Malware Analysis Report

2025-08-05 23:33

Sample ID 250119-xxa7es1qdw
Target ZcheatersLauncher.7z
SHA256 46f86218ec0d70374ec8c60b40faf32ef7200bda2b15d503024b7cfe039b3d37
Tags
credential_access discovery persistence privilege_escalation spyware stealer upx
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

46f86218ec0d70374ec8c60b40faf32ef7200bda2b15d503024b7cfe039b3d37

Threat Level: Likely malicious

The file ZcheatersLauncher.7z was found to be: Likely malicious.

Malicious Activity Summary

credential_access discovery persistence privilege_escalation spyware stealer upx

Uses browser remote debugging

Executes dropped EXE

Event Triggered Execution: Component Object Model Hijacking

Reads user/profile data of web browsers

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

UPX packed file

Drops file in System32 directory

Suspicious use of NtSetInformationThreadHideFromDebugger

Enumerates processes with tasklist

Suspicious use of WriteProcessMemory

Checks SCSI registry key(s)

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Suspicious use of FindShellTrayWindow

Kills process with taskkill

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-01-19 19:13

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-01-19 19:13

Reported

2025-01-19 19:16

Platform

win10v2004-20241007-en

Max time kernel

144s

Max time network

149s

Command Line

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\ZcheatersLauncher.rar"

Signatures

Uses browser remote debugging

credential_access stealer
Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A
N/A N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe N/A

Reads user/profile data of web browsers

spyware stealer

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File created \??\c:\windows\system32\driverstore\filerepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\machine.inf_amd64_b748590104fe1c15\machine.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_0d06b6638bdb4763\mshdc.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\hdaudbus.inf_amd64_533c8d455025cc59\hdaudbus.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_b748590104fe1c15\machine.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\hdaudbus.inf_amd64_533c8d455025cc59\hdaudbus.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\hdaudbus.inf_amd64_533c8d455025cc59\hdaudbus.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\mshdc.inf_amd64_0d06b6638bdb4763\mshdc.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\machine.inf_amd64_b748590104fe1c15\machine.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_b748590104fe1c15\machine.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_0d06b6638bdb4763\mshdc.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\hdaudbus.inf_amd64_533c8d455025cc59\hdaudbus.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\hdaudbus.inf_amd64_533c8d455025cc59\hdaudbus.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_b748590104fe1c15\machine.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\mshdc.inf_amd64_0d06b6638bdb4763\mshdc.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\mshdc.inf_amd64_0d06b6638bdb4763\mshdc.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\hdaudbus.inf_amd64_533c8d455025cc59\hdaudbus.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\machine.inf_amd64_b748590104fe1c15\machine.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\input.inf_amd64_adeb6424513f60a2\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_0d06b6638bdb4763\mshdc.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF C:\Windows\system32\dxdiag.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID C:\Windows\system32\dxdiag.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs C:\Windows\system32\dxdiag.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 C:\Windows\system32\dxdiag.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\system32\dxdiag.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs C:\Windows\system32\dxdiag.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs C:\Windows\system32\dxdiag.exe N/A

Kills process with taskkill

evasion
Description Indicator Process Target
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A
N/A N/A C:\Windows\system32\taskkill.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1 C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\CLSID C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CurVer\ = "DxDiag.DxDiagClassObject.1" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CurVer C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1\CLSID C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1\CLSID\ = "{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}" C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\CLSID\ = "{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1 C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CLSID C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\CurVer C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CurVer C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1\CLSID C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B} C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\VersionIndependentProgID\ = "DxDiag.DxDiagClassObject" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CurVer C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ForceRemove\ = "Programmable" C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1\ = "DxDiagProvider Class" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1\CLSID C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\ = "DxDiagClassObject Class" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ForceRemove C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7}\VersionIndependentProgID C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4050598569-1597076380-177084960-1000\{0BF0846C-BA66-4EC3-ADC4-109BD4A643AA} C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1 C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1 C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\VersionIndependentProgID\ = "DxDiag.DxDiagClassObject" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1\CLSID C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CLSID C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1\ = "DxDiagProvider Class" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7}\InprocServer32 C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ForceRemove C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ProgID\ = "DxDiag.DxDiagClassObject.1" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ForceRemove C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4050598569-1597076380-177084960-1000\{CF20064A-1E93-49E0-92CE-E76913593E60} C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CurVer\ = "DxDiag.DxDiagClassObject.1" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7}\VersionIndependentProgID C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1\ = "DxDiagProvider Class" C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\ = "DxDiagClassObject Class" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7} C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\VersionIndependentProgID C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7}\ProgID C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\InprocServer32 C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\InprocServer32\ = "C:\\Windows\\system32\\dxdiagn.dll" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1 C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\InprocServer32\ThreadingModel = "Apartment" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\InprocServer32 C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CLSID C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\ = "DxDiagProvider Class" C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\InprocServer32\ThreadingModel = "Apartment" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CurVer C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1\ = "DxDiagClassObject Class" C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CurVer\ = "DxDiag.DxDiagClassObject.1" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7} C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\CurVer\ = "DxDiag.DxDiagClassObject.1" C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ForceRemove\ = "Programmable" C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\ = "DxDiagProvider Class" C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\ = "DxDiagClassObject Class" C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ProgID\ = "DxDiag.DxDiagClassObject.1" C:\Windows\system32\dxdiag.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 36 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 36 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\tasklist.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\tasklist.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A
N/A N/A C:\Windows\system32\dxdiag.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1600 wrote to memory of 2392 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Users\Admin\Desktop\here\ZcheatLauncher.exe
PID 1600 wrote to memory of 2392 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Users\Admin\Desktop\here\ZcheatLauncher.exe
PID 2392 wrote to memory of 5024 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Windows\system32\cmd.exe
PID 2392 wrote to memory of 5024 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Windows\system32\cmd.exe
PID 2392 wrote to memory of 6528 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Windows\system32\cmd.exe
PID 2392 wrote to memory of 6528 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Windows\system32\cmd.exe
PID 6528 wrote to memory of 6476 N/A C:\Windows\system32\cmd.exe C:\Windows\System32\Wbem\WMIC.exe
PID 6528 wrote to memory of 6476 N/A C:\Windows\system32\cmd.exe C:\Windows\System32\Wbem\WMIC.exe
PID 2392 wrote to memory of 6432 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Windows\system32\cmd.exe
PID 2392 wrote to memory of 6432 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Windows\system32\cmd.exe
PID 6432 wrote to memory of 6388 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\dxdiag.exe
PID 6432 wrote to memory of 6388 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\dxdiag.exe
PID 2392 wrote to memory of 5948 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Windows\system32\cmd.exe
PID 2392 wrote to memory of 5948 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Windows\system32\cmd.exe
PID 5948 wrote to memory of 5904 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\chcp.com
PID 5948 wrote to memory of 5904 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\chcp.com
PID 5948 wrote to memory of 5900 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\tasklist.exe
PID 5948 wrote to memory of 5900 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\tasklist.exe
PID 2392 wrote to memory of 5856 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Windows\system32\cmd.exe
PID 2392 wrote to memory of 5856 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Windows\system32\cmd.exe
PID 5856 wrote to memory of 5796 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\tasklist.exe
PID 5856 wrote to memory of 5796 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\tasklist.exe
PID 2392 wrote to memory of 5756 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2392 wrote to memory of 5756 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2392 wrote to memory of 5748 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2392 wrote to memory of 5748 N/A C:\Users\Admin\Desktop\here\ZcheatLauncher.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5756 wrote to memory of 5724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 5724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5748 wrote to memory of 5700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5748 wrote to memory of 5700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 5756 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\ZcheatersLauncher.rar"

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\here\LICENSE-KEY.txt

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "wmic /locale:ms_409 path win32_videocontroller get caption"

C:\Windows\System32\Wbem\WMIC.exe

wmic /locale:ms_409 path win32_videocontroller get caption

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "dxdiag /whql:off /t C:\Users\Admin\AppData\Local\Temp\dxdiag_1737314103_7298.txt"

C:\Windows\system32\dxdiag.exe

dxdiag /whql:off /t C:\Users\Admin\AppData\Local\Temp\dxdiag_1737314103_7298.txt

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "chcp 65001 > nul && tasklist"

C:\Windows\system32\chcp.com

chcp 65001

C:\Windows\system32\tasklist.exe

tasklist

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "tasklist /FI "IMAGENAME eq firefox.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq firefox.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8610 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8472 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc508346f8,0x7ffc50834708,0x7ffc50834718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1460,i,15573210741812493261,13090271585752724567,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1452 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1184,15748232815509986217,7727013748078483847,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1556 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1184,15748232815509986217,7727013748078483847,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1860 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1760,i,15573210741812493261,13090271585752724567,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1756 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8472 --allow-pre-commit-input --field-trial-handle=1184,15748232815509986217,7727013748078483847,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2072 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "wmic /locale:ms_409 path win32_videocontroller get caption"

C:\Windows\System32\Wbem\WMIC.exe

wmic /locale:ms_409 path win32_videocontroller get caption

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "dxdiag /whql:off /t C:\Users\Admin\AppData\Local\Temp\dxdiag_1737314119_7230.txt"

C:\Windows\system32\dxdiag.exe

dxdiag /whql:off /t C:\Users\Admin\AppData\Local\Temp\dxdiag_1737314119_7230.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8741 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1488,i,14652953921047556843,5314253442959750077,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1480 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1880,i,14652953921047556843,5314253442959750077,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1876 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8261 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc508346f8,0x7ffc50834708,0x7ffc50834718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1460,4730021345737464955,12941189434199793603,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1468 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1460,4730021345737464955,12941189434199793603,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1908 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8261 --allow-pre-commit-input --field-trial-handle=1460,4730021345737464955,12941189434199793603,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2024 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "chcp 65001 > nul && tasklist"

C:\Windows\system32\chcp.com

chcp 65001

C:\Windows\system32\tasklist.exe

tasklist

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "tasklist /FI "IMAGENAME eq firefox.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq firefox.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8854 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xe0,0x10c,0x7ffc508346f8,0x7ffc50834708,0x7ffc50834718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8099 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1488,i,14283745845422157525,478747361088079740,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1480 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1848,i,14283745845422157525,478747361088079740,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1844 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1484,15899017034988801100,7816592530969622407,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1492 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1484,15899017034988801100,7816592530969622407,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1836 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8854 --allow-pre-commit-input --field-trial-handle=1484,15899017034988801100,7816592530969622407,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2012 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8727 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1468,i,11008200998185835637,8069358949946713071,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1460 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1680,i,11008200998185835637,8069358949946713071,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1676 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8472 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc508346f8,0x7ffc50834708,0x7ffc50834718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1456,6076249491643952817,6522417907455269894,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1492 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1456,6076249491643952817,6522417907455269894,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1780 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8472 --allow-pre-commit-input --field-trial-handle=1456,6076249491643952817,6522417907455269894,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2024 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8916 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1452,i,10037081971901626608,6073233998135709634,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1444 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1852,i,10037081971901626608,6073233998135709634,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1848 /prefetch:3

