Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.AntiSandbox

Trojan.AntiSandbox

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 2,466
Threat Level: 80 % (High)
Infected Computers: 1,050
First Seen: February 23, 2024
Last Seen: April 23, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.AntiSandbox
Signature status: No Signature

Known Samples

MD5: 650a346f0aaa068d31150be68bf82c67
SHA1: 0b3be15009e86a61aaf0cb7bf4a97d23e8b18fa1
SHA256: D2C83ACF50E265DD9D5F4E8CF7D78288106B8A2CC12B08B2A747753FC4F1E7F1
File Size: 49.15 KB, 49152 bytes
MD5: 29eddc32acb16d8ce71b18190de04e81
SHA1: f365183aa5730b9fdb0bb668e50a9b0acf7668a9
SHA256: A3E72923DCB9B0B358B8FDD78935CCF65D4F98744CB84EA688B5C1030AE9F77B
File Size: 3.56 MB, 3556864 bytes
MD5: 67292e134fc32fd72f0e6fa3dac9a897
SHA1: 3b6d29228c335b57478a0d13abd4c6a67d8ac36a
SHA256: 4367DCE6A9588B449EF55B926F73B4653514F8BB50C541A479ED9568F14FC1EB
File Size: 691.20 KB, 691200 bytes
MD5: 39f41537c02e9f516c2de9dee5e9c5e0
SHA1: e892e9eae0e218372a573eb6108f4cb63e91e3ce
SHA256: 51638A1C22E0B0CBA981EFB96CA8DEC5AA4CEF2E06C20A2AA54603D1FA513A10
File Size: 3.55 MB, 3554816 bytes
MD5: 9dcf96006e35be1c3ed9082fba9c52ab
SHA1: fe98299b5ad8cab5673e6c38d324e5f096fae2d0
SHA256: BBE2D75A60C0EB17C38EE6FAE2E9F3AF24B2FB523BFE5F4695873DC2AA89DCB6
File Size: 3.55 MB, 3554816 bytes
Show More
MD5: 603cf4fe65940476c4de1b0404b4533e
SHA1: ee680fb92d30a5da4e81cbc7fcfc89818c834314
SHA256: C91F8AF028EB8A9442488EFA5A59A186A7DB61790D009647BE132129CEA3542D
File Size: 6.96 MB, 6956032 bytes
MD5: d6a551a5ef0cfb43e49e767de6c69688
SHA1: 5a45dc9379f1b73779f406f74870d2e9409c65c8
SHA256: 59EA6A7478249610EDB8075CDB345BCA7CC67CA4681CD202534ABBAD55988337
File Size: 51.71 KB, 51712 bytes
MD5: cbc31a3b5c178ffe4a585218f38cbf70
SHA1: 0cac612001b84fc6906ebb59d7a4629100b676b3
SHA256: 7C51E6EA384C3A85CAFD7DE3B306C9B3836152438F702C400EF0F1D75A49EF5A
File Size: 2.19 MB, 2185216 bytes
MD5: 0b5be996ba51415b9e89b44936b32d07
SHA1: b460fe672959b1237473004ddbbc045048d63769
SHA256: 02E8E3AD95C17280E3C26161194717D5D2E8F50D7E786EEE384FA1FAFA99CDF9
File Size: 1.95 MB, 1948672 bytes
MD5: 218e818d7fb1af78b62d604c1dbc9d4f
SHA1: 4b4b9c85a9b8b672faadac74aa1228f789ded327
SHA256: D3F01D55B37CCCF7D6A308AE93BCD57B6B073C8C324390F775AB605E025EF3B4
File Size: 2.97 MB, 2970624 bytes
MD5: 61408e8f38866b47a477a4b66d92c75e
SHA1: 1203c884eb4e81484128490cd576002bc235f197
SHA256: BD173DFBAA61A7831D059ED1D1321B81CB5A41A56BB6D962EFE2796AC64A7C6C
File Size: 1.05 MB, 1047040 bytes
MD5: c2bfb4283c2b5fa55e793fdabdcac278
SHA1: 561408a552c907ce66a51852c7f17a929cfe582a
