Malware Analysis Report

2024-12-07 16:24

Sample ID 241113-y54dlsyfnj
Target PassatHook.exe
SHA256 f0b04030d8cb54341ff129a933ee2b30c1aec250727088131068b850ccfb7fc7
Tags
defense_evasion discovery persistence privilege_escalation
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

f0b04030d8cb54341ff129a933ee2b30c1aec250727088131068b850ccfb7fc7

Threat Level: Likely malicious

The file PassatHook.exe was found to be: Likely malicious.

Malicious Activity Summary

defense_evasion discovery persistence privilege_escalation

Downloads MZ/PE file

Event Triggered Execution: Component Object Model Hijacking

Executes dropped EXE

Loads dropped DLL

Drops desktop.ini file(s)

Drops file in System32 directory

Drops file in Windows directory

Subvert Trust Controls: Mark-of-the-Web Bypass

Unsigned PE

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Browser Information Discovery

Uses Volume Shadow Copy service COM API

Suspicious behavior: EnumeratesProcesses

NTFS ADS

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Modifies registry class

Checks SCSI registry key(s)

Modifies data under HKEY_USERS

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-13 20:23

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-13 20:23

Reported

2024-11-13 20:27

Platform

win11-20241007-en

Max time kernel

214s

Max time network

216s

Command Line

"C:\Users\Admin\AppData\Local\Temp\PassatHook.exe"

Signatures

Downloads MZ/PE file

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\directx_Jun2010_redist.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Windows\system32\regsvr32.exe N/A
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File created C:\Windows\assembly\Desktop.ini C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\assembly\Desktop.ini C:\Users\Admin\Desktop\DXSETUP.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\SysWOW64\SETB0ED.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\SysWOW64\SETB81C.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\SET7FE0.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\d3dx9_33.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\SETA2AB.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\system32\SETC630.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\d3dx9_25.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\SysWOW64\xactengine2_4.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\SET9A1E.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\SETB95F.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\system32\SETBF5A.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\SETC42C.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\SysWOW64\SETCCF7.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\system32\SET9A1E.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\SysWOW64\SET9C3A.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\system32\SETAA4B.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\d3dx9_29.dll C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\SysWOW64\SETAFC3.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\SysWOW64\SETC0F1.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\SET80DA.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\xactengine2_8.dll C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\system32\SETB528.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\X3DAudio1_5.dll C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\SysWOW64\SETBEEA.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\SysWOW64\SETCCF7.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\SETA152.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\system32\SETA152.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\system32\SETAEEE.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\SET94FD.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\SETB92F.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\SETBFD7.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\d3dx10_38.dll C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\SETB634.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\XAudio2_4.dll C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\xactengine2_0.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\SysWOW64\SET96E4.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\system32\SETA01B.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\system32\SETC8FE.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\SET983C.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\system32\SETB2B7.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\SETB9CC.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\xactengine3_1.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\SET9906.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\d3dx10_34.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\SETC9C9.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\SETB45C.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\SysWOW64\SETB5A7.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\SysWOW64\d3dx9_34.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\SysWOW64\D3DCompiler_35.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\XAudio2_0.dll C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\SETBB4C.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\SET8231.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\SETAEEE.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\D3DCompiler_39.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\d3dx10_40.dll C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\system32\SET7F34.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\x3daudio1_1.dll C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\system32\SETA46F.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\system32\SETADF5.tmp C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SysWOW64\d3dx10_40.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\system32\d3dx10_41.dll C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\SysWOW64\SET848A.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\SysWOW64\SET85B4.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\SysWOW64\SET99F6.tmp C:\Users\Admin\Desktop\DXSETUP.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\assembly\tmp\L7BLPM4B\Microsoft.DirectX.Direct3DX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\assembly\tmp\T0SHZK8Q\Microsoft.DirectX.DirectInput.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\assembly\tmp\EPP8DOA9\Microsoft.DirectX.DirectSound.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.xml C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\assembly\tmp\EXYEUXLK\__AssemblyInfo__.ini C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\assembly\tmp\3MZSQYLG\Microsoft.DirectX.Direct3DX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\assembly\tmp\CHK3J92E\Microsoft.DirectX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\assembly\tmp\CHK3J92E\__AssemblyInfo__.ini C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\assembly\tmp\PAHKZR8T\__AssemblyInfo__.ini C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\assembly\tmp\TUHHWS6X\__AssemblyInfo__.ini C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\assembly\tmp\PAHKZR8T\Microsoft.DirectX.Diagnostics.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\assembly\tmp\30ROE94Y\Microsoft.DirectX.Direct3DX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\assembly\tmp\3MZSQYLG\__AssemblyInfo__.ini C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\assembly\tmp\5ZY4HSUI\Microsoft.DirectX.Direct3DX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\assembly\tmp\L7BLPM4B\__AssemblyInfo__.ini C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\assembly\tmp\T0SHZK8Q\__AssemblyInfo__.ini C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.xml C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\assembly\tmp\ZJ7UBF2L\Microsoft.DirectX.Direct3DX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.xml C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\assembly C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\assembly\tmp\5HP2TCEY\Microsoft.DirectX.Direct3DX.dll C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.xml C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.xml C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\Logs\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
File opened for modification C:\Windows\assembly\tmp\5ZY4HSUI\__AssemblyInfo__.ini C:\Users\Admin\Desktop\DXSETUP.exe N/A
File created C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.xml C:\Users\Admin\Desktop\DXSETUP.exe N/A
File opened for modification C:\Windows\DirectX.log C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\directx_Jun2010_redist.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\directx_Jun2010_redist.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\DXSETUP.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000485242783223abf50000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000485242780000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff00000000070001000068090048524278000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1d48524278000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000004852427800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr C:\Windows\system32\vssvc.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "200" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133760030183213780" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent C:\Windows\system32\LogonUI.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00 C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" C:\Windows\system32\LogonUI.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{962f5027-99be-4692-a468-85802cf8de61}\InProcServer32\ThreadingModel = "Both" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{94c1affa-66e7-4961-9521-cfdef3128d4f}\InProcServer32\ThreadingModel = "Both" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{e180344b-ac83-4483-959e-18a5c56a5e19}\InProcServer32\ = "C:\\Windows\\SysWow64\\XAudio2_3.dll" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{e180344b-ac83-4483-959e-18a5c56a5e19} C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77c56bf4-18a1-42b0-88af-5072ce814949}\InProcServer32\ThreadingModel = "Both" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{e48c5a3f-93ef-43bb-a092-2c7ceb946f27} C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3eda9b49-2085-498b-9bb2-39a6778493de}\ = "XAudio2" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{f5ca7b34-8055-42c0-b836-216129eb7e30}\InProcServer32\ThreadingModel = "Both" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{c60fae90-4183-4a3f-b2f7-ac1dc49b0e5c}\InProcServer32\ = "C:\\Windows\\system32\\xactengine2_2.dll" C:\Windows\system32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{c0c56f46-29b1-44e9-9939-a32ce86867e2}\InProcServer32 C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{f4769300-b949-4df9-b333-00d33932e9a6}\InProcServer32\ThreadingModel = "Both" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0977d092-2d95-4e43-8d42-9ddcc2545ed5}\InProcServer32\ = "C:\\Windows\\system32\\xactengine3_4.dll" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8bb7778b-645b-4475-9a73-1de3170bd3af}\InProcServer32\ = "C:\\Windows\\SysWow64\\XAudio2_4.dll" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{343e68e6-8f82-4a8d-a2da-6e9a944b378c}\InProcServer32\ThreadingModel = "Both" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{e21a7345-eb21-468e-be50-804db97cf708}\ = "XAudio2" C:\Windows\system32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{c7338b95-52b8-4542-aa79-42eb016c8c1c}\InProcServer32 C:\Windows\system32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{d3332f02-3dd0-4de9-9aec-20d85c4111b6}\InProcServer32 C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{03219e78-5bc3-44d1-b92e-f63d89cc6526}\InProcServer32 C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f1b577e-5e5a-4e8a-ba73-c657ea8e8598}\InProcServer32\ = "C:\\Windows\\SysWow64\\xactengine2_1.dll" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{54b68bc7-3a45-416b-a8c9-19bf19ec1df5} C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{fac23f48-31f5-45a8-b49b-5225d61401aa}\InProcServer32\ThreadingModel = "Both" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{b802058a-464a-42db-bc10-b650d6f2586a}\InProcServer32\ThreadingModel = "Both" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8bb7778b-645b-4475-9a73-1de3170bd3af}\InProcServer32\ = "C:\\Windows\\system32\\XAudio2_4.dll" C:\Windows\system32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{65d822a4-4799-42c6-9b18-d26cf66dd320} C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9cab402c-1d37-44b4-886d-fa4f36170a4c}\InProcServer32 C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{962f5027-99be-4692-a468-85802cf8de61}\InProcServer32\ThreadingModel = "Both" C:\Windows\system32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{629cf0de-3ecc-41e7-9926-f7e43eebec51} C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{629cf0de-3ecc-41e7-9926-f7e43eebec51}\InProcServer32 C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4c5e637a-16c7-4de3-9c46-5ed22181962d}\ = "XAudio2" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{bcc782bc-6492-4c22-8c35-f5d72fe73c6e}\InProcServer32\ThreadingModel = "Both" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6a93130e-1d53-41d1-a9cf-e758800bb179}\InProcServer32\ = "C:\\Windows\\system32\\XAudio2_7.dll" C:\Windows\system32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1138472b-d187-44e9-81f2-ae1b0e7785f1} C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{962f5027-99be-4692-a468-85802cf8de61}\InProcServer32 C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2139e6da-c341-4774-9ac3-b4e026347f64}\InProcServer32\ThreadingModel = "Both" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8bb7778b-645b-4475-9a73-1de3170bd3af}\InProcServer32 C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{c1e3f122-a2ea-442c-854f-20d98f8357a1}\ = "AudioVolumeMeter" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1138472b-d187-44e9-81f2-ae1b0e7785f1}\InProcServer32\ = "C:\\Windows\\SysWow64\\xactengine2_3.dll" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3a2495ce-31d0-435b-8ccf-e9f0843fd960}\InProcServer32\ = "C:\\Windows\\system32\\xactengine2_6.dll" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0977d092-2d95-4e43-8d42-9ddcc2545ed5}\InProcServer32\ThreadingModel = "Both" C:\Windows\system32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1138472b-d187-44e9-81f2-ae1b0e7785f1} C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{54b68bc7-3a45-416b-a8c9-19bf19ec1df5}\InProcServer32\ThreadingModel = "Both" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{962f5027-99be-4692-a468-85802cf8de61}\InProcServer32\ = "C:\\Windows\\SysWow64\\xactengine3_1.dll" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4c5e637a-16c7-4de3-9c46-5ed22181962d} C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0aa000aa-f404-11d9-bd7a-0010dc4f8f81}\InProcServer32\ = "C:\\Windows\\system32\\xactengine2_0.dll" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{248d8a3b-6256-44d3-a018-2ac96c459f47}\InProcServer32\ThreadingModel = "Both" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9cab402c-1d37-44b4-886d-fa4f36170a4c}\InProcServer32\ = "C:\\Windows\\system32\\XAudio2_3.dll" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{248d8a3b-6256-44d3-a018-2ac96c459f47}\ = "XACT Engine" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{c60fae90-4183-4a3f-b2f7-ac1dc49b0e5c}\ = "XACT Engine" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{962f5027-99be-4692-a468-85802cf8de61}\ = "XACT Engine" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4c5e637a-16c7-4de3-9c46-5ed22181962d}\InProcServer32\ThreadingModel = "Both" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{d06df0d0-8518-441e-822f-5451d5c595b8}\InProcServer32\ = "C:\\Windows\\system32\\XAudio2_5.dll" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6a93130e-1d53-41d1-a9cf-e758800bb179}\InProcServer32\ = "C:\\Windows\\SysWow64\\XAudio2_7.dll" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3eda9b49-2085-498b-9bb2-39a6778493de}\InProcServer32\ = "C:\\Windows\\system32\\XAudio2_6.dll" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{cecec95a-d894-491a-bee3-5e106fb59f2d}\InProcServer32\ = "C:\\Windows\\system32\\XAudio2_6.dll" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4c5e637a-16c7-4de3-9c46-5ed22181962d}\ = "XAudio2" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{e180344b-ac83-4483-959e-18a5c56a5e19}\ = "AudioVolumeMeter" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8bb7778b-645b-4475-9a73-1de3170bd3af} C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{c7338b95-52b8-4542-aa79-42eb016c8c1c} C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{cecec95a-d894-491a-bee3-5e106fb59f2d}\InProcServer32\ThreadingModel = "Both" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{343e68e6-8f82-4a8d-a2da-6e9a944b378c}\ = "XACT Engine" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{343e68e6-8f82-4a8d-a2da-6e9a944b378c}\InProcServer32\ = "C:\\Windows\\SysWow64\\xactengine2_9.dll" C:\Users\Admin\Desktop\DXSETUP.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{e48c5a3f-93ef-43bb-a092-2c7ceb946f27} C:\Windows\system32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{cac1105f-619b-4d04-831a-44e1cbf12d57}\InProcServer32 C:\Users\Admin\Desktop\DXSETUP.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4c9b6dde-6809-46e6-a278-9b6a97588670}\ = "XAudio2" C:\Users\Admin\Desktop\DXSETUP.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\directx_Jun2010_redist.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\directx_Jun2010_redist.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\DXSETUP.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1252 wrote to memory of 2448 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 2448 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 3640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 3640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1252 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Users\Admin\AppData\Local\Temp\PassatHook.exe

"C:\Users\Admin\AppData\Local\Temp\PassatHook.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc1597cc40,0x7ffc1597cc4c,0x7ffc1597cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1884,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1892 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2116,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2124 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2212,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2176 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3280 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3304 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4472,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4464 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4768,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4776 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4876,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4892 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4808,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4944,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4300 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4932,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4940 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4784,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5036 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4788,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5212 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4300,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4576,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5176,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3100 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5308,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5268 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3092,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5312 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3728,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5416 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5340,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5392,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4892 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3480,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3332 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5600,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5836,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5588 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3760,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6044 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6016,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6028 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5892,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5884 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5820,i,8740573802900172591,10591458893244535258,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1488 /prefetch:8

C:\Users\Admin\Downloads\directx_Jun2010_redist.exe

"C:\Users\Admin\Downloads\directx_Jun2010_redist.exe"

C:\Users\Admin\Desktop\DXSETUP.exe

"C:\Users\Admin\Desktop\DXSETUP.exe"

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\srtasks.exe

C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_24_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_25_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_26_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_27_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_28_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_29_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_0.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_30_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT2_1_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_1.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe xinput1_1_x64.inf, Install_Driver

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT2_2_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_2.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe xinput1_2_x64.inf, Install_Driver

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT2_3_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_3.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_31_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT2_4_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_4.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_32_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_00_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT2_5_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_5.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT2_6_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_6.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_33_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_33_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT2_7_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_7.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe xinput1_3_x64.inf, Install_Driver

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_34_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_34_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT2_8_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_8.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_35_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_35_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT2_9_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_9.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx9_36_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_36_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe X3DAudio1_2_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT2_10_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine2_10.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe D3DX9_37_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_37_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe X3DAudio1_3_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT3_0_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine3_0.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XAudio2_0_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\XAudio2_0.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe D3DX9_38_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_38_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe X3DAudio1_4_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT3_1_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine3_1.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XAudio2_1_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\XAudio2_1.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe D3DX9_39_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_39_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT3_2_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine3_2.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XAudio2_2_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\XAudio2_2.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe X3DAudio1_5_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT3_3_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine3_3.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XAudio2_3_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\XAudio2_3.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe D3DX9_40_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_40_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe X3DAudio1_6_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT3_4_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine3_4.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XAudio2_4_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\XAudio2_4.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe D3DX9_41_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_41_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe D3DX9_42_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_42_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx11_42_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dcsx_42_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe D3DCompiler_42_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT3_5_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine3_5.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XAudio2_5_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\XAudio2_5.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe X3DAudio1_7_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT3_6_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine3_6.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XAudio2_6_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\XAudio2_6.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe D3DX9_43_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx10_43_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dx11_43_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe d3dcsx_43_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe D3DCompiler_43_x64.inf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XACT3_7_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\xactengine3_7.dll

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe XAudio2_7_x64.inf

C:\Windows\system32\regsvr32.exe

C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\XAudio2_7.dll

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x4 /state0:0xa39e0855 /state1:0x41c64e6d

Network

Country Destination Domain Proto
GB 216.58.201.100:443 www.google.com tcp
GB 216.58.201.100:443 www.google.com udp
GB 216.58.212.238:443 chrome.google.com tcp
US 8.8.8.8:53 238.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
GB 216.58.204.78:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.179.225:443 clients2.googleusercontent.com tcp
GB 172.217.169.42:443 ogads-pa.googleapis.com tcp
DE 142.250.186.67:443 beacons.gcp.gvt2.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.212.202:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.238:443 play.google.com tcp
GB 142.250.200.46:443 consent.google.com tcp
GB 184.28.198.210:443 cdn-dynmedia-1.microsoft.com tcp
GB 178.249.97.23:443 lptag.liveperson.net tcp
GB 2.18.109.131:443 c.s-microsoft.com tcp
GB 2.18.109.131:443 c.s-microsoft.com tcp
GB 2.18.109.131:443 c.s-microsoft.com tcp
GB 178.249.97.99:443 accdn.lpsnmedia.net tcp
US 34.120.154.120:443 publisher.liveperson.net tcp
US 34.120.154.120:443 publisher.liveperson.net tcp
US 52.167.30.171:443 fpt.microsoft.com tcp
GB 95.100.245.144:443 www.microsoft.com tcp
US 35.186.249.72:443 d.impactradius-event.com tcp
GB 95.100.245.144:443 www.microsoft.com tcp
GB 95.100.245.144:443 www.microsoft.com tcp
US 150.171.27.10:443 bat.bing.com tcp
FR 52.222.169.111:443 cdnssl.clicktale.net tcp
GB 2.18.109.131:443 c.s-microsoft.com tcp
GB 184.28.198.178:443 analytics.tiktok.com tcp
US 8.8.8.8:53 120.154.120.34.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 144.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 72.249.186.35.in-addr.arpa udp
US 8.8.8.8:53 171.30.167.52.in-addr.arpa udp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 111.169.222.52.in-addr.arpa udp
US 8.8.8.8:53 178.198.28.184.in-addr.arpa udp
US 8.8.8.8:53 134.252.19.2.in-addr.arpa udp
DE 144.91.87.188:443 www.guru3d.com tcp
DE 144.91.87.188:443 www.guru3d.com tcp
DE 144.91.87.188:443 www.guru3d.com tcp
GB 216.58.212.194:443 securepubads.g.doubleclick.net tcp
NL 20.190.160.17:443 login.microsoftonline.com tcp
GB 216.58.212.194:443 securepubads.g.doubleclick.net udp
GB 216.58.201.110:443 cse.google.com tcp
GB 216.58.212.238:443 fundingchoicesmessages.google.com tcp
US 152.199.21.175:443 logincdn.msftauth.net tcp
GB 216.58.201.100:443 www.google.com tcp
GB 216.58.212.238:443 fundingchoicesmessages.google.com udp
DE 51.116.246.106:443 browser.events.data.microsoft.com tcp
GB 142.250.179.225:443 lh3.googleusercontent.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
DE 51.116.246.106:443 browser.events.data.microsoft.com tcp
DE 144.91.87.188:443 www.guru3d.com tcp
GB 216.58.212.238:443 fundingchoicesmessages.google.com udp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
FR 52.222.169.121:443 connectid.analytics.yahoo.com tcp
GB 142.250.200.1:443 0cef02b0b67cc2f7e20dc31b0d94c066.safeframe.googlesyndication.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
GB 142.250.187.193:443 ep2.adtrafficquality.google tcp
GB 87.248.114.12:443 ups.analytics.yahoo.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
GB 216.58.201.100:443 www.google.com tcp
GB 142.250.187.193:443 ep2.adtrafficquality.google tcp
GB 142.250.179.225:443 lh3.googleusercontent.com tcp
GB 142.250.179.225:443 lh3.googleusercontent.com tcp
GB 142.250.179.225:443 lh3.googleusercontent.com tcp
GB 142.250.179.225:443 lh3.googleusercontent.com tcp
GB 142.250.179.225:443 lh3.googleusercontent.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 216.58.212.194:443 securepubads.g.doubleclick.net udp
GB 142.250.187.193:443 ep2.adtrafficquality.google udp
GB 142.250.178.1:443 tpc.googlesyndication.com udp
GB 216.58.201.100:443 www.google.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
GB 142.250.179.225:443 lh3.googleusercontent.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 216.58.201.100:443 www.google.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net udp
GB 142.250.187.230:443 s0.2mdn.net tcp
GB 142.250.179.226:443 cm.g.doubleclick.net tcp
FR 18.164.52.116:443 s.ad.smaato.net tcp
GB 142.250.179.226:443 cm.g.doubleclick.net tcp
GB 142.250.179.226:443 cm.g.doubleclick.net tcp
GB 142.250.178.1:443 tpc.googlesyndication.com udp
US 172.64.150.63:443 s.tribalfusion.com tcp
NL 34.91.165.80:443 um.simpli.fi tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
DE 91.228.74.200:443 cms.quantserve.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
DE 37.252.171.21:443 ib.adnxs.com tcp
US 172.64.151.101:443 dsum-sec.casalemedia.com tcp
GB 142.250.187.230:443 s0.2mdn.net udp
FR 18.164.52.34:443 choices.truste.com tcp
GB 142.250.179.226:443 cm.g.doubleclick.net udp
US 172.64.151.101:443 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 34.52.164.18.in-addr.arpa udp
US 8.8.8.8:53 102.201.58.216.in-addr.arpa udp
GB 216.58.201.110:443 cse.google.com udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
GB 216.58.204.66:443 googleads.g.doubleclick.net udp
DE 80.82.210.217:443 dsp-cookie.adfarm1.adition.com tcp
IE 54.171.11.29:443 ap.lijit.com tcp
IE 34.251.118.136:443 pr-bh.ybp.yahoo.com tcp
US 3.224.217.69:443 google.partners.tremorhub.com tcp
US 13.248.245.213:443 eb2.3lift.com tcp
US 34.98.64.218:443 us-u.openx.net tcp
GB 2.18.109.35:443 sync.teads.tv tcp
GB 2.18.109.35:443 sync.teads.tv tcp
US 35.186.253.211:443 rtb.openx.net tcp
NL 63.215.202.140:443 dclk-match.dotomi.com tcp
DE 51.38.120.206:443 onetag-sys.com tcp
DK 37.157.5.87:443 c1.adform.net tcp
US 8.8.8.8:53 206.120.38.51.in-addr.arpa udp
US 35.186.253.211:443 rtb.openx.net udp
US 34.98.64.218:443 us-u.openx.net udp
GB 87.248.114.12:443 ups.analytics.yahoo.com tcp
NL 145.220.21.40:443 ftp.nluug.nl tcp
US 216.239.32.36:443 region1.google-analytics.com udp
DE 142.250.186.67:443 beacons.gcp.gvt2.com udp
GB 95.100.245.121:443 download.microsoft.com tcp
GB 95.100.245.121:443 download.microsoft.com tcp

Files

\??\pipe\crashpad_1252_TRXEMKXITCGOYGED

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\scoped_dir1252_1781607975\3ddaee68-16c0-4dba-9400-259b478df85a.tmp

MD5 da75bb05d10acc967eecaac040d3d733
SHA1 95c08e067df713af8992db113f7e9aec84f17181
SHA256 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA512 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

C:\Users\Admin\AppData\Local\Temp\scoped_dir1252_1781607975\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 6e108813cb522bc8c2718f970f22fc14
SHA1 7b9671622142ebb929dbd2c46314f3b57d9c2237
SHA256 6fac9670ef706df288decebfdcba4e8abef99d433be9e7683766f876814ffe22
SHA512 a3276920850ea94399794e16ee400786a56849696db32a58401752375954a388cdcb6d021212572ca71b1af6b06b9196b444825ca9d95e8cf7a1144174afc86d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 72ec8504329615856d666d5b105ac62f
SHA1 a05cca0dacf0537bb9bfd23277c3f2f8ac764bc7
SHA256 71cbf04b8b39da242aa87d915b3792048a93b967d01c3cbb09fe528b150f0e8b
SHA512 812aa8bcd039b454fd3e6475e22ed29037d6ad6d296c286253a37f2ab0fca45161355396d443697014b13411106568d98209942936799f1e2272a063c854a823

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dba6e3ed7db8eeaf08f7c4605946ed1f
SHA1 c86cfdb506f023666fce268e579097948e114d98
SHA256 ad70b06412c4a95339f971e01023bb87b2457be74ed6b27a63dd157cb84e8f77
SHA512 6a831d674a01583e13b247b40f8428414bacccf08ea44c74190b3007389b92c4b3cae5ca79b818d260f4b31c89217d1b91d6b7eff290fe6a435f5379f479755d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\01ec6ee2-95f1-4334-bc5c-af66700a6ffb.tmp

MD5 a39462d7af4aa856f1eaeb07cf430818
SHA1 a0b32c9405a83bd7832cfc92a6c485135b94c337
SHA256 81e12c1d125d9db6c5f789e4140e297958f74e17c6b8e1948119ad4cc6ff7e4d
SHA512 b84ea18aaa02359e9767cc41dd778aaeea81b295a579c5501a2e4303c7bb87a9ea34c051eaea306522e78214ebe035c6ba4befed7f658a8479938086637347c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 409fc2fbce40f6ae9c9afde395eb33fc
SHA1 3c294da2f3790fd120d7bc7e170c7544ed45416d
SHA256 0068ae275aa037b6439ae8a0f06e61b267e3322d39d127f3af0cf080765b9cba
SHA512 3743a5fd9de1c5b6b05232f0730ca5fe353860e8163cbcd9e76fe113068c775c97d90bd6323530041ddf55f49df67a14a3c0d1e3fb8c883702fa0abb7d995568

