xworm | b50d25c24ba5f1f096e883b3a9970d2c080afb37dfe2f55a25a1c7ed3ca36505

Analysis

max time kernel
59s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
13-11-2024 19:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SAM X222C#.exe
Size

3.3MB
MD5

918951c4657e9cdf39ac1b275bfd2e95
SHA1

7323e59b2c4d60b6639bfcba11f4c02bcb94e347
SHA256

b50d25c24ba5f1f096e883b3a9970d2c080afb37dfe2f55a25a1c7ed3ca36505
SHA512

438c7554d8b72db63d598085b2c6fae9bfa1895154ebbaf96a5d2a498459b9a3516611613515f04dbc198edb8b2d7ce2ce63975064f28af63f3efa1e50e3e0d7
SSDEEP

98304:n5rc//PaUFOFWiRbNqz1xC4fkkbcZvqaVRn0:oi1Bc144M5vqaPn0

Score

10^/10

xworm discovery execution persistence rat trojan

Malware Config

Extracted

Family

xworm

147.185.221.23:25808

Attributes

Install_directory
%LocalAppData%
install_file
Realtek HD Audio Universal Service.exe

Signatures

Detect Xworm Payload 2 IoCs

resource	yara_rule
behavioral2/files/0x000d000000023b3c-4.dat	family_xworm
behavioral2/memory/412-12-0x0000000000330000-0x000000000034A000-memory.dmp	family_xworm

Xworm
Xworm is a remote access trojan written in C#.
trojan rat xworm
Xworm family
xworm

Command and Scripting Interpreter: PowerShell 1 TTPs 4 IoCs

Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

execution

PowerShell

T1059.001

pid	Process
3800	powershell.exe
4224	powershell.exe
3640	powershell.exe
316	powershell.exe

Checks computer location settings 2 TTPs 64 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe
Key value queried	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation	SAM X222C#.exe

Executes dropped EXE 64 IoCs

pid	Process
412	Realtek HD Audio Universal Service.exe
4224	Realtek HD Audio Universal Service.exe
4644	Realtek HD Audio Universal Service.exe
3300	Realtek HD Audio Universal Service.exe
3732	Realtek HD Audio Universal Service.exe
1016	Realtek HD Audio Universal Service.exe
3156	Realtek HD Audio Universal Service.exe
3624	Realtek HD Audio Universal Service.exe
2448	Realtek HD Audio Universal Service.exe
2132	Realtek HD Audio Universal Service.exe
372	Realtek HD Audio Universal Service.exe
4524	Realtek HD Audio Universal Service.exe
4740	Realtek HD Audio Universal Service.exe
4000	Realtek HD Audio Universal Service.exe
1592	Realtek HD Audio Universal Service.exe
2828	Realtek HD Audio Universal Service.exe
3440	Realtek HD Audio Universal Service.exe
2496	Realtek HD Audio Universal Service.exe
2912	Realtek HD Audio Universal Service.exe
3500	Realtek HD Audio Universal Service.exe
4512	Realtek HD Audio Universal Service.exe
868	Realtek HD Audio Universal Service.exe
4896	Realtek HD Audio Universal Service.exe
1848	Realtek HD Audio Universal Service.exe
2116	Realtek HD Audio Universal Service.exe
844	Realtek HD Audio Universal Service.exe
244	Realtek HD Audio Universal Service.exe
640	Realtek HD Audio Universal Service.exe
3748	Realtek HD Audio Universal Service.exe
4352	Realtek HD Audio Universal Service.exe
2476	Realtek HD Audio Universal Service.exe
2556	Realtek HD Audio Universal Service.exe
4196	Realtek HD Audio Universal Service.exe
4936	Realtek HD Audio Universal Service.exe
2724	Realtek HD Audio Universal Service.exe
2492	Realtek HD Audio Universal Service.exe
1068	Realtek HD Audio Universal Service.exe
4904	Realtek HD Audio Universal Service.exe
1644	Realtek HD Audio Universal Service.exe
4388	Realtek HD Audio Universal Service.exe
1564	Realtek HD Audio Universal Service.exe
1328	Realtek HD Audio Universal Service.exe
3036	Realtek HD Audio Universal Service.exe
4628	Realtek HD Audio Universal Service.exe
1084	Realtek HD Audio Universal Service.exe
4456	Realtek HD Audio Universal Service.exe
1760	Realtek HD Audio Universal Service.exe
544	Realtek HD Audio Universal Service.exe
4360	Realtek HD Audio Universal Service.exe
2904	Realtek HD Audio Universal Service.exe
1088	Realtek HD Audio Universal Service.exe
2212	Realtek HD Audio Universal Service.exe
4092	Realtek HD Audio Universal Service.exe
2960	Realtek HD Audio Universal Service.exe
2900	Realtek HD Audio Universal Service.exe
2840	Realtek HD Audio Universal Service.exe
4212	Realtek HD Audio Universal Service.exe
4048	Realtek HD Audio Universal Service.exe
4144	Realtek HD Audio Universal Service.exe
3560	Realtek HD Audio Universal Service.exe
5068	Realtek HD Audio Universal Service.exe
4100	Realtek HD Audio Universal Service.exe
4740	Realtek HD Audio Universal Service.exe
2476	Realtek HD Audio Universal Service.exe

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Realtek HD Audio Universal Service = "C:\\Users\\Admin\\AppData\\Local\\Realtek HD Audio Universal Service.exe"	Realtek HD Audio Universal Service.exe

Looks up external IP address via web service 1 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
14	ip-api.com

