5 4bfac8501c72cdd860ea754d1d580cc8
SHA1 1afb2418f3f31e924519eab2b172ceb41dbe15c2
SHA256 67062dee20934c4d297aaf1dd96d97a7bee8bca5c9e3cf3c6a18cae60e6ab191
SHA512 d622736ee5ebe22dd48ccd81916a400f4ed519bdddab1fa9b466e5b7012cb15601a63cb0ba5bd897ccf33aaba917e7338a0cb4339000e5f002d266396fd22511

C:\Program Files\AVG\Antivirus\libGLESv2.dll

MD5 6cb160bc7da5abcedd71c8695ec75a2f
SHA1 6c35c8fa19e02f81c7a5401492c45239d91a38dd
SHA256 f3d6b13a23a6a032838f75255ed506051504e09c77121bfcf59cc570529f6c4a
SHA512 213749b77e811b5c379bba9451fdab17b091ea513a86b2b92e2dd8fc2eda5eab7856eb2e88d4768fef70cfd775b803ba6cca58094942bd0007c1d5878740d39e

C:\Program Files\AVG\Antivirus\libEGL.dll

MD5 2060cdb437dcdfff0c5a2a581980ad2e
SHA1 a9498ac53f77feadce4524b7bb47018d5e7b96a9
SHA256 de26ad77d4f163eb7d659e50bcc7227da271ba959e6969ccfd20ae2b54db38cf
SHA512 78157004423eaf6a6d7772132fccf1ee80367046e9535c4c3758e1ccf7900d1445f68320a448138a83c3a16b305217c179f415284133c737b1b5d53240f46b83

C:\Program Files\AVG\Antivirus\d3dcompiler_47.dll

MD5 f192b3b5ee05bdb0afe890a09f69abdd
SHA1 b2194d97f7a25348eeb714552c89a29a75165613
SHA256 901c70df9b9714b22d264375bf5c91ef469edafc25c6762e7b0112bea6f07378
SHA512 9ab70152cf0e3214d539a59b135f95485fd770d0c5693469045a8e3e70e48b5d1f7c2dc690b2f7eb9094cf2377199624890f2f0789b2abf81393cb2b5765780b

C:\Program Files\AVG\Antivirus\chrome_elf.dll

MD5 39a3d833e0e786905fc8b3bf153989a5
SHA1 716c1968740c69d9e5639a72aaac709eb2e0024e
SHA256 d0447e595d85098fecc0e0bfa51c93506f9e218ed10d0a916ee0bfef511ac0df
SHA512 85896f4a58a66317ee67319e1d68269aba84fa81e8a5833f88b55a52f705f6516a27a50afb55baa4735a9736c01d90ab2a2ff71869dc8f5524ea6d2a6e297ab4

C:\Program Files\AVG\Antivirus\swiftshader\libGLESv2.dll

MD5 a7e8c182da0331fe22b69da756bb8387
SHA1 e018f3693b6bbd281cf894f37039bb8ae8e09b0d
SHA256 26b30de37e4a069b39863290fe2bb59b61aa6e54662b7f9557173ccdd4ff0dab
SHA512 b92de4b3c547256e20b758aaa93c320f9f404800d009a56697cf2f08d634918d46525e7df2ff85f69d663a1e7fbf1b4532d1d48f65880b2e58cae03eb0c7de01

C:\Program Files\AVG\Antivirus\swiftshader\libEGL.dll

MD5 227af943a451da44e1920791a84a7975
SHA1 e7ca54eb3eb82e47cc692a2874802ae246d9eb62
SHA256 c86ee36ea5f2052c968bfea4c69b60f533639cf3601e7d4015d5c3b5e06f57cd
SHA512 9f1868aee4164611e05b35c62a6a58c0636f1270f32da0f73cc64fcbf6731580b631d236998881293260a18d5355dd2dbb2ec9812c5410ba2ba84e24d6237e27

C:\ProgramData\AVG\Icarus\avg-av\icarus.ini

MD5 6843e82b70210da62128c1971aab92dc
SHA1 b146d77c68ef3ec164d2066033df4e873ec6cfad
SHA256 94461ed1b63039c1c6032571a0ea22c78f1a16c968fb8693534e16f343e50d14
SHA512 f80e81a1684902f2182b88730f135f96621d112057b4a0bd53b89fd64a9e86de14f1107236ad56c23383366535212a7fc4cc24e3489f2e2d3e13aad9eb5512de

C:\ProgramData\AVG\Icarus\avg-av-vps\icarus.ini

MD5 3c28e285db12f32a88606f5c0a8c424a
SHA1 3112cba6bb525549022aa28bcf55952e168e4f93
SHA256 226bf72377b3d4a1046984c2ec7ddc12d073c43d48e37448cd5d4d5d5d2aabc7
SHA512 35d923ee1093f3c3090e9baa48464d8866c22d116ac92f0823ef7e98c6409330b06140c1d2b1fb51572ce187f23bb3e9fdca49528b1f0678f4aac413a0df5b7a

C:\Program Files\AVG\Antivirus\locales\zh-TW.pak

MD5 c41412769245d56fbd7d1f114f238700
SHA1 ff3ec93946677884128267d2d84869e5c6b63afe
SHA256 70ea00381aa8ae93ce9f64ae29ad3de0263ee5991861120c8df7603bac540b84
SHA512 13ca3d0fd0b4158f2bb751791870bc0a2199af3c39e66c1f971b2cfd6d536d9642ecab82bbe814908020330eb351b4a045e0958a22bdaec330e161b8a3f6087a

C:\Program Files\AVG\Antivirus\locales\zh-CN.pak

MD5 56c3b32e97f3c52cebe29937806a5325
SHA1 25f4295535a90c26fb9bc476bc915d5805803db7
SHA256 70070d44c9e5ec62c57b574837423f849ed363c0167e8019afd49a93c74c7e3a
SHA512 207bf51c44900e25d7d2d5a128e11b11f972490221d7c3f8a28b77d0921860f059dc92ab96f687da4a7fa6defc87a1896b1fdbbff31a9bf45dd2864cb78c1cbf

C:\Program Files\AVG\Antivirus\locales\vi.pak

MD5 c31f5ba58a8a0b114e1061c7c2a8f43e
SHA1 beeb19c5164c2ca5bd63a60c0499262ce8467d75
SHA256 66468ec740624dc5ca9988e2aea145bbe915333db3327653f130ec4a426baf17
SHA512 784f0426e303639e7174bea1ffe83973bfaaf18c7d61544cd4ee92e417442b085f6a5065593d608326ec8bb7374efe1c44c5c6d15811ef2449baa5597b502cbb

C:\Program Files\AVG\Antivirus\locales\uk.pak

MD5 49aaf394d0376e4bf0639fd928f0008b
SHA1 ecfb3e22c86323f5571c502f020ddda2d2c680e3
SHA256 23752a372251b782f35f6fca4a17dc260159eca4620ddb610f5ff7720d496a18
SHA512 e414936a5b36926f9bb4f01c7271c38d6d868c1c0341585b5c73e848928d0a03b5849ae088f964df1d77478a739edd938680b98bf75f10f0a23944843eb2607c

C:\Program Files\AVG\Antivirus\locales\tr.pak

MD5 d32db9a61c2f11de5df3fe64153a48ec
SHA1 9d9c5731e0c17600ba62ff1bb9a833602e4eeacf
SHA256 f25ff7a18aebd6ecaf56c2b125aaa22a1699fe2ee9cc6f190f6525d824992f11
SHA512 43c939ab2fa18bf7009ed3594de3bcfe0455797aaa2747841957678f31410a4b368c5f5fec684d9ee1487bb40bfd8395edabb97312d97be317653df9cfb58a61

C:\Program Files\AVG\Antivirus\locales\th.pak

MD5 0b8590d79fddc502679b69005576584a
SHA1 37c6907483849773784652835ff5184ad88107ae
SHA256 a06797086a3ae1bd42bd93fdfb239a787d521cbabdda56a0c15aa255def81e5c
SHA512 c9f9ae0c139b9866e568246701473d01fd8d190024411c63859574c004befc59b8e2477a3ab9ab48b92f425744ee5e523d0f05625605dbce95d3449acb201ea0

C:\Program Files\AVG\Antivirus\locales\te.pak

MD5 facf3ab50cf9fd9a08f951a3cf3d42b1
SHA1 44f9874dc0bf80907ba5f1189350ef741f168cbb
SHA256 3e19980886a66ca92ea762b86ab44fac8e71fb16fbf4dd13864840923c9bfd19
SHA512 1a32a1f82d92f2db9556a50b05329415d995a3038fad7e21e82526b976e75bf171367eefad6dfab2ebf388862c5f0154de2c7772f6ac617577e61ea1a99bc7f6

C:\Program Files\AVG\Antivirus\locales\ta.pak

MD5 35b454a9361898f148f056d02e1adbd9
SHA1 c3b0dc8dffda8ceecd0f43d3b6845e5c2e031284
SHA256 7f047181c386fceb204184cf02d1ad1859e5293db04122c5c6585ce7bda8da0f
SHA512 11d18f6d5ad0cb7ce3b9a4cf7aecd5ffd2fd8a72a65ce48afe034f7b11269cbc109f1fdb9448021218b31cfd64f52c53875cb3f0cee5ce2243938f449ccd7201

C:\Program Files\AVG\Antivirus\locales\sw.pak

MD5 8c427fc5a5eda451f60c0e4e6a2c6034
SHA1 752eab30cfb87e90ce5cd887786e115f15a8a178
SHA256 178590c5a7fcf0d41d93724de8aa04f4bad7b9cec119a54a4115f96f9219ef3c
SHA512 e09599a47f5f5a2295fc13cf0ad0aa45006852eec5956092677b212a5cdb6a787349a12f78c2af0529329b51a87fe0cd614e8b452b2a049af7ba51b893f1c7ae

C:\Program Files\AVG\Antivirus\locales\sv.pak

MD5 335c90be59afb384203afbe08a9d5d48
SHA1 30e945993e943e1e6840b8020bd78a845dc3b745
SHA256 eca3cbaceb77840c7d861b559ee3ceadafa9f7777856112c9bd30b5a8d517b9b
SHA512 5bbfc5404f330b047365b2fb73403f5598c696eee0659fe987c0fbacab5a949f38ce5b288bb32702cfb57e15502426a3efc373932da2d01e68bf031f57251af2

C:\Program Files\AVG\Antivirus\locales\sr.pak

MD5 d13a44314bcd033fc50fc608ad1ab91e
SHA1 7abb6cee31c4873b717910fa9c0669130343ec5e
SHA256 6615bd59f0759e6af09309b8344c0e7f0c2dc2bec55beaa0afd1bbe09af7596d
SHA512 5efaf765533e2bbf3095a05c55b3a144c32cec14812d743a5b7de47b7ebc7429088b7b94bbd498568189ee0c4cf1056f2766ff341d46303e23410cc84574c798

C:\Program Files\AVG\Antivirus\locales\sl.pak

MD5 dbb839665d4d78d71c9d49b85a0ec0bc
SHA1 1b8662843a1acc58ef120d62ffcd19c764f8613d
SHA256 80ab358cfdafe9533005571d832377a08e5df4801a6f61be7aeb2afe626691b9
SHA512 86f7e656d140e03f68b0d7ad8c7d9168029e3fa1c8d75cddb2101dbbcebd772dfdab1da3c568effc41c1bb6b3ed0a588f4be50ff307ae14be356ccd101025950

C:\Program Files\AVG\Antivirus\locales\sk.pak

MD5 0ac44c1ad8985cda2e3ef0bc2082fef9
SHA1 66f721bac3f1ff5be9fb7b926b87341d303a60b2
SHA256 ae4a8e4e3706626f7ba53cb395e2472389bdc1319fbbaaca608ee1ae3c918e0a
SHA512 5ca7d91b3ac747241acd8b76176b19a62cb44c62d991e2db6631097df9276c277d19d3ca6713e382ee69f61550b5d40daa03da838d80f04727a03a97a0b28da7

C:\Program Files\AVG\Antivirus\locales\ru.pak

MD5 dcbcbf5867918c54c5f8f267664056aa
SHA1 f3b706adb3c222a84cdc92bf97ce26f8aa0042f2
SHA256 fb9da2895730be8d82924d01d5e0dc28c454d8b91a1aab556d255462c374bf16
SHA512 429896d3e774eeb6f447f9f80f1c148685df728b343899e12e58bd4d58caa70d3b38e264037a720a2074e909e3e3722c8393a21b4f4ced2157da554bdfe40f37

C:\Program Files\AVG\Antivirus\locales\ro.pak

MD5 de48484707e8770f47d27f0f5e2358e6
SHA1 014295dc0215191606e40b2fd757a5a637164571
SHA256 5fe258168978f52d2b3c6f063c7a7c381a70ac06e128ababe6656375025fc088
SHA512 653da7faf9f75477c084267e30a288f52fd1260b77f7d1552981034b033d796b7ef18a6f77214179521213375f4b43a7daf69e4977e487cda90c9d7e96e82e52

C:\Program Files\AVG\Antivirus\locales\pt-PT.pak

MD5 4fbebc23d7a0aaa6dcd426777898bfe6
SHA1 959ce4fa97c24143c3dc28e9420e6d6c76a7266e
SHA256 3cda10980a23de97163a2c06b31829cca1ec3da63b0bb0a246126f402c19b16a
SHA512 a1c4052a40059dd5a417d87935c9700c3cd127b63ab9191ca62e448b09109762906638c5d80abc0565711425f52c5ec3fffeed87aae70c0888199c45a4374880

C:\Program Files\AVG\Antivirus\locales\pt-BR.pak

MD5 3a4f9d62b91bc0eeab11f0865d4be286
SHA1 c56a98f46b9f0ef8c5180d176cfb7773a05ce941
SHA256 3051442a3e905dfdfb8f17f49d12a3722c511faf9aba0fc86d577dac90e3b654
SHA512 39a81774c90476e4e8ab80b0784a8923c698040f51cd6acd08a50b5d2f90a7a22242296ca5793ce39ccc93120df3f40eb2abaf6317ffed8aebb986ff28946081

C:\Program Files\AVG\Antivirus\locales\pl.pak

MD5 419e3f381b0e0f080ec230a9f1b80e66
SHA1 c279ff058f3f3ef086715ea2206f24cf7aa75818
SHA256 a5fdcd13f711d4665d1960f512f1bd229dbbacb24c86bbb3773a905e2dd24b33
SHA512 d7896ce61b64ae92f5af2774f3a996516d24e89d7cc6f84429cbf3f70aa3d87404fca8c6d242b5a088bdc1a7a73e229628ca7dbec81d6976734632cb5291e9b7

C:\Program Files\AVG\Antivirus\locales\nl.pak

MD5 cdac79ea10a58cf43ec1e5452c5faef5
SHA1 35bee3062c54f83cebd26c50718081186023c0b8
SHA256 ad97f1708909ba1c2d6119de7536448805f00275273a8b33e743dbf2e7ab2456
SHA512 d9b907c229742808561e87fae306b8e65948ed60b21e90981de1761f162cefdfb95705edf375bf686cec15f7766ada2969fd7428f5ac4334ee83d7d1fa8b4947

