xworm | 132936f10f4245a94e6fc13084b5cbecf2c5462bd9217050dabfb65e17605869

Analysis

max time kernel
15s
max time network
141s
platform
windows7_x64
resource
win7-20241023-en
resource tags

arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
submitted
18/11/2024, 18:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Extra Xiters Premium V5.exe
Size

5.8MB
MD5

41ea3928c2700aeacdc9ed241d9aa033
SHA1

45ada2718ff189d4827d65a91215811cc4146471
SHA256

16203d565fa1fd81e1349b8d168c646cf2455431062ed9f2beac9155b7189883
SHA512

e567d85afec1ab16b8cee7f288a7072a73685414bc6ff3471e2769e73aa9e95f8a84a83aa36d8c157382e9906a26a2a0f9eaa7b2e766e4f41caf0e950e5d3a08
SSDEEP

98304:0ZmXPDwhA4u+aFyUo552ec2PsF1iSREmPsD9poItjZ1V33cEEzcrb1oI97x:0ZkLwhAt+IyZtPsb3Pm9pokZTnKib9x

Score

10^/10

xworm discovery execution persistence rat trojan

Malware Config

Extracted

Family

xworm

Version

5.0

147.185.221.23:53638

147.185.221.20:65300

Mutex

Itj6uNzPbdGmJ8JP

Attributes

Install_directory
%LocalAppData%
install_file
Realtek HD Audio Universal Service.exe

aes.plain

Signatures

Detect Xworm Payload 5 IoCs

resource	yara_rule
behavioral3/files/0x00070000000186e7-3.dat	family_xworm
behavioral3/files/0x00070000000186f1-8.dat	family_xworm
behavioral3/memory/2296-17-0x00000000002B0000-0x00000000002C0000-memory.dmp	family_xworm
behavioral3/memory/1488-16-0x00000000011E0000-0x00000000011FA000-memory.dmp	family_xworm
behavioral3/memory/3020-124-0x00000000777E0000-0x00000000778FF000-memory.dmp	family_xworm

Xworm
Xworm is a remote access trojan written in C#.
trojan rat xworm
Xworm family
xworm

Command and Scripting Interpreter: PowerShell 1 TTPs 8 IoCs

Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

execution

PowerShell

T1059.001

pid	Process
2492	powershell.exe
3252	powershell.exe
3528	powershell.exe
2104	powershell.exe
976	powershell.exe
1976	powershell.exe
3700	powershell.exe
3964	powershell.exe

Drops startup file 4 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Shell Experience Host.lnk	Windows Shell Experience Host.exe
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realtek HD Audio Universal Service.lnk	Realtek HD Audio Universal Service.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realtek HD Audio Universal Service.lnk	Realtek HD Audio Universal Service.exe
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Shell Experience Host.lnk	Windows Shell Experience Host.exe

Executes dropped EXE 64 IoCs

pid	Process
2296	Realtek HD Audio Universal Service.exe
2328	Windows Shell Experience Host.exe
2580	Realtek HD Audio Universal Service.exe
1488	Windows Shell Experience Host.exe
2284	Realtek HD Audio Universal Service.exe
2852	Windows Shell Experience Host.exe
2828	Realtek HD Audio Universal Service.exe
2508	Windows Shell Experience Host.exe
2996	Realtek HD Audio Universal Service.exe
2920	Windows Shell Experience Host.exe
2208	Realtek HD Audio Universal Service.exe
2540	Windows Shell Experience Host.exe
1868	Realtek HD Audio Universal Service.exe
1452	Windows Shell Experience Host.exe
1724	Realtek HD Audio Universal Service.exe
2068	Windows Shell Experience Host.exe
1716	Realtek HD Audio Universal Service.exe
1048	Windows Shell Experience Host.exe
896	Realtek HD Audio Universal Service.exe
1292	Windows Shell Experience Host.exe
2016	Realtek HD Audio Universal Service.exe
2596	Windows Shell Experience Host.exe
2792	Realtek HD Audio Universal Service.exe
2908	Windows Shell Experience Host.exe
2684	Realtek HD Audio Universal Service.exe
2304	Windows Shell Experience Host.exe
2036	Realtek HD Audio Universal Service.exe
1060	Windows Shell Experience Host.exe
1044	Realtek HD Audio Universal Service.exe
1672	Windows Shell Experience Host.exe
2472	Realtek HD Audio Universal Service.exe
344	Windows Shell Experience Host.exe
552	Realtek HD Audio Universal Service.exe
1808	Windows Shell Experience Host.exe
1932	Realtek HD Audio Universal Service.exe
1856	Windows Shell Experience Host.exe
2660	Realtek HD Audio Universal Service.exe
1992	Windows Shell Experience Host.exe
2616	Realtek HD Audio Universal Service.exe
2224	Windows Shell Experience Host.exe
2168	Realtek HD Audio Universal Service.exe
2588	Windows Shell Experience Host.exe
2848	Realtek HD Audio Universal Service.exe
2948	Windows Shell Experience Host.exe
2872	Realtek HD Audio Universal Service.exe
2128	Windows Shell Experience Host.exe
2364	Realtek HD Audio Universal Service.exe
2056	Windows Shell Experience Host.exe
2064	Realtek HD Audio Universal Service.exe
1340	Windows Shell Experience Host.exe
1276	Realtek HD Audio Universal Service.exe
1744	Windows Shell Experience Host.exe
2288	Realtek HD Audio Universal Service.exe
484	Windows Shell Experience Host.exe
1772	Realtek HD Audio Universal Service.exe
1876	Windows Shell Experience Host.exe
2044	Realtek HD Audio Universal Service.exe
924	Windows Shell Experience Host.exe
1552	Realtek HD Audio Universal Service.exe
1008	Windows Shell Experience Host.exe
2052	Realtek HD Audio Universal Service.exe
1756	Windows Shell Experience Host.exe
2076	Realtek HD Audio Universal Service.exe
2936	Windows Shell Experience Host.exe