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SAM X222C#.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
3800	powershell.exe
3800	powershell.exe
3800	powershell.exe
4224	powershell.exe
4224	powershell.exe
4224	powershell.exe
3640	powershell.exe
3640	powershell.exe
3640	powershell.exe
316	powershell.exe
316	powershell.exe
316	powershell.exe
412	Realtek HD Audio Universal Service.exe
412	Realtek HD Audio Universal Service.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	412	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4224	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4644	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3300	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3732	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1016	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3156	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3624	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2448	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2132	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	372	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4524	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4740	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4000	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1592	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2828	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3440	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2496	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2912	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3500	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4512	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	868	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4896	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1848	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2116	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	844	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	244	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	640	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3748	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4352	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2476	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2556	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3800	powershell.exe
Token: SeDebugPrivilege	4196	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4936	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2724	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4224	powershell.exe
Token: SeDebugPrivilege	2492	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1068	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4904	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3640	powershell.exe
Token: SeDebugPrivilege	1644	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4388	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	316	powershell.exe
Token: SeDebugPrivilege	1564	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1328	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3036	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4628	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1084	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4456	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1760	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	544	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4360	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2904	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1088	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2212	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4092	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2960	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2900	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2840	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4212	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4048	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	4144	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	3560	Realtek HD Audio Universal Service.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
412	Realtek HD Audio Universal Service.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4764 wrote to memory of 412	4764	SAM X222C#.exe	84
PID 4764 wrote to memory of 412	4764	SAM X222C#.exe	84
PID 4764 wrote to memory of 1064	4764	SAM X222C#.exe	85
PID 4764 wrote to memory of 1064	4764	SAM X222C#.exe	85
PID 4764 wrote to memory of 1064	4764	SAM X222C#.exe	85
PID 1064 wrote to memory of 4224	1064	SAM X222C#.exe	86
PID 1064 wrote to memory of 4224	1064	SAM X222C#.exe	86
PID 1064 wrote to memory of 1856	1064	SAM X222C#.exe	87
PID 1064 wrote to memory of 1856	1064	SAM X222C#.exe	87
PID 1064 wrote to memory of 1856	1064	SAM X222C#.exe	87
PID 1856 wrote to memory of 4644	1856	SAM X222C#.exe	89
PID 1856 wrote to memory of 4644	1856	SAM X222C#.exe	89
PID 1856 wrote to memory of 508	1856	SAM X222C#.exe	90
PID 1856 wrote to memory of 508	1856	SAM X222C#.exe	90
PID 1856 wrote to memory of 508	1856	SAM X222C#.exe	90
PID 508 wrote to memory of 3300	508	SAM X222C#.exe	91
PID 508 wrote to memory of 3300	508	SAM X222C#.exe	91
PID 508 wrote to memory of 2440	508	SAM X222C#.exe	93
PID 508 wrote to memory of 2440	508	SAM X222C#.exe	93
PID 508 wrote to memory of 2440	508	SAM X222C#.exe	93
PID 2440 wrote to memory of 3732	2440	SAM X222C#.exe	94
PID 2440 wrote to memory of 3732	2440	SAM X222C#.exe	94
PID 2440 wrote to memory of 3540	2440	SAM X222C#.exe	95
PID 2440 wrote to memory of 3540	2440	SAM X222C#.exe	95
PID 2440 wrote to memory of 3540	2440	SAM X222C#.exe	95
PID 3540 wrote to memory of 1016	3540	SAM X222C#.exe	96
PID 3540 wrote to memory of 1016	3540	SAM X222C#.exe	96
PID 3540 wrote to memory of 2040	3540	SAM X222C#.exe	97
PID 3540 wrote to memory of 2040	3540	SAM X222C#.exe	97
PID 3540 wrote to memory of 2040	3540	SAM X222C#.exe	97
PID 2040 wrote to memory of 3156	2040	SAM X222C#.exe	98
PID 2040 wrote to memory of 3156	2040	SAM X222C#.exe	98
PID 2040 wrote to memory of 2052	2040	SAM X222C#.exe	99
PID 2040 wrote to memory of 2052	2040	SAM X222C#.exe	99
PID 2040 wrote to memory of 2052	2040	SAM X222C#.exe	99
PID 2052 wrote to memory of 3624	2052	SAM X222C#.exe	181
PID 2052 wrote to memory of 3624	2052	SAM X222C#.exe	181
PID 2052 wrote to memory of 3532	2052	SAM X222C#.exe	101
PID 2052 wrote to memory of 3532	2052	SAM X222C#.exe	101
PID 2052 wrote to memory of 3532	2052	SAM X222C#.exe	101
PID 3532 wrote to memory of 2448	3532	SAM X222C#.exe	102
PID 3532 wrote to memory of 2448	3532	SAM X222C#.exe	102
PID 3532 wrote to memory of 2964	3532	SAM X222C#.exe	103
PID 3532 wrote to memory of 2964	3532	SAM X222C#.exe	103
PID 3532 wrote to memory of 2964	3532	SAM X222C#.exe	103
PID 2964 wrote to memory of 2132	2964	SAM X222C#.exe	104
PID 2964 wrote to memory of 2132	2964	SAM X222C#.exe	104
PID 2964 wrote to memory of 2752	2964	SAM X222C#.exe	105
PID 2964 wrote to memory of 2752	2964	SAM X222C#.exe	105
PID 2964 wrote to memory of 2752	2964	SAM X222C#.exe	105
PID 2752 wrote to memory of 372	2752	SAM X222C#.exe	106
PID 2752 wrote to memory of 372	2752	SAM X222C#.exe	106
PID 2752 wrote to memory of 764	2752	SAM X222C#.exe	107
PID 2752 wrote to memory of 764	2752	SAM X222C#.exe	107
PID 2752 wrote to memory of 764	2752	SAM X222C#.exe	107
PID 764 wrote to memory of 4524	764	SAM X222C#.exe	108
PID 764 wrote to memory of 4524	764	SAM X222C#.exe	108
PID 764 wrote to memory of 1168	764	SAM X222C#.exe	109
PID 764 wrote to memory of 1168	764	SAM X222C#.exe	109
PID 764 wrote to memory of 1168	764	SAM X222C#.exe	109
PID 1168 wrote to memory of 4740	1168	SAM X222C#.exe	223
PID 1168 wrote to memory of 4740	1168	SAM X222C#.exe	223
PID 1168 wrote to memory of 2024	1168	SAM X222C#.exe	111
PID 1168 wrote to memory of 2024	1168	SAM X222C#.exe	111