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8650 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1452,10358135623828427795,12416766125656542998,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1480 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1452,10358135623828427795,12416766125656542998,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1920 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8650 --allow-pre-commit-input --field-trial-handle=1452,10358135623828427795,12416766125656542998,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2036 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "wmic /locale:ms_409 path win32_videocontroller get caption"

C:\Windows\System32\Wbem\WMIC.exe

wmic /locale:ms_409 path win32_videocontroller get caption

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "dxdiag /whql:off /t C:\Users\Admin\AppData\Local\Temp\dxdiag_1737314144_5283.txt"

C:\Windows\system32\dxdiag.exe

dxdiag /whql:off /t C:\Users\Admin\AppData\Local\Temp\dxdiag_1737314144_5283.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8941 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1512,i,12566205277090000809,7195866462642577517,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1504 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1896,i,12566205277090000809,7195866462642577517,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1892 /prefetch:3

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "wmic /locale:ms_409 path win32_videocontroller get caption"

C:\Windows\System32\Wbem\WMIC.exe

wmic /locale:ms_409 path win32_videocontroller get caption

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "dxdiag /whql:off /t C:\Users\Admin\AppData\Local\Temp\dxdiag_1737314146_1010.txt"

C:\Windows\system32\dxdiag.exe

dxdiag /whql:off /t C:\Users\Admin\AppData\Local\Temp\dxdiag_1737314146_1010.txt

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8802 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1072,8908570471719204668,9701909389607696463,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1528 /prefetch:2

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1072,8908570471719204668,9701909389607696463,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1880 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "chcp 65001 > nul && tasklist"

C:\Windows\system32\chcp.com

chcp 65001

C:\Windows\system32\tasklist.exe

tasklist

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8049 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1480,i,10988289938524761333,17036130685839345349,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1100 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=2320,i,10988289938524761333,17036130685839345349,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=2316 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8802 --allow-pre-commit-input --field-trial-handle=1072,8908570471719204668,9701909389607696463,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1904 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "tasklist /FI "IMAGENAME eq firefox.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq firefox.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8031 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "wmic /locale:ms_409 path win32_videocontroller get caption"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8121 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Windows\System32\Wbem\WMIC.exe

wmic /locale:ms_409 path win32_videocontroller get caption

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1504,i,8409241454504929203,17262100775508427648,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1496 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1844,i,8409241454504929203,17262100775508427648,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1840 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1468,8433805433444427839,11499861383461964593,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1492 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1468,8433805433444427839,11499861383461964593,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1840 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "dxdiag /whql:off /t C:\Users\Admin\AppData\Local\Temp\dxdiag_1737314150_9317.txt"

C:\Windows\system32\dxdiag.exe

dxdiag /whql:off /t C:\Users\Admin\AppData\Local\Temp\dxdiag_1737314150_9317.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8121 --allow-pre-commit-input --field-trial-handle=1468,8433805433444427839,11499861383461964593,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2000 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "chcp 65001 > nul && tasklist"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\chcp.com

chcp 65001

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Windows\system32\tasklist.exe

tasklist

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8567 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1472,12213004868516184100,13936045476380908842,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1484 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1472,12213004868516184100,13936045476380908842,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1844 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8567 --allow-pre-commit-input --field-trial-handle=1472,12213004868516184100,13936045476380908842,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2016 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "tasklist /FI "IMAGENAME eq firefox.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq firefox.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8669 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8263 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1508,i,6689733330459542726,16170978524718605930,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1500 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1860,i,6689733330459542726,16170978524718605930,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1856 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1496,6459268950599991190,5052777510515656663,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1500 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1496,6459268950599991190,5052777510515656663,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1848 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8669 --allow-pre-commit-input --field-trial-handle=1496,6459268950599991190,5052777510515656663,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2000 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "chcp 65001 > nul && tasklist"

C:\Windows\system32\chcp.com

chcp 65001

C:\Windows\system32\tasklist.exe

tasklist

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "tasklist /FI "IMAGENAME eq firefox.exe""

C:\Windows\system32\tasklist.exe

tasklist /FI "IMAGENAME eq firefox.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8654 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8718 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1492,12499563557824502080,8114719755652737721,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1500 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1492,12499563557824502080,8114719755652737721,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1848 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1484,i,12837436978394046420,11460040985550596255,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1476 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1844,i,12837436978394046420,11460040985550596255,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1840 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8654 --allow-pre-commit-input --field-trial-handle=1492,12499563557824502080,8114719755652737721,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2000 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8324 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1460,i,2749652800782133127,9224351448344403935,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1452 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1872,i,2749652800782133127,9224351448344403935,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1868 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8569 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1516,754005603821864089,8311350947531608595,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1528 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1516,754005603821864089,8311350947531608595,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1904 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8569 --allow-pre-commit-input --field-trial-handle=1516,754005603821864089,8311350947531608595,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2036 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8425 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1460,i,3102040918012217595,14430402375479120594,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1452 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1852,i,3102040918012217595,14430402375479120594,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1848 /prefetch:3

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8161 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1464,i,4756698957810028769,10634747458949302338,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1460 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1844,i,4756698957810028769,10634747458949302338,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1840 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8423 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1480,15742947949307662569,1981522756850541473,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1492 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1480,15742947949307662569,1981522756850541473,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1864 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8423 --allow-pre-commit-input --field-trial-handle=1480,15742947949307662569,1981522756850541473,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1956 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8366 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1448,11370926041216336341,2379078258710192010,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1468 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1448,11370926041216336341,2379078258710192010,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1860 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8366 --allow-pre-commit-input --field-trial-handle=1448,11370926041216336341,2379078258710192010,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2012 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8577 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1480,10146916709788827490,2540736075645326042,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1500 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1480,10146916709788827490,2540736075645326042,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1832 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8965 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8577 --allow-pre-commit-input --field-trial-handle=1480,10146916709788827490,2540736075645326042,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1952 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1448,i,13979431357461349378,17444024128662556599,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1452 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1848,i,13979431357461349378,17444024128662556599,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1844 /prefetch:3

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8673 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8164 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1496,i,16187828104092477027,12801313363075523990,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1488 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1460,13881693089989470302,3113597562435066052,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1528 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1796,i,16187828104092477027,12801313363075523990,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1792 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1460,13881693089989470302,3113597562435066052,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1856 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8673 --allow-pre-commit-input --field-trial-handle=1460,13881693089989470302,3113597562435066052,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2020 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8910 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1524,i,10423331847866217433,10212921781207653587,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1516 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1880,i,10423331847866217433,10212921781207653587,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1876 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8153 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1492,13878120734052852423,17610186058574751605,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1484 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1492,13878120734052852423,17610186058574751605,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1884 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8153 --allow-pre-commit-input --field-trial-handle=1492,13878120734052852423,17610186058574751605,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1996 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8713 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1464,i,13608431347107466527,6282051977341354925,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1444 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1872,i,13608431347107466527,6282051977341354925,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1868 /prefetch:3

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8685 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8895 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1488,i,14899705802336017977,17808221845693180472,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1480 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1508,13215176650961325722,17522806989839286205,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1516 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1872,i,14899705802336017977,17808221845693180472,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1868 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1508,13215176650961325722,17522806989839286205,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1880 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8895 --allow-pre-commit-input --field-trial-handle=1508,13215176650961325722,17522806989839286205,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2024 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8220 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1488,14688418491069175738,9038678489050788687,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1500 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1488,14688418491069175738,9038678489050788687,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1824 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8220 --allow-pre-commit-input --field-trial-handle=1488,14688418491069175738,9038678489050788687,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1948 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8041 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1500,14639311473054379833,12663438411687462737,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1508 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1500,14639311473054379833,12663438411687462737,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1868 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8041 --allow-pre-commit-input --field-trial-handle=1500,14639311473054379833,12663438411687462737,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1984 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8811 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1436,i,7183273055481309119,13066757615437727859,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1444 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1844,i,7183273055481309119,13066757615437727859,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1840 /prefetch:3

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8900 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8165 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1504,4324709334450747103,2454639996856987229,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1512 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,4324709334450747103,2454639996856987229,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1596 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1472,i,17711826777070304208,15961212239553924659,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1448 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1844,i,17711826777070304208,15961212239553924659,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1840 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8900 --allow-pre-commit-input --field-trial-handle=1504,4324709334450747103,2454639996856987229,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2032 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8797 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1472,i,16194501926854491696,13840785152080798745,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1440 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1884,i,16194501926854491696,13840785152080798745,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1880 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8025 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1508,8104068904826295051,7651634364659688163,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1516 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1508,8104068904826295051,7651634364659688163,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1896 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8025 --allow-pre-commit-input --field-trial-handle=1508,8104068904826295051,7651634364659688163,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1980 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8994 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1452,i,10529942076558977148,10982077256016163741,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1444 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1848,i,10529942076558977148,10982077256016163741,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1844 /prefetch:3

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8404 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8205 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1492,i,17473539154641186827,4165330697961109496,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1488 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1844,i,17473539154641186827,4165330697961109496,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1840 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1512,7844076037138531007,10167689049764976527,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1516 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1512,7844076037138531007,10167689049764976527,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1860 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8205 --allow-pre-commit-input --field-trial-handle=1512,7844076037138531007,10167689049764976527,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2004 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8263 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1440,3496167440705045052,386197766827809313,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1452 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1440,3496167440705045052,386197766827809313,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1864 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8263 --allow-pre-commit-input --field-trial-handle=1440,3496167440705045052,386197766827809313,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2000 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8604 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1464,6315908334940859621,14387014051516724127,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1476 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1464,6315908334940859621,14387014051516724127,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1852 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8604 --allow-pre-commit-input --field-trial-handle=1464,6315908334940859621,14387014051516724127,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2032 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8621 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1492,i,13132886356305167692,5980366419001501217,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1484 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1852,i,13132886356305167692,5980366419001501217,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1848 /prefetch:3

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Users\Admin\Desktop\here\ZcheatLauncher.exe

"C:\Users\Admin\Desktop\here\ZcheatLauncher.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM msedge.exe"

C:\Windows\system32\taskkill.exe

taskkill /F /IM msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8566 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1504,1032513837638425552,8353066031731025508,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1512 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,1032513837638425552,8353066031731025508,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1876 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8566 --allow-pre-commit-input --field-trial-handle=1504,1032513837638425552,8353066031731025508,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1996 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "taskkill /F /IM chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8756 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Windows\system32\taskkill.exe

taskkill /F /IM chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --restore-last-session --remote-debugging-port=8578 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --profile-directory=Default --start-minimized

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5097cc40,0x7ffc5097cc4c,0x7ffc5097cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --headless --use-angle=swiftshader-webgl --headless --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --field-trial-handle=1460,i,9706707197506926046,15531062491253950014,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1436 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --field-trial-handle=1852,i,9706707197506926046,15531062491253950014,262144 --disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=1848 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --headless --restore-last-session --remote-debugging-port=8808 --remote-allow-origins=* "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --profile-directory=Default --start-minimized