C:\Program Files\AVG\Antivirus\locales\nb.pak

MD5 4795132dc7086e139a2af75a69fa4f63
SHA1 e8acbd586ccb9ca0686c7cbf90f0be5cda48228a
SHA256 8ef002c7ef1d7207b5b41038f16fef198d2343c0539f14090960d6f1295d8c7a
SHA512 466f4a0eb01d2f8d8359016fba96189f152fddcf5c041b05a62c5a7b14b3d93b3f2a4c7eba7e292eb8acacb65afa68b9e9adf4843ef78c410f3d5296656911de

C:\Program Files\AVG\Antivirus\locales\ms.pak

MD5 a5d5cfe69299d29812c9dc473c9ceb72
SHA1 768d505ea7678aa2d7f7aba46822de231f1a94fa
SHA256 26457724f3431e3383ac833cbd990834dda8e5e76b961ff931d171aca4221626
SHA512 c8a8e30e67e003720c2fd20150140370e9e8498e2c385bf7e6cce8406b7abafc20fa249f7c3ec92deb5d86145d59717d17d758350bb732f8196129ca82b1e110

C:\Program Files\AVG\Antivirus\locales\mr.pak

MD5 9aab1dc6721afb63ada134d9d1bc2dc0
SHA1 f0e309e0570e1595709cffc570a799e013a2431f
SHA256 27baebb27c345e367f27b2ea8eb5895c2dadadea282a0fa94a1b2057859736a5
SHA512 9e04ad79a36fe4142544b6d360c0a5227cd7c48e2b0b091085e8d3a011504522da4584460e5234d705d1a9e1fdf695902102e005a30ed2cb2e021b19cd58a708

C:\Program Files\AVG\Antivirus\locales\ml.pak

MD5 5434e2c549029aa898a97f78a65ab13f
SHA1 0361686f5d38363fdc5f67aa5980b6729fedd4a1
SHA256 990b6559fb32e86df8045cdf8687fe7176fb810c18b2032fbb1a093d9b2c901a
SHA512 d05d6e89e0f313622692b2173f715c4c84f80a7fae2ca9bc8b1ecdb02b090e5189d40f5777b647e97344ac65a84c284209256a7e1fb45016d170fde0eb7270c9

C:\Program Files\AVG\Antivirus\locales\lv.pak

MD5 a9f1ffb1e215b45afffe7e454dcc082a
SHA1 bcc32731f6fd700496d4445545366cbaa2565220
SHA256 a9cff7d778289b25bca696ff4873e45f098be21f8f4fa3105ae7e2b9b1ef95da
SHA512 c8e692b0ade3dae78b1bcb7d8e3c821fe4d5fe0759180f6f44e603ecda341a8a925cae5986584e98829007bc56a4744ef0082d1feab42781261a6ff7b7b65676

C:\Program Files\AVG\Antivirus\locales\lt.pak

MD5 96406518a17835d2c08ea09f6a4f5269
SHA1 63f2b8ac41adabfc0f58bde2ea02af3ea830cee4
SHA256 336b6bfe35680a19b02d583f332df5d0f5dc6fa5729c2910fb1aa6659e6aaab6
SHA512 342a9d97fa6747b52e462e302cc865e8ee6018aa65ac3d517d4625cd31cef68412e4df9d28ac10e39ed73801342455635ab99a6e167bf7527ac7acd62bab733b

C:\Program Files\AVG\Antivirus\locales\ko.pak

MD5 d324469bd2d6e373ab875328c95322ee
SHA1 8c4d3d7e0bb3df9d4028a49b64182d016b47443f
SHA256 549b190c3722d4774cc7a8a2730f858dba66f063840469799adb449184056f9b
SHA512 10a2e751d95422fbc24f5618edac8589d033f19106ee500c83830fb839d639d30f25f2b49ee017767325dfdf833a6e1f9eaaf0c1081c1d339233dfeda9876ae8

C:\Program Files\AVG\Antivirus\locales\kn.pak

MD5 3a998b7d9c41dac3b2896685116ab994
SHA1 8c7a3272e79fa27017c24905f2b598499a62623b
SHA256 5eaca86a3792d40db18e7d1ce39683471bed1e8b169d716101808930728e1ea0
SHA512 e1e7e49d4f47c6338e9530b0089c1b78f96fd8e088d7ef2edb013c8a503b86f803ec074dcb8ec3998ca981a5373fc37936c102c9d8c971abc66c6233c6758eb0

C:\Program Files\AVG\Antivirus\locales\ja.pak

MD5 017796cec4dcae8064f6303f2e3174ac
SHA1 1709c22b0a24a74b690deb61dace383484c08bc4
SHA256 8b8407ca872711857c1efe032f0c71df17fbe8d82107a09953e812a20497e582
SHA512 e469f0a63bc649126e0a191dd17c1f5db6e1bbde4b4cec63fe4dfe7c821ff5f1919980ba5bd4962095c0f8c4698ac659693b6ecf1a5feb2832936bc3c47a3af5

C:\Program Files\AVG\Antivirus\locales\it.pak

MD5 ab258570cfdde79a3595b9deeb6cff01
SHA1 4563fc47d20d0a2ad81e7bd9298a5aecd11ddcda
SHA256 5fef05d02e5c971e8d3f6b5584720ebeed7c7e6e5214320f09ca6f7d84ffa993
SHA512 8a7ef6aff2682a96511e2130de62989e5e3a9ae35b8db66173f7ee0102b1e5f5e0ee7ce2a6f06588ba6e4c577c6d5d5767d0a23f1fa1bce3c2d4b08f7bcc90cd

C:\Program Files\AVG\Antivirus\locales\id.pak

MD5 556874df87f3e62bc9f2baa6353c5d73
SHA1 6e79085ed28fc54399bf7b91a09e69aec0e21e2d
SHA256 60e0f7533dd163da804ac5445f2a80fbda26bc58ce26d8d2de7e2bfd4e5d039c
SHA512 884045476c84c3c18cf41c7a0f4ef98c9df5333284a8d9f27757fa5c19a8c8f07a821b613f7d0fcdfd594fc23fc78ed5d133e2e1e5c965794376e69903f20f8b

C:\Program Files\AVG\Antivirus\locales\hu.pak

MD5 ae54cf32c7e5bc9b75615225c5faffea
SHA1 25c6ecee303925f6a273a8d0818a79ff80a74298
SHA256 12949111bf85a2236f071a294a508d99c90587a97b9ba7f61dc8d70e36f5761b
SHA512 eb12669cef9fe09d8f53094aa5df2ac71c8ea334be474a2dacb5f2e8ab56bb56bbb188aac10509873fb7dd3ebb6278d69a050a700cef6388a5caa22736813932

C:\Program Files\AVG\Antivirus\locales\hr.pak

MD5 5ab62a807b85bf1b75c741abba0e9f98
SHA1 641b2360699dfc465a86c0e10b51b4739bc3c770
SHA256 b967887c6313fca79a82168645c1febe43c949f01e0eff3bb8413a04b590e16e
SHA512 d53895053eb4aa230bf9285e1cf0fd46704a9658065f35a265496610c951d09c2436071f421217d3dbe54423624d216d357471763bbec069d3d0d938557fa291

C:\Program Files\AVG\Antivirus\locales\hi.pak

MD5 e7506ea783c56cf5432618080371868d
SHA1 91f7c1c26a7eada6af72089252c2a0153066fc03
SHA256 2418a772d39e45fbea52182965a901364ddcd5459a920c8dcb56c2844954e536
SHA512 4b4d90e2fcc913c061da046b4ad7256c1dba78959d08dee67a471690177dcc8561650e3e0397446fbcb4b9bec89a345b4f2911bbba6a88444ee9b135fecb49b2

C:\Program Files\AVG\Antivirus\locales\he.pak

MD5 ea6c8dd5fb4007b5b5a692b857693d46
SHA1 e142738f399bf5aa7c19d478a7def3d270e61851
SHA256 7652d063f1630e33228809834f71e6e2ffec75c472ec66b6ed767bd98886f928
SHA512 a77fec4ea0fcea2de4863eed319abe2f4143b5fd345aa951c94068f862bceccfe16575271bd423bf09b7116c6bbf7faf4daa59bfd0025797ae9202a311637e1f

C:\Program Files\AVG\Antivirus\locales\gu.pak

MD5 349ca76d987c9e2c7fb00966aa034357
SHA1 3bba7ea00e4f4d9768dd2311ec1ac59cc8239652
SHA256 79fa0f068f09ed239a8e0c3f1da0b35fa1f86622f9fa47721e13656696184e88
SHA512 330488349b8a7d9503df180611d97c4d449788284304f4bd231ec97c77d5c2221adecbf6a9486d2a8bee37b6e2c72ad22cea3937e95c1c3178c9dc6c522a52d8

C:\Program Files\AVG\Antivirus\locales\fr.pak

MD5 39df7277c2854d60b4b61bc11add4188
SHA1 865db185756772df35af31dcdf78dab7fb9f8549
SHA256 1ffb04ba6986f4a25f5191da50939cfe48d1581388148b7f64d3c10a124439d8
SHA512 de627a69981b4a4604a587a610b59a022f6fc4715cbad7be59cb444db7b42e0337cbbc42e9c0a5fea84bff066be3273a8eb251c578e5457a9ddf19f90a8c71e0

C:\Program Files\AVG\Antivirus\locales\fil.pak

MD5 2dc3f1409e7f6a3fdb3aa55c1bceafcf
SHA1 76fdde6ee054a19f7c76046bd41390004bc6ac41
SHA256 fab8b112187fcf9ba5102ff0aac2f5eec63a646c8bf808fc5a2e4e08b9c62a83
SHA512 5ee1981ac59456a623297de3257219b69bc053aea71fa4ae1486bb6f0689f7adb5e78daa17d8d338755eadb7164b7d7f50bd6bbc004c80d00ec4fe56603750c0

C:\Program Files\AVG\Antivirus\locales\fi.pak

MD5 59d49ab548b74d85bae165b8cc15b073
SHA1 d1946469ab92270bc99b7ed863ac723cf676f050
SHA256 fa171dcc44baf46cd4331d0a833172185ff6a166a31ab4f9890eb0832e15cbf2
SHA512 40b9018eac2f55828f3ce3b50e6428ed545f8453c51b193614137c035ab9853f63ae9c82c2ed1d6f9a4aee265238478bb46f468b08442d6cd4d0d49c9e1576bf

C:\Program Files\AVG\Antivirus\locales\fa.pak

MD5 78c7adf045b3d8a05c6f6519154cdef0
SHA1 694fd63b612fba0267e1deab41b8a87ee0649dc6
SHA256 05a98b8dc3b6d5e3a224e17c144d873c3b84c6e704fd2b8dd659e2099789f9a3
SHA512 cea96bd1621550c6108695d51a317bad4054bac9b564e45f2b0a16cea328be15475cf2ec033c33106a184215fe7180fdbbbfab709b782f43919f68b976d8cb99

C:\Program Files\AVG\Antivirus\locales\et.pak

MD5 d045af9a8b85c6ac73f60e9fdc16590e
SHA1 874293f1b5d1b6e2641d9dbea59b4e1b8f377752
SHA256 241f3e5286b25864081f50edb93c4693bf001f04d7c7b98f5c4921f768cd7e94
SHA512 b8f9f59f6519c5839d4da668a16062100be75317c4275bbb50e1afc4b6b66ecab7268054682bfdd63c5a71dae8ae00e80eff3eaab161c2e35a3651988ad38413

C:\Program Files\AVG\Antivirus\locales\es.pak

MD5 44c080e276c1c44cde4dee4c576a4358
SHA1 217c766a2ed03b9a9f2f4d1e2c148f10d836cca3
SHA256 85862323a3128490a2c1be66a36480f7eb73a2294d62ef4ff38ae868c034db4f
SHA512 333acd81c4b1fb5f24f0b0b2f5192175586fdd455895bdfd7092425cd877a844aebe3e74aa37060c849c5821fc5174a2471d7db95a6e7098e43e177db70ef92d

C:\Program Files\AVG\Antivirus\locales\es-419.pak

MD5 4861cfbe34644b1aa3a62e0b8a955b28
SHA1 66497635946e50bb17483db226d9d9fa0e80db7c
SHA256 ef0a523bcfa4d3a1b7472947a1f2a0a68e24c628386f7f0056ca4404d82481f1
SHA512 162069b7b670d7bf68ba8276d2ce0b042a4cb0f19f2f66edbc8af00dbd97e084ea9a755b817a82d77e83e63d97e79d7e50eabaf67c880b4aa85b3b6af0cce20d

C:\Program Files\AVG\Antivirus\locales\en-US.pak

MD5 0a70bdd8c0efc740818bdb82993bab85
SHA1 d84b6092664894f42e1afe042abc946a3e0d2e65
SHA256 21fa942a5f4f26996396f0d84807b6f8c01afd5809e2da33487bbecd0a6d13ef
SHA512 085c21045f8fea63a80678069af61e4273420bb6645a833319d58248e61adeee3cfca23edcb7adfc2dd59621184035e3f9e252db8d5840e6f6727e0e05b5fd63

C:\Program Files\AVG\Antivirus\locales\en-GB.pak

MD5 314c49194e366808b2b36253fdbd7714
SHA1 e9e8ba1fcfe91b80e232899c69844282d39d0d23
SHA256 411a729d9288a62780c32d6bf5f4cf0fd8d221ff341ce79c2eca25dfa03c9821
SHA512 5c24bcfb043ec09f31e5c8e640d1bed4932f9560d68256d4409d5d51a8948af3381e2bbf164515a2e35cd7e6ab5349d9fcfb4916bd8d11453da9d69e7cd8f5de

C:\Program Files\AVG\Antivirus\locales\el.pak

MD5 c6009c7b038068b61aa6275b4cb9f860
SHA1 4b77f7f822f4ee15c57dbe873c6f7549fb608028
SHA256 efe6a9d8dcf76f5286bec0496209f59da3de6ab6e355a183b69a7e4bd5d36cc2
SHA512 d3d5eb21caaf361bb92e0453ee1db4ef9349e071be2736589a8d2f5cd587e85d33c7d65f01342758dede0ab0a037b294d7e263d82f60c29e583ea1c30c9f3fa8

C:\Program Files\AVG\Antivirus\locales\de.pak

MD5 6932a8734c0ef9949fe0dc3b2282e16d
SHA1 817c17d5592129b6277075845557148e1e59cc78
SHA256 88581d49e6c83ef74fe4aeed438c0380f321d9eaf3b8ef210d39f8378836a1c1
SHA512 076f2741f28f76fb0da8fa35bb55418874db7e2304dd09afc0cc818b0c5e645831cb0c3ebf97eac474339c584e640f562b4699f54496ebd761e3733777490b6b