C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
"C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:4764
- C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
  "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
  2⤵
  - Executes dropped EXE
  - Adds Run key to start application
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of SetWindowsHookEx
  PID:412
- - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe'
    3⤵
    - Command and Scripting Interpreter: PowerShell
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:3800
- - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'Realtek HD Audio Universal Service.exe'
    3⤵
    - Command and Scripting Interpreter: PowerShell
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:4224
- - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Realtek HD Audio Universal Service.exe'
    3⤵
    - Command and Scripting Interpreter: PowerShell
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:3640
- - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'Realtek HD Audio Universal Service.exe'
    3⤵
    - Command and Scripting Interpreter: PowerShell
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:316
- C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
  "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:1064
- - C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
    "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
    3⤵
    - Executes dropped EXE
    - Suspicious use of AdjustPrivilegeToken
    PID:4224
- - C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
    "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:1856
  - - C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
      "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
      4⤵
      Executes dropped EXE
      Suspicious use of AdjustPrivilegeToken
      PID:4644
  - - C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
      "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
      4⤵
      Suspicious use of WriteProcessMemory
      PID:508
    - - C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3300
    - - C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:2440
      - C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        6⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3732
      - C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        6⤵
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:3540
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        7⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        7⤵
        Checks computer location settings
        Suspicious use of WriteProcessMemory
        
        PID:2040
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        8⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3156
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        9⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        10⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        11⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2132
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        12⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:372
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        12⤵
        Checks computer location settings
        Suspicious use of WriteProcessMemory
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        13⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:1168
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        14⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4740
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        14⤵
        System Location Discovery: System Language Discovery
        
        PID:2024
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        15⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        15⤵
        
        PID:2896
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        16⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        16⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        17⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2828
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        17⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        18⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        18⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        19⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2496
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        19⤵
        
        PID:4648
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        20⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        20⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        21⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3500
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        21⤵
        
        PID:3612
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        22⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        22⤵
        
        PID:3640
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        23⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        23⤵
        
        PID:4400
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        24⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4896
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        24⤵
        
        PID:4688
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        25⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1848
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        25⤵
        Checks computer location settings
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        26⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        26⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        27⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:844
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        27⤵
        
        PID:4544
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        28⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:244
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        28⤵
        System Location Discovery: System Language Discovery
        
        PID:3980
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        29⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:640
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        29⤵
        
        PID:4920
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        30⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        30⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        31⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4352
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        31⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        32⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        32⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        33⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        33⤵
        
        PID:724
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        34⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4196
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        34⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        35⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        35⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        36⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        36⤵
        
        PID:3340
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        37⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2492
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        37⤵
        System Location Discovery: System Language Discovery
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        38⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1068
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        38⤵
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        39⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4904
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        39⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:4212
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        40⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1644
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        40⤵
        Checks computer location settings
        
        PID:3616
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        41⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        41⤵
        Checks computer location settings
        
        PID:64
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        42⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1564
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        42⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:2672
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        43⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        43⤵
        System Location Discovery: System Language Discovery
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        44⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3036
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        44⤵
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        45⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4628
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        45⤵
        Checks computer location settings
        
        PID:4500
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        46⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        46⤵
        Checks computer location settings
        
        PID:656
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        47⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        47⤵
        System Location Discovery: System Language Discovery
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        48⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        48⤵
        Checks computer location settings
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        49⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:544
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        49⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        50⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4360
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        50⤵
        System Location Discovery: System Language Discovery
        
        PID:460
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        51⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2904
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        51⤵
        
        PID:2240
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        52⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1088
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        52⤵
        Checks computer location settings
        
        PID:2948
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        53⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        53⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        54⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        54⤵
        Checks computer location settings
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        55⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        55⤵
        System Location Discovery: System Language Discovery
        
        PID:3212
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        56⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        56⤵
        Checks computer location settings
        
        PID:1848
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        57⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        57⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        58⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4212
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        58⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        59⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4048
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        59⤵
        System Location Discovery: System Language Discovery
        
        PID:3512
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        60⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:4144
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        60⤵
        System Location Discovery: System Language Discovery
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        61⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:3560
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        61⤵
        
        PID:1216
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        62⤵
        Executes dropped EXE
        
        PID:5068
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        62⤵
        
        PID:3524
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        63⤵
        Executes dropped EXE
        
        PID:4100
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        63⤵
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        64⤵
        Executes dropped EXE
        
        PID:4740
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        64⤵
        System Location Discovery: System Language Discovery
        
        PID:3340
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        65⤵
        Executes dropped EXE
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        65⤵
        System Location Discovery: System Language Discovery
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        66⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        66⤵
        System Location Discovery: System Language Discovery
        
        PID:1816
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        67⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        67⤵
        
        PID:1248
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        68⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        68⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        69⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        69⤵
        
        PID:4612
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        70⤵
        
        PID:3612
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        70⤵
        Checks computer location settings
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        71⤵
        
        PID:2492
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        71⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        72⤵
        
        PID:3272
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        72⤵
        
        PID:1728
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        73⤵
        
        PID:588
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        73⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        74⤵
        