SHA256: E6448272A5FB1461AF07B2FF1FEF722CCD8C352B230EE4BC25DCF76D89B75B59
File Size: 3.32 MB, 3318784 bytes
MD5: 31c520ada1ea86848a77b95bfa421caa
SHA1: cc4452c49e8a42aab0caf2d36da08b8f2cd2d8ea
SHA256: A5EEC756F0ABA8AF4E29CFCA37406FDF6E2BE4F32C25C072674432A71B6B022A
File Size: 1.04 MB, 1041920 bytes
MD5: d74da345b2cb8646d56d100df057aa3e
SHA1: 63eb9b64692961307168b9441de676d4cfd50cdc
SHA256: A0CDBF6FAF2B717282236F365CF54179156AD82225DCA378C5C607526BEBCEBF
File Size: 3.43 MB, 3429888 bytes
MD5: 5444b7b8e9a3a50814fbac2ced294c45
SHA1: 42b41653fd7988c9aa9f909cdee140fb2ff1a99c
SHA256: 1D665247160476E82DC31AC77CB29D39E2535DEE947EA8DEC56C4D1EAFBDFD9A
File Size: 1.62 MB, 1616896 bytes
MD5: ff0d8b1a77c66155b018709ea9e7fc2c
SHA1: a83ad67aed6c4cfcb636e7d4e099f68b57153a9a
SHA256: 3FB3A84F3576FA137DFA5290227CCA901FB6086880BCEA652733137F048A16DE
File Size: 1.83 MB, 1826816 bytes
MD5: 3aa34d5cb9312b34329ed76fb4797543
SHA1: ff352c55ee87cc641bb19a6bc8824fb97f913488
SHA256: D01F6110A15BA20B8013B9F047FD32C4E0F1F4F45EDEC40B4BD80122C859FC23
File Size: 3.69 MB, 3685888 bytes
MD5: 1df6e3b7e609706a4aa18704c63d615e
SHA1: 2d127ba0ad5c2487e9cf3aa24f5ff6ba45a8befc
SHA256: FA4CEDE5933577CA320160A368B2A14F8AA5EEDF6C4C67446F7BA7C8C165FAA7
File Size: 46.59 KB, 46592 bytes
MD5: 2140a93dde2e51932bd299fe4972174f
SHA1: fdb42adf61a2094d6e2143d1d92c8ea9db12cfe1
SHA256: 1C33A83379D20AB304C08976BE93EF118BEE9FAB63463B8EBBEDBC0137A188F1
File Size: 5.42 MB, 5416448 bytes
MD5: c81692b3b5a59840722ac8edc34ca60c
SHA1: a03294bed7d1cad7b4e5277cf35f40d15ee2f060
SHA256: C9D931F657CBC0C8871FEB663A77C53F5FE1113867E66473EC5675B5A6A57E2B
File Size: 3.40 MB, 3397632 bytes
MD5: e718b2175e04f4d79a9a805082271ad5
SHA1: c425bad6f57a1cc56cad32a83cb398d5d621f36b
SHA256: 26564BCBF8204B866C26E7E55624F83DC6104D241599386112B30938F1DAC745
File Size: 1.12 MB, 1118208 bytes
MD5: d28edb8dea6b4ce51548d7b2e361313f
SHA1: ed3468b3f0e5e2ca691d5fc117d061dd70cbd334
SHA256: 185E075BD1AB5AFD81B207F4A8504A73E3770253F07C6D4D07A03984134D22AD
File Size: 184.32 KB, 184320 bytes
MD5: 650001dcdc2abf23d1af8d352891c432
SHA1: 93449de47fb4f1888d1da5eed56552c54bd77c4d
SHA256: 4639BF4C07E7FACB9DF52742FB6FEC11529FEF59E0F3B4CB68D838E265ED0078
File Size: 2.97 MB, 2966528 bytes
MD5: a1a48825a6d4c1b207a9584f197feac0
SHA1: aa85f1f83457863f9d2c0086678cb42ca3a34170
SHA256: 74F6046528327621860C8139417F6B18A46E4053E6E9FA018087351DE236C34F
File Size: 242.18 KB, 242176 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has TLS information
  • File is .NET application
  • File is 32-bit executable
  • File is 64-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