Loads dropped DLL 64 IoCs

pid	Process
3064	Extra Xiters Premium V5.exe
3064	Extra Xiters Premium V5.exe
2200	Extra Xiters Premium V5.exe
2200	Extra Xiters Premium V5.exe
592	Extra Xiters Premium V5.exe
592	Extra Xiters Premium V5.exe
2948	Extra Xiters Premium V5.exe
2948	Extra Xiters Premium V5.exe
2820	Extra Xiters Premium V5.exe
2820	Extra Xiters Premium V5.exe
2816	Extra Xiters Premium V5.exe
2816	Extra Xiters Premium V5.exe
2132	Extra Xiters Premium V5.exe
2132	Extra Xiters Premium V5.exe
2444	Extra Xiters Premium V5.exe
2444	Extra Xiters Premium V5.exe
1168	Extra Xiters Premium V5.exe
1168	Extra Xiters Premium V5.exe
2040	Extra Xiters Premium V5.exe
2040	Extra Xiters Premium V5.exe
1996	Extra Xiters Premium V5.exe
1996	Extra Xiters Premium V5.exe
484	Extra Xiters Premium V5.exe
484	Extra Xiters Premium V5.exe
276	Extra Xiters Premium V5.exe
276	Extra Xiters Premium V5.exe
1004	Extra Xiters Premium V5.exe
1004	Extra Xiters Premium V5.exe
1556	Extra Xiters Premium V5.exe
1556	Extra Xiters Premium V5.exe
1016	Extra Xiters Premium V5.exe
1016	Extra Xiters Premium V5.exe
716	Extra Xiters Premium V5.exe
716	Extra Xiters Premium V5.exe
1968	Extra Xiters Premium V5.exe
1968	Extra Xiters Premium V5.exe
1652	Extra Xiters Premium V5.exe
1652	Extra Xiters Premium V5.exe
1624	Extra Xiters Premium V5.exe
1624	Extra Xiters Premium V5.exe
2316	Extra Xiters Premium V5.exe
2316	Extra Xiters Premium V5.exe
2980	Extra Xiters Premium V5.exe
2980	Extra Xiters Premium V5.exe
2744	Extra Xiters Premium V5.exe
2744	Extra Xiters Premium V5.exe
2716	Extra Xiters Premium V5.exe
2716	Extra Xiters Premium V5.exe
1052	Extra Xiters Premium V5.exe
1052	Extra Xiters Premium V5.exe
1432	Extra Xiters Premium V5.exe
1432	Extra Xiters Premium V5.exe
1268	Extra Xiters Premium V5.exe
1268	Extra Xiters Premium V5.exe
1592	Extra Xiters Premium V5.exe
1592	Extra Xiters Premium V5.exe
1632	Extra Xiters Premium V5.exe
1632	Extra Xiters Premium V5.exe
2484	Extra Xiters Premium V5.exe
2484	Extra Xiters Premium V5.exe
1252	Extra Xiters Premium V5.exe
1252	Extra Xiters Premium V5.exe
3064	Extra Xiters Premium V5.exe
3064	Extra Xiters Premium V5.exe

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-1163522206-1469769407-485553996-1000\Software\Microsoft\Windows\CurrentVersion\Run\Windows Shell Experience Host = "C:\\Users\\Admin\\AppData\\Roaming\\Windows Shell Experience Host.exe"	Windows Shell Experience Host.exe