        PID:212
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        74⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        75⤵
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        75⤵
        Checks computer location settings
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        76⤵
        
        PID:4564
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        76⤵
        
        PID:3656
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        77⤵
        
        PID:3988
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        77⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        78⤵
        
        PID:760
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        78⤵
        
        PID:1172
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        79⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        79⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        80⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        80⤵
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        81⤵
        
        PID:1868
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        81⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        82⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        82⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        83⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        83⤵
        Checks computer location settings
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        84⤵
        
        PID:4732
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        84⤵
        Checks computer location settings
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        85⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        85⤵
        System Location Discovery: System Language Discovery
        
        PID:4284
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        86⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        86⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        87⤵
        
        PID:4316
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        87⤵
        Checks computer location settings
        
        PID:3284
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        88⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        88⤵
        System Location Discovery: System Language Discovery
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        89⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        89⤵
        
        PID:4408
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        90⤵
        
        PID:4648
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        90⤵
        
        PID:724
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        91⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        91⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        92⤵
        
        PID:4580
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        92⤵
        Checks computer location settings
        
        PID:3436
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        93⤵
        
        PID:208
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        93⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        94⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        94⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        95⤵
        
        PID:2136
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        95⤵
        System Location Discovery: System Language Discovery
        
        PID:4740
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        96⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        96⤵
        Checks computer location settings
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        97⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        97⤵
        Checks computer location settings
        
        PID:4972
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        98⤵
        
        PID:4500
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        98⤵
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        99⤵
        
        PID:3936
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        99⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        100⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        100⤵
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        101⤵
        
        PID:460
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        101⤵
        
        PID:1068
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        102⤵
        
        PID:2952
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        102⤵
        
        PID:1420
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        103⤵
        
        PID:4640
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        103⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        104⤵
        
        PID:2044
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        104⤵
        
        PID:4884
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        105⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        105⤵
        
        PID:4128
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        106⤵
        
        PID:3292
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        106⤵
        Checks computer location settings
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        107⤵
        
        PID:688
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        107⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        108⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        108⤵
        System Location Discovery: System Language Discovery
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        109⤵
        
        PID:4348
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        109⤵
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        110⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        110⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        111⤵
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        111⤵
        Checks computer location settings
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        112⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        112⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        113⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        113⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        114⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        114⤵
        
        PID:5036
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        115⤵
        
        PID:1428
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        115⤵
        Checks computer location settings
        
        PID:1816
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        116⤵
        
        PID:112
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        116⤵
        System Location Discovery: System Language Discovery
        
        PID:700
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        117⤵
        
        PID:4628
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        117⤵
        
        PID:4528
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        118⤵
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        118⤵
        System Location Discovery: System Language Discovery
        
        PID:3388
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        119⤵
        
        PID:4972
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        119⤵
        System Location Discovery: System Language Discovery
        
        PID:1908
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        120⤵
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        120⤵
        
        PID:5068
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        121⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        121⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:3132
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        122⤵
        
        PID:5004
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        122⤵
        
        PID:208
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        123⤵
        
        PID:4732
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        123⤵
        Checks computer location settings
        
        PID:4584
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        124⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        124⤵
        System Location Discovery: System Language Discovery
        
        PID:3656
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        125⤵
        
        PID:4728
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        125⤵
        Checks computer location settings
        
        PID:3652
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        126⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        126⤵
        
        PID:544
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        127⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        127⤵
        System Location Discovery: System Language Discovery
        
        PID:4572
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        128⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        128⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        129⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        129⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        130⤵
        
        PID:4808
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        130⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        131⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        131⤵
        Checks computer location settings
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        132⤵
        
        PID:4920
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        132⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        133⤵
        
        PID:4580
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        133⤵
        Checks computer location settings
        
        PID:3212
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        134⤵
        
        PID:4856
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        134⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        135⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        135⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        136⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        136⤵
        System Location Discovery: System Language Discovery
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        137⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        137⤵
        
        PID:4700
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        138⤵
        
        PID:4712
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        138⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        139⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        139⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        140⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        140⤵
        
        PID:3340
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        141⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        141⤵
        Checks computer location settings
        
        PID:700
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        142⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        142⤵
        System Location Discovery: System Language Discovery
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        143⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        143⤵
        System Location Discovery: System Language Discovery
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        144⤵
        
        PID:4648
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        144⤵
        
        PID:3284
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        145⤵
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        145⤵
        System Location Discovery: System Language Discovery
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        146⤵
        
        PID:752
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        146⤵
        System Location Discovery: System Language Discovery
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        147⤵
        
        PID:3488
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        147⤵
        Checks computer location settings
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        148⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        148⤵
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        149⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        149⤵
        Checks computer location settings
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        150⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        150⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        151⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        151⤵
        
        PID:4348
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        152⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        152⤵
        
        PID:4192
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        153⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        153⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        154⤵
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        154⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        155⤵
        
        PID:4704
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        155⤵
        System Location Discovery: System Language Discovery
        
        PID:2392
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        156⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        156⤵
        
        PID:3272
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        157⤵
        
        PID:4208
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        157⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        158⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        158⤵
        
        PID:3036
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        159⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        159⤵
        Checks computer location settings
        
        PID:4072
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        160⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        160⤵
        
        PID:4580
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        161⤵
        
        PID:4856
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        161⤵
        
        PID:5004
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        162⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        162⤵
        Checks computer location settings
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        163⤵
        
        PID:964
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        163⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        164⤵
        
        PID:3804
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        164⤵
        
        PID:3612
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        165⤵
        
        PID:3672
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        165⤵
        
        PID:3652
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        166⤵
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        166⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        167⤵
        
        PID:1564
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        167⤵
        Checks computer location settings
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        168⤵
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        168⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        169⤵
        