C:\Program Files\AVG\Antivirus\locales\da.pak

MD5 f1e5e7dc819670c061902a3daa17daa2
SHA1 583ca07af55f3055ce127b81fd825fe45cb722ca
SHA256 cefdaea7b486364291fad01ff402ab8098e2e13bc73b2bbeac25c8a9daba8df8
SHA512 b8e8e79f052d5165446a8392a4836fd6915cb87cf199c499e9b4e767e6e60e4e94d601420e798ed3b7354c8ca91304b1d062332cfd5016614705aa57462aec83

C:\Program Files\AVG\Antivirus\locales\cs.pak

MD5 0161995c04f022922e5c036d374eceb1
SHA1 5294111882537c10e4ea4df72b3508fbf2d2bc30
SHA256 3f2e5a65ebf8938ff4e9676b12573b23c72501761f1bff4d5ae466b68c85130c
SHA512 c04c549e23d2ff33cc424746f1a1a6d70e4660612d857070810c7ad9c7021aace09acf62e0248f139acfa2369fc511b4f329e14f3d6126813ff66ee7d44b3611

C:\Program Files\AVG\Antivirus\locales\ca.pak

MD5 8fcb9f17f850f0dcffa2512236e25790
SHA1 429b36872ed7b655d745fd8efba6b5239ad340a0
SHA256 c79b92ba066cf5414fc37795e6a76e966c23143bd3c48c0cf5f61aedd5cdafef
SHA512 1553cbd7fa4fc87341bfca39cf58e8834d6c3100571e34bcd5a1961884776abb69592c627cef414b918e8cd4bd709a83c4af2bed5d5c4a84b9509e896b8fbf42

C:\Program Files\AVG\Antivirus\locales\bn.pak

MD5 c7b9e899ee655e2cec7a49b9cb2300a2
SHA1 5c471604d1a755a393f1ca2f1acafd6e014792be
SHA256 522e7a2e1f7d8e49b5632759cb5dae269578edc522689bdbcb23b74750f53e77
SHA512 b56e1afb9c3f67ce891eb0215a68cb3588a82fe51e0dd2f9b18335f2312bad156cb3be032caf641a7a39ddc0a41038f96f7b36469ca327051bfcda620145f6df

C:\Program Files\AVG\Antivirus\locales\bg.pak

MD5 dec816e6e65e705be74917f249e43fd9
SHA1 6f90b68e6b1d904b3e41892cdab1923f4f868376
SHA256 ea323024091753a5576a343e46d19bfbf9939122bdde53d91d7dfdbbea5a9c68
SHA512 d21fcaf4fe07f4cc6c369d7cc5a1bf06de5ddf7e2433310b45b53aac340259f5276e1e86e15591ede8d4d5c05d719871d586942664ffc76eba1712ef3145395b

C:\Program Files\AVG\Antivirus\locales\ar.pak

MD5 98230353d1463eee93d64a4856f7008a
SHA1 10d98e7d0e095dcd947fbe0b8d771ed1574e3ca0
SHA256 36f41a346ed07708ce12d54e5a4c4612f49a375155d1655a23c52256838617cf
SHA512 53b9d1b50bb79e245d74dd30cf66da4715c81ef63af3d569eace6329eec00356eacb7357271778e837b60fee08deba2ba445b8ea74619a955bfa2b8e5c05358c

C:\Program Files\AVG\Antivirus\locales\am.pak

MD5 ad4acdfe76c998b945642b9af2756ea8
SHA1 025ea273d63fa71f3c10c578b1a3f657dbdb3f96
SHA256 4dbde72ecf65ac84b6c01251d37c425c4cedc00e3cd9cd40c0bd5a6081359b64
SHA512 81f71679d2ee24ef8124e81f39f49b113a157c88af093a6f571c34b67d19933c200d095ab65ce099000f132fd2a04a44829047816c1e53a42ed4c5b517e90fc3

C:\Program Files\AVG\Antivirus\icudtl.dat

MD5 80a7528515595d8b0bf99a477a7eff0d
SHA1 fde9a195fc5a6a23ec82b8594f958cfcf3159437
SHA256 6e0b6b0d9e14c905f2278dbf25b7bb58cc0622b7680e3b6ff617a1d42348736b
SHA512 c8df47a00f7b2472d272a26b3600b7e82be7ca22526d6453901ff06370b3abb66328655868db9d4e0a11dcba02e3788cc4883261fd9a7d3e521577dde1b88459

C:\Program Files\AVG\Antivirus\resources.pak

MD5 bad3a80c0bbbda22c237407afe0a82a4
SHA1 00cfd3358c40c549d4709f4530de277ec349edda
SHA256 59a0ad87f4aa0bbfc2d1462ca7d5e760e2f6f2911c6c31f0fd450a9bea7dc684
SHA512 110a39d7c26745167d31edfbb065818afc68cf6bab273f967852024bbf7c4566920f93eb207c4f17105386f18cd9289d35ac66eef3c1ed5f90e5628568222fb7

C:\Program Files\AVG\Antivirus\chrome_200_percent.pak

MD5 8f6d29ec5f29c02e8d7188366f0ef3ae
SHA1 7451e3cc4a7de1a53987c5cadf2a759269d99a40
SHA256 3e116ffe2f55faa2c2b96aee4da637e6424cb48bab27d9f94a958530f840c673
SHA512 418be962c4dcf92423b2bb780d3a7476756e16aa1b670167ed3631bbf7ad4edb1d35a04c5f8f685c5eb79edfe5a247403d25c6ef18f43eadf1192603ddb2b386

C:\Program Files\AVG\Antivirus\chrome_100_percent.pak

MD5 8ebb97efd9cc5bd6c500ef6c7a9fa406
SHA1 8e285f1ffd650c87dc4a0ec26df418acc1fc8821
SHA256 aaaff8d6c9f0307c4eb3dda812f566300073414de002bcefb273a7be57f9e69e
SHA512 f93b72eb950d924b66bdd44713b631409003feef26f6146ef366f05312459ba2d2c4c720b3ad13594c8ee6c3734c53e4d1295eea064c03be313ae2f541105c89

C:\Program Files\AVG\Antivirus\Inf\x64\avgVmm.sys

MD5 82aba52357a10649a60a1f3d33a4fd73
SHA1 c157cbeb4e4f50460c7c6fa5e898667734fb7ae4
SHA256 dcc6f92e0960cfc8b1726f30aa6c50469497a528f50906fc110c4b324d27d042
SHA512 4d90df2da59f41bd17ee0b295dd4b8483853fa343a23e67bd1d8e55a44e9c1f2821ea37b23421d1caf3106b8d2fa528025f719defdf527f907a415c1d95d24b7

C:\Program Files\AVG\Antivirus\aswVmm.dll

MD5 f69c01326711899217d782540148ee80
SHA1 ec37e301e2cea24f491518f4e72db12cabb0cd20
SHA256 3238a23a18e7fab8eccb2006f9e8b5291e1440e64aa6d0787b88023d769e1797
SHA512 69b5e46ec9819fdbe0659f5da581d8218cb3ada5115333e1326c756e2e0f56037dd1e1175224247edcc2f16f294907d9623a826e76284a97bcdf80949d440d63

C:\Program Files\AVG\Antivirus\avgToolsSvc.exe

MD5 6dc3ca53831036b4faeae30287c9c3fc
SHA1 6ccbdc7bf8e05ba53b6246badfa6161c8c485b97
SHA256 13970e11f277953dff517a70518ecec15a793cfdf4ee971090258d2ba5a6ff90
SHA512 bca294131ec1e248b8e7870ca0689cd1a64ea99640900074224aa849610db4f59520f5b342a9f4316a5a192cac656c86da7048edfc0593cd1a79891d295a5180

C:\Program Files\AVG\Antivirus\overseer.exe

MD5 c12dc4ebfa2065cc07afc6b8e7d73511
SHA1 e92bfa2b220e812015696b35e800c708be6dd726
SHA256 71ecd224d0dca8bb8a86703cf577a3f744a83013375aec2bcd760a9be56ee82b
SHA512 aed573d618c7f1a99feca672b4b3c91c259aa6ec0e31ff889d6a33406ecb2d6c49b54a88b9e5eb1b1cddc0ac375081379134731a9486c2801151073bc97a2233

C:\Program Files\AVG\Antivirus\SetupInf.exe

MD5 56177f7cab3f1f1e90529cdfc545aea9
SHA1 4e0d1115d284ca94baa5d65e70102d43b7e84d10
SHA256 5ff510799d23779a8571b0178345b76c908d3447354663e53fb31528268dea27
SHA512 6860d23b010614ad45a71ae0dfdd732c283121a82e754bb10b88afb6ac34584e90ce5e50726889a1f8d150160e1fff8ed69cab65781d201ee33b66bc6ce1b612

C:\Program Files\AVG\Antivirus\AvDump.exe

MD5 3f7f506ebacb648a89cf026606178aa0
SHA1 e063c73315ace3e0a7d19c3eb81450d59dd822b0
SHA256 779f0d3b683e75c8e8129acd0b9a0f5b1aeca6577401273180bc6390cdb65b37
SHA512 911bd06c4a53dbcc7ae12b85d9e080bfcdf3329199ea44806f0254c03819f5b10bd2035dc1dac233d4bc24a6fef0771085b33bb7a6909f25ebd682cf85d91bf0

C:\Program Files\AVG\Antivirus\AvBugReport.exe

MD5 cc5cc076ff004d3bc0868a50ff1544e5
SHA1 f61c8855a748beabc981ca2799de575043a1ad2c
SHA256 d57e25e87e03ee81f287ef68f012c1c0b106d0f917565db4aa570664994145ab
SHA512 e2528262ac3a69bd6a1e14572e3382e0f830ecabadbc465efc5aa7e66b66f63e803aa91b08d146e31f613236b7ba51cca825e70502ec1fa012899fc1f5b9ab57

C:\Program Files\AVG\Antivirus\RegSvr.exe

MD5 33b10188df2dac65e565fc3ec9624690
SHA1 6237799dcc12cb2c4ee47cf404538bbc0d062a3d
SHA256 ccce0fadd75a9a8e1fef54a34c2ff9c415980dda015c7d14fe8ab8b0a049dbfe
SHA512 72cdc3029fe6c99e8829dcd007f27898b8ae25a1a276a7ae6df44fa68eaa659880943e2a00a31d581243a8eb7f04ffca3c96e6243d2f7c7adeec76862b95a49c

C:\Program Files\AVG\Antivirus\aswRunDll.exe

MD5 86d2bc4668bda438e467dcbfe52059d2
SHA1 d9b9d1294610fa1d9c3dcf22d145682c49da3855
SHA256 3308dea3ab1ec94ba37958306858ad7597d6057a32eb480774d5866a3e5ad117
SHA512 65cfbe15ded78822a4da83f14ae40d2b5737353b27a0fcf8d505613cce67ea7c9d803f01117e8e43460a5dd8e9fa965dc33d25451a3ec8acd8fbd2b3eab7ba4a

C:\Program Files\AVG\Antivirus\x86\AvDump.exe

MD5 e2b679d1cba4a1514396c27ede2049ba
SHA1 f40a13449d3dd90a39b220202cd8bbd1913d5e57
SHA256 7859ca7f7dffde9f6ef338568a37f3eb3a794c235e41776b767c5a6c7a36efa8
SHA512 311d57ff49442305a146c43bf9cfc87490389d1719f2f07fa1420a00e5b56f174e398edb1d463ba4e92697ec370d4b769f4823d9c0d99cea59533d00ffca347a

C:\Program Files\AVG\Antivirus\x86\aswRunDll.exe

MD5 681e8c02f3042e06107834bede0f940e
SHA1 78aae7d1abe455a4a1ca9c252f07a5e32e3bc405
SHA256 fdbe4f821cf2d4cbf5b0a428d8f55be42f37a654e119164b8a84ce08400be633
SHA512 496e5c404bdafb60d0d29f1bf295b6269491b619495fac7774fa7ed05b6cf8bc2d5d006fbe95cb249ca126ca2abf7af5c56443ba12f5ef484112f69b5ea1d0a7

C:\Program Files\AVG\Antivirus\x86\RegSvr.exe

MD5 ee90fb4b41021907bbe5b773a70e2605
SHA1 e85fa5e8cc80e084ad6f844590321087417e333d
SHA256 f6aacc95a43feb1e2c5ad6bc5ab39df65e3587d4abef306d4785b18165b8ba5e
SHA512 d78954d4c737fa84eb301cf9aab4a18060d604c79764a8826674e4c47abc80846b54b7a96668ca4d6e3fab5563d836e34391d2eb5aeed157acd5f7dc537164af

C:\Program Files\AVG\Antivirus\Inf\x64\avgStm.sys

MD5 051242c5593c91fc99039eb589c35763
SHA1 685a19062d55644d3f4b375bc150dcb07673b8d5
SHA256 9e4adbc6c1613de62eb3a2b916a49e4867c8ba4b8ee3df1bb21138cf7a4467b1
SHA512 15e57bbf3fd47852d8f684797440bf40e9cae8e30b3b5939f5eb9b0f82494897616ddac436dafce6b2c326fa2d7a4f4de601f743c953109bb47a25b5505cec0e

C:\Program Files\AVG\Antivirus\aswwinamapi.dll

MD5 4b2aa3f145cd24fe5c449778bac4d589
SHA1 06909f3382d15ed88a952d526ce93cfccf2f4338
SHA256 93b762726f6bf2cfe1cb5706ed7a83dcadcee95de2baa05af93923293e361e87
SHA512 254c632b694bec3be3b0a16a3b462cd33456f6a3ff5f91df823e5f05aaae5a88568f10f61fb13218bf49bb83f0168514edc0ce7778e35c221817546447a1556c

C:\Program Files\AVG\Antivirus\aswsecapi.dll

MD5 a507ece37d3daff4d675d21e42479f1c
SHA1 a04d3d3e4f8ec9afe391f14b8e5853818926f775
SHA256 13c70d940d443fef346c0921299aaf570776024c072d03a8cfd516e35b48a49c
SHA512 bd9430298fe51064396ead70c980e1413640fd3eb72be50e56e5c9b8a2db235afe0711a8c1c38899b8a6762add914b6dfac78045186c2976b7a16823ef3e8e85

C:\Program Files\AVG\Antivirus\aswremoval.dll

MD5 eeab4c445a733c7a48bab3d8f3a2d702
SHA1 503155c240c57af6ddc393501d0e00201e927f62
SHA256 5c4247fcb26a9941fb2e00f07b4effc535a248bd0ec7181f6467ba71b87682c0
SHA512 4c81c37ace738172bbd25cdcaf17c421c31fa28584bd034e70ab62baf6d650f9ce4d07520cf202ad5f9cf6ba6f5d5c3f4b2d1a30a5ee200af5832671487c13c1

C:\Program Files\AVG\Antivirus\aswpsic.dll

MD5 78d0b63528eacc2b0c1c9a233b08c711
SHA1 4f71763f62df6771070889421312880846f45243
SHA256 9a10ca35d64f158a3df76a34b7d0e74a66e14fb3131ee12a0fd0e77f8949c9f5
SHA512 f2fd67c2feae5e984afdf7841f616be5706c1f3a96a8eda1046cd92664ccf8ac1417312400e7c253f571d9d16b2b2443f842616ed69998676f02c0cfda464cbe