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
5	ip-api.com
6	ip-api.com

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Extra Xiters Premium V5.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
976	powershell.exe
1976	powershell.exe
3700	powershell.exe
3964	powershell.exe
2492	powershell.exe
3252	powershell.exe
3528	powershell.exe
2104	powershell.exe
2580	Realtek HD Audio Universal Service.exe
1488	Windows Shell Experience Host.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	2920	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2328	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2828	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2852	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2580	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1488	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2284	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2296	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2508	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2996	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2208	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2540	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	1452	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	1868	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1724	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2068	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	1716	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1048	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	896	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1292	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2016	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2596	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2792	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2908	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2304	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2684	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2036	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1060	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	1672	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	1044	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	344	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2472	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	552	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1808	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	1932	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1856	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2660	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1992	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2616	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2224	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2168	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2588	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2848	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2948	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2872	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2128	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2364	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2056	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	1340	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2064	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1276	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1744	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	484	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2288	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1876	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	1772	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	924	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2044	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1008	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	1552	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	2052	Realtek HD Audio Universal Service.exe
Token: SeDebugPrivilege	1756	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2936	Windows Shell Experience Host.exe
Token: SeDebugPrivilege	2076	Realtek HD Audio Universal Service.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2580	Realtek HD Audio Universal Service.exe
1488	Windows Shell Experience Host.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3064 wrote to memory of 2296	3064	Extra Xiters Premium V5.exe	30
PID 3064 wrote to memory of 2296	3064	Extra Xiters Premium V5.exe	30
PID 3064 wrote to memory of 2296	3064	Extra Xiters Premium V5.exe	30
PID 3064 wrote to memory of 2296	3064	Extra Xiters Premium V5.exe	30
PID 3064 wrote to memory of 2328	3064	Extra Xiters Premium V5.exe	31
PID 3064 wrote to memory of 2328	3064	Extra Xiters Premium V5.exe	31
PID 3064 wrote to memory of 2328	3064	Extra Xiters Premium V5.exe	31
PID 3064 wrote to memory of 2328	3064	Extra Xiters Premium V5.exe	31
PID 3064 wrote to memory of 2200	3064	Extra Xiters Premium V5.exe	32
PID 3064 wrote to memory of 2200	3064	Extra Xiters Premium V5.exe	32
PID 3064 wrote to memory of 2200	3064	Extra Xiters Premium V5.exe	32
PID 3064 wrote to memory of 2200	3064	Extra Xiters Premium V5.exe	32
PID 2200 wrote to memory of 2580	2200	Extra Xiters Premium V5.exe	33
PID 2200 wrote to memory of 2580	2200	Extra Xiters Premium V5.exe	33
PID 2200 wrote to memory of 2580	2200	Extra Xiters Premium V5.exe	33
PID 2200 wrote to memory of 2580	2200	Extra Xiters Premium V5.exe	33
PID 2200 wrote to memory of 1488	2200	Extra Xiters Premium V5.exe	34
PID 2200 wrote to memory of 1488	2200	Extra Xiters Premium V5.exe	34
PID 2200 wrote to memory of 1488	2200	Extra Xiters Premium V5.exe	34
PID 2200 wrote to memory of 1488	2200	Extra Xiters Premium V5.exe	34
PID 2200 wrote to memory of 592	2200	Extra Xiters Premium V5.exe	35
PID 2200 wrote to memory of 592	2200	Extra Xiters Premium V5.exe	35
PID 2200 wrote to memory of 592	2200	Extra Xiters Premium V5.exe	35
PID 2200 wrote to memory of 592	2200	Extra Xiters Premium V5.exe	35
PID 592 wrote to memory of 2284	592	Extra Xiters Premium V5.exe	36
PID 592 wrote to memory of 2284	592	Extra Xiters Premium V5.exe	36
PID 592 wrote to memory of 2284	592	Extra Xiters Premium V5.exe	36
PID 592 wrote to memory of 2284	592	Extra Xiters Premium V5.exe	36
PID 592 wrote to memory of 2852	592	Extra Xiters Premium V5.exe	37
PID 592 wrote to memory of 2852	592	Extra Xiters Premium V5.exe	37
PID 592 wrote to memory of 2852	592	Extra Xiters Premium V5.exe	37
PID 592 wrote to memory of 2852	592	Extra Xiters Premium V5.exe	37
PID 592 wrote to memory of 2948	592	Extra Xiters Premium V5.exe	95
PID 592 wrote to memory of 2948	592	Extra Xiters Premium V5.exe	95
PID 592 wrote to memory of 2948	592	Extra Xiters Premium V5.exe	95
PID 592 wrote to memory of 2948	592	Extra Xiters Premium V5.exe	95
PID 2948 wrote to memory of 2828	2948	Extra Xiters Premium V5.exe	39
PID 2948 wrote to memory of 2828	2948	Extra Xiters Premium V5.exe	39
PID 2948 wrote to memory of 2828	2948	Extra Xiters Premium V5.exe	39
PID 2948 wrote to memory of 2828	2948	Extra Xiters Premium V5.exe	39
PID 2948 wrote to memory of 2508	2948	Extra Xiters Premium V5.exe	40
PID 2948 wrote to memory of 2508	2948	Extra Xiters Premium V5.exe	40
PID 2948 wrote to memory of 2508	2948	Extra Xiters Premium V5.exe	40
PID 2948 wrote to memory of 2508	2948	Extra Xiters Premium V5.exe	40
PID 2948 wrote to memory of 2820	2948	Extra Xiters Premium V5.exe	41
PID 2948 wrote to memory of 2820	2948	Extra Xiters Premium V5.exe	41
PID 2948 wrote to memory of 2820	2948	Extra Xiters Premium V5.exe	41
PID 2948 wrote to memory of 2820	2948	Extra Xiters Premium V5.exe	41
PID 2820 wrote to memory of 2996	2820	Extra Xiters Premium V5.exe	42
PID 2820 wrote to memory of 2996	2820	Extra Xiters Premium V5.exe	42
PID 2820 wrote to memory of 2996	2820	Extra Xiters Premium V5.exe	42
PID 2820 wrote to memory of 2996	2820	Extra Xiters Premium V5.exe	42
PID 2820 wrote to memory of 2920	2820	Extra Xiters Premium V5.exe	43
PID 2820 wrote to memory of 2920	2820	Extra Xiters Premium V5.exe	43
PID 2820 wrote to memory of 2920	2820	Extra Xiters Premium V5.exe	43
PID 2820 wrote to memory of 2920	2820	Extra Xiters Premium V5.exe	43
PID 2820 wrote to memory of 2816	2820	Extra Xiters Premium V5.exe	44
PID 2820 wrote to memory of 2816	2820	Extra Xiters Premium V5.exe	44
PID 2820 wrote to memory of 2816	2820	Extra Xiters Premium V5.exe	44
PID 2820 wrote to memory of 2816	2820	Extra Xiters Premium V5.exe	44
PID 2816 wrote to memory of 2208	2816	Extra Xiters Premium V5.exe	45
PID 2816 wrote to memory of 2208	2816	Extra Xiters Premium V5.exe	45
PID 2816 wrote to memory of 2208	2816	Extra Xiters Premium V5.exe	45
PID 2816 wrote to memory of 2208	2816	Extra Xiters Premium V5.exe	45

C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
"C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:3064
- C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
  "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:2296
- C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
  "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:2328
- C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
  "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious use of WriteProcessMemory
  PID:2200
- - C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
    "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
    3⤵
    - Drops startup file
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of SetWindowsHookEx
    PID:2580
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe'
      4⤵
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      PID:1976
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'Realtek HD Audio Universal Service.exe'
      4⤵
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      PID:3700
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Realtek HD Audio Universal Service.exe'
      4⤵
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      PID:2492
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'Realtek HD Audio Universal Service.exe'
      4⤵
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      PID:3528
- - C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
    "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
    3⤵
    - Drops startup file
    - Executes dropped EXE
    - Adds Run key to start application
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of SetWindowsHookEx
    PID:1488
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe'
      4⤵
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      PID:976
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'Windows Shell Experience Host.exe'
      4⤵
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      PID:3964
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\Windows Shell Experience Host.exe'
      4⤵
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      PID:3252
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'Windows Shell Experience Host.exe'
      4⤵
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      PID:2104
- - C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
    "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
    3⤵
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:592
  - - C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
      "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
      4⤵
      Executes dropped EXE
      Suspicious use of AdjustPrivilegeToken
      PID:2284
  - - C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
      "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
      4⤵
      Executes dropped EXE
      Suspicious use of AdjustPrivilegeToken
      PID:2852
  - - C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
      "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
      4⤵
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      Suspicious use of WriteProcessMemory
      PID:2948
    - - C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2828
    - - C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        5⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2508
    - - C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        5⤵
        Loads dropped DLL
        Suspicious use of WriteProcessMemory
        
        PID:2820
      - C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        6⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2996
      - C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        6⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2920
      - C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        6⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        Suspicious use of WriteProcessMemory
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        7⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        7⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        7⤵
        Loads dropped DLL
        
        PID:2132
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        8⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1868
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        8⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1452
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        8⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        9⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        9⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2068
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        9⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1168
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        10⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1716
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        10⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        10⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2040
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        11⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        11⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1292
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        11⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        12⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2016
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        12⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        12⤵
        Loads dropped DLL
        
        PID:484
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        13⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2792
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        13⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        13⤵
        Loads dropped DLL
        