        PID:212
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        169⤵
        
        PID:460
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        170⤵
        
        PID:4808
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        170⤵
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        171⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        171⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        172⤵
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        172⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        173⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        173⤵
        
        PID:3112
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        174⤵
        
        PID:2720
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        174⤵
        
        PID:3132
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        175⤵
        
        PID:4360
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        175⤵
        
        PID:4244
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        176⤵
        
        PID:4948
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        176⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        177⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        177⤵
        System Location Discovery: System Language Discovery
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        178⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        178⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        179⤵
        
        PID:4192
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        179⤵
        
        PID:3652
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        180⤵
        
        PID:5036
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        180⤵
        
        PID:4732
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        181⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        181⤵
        Checks computer location settings
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        182⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        182⤵
        Checks computer location settings
        
        PID:668
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        183⤵
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        183⤵
        System Location Discovery: System Language Discovery
        
        PID:3332
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        184⤵
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        184⤵
        Checks computer location settings
        
        PID:4528
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        185⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        185⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        186⤵
        
        PID:3732
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        186⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        187⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        187⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        188⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        188⤵
        Checks computer location settings
        
        PID:4860
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        189⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        189⤵
        
        PID:2552
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        190⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        190⤵
        
        PID:4144
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        191⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        191⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        192⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        192⤵
        
        PID:3340
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        193⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        193⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        194⤵
        
        PID:3736
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        194⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        195⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        195⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        196⤵
        
        PID:656
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        196⤵
        
        PID:4720
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        197⤵
        
        PID:4404
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        197⤵
        Checks computer location settings
        
        PID:4760
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        198⤵
        
        PID:5044
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        198⤵
        Checks computer location settings
        
        PID:4596
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        199⤵
        
        PID:2452
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        199⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        200⤵
        
        PID:4628
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        200⤵
        
        PID:1072
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        201⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        201⤵
        System Location Discovery: System Language Discovery
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        202⤵
        
        PID:844
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        202⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        203⤵
        
        PID:1492
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        203⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        204⤵
        
        PID:3936
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        204⤵
        System Location Discovery: System Language Discovery
        
        PID:3928
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        205⤵
        
        PID:5052
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        205⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:1716
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        206⤵
        
        PID:2896
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        206⤵
        Checks computer location settings
        
        PID:1848
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        207⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        207⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        208⤵
        
        PID:4124
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        208⤵
        
        PID:4720
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        209⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        209⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        210⤵
        
        PID:3156
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        210⤵
        System Location Discovery: System Language Discovery
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        211⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        211⤵
        
        PID:3208
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        212⤵
        
        PID:4856
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        212⤵
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        213⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        213⤵
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        214⤵
        
        PID:4128
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        214⤵
        Checks computer location settings
        
        PID:544
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        215⤵
        
        PID:2044
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        215⤵
        
        PID:3132
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        216⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        216⤵
        System Location Discovery: System Language Discovery
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        217⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        217⤵
        
        PID:4764
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        218⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        218⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        219⤵
        
        PID:964
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        219⤵
        Checks computer location settings
        
        PID:3136
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        220⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        220⤵
        
        PID:2536
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        221⤵
        
        PID:4720
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        221⤵
        Checks computer location settings
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        222⤵
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        222⤵
        
        PID:4648
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        223⤵
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        223⤵
        System Location Discovery: System Language Discovery
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        224⤵
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        224⤵
        System Location Discovery: System Language Discovery
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        225⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        225⤵
        
        PID:4860
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        226⤵
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        226⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        227⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        227⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        228⤵
        
        PID:4564
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        228⤵
        System Location Discovery: System Language Discovery
        
        PID:544
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        229⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        229⤵
        
        PID:5004
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        230⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        230⤵
        
        PID:3628
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        231⤵
        
        PID:4384
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        231⤵
        Checks computer location settings
        
        PID:2896
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        232⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        232⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        233⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        233⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        234⤵
        
        PID:4348
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        234⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:5036
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        235⤵
        
        PID:460
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        235⤵
        
        PID:4596
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        236⤵
        
        PID:4704
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        236⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        237⤵
        
        PID:2240
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        237⤵
        
        PID:3436
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        238⤵
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        238⤵
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        239⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        239⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        240⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        240⤵
        
        PID:64
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        241⤵
        
        PID:3268
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        241⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        242⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        242⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        243⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        243⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        244⤵
        
        PID:3288
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        244⤵
        Checks computer location settings
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        245⤵
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        245⤵
        System Location Discovery: System Language Discovery
        
        PID:4948
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        246⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        246⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        247⤵
        
        PID:3212
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        247⤵
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        248⤵
        
        PID:1848
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        248⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        249⤵
        
        PID:1460
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        249⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        250⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        250⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        251⤵
        
        PID:3208
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        251⤵
        System Location Discovery: System Language Discovery
        
        PID:3236
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        252⤵
        
        PID:4728
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        252⤵
        Checks computer location settings
        
        PID:3284
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        253⤵
        
        PID:1072
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        253⤵
        Checks computer location settings
        
        PID:4808
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        254⤵
        
        PID:3840
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        254⤵
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        255⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        255⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        256⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        256⤵
        System Location Discovery: System Language Discovery
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        257⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        257⤵
        
        PID:372
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        258⤵
        
        PID:4352
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        258⤵
        
        PID:3652
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        259⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        259⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        260⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        260⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        261⤵
        
        PID:3400
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        261⤵
        
        PID:4100
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        262⤵
        
        PID:2748
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        262⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        263⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        263⤵
        System Location Discovery: System Language Discovery
        
        PID:5012
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        264⤵
        
        PID:2492
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        264⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        265⤵
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        265⤵
        