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 b250725c6833e23382931b02c1a23577
SHA1 3e0d8add6adf231e324df044f5c75fad16ae743e
SHA256 e02002104be3b739946d82146e5d5fd4b96829fffe34c301a9bfdc7152a68452
SHA512 257f972cb55744b709205968b2c91457b4eb147e6e20628ba94aad6b09c4ba5881fea0ab504560cc259463fc85cb0aadbecc9b21d1018ad0f36b41c15539d4e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a2189693e7a4cdd7124fba7b268564a
SHA1 a236f748d2cdb4b0cbfc8477123f8a2604591b92
SHA256 d079ecd4f67f2f2dee3d3a494e3da55ca167cadb7ba922f5fcab3ca6dbc85f63
SHA512 473c57c6dd16d899ac6627a98a315cf153c22a74fbe5647d6577c7a3b1e8d9616b0ac4979c1bac7affe5207d4b4986262063bccb1cb1a49b5fa168cacac57d39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 65764acb029a5152ee2bc6839f0c5198
SHA1 a5bcbd872b2a04265858ff6c9bbfc59805953ccc
SHA256 8a861e7d281cab02ec58a2be66f0560cfc0114d082c2732bb5a9fdbef57d351a
SHA512 1aabea830e7c88894987335a72b44d3ef6195bf35a2428989ab1f347160cb881a3a3bc3f9fc1023217728011c7c28fd93e23b37d25662ca327311b03353c3e55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7a133e88a32da569b69056adf94995fc
SHA1 3066eda5fe83ec439300be1403ad6e0513df0b2c
SHA256 b89ba849bfdd41ad787185b2d8edc63f5c88a911b0fe8a004a4833eb58de7d9a
SHA512 52dfd3a6681097353bd4acd22ffc551057ce02a678f94d227b70a3bddcfc60e4c196c7aa6c04ed46c95e1bdd9a397e3f8ab2cc0da0bdfc175dd640f3bd5c76c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 731e8ac5306abaac3a1e9d374b44b45e
SHA1 e0f242e94380572db49ad434a74cc3dbf81af818
SHA256 d5a2d466f6aba727fc31a0229b775f61d7b8bc10cc6ce3355f0b665f06386df1
SHA512 4ad32968739997cc7f304b4d23202fe69c0b03a944b3edee861a59ae887949f679ec76dc01bffb99330f7091ca33ad83b7e2326803934baf4943063f452ac699

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 95fa87e189155de9b601d8e0710f95cb
SHA1 c484c0fdf92756d5044f24cfac6b0d85d93f5bb8
SHA256 1aab41bbd8288715061eee1eca85f8e25e6314a72269d6f2844f9a40c67b7702
SHA512 2e40eb8a013505e4ac2dad9064a66bad62225686eea8463906b7aba3c5c1b494bc1c51d0fb43942b519c95453faeac8fb1f2d6aef21ee6bd7929fbd5f32b3419

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 078c228e08f7a15c2b13f4688d01b7d7
SHA1 bc4a89893e3f6b3e6bb61737897c65a053b2c25d
SHA256 ab04029f7e85e650a0f3879996b2d8f7427e4c8ded08ec780a92ebe0149ab6d7
SHA512 5eeccf4ce57c0bb8aac903defc29013d4617ff661b62190d232128aa44e6c0f3210142fdbe02dbc9555ff8f66fce9fd3d8d7eb765a3200bf8e4bbdb22a03fc1c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ba1c33a369c2c17375b30bf44e09a3a7
SHA1 813412897f60b20ad7ec674fe790b2222bb80d65
SHA256 a6808a5bc5ab948fcd13ae05863cc9451082b11bf8ca51f606b5b2a728cedcaf
SHA512 73191f1cac75aca8c2821fa2ff5ab9482700ba6b2c1a2400ac97c45b979d465005bc37829465dc6693a73ea786a59bf879aaa88fa3bda74d597b56539a8c1436

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4a019a527869b39cf1b04e61c257e4c4
SHA1 e0942b25ac364d921eb01e6a7b4cdf2ac1be3ea1
SHA256 c3bc9f8ae791d1bc30804add5f13b14406aae26c591d81e02c6b8cf993d4a4ed
SHA512 5e4363d0cb28afaf482d58b3c8c2592495ac4ff712b78dd257df8f45de8f44210cd56e6a0616569745d9b25442c497b36d8065afd919a9eff336d06b35a01d82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6c5f4584f100f8143f92d166b5de4f5e
SHA1 d017167be70d0f28ea200f115d78a81fc3832710
SHA256 fd604bd4453a60a29d2e8185092c0ce2199a0e4c938489f58414f24cce5c0df3
SHA512 08b1a1454f93542d69749c0e1186bf1a130f10f3e17e36174fa564c8ec76006e6338377ba57f497f8555997d49d9da27314f699411c8040443dd71aca2e4e7bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fc8dc5d28240bc81176df2c7a36708fc
SHA1 844ec7ac958c9df74b84b8d967a4b1725526d8e3
SHA256 9bcfe509280e89d75eafc450ee21db87b40e1cf344f8d5d481919ba377ae32e5
SHA512 b35a31ea516b2046f7a620041946f414f9896dbdbf743a581db62359a571c22e71e3b29a41e76bbfbe8d437184d8406467cc2e6f2fcd40384b8d7d30fb285a45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c695e4a6f6205ac2711fbdf5e0a089fe
SHA1 51568a7fea81cf31925a6d398a80d161650ec6c8
SHA256 f862a7e2f2b9e8072835073099e76eaae8a6b1e0b7bed868a5f21a2c933eb14b
SHA512 fdfc5e021c8f35e952a71d5911763ce142095feefc7097f8020ebdd7da8fdb647d428dcf73f63d3259a167846f233f182c61f2f9e3980e5965e539dd83d61d9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 14f0f1c5a6a32edc3bccacf15697860f
SHA1 7d783a338c51ab408cd6997e171f7c37aa89bc16
SHA256 638ebe99d3f7730bbb9926cd62f20cd847de51c7de264b059a9c777e808625c5
SHA512 4f8aee0c9ee4a78dc27273fdab02839c55e9df8af7a8323f4e4d019d3616cc6ad2fce3f0e181a8d4d92af1f6bb7f61f456867c6fcff70308a0b6c9ab90df3ba7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b658a12a5171aeb7595387afcf51367
SHA1 f682bb05e1b574e9b11bc764a27b0d65ffd504ad
SHA256 df6bccaccc11f4a77e36ac6a5e241e63d91a68802824d575c272f8f8734dbbfb
SHA512 6996d4df9bae41256e57df998245b4baec5a234deca2ba55f3dfd7a2fc0433ba751e48b5191339bbb1aa804184eff7ffd71103cc3c30a6202d9ee58139c3091c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000053

MD5 9a36e47b062c2a7cc98b2c7c60423338
SHA1 a981b814d5b10e4dc0ab86fff926c960f19d756f
SHA256 cd85f4762e736ff87d7184e4a146149df68c9b646be1841aab202e55ccad499e
SHA512 8e4f25e2e4af4a3317e94eb97c580008ac622ba7110f3716e09a15647793921912ce57436c31dd48578185b6cd00edb975a49a21d1684420b07cb98c0f2902ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

MD5 abe083d96b58eb02ada8b7c30d7b09f2
SHA1 61447d66d13a8c8f4335696777a85c438c46f749
SHA256 db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
SHA512 d17e095a6f0871fa0c9cddde08f87a63589574eb23f3dca7430ea23fd6ff5c3523e9807dc0ed0cf9c874e1a37046461e79ee47e1e9aa64513fff25bdd48c3696

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

MD5 8e134f1169d65556e833a4f33fd78242
SHA1 6f6a4355042cc46857a27f98426e5f5df3059697
SHA256 3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
SHA512 df7ddfd91a6b45094ef2142c63e4efb0375ec8c5f6ea5d74bb050755d5365abfede14ba5f2b9510d3cf76b129e6967866321782f2df1730d7fc69fabd29e3390

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a

MD5 2abd079be1223e68fdd6f520afe8fab7
SHA1 0f52ef825e632aa99b80724e2fc419fe1413ff39
SHA256 fc998bd9e644618ab3ece7ba644b58e43e6503e49b8ea2d19c6ee725c4676c75
SHA512 41d1bcc91961d70146f3434857c2265d2c1ec8cb81d388ddd187de5096e580bda69da20cf4ed56d72aac3d4e731f177b99daeec128e0ecd68dd37beedf4b3f70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7c725c2385465e66dfc161c9ce85c070
SHA1 c2c63d2e0fd25104473f980f3489cf9d2f7f1d4d
SHA256 3b1a3b984a0afb4882328df2e24717e9b8fbd11b20e87c0fe11ea0cb35cb5ed8
SHA512 01972dd76c48d1a3a8ac0e3f148b30bac94c7430ea475ac321ab4dd38adde024d579b6a0787a237191702cab22a20d299da63caa34a14f052a9a985a95cb38c1

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fe8ed64b70c1624f4a2663630d1a2609
SHA1 684b714800242be5f3ce4c214d3e21f61c1bdf88
SHA256 6ef960dee77d23fc06799fd9aefaf6e0803b101b2029ef18d53eb9e719df8621
SHA512 2ca7138b64b45d580264134b8a86c5d10d4f1c91d8d285df7912a2b9dc4b40f0a1e2f0a3ab3e27b16412cc43fbb45b5fcd813753e7cd32bcc8e0009c8cfb5c8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ff2afd10577b89cd2126b71bfd1313c
SHA1 3448f6c41f26edc023a3149e851139a83427fbbd
SHA256 ed13d31058dc73991ce584520d2f124c476ee8241e2359b61704164e7d53d1c6
SHA512 29e8367cdcea736d6216c04f7369332704e2773af0ff167e7f05cbf0faaff68550a5a6a7b239f86710274da03d8a0cfebfdc2f5a7214fa636b88f862b41f4c0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 34993c28f3aad98bf74748fa366d3aca
SHA1 932ccfb7d58c1f13394f792eaa86b3f52222e4c4
SHA256 66b3b505936693be9f5774c1cd61d8cc915a89d35a40ebf1c7fa51ac28b12451
SHA512 e91dc8d0c09e0fa4872a933801430b3dae951ad006a59dae0438bb06ffd94d5b62959f820cba813a85c815eebfa27feeb4995ce22f7776d216974cdb6523e096

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\085120c090cd27105fa44b23a0aa84f8fd70b0ed\d3782b42-6c98-4b28-9dd9-03e407af8d0d\index-dir\the-real-index

MD5 13335c8a07d95cc3876b7e275fe8f21f
SHA1 be71f7740e8d6dcd31ec2639b8d767d586d30efd
SHA256 da886181e351b7520eb51cb8d4771f4e88b8da3f946dc098fde72623d2485a03
SHA512 448a7433b72114afcd3d5652e2aac16a687c57691c7dfc5b085d8cd7c77083eb869ad86ed77c943d2357bab782d1a76a0ba930050d79d722d67760e08ff64a4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\085120c090cd27105fa44b23a0aa84f8fd70b0ed\d3782b42-6c98-4b28-9dd9-03e407af8d0d\index-dir\the-real-index~RFe59bdd8.TMP

MD5 835f44c8177a488e3fae5e542588ba7f
SHA1 cd36c38dee852c825173e6fd3f691f3a9d3fde24
SHA256 af4f1d0f660543ba89bf3af5a99be647d7b069133ce9f9de3c9248168d2a0bdf
SHA512 820e90371780db61d78a2018ea3f54f562bfb87183a8898bef341ae80fbdcb81d4144ea3ef78e8258f173e247c79090067498222109b015bb915c18e403a3b09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\085120c090cd27105fa44b23a0aa84f8fd70b0ed\index.txt

MD5 5a60c9a3a4fe0d612ad4631d83f089c1
SHA1 7cff4eda5f8048e9e5d666c716bb5f193031c2e5
SHA256 70d5d041497b06f3f284ea8a5a251311d548b7d00f8d5c90d3484a5262c753a7
SHA512 c9bdb22db0f46fe306f53094a299fd2c7febf434f0d2398e9a10077ba5e65e688442e48cdb22c7877ee0c254cfea3d42e5d7c874c6573a0ec69edb2c23acce01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\085120c090cd27105fa44b23a0aa84f8fd70b0ed\index.txt~RFe59be16.TMP

MD5 c5707685a91c4e59145120ce7011b8de
SHA1 7d8e158c63a9b56744e3aa1aa5e3d9964de70fbc
SHA256 e41986c6fe00691a999be3ee0c664f4cdbfc6139ed215360e862ec34a43ede13
SHA512 c1641e872e93e36d1ba9592fb88ceda40f2668c9429aaec3e5b5845cd69e10d54915103d230adb10214aeab48f5c30ac430f2beab676bfe32856b6eb8a19cacf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 58c367039efc9f45d1a8df93b5f1ba6f
SHA1 09dbd6405b42ba365464a5e29d1e5716063ce1a5
SHA256 532d0bcc0dd9b64085c59a257f9902ceba8034255ad97b208ca801c3932763e3
SHA512 6d50b72c37cfd86e95ebacadb1277d0484b7c929c20feef7ea0d87202d1cced0c1e3abf394a2da9b7e82db5ded9c59a5c86c50f7fbf0622f4cd01e6b10a57238

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 00871091082af409c5344e4c8d909f41
SHA1 780addf1dd1747a3bcb4afa79ddb68f3ff9f0e90
SHA256 ef18139004165c56cd789633c00260bbcb49f9d1d2f75cb42f0809fdad0c2513
SHA512 8b6abd8387c7e2facb49019cf6b0be297275472cea968c6c71d8b03242a0a7ad69bc7be6cd6fd20a543a31c6015e5fd255555516abdc7e50085a64e99b4c7edd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d968bfcd62ac4a3474b609b883eddfdb
SHA1 f6ab345a41b518ca4367c1ab199c243afc433cc3
SHA256 a36be8ad6e210af977b88bea9063a51570a0da01e843d565860bd4044ec2da4b
SHA512 da2da35b43d19f53e5cc95b7dbdd7280c3e2b1736b8b2c6ef5c19c365453da7ccb0ae6692cd696b9deef758a08d6d2e2e50720cb27e59e65f01ce6276b25d345

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3806e3a783d602c1190bfb0d6c66bb94
SHA1 c198817f80a75dfdb2210d4c2cae1b228bfd6769
SHA256 c5e918d5bd02d6d844b7d9372186f6670f36c2fc12dae447ab595f8023ddf95f
SHA512 84e6ef8852fa8e65b0d9d2369bfb0ca401013af4f4803e5de955891cd307aa0c9e5bb896e9b1d0014e374e1488361c200d640d0c58bc46b228380bace0d3fc21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 37893fa6e79bae8d242c127a59d44510
SHA1 5112c22f7d8b24a29b9873d3bbfac2618410f659
SHA256 2652e3ab7f01a7dcc1d55a6e4f0bf01462c06e5c7fe2d7ea51611e81f975e87e
SHA512 38c6f6530904d225b0444d5dc19b9544ae6a79dafa7e0f61b0c4d3a6854cf65bdb5a1ad0d7c9baedff310c5a5ac4780659b81b28efd2b4503e2666bd7386397b

C:\Users\Admin\Downloads\directx_Jun2010_redist.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e3b34aa17c729f1d93910f43fb2b939
SHA1 ee93caafb25ecf33de9b85a938074645da0dd588
SHA256 8f510e61f6e185bd3ffd194b6d59929a0cf656fd0d6d1486ee0470f6246cbd15
SHA512 cac5210fccf25567d96a305b426b3619f9b1ee7700244d1aac80b100f79fe31d05fc7ea953d7ac1c0612d90f1fd54ead66cb1c9e3683d31ce4232063252669d7

C:\Users\Admin\Desktop\DXSETUP.exe

MD5 bf3f290275c21bdd3951955c9c3cf32c
SHA1 9fd00f3bb8a870112dae464f555fcd5e7f9200c0
SHA256 8f47d7121ef6532ad9ad9901e44e237f5c30448b752028c58a9d19521414e40d
SHA512 d2c354ee8b6977d01f23c6d2bb4977812bf653eae25e7a75a7d0a36b588c89fcdbdc2a8087c24d6ff687afebd086d4b7d0c92203ce39691b21dab71eafd1d249

C:\Users\Admin\Desktop\dsetup.dll

MD5 eb701def7d0809e8da765a752ab42be5
SHA1 7897418f0fae737a3ebe4f7954118d71c6c8b426
SHA256 2a61679eeedabf7d0d0ac14e5447486575622d6b7cfa56f136c1576ff96da21f
SHA512 6ff8433c0dadc0e87d18f04289ab6f48624c908acbda506708f5e0f3c9522e9316e587e71f568938067ba9f37f96640b793fdfaa580caedc3bf9873dc221271f

C:\Users\Admin\Desktop\DSETUP32.DLL

MD5 d8fa7bb4fe10251a239ed75055dd6f73
SHA1 76c4bd2d8f359f7689415efc15e3743d35673ae8
SHA256 fb0e534f9b0926e518f1c2980640dfd29f14217cdfa37cf3a0c13349127ed9a8
SHA512 73f633179b1340c1c14d0002b72e44cab1919d0ef174f307e4bfe6de240b0b6ef233e67a8b0a0cd677556865ee7b88c6de152045a580ab9fbf1a50d2db0673b4

C:\Windows\Logs\DirectX.log

MD5 d31a545a46a249d3c35548269684cfec
SHA1 d8ae69dc097938b519946b4e7307a81c823fcef4
SHA256 80d07d93651a4ec09a70719469ce9a29ad3a6cf5545877e57f428ae87e0bc0fe
SHA512 342787c18fbe2e702ff3f1cb01887c8ace17382103f44a5391219e355d372a14d05ac798fe87641a7c9f9a2042e032bd288aafffa7267d494f5078aac7a6f1ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 87783975c0aacf187d1926570726a19a
SHA1 711f1fe3d40f35892c340cc6dcd43181f2b46331
SHA256 284fdccfbe22a0b752da0e9ec4cc6d4265afbb8217066c43044cbadd767efe04
SHA512 2bcc4a89e96c842495b5e33c44de2f04c9f1962010735b5ff12f94ebb57aa4d714bc163fcd5f4590dfb2fccc41a0e5c398c1ab0dfc3ade4174ec84407d6473c6

C:\Users\Admin\Desktop\dxupdate.cab

MD5 d495680aba28caafc4c071a6d0fe55ac
SHA1 5885ece90970eb10b6b95d6c52d934674835929e
SHA256 e18a5404b612e88fa8b403c9b33f064c0a89528db7ef9a79aa116908d0e6afed
SHA512 a25c647678661473b99462d7433c1d05af54823d404476e35315c11c93b3f5ece92c912560af0d9efe8f07e36ae68594362d73abf5d5de409a3f0a146fe31a10

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dxupdate.inf

MD5 e6a74342f328afa559d5b0544e113571
SHA1 a08b053dfd061391942d359c70f9dd406a968b7d
SHA256 93f5589499ee4ee2812d73c0d8feacbbcfe8c47b6d98572486bc0eff3c5906ca
SHA512 1e35e5bdff1d551da6c1220a1a228c657a56a70dedf5be2d9273fc540f9c9f0bb73469595309ea1ff561be7480ee92d16f7acbbd597136f4fc5f9b8b65ecdfad

C:\Users\Admin\Desktop\Feb2005_d3dx9_24_x86.cab

MD5 7ee3c0e90d831041e6c845672660fe60
SHA1 7872beaf83ea8e57543331fada1bcfe808529f18
SHA256 12e2aab3dbaee503724a5505a6f6951f07306578801a4b5b6b9b54514275ce79
SHA512 07e3aa95fab08921984fbec8e82357c3c1110ea25d0a7e8876b8cdf5e69f109c374e37fa2a17071c494478b32559005da76503b3e6be0cc28bf9b16b1e462cec

C:\Users\Admin\Desktop\Apr2005_d3dx9_25_x86.cab

MD5 b7457f5d50176d38d36a2e2dc0429fd2
SHA1 1abe9f17489e389e7400dea76a0386873446e9cc
SHA256 6ebfb6ed6ac0b69502a5b74e2edca188872fe767269c4ebf62f174157d198de4
SHA512 81306420caf830770114ad9e1f43160a83e3042540aa6f5da722f0f8b25bc18a7c84ea5240203dbc4c328b44f084ff948923b344848be778a79251ec8d22732c

C:\Users\Admin\Desktop\Jun2005_d3dx9_26_x86.cab

MD5 cc994475277a3d4fb3257c6230d12f8d
SHA1 f7f6a524a23a056defdcda0bf5fa983434619bf1
SHA256 b448d7ba5b6fe1dc27639d42eb6ba0a997a793135678c729ba6756cfe4efc38b
SHA512 54d18da46be9552dc8e3c895b677632be38faddf0213d840ece51ff2dc79454bd2288921dc809463e05d7c4c17096915bd035d5a9d4053651c87215680ce6220

C:\Users\Admin\Desktop\Aug2005_d3dx9_27_x86.cab

MD5 5cdddd58ae010e03ecc6ced128002291
SHA1 3fa025c7810b23e8f83b8f93dd818fb652e590cd
SHA256 7a10900872ecd9bdbc8f7beb7869a260fa4b25e34084f237f1b096df5371c273
SHA512 35880b2f0c52066aedefb7de5b4eb04c165b2a682ef51def55dbdbb4b2fee03e899d36a27571037a76459777af49c3e2e8faa44b5f8236bf3f156293e7e7c9d1

C:\Users\Admin\Desktop\Dec2005_d3dx9_28_x86.cab

MD5 c5455fac40117333ba1ae32c8cb91633
SHA1 ba1ddc5df441dfc58d52a25cc8903fb8f549e7ee
SHA256 bdee0708db956a4ce59220626106a2df70ede2e1e32f29e432254b04876fa7b9
SHA512 bdd8bfb069ab5f8c1cb531ca5affffe3643dabd2fdf0c661f279d82609a925c72099d80dfdf1064cdd77c94cf5a8ad2da758cb99c8de0554473bcb347c54af80

C:\Users\Admin\Desktop\Dec2005_d3dx9_28_x64.cab

MD5 95a871983dcce1c8a4fd87483e1f047c
SHA1 6af009e1d9d0bcc1c54509b90bda22def3b67a6e
SHA256 8231b38a0ab70018f15d7239ed96e5f2bc89ddae6cf9650c9d7bd052b96877e3
SHA512 7efa6b77cd9b1f8074047870bbc5c5561080283f28d6076a34c99fc701496f11091e2a6f1f4744643993b5ce7d899fbbb90c14e2f30718f0658d41aeef7eb5ca

C:\Users\Admin\Desktop\Feb2006_d3dx9_29_x86.cab

MD5 09fe2721b43875cc085e0da4470a47ad
SHA1 050dee7c3f81554a17b3a58c1348eb469050a05a
SHA256 20231448d5d74b7df1e43d796d76381d563699f81944c7ad9ccbcc1a77a5591e
SHA512 b2b792e2680a1e6263b2d666acfb3d7cd239a5e41c107211e6dfd3c613ce6fbc1c63337bc8eea5558114e62e9512831dad34eb6967d49db59aa0001289735d36

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dec2005_d3dx9_28_x64.inf

MD5 9a3ccc90b71d554e968eca0a812bf0b3
SHA1 0ed1ca28d7f6c8b4e017cd48b8504340cb4d736e
SHA256 510b6d528be3f2997b8bd811486dc3c13eb27a9de22d1bf030e6db0e632cca4d
SHA512 0f10d2ec9f72651927599b69dc3f4e037febfb9c2a18e02eaa49962903c1cf77b63ae6335c06effdfac26b87418ef2c7a2d53dd799a28d275632d8255ffa8be4

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dec2005_d3dx9_28_x86.inf

MD5 e0b6120a048295ebbc629a9f8fbe53ad
SHA1 3d9cbcbdafc1f9058af74896a5859591e164555c
SHA256 d4d03c4ab3c8486d6331548e967ee17e011fdac90f63c0a9a44a744815a7da7a
SHA512 66c0b9501bb08d41bb708d0a724fe6ac27abaf735ca224074e594cde932ad1f9eb9db5defba8a8a71a0a12904f20324ee4d129a1ac9fcf816fe74d648379908c

C:\Users\Admin\Desktop\Oct2005_xinput_x64.cab

MD5 c39e4358cea9538ab1d4b842da669bc6
SHA1 2201149bc0a1e69b0f76d25f3ab4decd6eca73b6
SHA256 10f2bcfcc38d3150bc80eb0030a1cd40084f1ec028dc927543c485d54ec35022
SHA512 6b25da2e8b67e9b02dbef22629c260e43ae4c78398d901faf8afd3528ba402511b05ad84de8679d53341ca89c3215b82ce90441e4347976679bcc5906b98a2da

C:\Users\Admin\Desktop\Oct2005_xinput_x86.cab

MD5 b296431a5dfff596fef2f04b4f36362a
SHA1 d4a177df95b23a958e6a019508af5667d27f1af7
SHA256 f2d475864e34409fb586093f92390e1f47403867c39ac30918941f19f3fccb0f
SHA512 8c8119e8ca2cf7f8ee8fcfd95605c53642833decf8fc6fcf5eb602ba780177cd1d077c91247687f9fa0b7c50624db69c8fccc9e1f4207490198fa6932c83bfab

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2005_d3dx9_27_x64.inf

MD5 7cfa60cdb7e697b40a268eb8814446e5
SHA1 e8e77082361d5a5ebf6163cf880f9700cff5741b
SHA256 0a8ffec8d7ef3a0aa005f604a045dcf80cf5b6473b4f26e30c58eee23e253fae
SHA512 77aaea559ef94d405194351b52643512a71990833dac22a331d5b78d569263db11bf969e26224ba8a362bf538782010ca074286ea605490d40c10f7d2d53d255

C:\Users\Admin\Desktop\Aug2005_d3dx9_27_x64.cab

MD5 c91aa9c752a7c46aa11101347209ba33
SHA1 c3412728d632da9b4433dc30a0e53863198971bf
SHA256 281d20c56caa3a2851199c028d4d20ef0a862cc3f84b165eb200da573d9e4401
SHA512 08855d230074a7ec94d4cde4fb72f28a37c4d013474a7ef44e8f67f03901eefffe9bb81962d6f8f9fd356e3b4bc47ce7a910011982ae78b5c66e6f78a42c22cd

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2005_d3dx9_27_x86.inf

MD5 e45a175750a672cbb2553087a8c5cf8a
SHA1 70d487f99e101bf39650594c27674313181a8ff6
SHA256 d02232a6587c460c026601517178318bab2ac29c59d269c6e3d1a3a993a9a1c4
SHA512 199882ada178e41be14af82001829d009379445028d3803d2a86eef899c01600cf2aa86123311b728e888498674379a35d40ed0964c2f88da24758fe3c7093d2