        PID:276
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        14⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2684
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        14⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        14⤵
        Loads dropped DLL
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        15⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        15⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1060
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        15⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        16⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1044
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        16⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1672
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        16⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        17⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        17⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:344
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        17⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:716
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        18⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:552
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        18⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1808
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        18⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1968
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        19⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        19⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        19⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1652
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        20⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        20⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1992
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        20⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        21⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2616
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        21⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2224
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        21⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        22⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        22⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        22⤵
        Loads dropped DLL
        
        PID:2980
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        23⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2848
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        23⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2948
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        23⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        24⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        24⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        24⤵
        Loads dropped DLL
        
        PID:2716
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        25⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        25⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2056
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        25⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        26⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2064
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        26⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1340
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        26⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        27⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1276
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        27⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1744
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        27⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        28⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2288
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        28⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:484
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        28⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        29⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        29⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        29⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        30⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2044
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        30⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:924
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        30⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:2484
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        31⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1552
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        31⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1008
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        31⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1252
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        32⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2052
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        32⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        32⤵
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        33⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        33⤵
        Executes dropped EXE
        Suspicious use of AdjustPrivilegeToken
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        33⤵
        System Location Discovery: System Language Discovery
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        34⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        34⤵
        
        PID:1652
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        34⤵
        
        PID:3080
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        35⤵
        
        PID:3260
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        35⤵
        
        PID:3268
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        35⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        36⤵
        
        PID:3400
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        36⤵
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        36⤵
        System Location Discovery: System Language Discovery
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        37⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        37⤵
        
        PID:3540
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        37⤵
        
        PID:3564
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        38⤵
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        38⤵
        
        PID:3696
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        38⤵
        System Location Discovery: System Language Discovery
        
        PID:3736
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        39⤵
        
        PID:3832
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        39⤵
        
        PID:3848
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        39⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        40⤵
        
        PID:3932
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        40⤵
        
        PID:3940
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        40⤵
        System Location Discovery: System Language Discovery
        
        PID:3948
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        41⤵
        
        PID:4036
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        41⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        41⤵
        System Location Discovery: System Language Discovery
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        42⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        42⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        42⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        43⤵
        
        PID:3224
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        43⤵
        
        PID:2952
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        43⤵
        System Location Discovery: System Language Discovery
        
        PID:276
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        44⤵
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        44⤵
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        44⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        45⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        45⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        45⤵
        System Location Discovery: System Language Discovery
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        46⤵
        
        PID:3184
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        46⤵
        
        PID:3084
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        46⤵
        System Location Discovery: System Language Discovery
        
        PID:3180
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        47⤵
        
        PID:1776
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        47⤵
        
        PID:1440
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        47⤵
        
        PID:2404
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        48⤵
        
        PID:3364
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        48⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        48⤵
        
        PID:1796
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        49⤵
        
        PID:3476
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        49⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        49⤵
        System Location Discovery: System Language Discovery
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        50⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        50⤵
        
        PID:3644
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        50⤵
        System Location Discovery: System Language Discovery
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        51⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        51⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        51⤵
        
        PID:3812
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        52⤵
        
        PID:3844
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        52⤵
        
        PID:3796
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        52⤵
        System Location Discovery: System Language Discovery
        
        PID:1812
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        53⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        53⤵
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        53⤵
        System Location Discovery: System Language Discovery
        
        PID:3996
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        54⤵
        
        PID:3948
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        54⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        54⤵
        
        PID:4076
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        55⤵
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        55⤵
        
        PID:2360
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        55⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        56⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        56⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        56⤵
        System Location Discovery: System Language Discovery
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        57⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        57⤵
        
        PID:2704
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        57⤵
        System Location Discovery: System Language Discovery
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        58⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        58⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        58⤵
        System Location Discovery: System Language Discovery
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        59⤵
        
        PID:648
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        59⤵
        
        PID:3216
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        59⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        60⤵
        
        PID:3172
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        60⤵
        
        PID:1764
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        60⤵
        System Location Discovery: System Language Discovery
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        61⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        61⤵
        
        PID:3348
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        61⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        62⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        62⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        62⤵
        System Location Discovery: System Language Discovery
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        63⤵
        
        PID:1168
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        63⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        63⤵
        
        PID:1256
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        64⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        64⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        64⤵
        System Location Discovery: System Language Discovery
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        65⤵
        
        PID:804
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        65⤵
        
        PID:3608
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        65⤵
        System Location Discovery: System Language Discovery
        
        PID:2288
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        66⤵
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        66⤵
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        66⤵
        System Location Discovery: System Language Discovery
        
        PID:3756
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        67⤵
        
        PID:3820
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        67⤵
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        67⤵
        System Location Discovery: System Language Discovery
        
        PID:3812
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        68⤵
        
        PID:2144
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        68⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        68⤵
        System Location Discovery: System Language Discovery
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        69⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        69⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        69⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        70⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        70⤵
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        70⤵
        System Location Discovery: System Language Discovery
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        71⤵
        
        PID:2612
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        71⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        71⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        72⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        72⤵
        
        PID:3404
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        72⤵
        System Location Discovery: System Language Discovery
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        73⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        73⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        73⤵
        
        PID:3180
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        74⤵
        
        PID:3852
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        74⤵
        
        PID:3876
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        74⤵
        
        PID:3428
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        75⤵
        
        PID:4040
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        75⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        75⤵
        System Location Discovery: System Language Discovery
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        76⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        76⤵
        
        PID:1060
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        76⤵
        System Location Discovery: System Language Discovery
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        77⤵
        
        PID:3860
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        77⤵
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        77⤵
        System Location Discovery: System Language Discovery
        
        PID:320
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        78⤵
        
        PID:3292
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        78⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        78⤵
        System Location Discovery: System Language Discovery
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        79⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        79⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        79⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        80⤵
        
        PID:1440
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        80⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        80⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        81⤵
        
        PID:3308
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        81⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        81⤵
        System Location Discovery: System Language Discovery
        
        PID:3720
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        82⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        82⤵
        
        PID:3580
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        82⤵
        
        PID:3444
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        83⤵
        
        PID:3992
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        83⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        83⤵
        System Location Discovery: System Language Discovery
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        84⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        84⤵
        
        PID:4032
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        84⤵
        System Location Discovery: System Language Discovery
        