C:\Program Files\AVG\Antivirus\aswntsqlite.dll

MD5 522945e6ef68ad6674b530b1e72669f4
SHA1 676d9767f43de97b2e587bfc190d4232800f915a
SHA256 b5f69be854e7caeca640497eab64e4aa72f6cf0f7a3605a25ab8bbdec587783b
SHA512 0cb0f28adbc4a24ca5d36af4d44b647874e91ea9d03872ab188efaed35d8b48cd7ff465fdda6227f098cc3009878ed9287fd10bc4e2c01c15d7066bff3ebdb89

C:\Program Files\AVG\Antivirus\aswdetallocator.dll

MD5 0424809c645caa4e3684374798211bc4
SHA1 acf18e2bce1ebb02de312c8a07d6a43d642f6412
SHA256 e305f53ee3e1b1165118a51af91a05933b46b19e2c4c7c0c256a7ea9dcbc8be6
SHA512 4687254ec97dfab7da7786544c0083d9bb7299a977343111fa9698f3d861b23f016d613e116ec5afc09a55705f1f8da49ae11ab0c33aa288e69f8df1a1de329e

C:\Program Files\AVG\Antivirus\aswcomm.dll

MD5 b211133549c6c55b81f3476aaca45fda
SHA1 cd547cde3b31341dfdf09b8e24eed688064f5a8d
SHA256 3bc9341d21756d2469d796d2a8537aaff8a7dc37916634b4242f01456d9ab2bf
SHA512 476b12a44ff0b31b02a41715e4d070eca16056107b037933223b0c951e38ac5da2a2f70f8d32b7bc049835457a956aaa1b7fbebc9b789a061fd3643aa262690e

C:\Program Files\AVG\Antivirus\aswavdetection.dll

MD5 ca118c8fccf3dbe64c8bdbbbf6024352
SHA1 c02fda5bede70f7b15b3497aed5e9470c1e2012c
SHA256 914f3e019ae77f7734d730f5193fad1adaffd1ca61efb14397018a7b3247946f
SHA512 55d0c3ee0bedde12f5ed0c1efe8f0aefbe8fceb4e254a503fbb60c6c57c08e4391a25418f844a5aa04834c45c649f81409008ac6816f420d6ee725a113771e6a

C:\Program Files\AVG\Antivirus\Inf\x64\avgbuniv.sys

MD5 4e3a26e2a064258bd9ba89e2bb5e2084
SHA1 e15d8cd2ae6473cf7a7d0ef961e82ae1bfde7b5e
SHA256 360020b9c634f37690eb6dd6838b5452b8b6f9c5f3d9d6bde80cbfa06092086c
SHA512 57e303a83d0ca0ea719fd96fc8cfdb5860ce021be7de14cd0a50b02d2cc099b6661286d85f5564207e5b093fae2536e99ff903277f953ebf5b205ce4099b98bb

C:\Program Files\AVG\Antivirus\Inf\x64\avgbidsh.sys

MD5 0ca5ac279ab4eef3d288ac5e57cc1bd1
SHA1 5d525250f11b0b2beb39eb4a82018faad33e80b1
SHA256 b658ec1c537c7b4ba9278e1d7e7c93b31236ab4697eba7f6612918d5b9c724d9
SHA512 6b3da553276ac2328d6072f4e18a16f894aa95d793a9c0506b21c5f115b252de8a8ba5d82d2d4a58bb6cf22267195456f372d3e8ef08ad36b48a66a3f902f932

C:\Program Files\AVG\Antivirus\Inf\x64\avgElam.sys

MD5 06921382dbbba9a6096f8defd402a904
SHA1 29850227cc31941efaa10a9d5d3f69efa41c8363
SHA256 ba8fe3a5bd8a2e6cccb8a4c95f2e0898d64946106a1785fe3d1b9a23827816fe
SHA512 a51ae4ea30193ec00ece7500c6e5a6e491e7fa2aac9a553424ab02939a7e19a6f31bba8d00246c4728778c5e656b4bc3d66d6eecc1beacfe89611846c1567ff1

C:\Program Files\AVG\Antivirus\Inf\x64\avgRvrt.sys

MD5 a7e327b842a110a99a8fc6619057630e
SHA1 697906377777429c02e8c76400b5c154fa2831a4
SHA256 b246724e4313366d971eb7b492fcb762f5efdb32f57f9160c3cc3d7af18ca1a5
SHA512 0104946c0eb622957b4604febb4a5188d4d2dbe64c492783a49b1012886905af88babafa10b48efddde142c85914f48e0cccd21b8e8182f7d3841d94ed700919

C:\Program Files\AVG\Antivirus\Inf\x64\avgSP.sys

MD5 b335126e0a7bbc939c8e14bd0d4579ff
SHA1 e93c114490a1b0665dbc67cb62c7e5872ea8e8ba
SHA256 87453d604df7a800eb6fa4317f79f48fcad37608b2bcb331d128f8a0e1e24023
SHA512 f89c97d27b8f8629e3d4ea5b07279017e46a0e6c772cb6df699808dfaaa3d3d01ceab1e2b09c76cfa1a3037ffce053b75f4bb53144b104f28a92bb9492b84098

C:\Program Files\AVG\Antivirus\Inf\x64\avgMonFlt.sys

MD5 c5325de86dfec4735ff5a9f737ded4e9
SHA1 4c4cfbd7bc71462d7db72fd2dc784e1c4196226a
SHA256 3d2a172db1bcb089f610b84d26f131168e301f4230d051cd92749dd8f81e944e
SHA512 f7b00a213d93e5cda8331aff5adaec39314e3388d515a94c9bc25bbedbef000501a36bcf3d5bf21db0575aca5bc6bccc99dd4e487f59f888f048c1592c389ef9

C:\ProgramData\AVG\Antivirus\overseer_unattend.xml

MD5 1a90bc8644262cd79e806a222f38e95e
SHA1 0b9dc24a50654a32e0d5974f9f4370bac30a90f1
SHA256 1210aec78a7a836e56e94accf4eea74d5c0f26c2dbb25ae4d6023886ed3c9d64
SHA512 4f67699dc93ee7df09c4657a9fffbeb1f34ac615eea55d169ac03f7f58c50640c968f4215ede9dc59b5660166a9e2392fe10b8f2f68f6b067e9631c94c805941

C:\Program Files\AVG\Antivirus\Inf\x64\avgRdr2.sys

MD5 f2d0a9e9d057a14cc519a1c432da6289
SHA1 b6201cff200c586ab78821b6d9183d01d2a2ee0d
SHA256 db16c9b36067631c4896f064566125bf50ab94ccc3892dcf31c40464d6d95c6e
SHA512 eab693c8eea5accfc8c63b440115b5cff8ead72b415c8156e42c752e59c9e0a32a058a96d66c7e6d4a1d68c77ede07a42797921cc6cbfd0cb3299a35b67d6f1c

C:\Program Files\AVG\Antivirus\protobuf.dll

MD5 6736faaead16ee33f80815d3e6bc2a28
SHA1 54cf9621a63659b609f0ca0c1f7e51d65a73b0a3
SHA256 c43a0d08811e7145bbdaa39548144312d20f6296b7f5fe9ba0b6c414c7279428
SHA512 43bc785e0684f7854997ad3ba99a907a0c95c459eea2c9708062d4944152e42ac5833ca15b762d87341e78dea9f3e05d82b0227c14172d98c7de744e8349b607

C:\Program Files\AVG\Antivirus\libcrypto-3-x64.dll

MD5 cfa0d81774cb0258d4206300c6e7df25
SHA1 9a60645119b22261d6657e4ddf2a76f03f4ac21e
SHA256 7a84cc660cd73891b48710719b2aeb8a7c3fe3146722db96251037623d3738dc
SHA512 6c1e64bcaddcf5b6179ec8877462f11656d38242bcb61d1a96b9bfca7feb09adb86e2545633aa8bd4e39379c01236d663f6c41f868f613fc4d523ffdb7c4d1d9

C:\Program Files\AVG\Antivirus\libssl-3-x64.dll

MD5 4c7c6cdd80e7a6b6cfa875c40d09975c
SHA1 f8c9b049aa6e5c5cf2833104ad648abca8501b34
SHA256 c1e57682c0015bff1a749ddd613e88af05ab7fea0c31e5712227e294db456d5d
SHA512 7b66c1ee01b10db6f259e66a94a6a0b90f1a12a76877ae5966dcbdd28a54595babd3544aa2c8b7058c5625552514673df431cee1458b36118b9c9c48c6e01906

C:\Program Files\AVG\Antivirus\Inf\x64\avgNetHub.sys

MD5 70c5f4f61f4a48348d37a57af54b8f54
SHA1 03950e0631159d413f83dd2d6e26907c84759d40
SHA256 019c1f98ce8d5edbb6252243b25782c1f1472c5c10d6564c7cc60750f878c413
SHA512 ef0d77fd8965ac79f51bb038fd19a9ebb1b3e7f3bc7dd307ecc5ba2ce7d8d3ec98546ccc0bc272c32c9129b525fd5756b1a55c3e5ac2146207b1329a05165af5

C:\Program Files\AVG\Antivirus\Inf\x64\avgKbd.sys

MD5 72c767a940dbffcdf845aa34deab327c
SHA1 af6a4d9d13172d0c8b2828b83d7812bb683c86ee
SHA256 fa59c78091d04643947c7d7fcd25a0c5cd5f8667aff0d44cb12a1a24bbd1d1a3
SHA512 b7e8c474460f2478e1d243d0c2b58222aa7c3c370ac6f16700eb6930a77156a41769949168f08724e08ef6211c38b1aefea0dee397ae15d42d75479daf0da2a6

C:\Program Files\AVG\Antivirus\jsbridge.dll

MD5 e80adb5927eaa9109cd83ac2fad0210e
SHA1 67c3e9ce6543bc27cc36a7051a821dd9e9b01176
SHA256 473ef3f18666af299fd0fd7a24ee3b7cde0fa1f528773c091e056cba0a18dea3
SHA512 73130e84d39a158a77cd95d7dc79ab797ad339754f58dfb7da9fdcf79ad063e41c5bbde7074b81513bad91b2e53416eb7c07cb403b0065b9e6c8f41f6d78323f

C:\Program Files\AVG\Antivirus\AvConsent.exe

MD5 c7a40673344040c55bc588c4ad275644
SHA1 7d0e8aa7481be3745a62fb4de06b331c82c3a0d9
SHA256 a04f9672d5f093fdaaa615af6280cf6f4b95f425de66171bbbf3dea31317bcea
SHA512 108cae7609030264f2b0d6dd3f18cb54d0a5d2d65f8d272ef742d2fb09ed6dc6cf9db4437fd120133a4be5278dad6f82d7da2cbd73078a10b882ef10d11fb601

C:\Program Files\AVG\Antivirus\AVGUI.exe

MD5 b37bb81b933faee92e24f4e006cc23ae
SHA1 cf8fd484947a49c898b67a41697b7c9cf19bdb3e
SHA256 c270d3f87b17a04e28bd4c9c6fc351ccf8d70177de4ca31fad6588aad4417d77
SHA512 e9a0a3375a0815e7b735229fd2b1c50441c37e8a8558ed1474c6cccdcd1e0dd4fabcf46f91ff0d1b1d4c0a68d43be4f06824e4b20105fe04680350e2a83f1c97

C:\Program Files\AVG\Antivirus\AvLaunch.exe

MD5 0a9511c64618426ad0f77733b181835b
SHA1 36f8019cb20fafa9b64f9674f467dfe196011caf
SHA256 51c0ade267ce65e351b2abf86e2c86a472187b07f2a4af2ee2bb120484a2dd37
SHA512 e93391cd756ea20d803e4a0882b8e2fb1245f0435054448a95ee954182e93603d8b6cb58e640f2db882c264376c644c735925eb12d9c60270bb2e3676e0b968d

C:\Program Files\AVG\Antivirus\HTMLayout.dll

MD5 b39614a52de7353db442a5e990d8b007
SHA1 6b9e95a06905267729e721167f99982033a3fa11
SHA256 22a35a503c3060365c5107bb0f6b17113cca77f9c76993904140f616858ea10f
SHA512 5ad0217ef70eb3baba368ccb5d05c54a479351be706ac95b268ee7dc1aa24ea00674134dc60c143bcbe5cf21d6759c18e965a6bd89bef7d0cc20f77967f56b7c

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\vcruntime140_threads.dll

MD5 7f9531927e58fe32981d195625a17e2e
SHA1 c2831c6c980e9ffd05f450302cf81af11050c300
SHA256 88241636a8d3b8ab2af9d3b3b9e40cad4a17896f87c468ce5f177724656b7340
SHA512 92bab7dd259a9509ca2cb7ed82dee4de77a95780b9acbf36f657666630e9790dcfae51b3efe8a10563edd0ca8a29ba9c9c8138a740240ea106cbdebf61a10bed

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\vcruntime140.dll

MD5 8a090e342a1cfc590b468b61e0c6e23a
SHA1 2ce5c404d0e926d3829565a819142657374271c7
SHA256 c432d3c6a02d636c4e66cb97bb738655efb1786a89d2ef446cd0aaedc7f6fb7b
SHA512 50ea6a9241dbbc52f93703cf29d2024ad49efd8f69f8552e493039640f2d0e625bd5c038e942079c0e291784674d531ea256c2556c637ce292ec6de8c417292a

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\vccorlib140.dll

MD5 8ff7f31d203d158ca42f0bb4fa077587
SHA1 721443995a06600be6db636dbbd44767f2d2a349
SHA256 a5aad3483ab030cce01bf33f5a72da627755f13596bf3fe72db766463d9acc57
SHA512 a65478de5e6fa74723f66af35c3c24762e0ebddfd575e4bd7e868233a846e7813454d0542670159b91c74978a1db667d23229d4605080cbf6e96c3227ca2d7e3

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\ucrtbase.dll

MD5 b65aa2646529e9c1de570d28c2e37c2b
SHA1 0c0516631b589a6d87ae53442a7ecb8b277127ee
SHA256 783aad71c976972def8a34579123439cfebff071901d97bc91033a05d9c2068f
SHA512 4cc7496c2c0e18e10c0d3783892b0ba15c1241fabb2ffd168e981f60e3993fcc4cda07f2ae9afec4869f7d06928fa606be53544a109a3d78067cfeef033ba009

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\msvcp140_codecvt_ids.dll

MD5 0c94dee60cf90c0950680ab6aa2c2b91
SHA1 d7051e98366d14a440111ffcd5b28379f8c67806
SHA256 ed53b64f64fc8371f8ef39b4366449aa764eaae971de628aa2b09b3a6847216b
SHA512 0cc66c7f194ddc4c0bdc9cff0709c75455a35b6c5ba78ab5d3e7093ab9388336755850f3567a93c96cc66d7376126a45ec8e0cce370518346647d1b18dbe67d9