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\jun2005_d3dx9_26_x64.inf

MD5 134624a22aefee1fad4eb11445b8d342
SHA1 3f0f65ab8be678250660ba47f33f229643c118b1
SHA256 addafcf0cfd36587c12eb2692922f0fb134874d11005a0544cc054546a493933
SHA512 24bfc2d96b3078f82ba031045271460295f3a1e6dd3c8c30d8d50c98daa9051aeca93ed8ecae8722b70083d3b0ba41735f81068e7514e81767e1e119e45ad6f3

C:\Users\Admin\Desktop\Jun2005_d3dx9_26_x64.cab

MD5 d795fd4fe6bacecbe706430e16f80a8b
SHA1 cfe5b5c96f7754853d54de7aceda5d0ea9e9afe0
SHA256 7237630b897ce760948d9144151ef27c0699fb76150b5f157676fa2d220a236f
SHA512 56da08bda50b7ff5a0d08e651267ae6ff6054c29968d49a1870421df781a660da77b07e9c2b9527e654e6f9190469a3b5fe33cbb73b993fd03667ff27d956c72

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\jun2005_d3dx9_26_x86.inf

MD5 62f8ec9c0d3bd54ace90cb15f5caa208
SHA1 e84f4a60c79f862aca0f917d1d30898af4036fad
SHA256 262ed4a65dd45e19f196cb2d9946326693ee31a86b51bf77116dec2727971cb6
SHA512 3de4ad76b207c2a0ecc10835cb787d61faa02e3531f6242a606ac0686cbfa156f59c30695effe5560d9a8481800b356873b7590beb8a739b33c0b1fcccea3fab

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2005_d3dx9_25_x64.inf

MD5 f052926f0715b88b23ad52855b34df46
SHA1 c411b1ddee73a4b317d652bc3ec159ed58efffa8
SHA256 3d97810d00ceb3e7674a2ef81427d4180f77f93f9454837c5933fbc6a1ad5c1d
SHA512 8fad81eeb503d81b96c098190b5c4155f4bfe1cf2f36fdb5834a176c7c78d11b52efb6b3ba6f3168d7a21a1fc5e53fec770d125feaecd7d1cfad9cb1106d0b94

C:\Users\Admin\Desktop\Apr2005_d3dx9_25_x64.cab

MD5 fe9e6c4c7d7aa341a84f039d954560e9
SHA1 0830cc54adec654ab4394032ec4e046185ba01e5
SHA256 b4188ce988af9c4771ae0abcc7edc42a091133f9f20196564f51755dc55ea85d
SHA512 40322144e859063872af8b91b1c6682e92974b26c13cb92e17d179560f6706be4f9a7eac0e5a3c6664a7576b5884e8b4f3bbc35976d6cd2867ab9359e9d1815c

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2005_d3dx9_25_x86.inf

MD5 bae5034d79a545ce120f2c336de0f68a
SHA1 7276af2015696d5041214fa92eff4375b3d8b183
SHA256 f484ef48e0c6e2be8207d8c8c7308dd966d52bea1fde221b927d3e49f1cab0b7
SHA512 be58875949d23732ff63a6f505b242a44811cb9603a9863d6a78a4c9193b6336b89ec9a82666865888590a7b81ad99d466a3847e7c22d0de399d476364280a22

C:\Users\Admin\Desktop\Feb2005_d3dx9_24_x64.cab

MD5 f0215800a0031dd763c3cd7913717587
SHA1 253aef9afbbb0bb8f7c68f2ff8ffd51d89a60a67
SHA256 48eeeecd6411039b23f32b7b22c8d40bce45280af5f8b066edd6cf30284b90ca
SHA512 29e50a68d84ca3bd3bbde4a24728a3ac4079e6edff1e6b67b710bab4e03da3f7ba8485d96483b5161e6633635871c2d340aa7fbe1ac16570d1bb121ebd368b88

C:\Windows\Logs\DirectX.log

MD5 348ba74a81467b228dc322dd4a65d04f
SHA1 7b0fb15647952cdd281ccaa6739e9cc11d763a3b
SHA256 09711f8bc35a98493d396fba7287bbb6ce2d4915112c7a1f4d99c884b2efe468
SHA512 ec912fc060ccd600d2afb547c71eae44015412acb46e935e761746a1c557cd32fbba1638373736566fd9ff16976e7e53150d1067e1951267ca1945353fe6b4a0

C:\Users\Admin\Desktop\dxdllreg_x86.cab

MD5 4b4f83d1dd86314b65760f44f9c7a9b1
SHA1 d8d857ebbe2c0dd5b63e564bf8428c55ece55778
SHA256 4afe0249a13868b7c4a92b4d53c998adf6053eb5e2c47fd81020fd8d4bb11150
SHA512 91a556dee865f9a625a148556c289b287187d4a7c2814658d8b59a99afbf226dcf557094f43349ebfbd2fabc5628940cce942a22c29f5dbca086a3ddeef8e9c6

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dxupdate.dll

MD5 7ed554b08e5b69578f9de012822c39c9
SHA1 036d04513e134786b4758def5aff83d19bf50c6e
SHA256 fb4f297e295c802b1377c6684734b7249d55743dfb7c14807bef59a1b5db63a2
SHA512 7af5f9c4a3ad5c120bcdd681b958808ada4d885d21aeb4a009a36a674ad3ece9b51837212a982db6142a6b5580e5b68d46971b802456701391ce40785ae6ebd9

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\feb2006_d3dx9_29_x86.inf

MD5 f4c258b663ebf54c55d7d09b05b26ff6
SHA1 85af1252cf3d9ae7afcf8d576cdc17910203ad03
SHA256 f12f4bd86d5cd748b0fcf7106e9dff333c27c0886541339ba1f40c443bdc61cd
SHA512 cbd491fd8e847a4659758bfe0f5a4b56c97e539e3b3aa7ca601c329d858c882cceefb9ee8341d794235b7c2403a090f45a0ba8f2f44de3e3b1685d027d8bd19f

C:\Users\Admin\Desktop\Feb2006_d3dx9_29_x64.cab

MD5 57baca471c5419ca43bfda1b65774406
SHA1 d862b27b79952a264500806beab9a66c7d43a861
SHA256 405bd17fe25128a91693807a6008031d87c005ba93d016cbab6276891d3bc6bb
SHA512 8239424da9aa6afcabef7035c29561060cc67a2f31e2dcc0010ff000a1e99088f05d6d1c1d2b6c6d9440841e5e36fe7a0967fd1d9e5e6c74491187e76478f05c

C:\Users\Admin\Desktop\Feb2006_XACT_x64.cab

MD5 733c3a0ada15d096265570e79044d1da
SHA1 23474ae12d9ff57b152d65a3d25d61786b9f268d
SHA256 ea39caab8e071df53c2f44c19fb2ff6e2f6af4ef47f0c66d8e7b1b0918d6745f
SHA512 7f60c8415e1d578c43330f527f2cc1777ae730d837a5c3ea3c5ebb7e9c240344cd8639cfa6e1b9816c6c35184e15857cb1decc709042099ad22bd182d9e6a43a

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\feb2006_xact_x86.inf

MD5 9dda266ba05cd917cca889659e3b98c8
SHA1 2a2ba2ccb3c9d87c03198b9ef3b9c6e21d693055
SHA256 45146fd446fc8533dc5f97d88bee9ae220161f24797114d0bf3afc7c479ed69b
SHA512 26fa18c8058397b8b5d89baf1fb9cd689827b48781dbe40ddf884c0a3ff9cf8d8451c6c084a693e4fdf107ad181fcce35a2fcfb371548df948416b5713d8ce38

C:\Users\Admin\Desktop\Feb2006_XACT_x86.cab

MD5 f66725e68f488c4379d8294449773136
SHA1 d011a66320e99263562ffea53f5e2868010a494d
SHA256 633a1fe357e57bbb8e058e1e029f61f379ab936a85c5d30ee442d804a1806868
SHA512 6fff646002e2d62d8185e80e46e34bde6a7f1ce35d3621ddad91334dde9faee37dd414ec1f2f719d3b90d3a76862927834ee0e41484854d6dcf10b7eff22ceaa

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\feb2006_d3dx9_29_x64.inf

MD5 0d951a2eda3638d4c976a5ffc1a9f8db
SHA1 fca89fa6bc6d4c25758b7baaff9136c3d73140ff
SHA256 ef36ece1a6bd8af3b0b9247b081d28ed511b7e18c43eb3aff364c9ce8d3a06c3
SHA512 89e960fbf9421a208476f7f65acf8047d231f3d6fd87fb31b01185ce88f5ebb1fa7513224124889082f41f1dcd579cc8bbb638f1af73081b4630fb07934dbb80

C:\Users\Admin\Desktop\Apr2006_d3dx9_30_x86.cab

MD5 2bf0debd3d503ef601e5ee17bfbd139e
SHA1 9e9506be3079eed1791831193503acf35ebe3301
SHA256 4b5da79e14ef58f2608fc5ccedfc7c6c6f782291aa5573f36af76f2903173db5
SHA512 f067a8d26c5738dd5d5d52ad3c28303f3d7463b22c092e7f8850a4d2bfcb561915eddf0decfe8a7289993587250055af204af00f87af9677177a2db8c6782416

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\feb2006_xact_x64.inf

MD5 7d46669082d530935e79c74c4fd83bf2
SHA1 194a05e3b019beb07da96c3bef780e6154a78b9d
SHA256 b7ca1a4942057592c5b83b4425350da41c61779dcae608112141d727091842d4
SHA512 590a9628fb90d4140d6f96238caac46f8ab23a59e3a9d94a28d1638006085efdbfad259b9633e4a56585f6cc10119d67abf3fa873a426a1946af589c17f84fa1

C:\Users\Admin\Desktop\Apr2006_d3dx9_30_x64.cab

MD5 3d797333854abb64abb6987afe7b4ce9
SHA1 69091c7d92b1cc64f8d4e5b4042e418e2bc84f3b
SHA256 079f61e155695a61a0ce009ee00cf76fbf6b2b9b412c1a5b4a2035d4b5c90a5b
SHA512 2ca4abd15831257958ac103b01a3b222e056b6c9f275e800b6da69fcbbe8643cb564a33747000491a9295a208d76d7c3faf8f1624c8655ed73ee5b26b455ca45

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2006_d3dx9_30_x86.inf

MD5 a49046c25439fa900b1d1bf826506ce3
SHA1 deb71dad1d55dc5af2f80a1c3010c0d899bec187
SHA256 373cca07c0ceffa72901441219a4457de9ff110aededae5e4818588da39cd344
SHA512 d3e04f2e7b358faaefdd683e7ede8a41c2f65b7c8072754b03b2a5de416651f92712fa7d9bc6027d7326dc5bd8a497161685c04cbb7bb36a384aeee8dd77b086

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2006_mdx1_x86_archive.inf

MD5 b9dda5b7e6323561b289e0be4e4027e1
SHA1 510f83f8d2b50816e33df8684b35fa53dae51a47
SHA256 80d44f16d81ae8bdb1ef8f0efdf53911523280723bab4392285cbd33a0fc633c
SHA512 cfd470d44ca0d76e756f8a72e01ac7d60c498a0012b461c9b371fccdbdc6bf972ed848ad7487dadea7f16aec7f8749630b1aacc7f936e6ced30a6c798a6c139a

C:\Users\Admin\Desktop\Apr2006_MDX1_x86_Archive.cab

MD5 78f5a0256e021167a4b15a2801b4ae58
SHA1 60588991ae2ad6dfd2124c5c57eb5b7799355639
SHA256 0a051a9b50f58dc631254102ac885942ced67c2911950de0cdd93cd1cd9453ec
SHA512 68f1c722d6d29e10b541b43fbe1df885d0a3ef564b2d30e66db328425c6d6331e23cee1756e235473f8144807ff9d3f016d56a8e612b2b55473b105b08a1c642

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2006_d3dx9_30_x64.inf

MD5 5d684b07779ae5b421e23167e2b9b44a
SHA1 1e3570908b810cc799f047221351cac7a3583787
SHA256 b70b8f62a2459580d22999301f1823bcb8a9bef54bd33b38e0af274a3a12e010
SHA512 6688f5a9952b36a0a83e806c9be99d9ffe9ba4982b76a9c7e8cef5f824c17ffe9e5ad9ef4e4974c6e2a9cb37e8c05584d8d83033182d1c5d00a786bd2b693e23

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2006_xact_x86.inf

MD5 f67df97463d42bedc122fbedc37096c4
SHA1 42cde962b355cb3c6a7a7a88c8dc315f811a7494
SHA256 037db252501fd0e30303c11706d804d9eabbf319d0b4e88181ef8f297b4fef8e
SHA512 93815abbd6b6666438adb146bff476aa2728aa7475178259fea623dbfdae819bcf1accddddb7695ef23bb2913d234264ad2ec826bda6eae5d99459798b032144

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2006_xinput_x86.inf

MD5 53294b978995caafcb6a9ac8f67b8580
SHA1 c165d2c615261f135f60442ad0a6e589d681a850
SHA256 b604779115d32d439f77b33257c96f928ec4ce564189f7d0d357099c1da140c4
SHA512 a3da7e02ecfadb181ed13855b093908fca0aae2ee75e6bc4f873fe69a34cdc08f3bf504aac2ea98f9573437d2ff000e43ae8450c87036ead48e6c2b80ec523ed

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2006_xact_x64.inf

MD5 09c9b7346b65f5ba209934f16e711c8a
SHA1 9d6cf0fe295475c438fce214d9d24d5579f2f29e
SHA256 d9c3216ada5dd7791ca852a8ea97765f94a7b56fed27b20916b5067eb82b14d0
SHA512 26b84a457b5bd17a5deba56926af156a2144213a2b75fb015641a7817fd2307cfb439ca22ec0bb584dd21f8f9e4c7b3cc749a350b26cfcd0257f5fbda23fd9c6

C:\Users\Admin\Desktop\Apr2006_XACT_x86.cab

MD5 1407603eaacff8be5ac25de29f29d267
SHA1 9b5e9ed65a8a23e80bffa272cfe48354e62fd96a
SHA256 875662d0fc1fe865bf43e7279fd391e88f96b3141c1a829ab3080d547501ff8f
SHA512 5a1a8de49ba7bebe5e5d7f14ba9475fe6f7e8bab145052ba282f38538ec2b771d89f98a0fbb8a84a3d9450ebbb45751303173d8d3ee11a3cc880bec189d70dfc

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2006_mdx1_x86.inf

MD5 2ca62bfeb43facdd1fc06f20fb20397b
SHA1 ffbb8f6a8a11f949ca180a7e73279c4b775bbbb4
SHA256 2546a1875bf868edc621a1cd0ee262151faa08762bcced0117e1304eace0c04d
SHA512 3d16b07bbfd172dfa979dfcf4384baff35538de371dfd0b266e5110772f0751f9e5274fa92b06d1f289f8aaa585ca1fe382f8469561e74e343f37e8a05f85dbb

C:\Users\Admin\Desktop\Apr2006_MDX1_x86.cab

MD5 579bef95277d18191e77f631b9f886c8
SHA1 0aed07d86c81453ced3889f20b1912de7eb2fd4f
SHA256 0e3b4b9d5a45884620820d0e9cfed852b03dfb44e443179a35e93f3183384db3
SHA512 2a7befd66786b3372119e6b0511fa615935c1af52fe254592f095742352e4f8bb84ffcf944beb7da21de015670b2657d9275d3a32c38d30e8e59bc7878f7f52b

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2006_xinput_x64.inf

MD5 019f21ca754cc2e21d97c3a2a97d5ef6
SHA1 54d97b4018e0cd04c63f1221cd8da7a0990a2cb0
SHA256 f9d01e93e547045e1d232242c900530dfdfa54698586c7049281965e3bd01ca2
SHA512 0c0ef6a8bbc05eb81cdba8aa2c3f4a0d39f4859b6de495c79f813894253ad1ddca4851841064cadfb1901ea1f056c68560aae1e68bd12c590a143a6b7f0b16f6

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\jun2006_xact_x86.inf

MD5 fa59f92f7d32613a12189e75eaa700dd
SHA1 f2c3947427e7eca9fd1ad53427d1dec28a5f0f55
SHA256 6bdce6f6779712e38c6d9e6e5961217e417254089f096c719f25566e952cb257
SHA512 e8dcbd918cdd7d98a94d53413088e2f75e4d1a15d4f69b6927f3cf19760d9f2fc577659fd533b2e4e2997aa29f285b0fbb35830331997549e429dbdcc7ae9853

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\jun2006_xact_x64.inf

MD5 a983924d66305104b4e21a551dc66448
SHA1 23deca69eea790ae7afc30cffa55e87ac8520cdf
SHA256 fe9caa55be17684622fd7339b1b96e1f0d107dc33c065706d24a435d523c6e12
SHA512 83c2117df0fc37979ccca7d861598a8a127d135456f72597366ac65276906435ab99fa353f246f9f61634fe96f8376d38253300f177d5cedac194cc92407f3d9

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2006_xinput_x86.inf

MD5 f87111f61ac57d80199cead8e63ec45a
SHA1 4a525a78a90fa87290f60f0598fe285f9f46c90a
SHA256 cc66d67daa1f4c31ff5e59c2606c3930f72204a5057c29b9d58dde37a47b1cb7
SHA512 ddb1b7259aeec662fa271f6a6d271e9d48c4b8ce4d47d452dc2ab15611421baa13cec0024e668309b7444b31fa5b24f41b032796c81a36e94d7e577d9c516712

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2006_xinput_x64.inf

MD5 90d7a7386af9b951f939d869567894d1
SHA1 ef70a6efb5f7b32193bdec6c5ff13a4abeb4f00c
SHA256 35f25b9538e55172cf36729519581444e26b38a9dae5cccc4ad75dfa34ea08e7
SHA512 10920d0116aab01eb1130eb91b26bd91d4b3ff8e09a77db5b79f88c94c463389548c2b3ce494162d4b2c3fda903eae6c2d87492475c56fc901c37fc8306555ce

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2006_xact_x86.inf

MD5 ddb0d03b1d4a6ce09da5cbc61f5525c0
SHA1 ba5e1361e394301d5b9d9a4aec68ae21f19c70a5
SHA256 34e7227e03812fce5415b0a4c3d15a9e9b259350ac9873db2a98b2ea76ae2284
SHA512 2160652a7f8adfc346e0af6f822875c34d2d13f168b9895b063925979d4fcf33a7da777ce7d43c9ef2b23186ac00378e8c2d4ee115bb2ff794e863e8b6feec5e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2006_xact_x64.inf

MD5 d40e6c659cb7a757d8e751b050495927
SHA1 a9c515d786bc8f5c739fcf5ac1b6e15365f9e14e
SHA256 6fe310a67227203bbca3389dfe3403fa268cb424f4b525cca2d5407ed26670a5
SHA512 fb58acb95f1914da3c650168ed50fb6f75df68773daa8e8389db9c7c7c4d0e8bf93e46458fb76de676acc65132d781a7624f67289860a19e03520ecdbdb66896

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\oct2006_d3dx9_31_x86.inf

MD5 8f7aa1f0f2389f3cac574652f5d6672d
SHA1 921f2161cf46c6314a330ff52c83f8a3f1058f0d
SHA256 a1c61096019a6ae1a9f31e3fe67aa2bb7e9e451967959d7088344f3f20ab572e
SHA512 a85c03ccaa27adf3c75287529f18e84f526cf91785e0f4281db0eb86feba78522603e21def19bd2a33e03ceaedd9109b8af1dbda4a3fe93fe6eb95366b6df747

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\oct2006_xact_x86.inf

MD5 6181c4b93bad5332b34180ac0bae5077
SHA1 259c8de2dff2a5dd8d4971fa1ab3fb0d193ae90b
SHA256 66998b21cbe6f05b12cdb4bb45549dcb1b4a92f8a1b910334150a8d767fa39e9
SHA512 8508ebc77b667907c5c2f587131f24cb25c5a67ab2f7d8b94216931457f486b37b9701397ed6ef527c9c6786f82a938a52d2b6cb0afddeff4101cb100e3ceca8

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\oct2006_d3dx9_31_x64.inf

MD5 e2a0e651573cffbf81578b864b50cfe7
SHA1 1c739f17f63ce7c5ba00638259628f7fc919cf74
SHA256 c031987e68e476365cd885e41a072f85fdfc9e480c93871d024a5ccf26d17118
SHA512 abfc6452d055bf6a3fadafb9562352bda90ee0edae5a0fec798951ef9d39701835212533a60eaab67c5c0fcf01ccb9115fcea3779b024ee1e11f217cb676e7f0

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\oct2006_xact_x64.inf

MD5 535ca39d61f752c3f1ba4956871fa27e
SHA1 4941efb676adedb9a46d7cc7415d8af03957b3fc
SHA256 4c388e9eaf3c39e75d003a58020e491b675b3a6054c702062a9c90e86f691d96
SHA512 f203958ca9c7d37daccd342a4deb125b60ef839b5b674a2a0220d7f0d770d5cfcd5c1f691470200bb4d8711f2f6a77d8b968e17020dbcec8c40b127a09f5f9de

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dec2006_d3dx9_32_x86.inf

MD5 c28f4fd1644e2a20b1c897438e197e1a
SHA1 5178534444ed7dec8c63f02defe7bdb864c47123
SHA256 ef09d783bf5cff2cfba99946e5e71fda577b196a49c88bed1c51b5fd29cecf94
SHA512 7cf93260efb1d794a17ba25b1fa02ba03b0ceeed8131d274b805155072a9a2b92a899471a8b23add8bf46c6a5a3cda63499043eaa754001bb43cafd882c8e708

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dec2006_d3dx10_00_x64.inf

MD5 eec826f7141bedeeef38c5a3528b5034
SHA1 529081aedecb7b9fbc7d9707eeb6415f98bc128e
SHA256 2a43ac72ab9a6f4771c02b6e10884921b733b86dbd7ebdfc5502d011cd5c8d05
SHA512 62cbe09326cd04c891faa124c65554fd631382a2e078c70ef72a1a07d57239b3ce599b57be3fccc755075174df1d63ac3597dfb3aef9b4ea34ba4597d804d2c4

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dec2006_d3dx10_00_x86.inf

MD5 1b702c5bdf738a8abf4a3108097a6b7c
SHA1 c1d9c9d5e07117f273064bec36ac92b5ed624d38
SHA256 33291a47388edecc059f1825c1979142d7a9cd4a850716f9dce687deba1fa750
SHA512 498483dc823e76316e977dcaf7fbc557c3e60c67129a678701d5168105edc97f97479107330d5eb3989dc179273cc9b74d055827f036f2f3551a0a3d398f04f4

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dec2006_xact_x86.inf

MD5 211700aaa53bda6894be85df3dbdc792
SHA1 4874325e984b4f0d884cc732da474b3bb59d3848
SHA256 4c0a40094228a51f567bec65c2cdf289d268812c1af579e3c6b76cd3adb77e12
SHA512 8f51d965cd1ee20cac11256afc5e422d94d43435729d653b25c5347e108fa50e59c3bba18fbd7fe4e2a1a6bd54da1622b80e029a5914e973f3faf5884a262baa

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dec2006_xact_x64.inf

MD5 ca414f7196d9b2a7a9d4057ca0714fac
SHA1 7eae4a5bfcd42915adeff5377036ecb4bd656999
SHA256 f2f2040b8d13705f00d8e20a53f22093aa0f8c8d6aa6224992ba727ace7b75f6
SHA512 1efb725a49a8ea7125074436bfe988af360b1ac22629d34a754cabaf3c151855d08e826a0e244cdf9b624b531de14d23f32c1c16c82f6832c8604cbf52882e11

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dec2006_d3dx9_32_x64.inf

MD5 39929631df326b944470256c4f9cbbf3
SHA1 932de27abf59c889c02ed747f0ac04f5e494492a
SHA256 ff00313af4a90f426492d72969f5efc6c56a17f2dd91f20cb5c0a38d9f1f2b6b
SHA512 8dd2755a2b2fb90c6880cbbde65d127f55d12df2bab4560ddf86d6793b2cd4733929d97efef5fd8eeb417731a571888c893188df0361ee57eb4437fab331cb13

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\feb2007_xact_x64.inf

MD5 42161a1071084cb4f32b0d7d748d9b62
SHA1 e7e29605c21b7a2c370dcf979a40c50b93ceb298
SHA256 184c1684c57de07983edaaa1ae2751b263497673ee8418af023a63fa03553f53
SHA512 2aa8e864dc28ee5d0583d044e3d8a9399d8d49b9fb1c522c1c640eb7b079515ffb0bac5280a220c23e15ea4c7ad45c7f1722e05e9f9baa069f4a2670e4976358

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\feb2007_xact_x86.inf

MD5 5f1df74b0110f56ae0b6556dd2dbc14c
SHA1 c8c7d383f5e37c06015e1304b599568999bd4e09
SHA256 64b6020f43bbab7f7c2368fcfe7224165fef555b2bef813aa13b2d9f6295d46c
SHA512 06572fbaa625c85b05f5f4eaf880083607b6d010a8d4bfdb28cfbb1021b08e533f3491080faecb24055acb897b337d83caf9306fadebc1f1353763e8908850a5

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2007_d3dx9_33_x86.inf

MD5 044cae9c30c88bda73727243f5e5206d
SHA1 de744e349cf4ea458b10657d510966d21ad08d67
SHA256 349a09a2791d697bffffc61410a536cdcf258f0d7c86dda44a297e8aec4bdf00
SHA512 18e501142004afbcd28b41bdd3a9b19e2eebc047d7858ee11a9135f19759cfd8c643ff074a51e937bbcab7162888fd95effc146be21fe63dfc300ef03ed44056

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2007_d3dx9_33_x64.inf

MD5 e40a6f3215c3f1397eb18b3388f95032
SHA1 4845590abf12bb5725d94d7aeb953a5686918537
SHA256 2d87efca75d8b9aeab3262841d52a7c56bad34ac6b9691f4df2d89b14c950f8d
SHA512 942f54a3984a29e1973ec096709de890fe870a9dfc84a8c5597244251cbd69f84543cc5cffe620a076d0a16dea6e393c6790553d6d9e2fea1af1c0f00a12140d

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2007_d3dx10_33_x86.inf

MD5 fda5776cc944ebf6d84fb45c8a1a35f5
SHA1 f3b603dcdcfd6a310c2b0945f1a3b97276041ecf
SHA256 3286ba521fda888b1808f12955a58d7da4df7d2fdb472c7837a1e0e1a6317a06
SHA512 b051b04ce06ad21d08ace3a28d490214556f4b5be060ee05f8a4ff872d1cc72df05624021a9a0cc1efa4e63772f55cc61f11edf03537831a44ddd6ab409e83b1