        PID:3124
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        85⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        85⤵
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        85⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        86⤵
        
        PID:3360
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        86⤵
        
        PID:3952
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        86⤵
        System Location Discovery: System Language Discovery
        
        PID:2164
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        87⤵
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        87⤵
        
        PID:3892
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        87⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        88⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        88⤵
        
        PID:3984
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        88⤵
        
        PID:3084
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        89⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        89⤵
        
        PID:3200
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        89⤵
        System Location Discovery: System Language Discovery
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        90⤵
        
        PID:3784
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        90⤵
        
        PID:3488
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        90⤵
        System Location Discovery: System Language Discovery
        
        PID:3380
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        91⤵
        
        PID:1068
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        91⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        91⤵
        System Location Discovery: System Language Discovery
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        92⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        92⤵
        
        PID:2856
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        92⤵
        
        PID:3196
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        93⤵
        
        PID:3316
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        93⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        93⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        94⤵
        
        PID:3720
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        94⤵
        
        PID:2396
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        94⤵
        System Location Discovery: System Language Discovery
        
        PID:3496
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        95⤵
        
        PID:792
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        95⤵
        
        PID:3420
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        95⤵
        System Location Discovery: System Language Discovery
        
        PID:1364
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        96⤵
        
        PID:2616
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        96⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        96⤵
        System Location Discovery: System Language Discovery
        
        PID:3696
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        97⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        97⤵
        
        PID:1172
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        97⤵
        System Location Discovery: System Language Discovery
        
        PID:804
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        98⤵
        
        PID:3972
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        98⤵
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        98⤵
        
        PID:2628
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        99⤵
        
        PID:1308
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        99⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        99⤵
        System Location Discovery: System Language Discovery
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        100⤵
        
        PID:3512
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        100⤵
        
        PID:3920
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        100⤵
        
        PID:4072
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        101⤵
        
        PID:3604
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        101⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        101⤵
        System Location Discovery: System Language Discovery
        
        PID:2184
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        102⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        102⤵
        
        PID:2136
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        102⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        103⤵
        
        PID:4056
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        103⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        103⤵
        
        PID:3812
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        104⤵
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        104⤵
        
        PID:3928
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        104⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        105⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        105⤵
        
        PID:3452
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        105⤵
        
        PID:3448
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        106⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        106⤵
        
        PID:1552
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        106⤵
        
        PID:1724
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        107⤵
        
        PID:1840
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        107⤵
        
        PID:320
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        107⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        108⤵
        
        PID:3884
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        108⤵
        
        PID:2084
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        108⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        109⤵
        
        PID:3380
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        109⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        109⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        110⤵
        
        PID:3392
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        110⤵
        
        PID:4040
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        110⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        111⤵
        
        PID:3508
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        111⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        111⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        112⤵
        
        PID:640
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        112⤵
        
        PID:2688
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        112⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        113⤵
        
        PID:1364
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        113⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        113⤵
        
        PID:3732
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        114⤵
        
        PID:1040
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        114⤵
        
        PID:3292
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        114⤵
        
        PID:976
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        115⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        115⤵
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        115⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        116⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        116⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        116⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        117⤵
        
        PID:2892
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        117⤵
        
        PID:4072
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        117⤵
        
        PID:3544
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        118⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        118⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        118⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        119⤵
        
        PID:3796
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        119⤵
        
        PID:3808
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        119⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        120⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        120⤵
        
        PID:3412
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        120⤵
        
        PID:3304
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        121⤵
        
        PID:1816
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        121⤵
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        121⤵
        
        PID:3976
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        122⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        122⤵
        
        PID:3940
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        122⤵
        
        PID:2488
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        123⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        123⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        123⤵
        
        PID:3500
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        124⤵
        
        PID:3220
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        124⤵
        
        PID:712
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        124⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        125⤵
        
        PID:2808
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        125⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        125⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        126⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        126⤵
        
        PID:804
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        126⤵
        
        PID:1276
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        127⤵
        
        PID:3744
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        127⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        127⤵
        
        PID:620
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        128⤵
        
        PID:1508
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        128⤵
        
        PID:1544
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        128⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        129⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        129⤵
        
        PID:3348
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        129⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        130⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        130⤵
        
        PID:3248
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        130⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        131⤵
        
        PID:3656
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        131⤵
        
        PID:1628
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        131⤵
        
        PID:3812
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        132⤵
        
        PID:2508
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        132⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        132⤵
        
        PID:2252
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        133⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        133⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        133⤵
        
        PID:4008
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        134⤵
        
        PID:648
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        134⤵
        
        PID:3944
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        134⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        135⤵
        
        PID:3932
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        135⤵
        
        PID:3140
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        135⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        136⤵
        
        PID:852
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        136⤵
        
        PID:3120
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        136⤵
        
        PID:3672
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        137⤵
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        137⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        137⤵
        
        PID:3972
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        138⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        138⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        138⤵
        
        PID:1256
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        139⤵
        
        PID:772
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        139⤵
        
        PID:268
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        139⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        140⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        140⤵
        
        PID:3772
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        140⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        141⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        141⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        141⤵
        
        PID:1272
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        142⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        142⤵
        
        PID:1968
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        142⤵
        
        PID:3992
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        143⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        143⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        143⤵
        
        PID:3928
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        144⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        144⤵
        
        PID:3316
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        144⤵
        
        PID:3812
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        145⤵
        
        PID:3180
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        145⤵
        
        PID:2396
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        145⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        146⤵
        
        PID:2992
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        146⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        146⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        147⤵
        
        PID:3156
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        147⤵
        
        PID:2820
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        147⤵
        
        PID:3340
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        148⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        148⤵
        
        PID:3172
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        148⤵
        
        PID:3884
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        149⤵
        
        PID:2764
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        149⤵
        
        PID:3364
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        149⤵
        
        PID:596
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        150⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        150⤵
        
        PID:976
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        150⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        151⤵
        
        PID:3440
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        151⤵
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        151⤵
        
        PID:2432
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        152⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        152⤵
        
        PID:1220
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        152⤵
        
        PID:3584
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        153⤵
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        153⤵
        
        PID:3804
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        153⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        154⤵
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        154⤵
        
        PID:3272
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        154⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        155⤵
        
        PID:2848
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        155⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        155⤵
        