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\msvcp140_atomic_wait.dll

MD5 cc556ffc1ee06111ba305967b089779b
SHA1 9b515a2f8e7dcf570f040b19a64b36166e17d93f
SHA256 be242784fa947e505ab9d79a23d7ae96e5979af03bc51297ae840517942f8675
SHA512 51fdf6c92ac6cc06b04092a0b1f9d391ed36d8ce0b2b123fff9d228875bd91b55dc218615f757f06f34c11d2527344f21c7db48a7b0502685bf6f77650d240a2

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\msvcp140_2.dll

MD5 1b73cbc1a51c5c2e61072729535e3148
SHA1 52f3494af0555caeaae477173dbd7a8c171997ee
SHA256 4279fe19e9d88988a93f5d334518b204a8956543f84467168d5c63d490337593
SHA512 9898d2952dc3cadfafdacd6d281d8e1614f6a8ca88448e52d393fc540e543f810d434e8eb74a640232f83c4ee2a07e8b37184f59adcfc9c8551cd0e061cb4460

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\msvcp140_1.dll

MD5 8ecd8aea1af9dcb3bff28b1d4e0795d4
SHA1 acd125327614726c4069fcc4cde256d276f57ef4
SHA256 ec4743a6044224132ffc5f20c25bd7e36dea25f7ea9baecec7db40b0904dd7de
SHA512 33ba68e27fc769f0166e72da458244981622ffbfad33ae1015ec73ff83751eae9aebf1aff991247ddc31f0223888f8f03fa9b2b1d6069112ad8e1689e519057c

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\msvcp140.dll

MD5 0d3e750f8b8882470a74db90de94f814
SHA1 cb07462263379d3f5dd89e2b62ac31a2f7538821
SHA256 5b858fe4a054adb9461cfd12a5f3b8a9622a2eae88bca8dbd7d84a9f972a20b3
SHA512 b5ac0039428d844db36327ce6637d207ab02ad4cd89e0eac361d61393d396d6e2fff76d1007985889ec88d20e9c62ad29363b984b77d791feba588c1ec64f084

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\concrt140.dll

MD5 2126db527717014c6695f9745a480c2e
SHA1 3d564a111a7f5a2a3e9b06ace066931fbecdaf68
SHA256 50c864c13306921277e9c43f0133c754938e96cfa6982879d106b32b4551d984
SHA512 a47423d6ce322d297b0ec222ab8fb7cc46a31f840f412f6da0bd4ee9c40080ce4dcd2b00267de53721e61ba8ea02ee99d366a1047e41805f7feab8c43e4babbf

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll

MD5 b52238936bdf50ab985435a176281f68
SHA1 7bd2be0808c538b6f15f20a9a1228cf4a20adbdd
SHA256 3a23171aac49453f931d69cd55f6ec742243f5835386d9e6b18efad96c2be450
SHA512 36999e6cd50e26b1620fe24ba2dc11a40b25d1d77cc7a0337c7a3f65b16383fdb224e179392a215e6dae846e8bda6acb3e027445fd334e26e34278a397452f6e

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll

MD5 0713775484e95e5bebcbe807d53488f8
SHA1 222dcab5f38d72971fad641201ba3ff9a2a0ecdc
SHA256 e63a096b1ae68a774b1f1afc51b5dbef1a5ac2d79dccc1104112c22841e3e378
SHA512 f19d30d37718de3edba15358888b13afd9f9dfe4bdf37bdeb3204fb6cdeec3f249e388d06a89b21dd4a0da9d1cd70bc4f5244f287a4d907dc0a786df7ee97097

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll

MD5 841e4ff9bb531b52218392db1d7cfbe4
SHA1 5607c2a987436195f1e241a0b29e8fb1f734102f
SHA256 4da31e582dc47d46132cc73ad34d5b87dddd2338495ceb2772f7e103a9a32ebc
SHA512 93232073d95870043994c752318f9b319db508fff452e4aa0b8e42e66d13623803be4537e1798dd05177b7427175d989c8e49a379fd932297e161d461bae268b

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll

MD5 85444893a6553a4dd26150a68fd373d8
SHA1 ad9b46da45366f13a22173b06e22a45a211e99ec
SHA256 65f2a93490c845833541de1376d5bb65e6e864a1a9232f58f86a7a84408508c9
SHA512 ad56f71d0dc6d2dc5dd46eaa00247bd209403014648fb9c8f98937fc8e36fc85c0107365d2f6ba4f6d530f340278e0205d94bafebc78d10201e71dbb5d4c36d6

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll

MD5 90340ac74d22b9a67237ea52a4dc1c75
SHA1 75d44b240afd4198b0f3b7256a4a9533ad1ba73f
SHA256 fd48da616f2d17054bcab961239431d99c247586f96bac69aac5b704ea694352
SHA512 6f52ae85b4d9ab8516d72bb1662ac9cf602092fc61ea78bd85af05047c70a0adc5edb67266032f12a86601c983015276f15a457935f5b6143dc80d335351e5ec

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-process-l1-1-0.dll

MD5 0444624f30e8030d84bb169fc2410444
SHA1 05c1cd844368ae2c113585b477f91507430d72a0
SHA256 0b87358da7882fed313facee92bb8f4e45299c63ca557fdfba1478b364575fc5
SHA512 648a79fd30a73582907c7ca008be5ef78e6e72aa22478448721c4c5bad45a45bf76570d24e061dfae5e535666e79154f5f9f66a08746313620a17582e3998304

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-private-l1-1-0.dll

MD5 3b07abbe272e9b9e2989e2d6a400fa53
SHA1 f925e5e58377dcdc13b6d80ff22c775e2334e372
SHA256 a170d9851a1427066d1fd61c32a9ae4b9545aa926be55da7e7d94275be281dc8
SHA512 14762c984aa6736b1330b1f0b296622fc1ce3ac79108c0bfee793a51131deacd09b494e8c851c6e437a84871a864dd65389657df8b2256f931e3c60a61fade8b

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll

MD5 7442e7059f712705d4b97699bf56de35
SHA1 f924088428eda3b76030091cf59ad38afb590118
SHA256 f822289ea5a9b0ccf9777a72bc8b73ce68b596fcca811e0cff0adc4031056b20
SHA512 dec6228063bbab561ae0c02cbcbab3d08c15f261758405d8a709707a180a09af9c462b0b382b700177f285a1ce3bf7e71e093f9031d15f932120fbfd396aa851

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll

MD5 46aaecdb8d337980c82cb2714a985986
SHA1 22104d2272b592a344df5b575fcff83ca0e4b161
SHA256 34457a002e90a590b516bbf58530cdddbb618a46bb3e764e18167c44934917dc
SHA512 33c91058a693b82f1457d49bba2e209a90b825927be89e38523671ac16f4fef208b98efa980a3e11185baa4df6d7639d447bf30e19dc91b76f04ee61b6169bee

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll

MD5 592a65b922d4cd052bae1957be801a4f
SHA1 8371486ce1b38e692c0abc4a2a9e0c3e1945bb89
SHA256 d78e74087d151454365adf6239967c8ecebe85b1c6c6d3f59e70f0980028b1e7
SHA512 0837209e518d5db76ceb8128dd49cf03b8f0d11526630ad20c716ade1e02df1b39a8440d20ee20b488c6d6180c155d00a9cbbd311fc50f4803a8b95d4a545726

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll

MD5 0651bcd9acadac1d50653be35378a82c
SHA1 5d1b2233c7acb3915d33f7b29cc2f0cbf34ea1ad
SHA256 fcf66176b6f7ab86f98f38d5662f61fa61ad3f1e59740d8a1df0e1072248cf6d
SHA512 1ce05989181faa8d291bb0df34bb4e93f2f576187cf2d0c5110988ce17e6a682d815297fcc9fd174bc1791713fb07b616ed952729923abf8c06b8b8f6d71d82e

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll

MD5 d1f28f796bacea3d58eca271fd128758
SHA1 934efde030a54a441c342af18ab5275e5facd0e8
SHA256 b8d3d45141ad57d917b25d2491a07f20c77b1dfd047e203e26dad591c40b225a
SHA512 4b6ada7f10a4a660c3b6ac0fd81a41c680bd6752eb1a70da08510feb10fbf2b7d5ee177a94d5093239914eea79114097329a64067a72068a8baea8a9963e3901

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll

MD5 490c63e6b1aba9a525404067ce3c20b6
SHA1 04997f8a146284f8369c7db6204949658d6d7180
SHA256 c5131d1abd188d009e72b8c6474c74a262b7b8ec504470385f7f69428e7ae0e7
SHA512 245c4e2545e7eb5462e20e12d8092cdaba24d48e6c53d02f3eec586de17eb9cb6c15cea204a18deeea3cc8668c8afbe9f35b0fc1e751d2f515edd18ae149d275

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll

MD5 03c2c3d48cba89a77a8c06158056aaa8
SHA1 3cf294991250721c2100288d4dbcb0343cc04bf2
SHA256 43e0c37da7bc6b2786f95765f14177651bea534ca4d1d966c79fc301a55ad5df
SHA512 bd9787ec2cf87f8c790db18724a5cc10d1a6de005fa8cc6a74733521bb11251bd0d026af9468e98b616a6d8212cb41c3da102248e105a4b312d7b068e9c407d0

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-crt-conio-l1-1-0.dll

MD5 410fb7adfc54094b95609747a5376472
SHA1 e2e79f589a2e71009d9947bb02f05b877e208266
SHA256 77f2e7e09fe542ea78f4f6f23440014461074b993e50bf75d02b2c6571f5d696
SHA512 57fc04e4c770766ee9c2cdf7ec166792fb4164d7657fbbb6a6ec74a5073de953860b7c1d5754b28b61a83b7bb1cc0a1417a2f13c246aa06044045687b207bddc

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\API-MS-Win-core-xstate-l2-1-0.dll

MD5 b685358b3d0f37b68a24a6862f2ab63c
SHA1 b98d6706b7c922a2c93a75280e599361502697d1
SHA256 7cf73e4f69b3dfd89f3b24167f2f421b17537f3a4e707c63c675457b4fbf850b
SHA512 965580bfab334a217625e64dc5ab8622dcd18e5377453252b0c40c8e171040411a8916145f98e1bbe7476ad140562ea52ba148bf584d3389a07c2654d122e9b4

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-util-l1-1-0.dll

MD5 b179b9f02a2a42a92c8eee8722d03745
SHA1 86021ffb09e59a781e96158c8f5fd7b63ef950e2
SHA256 9c57a5fbaa0a57530b988a4aada32e378b1cbd1fe368b90e147f12069c8ae7bc
SHA512 4fa0ba86b83d4d3ee041772cc59c17407d02eef04385ad9c6d63547fd9e039a90d5a161b9acee7af9defce761ff47e288207f60b2b81a28cebe73ee1d68f0482

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll

MD5 2a21692ef3a54e5f4a016a3a1767a7d9
SHA1 9890261f7cc42d660371c1b9d3a96c09b1e48783
SHA256 01f6b2760031ed0d521e8d972a6e7b4aa05393934a37266c3f9374042cc97b3b
SHA512 7ee03077c29867a717245bbcc1f4c7afc425c5e248c7c70f884e3ad0bc0267f95b94ea2f47e3554b2d189160d56ba4a6924399bc80201fde24cbc943894e60af

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-sysinfo-l1-1-0.dll

MD5 7ebb75a1000e52570ca55c35dfc7bd6c
SHA1 764dc860173990e451f6aeb6fd9b0164a86e447e
SHA256 2b151cce07a4d9c8507a1c547fdcb6ad904f9ebeeee71439d6151eeee287984f
SHA512 6d9c127cb35c122cb028eb9e8e7cdb466dc7b429ae8a13ec818df96917120f5e1f47902ecb3ecce9ddb1379029c63db3b6504d83dac8b6342484124902672c09

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll

MD5 364d65fe7f976fd00702f5bd63eea9b3
SHA1 e40359ed2e2deb198caefedc27acf8c7715fc80e
SHA256 85fd25863a60e7c627494dcf14b169480023c0b8e4682a0e495f4f7389407149
SHA512 dfbc7b8660a7b96135ce0b35c8f2f576e536e8f8bfb53ee268611fabb4ddc4c53fe06a1a9e81ff26a8e10dafc40eee5d579a2bd1e19d7517bf6f089c605ece6c

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-synch-l1-1-0.dll

MD5 c748312b0f6dfa5440bfecbd094f9180
SHA1 d991110deb52177634630ab6165e195ea62ab1bd
SHA256 7966a70a6113a131c563914f8cc7acfd8b8922d8ef1ddb2a18caede076f1eca5
SHA512 c5554ea1436d27ff336d7e25f6f68d485c65d916389213cb9c33df2622cf08314411ce941482c03a251e214e2faa72abd266e2ccd444c95c65f12f78eda5a830

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-string-l1-1-0.dll

MD5 796e70f25faf0353eba92c001569c976
SHA1 2b427d0ad6e6ada06c012860a532da24e3f1a8c0
SHA256 9e153dbf1c157a910dfc62d1f1ae6c728ae3d5f2b767c5659a6881cecd35d8f7
SHA512 e0a2b6716add6542de78d409a4986a57a7d2e7d10672a57bc5a44fce3e65e365727cc64e9fb34deceeeec96b544d22b0901605985f5cce7f11341a00f898b56b

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-rtlsupport-l1-1-0.dll

MD5 f04d8cd1c228b2a9321429bc9d72599e
SHA1 6695fc5cbee5c73077c59ef514353a4e2d6485f8
SHA256 498d2f02f5fe0a73cdaa1617be6bf7b2b550ada0537f8b1673c590ea99429c30
SHA512 afa2baa1a7344e795e325cf3b757371978d5e1c2288c31354095f4c30a4d308f2d405fd00b4efa86fef5830930a247dced395f11cab49e6a620df2241abbd069

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-profile-l1-1-0.dll

MD5 5e50911343631e123b2de2d19ad5e2ef
SHA1 48f0330e58e1a17a72bfc9b1283c8eadc96e1ccf
SHA256 b3caf7155167f5d1d4ada4df4764bc78b85032bb769e5ef586fcab27fd681cb5
SHA512 eb6e19b6b51a4422a861615d1f1d0742473e49eb4ff4a2a25c84bc485b9db336f14e3ee83afe8d221d91466ec7ae436b1210288ee3328a2ee0f66addae3be953

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll

MD5 51b851eb7b58ca2c3280def9722a9602
SHA1 75aa3331eb7da58868f700158df56fb49e3c4507
SHA256 9f0d6efb48c7f8c0f001ec30d45558c5d8675c06573eca7c8125a7d5a1db2634
SHA512 e9b0c683b58ecdba5d5132f6808ea2dd85a3db3b0d9690efb54aeee92c29b8b2b4535437d861d2fa2a8033e623aeb4ee0661dd01e17527a74d6002c9926e8783

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-0.dll

MD5 fc776a56634728a146211939d14187b5
SHA1 f8372701ba9ee1a51ecf4649c74e27d1e996a45a
SHA256 ca2b5493a6699756b3bf63d9bd807b0204419ec3087d02f4bb5c7b01e8fffd4e
SHA512 dd468a46c62e8a5a2ee64332522d5ca5f8093b13722e13cfd996b32b6efc74cc2a8502b44cada19ec0c30027dab400c8567c84937f08ccd989d8a0b75b470a75