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2007_d3dx10_33_x64.inf

MD5 00ad98b94609033c2819745587b0eed5
SHA1 2a07dda60a97dc2b4a7cf3cfc6245e72cea0efb0
SHA256 3e61c4d723d282c36c5493d82644ea96715b7b548e50494d22b4a83d4e2b8237
SHA512 e7fea5f9186c324423c0b129dc3e8594df49dc84c61400f4635ccf688075b256d7923ca8f4483bf7b2fe43862e71aa134cf2c9545a23c622d0cc04dc7d6dac1b

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2007_xinput_x86.inf

MD5 e188f534500688cec2e894d3533997b4
SHA1 f073f8515b94cb23b703ab5cdb3a5cfcc10b3333
SHA256 1c798cb80e9e46ce03356ea7316e1eff5d3a88ccdd7cbfbfcdce73cded23b4e5
SHA512 332ccb25c5ed92ae48c5805a330534d985d6b41f9220af0844d407b2019396fcefea7076b409439f5ab8a9ca6819b65c07ada7bd3aa1222429966dc5a440d4f7

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2007_xact_x64.inf

MD5 dcfa000ba60f73c2c02ab590faa1ae10
SHA1 154b9ff40cd92bfaa572b289662d0305fa2fa017
SHA256 bf6ca1165632efccb0292ae8b739ce68d78ebb95dd39b8e4c1717d78a026db10
SHA512 34f6cf1f3fbbdd79d04dd55315b0074abc21b9c26df6e2fc9d66c6d15f36ad35edea741000a84a25ea9a68a94d46f500398a27c8865a30746574741dffaadabf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2007_xact_x86.inf

MD5 99f23af200574f24c4c5d9ee12fd2cb8
SHA1 f0e50816ed808748f9379733921c9302551cd937
SHA256 008db10780aa8fb6f20b7aa5f5d513ca77efb36c8dddfb9ad89173ecaf700af5
SHA512 5e97d157ed8ad10f9cbb9490a16141fa52b2f32e09edc7e7f5e4b2d9c9bf38bbb85706d76543ca4ffe9b54d5fbc4b763b7df0893f1e7e56ae4c8ac1a720dbaf2

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\apr2007_xinput_x64.inf

MD5 94563a3b9affb41d2bfd41a94b81e08d
SHA1 17cad981ef428e132aa1d571e0c77091e750e0dd
SHA256 0d6e1c0e961d878b319ac30d3439056883448dcf26774003b73920f3377ecac8
SHA512 53cac179d7e11c74772e7b9bd7dd94ffbc810cfc25e28326e4d0844f3f59fd10d9089b44a88358ac6dbd09fb8b456a0937778f78ecc442645764f693ccd620b8

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\jun2007_d3dx9_34_x86.inf

MD5 b1d65a13b527d75ecdc30cabf407d103
SHA1 db6df8ce6c28cb4a0275aa134c2d42a0ed957fa2
SHA256 a568b7b8a0360ad94b1ed6388eca6ca9d8770937360a426a0fdadef9a4019bba
SHA512 7d80f772b36c408c258f7db1180bc09996620634e6304761f5c10659d0885bb8d0b19bcad50a13a5d99ee92dc8e15587534d966bd32c5a8910308eab623a7f86

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\jun2007_d3dx9_34_x64.inf

MD5 d203c1993f21a870871ebb0c99de313d
SHA1 e69a5bc70fe66f89fddd81330dc148a1e788a56c
SHA256 77f3fa1756181a90d2ee63c26cddfdaba0d720c9a49121db28746cd02b3e071d
SHA512 e03c341f2d8df6e8174447d32bccb56b096073a35a3d8193860bd4628d812d1fa381bd35a55e17b4f27c5c5fffddb25223d932e995736fc608030501954d45ba

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\jun2007_d3dx10_34_x86.inf

MD5 55e30750af2bf57321ad1097a512d725
SHA1 0af3c73afaae0e8a1fdabe25beeb96b32eafb9ad
SHA256 808983dfd3db7c3452589ea4e14ab4af8ef47dbad3b639f9a3c55685c9b73867
SHA512 0ad8b51a550243d3f24ec5934f2b5e53f1d8e0b87997a7cda38840b3160121f1e221e6cb09d3f5b384df74be2ed10d4dd92fb02aff98bd0ededab751ddaa7149

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\jun2007_d3dx10_34_x64.inf

MD5 bf312732fe77f600a36f2a7b98a346dd
SHA1 5e9c70959111dbe60ad86258cb5bb20d0e9caa0b
SHA256 0f75b7ef71e183476ec938705024eb8a10a77d7602a336be876c7f5d17429725
SHA512 10f3d128da5180ecccda522164269e4940b69a7f55af9501de648e572ab5275f02c113be5342969c73e118fb7ec49209883c4a8d6c4648fb898289f77ce7a3d0

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\jun2007_xact_x86.inf

MD5 757a5f0cceaf39b5c7c9bd61650fd12e
SHA1 a7b3dda77f0f2334466d324eefeb3e5f6809d880
SHA256 33b980fb973394d9d8cb4645914d4cf6793bf92bd311e0431ce9cacc59fdcbc5
SHA512 f4f969b017c9233bc4a2267118fe921689b3237d28fc2b251ea3b6227e0b17dee84dfb8df6491928791891dfcd265688069b92d8a88cb9dfdbfff07b24a4dfcf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\jun2007_xact_x64.inf

MD5 c8ca749e73883789faf6561a375d9b51
SHA1 fabee2ac65f1d4267da8df07cd3e4cf4eb19148f
SHA256 405d8cbe3c87b16afac2a9254497412a42de4ae2d8fb470a1234dc3260e0b90f
SHA512 56a0fd5b8f065b82f5f9b73dbcbf912045847180a6614dc48ed7b27fea3909839615aab0c8d0a122d9fca952e9591da5152b4c618e84a2d7aa409dea4fa4237f

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2007_d3dx9_35_x86.inf

MD5 815d75e4264b1f9c0bbcc529ee7a290a
SHA1 cc956156066c87ce1bd2b7628453f1824a426412
SHA256 c0d87c1b079b54b75b86939199ca5ee1f796ae3de9c4ed0ae074a4fa01823c73
SHA512 bdaaca529cd52df20cf1e35b45e1824fe48d09442666b18faa3e948937026b09d880a27f1d915816bc6e1d98b0b486d590f867aeaa046317b7f48d6a0f949391

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2007_d3dx9_35_x64.inf

MD5 0b3f4e715a43024fd00f769e62cd8b9d
SHA1 ef6de20d95a920e3b69307737976bb243783160a
SHA256 e34ad9e49f31cb9211e0f350405c344d93fc65075e470c8fe09dd78af68f2c80
SHA512 336df101ab341c5f22d516089fd31fd9f0541a01d3ac4ab4e171b73452ba3bab3cad84af50f1e9da17c46bcfbe7a1b52284e2ef2af49c67c6d6cce2969e14ec9

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2007_d3dx10_35_x86.inf

MD5 741a5ce76295b86694cd7540870eeec2
SHA1 2c165af0047c98d2864379ea5fec33bb1507bbf9
SHA256 7987e2c475705bf8f049a15af946ec0cb5ccddf27c0b5c8126694421df601770
SHA512 b7d0a0bdcd060ee263860024abe5b054aeb2c8c8c7ccdff9cfa9886188d7177b1bb8799909b3c95aba181292b5bb9f9426ecab0a6a2689970afca5a1739fc4d3

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2007_xact_x64.inf

MD5 a78f12b4514614db269bf55faf383875
SHA1 0425c3e3ccb15f691d6f5d30b71856138063002b
SHA256 2fcc4bdc6516418d3b4935c301e14f30e3bbd0adfd264bc34067b27b0b266b8e
SHA512 9d1cc2704541b71b246c2cc8e6e1d667cd7e691e42865aa5b0a800cf26386cf00781ae7727b7f90711e987148e98f4253e05b6d3872d3f69b0584bcf97b3fbea

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2007_d3dx10_35_x64.inf

MD5 703b4ea6a182ee3b48026d01319579c0
SHA1 3184959599dcee4e74b251ff14dd2aac81e2ad68
SHA256 af4bdfeb4283f04e24475279931e042f17052224cf708f0c444fba2f2e221289
SHA512 a6e67befdb1d757bc08f6a726e6d79c4f51324edbd1f48730616e27079bfa60262b88b4c49cca046e3da3832e375dfc29b2ff48b7007443606da94793ef7ed84

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\aug2007_xact_x86.inf

MD5 8898bbb8acc1b54b3b9b6a2f6b0e2cfb
SHA1 e5ace499d26e573544be76c8e45cc5278d15022e
SHA256 c246c38e41ed71bde4b3cce4fe337826173896a04c26f8b2a00b06bb0cec024d
SHA512 b0633c44541cdaa2d2c3174027d849ecdf5ccf2149da4a2932f59db600cafd8b959aa0382973e23fec7a76ed7555e96065a4d8aa077f50c2a14e5080673aef30

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\nov2007_d3dx9_36_x86.inf

MD5 08ffe480ee5e54fc19a2feea46adced6
SHA1 c939391c489bb321f70707183b0d3f4b5f13911b
SHA256 843764f70f56d430c0695e263c895a135a631f793213d1005fafcf9c210d1ac9
SHA512 c05aa34b860b5620c982731af15889da5571395fb35faa24d43ccbb1b42dcc756769a0b9153c28112d7347f28d4ba933d8b15fb36a3e511ac99eb148f848ed99

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\nov2007_d3dx9_36_x64.inf

MD5 345ecd585eec22fb33a62e59c2758b6d
SHA1 2d6ed63996903c32b3e7ae24d86c924b11d53e7c
SHA256 d1b544b3912e73e5984cd759096120febe6f17e41a3cf920ef82431b9b569c1d
SHA512 6d88cd48bc32a008989ec4bb71afba0afeeaa12f17833fb4072c38b237bd006f192f4e4e7a65d8aebe5d6dac1d13098eea370b03ced343a5541e0ef23e813364

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\nov2007_d3dx10_36_x86.inf

MD5 582814cd47564fe8e3424cb2eb090501
SHA1 87a2114434564bb0a5cb4ea337577dd405f5e42d
SHA256 96f48bb810055699d37e9e27a65947483a0b4df304870e3b5448d3051b3e4926
SHA512 203d522271aacc0200bdd684934a8478b54a258f55ecca49a178ccabf418a328cd02ebd2a9656bd9dcd40c33de21d33664c5b16c1e7877de424d37b4f9b3e7a8

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\nov2007_d3dx10_36_x64.inf

MD5 60e353607750ae5e63cb8e56f443321a
SHA1 8f1b07f8cfbd66e9a7e3c15118bddd99b04d6871
SHA256 7a49ae818e199cf9f9bd831f94cb6d03a1e72a141d76546261979b30642757b7
SHA512 038aecc1264f608c6028ec2288f0d8de6c9202bb3d1e96fd247e889afa06f1ce592bc9e224f37e83f29c0984cca6c4e85ab11eb28570aafa20b076f2b2e5b6e8

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\nov2007_x3daudio_x86.inf

MD5 4287ed3f6647fcd80ec6b0f7f2606964
SHA1 27b2e4212295478645a017a4df820af6bdb4dd0b
SHA256 f882bdbc8230d24b24e20f9d0db447586e9493801900a8ba381eb493bd41f5d5
SHA512 c816d7127fb7fadb971b757ba76d4b918fe18bb16e5d2249b4bd80b0b6c47208e7ba5e11b521d9cd0a23d464c392f98a3c617b91c0ae799f3aa10401b4e2bcd7

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\nov2007_x3daudio_x64.inf

MD5 55402001ac41f0bcd1f457a36d298848
SHA1 a18fbdc9631610f2550f05cc3aed5a665afee7a4
SHA256 1cc72ca78433fbb72ee6b654c908748ea846c87c80424816745f285ed3bc910b
SHA512 96cb7ff1d43a7c1642d8ce9cb3c23ba460f6c083a7927fe0ad7a3ebb85649c384ef0542ee3e7dff6b99413b95a2a333327cd28349665901f466782fe96ee491a

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\nov2007_xact_x86.inf

MD5 7e2a5eadf9f1eaf90d5eac15b7a9f558
SHA1 907cf74056bf7ad91e47c98aaad9a092ab42fd02
SHA256 24714f229e479338ed89bdd6143140505fd63f517b7e71170ea6c072a1748b06
SHA512 63c2f438e6feaec2b9fce15617940c97862a54527d549fb6ea149e4d18199c1752e255c6cb167ff20b9cc1f74b87ffc97110b65652bc5c3883cd14894d21f8fc

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\nov2007_xact_x64.inf

MD5 bebd51d24aa338f6192e291d03684b6d
SHA1 cf2c0efb60f44748b0ef3f95276b0512719f130d
SHA256 841d579573afd51499c7cd8ee986a41db63cedb722e8fac351d3632ff470c161
SHA512 28fdc41091d761faad79c1af33da0372086689113df2f1cb40513d50727e5aefd652a977ad5c92bd62f1c5ef9cfc24c23bc6758ddd6a4d1ac5db0b5e401432ca

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2008_d3dx9_37_x86.inf

MD5 020d1260794d5780937f0f7a919cd62d
SHA1 511ecd1186deaf129a5532b79fc776a9ab8fa9be
SHA256 d55858e166a2fe00d4acc30da756f0ab2c4dd5a79a9874eab3100722c74a1b75
SHA512 201e24e51dd859c35fa9d0a403993cb0b2eba67effbc598ca4491f05bff4f0805731b1e7cf6026b7dff9fbc3167c16b43887f080fa40ac11c6ffe09297401f9f

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2008_d3dx9_37_x64.inf

MD5 ec75fe979fd2c2372ea75c72a905c832
SHA1 954642c9087489285c8f0786b63aee108ec08d04
SHA256 a4fda3373241c2748a969ddeeb6ef41b3cc1bca6608362ba87db75f69023fe9c
SHA512 dcaa772d21d1be7fe59f1ad32d10e7cb454ed2a4d98b3add201f8bef03718c29f9915fb4cb779111a954a9d93d898393ac2ba593c2d4d378b88bd492b7b5381b

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2008_d3dx10_37_x86.inf

MD5 1242da12c637d5976af936f60f387c26
SHA1 a6890fa9d41f6785d54a7d3e1b229b64010089ab
SHA256 bae3bc2b7071d2d1c657a87a8c8af6c0fb5373f11c9aa5f61b406924717d0792
SHA512 7fcaf6ac1a8166e8c68d650dfea40bf329565d4ef92316ed0188a252736c9e288cc8f7d017b0de4af05245d1bf94a85b2dc72a93c618a1f2caeda45fd84a6a09

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2008_d3dx10_37_x64.inf

MD5 b21f653f707315be4c85ff4630af305b
SHA1 32b0d69a786a2cd37d2fdf541931d90ae8656944
SHA256 f37681f4d49f71d48b1960c3efac74f28af9fa764b29ed3a40b5f424fc8f60c9
SHA512 e68348c9413f77749218fa34e55e416c7bac95f234522bb6eccbed1185a3f3af2a393511d3b83dbfc64580e1725f9f53e7e586570d696a3fee76761e8b0902f4

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2008_X3DAudio_x64.inf

MD5 2f7b3369825c6b74f4b645ebf52c8e98
SHA1 105972c77223b943df6533d517c698241ddee9b1
SHA256 b7dba312a71ed109c9c54cc5cc096096eb8cf0962396e8dc996f8fa28307547c
SHA512 88a47bc3520f9fbc082f1ddca7e083cff9bdbe5c4a0a851925ea14d8e0f327f2a9982e5b4ac457e4950acdcf6788299c4e13a15ff38bb76c8d212f1466cfcec2

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2008_X3DAudio_x86.inf

MD5 9ab8a749708995453ee8a995a877af2b
SHA1 eb8a0ad7f7b38aa190e2fb8a4a2d11cc9fa9b493
SHA256 0b6e28f00364a9ff436c3d99f0d4e80bf615f1450f420122324853cc0b88b16c
SHA512 9b0ed586fed0ffe25d4076b202afcc7ad580dbb05593e392a12d64b639098f8b7687463f213e53dfbb85616c5a3781adaef8f1ffd293c082a84291472266480b

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2008_XACT_x64.inf

MD5 d5debb90aee2d6a73bb448aaa99f985d
SHA1 950ff1a768bdabf14ca2cc6809431c3be8b19d9a
SHA256 1038a41e63ee8abbc8be85a86fafb2ac1d03defa6b88deb270f96a6ed1a97122
SHA512 dca65e91d4eb619fb34615a3c8683e04af84e843346b88bf4d52cae0c27e52b5a7a417c531eaf50cf45932e3fd6f5fff1bcfeeea4fe65efffbe791c8ac1a8101

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2008_XACT_x86.inf

MD5 e3ad8befca2528572d6c51a15e072c94
SHA1 9718337261b8b93b546a5c20bee8b44d26707053
SHA256 6b0cc0dc993e172855864fa078c4e5c8f2f46bfc3200bf2ccdf3292931ee3cb2
SHA512 de4915424d8a53ede76394fac14c4de46838f21afc8bf30f560d2d00df4f366dc9ab48bb343be3580087a7d5862a14c08f83b5d9cc8e78aa4cce4e6b71b70c59

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2008_XAudio_x86.inf

MD5 35c6f6f109257f242cfb2ad2062d50c4
SHA1 222406bf52449ff0d5a7ca8ace6cbd3dd5f41708
SHA256 472bcfb54b5d63377da128596dfb30c8f200f79edaaf6d29de1afcdb71a3413d
SHA512 71180d47d8c177d84e68bcd6b9f948dc8c946f7a6c4091e20e04f1c8098b9ba92bde976194b06595834ba4b159a702c091d04ec823ac377b7ba7713f057f99ee

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2008_XAudio_x64.inf

MD5 8eab978252843c5c47a913e4eee460b5
SHA1 b5ac7e6a36157c41d56e1113d7768e67530640c0
SHA256 10a2db49dd3bea59133bbd82b3fc0f8a959b65b0c250c11a9a6f3123b961e6e9
SHA512 d1b7be4eaba7126f3f64d625cb9c9d16dd40dd1dec96b4d647f9a5e24d6b945faebb65f25348d9ffbe092b03b1a54414cea9a2e4d1eb1deb102ab5abdb34d810

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Jun2008_d3dx9_38_x86.inf

MD5 c7fc0a82355bafed08a5597930b80263
SHA1 037419fc93581e053b4cd31c57222c8b8761e242
SHA256 06faf7f7ea5503dcece13d6537e57cd2581d5188a5d839fe7f118298a721b51a
SHA512 51829843dd7e2e501d6054f500fa523bf63f19382890880cac0e3f207a00dbc544195489de67c7dcf876d9061f2af12bd346513e1c98047b0c185669be5d8cc9

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Jun2008_d3dx9_38_x64.inf

MD5 df5538bc9e0494845a8e2d607e06e561
SHA1 a056a64230f03835dcf9bbc5d84edc2eb0c09484
SHA256 ddad68974990a21a8d4a91c47ef1034ddf0475551586f04e86b8cd2f0c990d6f
SHA512 4f19379034eb47e01de81a611facc2c8300c7b10306ebbabd232a249debb4acdcd3de42b71d851011be5b3abcae1ca232ae6891be79adfd754369dc0f16b249f

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Jun2008_d3dx10_38_x86.inf

MD5 d12a6b9889eeb330b4a4e86e9bd175ae
SHA1 62a4a7cb8fcc0edc240caea13b2b487cd012fb00
SHA256 f5f54664ec67f6333a9f0607d891bd0dc2acfee8cce09ac4ee0372b5d0aa12fd
SHA512 86274606e76b98b71dc4eec5180b3a52cb6627ac5ecc8b008512b7bad404e03b834b7129ce326a3c9c1cfa8b19bd5e97467a9390bc8a0e749771ca06d9f73491

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Jun2008_X3DAudio_x86.inf

MD5 7949a4d37b517c39295f0d656cbde501
SHA1 27313949fe172d687e9faaaf91044ef56b7c973e
SHA256 0064b7db5bfe52b6f40f61d962901c7baa116abbc72328f50586b6fa65f894bd
SHA512 93d947c95b7ae357bd47a5a050437cb05192eb6c84e9222a46d70ecc7c54bc2a5cb1d3f65cb2a4db5fe18106ed9be5a7aefef08f9634b28cd5cf128bd00352fe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Jun2008_X3DAudio_x64.inf

MD5 0225e16dbd17754f202f34cc1fdaa60e
SHA1 d8d7e02849d9594b346023e9e69a5b2a4fffc45a
SHA256 f4526ad18f081b84a139e6d98923569fc8ffc7644e20499e2f68abfb3e87753e
SHA512 2b308f4c4592a80d4215781ba7ace57f93a7449b2ce36a7c78203e1f16f1b7321dff6c32272180c9cbaee5d31afbdcd11f3d474004fe13c63752d3c0201d2033

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Jun2008_d3dx10_38_x64.inf

MD5 e2b760696e2300b1c9b6c2531b39d029
SHA1 1c576840cf04b73de362b28b943bd69b09b3883e
SHA256 0de0ada970774620c0905227666fc30910e64f3cfa4b99e4c5481685d12e3ded
SHA512 94e4bd9834c21acc7709fd28dc557455929f940be0a4a794105188dceed7e023f87a489a1de44a9f93f3780f6f9088ab3d4e829a0089bec74a25ba4297a0dd73

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Jun2008_XACT_x86.inf

MD5 59c4f83a7fa2a8dee4970d37a96c2b55
SHA1 75b42f58c61d8c8ae185cd8560dbfedb7c4d6d9c
SHA256 79cb10222e466d54908d30ee433830e9673d5a538fabc5f4568521c2aff66eb1
SHA512 9a9b7ea3b354cbb29d88797533332abd4d1ad195b28ee6af05a0c6f83343b1e2ae0ce172e9941eb5f0d7ed3fb0382c1319fe4808ea2bf8988a1dc63b78c8c095

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Jun2008_XACT_x64.inf

MD5 9b2753cd7967a014a6391b44900ce258
SHA1 d6d227999ad32de75e05ae7d7fc43640e8893ec4
SHA256 90577c4c3d5d0de80c805caf0cc713582698ef7224fecf4ff911ba6309c5c920
SHA512 31136e55f01d382cb20f7109d0369a3ab7c8997dde1b65e9214e410ab686add4ef6950241c0aa9fc93ea0cfe3134d98ae1f3f48b44e92a620715bf159d6f5914

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Jun2008_XAudio_x86.inf

MD5 e82ee7f4d71ae8bf90378bb6dc107d57
SHA1 6fc8e3437dc9d87213064e69bf0769d20fa7a739
SHA256 e5e435c4536f987e1087218b025e6dc66c24c3e300e839391891f1b3bfd360dd
SHA512 baea9f4d6c744f26b55426c9666f135c07f3e8af15fee04cdf34c0af83567815dadd5a4ac8a6547a49d58e0c837a28fb18c4fe1f50fbed8da9991bd2aed8ab7e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Jun2008_XAudio_x64.inf

MD5 c564c4dd81be3fe65783bca776be371e
SHA1 b60e1e1e34b8c56fac53dd7af79e1e05e04866bb
SHA256 9ce21064f2feed9bc9426a6e92e9c850aae31abeb80c7906ff917fbf4cc03913
SHA512 5b790aa1a6215ce8687cf3503267e31d1d7b41b5e4675bc634be957fbe14c53556989278017f2c97336df13d16eeaf975e0602a4cf9c8356598c392977df4dcc

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Aug2008_d3dx9_39_x86.inf

MD5 b28ef6e3eebceb622d1431fedd9f545a
SHA1 c6ae73cbbdff4632911dc1759a9ccdd73056ac8b
SHA256 8a23d386626328f9519076f33d5c3b71c639f2347741442c3374974e6f61bd53
SHA512 4f2bfced9eedabd6ca807a1b88cc063d15a31ab0bd8e2b60c65d6daddac9a111c434a0fa7d7641813d9880612464351ea30368bf6f0ed9ffc69bfb4d51882d12

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Aug2008_d3dx9_39_x64.inf

MD5 9411bf36f2075b7e42468277e8020e40
SHA1 c38bb84e7381baf0d2720e5f1822781a639c04bc
SHA256 4cbb1c6804b9c76bba4e41f0d2a45f1daba7350af9da4ae6966651f7f4da041a
SHA512 c860da71a89c41e81c1c89b3e1f4e93e747d7dca1152a4ba063f53f899fc701fe24f14abecfe883571af518df4c2d766432ddbae2ccb2c52bd87d85f6ad015b3

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Aug2008_d3dx10_39_x64.inf

MD5 b01ca47b1cffd13ec5d8a6a592ae8449
SHA1 e1b615488ba42c44922522dd47b2e99f1b5394e7
SHA256 a5eab981c313538afcd7abc7742854d251c736835ffc1f549a4768fdf49c3e71
SHA512 2609474f1ce19473ff8f5f4550f9eca077bcf063bff8ea7fe890493e1119e80e6b233141a8e9dbe7d9f1e167c4941fead6cafe506f98053e623728b7edcf4ea2

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Aug2008_d3dx10_39_x86.inf

MD5 baa493c7a361f1ac0c5efc94f1568f97
SHA1 16dd101673b96b54bc5a38c20ec3ed785c6bf7bb
SHA256 e83f8d48323887af89648c5bd7af713b42d20ccb757be34675f1fa527e6cc33f
SHA512 2e8db3d1ce2830caa9a0f698bc31e2b907e39a233fb056fae44062b3ff732b3b62f12fcb2eb948c1728df9b64c4d8ee873c0f95e56c2ad1727140236ecc71095

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Aug2008_XAudio_x86.inf

MD5 e0947065f559b93eb93a7ceeaa8bfd44
SHA1 39bb647363b00924c7c0b3792f8017d7c7d9e3b4
SHA256 f211a7d99b3ffa0180bd91f68b2c285564227e075d499e950e76fde04e7707e3
SHA512 620810dcd56857b2d3d5f1271c5d4979cc90977acebfea81edb472d02da8e6104e89984816a91ab57a2469253a391bcc378093f1adaeea7c0d35f7f1b794969d

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Aug2008_XACT_x86.inf

MD5 d2aedfbc8bd56092d658bd60b464dfa5
SHA1 54f8e1cd59f43cbe02767face39fa42f50ddd229
SHA256 f1daaa8d96108a4a338f62a4a1339143ddc566e194ca00dde5427136bfccb0af
SHA512 41d74bf9899e8d904bb0bfeed5e053ac3c453e0d591526aaf5305ba33128abfe29cea09bdc23e2131f91626a66f0ff58f6cc02fda9692e58fb2c476795e2b6d4