        PID:2144
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        156⤵
        
        PID:3452
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        156⤵
        
        PID:3240
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        156⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        157⤵
        
        PID:2252
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        157⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        157⤵
        
        PID:3308
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        158⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        158⤵
        
        PID:3484
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        158⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        159⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        159⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        159⤵
        
        PID:2084
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        160⤵
        
        PID:3228
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        160⤵
        
        PID:3864
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        160⤵
        
        PID:2420
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        161⤵
        
        PID:4088
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        161⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        161⤵
        
        PID:3256
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        162⤵
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        162⤵
        
        PID:1584
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        162⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        163⤵
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        163⤵
        
        PID:1112
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        163⤵
        
        PID:3784
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        164⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        164⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        164⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        165⤵
        
        PID:3668
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        165⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        165⤵
        
        PID:3596
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        166⤵
        
        PID:3404
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        166⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        166⤵
        
        PID:3832
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        167⤵
        
        PID:3372
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        167⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        167⤵
        
        PID:3744
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        168⤵
        
        PID:3376
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        168⤵
        
        PID:3608
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        168⤵
        
        PID:2040
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        169⤵
        
        PID:276
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        169⤵
        
        PID:3580
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        169⤵
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        170⤵
        
        PID:3184
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        170⤵
        
        PID:3884
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        170⤵
        
        PID:3012
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        171⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        171⤵
        
        PID:3300
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        171⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        172⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        172⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        172⤵
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        173⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        173⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        173⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        174⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        174⤵
        
        PID:1384
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        174⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        175⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        175⤵
        
        PID:3220
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        175⤵
        
        PID:3140
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        176⤵
        
        PID:3224
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        176⤵
        
        PID:852
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        176⤵
        
        PID:3544
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        177⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        177⤵
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        177⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        178⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        178⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        178⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        179⤵
        
        PID:3556
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        179⤵
        
        PID:2920
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        179⤵
        
        PID:3844
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        180⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        180⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        180⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        181⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        181⤵
        
        PID:3096
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        181⤵
        
        PID:2628
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        182⤵
        
        PID:3012
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        182⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        182⤵
        
        PID:1256
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        183⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        183⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        183⤵
        
        PID:4048
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        184⤵
        
        PID:1008
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        184⤵
        
        PID:1816
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        184⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        185⤵
        
        PID:3116
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        185⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        185⤵
        
        PID:3180
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        186⤵
        
        PID:3304
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        186⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        186⤵
        
        PID:1872
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        187⤵
        
        PID:3360
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        187⤵
        
        PID:3776
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        187⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        188⤵
        
        PID:3152
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        188⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        188⤵
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        189⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        189⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        189⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        190⤵
        
        PID:3088
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        190⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        190⤵
        
        PID:3720
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        191⤵
        
        PID:976
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        191⤵
        
        PID:3324
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        191⤵
        
        PID:3276
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        192⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        192⤵
        
        PID:2932
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        192⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        193⤵
        
        PID:4076
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        193⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        193⤵
        
        PID:3288
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        194⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        194⤵
        
        PID:1252
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        194⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        195⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        195⤵
        
        PID:3256
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        195⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        196⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        196⤵
        
        PID:2336
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        196⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        197⤵
        
        PID:3452
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        197⤵
        
        PID:3872
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        197⤵
        
        PID:3240
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        198⤵
        
        PID:3120
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        198⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        198⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        199⤵
        
        PID:2716
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        199⤵
        
        PID:924
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        199⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        200⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        200⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        200⤵
        
        PID:1380
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        201⤵
        
        PID:3864
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        201⤵
        
        PID:3876
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        201⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        202⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        202⤵
        
        PID:3980
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        202⤵
        
        PID:3564
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        203⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        203⤵
        
        PID:1584
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        203⤵
        
        PID:2656
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        204⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        204⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        204⤵
        
        PID:3696
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        205⤵
        
        PID:2904
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        205⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        205⤵
        
        PID:2304
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        206⤵
        
        PID:3292
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        206⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        206⤵
        
        PID:2236
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        207⤵
        
        PID:3984
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        207⤵
        
        PID:3084
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        207⤵
        
        PID:2820
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        208⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        208⤵
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        208⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        209⤵
        
        PID:3608
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        209⤵
        
        PID:3376
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        209⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        210⤵
        
        PID:3392
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        210⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        210⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        211⤵
        
        PID:3832
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        211⤵
        
        PID:2256
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        211⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        212⤵
        
        PID:620
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        212⤵
        
        PID:2148
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        212⤵
        
        PID:3968
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        213⤵
        
        PID:2596
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        213⤵
        
        PID:3076
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        213⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        214⤵
        
        PID:3944
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        214⤵
        
        PID:3428
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        214⤵
        
        PID:1384
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        215⤵
        
        PID:3100
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        215⤵
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        215⤵
        
        PID:2964
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        216⤵
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        216⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        216⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        217⤵
        
        PID:2408
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        217⤵
        
        PID:3628
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        217⤵
        
        PID:3456
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        218⤵
        
        PID:2344
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        218⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        218⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        219⤵
        
        PID:3540
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        219⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        219⤵
        
        PID:3556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        220⤵
        
        PID:2772
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        220⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        220⤵
        
        PID:3344
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        221⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        221⤵
        
        PID:268
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        221⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        222⤵
        
        PID:1440
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        222⤵
        
        PID:3996
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        222⤵
        
        PID:2700
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        223⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        223⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        223⤵
        
        PID:2084
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        224⤵
        
        PID:1796
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        224⤵
        
        PID:1816
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        224⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        225⤵
        
        PID:3116
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        225⤵
        
        PID:2136
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        225⤵
        
        PID:3952
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        226⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        226⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        226⤵
        
        PID:3932
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        227⤵
        
        PID:2512
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        227⤵
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        227⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        228⤵
        
        PID:3472
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        228⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        228⤵
        
        PID:804
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        229⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        229⤵
        
        PID:3404
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        229⤵
        
        PID:3372
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        230⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        230⤵
        
        PID:2708
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        230⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        231⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        231⤵
        
        PID:3528
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        231⤵
        
        PID:3972
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        232⤵
        
        PID:3828
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        232⤵
        
        PID:2548
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        232⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        233⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        233⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        233⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        234⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        234⤵
        