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc541646f8,0x7ffc54164708,0x7ffc54164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1500,5590117022884948210,5995296008652066943,131072 --disable-features=PaintHolding --headless --headless --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --override-use-software-gl-for-tests --mojo-platform-channel-handle=1512 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1500,5590117022884948210,5995296008652066943,131072 --disable-features=PaintHolding --lang=en-US --service-sandbox-type=none --use-gl=swiftshader-webgl --headless --mojo-platform-channel-handle=1616 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=8808 --allow-pre-commit-input --field-trial-handle=1500,5590117022884948210,5995296008652066943,131072 --disable-features=PaintHolding --lang=en-US --headless --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1988 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "wmic /locale:ms_409 path win32_videocontroller get caption"

C:\Windows\System32\Wbem\WMIC.exe

wmic /locale:ms_409 path win32_videocontroller get caption

Network

Country Destination Domain Proto
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 167.173.78.104.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 cheaterpanel.shop udp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 1.112.21.104.in-addr.arpa udp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 8.8.8.8:53 76.246.100.95.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
N/A 127.0.0.1:8610 tcp
N/A 127.0.0.1:8472 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8472 tcp
US 8.8.8.8:53 29.153.16.2.in-addr.arpa udp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8741 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8261 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8854 tcp
N/A 127.0.0.1:8099 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8854 tcp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
N/A 127.0.0.1:8727 tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
N/A 127.0.0.1:8472 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8916 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8650 tcp
N/A 127.0.0.1:8650 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8941 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8802 tcp
N/A 127.0.0.1:8049 tcp
N/A 127.0.0.1:8031 tcp
N/A 127.0.0.1:8121 tcp
N/A 127.0.0.1:8567 tcp
N/A 127.0.0.1:8263 tcp
N/A 127.0.0.1:8669 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8654 tcp
N/A 127.0.0.1:8718 tcp
N/A 127.0.0.1:8324 tcp
N/A 127.0.0.1:8569 tcp
N/A 127.0.0.1:8425 tcp
N/A 127.0.0.1:8161 tcp
N/A 127.0.0.1:8423 tcp
N/A 127.0.0.1:8366 tcp
N/A 127.0.0.1:8965 tcp
N/A 127.0.0.1:8577 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8673 tcp
N/A 127.0.0.1:8164 tcp
N/A 127.0.0.1:8910 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8153 tcp
N/A 127.0.0.1:8713 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8685 tcp
N/A 127.0.0.1:8895 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8220 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8041 tcp
N/A 127.0.0.1:8811 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8900 tcp
N/A 127.0.0.1:8165 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8797 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
N/A 127.0.0.1:8025 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8994 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
N/A 127.0.0.1:8404 tcp
N/A 127.0.0.1:8205 tcp
US 104.21.112.1:443 cheaterpanel.shop tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\_MEI16002\python310.dll

MD5 a5bf8ecade6f489c7dee24c7c5859b11
SHA1 4f43161151955bbcae9bcd6cb0aeb9d4944b19d7
SHA256 bdd69139afe0c962327571d85aaf83245bbeea8b095e890f59a32aae15a2ea7e
SHA512 508f18ea45e13b2f881d893cf265894daced7b293d2299a6548c620f97d7b607cc66bdeb1239ada7a0859af455509ca2db9a4b7dfac221977bea10bd79c28143

C:\Users\Admin\AppData\Local\Temp\_MEI16002\VCRUNTIME140.dll

MD5 f12681a472b9dd04a812e16096514974
SHA1 6fd102eb3e0b0e6eef08118d71f28702d1a9067c
SHA256 d66c3b47091ceb3f8d3cc165a43d285ae919211a0c0fcb74491ee574d8d464f8
SHA512 7d3accbf84de73fb0c5c0de812a9ed600d39cd7ed0f99527ca86a57ce63f48765a370e913e3a46ffc2ccd48ee07d823dafdd157710eef9e7cc1eb7505dc323a2

memory/2392-140-0x00007FFC50F30000-0x00007FFC5139E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\base_library.zip

MD5 16dc754352d82cbfd7c31ce5434add46
SHA1 b4cc33496fe3c71fa27bb315f21d0bc175057ec9
SHA256 0114a5d74431d5f1db4ea74d030550be8b1a593b28586844430e22e09899e5dd
SHA512 7b5411b83f03e7287775718505a068c775cde91d929bf645e67565881655298d28b8331734590042fae7873dea30e226514d9fe8215c5b400b9529a2802ccb7a

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_ctypes.pyd

MD5 fcaf763430357afc957bdbc6c6bf8abe
SHA1 9733b6bb5a612f6bb4da9988765e8472d29f50cb
SHA256 9b70285204eff98a48c2fc1c228ccd2d8d1703ce743fdca8295b1ee6620d5dfb
SHA512 ed8af73f480a4ab5b962a6d6926315b1231d2bfeda3220b3d78f00fd0303fdafc632e1e3c761e60875cd23ffd358602be5b277f34618dacbb88b1edc3eb6c2ed

C:\Users\Admin\AppData\Local\Temp\_MEI16002\python3.DLL

MD5 07bd9f1e651ad2409fd0b7d706be6071
SHA1 dfeb2221527474a681d6d8b16a5c378847c59d33
SHA256 5d78cd1365ea9ae4e95872576cfa4055342f1e80b06f3051cf91d564b6cd09f5
SHA512 def31d2df95cb7999ce1f55479b2ff7a3cb70e9fc4778fc50803f688448305454fbbf82b5a75032f182dff663a6d91d303ef72e3d2ca9f2a1b032956ec1a0e2a

memory/2392-147-0x00007FFC50EE0000-0x00007FFC50F04000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\libffi-7.dll

MD5 4e261cbb8247260ea91860986110f805
SHA1 1563d67c2aabcb5e00e25ef293456c6481a2adc3
SHA256 ddfd0755e011ea0df26d77cf3628e2cc59653aee02bf241b54b6b08561520453
SHA512 076cdc8759f9cbbf7f8dc7b1eaba3c51f6c40ae6043b1fb55aa2fb83f81e86933d0f885a61d83300173b9bd7c589ff126e2a5d858a3f4036390d02eb1e73d229

memory/2392-150-0x00007FFC63A30000-0x00007FFC63A3F000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_bz2.pyd

MD5 add14680e557f58b603ad9eefc2b5e06
SHA1 f5d195a570a0642f86e9b8f60a2a0115c2045e12
SHA256 7861d5806e8c00db9fae3bb5b397612686a84b97ad6bc3e249660cc8371047fc
SHA512 4422466effeba84737f48aebf3dd2a00db6b2247605b1ae123cd8b0aa28b70ace4c23cfd4e022908c8aa3a8ef33a660b2b1888b7db916f6de46dd242ec271428

memory/2392-154-0x00007FFC50EC0000-0x00007FFC50ED9000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_lzma.pyd

MD5 9267440cd99e133480b7034a26b55507
SHA1 cee6f8bb7ba73e561bc8ee6ad9297d234198860d
SHA256 218bb3cccac55c6980c5e0d279e631ec882cbf92c2e5a1bcee8d6b3b15217447
SHA512 e9aef2bd07e7f6bbd0baea39d7843de4925e43abdebebbdf0d10f6caf740587fb9469c435ac3be91a0972e7010bf2b2e81c9fc7514976d88bffa22014391f98f

memory/2392-156-0x00007FFC50E90000-0x00007FFC50EBD000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\libcrypto-1_1.dll

MD5 a0351929c71ee4f23d9d8be7ce15644b
SHA1 0a87d2fba4ad8d89bbcdee33556a137cfcb1b9dc
SHA256 e0f64969295c0fe749029964baff0c0678ad85ddc5fa3d5f65f620db201ded36
SHA512 f43ced9f0d0ec7443282efca61b0285a8f8bb9cdabe99f5c0fe3d20cfa67c44111df8272468e01b5c7e6e4623a25793c61d0ea285b8e2eaeb6e307e8afaf1b54

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_ssl.pyd

MD5 0ed4b668f8328907333efe75d606ced0
SHA1 a735959ae6cf7e88c21349f80e307fd06bc8fb72
SHA256 d734bd294d2fe5b718276aecfef17be1c6cd6f2a5edd711677dc84477eebb10b
SHA512 d40863d38dc031bce7117d712c4e1dc4439debcf796ecfa7f12609f198c9afd1f051c5c37e64a954b8c2254ff9ef3b990779531f18027766eb536ad72b39e5c3

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_socket.pyd

MD5 d2028c5d90fea781471fe83062290972
SHA1 0bfd655d1967dbf20fb2d25d1a24901f1adee7c9
SHA256 4c9168aaf7391785f101571ddc412ae1a5d03f9553f900d207a959cc35f38dd5
SHA512 7674212620231e595c1b23f6641aaa52856566c9600c082b323bdc554ee0f1d083b9ae7c36daeec93979adb45930c5ca07b779bc2456d7c80d49ee4cf84ba1b0

memory/2392-175-0x00007FFC50E70000-0x00007FFC50E89000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\select.pyd

MD5 18c235b41616d8412aa31dbab1ead88c
SHA1 68006efdf561880f5d7093ca3daeafff6120845a
SHA256 9e28c7d01da0c02c88d12e3cce540088fc073fc891fb74eb39b7eb3a5c416c9c
SHA512 02cc6359dd092dec9a9d71a0fb2bf97a4b7acf8c1b0609c1c266775ce09aa3022c570e9e41dc36d2cfd788823ab6d0e1b09eee921799d7e81e2dfd889e563e81

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_queue.pyd

MD5 53d606a375ed324a691fa41c031143b6
SHA1 7242df83d51777773d12f18018db3de73d590cde
SHA256 c6ba974df9005b786f5ad5b6e984021ca36f28518247d40dfd0adc6d095200dd
SHA512 6222ea0eafe10fc4503ca79dcaf19fc29990bb12cc9dd8ac890cd2af223b9b7b14fc6a1bede95ae4407d557d2546000fe1756582720dc7fde44885a6825d7870

memory/2392-179-0x00007FFC638C0000-0x00007FFC638CD000-memory.dmp

memory/2392-177-0x00007FFC63970000-0x00007FFC6397D000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_sqlite3.pyd

MD5 1ae0e7ef725c75298c6f2cbff14ce078
SHA1 378af4b0e574e64f7791e747aee2489adecab61f
SHA256 58b45d6cd339ee8e1a6d1b4264b5f8e772e53a4d96edf0e47236130e8adc9226
SHA512 62cee0f215e40bccc8b938d130b7b16457f8f21541676c67805c7e6862e0395cc076ae4badbbf4daa95e34f6b744f88c6d16c1d3d78dc33d7c42163ba303e693

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_pytransform.dll

MD5 1d41ad63f856aa331a0b208fea23e1de
SHA1 97d18c1c8fd7ee7887b2723d9e1058aeef8059f8
SHA256 cf025ba0e686a915699bcdc2f1647ddd201d2cecfba82633aa3448ab1dade6ae
SHA512 1597273acce19ce1db52bab96203d03979c7884d892f4d8342df96e2018890dd2044b0cb52aeeac49de37dd557c39719d43f25669ba5d25dceaeb2571de97d87