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Nov2008_XACT_x64.inf

MD5 d28248a55a7747733c0e4356c1a15d70
SHA1 befab66a5faf1889c6eb2208698874b00024b78c
SHA256 2d8a68e726728e4f4be05e35fca812b855046ce4bf697f0dea14094dbd7e1d79
SHA512 f7b89d96e287ddf8200462c4eb0415f2fec81b7a69e5fd4bd5bd33cfc805287d287dc403060b01639cdb67b14ebe65e42f75c3a1fabbcaf8692d315cd5bf45a7

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Nov2008_XACT_x86.inf

MD5 87c8d16c6db20854f9610bd5be6e5ae5
SHA1 c17d78456637cc2a67b35d48f9cb3c730526425a
SHA256 31680e7a90d24eda04c910e1f3e6c02774cfc5c36ae08e7ac043665264702f83
SHA512 061d80816e2e5a7a2df68cd91a95e5f17aae8610a18b254abb7d5929826b14da5755eb01912eb369d1fb5725f2a4c144ce92e0d08b61799903d83fc91f35413e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Nov2008_X3DAudio_x64.inf

MD5 fe8f918218c40fcc007bf16e9cf0b76f
SHA1 2b66a5a714bc7a0ebdccb0029e179bb3f32009e5
SHA256 d04d052fa3065cdf00e96bcdd7dabf3583ef10b6d80fd67cb03c32f09f2e602d
SHA512 9845d8d2c0c0c618594e692abb382e4244d95f5a06c48d7ae694dd09ada670ff23bab07fbfd09310f60f6684267ed0709a1d146da6fbbecef4790b9373840b2b

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Nov2008_X3DAudio_x86.inf

MD5 e8adbd1e68258d5657a34ea722f3bd32
SHA1 ae4e88d17663889e841992436b524a35506ee534
SHA256 d0361ffe046b7a7a374a4938d419e4121365892e4f2138899f670619ab34ac6a
SHA512 62b132cbde7afebaf20a437b810ea42b7c782eff4fa1f83e2e586b2fd9303829ac90c54704e28f53010a8487e04bf92b791c85fff4c949a12cdff2132c2b09de

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Aug2008_XACT_x64.inf

MD5 f616331f6e6916d1d27fbcf357cf1478
SHA1 e5530aa845bca9b1c89abbbc189f65584008cedb
SHA256 cf09d632a4b2cc670d435f356f309dc58359735834baed10343fdfbf37eddaa1
SHA512 c39fd664f43c4cfad8e65d5d6b3ca845abc0b341cb663acc7e274a00c3218394d3d04cca850312074a294bcee4e5a0796a3c90d6263de63f8f83078d9c44c8ec

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Aug2008_XAudio_x64.inf

MD5 fe4812a5425f1b6d9562b9609db16ba8
SHA1 01a206feff15ead479848ddf056a560701960fc2
SHA256 311bd58ed7437a1cc79692ae360a02efbc8ec51194abcb80bad78b2208a94d58
SHA512 2a98b997af381504ec8e2c5b182c73717ab81a455ae77c57036aa904f87dc8fdfd16a7835cc1e631e9435257da8bc631946b32d8f3bb72d260d1114c4c3c4390

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Nov2008_XAudio_x86.inf

MD5 052b3294a9345385406ac2056e724804
SHA1 79372406f5cf40deefd8ada18ba238e80360ac70
SHA256 950b5aef596fc5048732f6cf263dfca5bcc25df7dc17df91efcbc3551751a3b3
SHA512 9b0cff2968acd2552609169a138d40fcc25ff2c35b70ba61cabf769f4e5b54774f32392508867b6ed9198b3da5a858b3a7079d7c4a4ddb31f63e4d4985efd2bd

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Nov2008_XAudio_x64.inf

MD5 318d70544da7620126540b0712200e7b
SHA1 707c4a04f02e10b08a16528b0da8b284cfa315c9
SHA256 ed20b160dd26a5ed3c220a1fd9b5fc880b3280ebf56c2f73e76b6d4da5ef82bd
SHA512 4acbf6b35043ffe9c740e3e48fd9320e10f5dbe317dd89dcb97b68495b60cc2cb2cd98e57fad030ed053636b710d344b96667b69bec4b7727ba2508f35f23aeb

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Nov2008_d3dx9_40_x86.inf

MD5 d9f6cb1edf9f92a045f4b2b8ec17cdb9
SHA1 fb362c8de21847523211fa512cdbf73e5b49aa60
SHA256 955637638635025f01f82febab4a4977252a765439d90ce940fba752723b9db6
SHA512 e22fa0520dd3f905b5170e3ede4d9b9e40b0522c9b39308d150c01e5bc381949d70ce04818efa9eb2a08bcc3b26f2179db9a5aa1a5d14d757ee2dd2c5c3cfae5

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Nov2008_d3dx9_40_x64.inf

MD5 4f4a9d3074a4ce8fa141a17b0c2e97c5
SHA1 e77b4e76ef70fb08befd69a03b9f5dcf02c81428
SHA256 d071b30f56763506da0c939b8d35b0540bef3ef0d51a5cfbc45816ca91f891a3
SHA512 7b961d3b9ed247e75047a5bac6d65ed741fb3c210fadfb23d4b77653af7001fd557fecbc2bfacac00188894374ec7ef3b0a5c1b1f6ddb0c9ad3ee3dcd1f32027

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Nov2008_d3dx10_40_x86.inf

MD5 7a3a4c3b7c9c979261ab1fe477809731
SHA1 545004e59315dea0bcee6bde61bde3c45f79d107
SHA256 a4eed39cf36adccac4317e5822b30aa37ac5b001bcf4a24f7b5ccac6b8b71e9d
SHA512 556cf8ff26de695e39aa42fbbfe0bb986fca9ecdc08209c28404aa1b285cba8bc4ba62659fd0d929d138c781446fdcf2a30c0e1aa1487f6f1d75c9f15145c7bd

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Nov2008_d3dx10_40_x64.inf

MD5 f0769f57bd08036d669104f9bc942228
SHA1 18fd51cbdb46f1ffd47103dc026f1cabf4e4868c
SHA256 7f902d9ce6f6d71be1d16997ffc9661be2540522c73cc185516415a52dced2a5
SHA512 427acfacf52759a1ebd749022c375767fc283a625b6773e06f8965926e0b96a969a27a440bd661015b56eeffa6decce7322e43974172966520c9ea5f6164914e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2009_X3DAudio_x64.inf

MD5 5e65d9cfe5f15381afe2016508800dca
SHA1 93a44fa2bd9559929c4ed459a336e1cc27738f90
SHA256 4da1a6bbcb7e84073dcd1898f854702ec32f5324478b2fa39c4a9868abeecd3b
SHA512 9ab50d72212f79f949679b7e7c19f698f2b1c6f1d695555d925b7cdcff800a14fc98535476150a15c563eab74d8a98316f44027b0e3ad2834735a6f94aa07646

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2009_XACT_x86.inf

MD5 25b4458970583bd63b3e21ca5eda19b4
SHA1 a41a7c318342365d64f94da5c2b9d0490895d684
SHA256 764c3caeb1725a11701ca7119fdc49b3219553b79f9a5c1a02b20991391e5a21
SHA512 4239e25d6701e28a58424361d2bbcd27abcd91308ee2b5abde611304b0c2caf3cd807c8aaf3665569a565664b12c53e17aca73703ece809b9f26487d9f9a3778

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2009_X3DAudio_x86.inf

MD5 c1501e224e63e7c7fbdbfb7734a8e4f0
SHA1 c6aff4de1b44499d304649b782346b0a6decdbd8
SHA256 aabd029d75f25244bae4ca17dbf9c4feebec0d5f121fcd388c175c3360be1bac
SHA512 e29f985810029a43a987ba45c905aae84d0615330e6fcedf81806a403f59c8861fdbb31935b0c610378d8131d38ac6798c778f5c6fada9f51838cd8a8cfcaa99

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2009_XAudio_x86.inf

MD5 ce1394e17492dac92e0257482272617c
SHA1 f1babf395b608a9966cb5d89d85d131ce8263576
SHA256 1b66e4d80f9843fc73b0a6097fb8ed5f3d2cfd5cfb5c328904d2c370bd87bb3e
SHA512 c5b800c6d519d147e37b459b3c667d2e05b6e344ac38be69aee40dc1e20b232c9a123f0f6ec8fb5909ba8d76fbb24a626ffb2f76b08bb3d3984d6ad6541d6a9c

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2009_XACT_x64.inf

MD5 eb9c537b01096960889de48d1a13725a
SHA1 205f797be95c576f2b15760a25440f532011332c
SHA256 9369fb0a9d3353627c097fc19780e5e7126af47766ef6a4a95ff3ddcca56691e
SHA512 c82ecd2c952b1df01e6c7f7858341c62b36330945dfd0c6bdc404d14bee5682ca06a19448961e03a2093ea00040fd38ce60c126b9f155607b7435b28f74055f6

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2009_d3dx10_41_x86.inf

MD5 6f64b88a71edf6070f48277cc7e22125
SHA1 1c77aace8a83ecb9a388bdee2aaf38e78af08ac5
SHA256 0170a4b551b58d92a753e86793bf3af762fe3f8d781512f710a4d661aec8d626
SHA512 4349bed85d5c42f921005ad6915571b680cbf178dc1c9fc8f218dbda7cc34b76647edfa324d3c529dfba18da800bc010623a6ee8b34a5ede0a447d1e7dc93827

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2009_d3dx9_41_x86.inf

MD5 b37a5ff044eb65521a290c79ba1a3e00
SHA1 ed505464894bd3e52654834487f3821ae117edfe
SHA256 bd29711cc2ecd924990167ffa95f48842e24aeed3acef1023717040240b4bbb6
SHA512 eae4408cfa7f9c39b101489688cc570a184b8a57f3d20d3b0452a581fb80c4f485dc2f512a39669a92a5bde81fbf474e1585f566ff482e87610780c23126c21e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2009_XAudio_x64.inf

MD5 8d2a8bbe89cd936282ff828c10ae57ad
SHA1 acdedc9919abeead28ef07da56ea33f88c45c3a7
SHA256 4a554d09934581a87a4cc98749b525b6794947b64b8414d380edfd502713f9b6
SHA512 69ee567df6d9edf90a6a2a882b745597fe0720af3eaa0f23ae7241e7519aee5af435566bb1e0cd8b2f6bf6956b21f73d7af9d8e9511afe48a54f68f440aea2c1

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_d3dx9_42_x86.inf

MD5 dff48361a5cb0dea034dc6f16de99477
SHA1 afa417acf7e9da37923255a623ef34c7f6446c80
SHA256 5989dc367a8f84815bcfa1c46ff756527c6250c62973220d1af354b70027eaf2
SHA512 750b69eee07e7d6e7fbdba722e2e1ce377729dca5fe52b4d57d23dd2b80b28b3af8403aa43c469a5042ad35eb09ba4dbefc40a014a137e1b5d87e0f2de203856

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2009_d3dx9_41_x64.inf

MD5 d4a1295d35748a262f28c2d3ed7a116f
SHA1 f6794d7a852b3f56e93fcded600077220ebfef74
SHA256 12fe918aeb224a9bd4d2a8142f97c95d58a9a69e591e7e4f95014c155bb03519
SHA512 79a2c575482ebeb4157971c07df42c76b42fca1b00e213f3f311935977bc27c86ecee6b387d93e9dadee06bdbcd6d4edbd72ca0a66925eaee547f1bd195e7f02

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_d3dx9_42_x64.inf

MD5 ecbefd1db4cb52d5089b1d4b20a08656
SHA1 85134f773bccff3e874d27d7e79dcd1e9485c903
SHA256 4887cbec8545b02152eb16f6296987a43a256b69b408330eaee362184f298d98
SHA512 a50afd834f0d892af5eb33b9c6ffbb330ddebcebd123fc7f706f05efac9491b49dfdcfe6196f3b6a3c9f7ffedf4fa723e0499f03417552404c0fb4f4fa3c046c

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\Mar2009_d3dx10_41_x64.inf

MD5 d9bc0224ff859db21a9f684ff138cbae
SHA1 dd4f2ecdc2a7801588166d92d6e6aaf769bb3627
SHA256 53dc284b87f5787804823977d2fbb528e393829367db5d2ac5dd79c581a27616
SHA512 29d5c1e3b54e79e322a966d954935a31aa7108aa31f04e711e36efbdabdbbd3282ff56df9d640fe48f8707d55a7af435c83b7f281177d4d5bf01364786596ff2

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_d3dx10_42_x64.inf

MD5 8d272f58bf5ce42962d7d9835e9b489e
SHA1 7e0969289f839b5dfe606f6ce6ed106460f97682
SHA256 2bfdd3d3bf485439013045b3a08942f457385bb89ab76d9479fbdd85f09e9d96
SHA512 0554257a41df07860233f26330020a45e2dab2613a6028f79914aec7552d5c54525b137e450202db1283b602c3d95908acbf9f1eed20dd79c21fda5963fc2b5e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_d3dx10_42_x86.inf

MD5 b3a2e761e5da007cc6036c5703e12eed
SHA1 447e852f9bdc357b00864d4dccc7486f1313918b
SHA256 a80a00464775da82c02f628c5bc13cab0d0643ec2a44b28d2acf7c77d467becf
SHA512 28a106886578fb38f144602d2b29c72a906bb24a50b16ea7d3f71f8bd7f194fc0d7c8451dd1c3e9ecc59be3a866c07a23dd394a17d39eb7b55cde7b347bed3a1

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_d3dx11_42_x64.inf

MD5 520790b3b1eb8bb9ff00e4730d17e256
SHA1 51872475e3c31bb749f0bffaa42ab4ae362b2dea
SHA256 f9c13939779d4526107cf7d3554c122efb564cff02228d02b0b6ff211904f5dd
SHA512 da76b41ba262ac7adcb2b48b8e3845b7c57b1c45a664a1f0bc90d420cfeae1ee454c2089ca37ca5df264759f016c781ab1bf17c026d9733df7271e8ee3320dec

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_d3dx11_42_x86.inf

MD5 9deabc0af1186bc22a6feacaddc5839a
SHA1 2a1fbc0737777513390210fe7fa48fa8805b15b0
SHA256 edf6764083b47c04fda52b149f565587c6a07d4455357fe3c27c9e56cc57a94d
SHA512 8a3dc2b4d25a2a4ed94cb70e88b051d9df9985f3c6a8af0725bb521e029015755b415c23a44ae8318aea4a04ec9b9c1ffc895df41d28c384d78a465dbb29ed3f

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_d3dcsx_42_x86.inf

MD5 a156f288883f2c1e867896c114509aaa
SHA1 02d7a136da0bc6c8cec933a880c62b90ea8d329c
SHA256 ff9da1b0328fd918cf9558ee57387a4865afe98db1410cc16b1e921c5a744c48
SHA512 632fd6b2940a851bc82c2d57a962dfced3b2cc61010e037ef9065b4a8da5a0f112bc2c66984cf76334556bcde35d49dece1841ffca9c149526a56d3824178b02

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_d3dcsx_42_x64.inf

MD5 32b0f585bed3e042371e125ebc7e0f80
SHA1 dc0f6d3a501cceb50a92848f045725f93182f150
SHA256 f7a5a84bb654837193e0f40b579777f5c6cc2c7341cf90503d6a6709d319797f
SHA512 ff7ebc445ead8c5109585ecdc58c7bb20f9cf9debebe587ace38c64f70277ee6a9c9359af0ff55a1d4bdd2d01b958efdce743f30cf5b20bc8656fe4124ec5670

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_D3DCompiler_42_x86.inf

MD5 e7f9ca8ca804cc404f855be173f6ac61
SHA1 5cbe6a3e7cd65a66bb6ed17930ccfacb8c756fcd
SHA256 bb8834d2366f6899c507bae176a13dadbd44488451a263eac830be95f4bad43f
SHA512 cca663b914f6f6d1b86db83e4f2976b103af041ca171257b9815a689788018434228182bac943fcdc7770d43180d53f887ec987e9639edc26ecabc7d20dbc4e1

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_D3DCompiler_42_x64.inf

MD5 bf489f4a6f1c8772091caf9d3f96628e
SHA1 c0da8b93f1e17acd81e5664ff7f014cf470d12f8
SHA256 8977772e5392b8e79364b3b8d97300e97ad891f38d5a2dd306549401e46b05ff
SHA512 2e21de522c0be4b797262528399d7ec8604fbf466e8de49cc12b9c2e2daa3a8f0977e952bd36135ed4887516d31ff8c782273325d2afad48f8b3202f35b4ffbd

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_XACT_x64.inf

MD5 e8623d8be34f89b38932adebb2ab2df8
SHA1 f7d844b8c77bbf1bdbaf4c615be7591299185bb1
SHA256 5d57466af1801ff3a92b1540907f0e4b91d90189177d68c6b4c8833e5d57dec3
SHA512 a398b5057707743dc3077f04e3796fc231da56b54d58c826b13ec610bbdadb0513c56183156be2e45b47ae96971a9287097ffdcd709f496e96f8f7233375f1a0

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_XACT_x86.inf

MD5 5b6e899df58c5dd0201934027490278c
SHA1 8379d615b05654bdbdb6512b98abdb93a9179796
SHA256 1eb88b5460824fd32eec9b90e7ef5cb529f51215046e539d39fa27a409709766
SHA512 2326b2b5f046ea663bc8723155098ab58341ace400fed48933575dc55b1cd14ee8f8d67194303783a1d1f412e395eddd8952127eb35d8ec745208a6889dc63cf

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_XAudio_x86.inf

MD5 6d9bf03bfc9465df08d17b18c431926b
SHA1 184ff4a21ae4756179fd179d1c3d007842a7ec2c
SHA256 842cc52100b5774bcda19e40837bd552b308e74829d5b35a505822c7436892e1
SHA512 35efd74761fce6b8c7371cbfc5c8c50a0142a3fa3492dda3e566b031bb1dfd58633960230985d899348073de38295e25f76d716b153640a9e0e8ce6d59954f5d

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\AUG2009_XAudio_x64.inf

MD5 af52205973fa73d4227dd5e105f6a37a
SHA1 2e16e2914fcb65e55a117b24b992d6e8cbec8c55
SHA256 4348663aa7cfe22916fb13d93307e7384376fad9d6fa34c6196f80df42c61a33
SHA512 92b8ce27f01fec9c17c2677eb4e9e3f1dd592a94a3ea12e9580c8e206a8895c99b0498b2fac30323814c8da16a48555bf5a76eb72afcf5b99ee2e05c67cb4ef0

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\FEB2010_X3DAudio_x86.inf

MD5 e84adf38d499ae39090ad60fd76d76e3
SHA1 6af4d58bc04aac2723e8b97649f1b35fb1aca84c
SHA256 d4da3e530982812d1e2a31570b80af541fac1b13c72997d2aad7ea3bfeaf4a4a
SHA512 6714992e7aee7bd0798fbec68f92c97ee502127580e21e1b6693ed6737312b44dbc9fd9ef579fe552590e9e5a4904df94e4116334265a34699a04aa76ab87c24

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\FEB2010_X3DAudio_x64.inf

MD5 49460e9297b0faab5a5d73e7aa2caa67
SHA1 a7e211f3d4ae808f67a798924c4d3314183df873
SHA256 68351f03f4ef83e4b8c359e3e130441081690a1866b838a1b35d64674ef3abbf
SHA512 92c4c0751e9123e1eb09da312bc44041d13262e26cefb807dcd1b354c5bd12c0d7197f1d3d457ddef89714b77ffe45db9c717332963c6daa507ae02a6d5fc941

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\FEB2010_XACT_x86.inf

MD5 82c10b720e33be099f69e4010d44ecd2
SHA1 e95a2eb23db3fd610d71089500aad523f93c9469
SHA256 e850fdb84bcac0f667927e53fee943efd3f43be6c6a0ae1e17f3fff83ddb2635
SHA512 853261c439b26cdc8991ac289b9f9925976452ed613481b0cf09e75444882805ffa15633eba441d8e1a04641f5f6378b68e2270a6a48d3911d7f9c2c0b1235bd

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\FEB2010_XACT_x64.inf

MD5 45f4f5d8439b3a33df8f1d9f39a162c6
SHA1 e09440edc243b072aa589ed139ab9fdeff3193d2
SHA256 c7efd1ec4e4d31644a5054d32cc1e6795464472c05439573ae93e1727a5eea4a
SHA512 f8b7ab66b7fd182efddc2a851c6468a311705267afd5fb81554713b338f24642c5e7b5d5000b85e417154c4285457f9fdcdcf9f42c155c801f7a295e6ae3ea34

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\FEB2010_XAudio_x86.inf

MD5 e6e942a2cfbb587bfcc4203b5bb34fd4
SHA1 2e0172ea1936911a98e11a6e98990703e24172c0
SHA256 74c827ef94881099761e04397ef8f162fd0ccaf4876a5503c4b53a5216d2acca
SHA512 3d70d76e6f459819a1703c5019a2e10fe518ee6e8eb5d3313fe57d3d1b6313b52c4904398a26841c78a9ecf9d715e1201e834ab3df47265e070ec94417a78e4d

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\FEB2010_XAudio_x64.inf

MD5 1c4dc3c97e96135a784867d68d193bef
SHA1 5019f79ea9b624999fe58420daac619c5695994c
SHA256 da63330fd2a1538b714ee6cf2e09256446a04a55f866b3f70237d8a7165cb3e3
SHA512 d529d68ccdacd41a7bb688bf226a23f4d08639213d96e3e428c16176681c5f7d45ca8527291322b2a6d4dd14fea1cab3cf183006bca3b5a45fbf2e05c2ee1437

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_d3dx9_43_x64.inf

MD5 ce097963fc345e9baa1c3b42f4bfa449
SHA1 e7624afc3a7718b02533b44edfe4f90d1afda62a
SHA256 272650a2d9b1cfea17021f4bf941b21f2206791e279070d4e906ce0ce56ac16f
SHA512 f3c4f00eebd9d465bc2415d59c417bca0f5a07c8e13880b28704f770763609a653d4b06f53d98325b66c2c7094895190900c47980f81463215e919f00966ee7b

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_d3dx9_43_x86.inf

MD5 a11deb327119b65bacce49735edc4605
SHA1 0be2d7fa6254b138aa53d9146cda8fedbba93764
SHA256 6b33d32da02f664092d44b05237990f825b4062c105a063badcf978648b5e95b
SHA512 b0134a3d6f2d576e5fafb601014ab66fef91d661013acc8a7a9129940369a1d9ed5c0f228bb1666a4e891f09b4b18e83f0cb2080047aa84fa45ab663e5739a31

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_d3dx10_43_x64.inf

MD5 13c1907a2cd55e31b7d8fb03f48027ec
SHA1 ca37872b9372543f1dbe09b8aa4e0e211a8e2303
SHA256 a65f370a741d62c2be0ca588758d089dd976092cb910bb6b1b7d008741e18377
SHA512 545aaf268d141e2aae6800e095a1ae4eafe6bfe492d95dfe03789ccb245cc3ef3f50f43b10a41a3b0efdc7f8c63621b437323e133ba881f90a3b940095b80208

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_d3dx10_43_x86.inf

MD5 53a24faee760e18821ef0960c767ab04
SHA1 4548db4234dbacbfb726784b907d08d953496ff9
SHA256 4d4263cbb11858c727824c4a071f992909675719be3076b4a47852bf6affd862
SHA512 8371471624f54db0aca3ea051235937fc28575c0f533b89f7d2204c776814d4cd09ee1a37b41163239885e878fb193133ad397fe3c18232ad3469626af2d2ed1

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_d3dx11_43_x86.inf

MD5 fb5d27c88b52dcbdbc226f66f0537573
SHA1 2cbf1012fbdcbbd17643f7466f986ecd3ce2688a
SHA256 3925c924eb4ec4f5a643b2d14d2eda603341fbbd22118cdd8ae04aaa96f443c0
SHA512 8aa2200f91eca91d7ee3221bc7c8f2a9c8d913a5d633aa00835d5fb243d9cb8afa60fe34a4c3daa0731a21914bc52266d05d6b80bfc30b2a255d7acdf0d18eb5

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_d3dx11_43_x64.inf

MD5 590fe1ea1837b4bfb80dc8cb09e7815f
SHA1 792b5b0521c34c6b723a379dd6b3acf82f8afb1f
SHA256 2c4cf75b76203cba6378693668c8c00b564871c8bfd7fbda01e1e841477b2a3b
SHA512 80bee8f1ad5bfaba6b3ac5a39302a1427dbaa5919d76c89b279dc753170ec443924eadf454746ce331a6682ee729ab79bd390a5d3b55db8d08fd6f4869101f53

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_d3dcsx_43_x86.inf

MD5 cf70b3dd13a8c636db00bd4332996d1a
SHA1 48dd8fc6fa3dae23cb6ca8113bc7ad837b4570d7
SHA256 d5200b332caf4fff25eb3d224527a3944878c5c3849512779a2afcfeae4c3ca1
SHA512 ae31a9e20743a2052deec5d696a555460a03d400720679ed103759241b25d55e2fbc247170da3c0c0891f32b131ab6a6845de56c2d3387ad233aa11db970b313

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_d3dcsx_43_x64.inf

MD5 e1f150f570b3fc5208f3020c815474c8
SHA1 7c75fc0cf3e3c4fd5045a94b624171d4e0d3b25c
SHA256 5289b5ad22146d7cc0c35cdb2c9662742693550de8f013d1ec40e944288d155a
SHA512 a53618ed6ebcd50ef074b320eb3ebd38af4770a82caa808e47cba6a81982ced46cf954a1c5a383f171006e727d8211b4fce54c9faf27b4c14a770a45a09037b8

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_D3DCompiler_43_x86.inf

MD5 1a86443fc4e07e0945904da7efe2149d
SHA1 37a6627dbf3b43aca104eb55f9f37e14947838ce
SHA256 5dd568919e1b3cbcb23ab21d0f2d6c1a065070848aba5d2a896da39e55c6cbbf
SHA512 c9faa6bb9485b1a0f8356df42c1efe1711a77efa566eee3eb0c8031ece10ffa045d35adb63e5e8b2f79f26bf3596c54c0bd23fea1642faae11baf2e97b73cf5e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_XACT_x64.inf