        PID:1252
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        234⤵
        
        PID:3816
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        235⤵
        
        PID:3636
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        235⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        235⤵
        
        PID:2084
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        236⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        236⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        236⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        237⤵
        
        PID:1304
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        237⤵
        
        PID:2808
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        237⤵
        
        PID:956
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        238⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        238⤵
        
        PID:2988
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        238⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        239⤵
        
        PID:2716
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        239⤵
        
        PID:3860
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        239⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        240⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        240⤵
        
        PID:1732
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        240⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        241⤵
        
        PID:2600
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        241⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        241⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        242⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        242⤵
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        242⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        243⤵
        
        PID:1348
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        243⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        243⤵
        
        PID:640
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        244⤵
        
        PID:2108
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        244⤵
        
        PID:2384
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        244⤵
        
        PID:3300
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        245⤵
        
        PID:3292
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        245⤵
        
        PID:792
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        245⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        246⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        246⤵
        
        PID:2192
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        246⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        247⤵
        
        PID:2252
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        247⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        247⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        248⤵
        
        PID:3984
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        248⤵
        
        PID:3120
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        248⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        249⤵
        
        PID:3376
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        249⤵
        
        PID:3776
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        249⤵
        
        PID:3248
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        250⤵
        
        PID:3400
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        250⤵
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        250⤵
        
        PID:1876
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        251⤵
        
        PID:1120
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        251⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        251⤵
        
        PID:556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        252⤵
        
        PID:3720
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        252⤵
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        252⤵
        
        PID:1716
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        253⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        253⤵
        
        PID:712
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        253⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        254⤵
        
        PID:2308
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        254⤵
        
        PID:3244
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        254⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        255⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        255⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        255⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        256⤵
        
        PID:3716
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        256⤵
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        256⤵
        
        PID:3336
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        257⤵
        
        PID:3732
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        257⤵
        
        PID:2892
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        257⤵
        
        PID:3296
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        258⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        258⤵
        
        PID:3772
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        258⤵
        
        PID:3648
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        259⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        259⤵
        
        PID:3312
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        259⤵
        
        PID:2164
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        260⤵
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        260⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        260⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        261⤵
        
        PID:2288
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        261⤵
        
        PID:3704
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        261⤵
        
        PID:3392
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        262⤵
        
        PID:2420
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        262⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        262⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        263⤵
        
        PID:1772
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        263⤵
        
        PID:2472
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        263⤵
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        264⤵
        
        PID:3940
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        264⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        264⤵
        
        PID:3564
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        265⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        265⤵
        
        PID:2144
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        265⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        266⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        266⤵
        
        PID:3448
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        266⤵
        
        PID:1284
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        267⤵
        
        PID:3108
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        267⤵
        
        PID:1744
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        267⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        268⤵
        
        PID:3804
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        268⤵
        
        PID:3200
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        268⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        269⤵
        
        PID:3404
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        269⤵
        
        PID:3336
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        269⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        270⤵
        
        PID:3356
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        270⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        270⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        271⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        271⤵
        
        PID:3540
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        271⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        272⤵
        
        PID:1972
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        272⤵
        
        PID:3916
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        272⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        273⤵
        
        PID:1636
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        273⤵
        
        PID:2636
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        273⤵
        
        PID:3688
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        274⤵
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        274⤵
        
        PID:3248
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        274⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        275⤵
        
        PID:1856
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        275⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        275⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        276⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        276⤵
        
        PID:3764
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        276⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        277⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        277⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        277⤵
        
        PID:2372
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        278⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        278⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        278⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        279⤵
        
        PID:1116
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        279⤵
        
        PID:640
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        279⤵
        
        PID:1284
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        280⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        280⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        280⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        281⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        281⤵
        
        PID:3300
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        281⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        282⤵
        
        PID:320
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        282⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        282⤵
        
        PID:3768
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        283⤵
        
        PID:4020
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        283⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        283⤵
        
        PID:2176
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        284⤵
        
        PID:3656
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        284⤵
        
        PID:2676
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        284⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        285⤵
        
        PID:3292
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        285⤵
        
        PID:3264
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        285⤵
        
        PID:2540
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        286⤵
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        286⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        286⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        287⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        287⤵
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        287⤵
        
        PID:1016
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        288⤵
        
        PID:3976
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        288⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        288⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        289⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        289⤵
        
        PID:3544
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        289⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        290⤵
        
        PID:3868
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        290⤵
        
        PID:2804
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        290⤵
        
        PID:2416
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        291⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        291⤵
        
        PID:1120
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        291⤵
        
        PID:2820
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        292⤵
        
        PID:3784
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        292⤵
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        292⤵
        
        PID:3572
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        293⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        293⤵
        
        PID:3960
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        293⤵
        
        PID:3236
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        294⤵
        
        PID:4000
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        294⤵
        
        PID:3988
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        294⤵
        
        PID:3232
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        295⤵
        
        PID:2944
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        295⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        295⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        296⤵
        
        PID:3220
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        296⤵
        
        PID:792
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        296⤵
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        297⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        297⤵
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        297⤵
        
        PID:2488
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        298⤵
        
        PID:3484
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        298⤵
        
        PID:2020
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        298⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        299⤵
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        299⤵
        
        PID:3432
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        299⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        300⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        300⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        300⤵
        
        PID:4008
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        301⤵
        
        PID:1440
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        301⤵
        
        PID:3776
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        301⤵
        
        PID:2372
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        302⤵
        
        PID:4084
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        302⤵
        
        PID:2824
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        302⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        303⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        303⤵
        
        PID:3172
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        303⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        304⤵
        
        PID:1796
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        304⤵
        
        PID:4072
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        304⤵
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        305⤵
        
        PID:3488
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        305⤵
        
        PID:1760
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        305⤵
        
        PID:3088
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        306⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        306⤵
        
        PID:3664
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        306⤵
        
        PID:1168
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        307⤵
        
        PID:1084
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        307⤵
        
        PID:3252
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        307⤵
        
        PID:3840
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        308⤵
        
        PID:1052
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        308⤵
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        308⤵
        
        PID:3900
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        309⤵
        
        PID:2892
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        309⤵
        
        PID:3336
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        309⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        310⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        310⤵
        
        PID:3296
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        310⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        311⤵
        
        PID:3308
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        311⤵
        
        PID:3144
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        311⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        312⤵
        