Show More
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Assembly Version
  • 3.0.1110.25298
  • 2.4.0.0
  • 1.21.0.0
  • 1.6.6.0
  • 1.6.4.0
  • 1.0.0.0
Comments
  • A PC utility for restoring disk space from various game like Origin, Steam and GoG
  • Part of Outbyte Programs
  • Windows System Cache Management Service
Company Name
  • Applied Flow Technology
  • Microsoft Corporation
  • Nexus
  • NServer
  • Outbyte
  • Spartan Solutions
File Description
  • AFT Chempak 3 AddIn
  • Client
  • Collaborative data sharing network for team-based awareness.
  • Core
  • devenv
  • F9
  • Harry Premium Private
  • Helper.WebBrowsers
  • Nexus
  • NServer
Show More
  • Premium Bypass
  • RuntimeBroker
  • SteamCleaner
  • Windows System Cache Manager
File Version
  • 3.62.9398.38
  • 3.0.1110
  • 2.4.0.0
  • 1.21
  • 1.6.6
  • 1.6.4
  • 1.6.0.48952
  • 1.6.0.44502
  • 1.0.0.0
Internal Name
  • Anex Corporation Private.exe
  • ChempakAddIn.dll
  • Client.exe
  • Core.dll
  • Danger Baypass.exe
  • F9 Panel.exe
  • helper-web-browsers
  • LOADER-LM.exe
  • Nexus.dll
  • NServer.dll
Show More
  • Phalanx Shield
  • RuntimeBroker.exe
  • SimpleRunPE.exe
  • SteamCleaner.exe
  • XWormClient.exe
Legal Copyright
  • Copyright © 2000-2019, Applied Flow Technology Corporation, all rights reserved.
  • Copyright © 2016
  • Copyright © 2016-2025 Outbyte Computing Pty Ltd
  • Copyright © 2016-2026 Outbyte Computing Pty Ltd
  • Copyright © 2024
  • Copyright © 2025
  • Copyright © 2025 Spartan Solutions
  • Copyright © Anex Corporation Private 2025
  • Copyright © By F9 2024
  • Copyright © Microsoft Corporation. All rights reserved.
Show More
  • © Nexus 2025
Legal Trademarks
  • AFT Chempak AddIn and the AFT logo are trademarks of Applied Flow Technology Corporation
  • Copyright © 2016-2025 Outbyte Computing Pty Ltd
  • Copyright © 2016-2026 Outbyte Computing Pty Ltd
Original Filename
  • Anex Corporation Private.exe
  • ChempakAddIn.dll
  • Client.exe
  • Core.dll
  • Danger Baypass.exe
  • F9 Panel.exe
  • helper.webbrowsers.dll
  • LOADER-LM.exe
  • Nexus.dll
  • NServer.dll
Show More
  • PhalanxShield.exe
  • RuntimeBroker.exe
  • SimpleRunPE.exe
  • SteamCleaner.exe
  • XWormClient.exe
Product Name
  • AFT Chempak 3 AddIn
  • Client
  • Core
  • devenv
  • F9
  • Harry Premium Private
  • Nexus
  • NServer
  • Phalanx Shield
  • Premium Bypass
Show More
  • RuntimeBroker
  • Shared Library
  • SteamCleaner
  • Windows System Cache Manager
Product Version
  • 3.0.1110
  • 2.4.0.0
  • 1.x
  • 1.8.7
  • 1.6.6
  • 1.6.4
  • 1.0.0.0
  • 1.0.0