MD5 dc506eaa8bdc02b0918e8ce956b505ce
SHA1 9bfa75f2b2d7ba26a778623c8505e10428a1f6cc
SHA256 f3c288d84db29f7bc4d2c771341f765b5e1940a4827fcb55a65b48eec83c71d3
SHA512 9938b821370919a25e801cc19841e951ef4523fa62eeccade6825e74c43319e9bad2f76e5971ce5d26ec2fe55258f7c9390626bc3b934c84b70f7a2870976b89

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_XACT_x86.inf

MD5 dbef26a0b937dc1859e9582aa88bf928
SHA1 25f85650c6f62e59c11f7234be22d34e890793b3
SHA256 ca604ce9d2ee43a09b39b23a6a2a048b1a79d85c7d78679cc73aacc75cf7a62e
SHA512 4259193cd51168020b3b02ffaae89d7b4a972273b227cc3116c8cac3874b7c329e66c989ad200f93b05d1e4f90657b5391f37d6d128108db66ad7d6a758aa34c

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_D3DCompiler_43_x64.inf

MD5 6494a3b568760c8248b42d2b6e4df657
SHA1 700f27ee4c74e9b9914f80b067079e09ec7c6a7f
SHA256 3e779533a273e3395109c7efac13ba1c804c01b3ddb16938406fbdf90d851216
SHA512 2bf68b123d7823ad7182e132d9e55f8de7580229e8e1b3b40030da50bb9bdeaf67bb9727ce2171fa83b7f804c24d9728ffabb44cb5017b16b771bb19e62b1b42

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_XAudio_x64.inf

MD5 dd987135dcbe7f21c973077787b1f4f8
SHA1 ed8c2426c46c4516e37b5f9aac30549916360f7e
SHA256 1a0f1b929724f8b71d5ce922f19b9d539d2d804c89af947d5927b049ef0fd3d8
SHA512 f0469c94219b4df99d7b9b693161a736fa8eec88a3f6c7f2cf92fab2ade048dfe61fcde3a4cf4f7a2aaf841d079a46b17259dea22cfb02831983f55bd7f61899

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\JUN2010_XAudio_x86.inf

MD5 31d8732ac2f0a5c053b279adc025619f
SHA1 c8d6d2e88b13581b6638002e6f7f0c3a165fff3c
SHA256 d786d06a709d5dc26067132b9735fc317763fcf8064442d6f77f65012ba179da
SHA512 abc37922307f081a1ffdc956ce59598c19ad1939ecfb6ea3280aa6aa7a99c3eba5462731586ca262f7d7257d7d2a74ff57a45abf6b93521eb6f1c9f22f8eb244

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_24.dll

MD5 bc831661963763ac4d504c5cabb1fdd9
SHA1 51b323ea377f9dcd52946f5fe77ceb5673d1592c
SHA256 94ec67763f67932dd4273ef5cc12889a5cef090ffea3ee78a80c7b530272b1b5
SHA512 fe97241d5d9ce298f62ae3295eb9f4091430c8c2c53e967b76e0aed76c3579f8bb07338a0de48e4547c63ab381b3b3d0989a183447b8e47496f35493541295e3

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_25.dll

MD5 5b48fe9d6686f0d54b26a005ace24d1d
SHA1 1c395f6d2aa729a607e69dca73f8205cefd26aa4
SHA256 4c54df27ce84d21b2924e64ff79b13e7876ce85d8e0c9c1d0abd8da73888187a
SHA512 6a4fa549578097ba36495ec210365c27d165065820f0fdad20864a3139949e72da00f9b7c614d07d8950307e596b693ed7a291a5c69cc0f9ba30c5f74d6332f1

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_26.dll

MD5 523ab607eef81cc4d909e7febd8a788e
SHA1 2fbf1444daab3312da6b34509763656a28252134
SHA256 8ea96fe01c3c86a36fcb3795ae03eb12034003e335ef475571efaeda17c5bc78
SHA512 791f520533f58cbccded4e7c1f64fc14d20942efe57f32a5ee75eca4107543718eb35ecaf52e6eb3d9112867141271b8c097766fcc3562f016bb612bf840528a

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_27.dll

MD5 852edc778a7a50077694f84d8e601234
SHA1 14705b638e1af81ddda5dc52f68c61ebfce5e9e3
SHA256 a70d571cd675c97c9eeb4a234dba1d667ffb54ec3bb14defb36b3e2f605ae257
SHA512 51c4031d98bfe3251a81ea9f4434ce38f077645a40d0ca413e31b6951c384a1635cb040c24ccf1baeef3d5a47d0d18d8b47fef3bcb28570d6e936fcea6f912c2

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_28.dll

MD5 be19b603dfbaa829ee5b7749b3ba97db
SHA1 3d42825b3e7fe5744f67ef145ed47bb524496305
SHA256 f3e391b5f1c1f9637cabf2b812b6f5d65e4776c89d779f506f6b643cc563176d
SHA512 095e8357911c1a06000f5df291bc3cbd80aa3a9672f485fd1f2b9bdb1172d1c7235449485948bee26fcec630d6b80fc927454f9b32cb31c823494c780e0e3df6

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_29.dll

MD5 99f4fc172a5ace36cf00aa7038d23f2c
SHA1 893e05e369c2388daec359ec550fee5b9122ed40
SHA256 c5e21c18f8c79bc517da59e3192c39ea73bdcaf85867628187f6b3cca07dd21f
SHA512 a4b86d84f99c3d0c0825e3581878aaa25207765bcfbf31cb07cd6bf69a9cbbe1c3068719b212e38f741e06a89b9bc6d217077a0dec7f9efb1be75fc3c214dd52

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\x3daudio1_0.dll

MD5 4e961525cc7ff0e5d7da19e170b7c14c
SHA1 7e3654ef7f7c9524ff415582f1b066f29b4234c4
SHA256 228dfece2b4555a243a73e7bf461036f1e53951977625651ff5a59deaeaf4b88
SHA512 8785d0b2188f36d53c1a2b99a669d6edff1c0c27905d5bda1615a503f115d5b0762f008481145cb0cb6a2589926543b9c8ed0ecc2e328593682e39b90fca2087

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_0.dll

MD5 2112fe0c46662d429347a7d7b49e3ece
SHA1 8cf607547e9c5a10f129a3a8f8f32bd295c0d5b4
SHA256 cfd1c2d34feb7d94f282e97bf762a99bfa7309dc7353d96dfe4aadc187d26c67
SHA512 77f77add8411d418798d643d783752896d3fcac002f15696caeaf45b5396d2d42fe53bfb409d66ad505cdaac0ef0a20a62aa45b50aebe65237d2c44af36bbc34

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_30.dll

MD5 e415862612e65f10d7d888443ecd7594
SHA1 aa8440ec3b5bac6594fd58d97c10c2ab7d419b2d
SHA256 5edeed79f2359527a55b8189cfa8b9b121cd608d44eead905a0f3436938ad532
SHA512 f5de2f9e045c3d579d98b25fbbb7b90aa9ddcada0c6bc4e103e5257394f3cbb7c968d89db61e15b10605561cefdd63456912aa428af5a62cb769ac8c4e5eecba

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

MD5 a73e7421449cca62b0561bad4c8ef23d
SHA1 cf51ca7d28fcdc79c215450fb759ffe9101b6cfe
SHA256 7986e3fbe05418fe5d8425f2f1b76b7a7b09952f3ec560b286dd744bf7178059
SHA512 63d24647ac5d0beb8f1284973927263cb6e05b4c399cda3912178114b42d541dd516c6d67a453ea997d9d0cd9126a1802678062f0951c2547e1b445ba50dfbe4

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\microsoft.directx.direct3dx.xml

MD5 d2ecbcc04f7e087d738df9329d47c30f
SHA1 0f2d7c485020928227b668a148b0a60d99bd6695
SHA256 7b38e6dd8c567d17d94f595c33fb234284abe884a1148025f59c8e426ec30c03
SHA512 5662bbb30d7a601efac49f0e090cf05112565ac40dd998787e40d4ee6988f985ad8513b0d5f80e17f8ec9e7784af1c50a70137c0ec22b0c72107b601503bcbeb

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

MD5 5e2b8b8a5ed016468716b9ff82a1806f
SHA1 f1772121149d87745738cd471d0e504301a9ad0d
SHA256 5b70f0ac40a38c903062a12ff7cd71d907e75238a044ded9b34fb51e9a9a2799
SHA512 4620c9bafb7dfaa8d4351d0d99ae3442ceb2220201f16bd9bab4fbeb1f411fd63d4f0e79abf6e762f4d0e62d42608fbeebd13943ce338eca59ad1080ea6c2728

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 83a6f21e3ece6caed825dda3cf88f27d
SHA1 2b5f5bc794fcb6a3c1fe31deacc31a7b68d54390
SHA256 9469ad9bab572a6c28dfec5372fdd7db156ded12b888fcdebc5c8b86a8c77bc4
SHA512 13365c8012f799f358b8f72d7463763bdf51987171f44441977208c544f45dd010573e0d8e56f25282be4c14a59567514cca5c4bc5daa0c7654dde385135a560

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\mdx_1.0.2904.0_x86.inf

MD5 81700fd8d24ccd5ed83ce202dadcc625
SHA1 380473dc3560cc64fd0beca96674554d87085c28
SHA256 3bd14cf2a96544ece692e1911500f7196370a111017fb6b0e23db0f0d0f40dfa
SHA512 8ee1bd03fcd6125d22d1d35437537f594a84e67573ac72d440d45d419b88f5d3d1f5fcd8804e1a0b873714c1a71c63a488b8068f0c465e94940ea6e2db1c7860

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\microsoft.directx.direct3dx.dll

MD5 d3f1922325be8e7e1c72bfd8179454ce
SHA1 89134f43ce2af4adfbc4087392aee6fe56be7ff4
SHA256 8418941d8f1d4c84288e0bf54392378dd3d87b602bb693ff4f8a633022681c12
SHA512 d33f513ff6c199acabe86eca6dc06d56c330ccb78be4d13fb6b1906a3cba3c93afe982b05cb057f2b88f6e6637452f4d99d4a4fe6f3f7c473de9e67a40758bed

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\microsoft.directx.direct3dx.xml

MD5 1c124cc5c3be4a5e8d6619125b1b33eb
SHA1 455365d2ff521d135b75522a4ce6382aa73b7c30
SHA256 c3cc575c93690ddf44fd71fdeaff3d61552e9d4eafbef77840e4208522d81fb7
SHA512 1e9fde35b9c4d4a123a92545f5b15b12657d4652328e8d249ca31338f80b10a9b70811a16c40e82f286ce1b192bc545d29605c2ded4b937cf69088d9aa9943dd

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 5bc5caf82911f87c1b81f2feeecc6c68
SHA1 f69a02f549a1ebb8ee853756503a2b9724299f0a
SHA256 9ab5a79492835bfee263ad159bbe784fe19cf3748553c3fe35ba7775e0bd58b3
SHA512 90c2c09d995d499342778659f267a60f5feac88ac7794e25adff1152241bd6da09d7d67584d9928d8271f82ba85edbf869be393abd578bcc6092915734044c8f

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

MD5 fb3bc0754921873a65f5fbdca845e6ee
SHA1 67cde5bc8577cd3040e275d290ac021874da9fe8
SHA256 f500c350dd71df7452b92444e19b4644b04283434a6557123f1e4d9fb078c3f8
SHA512 292b8bda44e6ff6449c4b38da9b8317491c0f0da3d1e5f7947741de27cc51bbc078fbf947c89c4be3a0b54f7066f0480990d1de57919edba3414aace77c47635

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 fe8d748df561f74f89d463caa6df5095
SHA1 a3f9820d4df402aebe5cbfe18d9238c69229b8ef
SHA256 cba66875c7f78aad58ec69b28fcd00e52c7cf8479f48c6430502b7d69ecb5401
SHA512 f9eabf18d6a470556c9949b250092e337fa94be77afaeb13d2096b126f8c46ebaac434318aba91bed06987e56c1c9190cc21e60e88ff0aa2353e9e267cb857e6

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

MD5 afcf5f50c632f3a5598abc28f196d77c
SHA1 294385693592f9d6320f8b0b18f45bc194d01a4d
SHA256 5e90089e69e4f7e2e42ea4a81fb62005c3710d0a4acdf207b97ed03f5641d013
SHA512 29746ffc665051e13386e452c3e41a593b6339e09a228927929be100cddb3e0e0fd3b54abe02eb7d46a3d97466ecb02bac362398b72fd8e804cbb21c8bc856d9

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 aa7a1919958a5a2db496b8a17297318a
SHA1 ef05accee8983aa881b88aebceee2bdca22c1ea0
SHA256 a7652cd621122e9e69d2b44d4b0e503525d14e465ce81961a2b8465b6cec189d
SHA512 553c808440c2e70f6fd24fccf91149a4bfc9f75a806f82ef98bf04328529ffadf28c96672887f2527915b33547dfc22d718562de573401ded8190c32e732f30d

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

MD5 ccd53738df4fa27849b6bb05dd67d10d
SHA1 28126653a3d1b4574fcb0c09176f5fa0ff28ef78
SHA256 c29d337bf7639fbf424b34cc0409d2715762e1b4d82881fb524a2508381c9f62
SHA512 aa3a10504fbe49a4c44151beec7d9b543f4b89a51621fa60810f385bdc8a6821e4bfc37cd46f3688013f6f4facd33ab45bd0deb4a1fe16453e1be8f11f2119c3

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\microsoft.directx.direct3dx.dll

MD5 43c280c3b15ceb2472ab560d09629664
SHA1 e3a897d7608d03c93b5c2b8aef52703452cf6696
SHA256 bebbc40ca25ef22e9d16b0de1123e0cb0444fe7a78b4f0b4395bdfd81618698c
SHA512 5229eef9153b992684b6dcb4a32b231c63322b5e4b49ef262228c0dcca4760f97cda5d15a7fcdf77d813eb24b359101e716f72988374106ace13473f27e731c5

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 45866edcb52e8b968d1a4c6161a3b78b
SHA1 cdd9f12367ace55ff0a29dbe3143f471e5bd7492
SHA256 f02d6e389c84bf6b530cd8cc98aa9e4d8fa6655b587f976868f4028fcb8405f3
SHA512 1d172dd5eb13ae8ebaeb7986bc8f4db666a44f3cdf39522d32b74ec8f6cd498ca9cae9ba484db18f69005cea60094b74d3bcf6d78b908e010de877f062a5e87d

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

MD5 490807c150b7d8be44bde871f4df8c56
SHA1 69b68a5b8cc3f3e75aa2ba284654ca58bb62f23e
SHA256 36a21fc4f4c8f6ba4ad900613ee1b08ff43f2545585a2601c9fc4cf083d68a77
SHA512 9442e26de55009428cc6e747637c2cb64bd2f008541ccbb37fed4e83ff66845c7cf3874d93542e0ba544e2db61f4864b665b7720568eba284beb095489f3ca64

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\microsoft.directx.direct3dx.dll

MD5 933085360527de1b4947289ca468184e
SHA1 d5ee5e1e3c992c7518b5ce510c627c1564131b12
SHA256 78d85f0e2cb7d7bde534222f4ebfea1c9e06d37ecd3bb7ebd59e35f00b94b11d
SHA512 2e22398d7cdcd6a46daf3dd3478d861bc4012ba1b54862311ae031ebcd3f908352157cbeea528f22ef1824f8924c3f217311feaf1804cf675eafc07a8d3962eb

C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 135aa546ac76e5a9b4e2deb3e80980ff
SHA1 c1570bb26f8d59c0e0c32bd17eea4b59a7c44246
SHA256 f2737e8852cb175ac97190cdafb9186069f953f47c218db4f53c25e97c099a5b
SHA512 a3c557a455e009c50d57a179ed791dd010b0ed19774db4e70836dceb4faead1dd0138887ac34610bfdc9b03c1edab8843ce8aeab48991737ce82e93bc1d0feeb

C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

MD5 0c453970e89db1c1eb9de087e6eab5ba
SHA1 c4c7e034773a240909332814f499730575a1cd71
SHA256 942e98f142373547493f13b14e1603b2420851aff013d3085bada7b6b2214d9c
SHA512 ef3b2cc2598b4ea58f00f93155319674450c8c35b706108ce3bbb5c2502efa179046d9d50e12725e6dc7a555f4880404ed03de15a0753606f20a1654799886fb

C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

MD5 75933586afd94ea24c5acd3dbc89a272
SHA1 970fd4b49d1368330c10279798991b901a233c2a
SHA256 406f473429573e9f0084aae125ef8f19f59291aa4c33cf7d40e7d996995a3238
SHA512 c096f0f11fb306c6a84886826306fe9c2862c3c79b14a8991a174224b41c2a68b76e5be506494d23d354384c715c5d82a1cacffff9644de9d6b93e9478087a1d

C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 435ba8e09207885ca5a81794cfc50ec5
SHA1 adbfd7c7b69b7ce6a9ad37d189bdc6dbe39e4054
SHA256 b48fd3790f7811f6e7839a988132c566304b7db330979a0acfdd48d008a2bf78
SHA512 308b7b306af0220a118dc2fda55f920c593bf677d622f5b93bfd7b8f4fdbe636dc3514ce4ed310200d12f227b62728aa9982a2271c61777f2fff5b6e358ffe77

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\microsoft.directx.diagnostics.dll

MD5 c0843f0f45edeef233b1e581ae75e3bb
SHA1 04569c78868eaa8927ba64f93312720117152843
SHA256 8c9685959706750091b0094522cec8644de1d1c6309e7a2fe02cef130d3a2b9c
SHA512 8fc293f5c5de65893d92c54f921c84f8a3f44fc733445dda7907ee09d062371ef05c11d014ba2017fd15908b911d0185a14b89d0a311a870fa33650c3176e442

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 60ba423d2cba99d1e7e626c6b8569537
SHA1 f2cd8f5fb3fc7419b24a1730221002196ccb2f03
SHA256 aa5883e83fbdb5fed79229bb3da5714808af183e24cb024e8124d028c3922b2f
SHA512 807210d8f304d00786d15d121b8693ade942d82b5a1fb52e45d702905f8ed6f81220dcb6e1e7231da8af821fa54cf2380fa42ab30aabc8c8ebfbe328e5593147

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

MD5 7ad4d9fabd109432eed91b359ceae430
SHA1 c1dcddd86f9fc630cc0231acd7b732fd55dc5f63
SHA256 f3359d5e41b1d4fec7230579a593e40fe44f6afdfacd1e2bbe52ee06d84686fb
SHA512 bfeaba581a7aeff86bac0c184da823e4a26516a3c4f39af6b6b1bfced73117f3816c567b182f4da0df1935a6e97b6d0520cf02f518736b52fd27d37750e863fb

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 7c6ec1b4a3e68548c8ca8e351ae324b6
SHA1 ed858c22b792806d192906dda8d1c72ea4f44b01
SHA256 6a643e1d833db9c8b04713214a6127fbb5a8dfd233575c540ee93aca2798cd67
SHA512 9a3b4af681915c8902a82b0099c2157a93aa074051dc9b6eb8e7eb837a87d4c3e36954545f301c921012acb139b432df5b56ecf5c1aa7588cd688c806929fca7

C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

MD5 25c76c1e29d3e8e7398f0901f558a629
SHA1 2e907c9688a025538f1b2d0cf1860a2ae49fd2e9
SHA256 2ee41d4d591a39d648e90db4d47d0fa0557fd68197756ee2ee94fcde4d820cfa
SHA512 7308fd91859d00debf446bd6b594f3ea196dbe46a3583858c76d2cbb008a8698207f1ce7746afe3de4efb9a27980f5f813c77cc88e273fa82b2695d8f3d15039

C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 1aae70136f64137faf792b81d5124e0b
SHA1 7d11e21ba76ad75bfae5c9888062738d8b261937
SHA256 da48c464cabd81112bb4275bdd8bac81dc91ab0b56e5641e290a7ce6b3443576
SHA512 36373e02fc18eda7cd7f6eee8d4bcc2ef3984ac810243ca03d643edddfc0da9d1e646576b39c6ec8206dd014f028323d2188bda653be7c31b7a0d3cdc0d734a3

C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

MD5 d9824a9dd107e598575112b4ff897292
SHA1 adcc54d159f1eeead01dbd2fbc73c808ce519920
SHA256 ff4c03bbeb292317a77c86c1c81ae9564acb984b352fbef36d66e2d8bcbd79a8
SHA512 caa1f0411e0470a315ee8c7a62defa972ff17557bcfcf74016c64ad11b0f6fa46a126131a18e275e59e025814545e1d7ffe145377f6a0bcdb8cc93471e4c9bd4

C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 3eedbd1014e07073a749fa3a75cfa212
SHA1 3605325dc6a8473b7455569e76d89ec502f31fab
SHA256 ea37f3342d579d375039f307c5b4e8e43f5b8b2ca61901515dfbc5ecbf1840a8
SHA512 9c1ca20be9686270945657c0244b2c040d4a92820c4bd61cc51d27c689773c49e1841ced980c82e8175e489214babfedfc547dbcb9b0c0e7f84a8f3e366ec119

C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

MD5 cebd995ddeab2c525a5c4e95789bc961
SHA1 1c98da39d7eea36d73b361ddb24054038c2b8331
SHA256 0ee2a2c371a918cabc85143202864d0c3a4abf1b93a5029081a622e0acf17ab7
SHA512 158b3fe6e6605eb56a99b2135df529226f9af4b001ed0c2e1fd201a60054e2201dc22245ee5a02c6e7778337f1974ee21fa088e94b13a7402e61f64658de49a1

C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 b32427c068da2ebd2b618a2033793c86
SHA1 3ae643f18066f3841a32bff8562f962143ca45ae
SHA256 19fc4e1b45ee30d0e0dab2aeeff5a264d22fb237127b1801d060b9a090997ac7
SHA512 555cf5737e829a125f3e74f8703b821582bf93c8c21ea9e024f7e70559d4d93f47383d18317cc994495dd255f3785c205581052b3754a65ddcb7f335556221ed

C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

MD5 46f26e2bafd44960e7f13b2ef80aa0bc
SHA1 2277bc8980e0f6c3672c2348b0494f0cc0ad611a
SHA256 489f65e1e00534835486e9255eec92b83edae4dade6dff867a380859ae53006a
SHA512 5b5147940803bccd0184b46e60560f967831541e707b5ef19781103e31235f1ba05d00e44a6f2ed061ebf5dd7013d9c696131a3edaa77d3aabb85b3255ba5489

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_1.dll

MD5 7c9952111f4c743b9f0d8b68b6ed93c9
SHA1 75dc863ed10e4e4a18fa06dc32789cf16c738c38
SHA256 666cef7d27a38f709063c9c581fd95e6b3fa27167bff4beff484dba2dc922a2b
SHA512 aaa3396fa9081f25b2eff6682ea26afbd297c8a61cee4540f9a947c1a96ad51f114a9985bbc69ea7d0251f6e4b1e835c92daf0f8c5fd66e477e3243ced3c9bef

C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini

MD5 52aa3689c3ef6b336ba3b14a197ee2d7
SHA1 9beb8e6d93e60874f464f889afe7c7ae61d792c9
SHA256 4aadaf586e85da4b9e50e2a973a8fbd2273dcc4dfff019c3e7664157adbc3a15
SHA512 b07f73ef13c848fa4d25ecda4f8705b0f2a3f1421f1196aa6518d6e75b0dfc14bd1db743cfc472a222a4310856458b4a291a98433ed7b196137ac696f47945b9

C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

MD5 d035348ec8968861af585b7132fe4c7b
SHA1 877ffdf77b9cdc1be14135cff0b756a231401617
SHA256 2e28c8fb8b87b5ffd1e0ea27710a2e785ef4741a89e4b3c3af726ec63d15a1fa
SHA512 94358b581510c68049ac92990674a6cb495cb8ff005f7fc03696c57ba8b4cb384c5035d9332d0ea39093ba5fa5c8082143896cd2fc7ac24a192520789c707458

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\x3daudio1_0.dll

MD5 f77d5ab654881e683cff6650916c424e
SHA1 56d8f090755f1ec60b13e748b040069ea8759b5b
SHA256 77cc09cea6de69f12106e6dd9df1c0446a525a54c3953d69d64711b9394cc38f
SHA512 dcd1273673f4088e854057e47484bb363e1e7ce094bc2c98ad7cc9112877892c1d6fd591dd9cfb325d6c451f2d03a4cdcc238af1ffb5382b7153f079cbe13abd

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xinput1_1.dll

MD5 f1726346e583442541fe73429f8e9c10
SHA1 a1b7a4edd7d1164197f734218fb485165c075d0a
SHA256 69cd725c53e0302e75db20e9a3e4b33f58dceaa2e6ea4938b2733df8bc289a71
SHA512 ba17740271ea92c917db85c64d4ef63a8f2036fb1398abdcbedf9d49c09a53e34ea04e8b3f5a2ee41c2b2ecea6196ed7f9866ee48a9f3528c3b4c1f19dc167d8

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 fd1b55b856bcad2230f4338f72f9cf9f
SHA1 3d1bcaae1f2f2a759486bbf4dd543eadc7efbe91
SHA256 300ed1a4ef37c8d5f13d67a5daabd46bcdd9ad9da4fe6283f20d7d38f72caaf5
SHA512 dc73dab5f5384a01bf66197ebc9b74a24c146e8f17571c98edf1d7d1dbc33b0f4075d46150b782891397d8a4875a8cf375a111855eb689f2a8e6ed0aa3ee0091

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_2.dll

MD5 5c4d3843b491c047b7a619901fbd2ec1
SHA1 e02dd40f54e7dde0bcbd648e4fc6f723ac438bee
SHA256 4f996edb65022e33ae9c9f7acf7232c8d444f75c50c72894f6d3173b55404ebe
SHA512 474105b213bc067e0822ee22c769f0caa7a02f2d74a0422b676675fc45482db3a8a3dcb2744339a4c7fa029a2f58a2aef5db500c65cf646106d8ed096b17d062

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xinput1_2.dll

MD5 33b62be226934e1b01f5043870c70427
SHA1 ad96f837accd277da2933d07aa86ffe3ef803b5c
SHA256 9714d146a785d458f0de8fef387d82c9f8e101c02407a0cbeb06f02a69518eec
SHA512 41f859fa59145ef6cdd6cfc4a14f90bb932d2c6aa339bda1763d8e315e6a78bde561010152460e6f996c9ac9ffe6650ccdf6ded34656081a0ed9ab1270773710

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_3.dll

MD5 69d841744b2bae38fbb2d40a230a549c
SHA1 2a6429b1b1758bffe3366ab72212fb9b02152d77
SHA256 ca20cf8e4034719a46bf67c6009486c2c1cfc2da10ffed3a67dcae677b4f6793
SHA512 d5e26da74fc84da90b0f60451479524f1d03946076d009328aa7f9939456762633006d11970dc4c849101728ca32350c125005eb4e3f75114d4528cb17a35b44