        PID:3956
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        312⤵
        
        PID:2784
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        312⤵
        
        PID:268
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        313⤵
        
        PID:3996
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        313⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        313⤵
        
        PID:1272
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        314⤵
        
        PID:3276
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        314⤵
        
        PID:3444
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        314⤵
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        315⤵
        
        PID:3636
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        315⤵
        
        PID:2136
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        315⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        316⤵
        
        PID:3272
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        316⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        316⤵
        
        PID:3204
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        317⤵
        
        PID:3236
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        317⤵
        
        PID:3088
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        317⤵
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        318⤵
        
        PID:3904
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        318⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        318⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        319⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        319⤵
        
        PID:3668
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        319⤵
        
        PID:2940
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        320⤵
        
        PID:2492
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        320⤵
        
        PID:2684
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        320⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        321⤵
        
        PID:3240
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        321⤵
        
        PID:2488
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        321⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        322⤵
        
        PID:4016
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        322⤵
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        322⤵
        
        PID:3556
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        323⤵
        
        PID:3744
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        323⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        323⤵
        
        PID:2588
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        324⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        324⤵
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        324⤵
        
        PID:3736
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        325⤵
        
        PID:3392
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        325⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        325⤵
        
        PID:4004
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        326⤵
        
        PID:2420
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        326⤵
        
        PID:2104
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        326⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        327⤵
        
        PID:3620
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        327⤵
        
        PID:3984
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        327⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        328⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        328⤵
        
        PID:2300
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        328⤵
        
        PID:1384
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        329⤵
        
        PID:3560
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        329⤵
        
        PID:4068
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        329⤵
        
        PID:2916
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        330⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        330⤵
        
        PID:3868
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        330⤵
        
        PID:1168
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        331⤵
        
        PID:3964
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        331⤵
        
        PID:2900
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        331⤵
        
        PID:1120
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        332⤵
        
        PID:484
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        332⤵
        
        PID:3452
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        332⤵
        
        PID:3652
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        333⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        333⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        333⤵
        
        PID:572
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        334⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        334⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        334⤵
        
        PID:3988
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        335⤵
        
        PID:2912
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        335⤵
        
        PID:2448
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        335⤵
        
        PID:4008
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        336⤵
        
        PID:2184
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        336⤵
        
        PID:2344
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        336⤵
        
        PID:1380
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        337⤵
        
        PID:3816
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        337⤵
        
        PID:3188
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        337⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        338⤵
        
        PID:3480
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        338⤵
        
        PID:3128
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        338⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe"
        339⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe"
        339⤵
        
        PID:3804
        
        C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe
        
        "C:\Users\Admin\AppData\Local\Temp\Extra Xiters Premium V5.exe"
        339⤵
        
        PID:3476

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "2043223080-2044901729-843967976243711476-15387395581407054826-1606491861-1416049738"
1⤵
PID:896

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\4KLV287US5Q1BNYV44IB.temp

Filesize
7KB

MD5
56021b6c504dd36c9a46d530338fc6bf

SHA1
1937087a4440ee21747a65a0b0206785d7b4c1d6

SHA256
2a0757fdb92404f3778275eaddf6b3e1182e45a2d7268495a077f1461680ee6c

SHA512
2a0006fd97d211fc321ebaffd27ae24c460002eac95cb8b33787c838cc5b2baf2fe83609202b39a21d865d65f1de8eae4640fd11aa165e8476383aee421e9c2a

Download Submit
\Users\Admin\AppData\Local\Temp\Realtek HD Audio Universal Service.exe

Filesize
40KB

MD5
a29cf6541896f5be39c930c3737ff80c

SHA1
526d9571e0368b6d02130d98af32561024fdb803

SHA256
75abe13c29ec2a3a864d07299830be43502cb654bc1309b20e94c786fcc38631

SHA512
e883bce9aabd5999ba363eeb7260dedd08e5e7099a27d6132b93e1c1f83358613c1aea34ad90656f53c36295c1fab3eda2cfa75cb5bf1048813ad586d6ba8b3b

Download Submit
\Users\Admin\AppData\Local\Temp\Windows Shell Experience Host.exe

Filesize
86KB

MD5
17f122079462e212871a1e2eb20eaff9

SHA1
349e4b54323acce835916a2bbe40dc9c5d30931f

SHA256
f483197df60b8767d23fa820efaab0c6bcc3a4b02ebee3c8f1290ef699f6697e

SHA512
95548cb30e9e45c4024be181253200d2188b622754158f6268fa09e41327dbb8468399a1b5ddd9d868413638bf1b9b18f6814586530f2c6a0a6cbd6311234e94

Download Submit
memory/976-81-0x0000000002760000-0x0000000002768000-memory.dmp

Filesize
32KB

Download
memory/976-80-0x000000001B5A0000-0x000000001B882000-memory.dmp

Filesize
2.9MB

Download
memory/1488-16-0x00000000011E0000-0x00000000011FA000-memory.dmp

Filesize
104KB

Download
memory/2104-111-0x0000000002870000-0x0000000002878000-memory.dmp

Filesize
32KB

Download
memory/2104-110-0x000000001B650000-0x000000001B932000-memory.dmp

Filesize
2.9MB

Download
memory/2296-17-0x00000000002B0000-0x00000000002C0000-memory.dmp

Filesize
64KB

Download
memory/3020-123-0x0000000077900000-0x00000000779FA000-memory.dmp

Filesize
1000KB

Download
memory/3020-122-0x00000000777E0000-0x00000000778FF000-memory.dmp

Filesize
1.1MB

Download
memory/3020-124-0x00000000777E0000-0x00000000778FF000-memory.dmp

Filesize
1.1MB

Download
memory/3020-125-0x0000000077900000-0x00000000779FA000-memory.dmp

Filesize
1000KB

Download
memory/3252-100-0x000000001B5C0000-0x000000001B8A2000-memory.dmp

Filesize
2.9MB

Download
memory/3252-101-0x0000000002070000-0x0000000002078000-memory.dmp

Filesize
32KB

Download
memory/3700-86-0x000000001B5A0000-0x000000001B882000-memory.dmp

Filesize
2.9MB

Download
memory/3700-87-0x0000000001FC0000-0x0000000001FC8000-memory.dmp

Filesize
32KB

Download