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_overlapped.pyd

MD5 dda0315944a134809ecc147aac0cbe32
SHA1 d2775a5e61cd68ae69ae4a57ed10d7477432e158
SHA256 d3e14866f38e605fbb418ace3f704bd4ab064f6b7599fff45f0dc65d1ec03788
SHA512 2543274a4e352887b6a56a61d93f5be38554ba70c8608e8fd21a5b9534a9e1c6291b57948adc922a0e235eba1f9b513c158fe485923e2f705cdbbce59923c31d

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_multiprocessing.pyd

MD5 49821b984bb07c6d7baffcd53a8f3d30
SHA1 e48bdaed8e3ec6ff6d497331d761962e64c1db8c
SHA256 de4578b106f081ca96a4f886dafdb073eae80019de72d63e9245c83ed2298206
SHA512 129f5341327d55187d6a479941ea05d49907e0297309c7d41b842fc380617a91250cde87a55352af1255a319caf013c5526d2309263e8539a6c377093d75ec0a

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_hashlib.pyd

MD5 869895b21d75275f39d2ad59329bcae1
SHA1 b6ea7b3e9085cd191268f760187c93c361e2d016
SHA256 3e970802d770e94e85ba7f00f0871bfd478ca56a6dea01c38645469d7b965e7b
SHA512 82575722c2419791b8ab0c15dd5b95e2ffa4e9dd1e176406cee13a4fab03a310a32b67a46b9df68614302d6fc7223ff4cd0c6955b449a6418d2f7eeb2d25bdcd

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_decimal.pyd

MD5 18f232ff4083db859e5ea3cfe19b331d
SHA1 640cc27b7c2caafd5c5849eade665aabf47871fa
SHA256 a222a7967a53c2ebf2fd47ce68048ff3e2dcd3da6cc446f330522963ca4470db
SHA512 4ae0e5f0b0972f38429108b8b4563d416e0387b1cccd09764e4cfb31f30cc1c9901f90af8f8d2a883bca3fd687966dc96cdf8b16559ef615efe45ab1771d6d77

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_cffi_backend.cp310-win_amd64.pyd

MD5 796a3e2ecf2e31669defc1b3e07df327
SHA1 39c896e7217f9c2beaac7a831a5c24e1fff94714
SHA256 803969a018b78e0ca670c0cf2c7b8ff62efd7dcbdc049070f0109d1147453cea
SHA512 429dbbde27e65cc66754c3436153e04f9cde4800553caa678f8aebd55adb2490e93b7822650067eaa51094b47b5db1003af8c4d06aa1acb5d8531666cc308381

C:\Users\Admin\AppData\Local\Temp\_MEI16002\_asyncio.pyd

MD5 f4ec5eb6396729c52747c0038ab6d1f8
SHA1 7a57a1cad7f3462255cfac26ffaccd997da5cb91
SHA256 c4229a342228e0ede3f1ab2e5143785249489c7554d2b7ce9ac4f5ac9ba364ba
SHA512 3e571180c7864aa7d2ed718c403712feded090fe8baa49434d9d6e91ab043ce7f189df2ea7f0d62c419aec65ba955df3f08d7e1691ad24973fc4299d20ab3b72

C:\Users\Admin\AppData\Local\Temp\_MEI16002\unicodedata.pyd

MD5 42e6334acca685c0dd36938c89b4754f
SHA1 e60c20edc793232d700952c93978aca819ee36d8
SHA256 607a1921a44ee80207050a7c4c0631dc13bf7c97361ae2b4c568687ca67d89e9
SHA512 22a9e64d972857f503f3b272cb6bf8f75a5f603f5f7a441800cc5e448997e1c80ba079caf252f03c6a55ebe067cc404cd22ef08ecf3643f1fa17d6f68d93e4e1

C:\Users\Admin\AppData\Local\Temp\_MEI16002\sqlite3.dll

MD5 bf9d9f2eecf15d0a61dc4392dc4d377e
SHA1 58448c9d08877828cd48dd8195693a9eecfd9963
SHA256 bf32edf3488b09c1f8f59c85938c6b5ee4f474328c9765f36fe9f438d83c75e5
SHA512 c84f945167d1c877463402ec8f2ceeb79b72e5363ee17203e9a9ccfdafb37e82af8f4acaab37c56a297ba20c81321e0e3026830512d767690f5838430212ec7c

C:\Users\Admin\AppData\Local\Temp\_MEI16002\pyexpat.pyd

MD5 b9e494c853bba2a2f092b3c642a82068
SHA1 5dd07718f39e2a582bfbb45668419a9fd913cff5
SHA256 291d7bcc0234c1bf87efd53d73aba765d4721f830b0ed802f69043ab4c891e8b
SHA512 f379646d305eb1d5b9b86df04a568c27a5b1883934e5b2549e630979b4dc9a4564086e987e1fbc3773607878a6d87c3699ed13bdda3ad63863d98ce94aef3fb7

C:\Users\Admin\AppData\Local\Temp\_MEI16002\libssl-1_1.dll

MD5 f102b45ffdf3c2930f040a06a23816ef
SHA1 1f8b03235b0efddb3091105a54ab95883a991514
SHA256 5645e02f836654d144d9627de8861af27bdc3060283fdc4a42e613ef791bb53a
SHA512 6b49b03fca8211d15640e985d62b0a241f46d77653e81e5440923eadf3ef806f248b30579f290e724bda8fb3e19b66139d1cb19dce2b529311c467823716a628

memory/2392-181-0x00007FFC50E50000-0x00007FFC50E64000-memory.dmp

memory/2392-183-0x00007FFC50AD0000-0x00007FFC50E47000-memory.dmp

memory/2392-190-0x00007FFC50EE0000-0x00007FFC50F04000-memory.dmp

memory/2392-193-0x00007FFC509A0000-0x00007FFC509D4000-memory.dmp

memory/2392-192-0x00007FFC63A30000-0x00007FFC63A3F000-memory.dmp

memory/2392-189-0x00007FFC509E0000-0x00007FFC50A97000-memory.dmp

memory/2392-188-0x00007FFC50AA0000-0x00007FFC50ACE000-memory.dmp

memory/2392-187-0x00007FFC50F30000-0x00007FFC5139E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\setuptools\_vendor\jaraco\text\Lorem ipsum.txt

MD5 4ce7501f6608f6ce4011d627979e1ae4
SHA1 78363672264d9cd3f72d5c1d3665e1657b1a5071
SHA256 37fedcffbf73c4eb9f058f47677cb33203a436ff9390e4d38a8e01c9dad28e0b
SHA512 a4cdf92725e1d740758da4dd28df5d1131f70cef46946b173fe6956cc0341f019d7c4fecc3c9605f354e1308858721dada825b4c19f59c5ad1ce01ab84c46b24

memory/2392-206-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-242-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-364-0x0000000070A00000-0x0000000070B32000-memory.dmp

memory/2392-258-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-256-0x0000016189580000-0x0000016189581000-memory.dmp

C:\Users\Admin\Desktop\here\LICENSE-KEY.txt

MD5 122d3f7ae3cda842fa39f895489ea3cc
SHA1 b00fe33c793170bc372d823eea929b7ac0cc5308
SHA256 0a066d645394f5322857d26ad6b8a827b87292ea70175aa98461f8859411e719
SHA512 66f5232039ed4e5d629fec31d6cf08af1fc6b5d2d449b95a13ea34034c78ddedf6890c4fd867edd44644125b6482ff13f505f86b4b88652a0adddc3c73584989

memory/2392-254-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-252-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-250-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-248-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-246-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-244-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-240-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-238-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-236-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-234-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-232-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-230-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-228-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-226-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-224-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-222-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-220-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-218-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-216-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-214-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-212-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-210-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-208-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-204-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-202-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-200-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-198-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-196-0x0000016189580000-0x0000016189581000-memory.dmp

memory/2392-195-0x0000016189570000-0x0000016189571000-memory.dmp

memory/2392-1461-0x00007FFC50E70000-0x00007FFC50E89000-memory.dmp

memory/2392-1460-0x00007FFC52540000-0x00007FFC526A9000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\charset_normalizer\md.cp310-win_amd64.pyd

MD5 89e6524df314db55a4da22e59502dd24
SHA1 3da6e6929827c5a32bca43809baa86c1c892313a
SHA256 5b0f625c70d35c11c379af78b0bdb2ae3de84ab9e2b7ee7f398b0d08e04a5e6b
SHA512 e08dcfa99e146083cec3de297f3e6160b745e1c1d11a7d38bb47ebfaec9551f7cdb4c7c8e37116caf70fe99a9768fdf048e037162c449c37481e377a3b2d727d

memory/2392-1471-0x00007FFC52480000-0x00007FFC524A7000-memory.dmp

memory/2392-1474-0x00007FFC52360000-0x00007FFC52478000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\pywin32_system32\pywintypes310.dll

MD5 63851464650116dabc61a9e6e664f053
SHA1 800ad3491c8999ffb1641e819c1b6fd2b804a610
SHA256 b6b9b8113f6a060e70bafdcc5c4173e8efa6a7a6c086eeb722e8f517c9622eb5
SHA512 62d48e342e148ada415afa5c0dfcf217b7ee6591852ab7ee7aefe6ee93279f404733e5b1d29f6845299529ebc39a931cf97ecff7418c1bba3b27d77e3b821dbb

C:\Users\Admin\AppData\Local\Temp\_MEI16002\pywin32_system32\pythoncom310.dll

MD5 bf514d4857e3e995e6010f1baf5d067e
SHA1 24f1df10dca3861b9ae8bbc9ed34cf574ca9ea57
SHA256 0fafde8b3e5fa63800f3f320614856de042ba03f44401c17b4dfecde805732e0
SHA512 c0be56dcac35d021d5b052ec4df27da4f97e7badfa3ca47ffd834920b342db544f5369d847089ad7a987a5d08e90cfe8ecbb86c824cba034b8dd3f76e6a68f11

memory/2392-1484-0x00007FFC522F0000-0x00007FFC52321000-memory.dmp

memory/2392-1483-0x00007FFC509E0000-0x00007FFC50A97000-memory.dmp

memory/2392-1479-0x00007FFC52330000-0x00007FFC5235C000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\win32\win32api.cp310-win_amd64.pyd

MD5 df96002246b245f7553d3c6c2645d9eb
SHA1 e40ceddf95b19559498a7a910e5ab1075c4a7984
SHA256 9a7634af6e08b0b2fa2edcecb07ffc64bf2c45971416ad9c2e08ee8d4c4eae0e
SHA512 507584ae56667806f9c19dc5dbca8ca5ff83b38f35a8da6fc58d8da212f2a9b0c7f3317c6eec22517293d08766ebed1be205140e60fcb903e3e9b108c205e485

C:\Users\Admin\AppData\Local\Temp\_MEI16002\certifi\cacert.pem

MD5 50ea156b773e8803f6c1fe712f746cba
SHA1 2c68212e96605210eddf740291862bdf59398aef
SHA256 94edeb66e91774fcae93a05650914e29096259a5c7e871a1f65d461ab5201b47
SHA512 01ed2e7177a99e6cb3fbef815321b6fa036ad14a3f93499f2cb5b0dae5b713fd2e6955aa05f6bda11d80e9e0275040005e5b7d616959b28efc62abb43a3238f0

memory/2392-1473-0x00007FFC50AD0000-0x00007FFC50E47000-memory.dmp

memory/2392-1470-0x00007FFC50E50000-0x00007FFC50E64000-memory.dmp

memory/2392-1469-0x00007FFC637B0000-0x00007FFC637BB000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\charset_normalizer\md__mypyc.cp310-win_amd64.pyd