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_31.dll

MD5 797e24743937d67d69f28f2cf5052ee8
SHA1 7d39afbf94675487a9ff7e41d2dbb8daedf7ad00
SHA256 e2065619fe6eb0034833b1dc0369deb4a6edc3110e38a1132eeafcf430c578a5
SHA512 8804d0d95688a932c7bf7e1a023179de8df3a5436e356b36d803cb9781f3a378adb9fe69d03b28362755b808cbeb2cc718ab920672270de0b954996996328f5e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_4.dll

MD5 6550e1a0a7be611592c31222fcb981fb
SHA1 2197a951ecac85f7144fb925f6daff9ae7811e5e
SHA256 1e0e09fc077bdeee3de065c663b83f6717d39d56778833f030955077d490d000
SHA512 4013fba5e4211e66ebd9f733ff35635cca82875d6af71dcfeb481a436efeab608fe41310bae63d55c7fdd64a5c5f64068ec1eeb997160c8ae27f21f28e2bade9

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\x3daudio1_1.dll

MD5 121b131eaa369d8f58dacc5c39a77d80
SHA1 d8fe20cb6f28bc5334ae64a8df3563d1985beb9b
SHA256 ff15f14174a5543f028fa49cca745582fe4cacf3bbe490749cf43444690ab359
SHA512 ffe19ffea137603e5401f133d461b30af6fc25b3affb8a8ce20b98e3270de398b9ecc83a6cd904ff42c5885d3806c7e175957bf4a5827dc2f067756a51bc40db

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_32.dll

MD5 26af232140c88b42d92a88f2198edf6a
SHA1 b62aed3f71d8963227e5021c2222192873ce753b
SHA256 e96693794daa05a75a83c11df2e7b42f2de61567c6ad0b69e353b50f6c88119f
SHA512 54a6a235af4dc3f3c693fba5ac2d487d96c9d7a2bb7deeab35d5a252e723e597226ec84e953625c8808546f91fbcfc42add85076846a63925fd9eabc09dbf935

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da207d0ff4fe0deb75da352ca807695d
SHA1 dda6997fb62b94f17e403c40df02f01a67e45818
SHA256 ce375d9e25291e5023304c4bea027fa9a2e1bcdb3774bc5fc596b5843cffea31
SHA512 e592631ed5ce50e92ebb5ec7b47cd549405bb376a653f2d7d5d4af10ca8f28e01f61e983cbeae9e5bcd2fa050c05ea68f4bdb94795dec6481815234aa3e67dae

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10.dll

MD5 6f34f7405807dcbf0b9bf6811c94c6d9
SHA1 2de04a49825acf76a6a7aa02108337142d30b6ff
SHA256 fd2caa28493ea76021b93641958238b7a933f4f6db1a2070be03cc81d87d8307
SHA512 df623daace6702d25365697b62a4ab7d03d944306521022c6e65e94cf1970b5057da811f10e675c952d93a37abd1b862b8ce8648429780aeb99a4d55fda6aaad

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_5.dll

MD5 86c93789e9006f1ac47ed9dd47d4c8a1
SHA1 e9de46eb68271018aa31c71ef89d1ddef19edf7b
SHA256 ec68b5163cbb5f15e2fbe37fdf5fcb0d01dffbe53a460cb2cf668f31f0127ad5
SHA512 5a86661171f039946fa0568c6a9c655026c0a74c04a7789fadcb4acfd6a4faa5179d14149321920ceca9a1214910abec3e67e356898d5bdd044ffeefaeb57df3

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 bce73adcf5fcfac42ce15c6691275ea8
SHA1 484355fcbc55357c2f576fbdd64d33c8ec8ffa5b
SHA256 76eed293cdcdf17942acc313366b22b55ad78ee0389989438e63ab7ae145167d
SHA512 5e53f89142918eca969e005d006f0a106862877ee6e5d317ffa1b7c017730fd1d3d98e5e75f603183d0371da39c11022cf62232a2b614a9bc5e055f52d6da65e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\x3daudio1_1.dll

MD5 489e5b8bb1bd1028ff1c798eaaec65e4
SHA1 da9c385c48a6f590347581c5c3dea67502b99837
SHA256 fac23787e7c199c1969806850b5a9652f66f6dcac86f48f6f834abc253848a55
SHA512 33e3c28d60c7063d76c6959ef18dbb0227466766c4be9ce920911e192b75c18d11943a2eb0bef2caa920a6efa29162acf9f6c9c07ed5ddf5858420b240e0c0cc

C:\Windows\DirectX.log

MD5 214df704120f114b096ab35af6cb2098
SHA1 90a04a4b02e1ce12002648d4206e2abea5dd7297
SHA256 f9017bca18120220afe996ed69b8aa2f3c188d5750099fd9f5fcc1139db759b4
SHA512 a8a73f620f46c960ce97fcfd1682fc80185f85133864180788d5fc30e64e832ca42b13615f2d8fccdfe90c3c813c48eccd9374215af720126cc3f9ee3f7d1e11

memory/764-6240-0x0000000002210000-0x0000000002274000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_6.dll

MD5 39000e033d39d19ccce21aeafcce2476
SHA1 6e7823e689a9b720a049a260380805a235ddbf75
SHA256 be45aef0889b03e2243282a912f41580e8566db666a782c26a1d4d7988799d03
SHA512 65047afe28308ce69e3b410b3b52b5fa4f615c95802019cb9b78ac69694e9987076af4bddb2ed7e47b0fbe73729c91b94c525e5b7644a42658663ed044b384e6

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_33.dll

MD5 cdb1cd22baff21f48606b3c1a18b000b
SHA1 9315b5db975a34dbebdb4dcae652ba1db01c482c
SHA256 c6b7b2ad7742dde5dd8d1a35fdc1c185e586e551ad9c74d3fb21759cd8ca4da8
SHA512 c5fb24de8f1ee6fc1ed6e74580b5d22599ea4eb6c3589645fff0b15dc8dca051c4917e60fbc00ca86542dd63a8f5e40da92ea77e24826c0c6bdba9b58c36d4db

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_33.dll

MD5 37a8171accf46a9c196054066c28827f
SHA1 886264510372602c2ee0193c5a185d719a61316a
SHA256 b04e2b089656eae01a0071359f9d7fb040dea804c1b9d2379431864174259c2d
SHA512 713b843a35dcfc32caa67c52ce0a32af6f54dfc4c11615d32613017aeeb257fb3f9168443a4288c71209e5d40f2e1b281febcbae6da076d2b57cf01aa3cd78b2

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dcompiler_33.dll

MD5 fae7e1d578c42a7c3d9d61a99d178bd5
SHA1 8ac88ff2bc5f616ed284a04ddcbaeb72fb1f304a
SHA256 12e238af4b4edc1f774213709a87a91b77b2c9d2d18fe475b027872923b6fa17
SHA512 75107c64acfb6d84e1b05ba78377dc4699ba83b694b7ace474665c85f3e5843db6d06348fefed539c6c2b233775c7ef81d7bfd81937207e04e637043633cd0b9

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_7.dll

MD5 7febb8ce2233cbae738b16d42ed29674
SHA1 fdc5682d6aa0ec57b8f3c742fe736d74b3c649cb
SHA256 a43c92af3fbe91dfe2a1d415342631fe64e18c7dd3e16e93b6c78947b68e7bd6
SHA512 73a3c07b13b31d2df1cece720a0268cfdb7ae2a066b9e613f7c4ff0fc37b94bd4f32207149d56e1bcaa5656fd4501b1d136d94e18e97c07a8e793906dbc7927e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 45d4dac07aa361bcd77aa815d1724a16
SHA1 3bbdf7da5d51211ae269572961b5ebf508ada28d
SHA256 34ab99536ea59ad60ba6efda3ea6d18291ef096a0bab3664248d6045805da0ec
SHA512 d940002a8e0112a3b56a909008403b447e9cbb80e38b9bbd508f40aa68224f7e5d9681e1039e747ae939e0829a25be2319b9f9d0862cebb042e4c525ccbc20be

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xinput1_3.dll

MD5 77f595dee5ffacea72b135b1fce1312e
SHA1 d2a710b332de3ef7a576e0aed27b0ae66892b7e9
SHA256 8d540d484ea41e374fd0107d55d253f87ded4ce780d515d8fd59bbe8c98970a7
SHA512 a8683050d7758c248052c11ac6a46c9a0b3b3773902cca478c1961b6d9d2d57c75a8c925ba5af4499989c0f44b34eaf57abafafa26506c31e5e4769fb3439746

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_34.dll

MD5 1ca939918ed1b930059b3a882de6f648
SHA1 0c388397620ce0edbb362bb3ab2d4a9f31a56b6d
SHA256 b6f77f06518d35345fb61172b6a13159125ed60c469d28b1a2e07970e9ddf81d
SHA512 d1e09da8551e588b8d5d5837a79da9ae4ddd6a372457d3c341e68e3da07c0c1e84decadea9534cc87ef9ef38c094171004f836e6f74831fd6531ce72aaefeb5e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dcompiler_34.dll

MD5 75f206c195bbaca6ef28565b1c0cd75c
SHA1 4687454c58f64f2154f0e99bf5a323f73ca1790c
SHA256 5044a5810fd931339933a8d0c56115a5a5c27d8c0d8e348977e2724a032accf0
SHA512 84c0a8fd3e4293d85e919940f6f24d88fc6fd68f39cffefc34014656fee54256ce581ba408eebf5bf9dac3da9de19f2bf8403521c55881d3877dd64a8e50120f

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_34.dll

MD5 5aa9987f2e62b56d7661b6901901f927
SHA1 2cd4e3e70c3b37da134ecfeeedd377d1726d9759
SHA256 330e120d745e1132252df81800362a7ae0b61a9060afc800165ba8a1d55d3fb3
SHA512 af9e39f368b47b1500e5d68a6f234361fdfc29ea31c32f614c5887f124d6097be0b2d8f37287d0cd0b094d3a12e3f5881ea822542a1c85f10566604fd6228988

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_8.dll

MD5 499210c45afeaadee8cf4dcf7d5e570b
SHA1 de5ca60de47c8f54d531b88ea80d9a24a8e87a98
SHA256 15d82e89bea30bf82de6ba0cfbe97eeaf05d1e06bc0133f0d1ee8d0cc41f51f6
SHA512 f76f69bc3b6cb4f92e675eeedbd10a80f0b970d75ea04392484d477a4d02dec670cdadcb90be9eb215c4ad48a90d28347c9104f0835e93b5a9803fd62670536e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\x3daudio1_2.dll

MD5 9e4efe7cc29ece294f3506fe0d8090bd
SHA1 b5d0e9cf45ac3b05fe21aed3ba41dd94b1ad1fa7
SHA256 7c06bb70d12cf78de9c6a12a53c95f9dba41c140a48bccd500483e5b87795a8c
SHA512 998d3034cf21bb9aafe0821a96c64ab0c38f770cf9c6a6820a2292b569510dbcd0e71ce56dae813614d9a148c146e095245e963905e71679c3cfca1ad98f5e16

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 98b1369d38333fe9143259687edfb25d
SHA1 3536573ce844dc1441b91e1124b6689b93add430
SHA256 d4e57566914f1d36f4ebfb6e164ce2170f1d5e6392189d0ad6de3ef3b0a9aad3
SHA512 3544088b8436ae6e48d22a7638d59f3c14fb914caeba17a87d1af469b82f818a1a71c5faacd52f69b5bff190b44fd91f893d07b7e05c2e9a9dd363bd75722057

memory/5100-7003-0x00000000007A0000-0x0000000000809000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_35.dll

MD5 3ef18b78d17c962f2b71ac1cb7757684
SHA1 2380329c17c7a530075c7572d17592bb3a00c4c2
SHA256 2198022938156b790e9cfb0f7997494b66a11a1ad49b395be58251d635b66b26
SHA512 93e9bff79630ee5897bfb3bc496f778aba160312edcff9f0b8cdb8e8af3d5c7b73a8d95d54ab26cc638a2ff7cfa27153629f9fa8a4a687ae3c83e1178471e720

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dcompiler_35.dll

MD5 5b441670a4f5f8bcce76741902b8af56
SHA1 b98df0c54483664ecdc92eccdcdee09d082972d8
SHA256 5a866cdf74f981e783624dafb0e72f133ad9f9b293856d7a18c7558fa357beb1
SHA512 0243deac1124425b65cfbc7d6465bfb09a4849e6c5be3645b808cd3fa487c3044c5b45e9943ee31542a7a47803c02f0b92c05c1e4bee18cf6076641e1c0794f6

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_35.dll

MD5 f3764552e45880dc49b82f38699aa87c
SHA1 25e347799bb3f36bdee30aa78cd9e59c7faa5add
SHA256 db775655fd923e29509402556f86002dd9aea062cdcdba7073e1057a67b5ce50
SHA512 7e52bbfb4f309b9f5a9632efd3dc28a0509b7d5edf471267f7e794ce8479dd8cefcb29535327a7384bcc25b5331ff87c223fb70fbb5da22fea3c919ba4c5444a

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_9.dll

MD5 46ee68f04a75a1ccf40235ea6f1cba05
SHA1 43a30e195b8d894c69bd857ee377ce7fa6170fa0
SHA256 93a0d8fc38e4e9a301d9e721afbeedc5af40becc0b11a6e7e8e38f08f366ff6e
SHA512 16e4c624e4e74d8c1fd7652ae745a87de3698567faf0cf03651ad87f1f730405fc0d2eca68e4b0ff3c5c526c254aac232f9bd359ddb6563313a8f02db3603fa9

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\x3daudio1_2.dll

MD5 ac49e8536bf510251611a77e2a6cb8dc
SHA1 8b1f64007fa777fa2aca1e456735ab872cbabeb9
SHA256 1ae37d90d39c36c142a51ab9fef7230788ff95080f2bc47734737bf82d3c2c9b
SHA512 2c33ba362315ab102e4898ae92f7bc71e7c0c7fda8cd79f896cfe76e5a2a4129bf6a1e48d75b82ed7d915c0ced819e81c0f89640677b6bfa388962ce19bde2a7

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 ffc75edfaca60d28b6e6c1da8488f0bd
SHA1 358ae6e2680666b994e721db5fac0105a86a9c6f
SHA256 fbe2e9cf7e400537a4871218113df178f70501ffeea59a8f0f721927124d6d46
SHA512 dadf216d9e92b349179b27cf436483dd5a52bfdc1db659f3d99b6d1bcc5f1fdf3b0fa4bc8bd08f89439ca1f07f5dc66625043f8065c0cc75e8b3627e59eb8d0d

C:\Windows\Temp\OLDA327.tmp

MD5 87d52a3ce4936f6c93ac092c3cc2780a
SHA1 3be34b222d022cd4dbe28f0668c14af716f1025e
SHA256 9566e346fbf72928e9b48b3408c8336a9e77b331bbc729e8ced9f0670c51c699
SHA512 d7809bf29599e86a5c164d6cdf83e9b8a29ae08972c998bed5bb8a93a11742a5905867d2bc7118498985c4f1f4e6223cb0659e8d9784a2ec05b12bebf339983e

C:\Windows\System32\x3daudio1_2.dll

MD5 9355a1169ac104a3670c2a77d060ff60
SHA1 6935990e213c432e4fe3cd667148d95c0a33bd02
SHA256 b822d7de1253c52676f4e20f9c715e92759b43b69978dfef2527b6101e420ee6
SHA512 9897bf3ab16e869b47840b72e0d8166e0f6cfebe0b3254e278d7cb046a5d50fdd2d8624da788b9afbcf58fc95024ccd2e5b9b010de074e8d9500669f349061af

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_36.dll

MD5 44bfec5c9c82a2ee9871d88fd3b9a0e2
SHA1 e2aeb78330d0815cffedfe88438a71024577d4b6
SHA256 c12f0ab0338eb5031d3d04beaf7208ac848f7e037d21ff963d2af90221cbe935
SHA512 35c42ce3afeeb3710d3d96d2cf9ffa2828fe17f8d749fd149e3797e87e154508c77f637de0e424d38bb3fa56bca959cf9da7787323950ec8261b144c09ae306d

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_36.dll

MD5 d9158e78a368b08d9133043eb3058c12
SHA1 d71d6f103bf7433f442f55c355dc74fd4b8a736c
SHA256 aee0248f18dfef8194451a22c69adda1cca38c03ae9aa776114da9d8851d4c38
SHA512 8bcf2da86f708ae84141089f80131244d957e64c6fed0fc39dc688201659cffa7005bfd4cbbb315ee0a60c61e38ead3b4e4fcb3d2f0ecd0386a6fbe486d82bd9

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dcompiler_36.dll

MD5 fb4299688a0d3a37687c015ac2b9922d
SHA1 a4898d246afbb0ed399e77fa5ff29c99caf912a0
SHA256 f15efcab1780fe7d784a3cd3798f147fa249e81b7ef9a494b85dc7fdab084734
SHA512 664b139754d587dc32820354c1333fe6a5528b07b8bbfaf27374a5da7e86a4c3e7904250976ef3cf8620fd0568c34fa75704a8b1585c382b99d4ee46518617ae

C:\Windows\SysWOW64\SETA6AC.tmp

MD5 f6a9fc2ad2f9111372b5ab3bba3707ec
SHA1 bc7afb780d42a332497139b5236b809433d86009
SHA256 4c448c7f77e3b4385d2cd35d0c470589cdf0524e532f9cf7ae084a8f88aa949a
SHA512 6cb44bb174ef28cee3e3a6ac51897b5cceb3f2d06d08c556cf6476a285de3e3b03a624ca92fc11b95f29694629457fa39747e3041736f9b76e84f19a052ecba6

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 c92c92060d535cc9800b6ce231276852
SHA1 79281861482c717e61fe9bae300e0fba310485fb
SHA256 e0838d8d562ed4683bc06ecdbc46fe19dcddf711a0c7909dabf62da572035dcf
SHA512 7c8893c92c005c7c21f829912da4b9e5a843e842826d5e362a9828710486240aa109f26e38a84cfc03617f4abaeda25f0ce215b8f6a1f9a65c58ef5606814d13

C:\Windows\System32\SETA6E0.tmp

MD5 bc78d5328541410510dde06b9fa92024
SHA1 f6123294896cc3c3d3cf5a9e0e03319f58da7cf3
SHA256 7a34a7a8af47c6b2cf890ecb56bad2454ba5eb1ef2df6fad9ee53c4770e941cc
SHA512 5284d695216aa4f70abafdea130326d8ee3c6d9a9858dfa3f5b184c6b8b185adebcbc92adb8a7530f9127ae1de30561986bf9c85bfb8b474a9812151a7843c59

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine2_10.dll

MD5 73e055af78a64f9b2779d44407ca2ab6
SHA1 d771ef11d22a79dba7deccb9b3efedcbe74532d9
SHA256 113640ae8cf78caa7cface2f906f9e6b60809906f5c26e08b2e90fc48430f3b7
SHA512 a8d979297ecce24a29459e7ff814e53c649a6c969869279dbf0f29edea4d73883441519a27e5e46bb1e4b5b942cb26907cea9a488de0067e589632687b25b5be

memory/2820-7649-0x0000000001ED0000-0x0000000001F39000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_37.dll

MD5 ac3c517fb0fbbe45fe44007bcd3625a7
SHA1 eabe1601d0132882c7226a4ed04fbbdd5e8f0db0
SHA256 c2ccb84c672a9d8966e82a28005a4269886ee304972ac3590c0b8a9c1622a3d8
SHA512 89b44142355c494f2a21276d0629f3536adc0dd7cec101a1f2816031afcc8a96f94663ad46744c772d6b63d172ea62e9b957d6292e4a6184f958576f62b05836

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\D3DCompiler_37.dll

MD5 ea752dbce35045d3c830dc16578cc8ab
SHA1 0a9bdf391ccdd113fde4d10f0afc80d54df01259
SHA256 715876d15b590936e4d32602a764d810650eec134922b32eea742e2fa71791c1
SHA512 3cf5e79062203d39fdb74e789e22405b93de126deda3d698963682d51f264cafe9a91d433312bb7976fa9b50a4798060fcb97b6de7f0dd422eecac2a922e31dd

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_37.dll

MD5 4a43e9a2b17e4cafa9cb5fec0b5b686b
SHA1 9e28d3d197958e65ab8dcaac91fa55cd1991c3f5
SHA256 61aaf973712f848b24c3e769e3252248ece96db63f206de0ca7ff43d9ed87a51
SHA512 8411bbd130427b690332d222233465bf79426670f565ac3b01a71929dadcfdd18002c54d60981dc1f202e6625f99ab73451805d64518fad9b5a9793407df2d71

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\X3DAudio1_3.dll

MD5 c593fd0a96ee4b6390b653c4c641313f
SHA1 60d71ca2eed9ff8afa5561cf1dccca03607134b0
SHA256 74ec3e6b253af1b68252e62a5c08479453b3341d49c606adcf36913fe9ed9717
SHA512 1bb328d1a68dd7b7657d033bc2bcb8e2c096bc591e435b5691a4ad4f0f49cfad70d4e48af48d10eaf4ad13d479a3f4fef66b09a0852f8c61ff33937c7ea22190

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 edbb7730845fe5ed4717b06f84c1cb2b
SHA1 d9bc196e34d69ca0ec91a5a835b444ac3e8aea42
SHA256 de817d92db706f329d50567221c42110ae781d679ef853cc684aec779ab51ccf
SHA512 cb7c5db143087a470d7ca7f5d4200ae62513ffc27b864528d851c310d0f6f68d55b6fa45b7d3e0b81043ada5f7f6468447e9a877b6c6e06099c38690a6c07d10

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine3_0.dll

MD5 8a83673f0ab001870583fde2b004fa59
SHA1 be8d312b359a9b8f9f184d78c93c762cbc46e321
SHA256 887329745c479ce8d3023c969adf66780dd7e51ab536f0a08550ba4c77066c20
SHA512 583c73590d4b90576955783e24149125615b135f5bf5a815674e2546b93a8f89f6c3a286df09257e547bcfa8c0bc399abba59fb64158b411a83f28a4a4feabca

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAudio2_0.dll

MD5 418cdc57e55ee79c3f86c13a19b3d5e3
SHA1 cac2b8396b1c82a6f7ee2a3e3ec3d2e4c2f869fe
SHA256 e435b73193bdf651f7ae564eba05266595ac672db45e0e22dce92d0bcb3c6513
SHA512 1ba5a49d9102911d13d86ac4f0e4ecb44069c93a58e2e3225d9464755c14f8d57f230eb32049c2747385f7cbaa9c0da0f6001f27b685eebfcd94f3f5b8fa3250

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_38.dll

MD5 8f3eb548ac4ed90252394f60c77e3196
SHA1 e40bb2e3c99c55f2df9def2765bb014e01389622
SHA256 743e77a228e7d75442263ad70051e44534f7972c6326fd34b505a9c2c245894b
SHA512 bad441c93d37269a9d49edc39ded933e43baf2a563c425ea2db222a9859ecd1f076c2255c077a5afd07922b50adfda2bbb731ff6f292623b353a3dfbde4ce4e5

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_38.dll

MD5 a2650b27472c21cdd817eeede65648e1
SHA1 c0e5f70386bb229e289a476f2a95965699ba53fd
SHA256 bf463b7ee2235f351309b5fd790f514acf2b55a4a1f90222f7479024cc28fc34
SHA512 85320f262c10d80e889258a8584648dc20283d1af0467924e8745555c94a8fc056ac609b31d36a898829ad418c9df06047ecfcc644693bd136ccb50ecbd6fe91

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\D3DCompiler_38.dll

MD5 103cbfc5591008ad33046e20e8e1eebe
SHA1 4a8bd29d7cbe5652ba58cd6754318a03497d841a
SHA256 ddcaadbdd47bcba02c8d1880d456acc20732d21554977338ae507987ed04046e
SHA512 ddab1a2ab33b224ac3f9ed396415bbbdf96bd59bc6794fe26796ee87691154d5e1ca2abf8bb85e7a9fb6793446bf17f6f6f53b74e69443270f50ce0b85e06b6f

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\X3DAudio1_4.dll

MD5 e3832514bd21236067b7227f6165ef95
SHA1 bdde126bfa7e3133f33e3d3e7b4618422c61acac
SHA256 799b38139523a3b30d26e21798ee705375c61eed8ae2434fddb52fde51f4bb78
SHA512 e60bb2b8cea5864f3311dbc0ad8f7813764bd55153bc0554e2842b6973fe24a1ce9e4381fc6fb05792d97799fb247d591e15b7dc41eec2bf563bd4f7ca797d85

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 6f05a242d0253e19d67978780bc06528
SHA1 ed8c623b0e462e92185d498552a11be01723861f
SHA256 ea31341129f7558d34fc2fcae9e715343aaadfc57f06a33a6da18448bd71b77d
SHA512 2bafde8afa6918956f745b34397a4f6ac479d3696a363184ea75cb9e05c5d83796527ea6cf343004544173e5370bca0258d5636e3cc5cec16701d68d82cd97f3

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine3_1.dll

MD5 2e0e25252e1d41752876e9fe12ade175
SHA1 d9de3a83235166a4bbc4bc356419c07aaf3e3f8c
SHA256 088999560171c60129c95f9b541852392602561dce43e4c61a453d48065f52ca
SHA512 a4555cbbde372893c564e1fcd707525c92fbcfb6915354b0062474cc47fe36ef66a3af212c08da117f2f2121698e556633f8c399199344354ce0d4cea4d0a2ca

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAudio2_1.dll

MD5 e34ff0115b1ee3b4e03d22ae9840ee03
SHA1 746e6e84ff7f630643ff9381b9dff1f40a49ca16
SHA256 32a7c6a4edef46f025a4a5c64b892e29baaae948e86d9ed49e82014eec1441de
SHA512 7448bb3ebb8815e13e14514c8580dfb7f6de1a96c90f6611f6766dfb48ae7bc4a06efdc493060c054f222e7d9b308e062e1cabb19a60f50ff9e20f06905df58d

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAPOFX1_0.dll

MD5 dd165760f1b95200a3da2d9dfdb84234
SHA1 0724300a1cbaa32e03a234cf6080a67967c335d3
SHA256 8b396d275de2550af8ada6a1ff71f0f4870b51c8407e44044c2dde7ad6b754cc
SHA512 eb130afda1481dd0e27a19330a8be8045b3172e46edcc5a0cb089e191fe415c41cfbdf3af8f084a6ff58f89cf8d7d4d0879a3bae8f93a52ffc84da2d4fec5ccc