File Traits

  • .NET
  • 2+ executable sections
  • Agile.net
  • Confuser
  • CreateThread
  • CryptUnprotectData
  • dll
  • Fody
  • fptable
  • HighEntropy
Show More
  • imgui
  • NewLateBinding
  • No CryptProtectData
  • No Version Info
  • ntdll
  • RijndaelManaged
  • Run
  • VirtualQueryEx
  • WriteProcessMemory
  • x64
  • x86

Block Information

Total Blocks: 494
Potentially Malicious Blocks: 14
Whitelisted Blocks: 90
Unknown Blocks: 390

Visual Map

? ? ? ? ? ? ? ? 0 0 0 0 0 0 ? ? ? 0 ? 0 x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 ? ? ? ? ? ? ? ? ? 0 0 0 0 0 ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 0 ? 0 ? ? ? ? ? ? 0 0 ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? x ? x ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 ? ? ? ? ? ? ? x 0 ? ? ? ? 0 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 ? 0 0 0 ? ? 0 0 0 0 0 0 0 0 x ? ? ? ? ? ? ? ? ? ? ? x x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? 0 ? x ? ? 0 0 x ? 0 ? 0 ? 0 ? 0 ? 0 ? 0 ? 0 ? 0 ? ? ? 0 x x 0 0 0 0 ? 0 0 0 ? 0 ? 0 0 0 0 ? ? 0 0 0 0 ? ? 0 0 0 0 0 0 0 ? ? ? 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Agent.OPSB
  • MSIL.SnakeLogger.DO

Files Modified

File Attributes
\device\namedpipe Generic Read,Write Attributes
\device\namedpipe Generic Write,Read Attributes
\device\namedpipe\dav rpc service Generic Read,Write Data,Write Attributes,Write extended,Append data
\device\namedpipe\pshost.134213827263428849.8068.defaultappdomain.powershell Generic Read,Write Data,Write Attributes,Write extended,Append data,LEFT 524288
\device\namedpipe\wkssvc Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\microsoft\windows\caches\d3f4e2a1 Synchronize,Write Attributes
c:\programdata\microsoft\windows\caches\d3f4e2a1\.w Generic Write,Read Attributes
c:\programdata\microsoft\windows\caches\d3f4e2a1\runtimehost.exe Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\programdata\microsoft\windows\caches\d3f4e2a1\runtimehost.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\__psscriptpolicytest_2kuibvwo.2w2.psm1 Generic Write,Read Attributes
Show More
c:\users\user\appdata\local\temp\__psscriptpolicytest_vksy2sbs.25z.ps1 Generic Write,Read Attributes

Registry Modifications

Key::Value Data API Name
HKLM\software\microsoft\windows\currentversion\run::winsyscache C:\ProgramData\Microsoft\Windows\Caches\D3F4E2A1\RuntimeHost.exe RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\run::winsyscache C:\ProgramData\Microsoft\Windows\Caches\D3F4E2A1\RuntimeHost.exe RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe 焥짾틃ǜ RegNtPreCreateKey