MD5 668532ca93ee07c982c1bc63f86caa64
SHA1 a21576810a40e1274d44865f6e7f17933a088704
SHA256 d7de033bb37f6fe5af75f0dde111aaca7ec89237cdf957e5cc0b8b85350e5e03
SHA512 42e258b06dc9a38bf7002f9740ac9a7b9ae1147562606024f5fcce2466fb272acc6ad6d78201ad82965eb6e304f7ada7c5ef269ecbe304940c9d541710a03e1d

memory/2392-1464-0x00007FFC524B0000-0x00007FFC52537000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI16002\zstandard\backend_c.cp310-win_amd64.pyd

MD5 ab7ed53efcd117f758464ba217683279
SHA1 6e97c4bb849ef7b06714175f2385a53c9ee8dd17
SHA256 56db3e5065806b99c72a2fdc4932e854a307a784138af5208fc5170ab44969b0
SHA512 6f99bcfd202591e6d54ef934e217c63c0a06519d345e39d306d701227a14c621c820a960f4c38132ed04ccf92ef000c1858aec30ebebe2dc461457b755359cd9

memory/2392-1459-0x00007FFC5E0B0000-0x00007FFC5E0CF000-memory.dmp

memory/2392-1503-0x00007FFC521E0000-0x00007FFC521EB000-memory.dmp

memory/2392-1508-0x0000000070A00000-0x0000000070B32000-memory.dmp

memory/2392-1507-0x00007FFC52200000-0x00007FFC52237000-memory.dmp

memory/2392-1506-0x00007FFC521A0000-0x00007FFC521AC000-memory.dmp

memory/2392-1505-0x00007FFC521B0000-0x00007FFC521C2000-memory.dmp

memory/2392-1504-0x00007FFC521D0000-0x00007FFC521DD000-memory.dmp

memory/2392-1502-0x00007FFC521F0000-0x00007FFC521FC000-memory.dmp

memory/2392-1501-0x00007FFC596F0000-0x00007FFC596FB000-memory.dmp

memory/2392-1500-0x00007FFC5BDF0000-0x00007FFC5BDFB000-memory.dmp

memory/2392-1499-0x00007FFC5DD40000-0x00007FFC5DD4C000-memory.dmp

memory/2392-1498-0x00007FFC5E0A0000-0x00007FFC5E0AC000-memory.dmp

memory/2392-1497-0x00007FFC5EC40000-0x00007FFC5EC4E000-memory.dmp

memory/2392-1496-0x00007FFC60740000-0x00007FFC6074D000-memory.dmp

memory/2392-1495-0x00007FFC62A60000-0x00007FFC62A6C000-memory.dmp

memory/2392-1494-0x00007FFC62B40000-0x00007FFC62B4B000-memory.dmp

memory/2392-1493-0x00007FFC62ED0000-0x00007FFC62EDC000-memory.dmp

memory/2392-1492-0x00007FFC63330000-0x00007FFC6333B000-memory.dmp

memory/2392-1491-0x00007FFC63540000-0x00007FFC6354C000-memory.dmp

memory/2392-1490-0x00007FFC63570000-0x00007FFC6357B000-memory.dmp

memory/2392-1489-0x00007FFC636A0000-0x00007FFC636AB000-memory.dmp

memory/2392-1488-0x00007FFC52240000-0x00007FFC522E3000-memory.dmp

memory/2392-1513-0x00007FFC5E0B0000-0x00007FFC5E0CF000-memory.dmp

memory/2392-1514-0x00007FFC52540000-0x00007FFC526A9000-memory.dmp

memory/2392-1541-0x00007FFC52480000-0x00007FFC524A7000-memory.dmp

memory/2392-1553-0x00007FFC52330000-0x00007FFC5235C000-memory.dmp

memory/2392-1603-0x00007FFC52240000-0x00007FFC522E3000-memory.dmp

memory/2392-1602-0x00007FFC522F0000-0x00007FFC52321000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_MEI39842\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\INSTALLER

MD5 365c9bfeb7d89244f2ce01c1de44cb85
SHA1 d7a03141d5d6b1e88b6b59ef08b6681df212c599
SHA256 ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508
SHA512 d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

memory/5192-1699-0x00007FFC4B450000-0x00007FFC4B8BE000-memory.dmp

memory/5192-1700-0x00007FFC51AC0000-0x00007FFC51AE4000-memory.dmp

memory/5192-1701-0x00007FFC51530000-0x00007FFC5153F000-memory.dmp

memory/5192-1702-0x00007FFC4FC30000-0x00007FFC4FC49000-memory.dmp

memory/5192-1703-0x00007FFC4FC00000-0x00007FFC4FC2D000-memory.dmp

memory/5192-1704-0x00007FFC4FB80000-0x00007FFC4FB99000-memory.dmp

memory/5192-1705-0x00007FFC4FBF0000-0x00007FFC4FBFD000-memory.dmp

memory/5192-1706-0x00007FFC4FB70000-0x00007FFC4FB7D000-memory.dmp

memory/5192-1707-0x00007FFC4FB50000-0x00007FFC4FB64000-memory.dmp

memory/5192-1708-0x00007FFC4BCB0000-0x00007FFC4C027000-memory.dmp

memory/5192-1712-0x00007FFC51AC0000-0x00007FFC51AE4000-memory.dmp

memory/5192-1711-0x00007FFC4D0A0000-0x00007FFC4D157000-memory.dmp

memory/5192-1710-0x00007FFC4D160000-0x00007FFC4D18E000-memory.dmp

memory/5192-1709-0x00007FFC4B450000-0x00007FFC4B8BE000-memory.dmp

memory/5192-1713-0x00007FFC4D060000-0x00007FFC4D094000-memory.dmp

memory/5192-1714-0x0000000070A00000-0x0000000070B32000-memory.dmp

memory/5192-2977-0x00007FFC4CED0000-0x00007FFC4D039000-memory.dmp

memory/5192-2976-0x00007FFC4FB80000-0x00007FFC4FB99000-memory.dmp

memory/5192-2975-0x00007FFC4D040000-0x00007FFC4D05F000-memory.dmp

memory/5192-2978-0x00007FFC4C8C0000-0x00007FFC4C947000-memory.dmp

memory/5192-2980-0x00007FFC4FB40000-0x00007FFC4FB4B000-memory.dmp

memory/5192-2979-0x00007FFC4FB70000-0x00007FFC4FB7D000-memory.dmp

memory/5192-2982-0x00007FFC4C890000-0x00007FFC4C8B7000-memory.dmp

memory/5192-2981-0x00007FFC4FB50000-0x00007FFC4FB64000-memory.dmp

memory/5192-2983-0x00007FFC4BCB0000-0x00007FFC4C027000-memory.dmp

memory/5192-2984-0x00007FFC4C770000-0x00007FFC4C888000-memory.dmp

memory/5192-2985-0x00007FFC4D160000-0x00007FFC4D18E000-memory.dmp

memory/5192-2986-0x00007FFC4C740000-0x00007FFC4C76C000-memory.dmp

memory/5192-2988-0x00007FFC4C700000-0x00007FFC4C731000-memory.dmp

memory/5192-2987-0x00007FFC4D0A0000-0x00007FFC4D157000-memory.dmp

memory/5192-2989-0x00007FFC4B3A0000-0x00007FFC4B443000-memory.dmp

memory/5192-2992-0x00007FFC4C6C0000-0x00007FFC4C6F7000-memory.dmp

memory/5192-2993-0x00007FFC4FA60000-0x00007FFC4FA6B000-memory.dmp

memory/5192-2991-0x00007FFC4D040000-0x00007FFC4D05F000-memory.dmp

memory/5192-2997-0x00007FFC4C8C0000-0x00007FFC4C947000-memory.dmp

memory/5192-2996-0x00007FFC4C4F0000-0x00007FFC4C4FC000-memory.dmp

memory/5192-2995-0x00007FFC4CEC0000-0x00007FFC4CECB000-memory.dmp

memory/5192-2994-0x00007FFC4CED0000-0x00007FFC4D039000-memory.dmp

memory/5192-2990-0x0000000070A00000-0x0000000070B32000-memory.dmp

memory/5192-2998-0x00007FFC4C4E0000-0x00007FFC4C4EB000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 73d076263128b1602fe145cd548942d0
SHA1 69fe6ab6529c2d81d21f8c664da47c16c2e663ae
SHA256 f2dd7199b48e34d54ee1a221f654ad9c04d8b606c02bdbe77b33b82fb2df6b29
SHA512 e371083407ee6a1e3436a3d1ea4e6a84f211c6ad7c501f7a09916a9ada5b50a39dcb9e8be7a4dee664ea88ec33be8c6197c2f0ac2eabe3c0691bc9d0ed4e415d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e443ee4336fcf13c698b8ab5f3c173d0
SHA1 9bf70b16f03820cbe3158e1f1396b07b8ac9d75a
SHA256 79e277da2074f9467e0518f0f26ca2ba74914bee82553f935a0ccf64a0119e8b
SHA512 cbf6f6aa0ea69b47f51592296da2b7be1180e7b483c61b4d17ba9ee1a2d3345cbe0987b96f4e25de1438b553db358f330aad8a26e8522601f055c3d5a8313cdd

C:\Users\Admin\AppData\Local\Temp\key_wicstn.bin

MD5 f986871ebc61451d363ab48f399dee1e
SHA1 54b5a55b1819f3a22ea267ee6583e622da10be14
SHA256 60fc292c44acc5248b1a1df83cb85e18be093b74056192ec428a1472ddb8b33d
SHA512 e65d07044922721343d7de98140a7d3385f40be3bf04122995f017497f65be6ea1c4debc38fe45e1ca2495f4e88b3983bf31aa5ddd8509e69cbf60a5ff7a2802

C:\Users\Admin\AppData\Local\Temp\encrypted_key_wicstn.json

MD5 a61b1f6310537c905e0e0b37f3fc965b
SHA1 2becb413a3e2c9ce0d1974a4c73bd9b01b2ee38c
SHA256 31c3c6c429d4552bb62187e824b7ce6dd4b0fb4ba11b4e1a1c203eeac7576c17
SHA512 b0b1d96236b3a59aebb6cc42a34431256063ee35e85de4d55fa4fb3ad643cd00d4edac0dd943ec33e18512852d72f2049196fea269f02250ee17bf0bdcf832df

C:\Users\Admin\AppData\Local\D3DSCache\fe8d97be6d92aa78\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_ARC4.pyd

MD5 852d3b54abf69ae596f078bb5b70c5a3
SHA1 3cd5d7d8cbb73f6bd5f8539c501bdc22ec868cfe
SHA256 b7599ec6cde0155c02b18da717170b6ec43a505958d1535bc82fc5ba03f080b4
SHA512 505014d8e793c5cf18571eff5e412a513a7cc0b7334cd708997f8ed3f712f4364ba53fa77ca19c494ed972f1df85c96395786bf983c6e7977a7439c1c4e4312f