        PID:1248
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        266⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        266⤵
        
        PID:4612
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        267⤵
        
        PID:5092
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        267⤵
        System Location Discovery: System Language Discovery
        
        PID:1420
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        268⤵
        
        PID:3268
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        268⤵
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        269⤵
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        269⤵
        
        PID:1728
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        270⤵
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        270⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        271⤵
        
        PID:3288
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        271⤵
        Checks computer location settings
        
        PID:4244
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        272⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        272⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        273⤵
        
        PID:3664
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        273⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        274⤵
        
        PID:2024
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        274⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        275⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        275⤵
        
        PID:3136
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        276⤵
        
        PID:4584
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        276⤵
        System Location Discovery: System Language Discovery
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        277⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        277⤵
        System Location Discovery: System Language Discovery
        
        PID:3736
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        278⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        278⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        279⤵
        
        PID:4648
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        279⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        280⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        280⤵
        System Location Discovery: System Language Discovery
        
        PID:1224
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        281⤵
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        281⤵
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        282⤵
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        282⤵
        
        PID:3156
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        283⤵
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        283⤵
        System Location Discovery: System Language Discovery
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        284⤵
        
        PID:3896
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        284⤵
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        285⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        285⤵
        
        PID:3236
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        286⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        286⤵
        
        PID:1088
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        287⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        287⤵
        Checks computer location settings
        
        PID:4964
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        288⤵
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        288⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        289⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        289⤵
        System Location Discovery: System Language Discovery
        
        PID:4948
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        290⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        290⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        291⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        291⤵
        
        PID:1796
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        292⤵
        
        PID:644
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        292⤵
        System Location Discovery: System Language Discovery
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        293⤵
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        293⤵
        Checks computer location settings
        System Location Discovery: System Language Discovery
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        294⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        294⤵
        
        PID:3208
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        295⤵
        
        PID:876
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        295⤵
        Checks computer location settings
        
        PID:764
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        296⤵
        
        PID:4920
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        296⤵
        
        PID:4712
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        297⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        297⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        298⤵
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        298⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        299⤵
        
        PID:2044
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        299⤵
        
        PID:2452
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        300⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        300⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        301⤵
        
        PID:4384
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        301⤵
        
        PID:844
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        302⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        302⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        303⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        303⤵
        
        PID:2428
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        304⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        304⤵
        
        PID:4584
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        305⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        305⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        306⤵
        
        PID:1132
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        306⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        307⤵
        
        PID:5060
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        307⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        308⤵
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        308⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        309⤵
        
        PID:1072
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        309⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        310⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        310⤵
        
        PID:964
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        311⤵
        
        PID:5092
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        311⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        312⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        312⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        313⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        313⤵
        
        PID:1716
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        314⤵
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        314⤵
        
        PID:2132
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        315⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        315⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        316⤵
        
        PID:112
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        316⤵
        
        PID:3048
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        317⤵
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        317⤵
        
        PID:4580
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        318⤵
        
        PID:844
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        318⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        319⤵
        
        PID:1848
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        319⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        320⤵
        
        PID:3132
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        320⤵
        
        PID:1872
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        321⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        321⤵
        
        PID:2748
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        322⤵
        
        PID:1908
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        322⤵
        
        PID:3848
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        323⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        323⤵
        
        PID:4192
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        324⤵
        
        PID:5068
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        324⤵
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        325⤵
        
        PID:1424
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        325⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        326⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        326⤵
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        327⤵
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        327⤵
        
        PID:2952
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        328⤵
        
        PID:4224
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        328⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        329⤵
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        329⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        330⤵
        
        PID:4596
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        330⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        331⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        331⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        332⤵
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        332⤵
        
        PID:1068
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        333⤵
        
        PID:3464
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        333⤵
        
        PID:4452
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        334⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        334⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        335⤵
        
        PID:1420
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        335⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        336⤵
        
        PID:2748
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        336⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        337⤵
        
        PID:3848
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        337⤵
        
        PID:4184
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        338⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        338⤵
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        339⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        339⤵
        
        PID:4144
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        340⤵
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        340⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        341⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        341⤵
        
        PID:3616
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        342⤵
        
        PID:4076
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        342⤵
        
        PID:3612
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        343⤵
        
        PID:688
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        343⤵
        
        PID:4688
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        344⤵
        
        PID:4824
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        344⤵
        
        PID:1716
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        345⤵
        
        PID:816
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        345⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        346⤵
        
        PID:3156
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        346⤵
        
        PID:3048
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        347⤵
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        347⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        348⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        348⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        349⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        349⤵
        
        PID:2136
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        350⤵
        
        PID:840
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        350⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        351⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        351⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        352⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        352⤵
        
        PID:4744
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        353⤵
        
        PID:4700
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        353⤵
        
        PID:3652
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        354⤵
        
        PID:5060
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        354⤵
        
        PID:460
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        355⤵
        
        PID:4184
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        355⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        356⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        356⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        357⤵
        
        PID:2240
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        357⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        358⤵
        
        PID:5092
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        358⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        359⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        359⤵
        
        PID:4224
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        360⤵
        
        PID:4688
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        360⤵
        
        PID:4924
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        361⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        361⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        362⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        362⤵
        
        PID:2720
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        363⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        363⤵
        
        PID:212
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        364⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        364⤵
        
        PID:232
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        365⤵
        
        PID:844
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        365⤵
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        366⤵
        
        PID:2136
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        366⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        367⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        367⤵
        
        PID:3332
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        368⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        368⤵
        
        PID:4744
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        369⤵
        
        PID:5068
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        369⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        370⤵
        
        PID:4056
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        370⤵
        
        PID:512
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        371⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        371⤵
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        372⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        372⤵
        