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAddAtomEx
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAllocateLocallyUniqueId
  • ntdll.dll!NtAlpcConnectPort
  • ntdll.dll!NtAlpcConnectPortEx
  • ntdll.dll!NtAlpcQueryInformation
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtAssociateWaitCompletionPacket
Show More
  • ntdll.dll!NtCancelTimer2
  • ntdll.dll!NtCancelWaitCompletionPacket
  • ntdll.dll!NtClearEvent
  • ntdll.dll!NtClose
  • ntdll.dll!NtCompareSigningLevels
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtCreateIoCompletion
  • ntdll.dll!NtCreateKey
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreatePrivateNamespace
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateSemaphore
  • ntdll.dll!NtCreateThreadEx
  • ntdll.dll!NtCreateTimer
  • ntdll.dll!NtCreateTimer2
  • ntdll.dll!NtCreateWaitCompletionPacket
  • ntdll.dll!NtCreateWorkerFactory
  • ntdll.dll!NtDelayExecution
  • ntdll.dll!NtDeviceIoControlFile
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtEnumerateKey
  • ntdll.dll!NtEnumerateValueKey
  • ntdll.dll!NtFlushProcessWriteBuffers
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtFsControlFile
  • ntdll.dll!NtGetCachedSigningLevel
  • ntdll.dll!NtGetContextThread
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtNotifyChangeKey
  • ntdll.dll!NtOpenDirectoryObject
  • ntdll.dll!NtOpenEvent
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcess
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenSymbolicLinkObject
  • ntdll.dll!NtOpenThreadToken
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtPowerInformation
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryDefaultLocale
  • ntdll.dll!NtQueryDirectoryFileEx
  • ntdll.dll!NtQueryFullAttributesFile
  • ntdll.dll!NtQueryInformationFile
  • ntdll.dll!NtQueryInformationJobObject
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryLicenseValue
  • ntdll.dll!NtQueryObject
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQuerySecurityObject
  • ntdll.dll!NtQuerySymbolicLinkObject
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQuerySystemInformationEx
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtQueueApcThreadEx2
  • ntdll.dll!NtReadFile
  • ntdll.dll!NtReadRequestData
  • ntdll.dll!NtReadVirtualMemory
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtResumeThread
  • ntdll.dll!NtSetContextThread
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationFile
  • ntdll.dll!NtSetInformationKey
  • ntdll.dll!NtSetInformationObject
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSetTimer2
  • ntdll.dll!NtSetTimerEx

28 additional items are not displayed above.

User Data Access
  • GetComputerName
  • GetComputerNameEx
  • GetUserDefaultLocaleName
  • GetUserName
  • GetUserNameEx
  • GetUserObjectInformation
Anti Debug
  • CheckRemoteDebuggerPresent
  • IsDebuggerPresent
  • NtQuerySystemInformation
Encryption Used
  • BCryptOpenAlgorithmProvider
  • CryptAcquireContext
Network Info Queried
  • GetAdaptersAddresses
  • GetNetworkParams
Process Shell Execute
  • CreateProcess
Other Suspicious
  • AdjustTokenPrivileges
Network Winsock2
  • WSAStartup
Network Wininet
  • InternetOpen
  • InternetOpenUrl
  • InternetReadFile
Network Winsock
  • freeaddrinfo
  • getaddrinfo
  • gethostname
Process Manipulation Evasion
  • NtUnmapViewOfSection

Shell Command Execution

C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\3b6d29228c335b57478a0d13abd4c6a67d8ac36a_0000691200.,LiQMAxHB
"schtasks.exe" /create /tn "Windows System Health" /tr "C:\ProgramData\Microsoft\Windows\Caches\D3F4E2A1\RuntimeHost.exe" /sc onlogon /rl HIGHEST /f
"schtasks.exe" /create /tn "Windows System Health Monitor" /tr "C:\ProgramData\Microsoft\Windows\Caches\D3F4E2A1\RuntimeHost.exe" /sc onstart /delay 0001:00 /rl HIGHEST /f
"schtasks.exe" /create /tn "Windows System Health Check" /tr "C:\ProgramData\Microsoft\Windows\Caches\D3F4E2A1\RuntimeHost.exe" /sc minute /mo 5 /rl HIGHEST /f
"powershell.exe" -NoProfile -NonInteractive -ExecutionPolicy Bypass -Command "Add-MpPreference -ExclusionPath @('C:\','C:\ProgramData\Microsoft\Windows\Caches\D3F4E2A1\','C:\ProgramData\Microsoft\Windows\Caches\D3F4E2A1\RuntimeHost.exe','C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\','C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\','C:\Users\Jevdxwti\AppData\Roaming\Microsoft\Windows\Caches\D3F4E2A1\','C:\Users\Jevdxwti\AppData\Local\Microsoft\Windows\Caches\D3F4E2A1\','C:\ProgramData\Microsoft\Windows\Caches\D3F4E2A1\Content.IE5\','C:\Users\Jevdxwti\AppData\Local\Temp\','C:\WINDOWS\Temp\','C:\ProgramData\Microsoft\Windows\Caches\D3F4E2A1\B8C9\') -ErrorAction SilentlyContinue"

Related Posts

Trending

Most Viewed

Loading...