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_cfb.pyd

MD5 b1353273389a97a39108593205586436
SHA1 f95d9dd414e9dcb68fa30bcdcac4ae8ec3be0221
SHA256 17d0286e8e456f98264c4a3b78195d031c6df54436f13c59d3250f7577f31162
SHA512 98d2997f78a57130063ca3a1dd4c17643679c9244f1121a2360b8bca57e3d250aae46efea694f217f1cccd6863a6c852a78d2eb72c6e9c203a2348cce01f3ef8

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_keccak.pyd

MD5 19f0e738975e626fcd1a84db237048d8
SHA1 e958848014e7a7ba469350904eda116c048df7e7
SHA256 870a288183cdb23dbbad027464eb4a238f188542dddc8bb67b76b72a86866d4c
SHA512 9d7f006d4114808b53d6a8fa01b16fee2f2463748cd17db70880c5326b850d9bd44ae5d931e673ee009465fc28b2e759764d93df9ff8db356e1f2aa391839dd3

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Util\_strxor.pyd

MD5 11d3fab9d5575e0c89c7d7095acace75
SHA1 1269fdb2fce4ad671ca480e021f3cd1ea29e8588
SHA256 23c4aa52cee1af91ba35963edc7cbcca28202844b2dc161c5af12f751c6e00be
SHA512 d275fb63a4cc4a3e00682361c5dcccd5d7d00b0de0d52a3e9bd5dc336b0dd30117cc2b52e8e00f8959b7e3db70ad0b958414f3323d3d5ce313027b7fb0c5aa6c

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Util\_cpuid_c.pyd

MD5 a032b289d5734d27d6e83ee077f4c51c
SHA1 be0480003aa837892cf98ddbaafcf7250ed4f515
SHA256 21a743b3b189f20b0abc0ab6ee22305ce39aa8c95005cbf85858aca163000ee1
SHA512 8b97ec264a15b8538ab9636c5e8716ade7acad69f5220129b2094bc35d9c0cd3abc3ab2977fb0d49ef4785fe1608936ee1dae2f7421c400cace4b9d38114b8af

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\PublicKey\_ec_ws.pyd

MD5 a3caffaba1d67c91feb0e6cc69c26bb3
SHA1 7c48e63d5e9b6ed6c247b8c48a48643ff02dbe7c
SHA256 c282f4a6815e3d489a1b5fa7de40d370edafd61fa63d15d95b56f85ef8632b89
SHA512 cf94b14a4e895becf97953f59fe0855f7cbeab859506293acfc9030dec95dce64bb62fb4d924217c84374e3973ff82a5478f01a388d2dbc8801c837c315b2f15

C:\Users\Admin\AppData\Local\Temp\_MEI18202\zstandard\_cffi.cp310-win_amd64.pyd

MD5 bc066e4dbd9a425bfa63b06ee424030c
SHA1 bec70d86f3b180390808bf52c502a50d20fc209e
SHA256 6b121db6eda40748767d9324be1177d5ee9f09d6561a2ca0272858d30b805305
SHA512 369ef10628cecb95c047bfee76cc86ad2aa6657fc437af7308531d1f0a686fa75f454b1e12e9570ef2c5bfebbf7cb72defa1c777938ae415fc6b181b905fa29b

C:\Users\Admin\AppData\Local\Temp\_MEI18202\win32\win32trace.cp310-win_amd64.pyd

MD5 5d2f1b204aee03834a0f5e081ac892fc
SHA1 12cd7c935282052a1950eebd98dca9ba922cb5d9
SHA256 e9bb56341814beaf352668e664677e15369f3758ba6d5203050b20656874179d
SHA512 9c4618140d190073893fa3aa4b625e84ccd095896e0c83ef5c80a0681797feeee118d30e865bd9725f4b8841679d914efefffaf522a173be6aaf366c7fd1a542

C:\Users\Admin\AppData\Local\Temp\_MEI18202\win32\_win32sysloader.cp310-win_amd64.pyd

MD5 e0e2cc011fe8bd930912e4fe40fbb14d
SHA1 d6dc628284fca73f8427826b9a3e000ba6b56044
SHA256 3733e2b05d0f61e88360fa489b70939f19cf5bfa5db7c7ddebeeca32cc37d7c7
SHA512 1e140c970eddc029329a6f660963c9875b07cc5ee953ea22b7f995e36c1b9f1afce682ba6a24e3fceea4842633a1df72157f339f3d4d5aaaca8a08f23961956b

C:\Users\Admin\AppData\Local\Temp\FileRetriever_Prysmax.zip

MD5 428e7c360fea40fdc0bdbaa649c8f520
SHA1 486383dea9e6a90c19d3d9b77bd382ca25e16aea
SHA256 d0b226f4aa9492b1fdde1958a081c3425423063f6ec2da6a2d39da383d3a1040
SHA512 2932c4736a82be5f69102d79d2ed80d319a1e58eeaa519e90bcc94cbb721aae23bddd16fc3accb4d6bf1f15823821e5e4eb4b3f7d02e14e7347001026aafc0f2

C:\Users\Admin\AppData\Local\Temp\_MEI18202\setuptools\_vendor\wheel-0.43.0.dist-info\entry_points.txt

MD5 6180e17c30bae5b30db371793fce0085
SHA1 e3a12c421562a77d90a13d8539a3a0f4d3228359
SHA256 ad363505b90f1e1906326e10dc5d29233241cd6da4331a06d68ae27dfbc6740d
SHA512 69eae7b1e181d7ba1d3e2864d31e1320625a375e76d3b2fbf8856b3b6515936ace3138d4d442cabde7576fcfbcbb0deed054d90b95cfa1c99829db12a9031e26

C:\Users\Admin\AppData\Local\Temp\_MEI18202\setuptools\_vendor\wheel-0.43.0.dist-info\WHEEL

MD5 24019423ea7c0c2df41c8272a3791e7b
SHA1 aae9ecfb44813b68ca525ba7fa0d988615399c86
SHA256 1196c6921ec87b83e865f450f08d19b8ff5592537f4ef719e83484e546abe33e
SHA512 09ab8e4daa9193cfdee6cf98ccae9db0601f3dcd4944d07bf3ae6fa5bcb9dc0dcafd369de9a650a38d1b46c758db0721eba884446a8a5ad82bb745fd5db5f9b1

C:\Users\Admin\AppData\Local\Temp\_MEI18202\setuptools\_vendor\wheel-0.43.0.dist-info\RECORD

MD5 44d352c4997560c7bfb82d9360f5985a
SHA1 be58c7b8ab32790384e4e4f20865c4a88414b67a
SHA256 783e654742611af88cd9f00bf01a431a219db536556e63ff981c7bd673070ac9
SHA512 281b1d939a560e6a08d0606e5e8ce15f086b4b45738ab41ed6b5821968dc8d764cd6b25db6ba562a07018c271abf17a6bc5a380fad05696adf1d11ee2c5749c8

C:\Users\Admin\AppData\Local\Temp\_MEI18202\setuptools\_vendor\wheel-0.43.0.dist-info\METADATA

MD5 ebea27da14e3f453119dc72d84343e8c
SHA1 7ceb6dbe498b69abf4087637c6f500742ff7e2b4
SHA256 59bac22b00a59d3e5608a56b8cf8efc43831a36b72792ee4389c9cd4669c7841
SHA512 a41593939b9325d40cb67fd3f41cd1c9e9978f162487fb469094c41440b5f48016b9a66be2e6e4a0406d6eedb25ce4f5a860ba1e3dc924b81f63ceee3ae31117

C:\Users\Admin\AppData\Local\Temp\_MEI18202\setuptools\_vendor\wheel-0.43.0.dist-info\LICENSE.txt

MD5 7ffb0db04527cfe380e4f2726bd05ebf
SHA1 5b39c45a91a556e5f1599604f1799e4027fa0e60
SHA256 30c23618679108f3e8ea1d2a658c7ca417bdfc891c98ef1a89fa4ff0c9828654
SHA512 205f284f3a7e8e696c70ed7b856ee98c1671c68893f0952eec40915a383bc452b99899bdc401f9fe161a1bf9b6e2cea3bcd90615eee9173301657a2ce4bafe14

C:\Users\Admin\AppData\Local\Temp\_MEI18202\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\WHEEL

MD5 7d09837492494019ea51f4e97823d79f
SHA1 7829b4324bb542799494131a270ec3bdad4dedef
SHA256 9a0b8c95618c5fe5479cca4a3a38d089d228d6cb1194216ee1ae26069cf5b363
SHA512 a0063220ecdd22c3e735acff6de559acf3ac4c37b81d37633975a22a28b026f1935cd1957c0ff7d2ecc8b7f83f250310795eecc5273b893ffab115098f7b9c38

C:\Users\Admin\AppData\Local\Temp\_MEI18202\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\RECORD

MD5 eb513cafa5226dda7d54afdcc9ad8a74
SHA1 b394c7aec158350baf676ae3197bef4d7158b31c
SHA256 0d8d3c6eeb9ebbe86cac7d60861552433c329da9ea51248b61d02be2e5e64030
SHA512 a0017cfaff47fda6067e3c31775facee4728c3220c2d4bd70def328bd20aa71a343e39da15cd6b406f62311894c518dfcf5c8a4ae6f853946f26a4b4e767924e

C:\Users\Admin\AppData\Local\Temp\_MEI18202\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\METADATA

MD5 98abeaacc0e0e4fc385dff67b607071a
SHA1 e8c830d8b0942300c7c87b3b8fd15ea1396e07bd
SHA256 6a7b90effee1e09d5b484cdf7232016a43e2d9cc9543bcbb8e494b1ec05e1f59
SHA512 f1d59046ffa5b0083a5259ceb03219ccdb8cc6aac6247250cbd83e70f080784391fcc303f7630e1ad40e5ccf5041a57cb9b68adefec1ebc6c31fcf7ffc65e9b7

C:\Users\Admin\AppData\Local\Temp\_MEI18202\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\LICENSE

MD5 3b83ef96387f14655fc854ddc3c6bd57
SHA1 2b8b815229aa8a61e483fb4ba0588b8b6c491890
SHA256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30
SHA512 98f6b79b778f7b0a15415bd750c3a8a097d650511cb4ec8115188e115c47053fe700f578895c097051c9bc3dfb6197c2b13a15de203273e1a3218884f86e90e8

C:\Users\Admin\AppData\Local\Temp\_MEI18202\cryptography\hazmat\bindings\_rust.pyd

MD5 b568cf26bfe32579dbaed0eda4670b05
SHA1 43cb4f8bc59ece1927f99bd23009ff9115ad08c8
SHA256 0ac4bef68354a5638c52965bdeb15b30de942a42de27bef9651c348dad6d0b62
SHA512 b0fe45fdd589ae7278ff031be6e209f059633daf351373f843e86455e05642ee7291510a5f3a6502dca025daf0c2071ea0d757ecf5c07e3359e740e6af19fe22