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-processenvironment-l1-1-0.dll

MD5 9c46e030383d0f85a113a1f3b7477a77
SHA1 7f762360a7cb9881fa9c153f42f3a39be89db946
SHA256 d08d50eff27e71af2e72655edf22dbdea85346cc14be53c48988a3c039fdf17f
SHA512 6ab0490d9eb82f010dc4bdea8e54b9b760a417a44bb88a7bc74ce7d61833e355cef54712f3340b37fbdf07dbcd83e17295ab546d864ac06e84e0bbb7d8dd8649

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-namedpipe-l1-1-0.dll

MD5 4ee09ce90a33fc4f885539370d3ab11f
SHA1 023fb903cb6ddd95e25f18fd72e1b57b4a5ccff2
SHA256 4b00d5be82d9eae3445b559f4eb1c62eb192f5554b9edad50b09f98fbc65c126
SHA512 afdd5f50fecb5ada09a4d8217f1db396a2501b4ea14db90267ce51e964536a9e7c32cc55b5a8239c357f9146a7f4fa601181b7b8222670550667fae95d55bcf4

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-memory-l1-1-0.dll

MD5 2b3eae5e560be8c87a246d0e8fe3f593
SHA1 8f9563bb72fbea30d37a27c353daceb552279603
SHA256 b858256aa6a926f89714f21790d25e90b7dea5096bd9935454a8b4c7abea736c
SHA512 e33e50380d37f075b8d7fa283d5b4005ccbd7c35af1d11dc6ea4f4529c39571f50114d2c678061daa47f6b36bda9c948ca724acb9aaf9595ed7caaef2b0c0359

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll

MD5 c542c43d910dd6ae2f4a7cffebccf613
SHA1 02086fd8e53fcb3ac20cd4aabd730d46458d698f
SHA256 230da452a8068ff5be158d84618c9d291bf9b8bc878ed5d56318558d52e4966a
SHA512 364aa5a59c10d95c6a93024a443972a06dfaa1693c942bca517700bcddb9372aae1c76bdf35453a5ea256179fa61586922cae7d22f4623135fe7168b5bf04153

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-libraryloader-l1-1-0.dll

MD5 ae1eb2e7a5de49e2950cd2f7892d5513
SHA1 ab7ea36f3c4232f0b3f6036edecffdd4e8603936
SHA256 23fbe7263ca595af627fc37e774fc6fd5f66daecb54e38d48486c9df09e438f4
SHA512 ef919e89dbfe93ea2f45e01913c9b7d1695520f3d0073f2b578ef814e3dd6443bb506e5766d09d41e802f9c2cb4d35778c87f86faa89baf7dce66da787b85418

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-interlocked-l1-1-0.dll

MD5 f6f0270f98f5cf857d1e0667819fc9d6
SHA1 959209e5e068aa2564f4f777e1c8616a9d4cb6a0
SHA256 616ac120e3b9abb6f245a09fc17398bef10c5e6aa617849fe68a89efdcddb7fe
SHA512 1ef69bcf037e2ead4b4c3518a8e8e3c2dd3065049649a6973aaed9300ff6fef4bc2bc25f7d0b92dc4ab5f6a576850537ce9d6e00090af86512d080417eda42c1

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-heap-l1-1-0.dll

MD5 e36e88531f284b1135617b91f73e5ec7
SHA1 dac7d7984c7f906f66a2eadec395207a4fd9a599
SHA256 0c25f2284aec3aa7dcf6432ba9416e2fb289e08bbd996bcddadaabe42e361b46
SHA512 7e2f7095bba85a3d6aa21cd7371b73d9aea6b07d89a82c448a65f3188d9365a0070cf8b5312a3ef0eac1e4a2d79eb3d34dfbd7a16a7d9da19545ea216c195c4d

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-handle-l1-1-0.dll

MD5 0e37f414237e14f395f8914ac2532581
SHA1 2b06c81103d7c94075dd63a8df33b72ffda75d2b
SHA256 3ab7f3707a380352c5aff32c0761c5ff86f358f3683b1dd273da8be18f6521a1
SHA512 3e226dd4a8c2aba7fc81132840e8087bc2fbc11096098345051d6eb1dc724f3960789f7f958d362c6cbf7d58904bf5ec7ac84945730256a50583c41dd2135bda

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll

MD5 320629a907048b64a99ef484417df721
SHA1 0de1886eae33bb5f16de27d647048a92586259d4
SHA256 b5823ce2d6e600eaf4e2b1353600dca0351c46d014f97ac525c3ee9dafb2bf4c
SHA512 6567cd36297cb05ed301e5f7eec87a5f796aeb9fb63ba30cbe73087bbe9539e2dc47a11947c8461cd79ead01052999913143d32ecf4cbdf5833a970e61d5bfc4

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll

MD5 918b087149a2571d9db1eb04878c3603
SHA1 aa1d2c7550df6eddd2e99b44ac9de925888281ad
SHA256 b2546e21336714858d2b03d2532b6955dcd7ff46b30435f6d309d8c39d0dc957
SHA512 07c0d13e505c69985d6354c450887260345dc59468eb82b9b0534d1bd13f5f960d2d56932b204b300ac7e5f0ff7234c5e459de06d0e466fbc3f710fb9551793d

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll

MD5 4d0399f0050b13586b8b04f62e95b16b
SHA1 407ca079a3bbe2837203beabf41516fdba776a16
SHA256 420395ac9ab87accb00fa478be0b73b583a42d406d1341d98a77f6189b556998
SHA512 8908cbf7cb7b87fc78a2baa1eb2aef52303e733987891361db07098fb70d776fe936d48221a846787d67adcfbaf30ad93b867d5578b7dd566fe8addc480cda18

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-fibers-l1-1-0.dll

MD5 38646cd15ac25a8d71bab09d5b077338
SHA1 4c153622a3f069480a194bf98add276f9138e168
SHA256 cb9f01af9ba4b50c604633073e4003652f1e99faff93daacd4502d4c08177688
SHA512 43844f5e82c7bf6a485a5411ce19aad3bb0f418852b86bb479f41170d85e04d02eaa76092b84ac7a1abf14b285d66fa2ff891cc9c97bbc18633af14ec44cebb5

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-errorhandling-l1-1-0.dll

MD5 b2eac5c213cc442820167617d568e179
SHA1 9e61baac12e1a536be5e553530db8957ac606d37
SHA256 8b4a9ba2855247adddb4ee1e7f503dad5674ea7bb45015bd69cc83a3332f696b
SHA512 af7a8e6e16b86d4e2aa3141fd41a8c897957486b4d87d8ed14210590e86577e030b4b7c419ed988d22851c5fdf75236c23560fd855ada97a76459c9c93802c83

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-debug-l1-1-0.dll

MD5 1c76698d36fce20d2919e67e3f08bfbd
SHA1 eb85df5d35cad00ee7eda50e8a4eceb2490f9245
SHA256 d95f01fc571294b128d0cfde5e68472b8f6a0b3dd5f0c18b676e3a077df80cc7
SHA512 7b0a9de7a2fab1b969b469f7e7edde93b9ede530080f4090ca0066642ce6bba28023bdb8ac5bd85eae38d918549be7066981a08263a3fe2a657a5cec15c62487

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-datetime-l1-1-0.dll

MD5 bb66dd4c715754bfa99abbcbee3a4449
SHA1 21a9bef9112c1a614bf3d5f6eb2d2f0f17b58531
SHA256 55804126146c7c575add104eec386f161672cb740e765eaaf7ec8707a7cd2af6
SHA512 aa3b8ec6c34ce2d162783595ff3902cc1e8812ead15f2e723feb82fb0202f654d7e1138e4b3f83c7cc0204e15c41a34ad0b1d07fd3bfa609e97c01241271d136

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-console-l1-2-0.dll

MD5 4228b8901e130b70052da8562dc7b5b9
SHA1 5007d4da77465c38d66689312418acbef9c7aace
SHA256 67f4d89f85a61b18ac1f5d6d04f625d64bedb252c219ff9785cd1508876bc718
SHA512 cb42b5a184fe08df207ac391c3e87d44dba15008efe2caaa0774439e8f7df2ec35f63e981d080fdb8fe2f46e8a43ff58a332d6cd241313ce419fa2ea0ac2f40e

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\api-ms-win-core-console-l1-1-0.dll

MD5 cd3ab89fadee9d9ab307f55390798102
SHA1 7f5646953d2a90c1033cfee8d2e6d394b05d0a5b
SHA256 915c296fabf88b9e3b43b5a570a6e8e642071678ac443c555f6e95bee7925bc5
SHA512 5b68fbe6456897695fdbc683dd703c286531e831fa3039ba19bc376ac5f363cd0588a815156b18139b82e64ae5c9d87bee025805658005e46d3fce915a9f332e

C:\Program Files\AVG\Antivirus\x86\avg.local_vc142.crt\avg.local_vc142.crt.manifest

MD5 4dfa6db968c4c50fc1f1e41036572358
SHA1 1f281bdc5210640735775ae1b9e4a70ecee8329c
SHA256 14ad3b0d76e581de26d6516965fc2ff28162cc2027c2b7e18fcd18aef77d8854
SHA512 1c95f5f3da8184e66927ab238f2a533222442be10ff712c095b50b007ba0f8af584f28cc509ccecfd480c03fac47082dfdc4dc27131c2de4ee61afe4aa8ff642

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\vcruntime140_threads.dll

MD5 268036dfa28320d2186b9b21631d443d
SHA1 96fa44f2214af9ede1160e043c7cd31b890b437a
SHA256 edb3ff7cef28496d535e40769625e542dd3e13110c38ce2e3dc1caa8687b892a
SHA512 99ce4bc5798320dd7f736725eb85a98553e277ab93353e1675fb7842bd258bb408a5df7bc530a161d91c1eccfcb510138f98085a80e892c3f54e2e8a723bb841

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\vcruntime140_1.dll

MD5 9410ee0771ff1c2007d9087a8c316a4b
SHA1 3f31b301b5a99a13486ddec08d25646d5ad510db
SHA256 e4e85eea1106d361923995e53a0b961a28d4fb58555f40945003f35e5bf2c273
SHA512 434a32ca6c4fdd8ffeb45d1bdb4d9f3c1b1259a1260ae66eb241f8bd63524cd1a3ec29d5eefa2d2f266dd740273e69b6bb8a7771badb77e781dc789dc18de2c9

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\vcruntime140.dll

MD5 699dd61122d91e80abdfcc396ce0ec10
SHA1 7b23a6562e78e1d4be2a16fc7044bdcea724855e
SHA256 f843cd00d9aff9a902dd7c98d6137639a10bd84904d81a085c28a3b29f8223c1
SHA512 2517e52f7f03580afd8f928c767d264033a191e831a78eed454ea35c9514c0f0df127f49a306088d766908af7880f713f5009c31ce6b0b1e4d0b67e49447bfff

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\vccorlib140.dll

MD5 22a66d8309244779b8a7f275a3ff5cbb
SHA1 195e58fec7a5d39fe7a6275dac37295777da1352
SHA256 aca79a9c1f6d664d99691fd0d3d84a8819993f784b2ff6d7baf8e8ab2e15e7b0
SHA512 b39eacf78b9b97d968e96e357725bd6cbad7592beef5e0e5b301189cc76847be49f8a5299a16d68bd5c1c2d0e86d5263f865b29b66df8360cb1d4725b7b00ac2

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\ucrtbase.dll

MD5 932dcb8d7d06f4b89fc3915726c418b7
SHA1 33a1fdbfc3dfa0a1b7d2fa3b2e8bad8e8c71e961
SHA256 a73bd7d75f368ab2fe949dcddbb25cd5d5975ff9091761a01b98f5e26de543ee
SHA512 fa24b5f9a4192fbfe737506899dc052c51f48980992cbdda878deef01ed0280ca455bed0c813089503da3ccac92a0289dd8fdfe64cbf6babdf70d7bab531540d

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\msvcp140_codecvt_ids.dll

MD5 0f4e5f6c68c514e63c4cdae9eb9e40f5
SHA1 b755c91cb14e9f22c690209d0b4c3661ab20770d
SHA256 945225e01a65e5199aa7372b893da3b42dbd99f315c345f0e7c136af88e897ef
SHA512 8962e7f92446c535151b38a7e34bacbfb9f0f48ab57d4c2c8f2162dc2f1cd9f15be70742032192b41aa368c97a149e1e6fa6991e29077b7b7d7c1708f1a54f9b

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\msvcp140_atomic_wait.dll

MD5 f9c7a19dfc5fa60b1405c81208bd959b
SHA1 4eb70df0a412d79fbd8011fa17ef815e10189c0d
SHA256 2f9cdd965650440cebaf2349140a7dde9b587829b7753de8cd051933a777f499
SHA512 2ea1e4d7d63af427a0c764b4a9a646421dac1f1eba15c1d43bd040b284fc611c8059d889c48edfca56e745abb996939d8f430ff3e249a5c6455e81b520307a55

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\msvcp140_2.dll

MD5 718e5c4a63d2f941eeb1b4e9d6d85a8c
SHA1 deca5196d35d43c7abb35d9ad4b0ac0756585fd9
SHA256 f3117e3445945a872a35e91371e2a6c9f7b3fa5e74e5985f6ab12ac101b280fe
SHA512 61694ff307bcf3869dc14dac45e74b0cdd5a661d40e8483cfe96debe4727ec45ceef867d18e972d25a6b294c43ba0569562392b6752e068f2ba7c15407fad975

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\msvcp140_1.dll

MD5 11d5d26552c1730ccc440f13a1fce188
SHA1 4c534eb613cb05455809b6471d38e1e0976aa919
SHA256 edfbcb2ced712f23842525cb076ee2c09cc7b811a389cf37922d04ef1985e10f
SHA512 2428c4257ac8349035ebb286dec236a25acdbf23178aaa80fd5461b2ed3101c0a67574bf7db8728d0c101d92f45dc72e7bc578049d5b18fac367bdfb44ecfbf2

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\msvcp140.dll

MD5 ebf8072a3c5c586979313f76e503aabf
SHA1 2fd9609f099a8f42b1b7ae40ad35be1569c0390e
SHA256 a030dc2dfd2eca28a9375c92989adf4daf161f988db5e16b9e10678eb0dff4c7
SHA512 438c2db953606818b843e42c04240d510b5e398617e8e5539498264f93cf1893ae9a6b6b02ee35b169ae60b0e3b5621d7d9f7e2945d0f1e7c2e7e0c1e9e3c1de

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\concrt140.dll

MD5 e6d7ff1c7c1311a9011f1039639adc3d
SHA1 d47faf7b6f8af8ed67546e75693200d022ebeccd
SHA256 993af3de5e1fe2e3d0954cf06254fabb91a5a3aa513183fe0841b897eafdaeee
SHA512 35eae324dc30a6bf652cf571daefa8d34d12c09361b248d8931ce721940347ed50a2d51222adaa655abbf9c5a0ab58d57cd91cb1cb26dabd487ed721790378eb