        PID:4216
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        373⤵
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        373⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        374⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        374⤵
        
        PID:4572
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        375⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        375⤵
        
        PID:4404
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        376⤵
        
        PID:4628
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        376⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        377⤵
        
        PID:772
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        377⤵
        
        PID:3320
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        378⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        378⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        379⤵
        
        PID:2396
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        379⤵
        
        PID:3664
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        380⤵
        
        PID:232
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        380⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        381⤵
        
        PID:1508
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        381⤵
        
        PID:1848
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        382⤵
        
        PID:1040
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        382⤵
        
        PID:840
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        383⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        383⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        384⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        384⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        385⤵
        
        PID:4972
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        385⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        386⤵
        
        PID:4100
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        386⤵
        
        PID:1132
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        387⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        387⤵
        
        PID:3736
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        388⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        388⤵
        
        PID:1424
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        389⤵
        
        PID:1012
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        389⤵
        
        PID:3656
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        390⤵
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        390⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        391⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        391⤵
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        392⤵
        
        PID:2044
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        392⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        393⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        393⤵
        
        PID:4572
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        394⤵
        
        PID:4224
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        394⤵
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        395⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        395⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        396⤵
        
        PID:3320
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        396⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        397⤵
        
        PID:2232
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        397⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        398⤵
        
        PID:4140
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        398⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        399⤵
        
        PID:4344
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        399⤵
        
        PID:4764
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        400⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        400⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        401⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        401⤵
        
        PID:3524
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        402⤵
        
        PID:1764
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        402⤵
        
        PID:4900
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        403⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        403⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        404⤵
        
        PID:4184
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        404⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        405⤵
        
        PID:4744
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        405⤵
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        406⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        406⤵
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        407⤵
        
        PID:3436
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        407⤵
        
        PID:4640
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        408⤵
        
        PID:4144
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        408⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        409⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        409⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        410⤵
        
        PID:4028
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        410⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        411⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        411⤵
        
        PID:3108
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        412⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        412⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        413⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        413⤵
        
        PID:2228
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        414⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        414⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        415⤵
        
        PID:3148
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        415⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        416⤵
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        416⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        417⤵
        
        PID:3976
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        417⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        418⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        418⤵
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        419⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        419⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        420⤵
        
        PID:2280
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        420⤵
        
        PID:2672
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        421⤵
        
        PID:1072
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        421⤵
        
        PID:460
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        422⤵
        
        PID:5044
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        422⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        423⤵
        
        PID:3736
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        423⤵
        
        PID:5092
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        424⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        424⤵
        
        PID:3136
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        425⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        425⤵
        
        PID:380
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        426⤵
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        426⤵
        
        PID:4612
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        427⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        427⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        428⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        428⤵
        
        PID:3196
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        429⤵
        
        PID:4572
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        429⤵
        
        PID:3620
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        430⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        430⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        431⤵
        
        PID:4596
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        431⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        432⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        432⤵
        
        PID:4584
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        433⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        433⤵
        
        PID:3144
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        434⤵
        
        PID:752
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        434⤵
        
        PID:3664
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        435⤵
        
        PID:2180
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        435⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        436⤵
        
        PID:432
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        436⤵
        
        PID:3524
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        437⤵
        
        PID:3500
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        437⤵
        
        PID:3816
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        438⤵
        
        PID:3412
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        438⤵
        
        PID:968
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        439⤵
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        439⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        440⤵
        
        PID:3560
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        440⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        441⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        441⤵
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        442⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        442⤵
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        443⤵
        
        PID:4880
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        443⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        444⤵
        
        PID:816
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        444⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        445⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        445⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        446⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        446⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        447⤵
        
        PID:3320
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        447⤵
        
        PID:4636
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        448⤵
        
        PID:1868
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        448⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        449⤵
        
        PID:3400
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        449⤵
        
        PID:3132
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        450⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        450⤵
        
        PID:4992
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        451⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        451⤵
        
        PID:4764
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        452⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        452⤵
        
        PID:3672
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        453⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        453⤵
        
        PID:3848
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        454⤵
        
        PID:4120
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        454⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        455⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        455⤵
        
        PID:3616
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        456⤵
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        456⤵
        
        PID:3712
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        457⤵
        
        PID:4640
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        457⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        458⤵
        
        PID:3656
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        458⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        459⤵
        
        PID:2292
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        459⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        460⤵
        
        PID:4144
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        460⤵
        
        PID:1716
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        461⤵
        
        PID:380
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        461⤵
        
        PID:4572
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        462⤵
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        462⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        463⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        463⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        464⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        464⤵
        
        PID:588
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        465⤵
        
        PID:4860
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        465⤵
        
        PID:4936
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        466⤵
        
        PID:2396
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        466⤵
        
        PID:3372
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        467⤵
        
        PID:4636
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        467⤵
        
        PID:3212
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        468⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        468⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        469⤵
        
        PID:4948
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        469⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        470⤵
        
        PID:3144
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        470⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        471⤵
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        471⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        472⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        472⤵
        
        PID:1308
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        473⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        473⤵
        
        PID:3292
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        474⤵
        
        PID:3272
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        474⤵
        
        PID:3304
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        475⤵
        
        PID:4744
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        475⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        476⤵
        
        PID:64
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        476⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        477⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        477⤵
        
        PID:4712
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        478⤵
        
        PID:1280
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        478⤵
        
        PID:4736
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        479⤵
        
        PID:4180
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        479⤵
        
        PID:4580
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        480⤵
        
        PID:512
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        480⤵
        
        PID:3640
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        481⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        481⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        482⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        482⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        483⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        483⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        484⤵
        
        PID:3152
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        484⤵
        
        PID:208
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        485⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        485⤵
        