C:\Users\Admin\AppData\Local\Temp\_MEI18202\cryptography-44.0.0.dist-info\licenses\LICENSE.BSD

MD5 5ae30ba4123bc4f2fa49aa0b0dce887b
SHA1 ea5b412c09f3b29ba1d81a61b878c5c16ffe69d8
SHA256 602c4c7482de6479dd2e9793cda275e5e63d773dacd1eca689232ab7008fb4fb
SHA512 ddbb20c80adbc8f4118c10d3e116a5cd6536f72077c5916d87258e155be561b89eb45c6341a1e856ec308b49a4cb4dba1408eabd6a781fbe18d6c71c32b72c41

C:\Users\Admin\AppData\Local\Temp\_MEI18202\cryptography-44.0.0.dist-info\licenses\LICENSE.APACHE

MD5 4e168cce331e5c827d4c2b68a6200e1b
SHA1 de33ead2bee64352544ce0aa9e410c0c44fdf7d9
SHA256 aac73b3148f6d1d7111dbca32099f68d26c644c6813ae1e4f05f6579aa2663fe
SHA512 f451048e81a49fbfa11b49de16ff46c52a8e3042d1bcc3a50aaf7712b097bed9ae9aed9149c21476c2a1e12f1583d4810a6d36569e993fe1ad3879942e5b0d52

C:\Users\Admin\AppData\Local\Temp\_MEI18202\cryptography-44.0.0.dist-info\licenses\LICENSE

MD5 8c3617db4fb6fae01f1d253ab91511e4
SHA1 e442040c26cd76d1b946822caf29011a51f75d6d
SHA256 3e0c7c091a948b82533ba98fd7cbb40432d6f1a9acbf85f5922d2f99a93ae6bb
SHA512 77a1919e380730bcce5b55d76fbffba2f95874254fad955bd2fe1de7fc0e4e25b5fdaab0feffd6f230fa5dc895f593cf8bfedf8fdc113efbd8e22fadab0b8998

C:\Users\Admin\AppData\Local\Temp\_MEI18202\cryptography-44.0.0.dist-info\WHEEL

MD5 a868f93fcf51c4f1c25658d54f994349
SHA1 535c88a10911673deabb7889d365e81729e483a6
SHA256 1e7f5bcad669386a11e8ce14e715131c2d402693c3f41d713eb338493c658c45
SHA512 ec13cac9df03676640ef5da033e8c2faee63916f27cc27b9c43f0824b98ab4a6ecb4c8d7d039fa6674ef189bdd9265c8ed509c1d80dff610aeb9e081093aeb3d

C:\Users\Admin\AppData\Local\Temp\_MEI18202\cryptography-44.0.0.dist-info\RECORD

MD5 f15ef7175220c9f59f90bbbaeda16dbd
SHA1 5367cac8814d7a54e1c0274ff3f651ed5c6fe5d6
SHA256 04db3839c853d4164576122b7d5a2bab186536dc8f9a4980385e11cf59946114
SHA512 bb0fa967e03d98b9611006df2155bd8ad58a0e8b1a679d636b94ce931d316f18b61b801e018deca90d8e5a35fa744ae8c9e1a36f25c791052008c43af53a8117

C:\Users\Admin\AppData\Local\Temp\_MEI18202\cryptography-44.0.0.dist-info\METADATA

MD5 526d9ac9d8150602ec9ed8b9f4de7102
SHA1 dba2cb32c21c4b0f575e77bbcdd4fa468056f5e3
SHA256 d95f491ed418dc302db03804daf9335ce21b2df4704587e6851ef03e1f84d895
SHA512 fb13a2f6b64cb7e380a69424d484fc9b8758fa316a7a155ff062bfdacdca8f2c5d2a03898cd099688b1c16a5a0edcecfc42bf0d4d330926b10c3fce9f5238643

C:\Users\Admin\AppData\Local\Temp\_MEI18202\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\top_level.txt

MD5 a24465f7850ba59507bf86d89165525c
SHA1 4e61f9264de74783b5924249bcfe1b06f178b9ad
SHA256 08eddf0fdcb29403625e4acca38a872d5fe6a972f6b02e4914a82dd725804fe0
SHA512 ecf1f6b777970f5257bddd353305447083008cebd8e5a27c3d1da9c7bdc3f9bf3abd6881265906d6d5e11992653185c04a522f4db5655ff75eedb766f93d5d48

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Pythonwin\win32ui.cp310-win_amd64.pyd

MD5 2ce13219f5b6cbd0d706bdbfdea65399
SHA1 461ccc51de6fa4bcb386e25504c23f38b2c19e50
SHA256 03938ac461ad3aee402b4f02f78c244969a4ffed7a5a7341197995bb95aceb84
SHA512 d47a0e7730a386f287048cb3718f14c6b291131e2865a2b3b5e08eb1d616e5da543dd008e68d135e6077095410bec186930f981543d5d930544687f864f27c35

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Pythonwin\mfc140u.dll

MD5 639db7fe67e2e15d069a62c0ef4a971c
SHA1 bdbf2517678f9066c4553e6fdace0a366929185c
SHA256 760308cf8bedaebc4500049622d08ddcaca0024acbd3b6bdca1618ec48a91597
SHA512 83cd3e89ddac3915686bceec25654f0a35fe66a1c27d95bcfd3b44bdc01ded0df9beb525e0604522f61d58183546af63ffdd60f90e5bffd648774169832d2335

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Protocol\_scrypt.pyd

MD5 4fd2ef292939d6d942485ad7d99681f1
SHA1 5f7fb6e0ca068c2a1d13d90a1da97e24f4974515
SHA256 fdf68c176ebd15f7f8262e96b8c39296e39d78d7abe2bdf3f39cc8ce7318f510
SHA512 e10c4d297ce78aaa18081978670ace11e782df572690374606223119654e4ffd5bed0f1fc69c3f739d5419691c691830b82d31bb54a22e745e0bae35eb04d609

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Math\_modexp.pyd

MD5 f8a207e7f263004884fd9acc7bf21c37
SHA1 5987843888be832580bfdab8c03fec18125e20b3
SHA256 8b4a89ff8cc6c45e9ce1a1e114eba787d380cc5e7998ebf9a3b6adca98f50bd8
SHA512 cbec8ecc58820d99c1fbbb68f78a8c3cea435e547825dea47ae7900f52080a593ef20f7e47e35ccb51117f4c7285fa3e59b08401360731e91e470afea7ea7aee

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_poly1305.pyd

MD5 87631f68dff433b9001e00a563ae48e2
SHA1 8660f04816917743d0b81da6d0cc5f9f435d948d
SHA256 2790f4a54502ad5ff77264bf7c84cf62028656ce804fc38fc60994fc9493deea
SHA512 5fff21b497ddc97ec956ff2550e03b7eaf25deb5d6dd9922f9cea4bf6bf3e2c5b2713d5225c1797f78044b6ab1efa447aa1b6cd5211d87432868dd8e9f6aeac1

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_ghash_portable.pyd

MD5 6ea642b2888dac8985e802638f5b9a29
SHA1 955a6929228a5fdf85fe3517513053a6d4543975
SHA256 17b49463c21622d2d55f51833a48424e2fd07d91fe3317f38b9729e2c2e8492c
SHA512 af361c865a8295f3918e6e39643533a33b094e986633b662027b0145c1c84bf314439817a6972288a3320ed91b2ff378719b2193d409f2eef32a649b16684b3f

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_ghash_clmul.pyd

MD5 b0a1cf85345d4b058447e801a947acd6
SHA1 a55c2e2ef6e363e9c2c0bd262b0712ec0a6861ca
SHA256 a50bd72fa5b39b1d30a73beb05c7fb84cf88aabc718a089396837e87d4550a9f
SHA512 261eb9b45967baf662253f5e76e1e9ec660671bd0cd18f72963c20d9b503f91de6b4bd83c27f92819e6d2c5bb59d287f536b1abd970230f66dc94cc553365772

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_SHA512.pyd

MD5 d879e8cad21a84c6d9883743a164e15d
SHA1 4587d5a1752b29e78544e260a20e3bb1aaf7797f
SHA256 96d126133ad979a35d843189a16ed007e2018ff1cd78e381739452e61cfc6028
SHA512 2f9f6038c063184ada7fd3066690828ae461c24010a011c876cf5c3877920eaa4236477e2303435e6cd2204cc698147bdf9e888c95e89f1d6d31f8e4f26d8e16

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_SHA384.pyd

MD5 b05b994ac964865c2744bbae3ce0b5fe
SHA1 fb9d9e61d91a0d3e4a01137901ee4f9ecdb4495a
SHA256 d2d457412aa23a692e248d9e0af6117bb1a4bd54f0941089fe9a226ab0d4c1d1
SHA512 363a869092dec47bae6f5805eb6064ee629eee8f2ebf996b384fa5c67bbb8ce2b6f7b8c394b453adc0b688bded4883e0804e77cac05d8ec9d95a5709bde90a70

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_SHA256.pyd

MD5 84a8be1a7357ecfc2b9688872db82bb6
SHA1 757d991353f89e1a2df016749c21f033df049cbb
SHA256 54cef93ec6993344856493a5f3e29350c81e5ebbd6c5de6f9af76beb5a3930ff
SHA512 49e41ac4cddc3368293993a1b41f327cc02e10fbf7701ee230ceee8231588896cbad50590182b2b0018548ba9cc199feff36f765c916aa0501db0ea2ca88be6d

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_SHA224.pyd

MD5 84dbe5199dfcea58a9db3c062d546808
SHA1 3836dc212313164c1a6ea67b71b1e07f98e0f555
SHA256 fa46c814679d249e4cf27e8675cfa8b6f5b131e06cad0fcfae05be0b618259ca
SHA512 b3eede63603cf82a964c06388d22ebb8e336d980bcb1e2642e281d302b0b7cacd492aa4df2109bb125ac348473188df254445261fa93cab01885efe0017620f9

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_SHA1.pyd

MD5 992ace911f83c67829078e3c2ea1de56
SHA1 627554c2396d7f6f4139889b80736b5b62c91ec3
SHA256 cb915e9f708a5058062549cdce26558592962bcbd6baebbace0b10bb4807ef4a
SHA512 208d68a3f33a570114489a9a9fac7777068a9a95f339515a1b229d457c37ab8dd519c3ae8c293286e8d6b6391e3c271d868ecca59ff63cafd7d72e2453a96078

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_RIPEMD160.pyd

MD5 2f771e0971877978b906a92c5646a2b0
SHA1 374c9d262ed38794e25f3b7e08791c9fcaaabbee
SHA256 ad5fffd35a82c9f53eae9e88dbaf904ec0c604369aeaa614fcc1eaf649a9ff59
SHA512 21322227496f3030210c4ccf5d675356faf0dcc5a62245da7943e5c6ef838a745d6f1ccfd25ee0cbfd08f00f0eaf242bca5956da1d5f6930a047a0fb1c477c0d