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll

MD5 7b7f4484966036ff86a7e4cd303d3871
SHA1 18a789e9d1e9df0fdf22e94d71a18c483cdeb611
SHA256 7d3d88332d4744c9b6be81e2ba8d42ced7657ce7879a26f5b8a8d3bb2331ada0
SHA512 39e986994a99361fadcccbf5bd861ce9c4c6de65ce5e3da4d390b234fff34d7c561637ec012ccdb2757794adc222bc80de19a60a8917fe65fc221fdb3054149c

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll

MD5 6aa7b1323c5d8e314f2fb42f855e9b12
SHA1 044cd0167de5e9c1b014e07287c90473c96944a5
SHA256 9c5880c395b4e7db4b8d6de49c75909abdaeeef0b041c1703c7339b05d7d2866
SHA512 e99a14c8772662dbabcaa504bc61ef616590bb6f7384adf8ae0637e0a365f94c67fe4222b978605b7a2eeeaa62505e57c32857b17b51f4b2e9a0d8a033f0a204

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll

MD5 d7164ae82b7332432bf2eb7fc7774e72
SHA1 221d79c77a8a80068621a0eb8688ddb86224408c
SHA256 08d811ff57efe50d9f365c76ec29e095474e0679e06bb4d0d4d0134b0120b40d
SHA512 d1a4cfc0a21509382606f4650a67556b0616283231e71bb1870ccaa5deba42fd77583c3130d60d632e98f5acc4763f57a2ed932aa2eeef49601618761acd9429

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll

MD5 58a8c2d2404ad7bf6fca8bdfbb8a5b3b
SHA1 6e834364437bfd23b48e66d8d891966860528d08
SHA256 eb7851e182a4675bb34633869938ff3579779a92a6c094194efbc970f3765dcc
SHA512 d44e3b47dabd29621a3fadaed16074a46b646e1190ffcfffb7ec835b8cd6eefac88570812e41a490daae485a1d71fb2d035c91e73b65c2fbde649fda8733ceb9

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll

MD5 80e80532239aa8929ec0fddedb7aa8af
SHA1 312e743535e66735d782cbaffacf94c6c791edab
SHA256 d3641bbaeaa5a7e7d4ee0ee0ec64ccee0327cfba3d10b89094144eb70a0867a9
SHA512 87e7a5496bb2dfb9bed4e9b9913db2656b335b916eb1277ebebc33ac9d6622bed50a22293dcc02193f846be5e0b4b0f032dfbcc673955aa90f04cf81b47a9305

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-process-l1-1-0.dll

MD5 dc3fe259a9b778480c2405fdd7405c9c
SHA1 d28a588217738af932fc43b809add215eb932856
SHA256 b33a762f0eb072033044e7ee89505b695f357c958d4107ce6f1c4d68f88d3277
SHA512 54f58f5a0d1aecfb9a6c8f12b5aac30e26ec427dccc097f8015d690a0a2244603e80810c19fb8eb2ee7ae9122d14829b3aaa81c69c77b6b4c5751d040c3849f7

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-private-l1-1-0.dll

MD5 533b418afd2ef8e423f42d414cdaf5ef
SHA1 09d3a595bad8f0e7ab5604fc02ef832d11a26b88
SHA256 66f910721f4477ea238603e5c14c858d1e26fc2ceaab3b48294cac069790202c
SHA512 eb73c82a91ce67f8d0265ac4f0739849e5696ec0069ab6508660368b8d382a230dc88eeb89aacf8bc9fc6b7e31c009521fdeeb979f4ebe6e80cfec083129ccf1

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll

MD5 4847091828ad3b0734418343c712cffe
SHA1 24e69b32dba65631b92493b7aabd68d141cf21e3
SHA256 d9388848ebfe27138998518332bb507e5dbeb1d8851e9ed0300f15e14b6958c2
SHA512 5e8061cc226f3471e3964c04cdc5fbd3a607c9abd22a11a1e818eaec42b20ae873fa80cfce7f47b8f8844f3127ce98282c737f25666d20ded47704e0db6f29e3

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll

MD5 bf69d049653e504a7a1f8b55a6dde7bc
SHA1 737a1cbf1fddc0ae93a0a99d2feddd474f4b85bf
SHA256 e6e839c6d205f91adaa3d980f843bab3131b8a25e06d152d0f70a6e98fbe0fb0
SHA512 a8d834d46fcaf03aa53bd48b4cec816e0fd599b06b16a14006e402bfaa5a470f47dc6a55c1a94314d635af55ff2322eb242b0c535a02fc830dac83e375adc6a2

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll

MD5 152925be0e3a0ff77b0979bcae7a7583
SHA1 4ac4bb649b42893a8d5ba345a1c92ab2ddd1ddde
SHA256 2e23b53441ba6b0779b222c120d44eb9a156d55cc3648f76216017ef06f9a16f
SHA512 17b41057b82b1eb037a59715970496d402ac00a59fcbe67245203f117fc38f1b7e7f5b78872850ac4fd7a5dcf4a3ec561dfdb3fb0e827ec7043978b535e9ee26

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll

MD5 374d505ced3719d875ac316ce365b1d5
SHA1 24da4d65eb7a9116c626bf16c3bc95b563f10176
SHA256 1edf013e890072987b8957b77baecc37140bc01581e5de6b020ae454bb57f8bf
SHA512 d9b82d1679afd85c660ea985d6f57cc13fd35b4d7b8104c6d9ce1f182789b615a573b68d5f1da6c25682cb35068ae0aad3c1c9b4509f339fa1a83a9eeb7f74ca

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll

MD5 e4fcbf91666504c1eb70644dc4c5f479
SHA1 bf96622c082eec928920a052bff477cb0c9e0573
SHA256 58d9a9b2442c10140db98ba705e8c7b7b9ac5a2c030d3286a66debf63b615c1b
SHA512 9dd34f36144010b3c1400ed1b1db8ac8e97997a0d2c803858abeaca75e26d19dc56512714b566edee581ca20c813c3cafd47a3f774a1596b31e23208b1eee4f5

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll

MD5 6e245fdd89bb6f88f56784adbdca0b0a
SHA1 9ac5d68ff969f984f74e6a8cded8e683b98ffa36
SHA256 0e195a8d013a329a06df877a4569a3ec772f112ad29295f086c6d3e53f322fb5
SHA512 601248c38540dcbddd61fd26203df39ef5d450827570f01cdf0e415873e098913d82ca6e3c7b21a9bcae267b4cb67e970237cbd1c6320b8ffab58c9fb675a3cd

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll

MD5 b9d80efa3f5b0b75c523d4ced4da1fd2
SHA1 f493358454a273d0ddc6467c9ad82bf460dcebc2
SHA256 44ebde7f2681c0b8518e55ca242261b24f326994f089a4ef6c060f8dda04d62d
SHA512 d597c0e7c5309b9631966b01fff7e166c0dd0fc9d63534d588d47f9deee593cb2cf79cd490145aefd472b9493dd65144e875d5870742c8d09fa4c7d459259feb

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-conio-l1-1-0.dll

MD5 a1bee0af7bd944fae7f14174d9dfdffc
SHA1 ea699130cd63857569bf34826b9cbcb5ecfa1a21
SHA256 2c557f6a21db6c99af6184637b5efb57e44b40fae892230a43e96ab05ab27d40
SHA512 c6e9473ec6cdfc0bdd1b8f9f42bdcf3d31855b6e106b811ca52d2eca895328889451726fe12ecaf0af9a238d74c10e79bcf0870f056e7e85ccdb9be49f4515a8

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-util-l1-1-0.dll

MD5 d91e6c55a2304aa59d24e76f34884535
SHA1 04ebc0bc4932c09c3dc7d9259fe7c9a6166b7233
SHA256 8875816a3809753c04acd961244608e9a47127523c1d5e50cddbd83a4627821c
SHA512 19c1e2458c5475de2b41013fb18dcf3d149c88c0b3816596b67c90f7bdced3d5214fea97dc3782f56f8a276f93fd28cf519018257bf432c00435ef6bae60a8b9

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll

MD5 70f8acde94e2c3952b7ba7f56a4ebfb4
SHA1 955064391f0c9b41362cddbff7a070ab3888ad3e
SHA256 91decddc6e80d742755a1f65261d10c3c0d059aaea6389bb2da6fd3aa7ec5289
SHA512 71087a283d560f08e43b1a183258f1153ab5091d5d318cf4ee0fc8385285592c377d8e68a0f06d3f0be84202aad6dc7376b56057e23b6b3753a445323580f287

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-sysinfo-l1-1-0.dll

MD5 177009944ea3860b58c09da1871db999
SHA1 01cf9cab3aec3a1ea89111269f8cb036e73916d6
SHA256 f353bfe02e30f4fd5cdc89bd7f44703257f229a09f0d815d7794df902f67d1a1
SHA512 279d1e663ecc151dd2dd15462191ef41e668c7a2bfcb7930b8d568facf7695a030948c3af7f9907226b00dede255a7f30169083ae2ce544f2381548db31c9981

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll

MD5 5dedf9f86ba1366d9e920f33eb03721c
SHA1 605312ce6d623889a1d404354ee653414a7e4920
SHA256 0ced53f1ac2adc9525047d2c2a7592300dc48a5f52ad8b740ce22e3f3aad85ff
SHA512 bed8c7a74e57f4cd44bd0edbc1bbb1f528ce261d7ad6a5545c33974c223ba910d648f0cbea8bf0736deb5aedd3b257f373cbbc4f9765d12c56a78e823d05d4b0

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-synch-l1-1-0.dll

MD5 afc4db1ae7eb74d1b43eda3d7ea5b43c
SHA1 f31b2c1161024ec2f89c72631631e11fd5ceac60
SHA256 fb4b382e2dfa80b3427a98c51d3270b1e80b5c2a10fdae1a72b7c464e57fc6a7
SHA512 a014e4bbe207fd707a87aaa0228241fa7c414062af8922f51e46210b958284096357b21f89e59141fef28039a999dc6ac832ec7fc38bc4895e88fbed6b9a45a0

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-string-l1-1-0.dll

MD5 1862f49d5c2ba7c2bbc78bc517cb0b38
SHA1 dbdca39d6d9d166f9cb5b8855d456653419136c2
SHA256 90ba9da43d6705d76905e630505bd1fd097d1899c9bca3241ad0de5ab08ee366
SHA512 c9c85ec2851f5b793de07e672365e6db28f1150ed6b6057d15be828a36029f4ba9e0d4cce12c7d424da4c94713c18ae256d9ecba9e59ab88af639adf56ed6a3b

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-rtlsupport-l1-1-0.dll

MD5 57745a06849d90cd5c79ccbec559e7b5
SHA1 71d3d3c0998e648ef6b061f7c65850c6a2a8593e
SHA256 890dbb72c4c35266bd658c663c1242cfa3b50cf51e2873e986b7ab2e055af4a4
SHA512 ca28053575e40eb805f366a7363257b3d40a6fa8ef46ffb5b58ff17cfb0ea2668f5cdf2661355e94866b73b914950c09940f5c32fef5f9a22439932e35391dca

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-profile-l1-1-0.dll

MD5 948e3c479e87ad905a3689bc94cbf86b
SHA1 c9b2dcc45feb9b0bcd52122b51adf98d7fa5b0e5
SHA256 982fcc32d7614cb921cc5203970e3997a33b31aa1d91f14db5db25a582dcc3af
SHA512 6f15478ba5e7b403580b4b52924866e52adcd112d82900dd17a2ce67efa10306a5a86e1ba5cab76bbe3577e2497b83adafd6cf6c39a81c35b53b528e8bf6b440

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll

MD5 31f60bf9a22a86cb8879fce5c1022254
SHA1 23cdaa4d6ae0e953d083b968558a2af49bf95a4f
SHA256 53afac76a7124a132a7c11261f3b6ba8d6a5466e7e8f683c8d12ac370b7d6b62
SHA512 c41ebb39cc0939b38d788b692e75c10c78a806cc8844d8526ff25869777eefd086518cfd817ebb700e20b3937401d6c0f7f506bcd479fafe1b801507376f4ba6

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-0.dll

MD5 9ac788a87032640e046f305413585503
SHA1 41b74cecf0f78134204dd3d8aaddfae34d6aacbb
SHA256 363825adb27d5a5bd249fe58460a977077f823e50dac7509e124fcbac1512128
SHA512 cc725796af3f7793ce6e6faa96a201ebf5e77ed00dfac3211a66a95ee071e559c9efb8e47ae0287d9cc1feded559000a582a2138736ab8c628325428c78e648c

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-processenvironment-l1-1-0.dll

MD5 772d6c07e47e77a4479c7a9eccfeac4d
SHA1 b88db71fc80eb57182db6dc6ac00b022e1e47cb3
SHA256 2c9a8f8d47b49d04a82e8e689ae9f6552482b1861eb8398f3733e97327191c2a
SHA512 f87bb803e818372f57319af97227834673cce9988c81ffd4a3d1c6d7038c6f7398e06a7133a17f063cae152ad27666a6d18f87ed77bb46dbe141c1272bc3ac84

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-namedpipe-l1-1-0.dll

MD5 9ad2e67f2b1f04b760deb00b889fab53
SHA1 465314c9bdd359840f7da11a619ad0b409c271d8
SHA256 5662035361e37f6c5e4a5a19de134df2ec20bd4c0f1be803203b37c95ee61265
SHA512 cdb358848d48cd3913e7249eaa45470bee4ba9f9d92d975215018477a57db930c16b349541da2d82a2f9131220ec3b3cf9ff471ca411c2f705bfe916e8736be5

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-memory-l1-1-0.dll

MD5 714e850aa29e808568933c5ed8c7df5a
SHA1 ad84833bcac69b5217705e1c4d33d54c856525e1
SHA256 4a244eea4596ebde0f9094cc6dfeeb5abb3c4385225bb0630ef55a431fe1c4f2
SHA512 3a220ad4e2fd49f40f7fe5fdfc53608b114661f31993c0329e993c5d733b6d6f3a366eb46f93aaa9d5cad90766b21d85e5ccd09cb9c5ab905118d70702a3ed11

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll

MD5 d4bad006e413ace7d729b1249c49b92f
SHA1 cf0dff1b371316c8517619fdeff81c583268bad3
SHA256 245d48bfce5cf6e9c5093e995d6ab5988e2401d32530fd6863bd5f8fd688d780
SHA512 d1a5001633f1cce60db2687da28706f66644613672fa8487b065e3aa8d77ddcc96d9272c665d894b243e222e1c104be10be1dff8e5d007490e50f2bd2a708d0f

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-libraryloader-l1-1-0.dll

MD5 6337654372aa9adf6a8fc97d9676a33d
SHA1 b790f4828e7aa18cd0eae77e78c67ddd66f3ec5e
SHA256 6fc551cfbcaa0f90ed24dd09fa117e9fb3b6755a3fc0251d33ca64862a9a3414
SHA512 4a888d71747c64cb4a964d8df956c5ed9e3de9e8cf30d804e3ba76e8c35502e1802423ce527a419935b0d8c8e4c0f6168657b2734ab79d01afc946521a88d528