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_39.dll

MD5 8cb3defb8887c4f0846db1fc1304d6d2
SHA1 5fbe058848db16117ce7cfdabea1f178ba229a6b
SHA256 5d29988cad858f754ecc62c3d30de555f82cc21b5b26c448b890295e9b7bee82
SHA512 4cb675b179d05ead18d2e42329e0d10cd1d520cf9c8c0681b89aca79ac9c814e82941b0086135bd57721b66b55b6feae00bd29af804f59a486e935fda413fc43

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_39.dll

MD5 e6c2f1d8b667ddc04cb55b9f0159ef97
SHA1 9dc5c2d54397aeb56deafb63ee34b641f7030ee7
SHA256 613afdb8b44bb3bed945279229d9604a3cd553f8c2b9b091235cbab8cd00de61
SHA512 5cc39f19b6de99bad0be00fcbde9d498e23f29303c6ed4ba79c2b2bc63f259f9b617ecf6ac67beee8a71c03a0e80c29412e0159a5014a43a6168c37835bb0e00

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\D3DCompiler_39.dll

MD5 c4f1972497fe2ceb7d900938c97fcf91
SHA1 27c1886e7823813ac61c35ea0cd5b72ea0ea7dbc
SHA256 b99b655abc4ec45851cc2acdb7a348e739687200a4fe3be9c35d6738dd61112f
SHA512 8d35dd4000e1d632d0924b594d6ef13454159f8c3b85636f180486ff794b76f8a84d7977e340ef08217f0f68747b593eae0b44824a20c12494007f4a40cc3d00

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine3_2.dll

MD5 f3c6be26949caadb11dbf0086082fac9
SHA1 6b7a2475aacaf63f30964e9958713bec331c82ba
SHA256 e6a34c1f068f89d6515cb460eed3b4dbb53522c5579e6c75741482f0d40d9f99
SHA512 167afd32d847088d4973437f8b89badce194211f8fb1a14cf30df11848e4d4dd8d5243765edb1ed09df0f9b674cd7de764f1dae9fcac91f0ec98ecd259181d3b

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAudio2_2.dll

MD5 50f4a0d5e6a0bafefa78f353533b8e06
SHA1 d370434eea3a557ed77b2363dfac720a5ed98666
SHA256 9c7897b4ee1bcd190b1c0b7b77e64ee731d234764683a1e2286af70d86b62753
SHA512 7686b893996b76a25ca7da971ca3a10400dcc682a05e8317a9d159a9317537de0bc20dfdef643e85e6ee548d7893138497fc156f77534124a8eb3e3ce47f0cb0

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAPOFX1_1.dll

MD5 d95eaabf5d277ef91d9ca70151209e56
SHA1 3d47ebbd6236045309d2222a696b7141c0957379
SHA256 5ab63c0f040fdf65e681eba4daa55ed83e89ea10c426dc2fc763da0fc94f3ace
SHA512 6d2e73468485fee2b4007f1fdf16381cdd6c77edbe5530f63cbf8696646b14d06100fdf54a48547f29ea5775f29226b16808a5a1bd4c0778413855f80e5b8259

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\X3DAudio1_5.dll

MD5 350fefe18b86bd4d9ab2a96d00215a49
SHA1 be4ddfa0edc3a463471fc170e9706abac0a672fc
SHA256 315944bb2a1959c8a4bd2677ed415363e1611c7351ce55319dc98fd2aac83f87
SHA512 490bdd66920e36aaba2a4d12bfe4aacbead7403b1a623bead0d9ab5f68d80f46fa530c5f7de9e747eb8acbfbec8c635aea32655dddcb6a9d8e006339e1e8857f

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine3_3.dll

MD5 8ba296419af3417d1e9806b83166e472
SHA1 a2a8a64aedcbda68149a2726b094f1710cba71d1
SHA256 ef052bc9b7fde596fff3ea2d9c8fc994f3282953dead1b7f5477e7154af67245
SHA512 877e89553cbfb6afc6dfb22a590a468f035dccffecf842cb26010d5e62e33fe10e477d5cb157d321de3ecc59112ba616b80e767028eedeb4e70a591f1b81b902

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAudio2_3.dll

MD5 47ed15dc87ae334c13c4dacd1be2cced
SHA1 54f94839c4e4d798a1f4f1fb6ee240957a738cb0
SHA256 04dec9d7c68962e01efec0aac0ef7a3499bc4c16e8a41bd61fe6641da48d7dcc
SHA512 da0707a153172c48036d885404035829ea251b7df5a9246fc05dd164ceae9604cb0cc931b85d77151bc613cd5e7e4d0430a4fd92697c8bbc8faf5fcfd1c140c4

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAPOFX1_2.dll

MD5 295e47a75f278580f9441041eaaea3d2
SHA1 0716ca729ca3d84e9dfb4bd97c1e12466cc68625
SHA256 d1a55061bcb42f69b7cf35e2985d48e30c7a90f0bc668e90390f465b36bd0161
SHA512 a3cee1d45759fe3323fe8c3c49600856a86b61b3174c4d9c71e58a95db4848683c71605f5bd8c04bec591da02d96b79c68c1135410930ca63d17f7a929f2dc4c

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 44442b56a318475a3e7acb055ca79d29
SHA1 9ffe16ecdacd79269344643ca160d940e88e7292
SHA256 4c8befaece0c58eb75c38e2347db04557c1bd2a4a269282c3769d6bcccf50395
SHA512 d64ab17f7e1baaeb5aafa4e7eb100257d7a29b1f5caed394b2d3b656c4c9ae56a0f9b952f60573e3ebffa090740f95b0f173eaf2642d6245eb8c2bc6c619b096

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_40.dll

MD5 eea5e428ce63804f9b12d21c97b5968f
SHA1 77a7f48f4bdb7e66ed5e524bb8879e3da0d6cd1d
SHA256 16fd909aeb68d0d1aca8529dc7f78880b97d6649d70ce8d03a2c858bc28e216b
SHA512 545518dabd82441ddfc17fe1c1cbd7d14603bb58130de1307a31f73b93ca42afdf25dfcf481f0383c4e039edfe4a88ae7b84b06a2850c29bbc3550114e499c73

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_40.dll

MD5 91b4aad4412bb223b466f3dfb43e86da
SHA1 850aeb2b3ca15158be00faa5c161312cf4a876f0
SHA256 c05787cbf3aa4527baae96a425ceac910090ef48809990a450c33f3cda0e4767
SHA512 413f68d1ad36aa51389da62eb2fe89969e4460ab166ce44943e382fd2d1cad0953979eebb20af58dd51def3fefa1100ea9fe95c05714c36d5322e281cea1a1a2

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\D3DCompiler_40.dll

MD5 3384134eeb8f223178c2eb8323003ec0
SHA1 c8eaef8cbc91f4386e42904dee70abb6ab7304f2
SHA256 f0a6f156d13150de6ebb094233e5ff78581fbdb77bd0ff8d083698c42bc8e13b
SHA512 dafcf4c116d994c17d47d36b1dbc2ba8ca61cadeefa5d770adc391713d2c13ed2b6eb8d2464f4811cb472c8e1eef384ba21d7ad8203ba4e9ef07f33781feaaf9

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\X3DAudio1_6.dll

MD5 e763798cad2a90b6ab61854f50cd47dd
SHA1 419f2c98d2a3f419db1b1e9b5f4f7c3b9b636c1d
SHA256 574d14ab9a641c6cbadd78f2cd6c088b64b59c3646057952e63cad7d2778e1c3
SHA512 b455b0078786b7ff8362f7404095037a5332603383707a6dd493f381eae3e28135696fb4863e1915ea01c0f12ce10d021a18ab91cbab06b4d20142e0b38833fd

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine3_4.dll

MD5 686f8d1b4926d48227a06acd4d41cd1e
SHA1 324fd1d21a42f0c30bb071beb2cd5db9abbf3138
SHA256 d3bad7995b998f2c95dbb33020a198ef5a248825321032f051619f353d46182b
SHA512 6ed69ab933492870b7fbf4e178999b835846075fe103e65f9a0f9b1ad8d47c9277f31a7a0fb53f3620b591b103b02bfa8efec530d7372680f585b82e128edcc4

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAPOFX1_3.dll

MD5 c4479a4547390e3c5ef28d453abde4f5
SHA1 9b3af3d2ffcf52cc6628cb486372be2870771637
SHA256 c6956ac2ee59f71e86784138b5443de6970a1274ac161945b8a44dc1d535db84
SHA512 94a55bbff8a285d6b91ae72b70664b2c1a067890db175e20265be2d57a4b29deec52f08f0aba8ae07ed30dfcf96889ab835b971d2bf567758d3f7b881a7e5324

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAudio2_4.dll

MD5 e684c5fa18adf9ea14737757413bf727
SHA1 1dd454144e8c0f3aaf24db0b77f03737914d9a72
SHA256 bcde4317debd0052b1436a6fda60e1dcb1e308979498117fa0cb50061f38101c
SHA512 9686f92745a30fd9e442ff6a24dd89410aa483ccd46edbefce0fe378645292255a323e1aae146180e8a4ecd15765a996df959a302d5cdbc6dfa4c5fcb8252e4d

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 d001b26aaa9bec255c0b697732e571da
SHA1 adce71afb93cf04a86c1b9d2f80144ca35742d2a
SHA256 1707a6644d66406a9ac149b8fc959d964dce5c028ca3e1d0d5052e70f80515e2
SHA512 af39d48e90cd2cd575a8d039642985e25ead1fa51528a082d91c9bcaf9d1ec97afd0f66c0bebb53043221ef13dda69000ebbdaea87605efbe873f471e16a6f90

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_41.dll

MD5 3fa06cf5079b84155d18b05c08f7131b
SHA1 fafe52876151a08f39dbb6b4aa137dd85558ba5f
SHA256 6ac4df203af419d3f3b7d9a99e14a3490ea3ad307c474bfe36baea642b1421f6
SHA512 24d29c3ffb6532da860fef4dd93e61f7532cea3af94928495a3af0231e7dff6db5cad25713451a2e722c076462b94818cd6969a1c7d8905585b0f64e12174d1e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_41.dll

MD5 1aa571774936717ee776dbed51e9edf4
SHA1 98eac7257ab3350504c0a70342b6b24658411f55
SHA256 9f4c15e1f68795727eded4737acc5a1aa85f896cd9e6924fddc9128b48f1bbd6
SHA512 bb47d95d594b249608e323c8ff383c0655a56e9192e1a2f3157e9c18dc7b9baabcf8e6b09d30fef570e0718edf673c56a23df5b5d5c6ec3242ad3d887669127d

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\D3DCompiler_41.dll

MD5 781e8b5b6fdb3c9b4e4a4a9fb019960d
SHA1 292b9f02bc2377c6f89b505554394ace161c68c0
SHA256 69ddadf8f5be24f10382706480b55e2492008d102001779f976608e880c65aab
SHA512 718955c983708f3ce5b6796de28658603bb61270ca6f1b3ee01d73ca9a789db326a7998df38cbd6330e69bfe3d9504b0fd351fb7bb18566be6af03fa36b7573a

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_42.dll

MD5 c6a44fc3cf2f5801561804272217b14d
SHA1 a173e7007e0f522d47eb97068df0ca43563b22bc
SHA256 f8b9cfab7fffbc8f98e41aa439d72921dc180634a1febca2a9d41a0df35d3472
SHA512 2371844bc86cdce2d1933625b921b982c4d1b84a39698b51180b09a2d45732407d721fa01d294ca92a88777607a1bb00283f6bcdd4231137a388216d0b09dd5a

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_42.dll

MD5 501ac862517c5445742bee8a2b88414e
SHA1 49f3f2df66d357aa84a5e7a0eb368ea595b7d95a
SHA256 46429c4affe041b08a7acfda0e9162ba42de966acb2cbcaf09ef976232073b51
SHA512 08dc13d5ad0a0d2aaca9d3dbfb53304216111da73bf48810df2982650d580757c10c8b9bf80ae5191e06ebaa44b2bf9c244ae141308748c3e7fb9ef6088900ad

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx11_42.dll

MD5 d09ac80a4b5312239852836c84df3392
SHA1 ba838d90a1e74d6b9a57abfc9729dd3b2e7fb192
SHA256 8c8fa8dce19e2f43e82cecd73a268e831a5ce0a16023845f7fa7fcb597772e85
SHA512 69232a47c80f01433716f3a9202af25e1b9a298a2b7b7d23b959e59d9c4ebf329cbe9a9a5bde41c06e978fda062225447114f9ae736920e7bbce8587a9390613

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 7d8f5afb77c3ada97a83f3fc253d6392
SHA1 e5424d020c6de84ccf72253834c545024161f682
SHA256 3a07c2436d3fd2473e15518a53262d4f0fb7f2a05589437cc5668f929063e782
SHA512 52f4bd961febfe6f691d7dd1e826f689319656393756e0c5c9e3d9729ad47e072071b204f63a3b37b67204fcdffd4539db08cbf190605dd9652ace51627e8845

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dcsx_42.dll

MD5 b337306dfb508a1bcef1974bfbb8d924
SHA1 203c32d73f99e1097bc306c9225307a18c617f4d
SHA256 e462eb3d41db54988ce3be46ced60b0073f8d939a9946cda67fb1df3c8afe0a1
SHA512 5c7a101e403aa2eab57e2972427a67ae6cd1598a35f983af784ca3a7446f7c60ad3cff7e52510f14647645a49c387020a06242663433db89e6454188b93813e0

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\D3DCompiler_42.dll

MD5 b33b21db610116262d906305ce65c354
SHA1 38eef8d8917351ee9bdff2cc4fbfaefaa16b8231
SHA256 6c976311406c23aa71018d274da0ecdef43b6e3a3b0b01e941a5e8e4e974386c
SHA512 7049726ccbba90d06b3a56e1dbde8196935d4681b5548248cd3e6a8e38183c268152ba2b07eb90823bbe327c02ec946c59abe3562b59e29d9bcff8fe90e0adcc

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine3_5.dll

MD5 db3c93e87452b8dab4f58ed1fd2b1998
SHA1 fbcc3c80c74e98e8554260b8a08e14dd1670075a
SHA256 1d37ab9b90372eaaafb5055401449dc3184428fed559baaf36fbcccd2479611a
SHA512 af693d7d326dd7874e0eba5b4163c21aad86270f8e54058c637f1cd200e45eafb75f79a2d579c477c06082ace44f3318bcef71698089808690ff88443ddf348b

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAudio2_5.dll

MD5 8b01fb723f3b30ab3debddbf97cfe577
SHA1 e379c3b7d0a66da06b6a381deea19bc541ee0689
SHA256 c596de2ab8394fb62538fef0b4657317f4ead50a6d798c5d066e25e334576c27
SHA512 ba8c5bf7eb657bce6e2c937e082b97bd6169d1cf3daa5800e5112d62596bdea47e5c1f23146f3f696cd68e8def4df92e3fb24a9aa8b9a08320738b66fa6dfe2e

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAPOFX1_3.dll

MD5 30686ece80545e06d78d156eb9f7d463
SHA1 b257ba4ffad8003fb7d12e9babd3cf4e88bd52f9
SHA256 b05ad9417028b9777f69422caa01ae9fd22c7bfe542bc6e7de2649e28a4ea643
SHA512 ca03bb01d8e2608517462597076bfa96f4b2595c33b2635d80e4348ac3926e17c93e5db30d7e43c30277cf8ac07f982a0c729f83a00df8965993d4f0758eca13

C:\Windows\Temp\OLDC526.tmp

MD5 db6c0400a5e2e4f68c7eb75912443296
SHA1 f8c937c62774502960df9321ad1f1d7d0999cddd
SHA256 5f03017d3b51c1dc413952d21bf35ac660693c6f7539e8f8930ddd41d197a495
SHA512 2f950f06ac7806eb1e5e2d0de9b91efe938b0e7cdb85c5838de1bb98ca693be2046c94f7824b084b4bd31e956bd9ba90f891145fcb26cbf47911c925fd07f3db

C:\Windows\System32\SETC537.tmp

MD5 37b348a79c4c9b8ab925b18ffd241e96
SHA1 a0b030e5652eafca2cc5d741dbbaac203781ed1d
SHA256 787e10d48d90db50dc155fca53fe8c5c1a383ca24d468733d4b8fe3acf2d0a34
SHA512 20ad359ed0a1fbfacbbba2749eaac9be4e9f416e24cb7ac9dda55c6d2d372fd290781607e5f806b4da3a9d01abef58b979153bc144a8cc8c6d7115166178fe85

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\X3DAudio1_7.dll

MD5 c811e70c8804cfff719038250a43b464
SHA1 ec48da45888ccea388da1425d5322f5ee9285282
SHA256 288c701bdedf1d45c63dd0b7d424a752f8819f90feb5088c582f76bc98970ba3
SHA512 09f2f4d412485ef69aceacc90637c90fad25874f534433811c5ed88225285559db1d981a3ab7bc3a20336e96fb43b4801b4b48a3668c64c21436ee3ea3c32f45

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine3_6.dll

MD5 f81c4678a55ffee585ac75825faf5582
SHA1 8fb2e6cf2a022eaed2ff5e3e225b3ca1e453d1cc
SHA256 8a7e7c5ac2e6230f0249d46751522e7ecf85e7490cf7491ab73bf2e7e59e4c0f
SHA512 8c8071bc2640d5c0fcf140ad68d4788cbb0706d17313c3cb74e25624a748b282acbf77eda678cf0d5fecf2ec3d583508c6f4eaf5c84073909b616f59b4f4e5fe

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAudio2_6.dll

MD5 4976243bd70fae3d1d24e49739ab2710
SHA1 6ef27b10bcf4e697fe77c3e964b326be11e4444f
SHA256 61b57170f7c6365714396072d22cb98746718c0f44c9f0d5c62fdb1b218639c7
SHA512 af2d6aaad44bed880a1a2ee947618b142c76a5eca42d4608196b74df9108a9649059d8207e84a58b76ad43aefe9b66ffcc519f8126667177011cf4199f163e83

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAPOFX1_4.dll

MD5 e4ce2af32f501a7f7dddd908704a0ee6
SHA1 9dc2976efb15b6fba08bebdeb98929b6961063a5
SHA256 0aee44b12913a95840ee6431d90518b0d72c54a27392e21ee6995e2151554a06
SHA512 ec14a58414d595a36c6b575cdae690f11481cd3f0b35fd2f4c6a6d162a6272882cfe03da865e09a34972775790529f51c80b69056a2fcb909f25b549ed2f7f01

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 730e5493910e5693499485e352381c6a
SHA1 2871488c24d069e677868e0a590e7e74f1f19b12
SHA256 d808bb408a4bd695a9793e70b1c61637e008ac11174dbe1373481e2bdb0c9299
SHA512 62fb2a2ddfd62d48ca8a709426c07e1cda0e66df5b977c3bfdc3b191d15c3a139a5c6180ed7a66b2418a5436273d713f2af1cb21f7dc77df78e0743d6a18e176

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx9_43.dll

MD5 86e39e9161c3d930d93822f1563c280d
SHA1 f5944df4142983714a6d9955e6e393d9876c1e11
SHA256 0b28546be22c71834501f7d7185ede5d79742457331c7ee09efc14490dd64f5f
SHA512 0a3e311c4fd5c2194a8807469e47156af35502e10aeb8a3f64a01ff802cd8669c7e668cc87b593b182fd830a126d002b5d5d7b6c77991158bffdb0b5b997f6b3

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx10_43.dll

MD5 20c835843fcec4dedfcd7bffa3b91641
SHA1 5dd1d5b42a0b58d708d112694394a9a23691c283
SHA256 56fcd13650fd1f075743154e8c48465dd68a236ab8960667d75373139d2631bf
SHA512 561eb2bb3a7e562bab0de6372e824f65b310d96d840cdaa3c391969018af6afba225665d07139fc938dcff03f4f8dae7f19de61c9a0eae7c658a32800dc9d123

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dx11_43.dll

MD5 8e0bb968ff41d80e5f2c747c04db79ae
SHA1 69b332d78020177a9b3f60cb672ec47578003c0d
SHA256 492e960cb3ccfc8c25fc83f7c464ba77c86a20411347a1a9b3e5d3e8c9180a8d
SHA512 7d71cb5411f239696e77fe57a272c675fe15d32456ce7befb0c2cf3fc567dce5d38a45f4b004577e3dec283904f42ae17a290105d8ab8ef6b70bad4e15c9d506

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\infinst.exe

MD5 a7ba8b723b327985ded1152113970819
SHA1 50be557a29f3d2d7300b71ab0ed4831669edd848
SHA256 8c62fe8466d9a24a0f1924de37b05d672a826454804086cddc7ed87c020e67ff
SHA512 60702f08fb621bf256b1032e572a842a141cf4219b22f98b27cb1da058b19b44cc37fb8386019463a7469961ca71f48a3347aaf1c74c3636e38d2aea3bca9967

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\d3dcsx_43.dll

MD5 83eba442f07aab8d6375d2eec945c46c
SHA1 c29c20da6bb30be7d9dda40241ca48f069123bd9
SHA256 b46a44b6fce8f141c9e02798645db2ee0da5c69ea71195e29f83a91a355fa2ca
SHA512 288906c8aa8eb4d62440fe84deaa25e7f362dc3644dafc1227e45a71f6d915acf885314531db4757a9bf2e6cb12eaf43b54e9ff0f6a7e3239cabb697b07c25ea

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\D3DCompiler_43.dll

MD5 1c9b45e87528b8bb8cfa884ea0099a85
SHA1 98be17e1d324790a5b206e1ea1cc4e64fbe21240
SHA256 2f23182ec6f4889397ac4bf03d62536136c5bdba825c7d2c4ef08c827f3a8a1c
SHA512 b76d780810e8617b80331b4ad56e9c753652af2e55b66795f7a7d67d6afcec5ef00d120d9b2c64126309076d8169239a721ae8b34784b639b3a3e2bf50d6ee34

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\xactengine3_7.dll

MD5 4fd7bcb9d8af6a165e9ba0c2eb702e7c
SHA1 a90863632c2d54dd06e01537744a7b65bb3d0db2
SHA256 d7b1cf58898046c430d49cf8f778e4898280f4709340c3938d3139894166fe8d
SHA512 7fcc435d07c434ec392bb9bfa98aee20b0b1cd2ad6a31f073af80f6f37639336349728c9b0fcd967c4c395fc40c0efad1e36142fe7632512b0f26aca1b1c4bea

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAPOFX1_5.dll

MD5 8a4cebf34370d689e198e6673c1f2c40
SHA1 b7e3d60f62d8655a68e2faf26c0c04394c214f20
SHA256 becfdcd6b16523573cb52df87aa7d993f1b345ba903d0618c3b36535c3800197
SHA512 d612e2d8a164408ab2d6b962f1b6d3531aed8a0b1aba73291fa5155a6022d078b353512fb3f6fff97ee369918b1802a6103b31316b03db4fa3010b1bf31f35fb

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\XAudio2_7.dll

MD5 81dfddfb401d663ba7e6ad1c80364216
SHA1 c32d682767df128cd8e819cb5571ed89ab734961
SHA256 d1690b602cb317f7f1e1e13e3fc5819ad8b5b38a92d812078afb1b408ccc4b69
SHA512 7267db764f23ad67e9f171cf07ff919c70681f3bf365331ae29d979164392c6bc6723441b04b98ab99c7724274b270557e75b814fb12c421188fb164b8ca837c

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\dxdllreg_x86.inf

MD5 8272579b6d88f2ee435aeea19ec7603d
SHA1 6d141721b4b3a50612b4068670d9d10c1a08b4ac
SHA256 54e098294ef0ad3b14b9c77642838b5992fe4573099d8397a1ef566d9e36da40
SHA512 9f1311803db1607e079b037f49d8643daa43b59ce6eafb173b18d5a40239a5515091c92b244ffe9cfef2da20530fb15deb6cf5937633b434c3262e765d5a3b21

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\oct2005_xinput_x86.inf

MD5 be6e213583854cdfd305b207f4aee0d5
SHA1 4ac378fd06aa6dec48171fd1b4045d1bfe4bc04f
SHA256 a14d5947c0ad4a864f95e3f35344e93f4845094d660eb37b77b1fdae9f7995e2
SHA512 e331c30330b87ad1fc57502bca5cef45afc0a0b6ae1f8746fe8dc47fdcd12cc080062142bb01ed0248c2dba144fb7722564fe780a129e43680b1a73d19b507e0

C:\Users\Admin\AppData\Local\Temp\DX640B.tmp\oct2005_xinput_x64.inf

MD5 dbe238ed3a0d3805a1a57c23fb28b721
SHA1 076284d2fd60ea7c29acc3233ad41f2bc1e2f73d
SHA256 534d55cae9f43193f49d74c9303fa3d32cc309d0b23597a97c315f207f2a358d
SHA512 af8a605cec38385dc24bea7b4520ac924961bf8b4b7317430394dec3863f52b2a3cc2d86dfada3a9feec9906ca2f0f48c4e22c10a87fed0c9f70cedefd9ab32b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 748d9009ce64625559cf49e4e769ad53
SHA1 6ae47f96c2efe04fb0fdcf292a7d4b2f9d6e4f4e
SHA256 2e5dde0a916eb3db3a08e3052f7531749571f60a4443d386cd79e210e5718eb1
SHA512 0ecdbeee1cf42f29ac97c01933bcbeda9097c8d73a9ac1981b9652162b657ab73e78a2cee0d75019b7a71445f5a3e10fceabefeed861b48e39e4d11442b70450

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d02e95c017116ddac5d0bcc1ce384377
SHA1 00564a8342c343686a33019a871b61423a609814
SHA256 715c10baf1127745f5c3d2c1dab0fb69dc6acf56aaa80a80089d7eaf469abf67
SHA512 67898d1490216d344b438f09453cd088b506f5b107e8354d076a6ff57bfa4fc2aa748a5ea76745aaed318a88a60df3601e9aa8f195aec0e93a4c2a6fac361539

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 78c9578709f928e9d2141262daae983b
SHA1 e94369f01e1c9713f73547b4f42af87e7b846d3a
SHA256 7b579bf34b9bec164f3c3f039b3cae96b36740ed6dcb142fdafbe4bdc6fdf850
SHA512 c681475f48bfa08af5cf35b82bec1e49c7f91085c1b3c31b14895b9db7efc55810e719ed963b5a997d984b4db036c16fb5239a3d1d70c9638b81d27f3444f1dc