        PID:4588
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        486⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        486⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        487⤵
        
        PID:3716
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        487⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        488⤵
        
        PID:1424
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        488⤵
        
        PID:3500
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        489⤵
        
        PID:1556
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        489⤵
        
        PID:1100
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        490⤵
        
        PID:2492
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        490⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        491⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        491⤵
        
        PID:3896
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        492⤵
        
        PID:5068
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        492⤵
        
        PID:4592
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        493⤵
        
        PID:540
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        493⤵
        
        PID:2552
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        494⤵
        
        PID:968
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        494⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        495⤵
        
        PID:316
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        495⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        496⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        496⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        497⤵
        
        PID:3388
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        497⤵
        
        PID:212
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        498⤵
        
        PID:112
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        498⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        499⤵
        
        PID:4972
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        499⤵
        
        PID:5064
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        500⤵
        
        PID:4404
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        500⤵
        
        PID:4612
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        501⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        501⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        502⤵
        
        PID:3620
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        502⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        503⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        503⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        504⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        504⤵
        
        PID:5012
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        505⤵
        
        PID:1764
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        505⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        506⤵
        
        PID:5000
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        506⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        507⤵
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        507⤵
        
        PID:4708
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        508⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        508⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        509⤵
        
        PID:2112
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        509⤵
        
        PID:700
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        510⤵
        
        PID:4700
        
        C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe
        
        "C:\Users\Admin\AppData\Local\Temp\SAM X222C#.exe"
        510⤵
        
        PID:4564

C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe -Embedding
1⤵
PID:1976

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Realtek HD Audio Universal Service.exe.log

Filesize
654B

MD5
2ff39f6c7249774be85fd60a8f9a245e

SHA1
684ff36b31aedc1e587c8496c02722c6698c1c4e

SHA256
e1b91642d85d98124a6a31f710e137ab7fd90dec30e74a05ab7fcf3b7887dced

SHA512
1d7e8b92ef4afd463d62cfa7e8b9d1799db5bf2a263d3cd7840df2e0a1323d24eb595b5f8eb615c6cb15f9e3a7b4fc99f8dd6a3d34479222e966ec708998aed1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log

Filesize
2KB

MD5
d85ba6ff808d9e5444a4b369f5bc2730

SHA1
31aa9d96590fff6981b315e0b391b575e4c0804a

SHA256
84739c608a73509419748e4e20e6cc4e1846056c3fe1929a8300d5a1a488202f

SHA512
8c414eb55b45212af385accc16d9d562adba2123583ce70d22b91161fe878683845512a78f04dedd4ea98ed9b174dbfa98cf696370598ad8e6fbd1e714f1f249

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

Filesize
944B

MD5
e20740b16a962483ca7830bd88384996

SHA1
23b33e29f1214127062ebe4104468a06c618d0c5

SHA256
974a322d3fb5f21e00185898c4f8e0d85e14a219b99c8588027c8012b439f2b0

SHA512
a58174877d59ce40693e4a7be3d8863610a34d10bb7b968a13e048cc013daf2bacc8c6b4bac938a736fab32ed3065188fe9d0957092fab80e403ab5641ed1acf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

Filesize
944B

MD5
77d622bb1a5b250869a3238b9bc1402b

SHA1
d47f4003c2554b9dfc4c16f22460b331886b191b

SHA256
f97ff12a8abf4bf88bb6497bd2ac2da12628c8847a8ba5a9026bdbb76507cdfb

SHA512
d6789b5499f23c9035375a102271e17a8a82e57d6f5312fa24242e08a83efdeb8becb7622f55c4cf1b89c7d864b445df11f4d994cf7e2f87a900535bcca12fd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

Filesize
944B

MD5
58fdae75bcba6feff3dc0097f5bdefb4

SHA1
95af1c2245c6ac40674d09557d87aa0be1011a5b

SHA256
9fd4adf8cea17b66d01274acd6dde48e5cf89126fb9646a8defa58f20d860124

SHA512
ac62e2fa297f10761da2f202cdafc7251c3b77b50575d223b93e044288b0233c46c2c05399b09f16ea4ceedf03847df4973d9e2e4af0d6d0e970d5ab9ff9ae9d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe

Filesize
79KB

MD5
066d90fb1d671648842a3b46622eb7ce

SHA1
6d0949bd4f494c9f8d80b705a79cfa9038c80e51

SHA256
8d2cf02c3005fb4bb7058df1f3a2e24b98077a8c5a8aab5c8184f4aa9ed951d8

SHA512
b22c8910e501de5fcb8e6197552396285366c9b43c4c6df4387b95a28830bf13a6ce634aadbf79e71b83879d19132c63414da5c5059edaa33be6bb71cee32745

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_3fqhjacx.rem.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
memory/316-105-0x000001BDB0350000-0x000001BDB0398000-memory.dmp

Filesize
288KB

Download
memory/412-39-0x00007FFD35CE0000-0x00007FFD367A1000-memory.dmp

Filesize
10.8MB

Download
memory/412-12-0x0000000000330000-0x000000000034A000-memory.dmp

Filesize
104KB

Download
memory/412-11-0x00007FFD35CE3000-0x00007FFD35CE5000-memory.dmp

Filesize
8KB

Download
memory/412-123-0x00007FFD35CE0000-0x00007FFD367A1000-memory.dmp

Filesize
10.8MB

Download
memory/3640-91-0x0000023B561B0000-0x0000023B561F8000-memory.dmp

Filesize
288KB

Download
memory/3800-61-0x000001DC2A350000-0x000001DC2A398000-memory.dmp

Filesize
288KB

Download
memory/3800-57-0x000001DC2A3D0000-0x000001DC2A3F2000-memory.dmp

Filesize
136KB

Download