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-interlocked-l1-1-0.dll

MD5 d8999e328af5ee1eb23c216336637cb7
SHA1 a7bde6c833e4d6ddefcc4050997b1583ff1ffa42
SHA256 4ea02b683513a157e21824b1c1e9ebb782d22f14209b67961f97b1f79673d3ed
SHA512 4f041ed2daf781b7f86b4459e74330650b2687ee46dfb961ed7a0716ac7ad2082a631cb619cc6d3c7d19f550bc030553b9656aeba14f969dd52df0b40a0e418f

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-heap-l1-1-0.dll

MD5 892e47390f34aac7d20afe63ffa92f20
SHA1 4a78a77ae1d5bdba55534167f781a3c8675c7ed3
SHA256 6070ffb5e20ed032d460d323df981d369fa68045fab130fd100803a00ab88c23
SHA512 8b37866ebdca5047673d984bd779b1df052e3d44e3fabc3a4ce2e747489baa2bd86add629d95c76cf08150f74281d89d46372ef64266b90304cf7dd581af3a93

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-handle-l1-1-0.dll

MD5 1902b85a588178857e9637902e5a1b85
SHA1 31ae4cf76a34ccbd92fdbe60bee080998741ef4d
SHA256 5e48c99dd6318b017686bde507cdcb9d6ecf25f4f78f345845b865e443f1ee66
SHA512 0755e9c0adc9e374060c851d4f7fa62633ec07dde0bbfd56ffc9bc8ecff5b9efd6fa8418c43e838770eed43a54a48fd61a41226d9ea84834275a4a36c7796472

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll

MD5 7f0ef1cf592d04b082b65f75584652cd
SHA1 f7b9a2851a66a6a8eb509f2541b6ccc3b551f2fa
SHA256 9f496e181b1c862c7a7d03c09d9b0a5361535c98acbb1a9d50a27bcfb0a2bcc5
SHA512 30d2d695773e7bfd67de8691c40e571b3b91858e72eab3d78c84902b359108e9988247bf81689ab15fef6ed0a9ef62031f1937c6e7ce4ce8e1a34970ba23e727

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll

MD5 e334f2fe1e0e6d5d6966f139ed328d97
SHA1 68b2cd826f3dfa59531397ebb3f382dec9af5fe5
SHA256 d56eae93c55abdc8eb77d132777049634e28a9b59fd4b2101d51351546b984d1
SHA512 fb6ee02f06447c906a4353d93ce247e14a9a1ea4255819a88e395afe2e3775fe3aeb622b7a97d86086d88c739ba4d2e2fba9e8fd6467e167fc75d595c9182327

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll

MD5 817f9a76b7eadc1226b006ccbdd38a11
SHA1 8b81897cdd4d48befa389c1df2d0b887ffeb58cb
SHA256 99ed148ffbb35829480412dc64da6ad24dfabe2f9a0eff9ba1493455d7127677
SHA512 53d8b2561862c6b2465665d761612aaa8b7adc887058260fbf970aac0fb006317283ada01468b1e042fd9dd44def90451793afee297ed787086645cebce45cd2

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-fibers-l1-1-0.dll

MD5 9fa3992f5dac5ea5dfa15b9669c68154
SHA1 a453fb6c4064da8c01ad03a4ea3c0434efe82635
SHA256 9057131f628e547c14754d545140ad6544e64606358104da50841e9a1b03f442
SHA512 ad73f3952dda55cfaa6a0d6a0233df785650f5965caa4859b6c1577e3fbd6020e60b4b26338387690cc48b16a186d2b530708a71d2671ab17ee8904399de292f

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-errorhandling-l1-1-0.dll

MD5 059129bae1776f03c59d3ba66a6f6dee
SHA1 33b1dbcaba1d16eaf5413f1378119cecc1298724
SHA256 a83af0f79abb5e5c818c6f38a38da80e531081f3255cb006ed4c29635cc0b9ce
SHA512 6a7da7e58620bc1ce4b6d3cab1e0b746fc9fcf05a84d85931f845412301880786fbc63b31611d9442b5a1cfa72558966375ef14edc749473e2b7c988dd20b675

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-debug-l1-1-0.dll

MD5 607703b245d9b4fc69a8b5363ff626fa
SHA1 dcf4626787ea220b19e08cc5bf9e55553a3a2aef
SHA256 f65b1b3ea2767f98f0c29118e85b06f4e61654bec34b60b3abb593b24ec29af4
SHA512 92d761f733f2c678946894ca72459b0e6dc62cd3abe1073653104689ab48c19603e6e1109c07b2f110822b424430f22d112f87c629b99d0b3ccc16e179549628

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-datetime-l1-1-0.dll

MD5 2b4a3a51e075ab9819c6d6bc40efb4b5
SHA1 bc52c10ded8b087c73229dc2f98714b5a368f521
SHA256 d718e1b6c352112c2f8e36b4ba5ed28e6179257fd2fe944c4a0d404b5c15b5ae
SHA512 13b07dc2247d51dad1ab9bc7df93e0d3e1bd6cc4fd16f9aff87ceffd40a56933d569a5fb82177dea7b6ea04ebf9f909f95451d123126155a13de6a85f747c592

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-console-l1-2-0.dll

MD5 6b33e6f1d77cec0901ea8e91473bc18b
SHA1 a397d2c6aead0b3e57d413a8d4af7f28e67f4166
SHA256 449631a3f5fadef72acc2c2f84765208d0ca014ec1fe93fb9ad805eec1d40eae
SHA512 8f5214e38202719f6a7549b2b97ad24288974cfb6cf0da1e9eec5b3b2092220f2330a260b17e28afa90b90226666a765a4e64fe91107e2063cde8e285f64773b

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-console-l1-1-0.dll

MD5 0909e61c8c9c717976828f65c987e5f9
SHA1 b5affabb8afda55ebb1f404edab69c6c239affe6
SHA256 03ffdb036329a25beacf905d62611a13e3dfdda6cbd2d13af830258e8cf40ec0
SHA512 7f78746e40da64631c08d0e173fbdeb40beed180932b42382d9f3ac0cdb4348d2a5b1c29770bb98f5d4823cfd66ecac2285afbcaf109f82c8b75c7711f10c49d

C:\Program Files\AVG\Antivirus\avg.local_vc142.crt\avg.local_vc142.crt.manifest

MD5 b5dc4cd84e001abaf9167d3970a5300f
SHA1 612bf55fd5a43b7da96268a541148bdf3e0ef333
SHA256 5cbc4bdfc8ae2b5e9d2ecd8370dc50123b9e6a7870ae6e0ea4c937d8ed6890f2
SHA512 44ebdd8956aa027985be8a58ebce8badfb039a563dfc333b6d1743c6316834444851a065c9d73830a90362027ec7cbfd3df3cc51dfb2b8ca9e79a7f930daebda

C:\Program Files\AVG\Antivirus\crts.cat

MD5 477255e0a760041d38c98bccb99a403d
SHA1 2bcdb96bbe2dbb6d85db7cf50d0345b72959ad00
SHA256 d4113f0402d704e9a0ad29e696e4d142838c0c5f0ac349c6e9af106890528e97
SHA512 0564fcddf1d01925ae7d8ff93f338f197b67994efd9f7ee39bc5ee0d09b72c29054bdca198b03e873572dc9b07cafff96bba31da3828caa78728b2bf2c005c89

C:\Program Files\AVG\Antivirus\mfcm140u.dll

MD5 cd97b86463a7755aa6902a18625993b4
SHA1 3cc6675550719994b237635a62d0874d4f3d604d
SHA256 05f3d04060880d09a4c4f03fa8a17cf15b04e9f7f764fa346e11ce4e98d2b777
SHA512 c454dccc466e10a10ffb7161398eec473b70336527063a18e353ab25a5d7a2576176c2af2a7096c47cb98acd826fadc0bf6c1e0e6b7cf7421528c8be07d00a35

C:\Program Files\AVG\Antivirus\mfcm140.dll

MD5 e0f0d9c1ea05cac4bfbbe7c2247aa61f
SHA1 ac73392983afb5a55c245c79b55d5506db6fe8c8
SHA256 f0e82a2f1290346217138b3d892cd916d8ca69855f63977d9561f5278d350332
SHA512 bbf3d0db25821381ece3cfa161447513f28c2ffbf107ff6c8752cf61cbe2c497d7e5c154533a35da95505472dc475ce83ac89baff5762ef9cae7d83c89b14ce3

C:\Program Files\AVG\Antivirus\mfc140u.dll

MD5 575634e4b6719eb8600605a31c32750f
SHA1 f327886d113db53d209d9896f0cc8df1f0295efb
SHA256 9e6d05d9b6d8bbe66c647a1f07b3be2234f070c9938a10724dca1ce3fc05ec12
SHA512 0da85512e6ac5673e51ef32e4e95a60416c80f76c4612194878f64b6a70ff3c026717c0708480d6141f4ffd8c881157e67ce703936ac5529d2bc225909f00e5a

C:\Program Files\AVG\Antivirus\1033\aswClnTg.htm

MD5 4ebf04faf20dff03f5d62d5af5f32151
SHA1 7088e12344219071c118ddc11415c7a8643e52da
SHA256 c27d162c8c40c816e09a3a0093e7fcf30df436e3266065633450595ba156ed53
SHA512 b784cdcc2ec75da2faf00ccafc211cb3fc874f085000bdb6bbd2e05fb1d11dd966cb04e5a1c8f4c91b0720e3caa7a8a82c753c87546005a969d27ece581af163

C:\Program Files\AVG\Antivirus\mfc140.dll

MD5 cad16fe5795c362b05905bed436b5e1f
SHA1 20b845f469e94e533b545bfe05fe5ede0a3fe32a
SHA256 706583f44a797afc17d2c394eb792a33f2aab0829a1f5867cc36fd94f00dcb74
SHA512 b2b1ebda861ee710700bca22c38ae33043717036c3cc07a236670b6c9c2f006a20b28c2eb98c4151259bbb670ce159e3d346a0854f73fe37ac1124487c29aced

C:\Program Files\AVG\Antivirus\OobeUtil.exe

MD5 7ef41af5163ef109482c8b54a8361f82
SHA1 4c017ec55ce7bfbd3f9b5043d349c2c7d8a3575c
SHA256 1903a32522de3c333a0187ce9a029419a35d93ec1a9750bf4d323df6c8b8ffaa
SHA512 ebe343f95c3ca98e41bbf2d968cf085d46a261a16cb18a96282c6ca1391c4812c33dcb113cfd0dd8dc321489337483ab14ab3ca0dc5796c09211c7c2d8304a34

C:\Program Files\AVG\Antivirus\aswAvBootTimeScanShMin.exe

MD5 e683d15f1eb9db3e44e99b67264ce460
SHA1 b922ff3a150b5527ce9ea6fe5f6c4655ecb79d80
SHA256 a2b30a41ece6ddad3acc7c03f4f82335413ba758c8c5f04f8187acd558b9a69c
SHA512 933488681db69c9ff788bb193b67f8d0f602a3f85d2543663943ecd1eab3028abc2d903662537d7a4f83519e424685048ce12a991a689d4a5345c69fe2db2b09

C:\Program Files\AVG\Antivirus\nos.dll

MD5 80ad5ffb207bb711b2bc815a4ca0eb65
SHA1 216428491dce6c8d6ef98cf17b23db330c35adc2
SHA256 58b926cd42f0b8b1772f8365dc4e444def05e9f36ce516456035a07b53c00536
SHA512 eb984c8e11645c42757e0094b09d8a38b12d9265c26f4b5446818643ebaacdf9286fa273692996ca8e612892da40ad2cf16917183c3c2b15a221b8aa201a87fa

C:\Program Files\AVG\Antivirus\SupportTool.exe

MD5 9d6a97a364dfc7b1c83a68ca185f99ec
SHA1 ea74dd1fab0ae68d9eeb1e4dedf2dc3516aae191
SHA256 4e0f452837284400be182dd99a69ddfb8da7538501286d1e2fab5100fbd2ec4d
SHA512 ba6d581b7192cda4bb0bd7a0f82f1aca921581d14973945e2550f5af0f350dd48d5316f406a8bb59cc965c534192ec263cabf96bd8147eed3544580ff583f07c

C:\Program Files\AVG\Antivirus\AvEmUpdate.exe

MD5 a35b6878322a961449e85c1e0b649eb7
SHA1 6ee6cd422669a1ead844034c863078f6886b93b1
SHA256 70c1a227c2b4468662073ad2ea60b3e8654a7ab7405bdf835c20b7fdee6eea8c
SHA512 d0e33e4257ba030c498408c9624d871cdd848c542a679ddfbaacce36eb0072a9591f36a31d68688e1b2190190e3e263b36384773a61caa397f0b56ceb845021b

C:\Program Files\AVG\Antivirus\wsc_proxy.exe.manifest

MD5 7cefa19bb1eaa218e139641afe5f7ebb
SHA1 a7e9779e8638eb304f6ed251c598bd49d050bc2c
SHA256 1e7fef380e3b0a873ec4f19e089af82d40e1999163f4018c316e93efd725a8cd
SHA512 0336c0984f01fc432442a12a5d3084dfb05c9b1e44a253d1073288cfd5ce0da4a0841ca6989047697107d553d7a04f354a6898f1d00f2f7efd6469dd50a49f1c

C:\Program Files\AVG\Antivirus\wsc_proxy.exe

MD5 75ca8458d560e6f26a7ee0475e650458
SHA1 208c3669b1cf9fcbd514d71d95e4a905cc908989
SHA256 cf9c722de59b6a7ebba99620e45693f6f9affa8be26a361fb5d6662e539dac3a
SHA512 4af84fb6ff1bc9d1469b6afd9f7c0de7a8401fadf72551939e3f0ef150b30e3187d686c900c9a0afcbe35049ef37aa0d278ba895bbaa5d7e27fea4b08aaf2cc1

C:\Program Files\AVG\Antivirus\aswBrowser.dll

MD5 d30604e0645f7e39254fc7dee3d4d59c
SHA1 5d69b9faa40135dc98e1ae98af689611849a160a
SHA256 f7864032240f26fee03f9123dcfad323b17d6896fc79bd9cf6850f4c89432073
SHA512 b51bfa04104010cc0e4add3f618b394bf9cd34b16880330efd636970bf0fdaebf91b8520a37fc29fcabfe44ccdc989b77de346181e871de7e8e0da936dfc4886

C:\Program Files\AVG\Antivirus\aswAMSI.dll

MD5 5e81187d263427ac37e8a89784422f4e
SHA1 891b644ded2deebddf0fe387121bdadaf03a34a9
SHA256 dd3f64b03a654aab9539e2af43bc31b28e69a89e7a9b57227f28056cde381126
SHA512 00facf032300f9050e75739e698e8020b6a6fa0e34b2070dd4cee331066e2cf0ad8929c2ee402d5d81fb4cebc2e43e32c6bcbd79c9c128843fd087b69d6dca0d