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_MD5.pyd

MD5 8f99b29c4d206f0e77c8ac454fc887cf
SHA1 498224204fd1c23c86ffe0c6c1c4f9a6fabf314e
SHA256 a774be1c0931694801b311f22dd952f1a745fc4716399511c92625be0b32e662
SHA512 c6127028b562fc7c617ef97e9a2823e5faae634437992c1d0af2ce2a51852cdbc89216f43a82f6dd360a15bee062241b7f7848b89c5ba9ff0024797817948a0f

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_MD4.pyd

MD5 c684b4ae37b6123264051a8a36950ac6
SHA1 114828a542b04fa148924a3f482f97f1aa8d00d7
SHA256 d0231732f6eb062446dff2924c0c5139a4b3fd59a15437b3572bdfe7afee5644
SHA512 85ae76b6bde709d83897ab14e7c01699b37e02f680a9f13a93e82e2fe27487c1c00cedfceae0ed39838e461e7792adab0fdaa8beaaad15dddf390612da509d8d

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_MD2.pyd

MD5 f0615042deb75202d2cc057248dbe316
SHA1 d800c74be5042f2f961ac9c92ca5dac0f5348425
SHA256 1af509f699291591026d16fee9aeaa59f2f0638ae202880b8410bdc4c3b478f7
SHA512 4f2eea061884b5992e4a26e2ebcab7d53bcd05d1858d8df46e1846261a6c160dc01540c476401c01e819a6dd4cd4ac3c675c0e71d667a5f22fbf4213fa2582d8

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_BLAKE2s.pyd

MD5 b8a0d2af79db8e4f7e601c22abe50b62
SHA1 fa5fee975ca16ef292a0e1e0e423cda76d70d084
SHA256 b06de307bd9523aa231fad57b6afa139c366dd0204a0634972002a828e2ec2a4
SHA512 1fb8623467c862a5143eaeb9059b4f3fc237ab2958df4a24ec21e1619544eff279e2f8a3ecf1732fe1f69fc8b8ecca819a60fa86834a8b16ba5155146e393a74

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Hash\_BLAKE2b.pyd

MD5 5d4384bbdace116adae34919ff1c1de0
SHA1 e0e77de7e6bb5162cbfca808510ec6c40960b3e3
SHA256 a3e9c1cbcb70a9f55961333db3f71c4dedc7b65b1e23388edef695c7afb0aca8
SHA512 3cb7b5a50acc1b2b55cbf4aa73b8f43814251361c82e0e0ce20bf8fd06c7674c86ea55cae20cb16d29fdd8e13cc45a6e8a48034ff3079f46afde8f8b18592a44

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_ofb.pyd

MD5 252b75ce805693c00b3695fcc6e2f387
SHA1 6d6b8b862e7752f6a55700ddd0bca140581cada2
SHA256 4f36b41937dbeb8a44ed33a09ba7144f0532a5dc9f4b35da2f6dfeb1919f60bf
SHA512 0296985482572193ae9c94675a3ee94ce734311aa3f26a02708ec77f564335302c6806722293b5c4a1726ddde896f365aa5acfdee58cd3b630cf6425cdbb2741

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_ocb.pyd

MD5 a50a1e8ab899eb5b3339dd0f18f37b07
SHA1 9bb62bb618d09c6a32427259c1501b87c5be3a2d
SHA256 cb710def6b3eb20045f261e4d998c78f08c89d3b4f087e3f78befbc41a07676a
SHA512 ba705debe80ee333e9948aa14904e09dcc56b9347a0560ce625767589d2fbe14a2a64b97be0f5cce0d2edae20746c38e3725878785d6ebe39f94ab00d68e0e1e

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_eksblowfish.pyd

MD5 739882918dd674b0115432d286188e35
SHA1 5308c42b724e9d65480554e48ed3837d02179e5a
SHA256 2ce167493efd87a12639e66dd6a5624ea7a6e334daf030b34a94e09952c4bdaa
SHA512 273959a482d27858c26d7e4e000a2c856b368d00abec807565fc21f3185a3999a38ba46460b9113df88b4f9608d2ae71a772c129e1d020fc8c7d894b26172618

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_ecb.pyd

MD5 5348f3c927bbe53c60430cfb7c3010dc
SHA1 70631298e879086878ca4ec08bdcb8268b55e7ec
SHA256 6b826e92d31104c33651305671ba0fff61a126d227b50d9a65a8d7e77fbb3f31
SHA512 2f2e0c825d8c52a7527da3aeb1e46fc8e8b1b2faecfe70df2d83f86660f1991699362bd8ef7321ba869f0a288b058e1fc9604652517fec368ecd164ca8ec266d

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_des3.pyd

MD5 6989ca1befd4432d2c25b1480a6d5469
SHA1 7442d9e07be8cef07752c4fe741eedcde447ab07
SHA256 af74dd11c0667a0a59112dcf2397292aebb4536cb5ff92e604d954ea904fec00
SHA512 2c5ac91fc151b4e23a5c628835b28a3ee7e156fe7b004d7f3d2ec82c5031bc88f3e99c2a28d09c534e2dda3131628a5aa8df0d97d66ae018add097c385176aba

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_des.pyd

MD5 f01271b15a7bfd59f352e55786efe9bf
SHA1 84358f77dcb024e2fc350499d81cff998a5cb74b
SHA256 535f236cd5e92801a3a9de5e9248f957d181545cc113e96cfb1e14d2f45a20a8
SHA512 622c55f6f0dba12d21c7744d5e0261b169cda9419289008bbf15a1ccb5b13d289e2d3e34fb3612432f500018b4258d596a5146d396111a86dd335f285b987247

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_ctr.pyd

MD5 8d9dbdfef250c6a57de564c69d02f30f
SHA1 aaf9bc31afe71733600f47f493b1c836dc953691
SHA256 879e7772f7c7ce5c3f5911e92d83e5623f888ba06c29bfe984299d7ff36e882f
SHA512 3956f6780d973b94451312280ce412864c3554cf5789dded4d64aca10d2a5cb51a6ef665554be17bba05b44e28ea1303ab706be469361b1b057bf348b5b35eba

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_cbc.pyd

MD5 555e1006a3f6305e7fae73728362bf1b
SHA1 71c160e673290c453adfcd5f3269dea6d681d1c3
SHA256 c16819b72b1d9b5828ab5bb74a1ba8c4e030357b9eff9e16cd341b6d7861d564
SHA512 b98c71b262748e5a9d2e891e0fa36214f5a542e47393eaa4fd5b87dc2ec0561abdce70fe3974bf5d6d4525e776d41b7623d12e1d4dc6d0c5590814c098132f07

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_cast.pyd

MD5 983a9f94f98c270ba51e7a444e0db341
SHA1 46f448fe59e6a57369aa3b9cea5c2830d421938f
SHA256 95191f50114f9fc636c991c84f1f05788e4825452c66f4ebb792d58aeddfc521
SHA512 6860592109e186cf9fbd72e89842afeceda5ea8ea6bf38671e5a5059c15758e5ee4ba1472942371c242607e2372a56e48269abcd729d3769a785a6afe0b4c49b

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_blowfish.pyd

MD5 a0f11a9b809e2642a43870997f69f121
SHA1 f67ccb2ed02f7fabdad43b212c5b32608ec51e28
SHA256 1506208a8b084d5f17d5137a8ddf42807514a48ba70bb7d897eb9135921677ad
SHA512 c2d5c21fa9515727c36e3e0458d276dc72511924a3bf7d669a04064387fc7f8e0016f361ba50dd8a1f14c361028c422422ff39959ebcd7195e1a9ab06636af4c

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_arc2.pyd

MD5 59e308df7943d6a96869553bdfc6805e
SHA1 2abf3a473e8b7da2ad1e70cfb75952eade6f5a2b
SHA256 d0613d0b66c3ed4fc98fc797058e16dfffb767dcd7f241dc2c6dfd454b720eb6
SHA512 5fea2056c4a26dc643cdbc0b9d66cdc11668fd237bf26f29a4a258641de69de1b681caa57d078e03998efbab42be037b52b44178717fe7c83ed4eafb303e6107

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_aesni.pyd

MD5 8d4a3c0c70aaa73d83d5114e5e00219f
SHA1 a5729ac0db12d3753bc972d5ece90f78ee36738e
SHA256 7f2a6ac48b96312c56692fe427a86346719b7a93ab47c505b34a3ab276455b05
SHA512 56ac28e0c6121a7c4c42ce098770cac2302d4f495ac9a77884dee035f1522e0e46de3c53a44b3108baa30df8c20e0c8d143076988ca9b460be46e2c823f21cda

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_raw_aes.pyd

MD5 e339e1c90db3da9c96f9ed037913e273
SHA1 4796a7050515cfc1cea5fbf1803205a904319670
SHA256 a9bab5abdec4db78173e1046b2bf068fe786343b72181cd9cb0b13f65bb49f07
SHA512 ba71fb74386bf86493040ef7ca38babdbe01924debb598210189750c6119ac0cb4d017e5e9146dfec2caae3ec9915ba4a747972ed9a5f63a98c81e3b2b0ca6ca

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_chacha20.pyd

MD5 0a45d55a5c3b7954840f4e5236df1bc7
SHA1 b1a2e8fe3ad57a696a28aa6295a1ae0556b150e3
SHA256 c4ecd2ed456d01c36c326d20dab64c703e4c69e188c57b2fd44aa57d0844b51d
SHA512 5735f330295ae1bd1483e57d300950111ca93e50fbfe8c19b8afaca254fc855602925a4791b7b15da5c7d4f7b8cca76cf4fd77bdcc3861e0e42e800717b290cd

C:\Users\Admin\AppData\Local\Temp\_MEI18202\Cryptodome\Cipher\_Salsa20.pyd

MD5 548a0edaeffabc649fa70fa755215da5
SHA1 c906278adfe4d0c677c40b43c4166c5d5cc83251
SHA256 d91782520bb9219dcc625c8caf2f0872734cd60d3a8165608a70107a2afcb547
SHA512 e83d53bf42284fcb3c7786f0f50cf6ca7b80a48410336d227f947372166c269a79f634b447f47b8de9ec94bd3f229b455cfe3c218e3a41b742a72af0d501a2d6

C:\Users\Admin\xx.flag

MD5 84e950a7708ef522a79d9931a2ae6955
SHA1 8d8493b417e5e0322f96486f2c2cd8c089cfeed3
SHA256 1048527cc96078d6cfb412572dedb7854cfec47a596dea5622dc572ae770c296
SHA512 60344904789b7db2c05e351a8ab2f14910f7eac8838a8acae4daa2849900059a4604cc2971635678f0430f88e09d80f095b602c3431001163d73f11c07177b6a

C:\Users\Admin\AppData\Local\Temp\prysmax_19-15-55_cookies\Prysmax_Firefox_Cookies.txt

MD5 07bc46acf50a079c8fed05def4544370
SHA1 086dc41f59d5036141aec32dadb8b85e234a4ed3
SHA256 19a035741c750a38fc344e080a3c31319f9aaf85ee28a08dfaa6c9217084dc4d
SHA512 02011635975e5e92b67859629e665871cc2c308dc972fe3902ddd2f910df4cbe3a313f7a2adaf30afbc4ecbcf0e897b43ee45a58c8ec81624b75ef58f6503bc6